Merge branch 'main' into refactor/cloud-integration-impl-store

docs/api/openapi.yml

@@ -417,18 +417,6 @@ components:
         message:
           type: string
       type: object
-    FactoryResponse:
-      properties:
-        healthy:
-          type: boolean
-        services:
-          additionalProperties:
-            items:
-              type: string
-            type: array
-          nullable: true
-          type: object
-      type: object
     FeaturetypesGettableFeature:
       properties:
         defaultVariant:
@@ -1860,6 +1848,8 @@ components:
       type: object
     ServiceaccounttypesPostableServiceAccount:
       properties:
+        email:
+          type: string
         name:
           type: string
         roles:
@@ -1868,6 +1858,7 @@ components:
           type: array
       required:
       - name
+      - email
       - roles
       type: object
     ServiceaccounttypesServiceAccount:
@@ -1875,6 +1866,9 @@ components:
         createdAt:
           format: date-time
           type: string
+        deletedAt:
+          format: date-time
+          type: string
         email:
           type: string
         id:
@@ -1899,6 +1893,7 @@ components:
       - roles
       - status
       - orgId
+      - deletedAt
       type: object
     ServiceaccounttypesUpdatableFactorAPIKey:
       properties:
@@ -1913,6 +1908,8 @@ components:
       type: object
     ServiceaccounttypesUpdatableServiceAccount:
       properties:
+        email:
+          type: string
         name:
           type: string
         roles:
@@ -1921,6 +1918,7 @@ components:
           type: array
       required:
       - name
+      - email
       - roles
       type: object
     ServiceaccounttypesUpdatableServiceAccountStatus:
@@ -2053,6 +2051,43 @@ components:
       required:
       - id
       type: object
+    TypesGettableAPIKey:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        createdBy:
+          type: string
+        createdByUser:
+          $ref: '#/components/schemas/TypesUser'
+        expiresAt:
+          format: int64
+          type: integer
+        id:
+          type: string
+        lastUsed:
+          format: int64
+          type: integer
+        name:
+          type: string
+        revoked:
+          type: boolean
+        role:
+          type: string
+        token:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+        updatedBy:
+          type: string
+        updatedByUser:
+          $ref: '#/components/schemas/TypesUser'
+        userId:
+          type: string
+      required:
+      - id
+      type: object
     TypesIdentifiable:
       properties:
         id:
@@ -2107,6 +2142,16 @@ components:
       required:
       - id
       type: object
+    TypesPostableAPIKey:
+      properties:
+        expiresInDays:
+          format: int64
+          type: integer
+        name:
+          type: string
+        role:
+          type: string
+      type: object
     TypesPostableBulkInviteRequest:
       properties:
         invites:
@@ -2160,6 +2205,56 @@ components:
       required:
       - id
       type: object
+    TypesStorableAPIKey:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        createdBy:
+          type: string
+        id:
+          type: string
+        name:
+          type: string
+        revoked:
+          type: boolean
+        role:
+          type: string
+        token:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+        updatedBy:
+          type: string
+        userId:
+          type: string
+      required:
+      - id
+      type: object
+    TypesUser:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        displayName:
+          type: string
+        email:
+          type: string
+        id:
+          type: string
+        isRoot:
+          type: boolean
+        orgId:
+          type: string
+        status:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+      required:
+      - id
+      type: object
     ZeustypesGettableHost:
       properties:
         hosts:
@@ -3599,6 +3694,222 @@ paths:
       summary: Update org preference
       tags:
       - preferences
+  /api/v1/pats:
+    get:
+      deprecated: false
+      description: This endpoint lists all api keys
+      operationId: ListAPIKeys
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    items:
+                      $ref: '#/components/schemas/TypesGettableAPIKey'
+                    type: array
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: List api keys
+      tags:
+      - users
+    post:
+      deprecated: false
+      description: This endpoint creates an api key
+      operationId: CreateAPIKey
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/TypesPostableAPIKey'
+      responses:
+        "201":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TypesGettableAPIKey'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: Created
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "409":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Conflict
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Create api key
+      tags:
+      - users
+  /api/v1/pats/{id}:
+    delete:
+      deprecated: false
+      description: This endpoint revokes an api key
+      operationId: RevokeAPIKey
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "204":
+          description: No Content
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Revoke api key
+      tags:
+      - users
+    put:
+      deprecated: false
+      description: This endpoint updates an api key
+      operationId: UpdateAPIKey
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/TypesStorableAPIKey'
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Update api key
+      tags:
+      - users
   /api/v1/public/dashboards/{id}:
     get:
       deprecated: false
@@ -5673,70 +5984,6 @@ paths:
       summary: Search ingestion keys for workspace
       tags:
       - gateway
-  /api/v2/healthz:
-    get:
-      operationId: Healthz
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/FactoryResponse'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "503":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/FactoryResponse'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: Service Unavailable
-      summary: Health check
-      tags:
-      - health
-  /api/v2/livez:
-    get:
-      deprecated: false
-      description: ""
-      operationId: Livez
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/FactoryResponse'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      summary: Liveness check
-      tags:
-      - health
   /api/v2/metrics:
     get:
       deprecated: false
@@ -6413,41 +6660,6 @@ paths:
       summary: Update my organization
       tags:
       - orgs
-  /api/v2/readyz:
-    get:
-      operationId: Readyz
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/FactoryResponse'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "503":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/FactoryResponse'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: Service Unavailable
-      summary: Readiness check
-      tags:
-      - health
   /api/v2/sessions:
     delete:
       deprecated: false

docs/contributing/onboarding.md

@@ -273,7 +273,6 @@ Options can be simple (direct link) or nested (with another question):
 - Place logo files in `public/Logos/`
 - Use SVG format
 - Reference as `"/Logos/your-logo.svg"`
-- **Fetching Icons**: New icons can be easily fetched from [OpenBrand](https://openbrand.sh/). Use the pattern `https://openbrand.sh/?url=<TARGET_URL>`, where `<TARGET_URL>` is the URL-encoded link to the service's website. For example, to get Render's logo, use [https://openbrand.sh/?url=https%3A%2F%2Frender.com](https://openbrand.sh/?url=https%3A%2F%2Frender.com).
 - **Optimize new SVGs**: Run any newly downloaded SVGs through an optimizer like [SVGOMG (svgo)](https://svgomg.net/) or use `npx svgo public/Logos/your-logo.svg` to minimise their size before committing.
 
 ### 4. Links

ee/authz/openfgaauthz/provider.go

@@ -57,10 +57,6 @@ func (provider *provider) Start(ctx context.Context) error {
 	return provider.openfgaServer.Start(ctx)
 }
 
-func (provider *provider) Healthy() <-chan struct{} {
-	return provider.openfgaServer.Healthy()
-}
-
 func (provider *provider) Stop(ctx context.Context) error {
 	return provider.openfgaServer.Stop(ctx)
 }

ee/authz/openfgaserver/server.go

@@ -16,6 +16,7 @@ type Server struct {
 }
 
 func NewOpenfgaServer(ctx context.Context, pkgAuthzService authz.AuthZ) (*Server, error) {
+
 	return &Server{
 		pkgAuthzService: pkgAuthzService,
 	}, nil
@@ -25,31 +26,14 @@ func (server *Server) Start(ctx context.Context) error {
 	return server.pkgAuthzService.Start(ctx)
 }
 
-func (server *Server) Healthy() <-chan struct{} {
-	return server.pkgAuthzService.Healthy()
-}
-
 func (server *Server) Stop(ctx context.Context) error {
 	return server.pkgAuthzService.Stop(ctx)
 }
 
 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject := ""
-	switch claims.Principal {
-	case authtypes.PrincipalUser.StringValue():
-		user, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-		if err != nil {
-			return err
-		}
-
-		subject = user
-	case authtypes.PrincipalServiceAccount.StringValue():
-		serviceAccount, err := authtypes.NewSubject(authtypes.TypeableServiceAccount, claims.ServiceAccountID, orgID, nil)
-		if err != nil {
-			return err
-		}
-
-		subject = serviceAccount
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
 	}
 
 	tupleSlice, err := typeable.Tuples(subject, relation, selectors, orgID)

ee/modules/dashboard/impldashboard/module.go

@@ -213,8 +213,8 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, id valuer.U
 	return module.pkgDashboardModule.Update(ctx, orgID, id, updatedBy, data, diff)
 }
 
-func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
-	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, isAdmin, lock)
+func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error {
+	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, role, lock)
 }
 
 func (module *module) MustGetTypeables() []authtypes.Typeable {

ee/query-service/app/api/cloudIntegrations.go

@@ -14,9 +14,10 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/modules/user"
 	basemodel "github.com/SigNoz/signoz/pkg/query-service/model"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 )
@@ -49,7 +50,7 @@ func (ah *APIHandler) CloudIntegrationsGenerateConnectionParams(w http.ResponseW
 		return
 	}
 
-	apiKey, apiErr := ah.getOrCreateCloudIntegrationFactorAPIKey(r.Context(), valuer.MustNewUUID(claims.OrgID), cloudProvider)
+	apiKey, apiErr := ah.getOrCreateCloudIntegrationPAT(r.Context(), claims.OrgID, cloudProvider)
 	if apiErr != nil {
 		RespondError(w, basemodel.WrapApiError(
 			apiErr, "couldn't provision PAT for cloud integration:",
@@ -109,40 +110,84 @@ func (ah *APIHandler) CloudIntegrationsGenerateConnectionParams(w http.ResponseW
 	ah.Respond(w, result)
 }
 
-func (ah *APIHandler) getOrCreateCloudIntegrationFactorAPIKey(ctx context.Context, orgID valuer.UUID, cloudProvider string) (
+func (ah *APIHandler) getOrCreateCloudIntegrationPAT(ctx context.Context, orgId string, cloudProvider string) (
 	string, *basemodel.ApiError,
 ) {
 	integrationPATName := fmt.Sprintf("%s integration", cloudProvider)
-	serviceAccount, apiErr := ah.getOrCreateCloudIntegrationServiceAccount(ctx, orgID)
+
+	integrationUser, apiErr := ah.getOrCreateCloudIntegrationUser(ctx, orgId, cloudProvider)
 	if apiErr != nil {
 		return "", apiErr
 	}
 
-	factorAPIKey, err := serviceAccount.NewFactorAPIKey(integrationPATName, 0)
+	orgIdUUID, err := valuer.NewUUID(orgId)
+	if err != nil {
+		return "", basemodel.InternalError(fmt.Errorf(
+			"couldn't parse orgId: %w", err,
+		))
+	}
+
+	allPats, err := ah.Signoz.Modules.UserSetter.ListAPIKeys(ctx, orgIdUUID)
+	if err != nil {
+		return "", basemodel.InternalError(fmt.Errorf(
+			"couldn't list PATs: %w", err,
+		))
+	}
+	for _, p := range allPats {
+		if p.UserID == integrationUser.ID && p.Name == integrationPATName {
+			return p.Token, nil
+		}
+	}
+
+	slog.InfoContext(ctx, "no PAT found for cloud integration, creating a new one",
+		"cloud_provider", cloudProvider,
+	)
+
+	newPAT, err := types.NewStorableAPIKey(
+		integrationPATName,
+		integrationUser.ID,
+		types.RoleViewer,
+		0,
+	)
 	if err != nil {
 		return "", basemodel.InternalError(fmt.Errorf(
 			"couldn't create cloud integration PAT: %w", err,
 		))
 	}
 
-	factorAPIKey, err = ah.Signoz.Modules.ServiceAccount.GetOrCreateFactorAPIKey(ctx, factorAPIKey)
+	err = ah.Signoz.Modules.UserSetter.CreateAPIKey(ctx, newPAT)
 	if err != nil {
 		return "", basemodel.InternalError(fmt.Errorf(
 			"couldn't create cloud integration PAT: %w", err,
 		))
 	}
-	return factorAPIKey.Key, nil
+	return newPAT.Token, nil
 }
 
-func (ah *APIHandler) getOrCreateCloudIntegrationServiceAccount(ctx context.Context, orgId valuer.UUID) (*serviceaccounttypes.ServiceAccount, *basemodel.ApiError) {
-	prefix := ah.Signoz.Modules.ServiceAccount.Config().Prefix
-	cloudIntegrationServiceAccount := serviceaccounttypes.NewServiceAccount("integration", prefix, []string{authtypes.SigNozViewerRoleName}, serviceaccounttypes.StatusActive, orgId)
-	cloudIntegrationServiceAccount, err := ah.Signoz.Modules.ServiceAccount.GetOrCreate(ctx, cloudIntegrationServiceAccount)
+func (ah *APIHandler) getOrCreateCloudIntegrationUser(
+	ctx context.Context, orgId string, cloudProvider string,
+) (*types.User, *basemodel.ApiError) {
+	cloudIntegrationUserName := fmt.Sprintf("%s-integration", cloudProvider)
+	email := valuer.MustNewEmail(fmt.Sprintf("%s@signoz.io", cloudIntegrationUserName))
+
+	cloudIntegrationUser, err := types.NewUser(cloudIntegrationUserName, email, valuer.MustNewUUID(orgId), types.UserStatusActive)
 	if err != nil {
-		return nil, basemodel.InternalError(fmt.Errorf("couldn't create cloud integration service account: %w", err))
+		return nil, basemodel.InternalError(fmt.Errorf("couldn't create cloud integration user: %w", err))
 	}
 
-	return cloudIntegrationServiceAccount, nil
+	password := types.MustGenerateFactorPassword(cloudIntegrationUser.ID.StringValue())
+
+	cloudIntegrationUser, err = ah.Signoz.Modules.UserSetter.GetOrCreateUser(
+		ctx,
+		cloudIntegrationUser,
+		user.WithFactorPassword(password),
+		user.WithRoleNames([]string{authtypes.SigNozViewerRoleName}),
+	)
+	if err != nil {
+		return nil, basemodel.InternalError(fmt.Errorf("couldn't look for integration user: %w", err))
+	}
+
+	return cloudIntegrationUser, nil
 }
 
 func (ah *APIHandler) getIngestionUrlAndSigNozAPIUrl(ctx context.Context, licenseKey string) (

frontend/public/Logos/mistral.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" fill="#fa520f" viewBox="0 0 24 24"><title>Mistral AI</title><path d="M17.143 3.429v3.428h-3.429v3.429h-3.428V6.857H6.857V3.43H3.43v13.714H0v3.428h10.286v-3.428H6.857v-3.429h3.429v3.429h3.429v-3.429h3.428v3.429h-3.428v3.428H24v-3.428h-3.43V3.429z"/></svg>

frontend/public/Logos/openclaw.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 120 120"><defs><linearGradient id="a" x1="0%" x2="100%" y1="0%" y2="100%"><stop offset="0%" stop-color="#ff4d4d"/><stop offset="100%" stop-color="#991b1b"/></linearGradient></defs><path fill="url(#a)" d="M60 10c-30 0-45 25-45 45s15 40 30 45v10h10v-10s5 2 10 0v10h10v-10c15-5 30-25 30-45S90 10 60 10"/><path fill="url(#a)" d="M20 45C5 40 0 50 5 60s15 5 20-5c3-7 0-10-5-10"/><path fill="url(#a)" d="M100 45c15-5 20 5 15 15s-15 5-20-5c-3-7 0-10 5-10"/><path stroke="#ff4d4d" stroke-linecap="round" stroke-width="3" d="M45 15Q35 5 30 8M75 15Q85 5 90 8"/><circle cx="45" cy="35" r="6" fill="#050810"/><circle cx="75" cy="35" r="6" fill="#050810"/><circle cx="46" cy="34" r="2.5" fill="#00e5cc"/><circle cx="76" cy="34" r="2.5" fill="#00e5cc"/></svg>

frontend/public/Logos/render.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><title>Render</title><path d="M18.263.007c-3.121-.147-5.744 2.109-6.192 5.082-.018.138-.045.272-.067.405-.696 3.703-3.936 6.507-7.827 6.507a7.9 7.9 0 0 1-3.825-.979.202.202 0 0 0-.302.178V24H12v-8.999c0-1.656 1.338-3 2.987-3h2.988c3.382 0 6.103-2.817 5.97-6.244-.12-3.084-2.61-5.603-5.682-5.75"/></svg>

frontend/src/api/generated/services/health/index.ts

@@ -1,250 +0,0 @@
-/**
- * ! Do not edit manually
- * * The file has been auto-generated using Orval for SigNoz
- * * regenerate with 'yarn generate:api'
- * SigNoz
- */
-import type {
-	InvalidateOptions,
-	QueryClient,
-	QueryFunction,
-	QueryKey,
-	UseQueryOptions,
-	UseQueryResult,
-} from 'react-query';
-import { useQuery } from 'react-query';
-
-import type { ErrorType } from '../../../generatedAPIInstance';
-import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
-import type {
-	Healthz200,
-	Healthz503,
-	Livez200,
-	Readyz200,
-	Readyz503,
-	RenderErrorResponseDTO,
-} from '../sigNoz.schemas';
-
-/**
- * @summary Health check
- */
-export const healthz = (signal?: AbortSignal) => {
-	return GeneratedAPIInstance<Healthz200>({
-		url: `/api/v2/healthz`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getHealthzQueryKey = () => {
-	return [`/api/v2/healthz`] as const;
-};
-
-export const getHealthzQueryOptions = <
-	TData = Awaited<ReturnType<typeof healthz>>,
-	TError = ErrorType<Healthz503>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof healthz>>, TError, TData>;
-}) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey = queryOptions?.queryKey ?? getHealthzQueryKey();
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof healthz>>> = ({
-		signal,
-	}) => healthz(signal);
-
-	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-		Awaited<ReturnType<typeof healthz>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type HealthzQueryResult = NonNullable<
-	Awaited<ReturnType<typeof healthz>>
->;
-export type HealthzQueryError = ErrorType<Healthz503>;
-
-/**
- * @summary Health check
- */
-
-export function useHealthz<
-	TData = Awaited<ReturnType<typeof healthz>>,
-	TError = ErrorType<Healthz503>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof healthz>>, TError, TData>;
-}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getHealthzQueryOptions(options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Health check
- */
-export const invalidateHealthz = async (
-	queryClient: QueryClient,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getHealthzQueryKey() },
-		options,
-	);
-
-	return queryClient;
-};
-
-/**
- * @summary Liveness check
- */
-export const livez = (signal?: AbortSignal) => {
-	return GeneratedAPIInstance<Livez200>({
-		url: `/api/v2/livez`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getLivezQueryKey = () => {
-	return [`/api/v2/livez`] as const;
-};
-
-export const getLivezQueryOptions = <
-	TData = Awaited<ReturnType<typeof livez>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof livez>>, TError, TData>;
-}) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey = queryOptions?.queryKey ?? getLivezQueryKey();
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof livez>>> = ({
-		signal,
-	}) => livez(signal);
-
-	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-		Awaited<ReturnType<typeof livez>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type LivezQueryResult = NonNullable<Awaited<ReturnType<typeof livez>>>;
-export type LivezQueryError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Liveness check
- */
-
-export function useLivez<
-	TData = Awaited<ReturnType<typeof livez>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof livez>>, TError, TData>;
-}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getLivezQueryOptions(options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Liveness check
- */
-export const invalidateLivez = async (
-	queryClient: QueryClient,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries({ queryKey: getLivezQueryKey() }, options);
-
-	return queryClient;
-};
-
-/**
- * @summary Readiness check
- */
-export const readyz = (signal?: AbortSignal) => {
-	return GeneratedAPIInstance<Readyz200>({
-		url: `/api/v2/readyz`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getReadyzQueryKey = () => {
-	return [`/api/v2/readyz`] as const;
-};
-
-export const getReadyzQueryOptions = <
-	TData = Awaited<ReturnType<typeof readyz>>,
-	TError = ErrorType<Readyz503>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof readyz>>, TError, TData>;
-}) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey = queryOptions?.queryKey ?? getReadyzQueryKey();
-
-	const queryFn: QueryFunction<Awaited<ReturnType<typeof readyz>>> = ({
-		signal,
-	}) => readyz(signal);
-
-	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-		Awaited<ReturnType<typeof readyz>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type ReadyzQueryResult = NonNullable<Awaited<ReturnType<typeof readyz>>>;
-export type ReadyzQueryError = ErrorType<Readyz503>;
-
-/**
- * @summary Readiness check
- */
-
-export function useReadyz<
-	TData = Awaited<ReturnType<typeof readyz>>,
-	TError = ErrorType<Readyz503>
->(options?: {
-	query?: UseQueryOptions<Awaited<ReturnType<typeof readyz>>, TError, TData>;
-}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getReadyzQueryOptions(options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Readiness check
- */
-export const invalidateReadyz = async (
-	queryClient: QueryClient,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getReadyzQueryKey() },
-		options,
-	);
-
-	return queryClient;
-};

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -543,23 +543,6 @@ export interface ErrorsResponseerroradditionalDTO {
 	message?: string;
 }
 
-/**
- * @nullable
- */
-export type FactoryResponseDTOServices = { [key: string]: string[] } | null;
-
-export interface FactoryResponseDTO {
-	/**
-	 * @type boolean
-	 */
-	healthy?: boolean;
-	/**
-	 * @type object
-	 * @nullable true
-	 */
-	services?: FactoryResponseDTOServices;
-}
-
 /**
  * @nullable
  */
@@ -2209,6 +2192,10 @@ export interface ServiceaccounttypesPostableFactorAPIKeyDTO {
 }
 
 export interface ServiceaccounttypesPostableServiceAccountDTO {
+	/**
+	 * @type string
+	 */
+	email: string;
 	/**
 	 * @type string
 	 */
@@ -2225,6 +2212,11 @@ export interface ServiceaccounttypesServiceAccountDTO {
 	 * @format date-time
 	 */
 	createdAt?: Date;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	deletedAt: Date;
 	/**
 	 * @type string
 	 */
@@ -2269,6 +2261,10 @@ export interface ServiceaccounttypesUpdatableFactorAPIKeyDTO {
 }
 
 export interface ServiceaccounttypesUpdatableServiceAccountDTO {
+	/**
+	 * @type string
+	 */
+	email: string;
 	/**
 	 * @type string
 	 */
@@ -3461,30 +3457,6 @@ export type SearchIngestionKeys200 = {
 	status: string;
 };
 
-export type Healthz200 = {
-	data: FactoryResponseDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type Healthz503 = {
-	data: FactoryResponseDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type Livez200 = {
-	data: FactoryResponseDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type ListMetricsParams = {
 	/**
 	 * @type integer
@@ -3620,22 +3592,6 @@ export type GetMyOrganization200 = {
 	status: string;
 };
 
-export type Readyz200 = {
-	data: FactoryResponseDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type Readyz503 = {
-	data: FactoryResponseDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type GetSessionContext200 = {
 	data: AuthtypesSessionContextDTO;
 	/**

frontend/src/components/CeleryTask/useNavigateToExplorer.ts

@@ -7,7 +7,7 @@ import ROUTES from 'constants/routes';
 import useUpdatedQuery from 'container/GridCardLayout/useResolveQuery';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
 import { useNotifications } from 'hooks/useNotifications';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { AppState } from 'store/reducers';
 import { Query, TagFilterItem } from 'types/api/queryBuilder/queryBuilderData';
 import { DataSource, MetricAggregateOperator } from 'types/common/queryBuilder';
@@ -79,7 +79,7 @@ export function useNavigateToExplorer(): (
 	);
 
 	const { getUpdatedQuery } = useUpdatedQuery();
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 	const { notifications } = useNotifications();
 
 	return useCallback(

frontend/src/components/QueryBuilderV2/QueryV2/__tests__/QuerySearch.test.tsx

@@ -86,8 +86,8 @@ jest.mock('hooks/useDarkMode', () => ({
 	useIsDarkMode: (): boolean => false,
 }));
 
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): { selectedDashboard: undefined } => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): { selectedDashboard: undefined } => ({
 		selectedDashboard: undefined,
 	}),
 }));

frontend/src/container/DashboardContainer/DashboardDescription/__tests__/DashboardDescription.test.tsx

@@ -1,6 +1,4 @@
-import { ReactNode } from 'react';
 import { MemoryRouter, useLocation } from 'react-router-dom';
-import { useDashboardBootstrap } from 'hooks/dashboard/useDashboardBootstrap';
 import {
 	getDashboardById,
 	getNonIntegrationDashboardById,
@@ -8,9 +6,10 @@ import {
 import { server } from 'mocks-server/server';
 import { rest } from 'msw';
 import {
-	resetDashboard,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
+	DashboardContext,
+	DashboardProvider,
+} from 'providers/Dashboard/Dashboard';
+import { IDashboardContext } from 'providers/Dashboard/types';
 import {
 	fireEvent,
 	render,
@@ -22,18 +21,6 @@ import { Dashboard } from 'types/api/dashboard/getAll';
 
 import DashboardDescription from '..';
 
-function DashboardBootstrapWrapper({
-	dashboardId,
-	children,
-}: {
-	dashboardId: string;
-	children: ReactNode;
-}): JSX.Element {
-	useDashboardBootstrap(dashboardId);
-	// eslint-disable-next-line react/jsx-no-useless-fragment
-	return <>{children}</>;
-}
-
 interface MockSafeNavigateReturn {
 	safeNavigate: jest.MockedFunction<(url: string) => void>;
 }
@@ -67,7 +54,6 @@ describe('Dashboard landing page actions header tests', () => {
 	beforeEach(() => {
 		mockSafeNavigate.mockClear();
 		sessionStorage.clear();
-		resetDashboard();
 	});
 
 	it('unlock dashboard should be disabled for integrations created dashboards', async () => {
@@ -78,7 +64,7 @@ describe('Dashboard landing page actions header tests', () => {
 		(useLocation as jest.Mock).mockReturnValue(mockLocation);
 		const { getByTestId } = render(
 			<MemoryRouter initialEntries={[DASHBOARD_PATH]}>
-				<DashboardBootstrapWrapper dashboardId="4">
+				<DashboardProvider dashboardId="4">
 					<DashboardDescription
 						handle={{
 							active: false,
@@ -87,7 +73,7 @@ describe('Dashboard landing page actions header tests', () => {
 							node: { current: null },
 						}}
 					/>
-				</DashboardBootstrapWrapper>
+				</DashboardProvider>
 			</MemoryRouter>,
 		);
 
@@ -119,7 +105,7 @@ describe('Dashboard landing page actions header tests', () => {
 		);
 		const { getByTestId } = render(
 			<MemoryRouter initialEntries={[DASHBOARD_PATH]}>
-				<DashboardBootstrapWrapper dashboardId="4">
+				<DashboardProvider dashboardId="4">
 					<DashboardDescription
 						handle={{
 							active: false,
@@ -128,7 +114,7 @@ describe('Dashboard landing page actions header tests', () => {
 							node: { current: null },
 						}}
 					/>
-				</DashboardBootstrapWrapper>
+				</DashboardProvider>
 			</MemoryRouter>,
 		);
 
@@ -158,7 +144,7 @@ describe('Dashboard landing page actions header tests', () => {
 
 		const { getByText } = render(
 			<MemoryRouter initialEntries={[DASHBOARD_PATH]}>
-				<DashboardBootstrapWrapper dashboardId="4">
+				<DashboardProvider dashboardId="4">
 					<DashboardDescription
 						handle={{
 							active: false,
@@ -167,7 +153,7 @@ describe('Dashboard landing page actions header tests', () => {
 							node: { current: null },
 						}}
 					/>
-				</DashboardBootstrapWrapper>
+				</DashboardProvider>
 			</MemoryRouter>,
 		);
 
@@ -195,26 +181,37 @@ describe('Dashboard landing page actions header tests', () => {
 
 		(useLocation as jest.Mock).mockReturnValue(mockLocation);
 
-		useDashboardStore.setState({
+		const mockContextValue: IDashboardContext = {
+			isDashboardLocked: false,
+			handleDashboardLockToggle: jest.fn(),
+			dashboardResponse: {} as IDashboardContext['dashboardResponse'],
 			selectedDashboard: (getDashboardById.data as unknown) as Dashboard,
 			layouts: [],
 			panelMap: {},
 			setPanelMap: jest.fn(),
 			setLayouts: jest.fn(),
 			setSelectedDashboard: jest.fn(),
+			updatedTimeRef: { current: null },
+			updateLocalStorageDashboardVariables: jest.fn(),
+			dashboardQueryRangeCalled: false,
+			setDashboardQueryRangeCalled: jest.fn(),
+			isDashboardFetching: false,
 			columnWidths: {},
-		});
+			setColumnWidths: jest.fn(),
+		};
 
 		const { getByText } = render(
 			<MemoryRouter initialEntries={[DASHBOARD_PATH]}>
-				<DashboardDescription
-					handle={{
-						active: false,
-						enter: (): Promise<void> => Promise.resolve(),
-						exit: (): Promise<void> => Promise.resolve(),
-						node: { current: null },
-					}}
-				/>
+				<DashboardContext.Provider value={mockContextValue}>
+					<DashboardDescription
+						handle={{
+							active: false,
+							enter: (): Promise<void> => Promise.resolve(),
+							exit: (): Promise<void> => Promise.resolve(),
+							node: { current: null },
+						}}
+					/>
+				</DashboardContext.Provider>
 			</MemoryRouter>,
 		);
 

frontend/src/container/DashboardContainer/DashboardDescription/index.tsx

@@ -21,7 +21,6 @@ import { DeleteButton } from 'container/ListOfDashboard/TableComponents/DeleteBu
 import DateTimeSelectionV2 from 'container/TopNav/DateTimeSelectionV2';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
 import { useGetPublicDashboardMeta } from 'hooks/dashboard/useGetPublicDashboardMeta';
-import { useLockDashboard } from 'hooks/dashboard/useLockDashboard';
 import { useUpdateDashboard } from 'hooks/dashboard/useUpdateDashboard';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
@@ -40,11 +39,8 @@ import {
 	X,
 } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { usePanelTypeSelectionModalStore } from 'providers/Dashboard/helpers/panelTypeSelectionModalHelper';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
 import { sortLayout } from 'providers/Dashboard/util';
 import { DashboardData } from 'types/api/dashboard/getAll';
 import { Props } from 'types/api/dashboard/update';
@@ -83,11 +79,10 @@ function DashboardDescription(props: DashboardDescriptionProps): JSX.Element {
 		setPanelMap,
 		layouts,
 		setLayouts,
+		isDashboardLocked,
 		setSelectedDashboard,
-	} = useDashboardStore();
-
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
-	const handleDashboardLockToggle = useLockDashboard();
+		handleDashboardLockToggle,
+	} = useDashboard();
 
 	const variablesSettingsTabHandle = useRef<VariablesSettingsTab>(null);
 	const [isSettingsDrawerOpen, setIsSettingsDrawerOpen] = useState<boolean>(

frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/VariableItem.tsx

@@ -30,7 +30,7 @@ import {
 	Pyramid,
 	X,
 } from 'lucide-react';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { AppState } from 'store/reducers';
 import {
 	IDashboardVariable,
@@ -239,7 +239,7 @@ function VariableItem({
 
 	const [selectedWidgets, setSelectedWidgets] = useState<string[]>([]);
 
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 	const widgetsByDynamicVariableId = useWidgetsByDynamicVariableId();
 
 	useEffect(() => {

frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/WidgetSelector.tsx

@@ -2,7 +2,7 @@ import React from 'react';
 import { CustomMultiSelect } from 'components/NewSelect';
 import { PANEL_GROUP_TYPES } from 'constants/queryBuilder';
 import { generateGridTitle } from 'container/GridPanelSwitch/utils';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { WidgetRow, Widgets } from 'types/api/dashboard/getAll';
 
 export function WidgetSelector({
@@ -12,7 +12,7 @@ export function WidgetSelector({
 	selectedWidgets: string[];
 	setSelectedWidgets: (widgets: string[]) => void;
 }): JSX.Element {
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 
 	// Get layout IDs for cross-referencing
 	const layoutIds = new Set(

frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/index.tsx

@@ -19,8 +19,8 @@ import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
 import { useUpdateDashboard } from 'hooks/dashboard/useUpdateDashboard';
 import { useNotifications } from 'hooks/useNotifications';
 import { PenLine, Trash2 } from 'lucide-react';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { IDashboardVariables } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStoreTypes';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
 import { TVariableMode } from './types';
@@ -87,7 +87,7 @@ function VariablesSettings({
 
 	const { t } = useTranslation(['dashboard']);
 
-	const { selectedDashboard, setSelectedDashboard } = useDashboardStore();
+	const { selectedDashboard, setSelectedDashboard } = useDashboard();
 	const { dashboardVariables } = useDashboardVariables();
 
 	const { notifications } = useNotifications();

frontend/src/container/DashboardContainer/DashboardSettings/General/index.tsx

@@ -5,7 +5,7 @@ import AddTags from 'container/DashboardContainer/DashboardSettings/General/AddT
 import { useUpdateDashboard } from 'hooks/dashboard/useUpdateDashboard';
 import { isEqual } from 'lodash-es';
 import { Check, X } from 'lucide-react';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 
 import { Button } from './styles';
 import { Base64Icons } from './utils';
@@ -15,7 +15,7 @@ import './GeneralSettings.styles.scss';
 const { Option } = Select;
 
 function GeneralDashboardSettings(): JSX.Element {
-	const { selectedDashboard, setSelectedDashboard } = useDashboardStore();
+	const { selectedDashboard, setSelectedDashboard } = useDashboard();
 
 	const updateDashboardMutation = useUpdateDashboard();
 

frontend/src/container/DashboardContainer/DashboardSettings/PublicDashboard/__tests__/PublicDashboard.test.tsx

@@ -7,14 +7,14 @@ import {
 	unpublishedPublicDashboardMeta,
 } from 'mocks-server/__mockdata__/publicDashboard';
 import { rest, server } from 'mocks-server/server';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { render, screen, userEvent, waitFor } from 'tests/test-utils';
 import { USER_ROLES } from 'types/roles';
 
 import PublicDashboardSetting from '../index';
 
 // Mock dependencies
-jest.mock('providers/Dashboard/store/useDashboardStore');
+jest.mock('providers/Dashboard/Dashboard');
 jest.mock('react-use', () => ({
 	...jest.requireActual('react-use'),
 	useCopyToClipboard: jest.fn(),
@@ -26,7 +26,7 @@ jest.mock('@signozhq/sonner', () => ({
 	},
 }));
 
-const mockUseDashboard = jest.mocked(useDashboardStore);
+const mockUseDashboard = jest.mocked(useDashboard);
 const mockUseCopyToClipboard = jest.mocked(useCopyToClipboard);
 const mockToast = jest.mocked(toast);
 
@@ -67,10 +67,10 @@ beforeEach(() => {
 	// Mock window.open
 	window.open = jest.fn();
 
-	// Mock useDashboardStore
+	// Mock useDashboard
 	mockUseDashboard.mockReturnValue(({
 		selectedDashboard: mockSelectedDashboard,
-	} as unknown) as ReturnType<typeof useDashboardStore>);
+	} as unknown) as ReturnType<typeof useDashboard>);
 
 	// Mock useCopyToClipboard
 	mockUseCopyToClipboard.mockReturnValue(([

frontend/src/container/DashboardContainer/DashboardSettings/PublicDashboard/index.tsx

@@ -11,7 +11,7 @@ import { useGetPublicDashboardMeta } from 'hooks/dashboard/useGetPublicDashboard
 import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
 import { Copy, ExternalLink, Globe, Info, Loader2, Trash } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { PublicDashboardMetaProps } from 'types/api/dashboard/public/getMeta';
 import APIError from 'types/api/error';
 import { USER_ROLES } from 'types/roles';
@@ -59,7 +59,7 @@ function PublicDashboardSetting(): JSX.Element {
 	const [defaultTimeRange, setDefaultTimeRange] = useState('30m');
 	const [, setCopyPublicDashboardURL] = useCopyToClipboard();
 
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 
 	const { isCloudUser, isEnterpriseSelfHostedUser } = useGetTenantLicense();
 

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DashboardVariableSelection.tsx

@@ -3,14 +3,13 @@ import { memo, useCallback, useEffect, useMemo } from 'react';
 import { useSelector } from 'react-redux';
 import { Row } from 'antd';
 import { ALL_SELECTED_VALUE } from 'components/NewSelect/utils';
-import { updateLocalStorageDashboardVariable } from 'hooks/dashboard/useDashboardFromLocalStorage';
 import {
 	useDashboardVariables,
 	useDashboardVariablesSelector,
 } from 'hooks/dashboard/useDashboardVariables';
 import useVariablesFromUrl from 'hooks/dashboard/useVariablesFromUrl';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { updateDashboardVariablesStore } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStore';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
 import {
 	enqueueDescendantsOfVariable,
 	enqueueFetchOfAllVariables,
@@ -19,23 +18,23 @@ import {
 import { AppState } from 'store/reducers';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { GlobalReducer } from 'types/reducer/globalTime';
-import { useShallow } from 'zustand/react/shallow';
 
 import VariableItem from './VariableItem';
 
 import './DashboardVariableSelection.styles.scss';
 
 function DashboardVariableSelection(): JSX.Element | null {
-	const { dashboardId, setSelectedDashboard } = useDashboardStore(
-		useShallow((s) => ({
-			dashboardId: s.selectedDashboard?.id ?? '',
-			setSelectedDashboard: s.setSelectedDashboard,
-		})),
-	);
+	const {
+		setSelectedDashboard,
+		updateLocalStorageDashboardVariables,
+	} = useDashboard();
 
 	const { updateUrlVariable } = useVariablesFromUrl();
 
 	const { dashboardVariables } = useDashboardVariables();
+	const dashboardId = useDashboardVariablesSelector(
+		(state) => state.dashboardId,
+	);
 	const sortedVariablesArray = useDashboardVariablesSelector(
 		(state) => state.sortedVariablesArray,
 	);
@@ -83,13 +82,7 @@ function DashboardVariableSelection(): JSX.Element | null {
 			// This makes localStorage much lighter by avoiding storing all individual values
 			const variable = dashboardVariables[id] || dashboardVariables[name];
 			const isDynamic = variable.type === 'DYNAMIC';
-			updateLocalStorageDashboardVariable(
-				dashboardId,
-				name,
-				value,
-				allSelected,
-				isDynamic,
-			);
+			updateLocalStorageDashboardVariables(name, value, allSelected, isDynamic);
 
 			if (allSelected) {
 				updateUrlVariable(name || id, ALL_SELECTED_VALUE);
@@ -157,7 +150,13 @@ function DashboardVariableSelection(): JSX.Element | null {
 			// Safe to call synchronously now that the store already has the updated value.
 			enqueueDescendantsOfVariable(name);
 		},
-		[dashboardId, dashboardVariables, updateUrlVariable, setSelectedDashboard],
+		[
+			dashboardId,
+			dashboardVariables,
+			updateLocalStorageDashboardVariables,
+			updateUrlVariable,
+			setSelectedDashboard,
+		],
 	);
 
 	return (

frontend/src/container/DashboardContainer/DashboardVariablesSelection/__test__/DashboardVariableSelection.test.tsx

@@ -32,22 +32,11 @@ const mockVariableItemCallbacks: {
 // Mock providers/Dashboard/Dashboard
 const mockSetSelectedDashboard = jest.fn();
 const mockUpdateLocalStorageDashboardVariables = jest.fn();
-interface MockDashboardStoreState {
-	selectedDashboard?: { id: string };
-	setSelectedDashboard: typeof mockSetSelectedDashboard;
-	updateLocalStorageDashboardVariables: typeof mockUpdateLocalStorageDashboardVariables;
-}
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (
-		selector?: (s: Record<string, unknown>) => MockDashboardStoreState,
-	): MockDashboardStoreState => {
-		const state = {
-			selectedDashboard: { id: 'dash-1' },
-			setSelectedDashboard: mockSetSelectedDashboard,
-			updateLocalStorageDashboardVariables: mockUpdateLocalStorageDashboardVariables,
-		};
-		return selector ? selector(state) : state;
-	},
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): Record<string, unknown> => ({
+		setSelectedDashboard: mockSetSelectedDashboard,
+		updateLocalStorageDashboardVariables: mockUpdateLocalStorageDashboardVariables,
+	}),
 }));
 
 // Mock hooks/dashboard/useVariablesFromUrl

frontend/src/container/DashboardContainer/DashboardVariablesSelection/useDashboardVariableUpdate.ts

@@ -1,13 +1,11 @@
 /* eslint-disable sonarjs/cognitive-complexity */
 import { useCallback } from 'react';
 import { useAddDynamicVariableToPanels } from 'hooks/dashboard/useAddDynamicVariableToPanels';
-import { updateLocalStorageDashboardVariable } from 'hooks/dashboard/useDashboardFromLocalStorage';
 import { useUpdateDashboard } from 'hooks/dashboard/useUpdateDashboard';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { IDashboardVariables } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStoreTypes';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { v4 as uuidv4 } from 'uuid';
-import { useShallow } from 'zustand/react/shallow';
 
 import { convertVariablesToDbFormat } from './util';
 
@@ -39,16 +37,11 @@ interface UseDashboardVariableUpdateReturn {
 
 export const useDashboardVariableUpdate = (): UseDashboardVariableUpdateReturn => {
 	const {
-		dashboardId,
 		selectedDashboard,
 		setSelectedDashboard,
-	} = useDashboardStore(
-		useShallow((s) => ({
-			dashboardId: s.selectedDashboard?.id ?? '',
-			selectedDashboard: s.selectedDashboard,
-			setSelectedDashboard: s.setSelectedDashboard,
-		})),
-	);
+		updateLocalStorageDashboardVariables,
+	} = useDashboard();
+
 	const addDynamicVariableToPanels = useAddDynamicVariableToPanels();
 	const updateMutation = useUpdateDashboard();
 
@@ -66,13 +59,7 @@ export const useDashboardVariableUpdate = (): UseDashboardVariableUpdateReturn =
 				// This makes localStorage much lighter and more efficient.
 				// currently all the variables are dynamic
 				const isDynamic = true;
-				updateLocalStorageDashboardVariable(
-					dashboardId,
-					name,
-					value,
-					allSelected,
-					isDynamic,
-				);
+				updateLocalStorageDashboardVariables(name, value, allSelected, isDynamic);
 
 				if (selectedDashboard) {
 					setSelectedDashboard((prev) => {
@@ -110,7 +97,11 @@ export const useDashboardVariableUpdate = (): UseDashboardVariableUpdateReturn =
 				}
 			}
 		},
-		[dashboardId, selectedDashboard, setSelectedDashboard],
+		[
+			selectedDashboard,
+			setSelectedDashboard,
+			updateLocalStorageDashboardVariables,
+		],
 	);
 
 	const updateVariables = useCallback(

frontend/src/container/DashboardContainer/__test__/IntegrationTests.test.tsx

@@ -49,8 +49,8 @@ const mockDashboard = {
 // Mock the dashboard provider with stable functions to prevent infinite loops
 const mockSetSelectedDashboard = jest.fn();
 const mockUpdateLocalStorageDashboardVariables = jest.fn();
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): any => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): any => ({
 		selectedDashboard: mockDashboard,
 		setSelectedDashboard: mockSetSelectedDashboard,
 		updateLocalStorageDashboardVariables: mockUpdateLocalStorageDashboardVariables,

frontend/src/container/DashboardContainer/__test__/PanelManagement.test.tsx

@@ -56,8 +56,8 @@ const mockDashboard = {
 	},
 };
 // Mock dependencies
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): any => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): any => ({
 		selectedDashboard: mockDashboard,
 	}),
 }));
@@ -152,8 +152,8 @@ describe('Panel Management Tests', () => {
 			};
 
 			// Temporarily mock the dashboard
-			jest.doMock('providers/Dashboard/store/useDashboardStore', () => ({
-				useDashboardStore: (): any => ({
+			jest.doMock('providers/Dashboard/Dashboard', () => ({
+				useDashboard: (): any => ({
 					selectedDashboard: modifiedDashboard,
 				}),
 			}));

frontend/src/container/DashboardContainer/components/DashboardHeader/DashboardBreadcrumbs.tsx

@@ -4,7 +4,7 @@ import ROUTES from 'constants/routes';
 import { DASHBOARDS_LIST_QUERY_PARAMS_STORAGE_KEY } from 'hooks/dashboard/useDashboardsListQueryParams';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import { LayoutGrid } from 'lucide-react';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { DashboardData } from 'types/api/dashboard/getAll';
 
 import { Base64Icons } from '../../DashboardSettings/General/utils';
@@ -13,7 +13,7 @@ import './DashboardBreadcrumbs.styles.scss';
 
 function DashboardBreadcrumbs(): JSX.Element {
 	const { safeNavigate } = useSafeNavigate();
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 	const updatedAtRef = useRef(selectedDashboard?.updatedAt);
 
 	const selectedData = selectedDashboard

frontend/src/container/DashboardContainer/visualization/components/ChartManager/ChartManager.tsx

@@ -6,10 +6,7 @@ import { useNotifications } from 'hooks/useNotifications';
 import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
 import { usePlotContext } from 'lib/uPlotV2/context/PlotContext';
 import useLegendsSync from 'lib/uPlotV2/hooks/useLegendsSync';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 
 import { getChartManagerColumns } from './getChartMangerColumns';
 import { ExtendedChartDataset, getDefaultTableDataSet } from './utils';
@@ -53,7 +50,7 @@ export default function ChartManager({
 		onToggleSeriesVisibility,
 		syncSeriesVisibilityToLocalStorage,
 	} = usePlotContext();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	const { isDashboardLocked } = useDashboard();
 
 	const [tableDataSet, setTableDataSet] = useState<ExtendedChartDataset[]>(() =>
 		getDefaultTableDataSet(

frontend/src/container/DashboardContainer/visualization/components/ChartManager/__tests__/ChartManager.test.tsx

@@ -32,18 +32,10 @@ jest.mock('lib/uPlotV2/hooks/useLegendsSync', () => ({
 	}),
 }));
 
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (
-		selector?: (s: {
-			selectedDashboard: { locked: boolean } | undefined;
-		}) => { selectedDashboard: { locked: boolean } },
-	): { selectedDashboard: { locked: boolean } } => {
-		const mockState = { selectedDashboard: { locked: false } };
-		return selector ? selector(mockState) : mockState;
-	},
-	selectIsDashboardLocked: (s: {
-		selectedDashboard: { locked: boolean } | undefined;
-	}): boolean => s.selectedDashboard?.locked ?? false,
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): { isDashboardLocked: boolean } => ({
+		isDashboardLocked: false,
+	}),
 }));
 
 jest.mock('hooks/useNotifications', () => ({

frontend/src/container/GridCardLayout/DashboardEmptyState/DashboardEmptyState.tsx

@@ -8,11 +8,8 @@ import { VariablesSettingsTab } from 'container/DashboardContainer/DashboardDesc
 import DashboardSettings from 'container/DashboardContainer/DashboardSettings';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { useAppContext } from 'providers/App/App';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { usePanelTypeSelectionModalStore } from 'providers/Dashboard/helpers/panelTypeSelectionModalHelper';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
 import { ROLES, USER_ROLES } from 'types/roles';
 import { ComponentTypes } from 'utils/permission';
 
@@ -23,8 +20,7 @@ export default function DashboardEmptyState(): JSX.Element {
 		(s) => s.setIsPanelTypeSelectionModalOpen,
 	);
 
-	const { selectedDashboard } = useDashboardStore();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	const { selectedDashboard, isDashboardLocked } = useDashboard();
 
 	const variablesSettingsTabHandle = useRef<VariablesSettingsTab>(null);
 	const [isSettingsDrawerOpen, setIsSettingsDrawerOpen] = useState<boolean>(

frontend/src/container/GridCardLayout/GridCard/FullView/GraphManager.tsx

@@ -3,10 +3,7 @@ import { Button, Input } from 'antd';
 import type { CheckboxChangeEvent } from 'antd/es/checkbox';
 import { ResizeTable } from 'components/ResizeTable';
 import { useNotifications } from 'hooks/useNotifications';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 
 import { getGraphManagerTableColumns } from './TableRender/GraphManagerColumns';
 import { ExtendedChartDataset, GraphManagerProps } from './types';
@@ -37,7 +34,7 @@ function GraphManager({
 	}, [data, options]);
 
 	const { notifications } = useNotifications();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	const { isDashboardLocked } = useDashboard();
 
 	const checkBoxOnChangeHandler = useCallback(
 		(e: CheckboxChangeEvent, index: number): void => {

frontend/src/container/GridCardLayout/GridCard/FullView/index.tsx

@@ -39,10 +39,7 @@ import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariab
 import GetMinMax from 'lib/getMinMax';
 import { isEmpty } from 'lodash-es';
 import { useAppContext } from 'providers/App/App';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { AppState } from 'store/reducers';
 import { Warning } from 'types/api';
 import { GlobalReducer } from 'types/reducer/globalTime';
@@ -84,8 +81,11 @@ function FullView({
 		setCurrentGraphRef(fullViewRef);
 	}, [setCurrentGraphRef]);
 
-	const { selectedDashboard, setColumnWidths } = useDashboardStore();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	const {
+		selectedDashboard,
+		isDashboardLocked,
+		setColumnWidths,
+	} = useDashboard();
 
 	const onColumnWidthsChange = useCallback(
 		(widths: Record<string, number>) => {

frontend/src/container/GridCardLayout/GridCard/WidgetGraphComponent.test.tsx

@@ -161,8 +161,8 @@ const mockProps: WidgetGraphComponentProps = {
 };
 
 // Mock useDashabord hook
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): any => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): any => ({
 		selectedDashboard: {
 			data: {
 				variables: [],

frontend/src/container/GridCardLayout/GridCard/WidgetGraphComponent.tsx

@@ -28,7 +28,7 @@ import {
 	getCustomTimeRangeWindowSweepInMS,
 	getStartAndEndTimesInMilliseconds,
 } from 'pages/MessagingQueues/MessagingQueuesUtils';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { Widgets } from 'types/api/dashboard/getAll';
 import { Props } from 'types/api/dashboard/update';
 import { EQueryType } from 'types/common/dashboard';
@@ -106,7 +106,7 @@ function WidgetGraphComponent({
 		selectedDashboard,
 		setSelectedDashboard,
 		setColumnWidths,
-	} = useDashboardStore();
+	} = useDashboard();
 
 	const onColumnWidthsChange = useCallback(
 		(widths: Record<string, number>) => {

frontend/src/container/GridCardLayout/GridCard/index.tsx

@@ -1,7 +1,6 @@
 import { memo, useEffect, useMemo, useRef, useState } from 'react';
 // eslint-disable-next-line no-restricted-imports
 import { useDispatch, useSelector } from 'react-redux';
-import * as Sentry from '@sentry/react';
 import logEvent from 'api/common/logEvent';
 import { DEFAULT_ENTITY_VERSION, ENTITY_VERSION_V5 } from 'constants/app';
 import { QueryParams } from 'constants/query';
@@ -18,6 +17,7 @@ import { getVariableReferencesInQuery } from 'lib/dashboardVariables/variableRef
 import getTimeString from 'lib/getTimeString';
 import { isEqual } from 'lodash-es';
 import isEmpty from 'lodash-es/isEmpty';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { UpdateTimeInterval } from 'store/actions';
 import { AppState } from 'store/reducers';
 import APIError from 'types/api/error';
@@ -68,19 +68,7 @@ function GridCardGraph({
 	const [isInternalServerError, setIsInternalServerError] = useState<boolean>(
 		false,
 	);
-	const queryRangeCalledRef = useRef(false);
-
-	useEffect(() => {
-		const timeoutId = setTimeout(() => {
-			if (!queryRangeCalledRef.current) {
-				Sentry.captureEvent({
-					message: `Dashboard query range not called within expected timeframe for widget ${widget?.id}`,
-					level: 'warning',
-				});
-			}
-		}, 120000);
-		return (): void => clearTimeout(timeoutId);
-	}, [widget?.id]);
+	const { setDashboardQueryRangeCalled } = useDashboard();
 
 	const {
 		minTime,
@@ -272,14 +260,14 @@ function GridCardGraph({
 						});
 					}
 				}
-				queryRangeCalledRef.current = true;
+				setDashboardQueryRangeCalled(true);
 			},
 			onSettled: (data) => {
 				dataAvailable?.(
 					isDataAvailableByPanelType(data?.payload?.data, widget?.panelTypes),
 				);
 				getGraphData?.(data?.payload?.data);
-				queryRangeCalledRef.current = true;
+				setDashboardQueryRangeCalled(true);
 			},
 		},
 	);

frontend/src/container/GridCardLayout/GridCardLayout.tsx

@@ -1,10 +1,10 @@
 import { useCallback, useEffect, useMemo, useRef, useState } from 'react';
 import { FullScreen, FullScreenHandle } from 'react-full-screen';
 import { ItemCallback, Layout } from 'react-grid-layout';
-import { useIsFetching } from 'react-query';
 // eslint-disable-next-line no-restricted-imports
 import { useDispatch } from 'react-redux';
 import { useLocation } from 'react-router-dom';
+import * as Sentry from '@sentry/react';
 import { Color } from '@signozhq/design-tokens';
 import { Button, Form, Input, Modal, Typography } from 'antd';
 import logEvent from 'api/common/logEvent';
@@ -12,7 +12,6 @@ import cx from 'classnames';
 import { ENTITY_VERSION_V5 } from 'constants/app';
 import { QueryParams } from 'constants/query';
 import { PANEL_GROUP_TYPES, PANEL_TYPES } from 'constants/queryBuilder';
-import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
 import { themeColors } from 'constants/theme';
 import { DEFAULT_ROW_NAME } from 'container/DashboardContainer/DashboardDescription/utils';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
@@ -32,10 +31,7 @@ import {
 	X,
 } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { sortLayout } from 'providers/Dashboard/util';
 import { UpdateTimeInterval } from 'store/actions';
 import { Widgets } from 'types/api/dashboard/getAll';
@@ -65,9 +61,6 @@ interface GraphLayoutProps {
 function GraphLayout(props: GraphLayoutProps): JSX.Element {
 	const { handle, enableDrillDown = false } = props;
 	const { safeNavigate } = useSafeNavigate();
-	const isDashboardFetching =
-		useIsFetching([REACT_QUERY_KEY.DASHBOARD_BY_ID]) > 0;
-
 	const {
 		selectedDashboard,
 		layouts,
@@ -75,9 +68,12 @@ function GraphLayout(props: GraphLayoutProps): JSX.Element {
 		panelMap,
 		setPanelMap,
 		setSelectedDashboard,
+		isDashboardLocked,
+		dashboardQueryRangeCalled,
+		setDashboardQueryRangeCalled,
+		isDashboardFetching,
 		columnWidths,
-	} = useDashboardStore();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	} = useDashboard();
 	const { data } = selectedDashboard || {};
 	const { pathname } = useLocation();
 	const dispatch = useDispatch();
@@ -141,6 +137,25 @@ function GraphLayout(props: GraphLayoutProps): JSX.Element {
 		setDashboardLayout(sortLayout(layouts));
 	}, [layouts]);
 
+	useEffect(() => {
+		setDashboardQueryRangeCalled(false);
+		// eslint-disable-next-line react-hooks/exhaustive-deps
+	}, []);
+
+	useEffect(() => {
+		const timeoutId = setTimeout(() => {
+			// Send Sentry event if query_range is not called within expected timeframe (2 mins) when there are widgets
+			if (!dashboardQueryRangeCalled && data?.widgets?.length) {
+				Sentry.captureEvent({
+					message: `Dashboard query range not called within expected timeframe even when there are ${data?.widgets?.length} widgets`,
+					level: 'warning',
+				});
+			}
+		}, 120000);
+
+		return (): void => clearTimeout(timeoutId);
+	}, [dashboardQueryRangeCalled, data?.widgets?.length]);
+
 	const logEventCalledRef = useRef(false);
 	useEffect(() => {
 		if (!logEventCalledRef.current && !isUndefined(data)) {

frontend/src/container/GridCardLayout/WidgetRow.tsx

@@ -4,12 +4,9 @@ import { Button, Popover } from 'antd';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { EllipsisIcon, PenLine, Plus, X } from 'lucide-react';
 import { useAppContext } from 'providers/App/App';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { usePanelTypeSelectionModalStore } from 'providers/Dashboard/helpers/panelTypeSelectionModalHelper';
 import { setSelectedRowWidgetId } from 'providers/Dashboard/helpers/selectedRowWidgetIdHelper';
-import {
-	selectIsDashboardLocked,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
 import { ROLES, USER_ROLES } from 'types/roles';
 import { ComponentTypes } from 'utils/permission';
 
@@ -42,8 +39,7 @@ export function WidgetRowHeader(props: WidgetRowHeaderProps): JSX.Element {
 		(s) => s.setIsPanelTypeSelectionModalOpen,
 	);
 
-	const { selectedDashboard } = useDashboardStore();
-	const isDashboardLocked = useDashboardStore(selectIsDashboardLocked);
+	const { selectedDashboard, isDashboardLocked } = useDashboard();
 
 	const permissions: ComponentTypes[] = ['add_panel'];
 	const { user } = useAppContext();

frontend/src/container/GridCardLayout/useNavigateToExplorerPages.ts

@@ -1,6 +1,6 @@
 import { useCallback } from 'react';
 import { useNotifications } from 'hooks/useNotifications';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { Widgets } from 'types/api/dashboard/getAll';
 import { BaseAutocompleteData } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import {
@@ -121,7 +121,7 @@ function useNavigateToExplorerPages(): (
 ) => Promise<{
 	[queryName: string]: { filters: TagFilterItem[]; dataSource?: string };
 }> {
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 	const { notifications } = useNotifications();
 
 	return useCallback(

frontend/src/container/LogExplorerQuerySection/LogExplorerQuerySection.test.tsx

@@ -92,8 +92,8 @@ jest.mock('hooks/useDarkMode', () => ({
 	useIsDarkMode: (): boolean => false,
 }));
 
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): { selectedDashboard: undefined } => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): { selectedDashboard: undefined } => ({
 		selectedDashboard: undefined,
 	}),
 }));

frontend/src/container/NewWidget/__test__/NewWidget.test.tsx

@@ -6,24 +6,11 @@
 // - Handling multiple rows correctly
 // - Handling widgets with different heights
 
-import { ReactNode } from 'react';
 import { I18nextProvider } from 'react-i18next';
 import { useSearchParams } from 'react-router-dom-v5-compat';
 import { screen } from '@testing-library/react';
 import { PANEL_TYPES } from 'constants/queryBuilder';
-import { useDashboardBootstrap } from 'hooks/dashboard/useDashboardBootstrap';
-
-function DashboardBootstrapWrapper({
-	dashboardId,
-	children,
-}: {
-	dashboardId: string;
-	children: ReactNode;
-}): JSX.Element {
-	useDashboardBootstrap(dashboardId);
-	// eslint-disable-next-line react/jsx-no-useless-fragment
-	return <>{children}</>;
-}
+import { DashboardProvider } from 'providers/Dashboard/Dashboard';
 import { PreferenceContextProvider } from 'providers/preferences/context/PreferenceContextProvider';
 import i18n from 'ReactI18';
 import {
@@ -322,7 +309,7 @@ describe('Stacking bar in new panel', () => {
 
 		const { container, getByText } = render(
 			<I18nextProvider i18n={i18n}>
-				<DashboardBootstrapWrapper dashboardId="">
+				<DashboardProvider dashboardId="">
 					<PreferenceContextProvider>
 						<NewWidget
 							dashboardId=""
@@ -330,7 +317,7 @@ describe('Stacking bar in new panel', () => {
 							selectedGraph={PANEL_TYPES.BAR}
 						/>
 					</PreferenceContextProvider>
-				</DashboardBootstrapWrapper>
+				</DashboardProvider>
 			</I18nextProvider>,
 		);
 
@@ -375,13 +362,13 @@ describe('when switching to BAR panel type', () => {
 		});
 
 		const { getByTestId, getByText, container } = render(
-			<DashboardBootstrapWrapper dashboardId="">
+			<DashboardProvider dashboardId="">
 				<NewWidget
 					dashboardId=""
 					selectedDashboard={undefined}
 					selectedGraph={PANEL_TYPES.BAR}
 				/>
-			</DashboardBootstrapWrapper>,
+			</DashboardProvider>,
 		);
 
 		expect(getByTestId('panel-change-select')).toHaveAttribute(

frontend/src/container/NewWidget/types.ts

@@ -2,15 +2,16 @@ import { Dispatch, SetStateAction } from 'react';
 import { UseQueryResult } from 'react-query';
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { IDashboardContext } from 'providers/Dashboard/types';
 import { SuccessResponse, Warning } from 'types/api';
-import { Dashboard, Widgets } from 'types/api/dashboard/getAll';
+import { Widgets } from 'types/api/dashboard/getAll';
 import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
 
 import { timePreferance } from './RightContainer/timeItems';
 
 export interface NewWidgetProps {
 	dashboardId: string;
-	selectedDashboard: Dashboard | undefined;
+	selectedDashboard: IDashboardContext['selectedDashboard'];
 	selectedGraph: PANEL_TYPES;
 	enableDrillDown?: boolean;
 }
@@ -34,7 +35,7 @@ export interface WidgetGraphProps {
 		>
 	>;
 	enableDrillDown?: boolean;
-	selectedDashboard: Dashboard | undefined;
+	selectedDashboard: IDashboardContext['selectedDashboard'];
 	isNewPanel?: boolean;
 }
 

frontend/src/container/OnboardingV2Container/onboarding-configs/onboarding-config-with-links.json

@@ -6122,95 +6122,5 @@
 		],
 		"id": "huggingface-observability",
 		"link": "/docs/huggingface-observability/"
-	},
-	{
-		"dataSource": "mistral-observability",
-		"label": "Mistral AI",
-		"imgUrl": "/Logos/mistral.svg",
-		"tags": [
-			"LLM Monitoring"
-		],
-		"module": "apm",
-		"relatedSearchKeywords": [
-			"llm",
-			"llm monitoring",
-			"mistral",
-			"mistral ai",
-			"monitoring",
-			"observability",
-			"otel mistral",
-			"traces",
-			"tracing"
-		],
-		"id": "mistral-observability",
-		"link": "/docs/mistral-observability/"
-	},
-	{
-		"dataSource": "openclaw-observability",
-		"label": "OpenClaw",
-		"imgUrl": "/Logos/openclaw.svg",
-		"tags": [
-			"LLM Monitoring"
-		],
-		"module": "apm",
-		"relatedSearchKeywords": [
-			"llm",
-			"llm monitoring",
-			"monitoring",
-			"observability",
-			"openclaw",
-			"otel openclaw",
-			"traces",
-			"tracing"
-		],
-		"id": "openclaw-observability",
-		"link": "/docs/openclaw-monitoring/"
-	},
-	{
-		"dataSource": "claude-agent-monitoring",
-		"label": "Claude Agent SDK",
-		"imgUrl": "/Logos/claude-code.svg",
-		"tags": [
-			"LLM Monitoring"
-		],
-		"module": "apm",
-		"relatedSearchKeywords": [
-			"anthropic",
-			"claude",
-			"claude agent",
-			"claude agent sdk",
-			"claude sdk",
-			"llm",
-			"llm monitoring",
-			"monitoring",
-			"observability",
-			"otel claude",
-			"traces",
-			"tracing"
-		],
-		"id": "claude-agent-monitoring",
-		"link": "/docs/claude-agent-monitoring/"
-	},
-	{
-		"dataSource": "render-metrics",
-		"label": "Render",
-		"imgUrl": "/Logos/render.svg",
-		"tags": [
-			"infrastructure monitoring",
-			"metrics"
-		],
-		"module": "metrics",
-		"relatedSearchKeywords": [
-			"infrastructure",
-			"metrics",
-			"monitoring",
-			"observability",
-			"paas",
-			"render",
-			"render metrics",
-			"render monitoring"
-		],
-		"id": "render-metrics",
-		"link": "/docs/metrics-management/render-metrics/"
 	}
 ]

frontend/src/container/QueryTable/Drilldown/useBaseAggregateOptions.tsx

@@ -11,7 +11,7 @@ import useContextVariables from 'hooks/dashboard/useContextVariables';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import createQueryParams from 'lib/createQueryParams';
 import ContextMenu from 'periscope/components/ContextMenu';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { ContextLinksData } from 'types/api/dashboard/getAll';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';
 
@@ -66,7 +66,7 @@ const useBaseAggregateOptions = ({
 		getUpdatedQuery,
 		isLoading: isResolveQueryLoading,
 	} = useUpdatedQuery();
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 
 	useEffect(() => {
 		if (!aggregateData) {

frontend/src/container/QueryTable/__test__/QueryTable.test.tsx

@@ -12,8 +12,8 @@ jest.mock('react-router-dom', () => ({
 }));
 
 // Mock useDashabord hook
-jest.mock('providers/Dashboard/store/useDashboardStore', () => ({
-	useDashboardStore: (): any => ({
+jest.mock('providers/Dashboard/Dashboard', () => ({
+	useDashboard: (): any => ({
 		selectedDashboard: {
 			data: {
 				variables: [],

frontend/src/hooks/dashboard/__test__/useTransformDashboardVariables.test.tsx

@@ -1,5 +1,5 @@
 import { renderHook } from '@testing-library/react';
-import { getLocalStorageDashboardVariables } from 'hooks/dashboard/useDashboardFromLocalStorage';
+import { useDashboardVariablesFromLocalStorage } from 'hooks/dashboard/useDashboardFromLocalStorage';
 import { useTransformDashboardVariables } from 'hooks/dashboard/useTransformDashboardVariables';
 import useVariablesFromUrl from 'hooks/dashboard/useVariablesFromUrl';
 import { Dashboard, IDashboardVariable } from 'types/api/dashboard/getAll';
@@ -7,8 +7,8 @@ import { Dashboard, IDashboardVariable } from 'types/api/dashboard/getAll';
 jest.mock('hooks/dashboard/useDashboardFromLocalStorage');
 jest.mock('hooks/dashboard/useVariablesFromUrl');
 
-const mockGetLocalStorageDashboardVariables = getLocalStorageDashboardVariables as jest.MockedFunction<
-	typeof getLocalStorageDashboardVariables
+const mockUseDashboardVariablesFromLocalStorage = useDashboardVariablesFromLocalStorage as jest.MockedFunction<
+	typeof useDashboardVariablesFromLocalStorage
 >;
 const mockUseVariablesFromUrl = useVariablesFromUrl as jest.MockedFunction<
 	typeof useVariablesFromUrl
@@ -46,7 +46,10 @@ const setupHook = (
 	currentDashboard: Record<string, any> = {},
 	urlVariables: Record<string, any> = {},
 ): ReturnType<typeof useTransformDashboardVariables> => {
-	mockGetLocalStorageDashboardVariables.mockReturnValue(currentDashboard as any);
+	mockUseDashboardVariablesFromLocalStorage.mockReturnValue({
+		currentDashboard,
+		updateLocalStorageDashboardVariables: jest.fn(),
+	});
 	mockUseVariablesFromUrl.mockReturnValue({
 		getUrlVariables: () => urlVariables,
 		setUrlVariables: jest.fn(),

frontend/src/hooks/dashboard/useDashboardBootstrap.ts

@@ -1,164 +0,0 @@
-import { useEffect, useRef } from 'react';
-import { useTranslation } from 'react-i18next';
-// eslint-disable-next-line no-restricted-imports
-import { useDispatch, useSelector } from 'react-redux';
-import { Modal } from 'antd';
-import dayjs from 'dayjs';
-import { useTransformDashboardVariables } from 'hooks/dashboard/useTransformDashboardVariables';
-import useTabVisibility from 'hooks/useTabFocus';
-import { getUpdatedLayout } from 'lib/dashboard/getUpdatedLayout';
-import { getMinMaxForSelectedTime } from 'lib/getMinMax';
-import { defaultTo } from 'lodash-es';
-import { initializeDefaultVariables } from 'providers/Dashboard/initializeDefaultVariables';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
-import { sortLayout } from 'providers/Dashboard/util';
-// eslint-disable-next-line no-restricted-imports
-import { Dispatch } from 'redux';
-import { AppState } from 'store/reducers';
-import AppActions from 'types/actions';
-import { UPDATE_TIME_INTERVAL } from 'types/actions/globalTime';
-import { Dashboard } from 'types/api/dashboard/getAll';
-import { GlobalReducer } from 'types/reducer/globalTime';
-
-import { useDashboardQuery } from './useDashboardQuery';
-import { useDashboardVariablesSync } from './useDashboardVariablesSync';
-
-interface UseDashboardBootstrapOptions {
-	/** Pass `onModal.confirm` from `Modal.useModal()` to get theme-aware modals. Falls back to static `Modal.confirm`. */
-	confirm?: typeof Modal.confirm;
-}
-
-export interface UseDashboardBootstrapReturn {
-	isLoading: boolean;
-	isError: boolean;
-	isFetching: boolean;
-	error: unknown;
-}
-
-export function useDashboardBootstrap(
-	dashboardId: string,
-	options: UseDashboardBootstrapOptions = {},
-): UseDashboardBootstrapReturn {
-	const confirm = options.confirm ?? Modal.confirm;
-
-	const { t } = useTranslation(['dashboard']);
-	const dispatch = useDispatch<Dispatch<AppActions>>();
-	const globalTime = useSelector<AppState, GlobalReducer>(
-		(state) => state.globalTime,
-	);
-
-	const {
-		setSelectedDashboard,
-		setLayouts,
-		setPanelMap,
-		resetDashboardStore,
-	} = useDashboardStore();
-
-	const dashboardRef = useRef<Dashboard>();
-	const modalRef = useRef<ReturnType<typeof Modal.confirm>>();
-
-	const isVisible = useTabVisibility();
-
-	const {
-		getUrlVariables,
-		updateUrlVariable,
-		transformDashboardVariables,
-	} = useTransformDashboardVariables(dashboardId);
-
-	// Keep the external variables store in sync with selectedDashboard
-	useDashboardVariablesSync(dashboardId);
-
-	const dashboardQuery = useDashboardQuery(dashboardId);
-
-	// Handle new dashboard data: initialize on first load, detect changes on subsequent fetches.
-	// React Query's structural sharing means this effect only fires when data actually changes.
-	useEffect(() => {
-		if (!dashboardQuery.data?.data) {
-			return;
-		}
-
-		const updatedDashboardData = transformDashboardVariables(
-			dashboardQuery.data.data,
-		);
-		const updatedDate = dayjs(updatedDashboardData?.updatedAt);
-
-		// First load: initialize store and URL variables, then return
-		if (!dashboardRef.current) {
-			const variables = updatedDashboardData?.data?.variables;
-			if (variables) {
-				initializeDefaultVariables(variables, getUrlVariables, updateUrlVariable);
-			}
-			setSelectedDashboard(updatedDashboardData);
-			dashboardRef.current = updatedDashboardData;
-			setLayouts(sortLayout(getUpdatedLayout(updatedDashboardData?.data.layout)));
-			setPanelMap(defaultTo(updatedDashboardData?.data?.panelMap, {}));
-			return;
-		}
-
-		// Subsequent fetches: skip if updatedAt hasn't advanced
-		if (!updatedDate.isAfter(dayjs(dashboardRef.current.updatedAt))) {
-			return;
-		}
-
-		// Data has changed: prompt user if tab is visible
-		if (isVisible && dashboardRef.current.id === updatedDashboardData?.id) {
-			const modal = confirm({
-				centered: true,
-				title: t('dashboard_has_been_updated'),
-				content: t('do_you_want_to_refresh_the_dashboard'),
-				onOk() {
-					setSelectedDashboard(updatedDashboardData);
-
-					const { maxTime, minTime } = getMinMaxForSelectedTime(
-						globalTime.selectedTime,
-						globalTime.minTime,
-						globalTime.maxTime,
-					);
-					dispatch({
-						type: UPDATE_TIME_INTERVAL,
-						payload: { maxTime, minTime, selectedTime: globalTime.selectedTime },
-					});
-
-					dashboardRef.current = updatedDashboardData;
-					setLayouts(
-						sortLayout(getUpdatedLayout(updatedDashboardData?.data.layout)),
-					);
-					setPanelMap(defaultTo(updatedDashboardData?.data.panelMap, {}));
-				},
-			});
-			modalRef.current = modal;
-		}
-		// eslint-disable-next-line react-hooks/exhaustive-deps
-	}, [dashboardQuery.data]);
-
-	// Refetch when tab becomes visible (after initial load)
-	useEffect(() => {
-		if (isVisible && dashboardRef.current && !!dashboardId) {
-			dashboardQuery.refetch();
-		}
-		// eslint-disable-next-line react-hooks/exhaustive-deps
-	}, [isVisible]);
-
-	// Dismiss stale modal when tab is hidden
-	useEffect(() => {
-		if (!isVisible && modalRef.current) {
-			modalRef.current.destroy();
-		}
-	}, [isVisible]);
-
-	// Reset store on unmount so stale state doesn't bleed across dashboards
-	useEffect(
-		() => (): void => {
-			resetDashboardStore();
-		},
-		// eslint-disable-next-line react-hooks/exhaustive-deps
-		[],
-	);
-
-	return {
-		isLoading: dashboardQuery.isLoading,
-		isError: dashboardQuery.isError,
-		isFetching: dashboardQuery.isFetching,
-		error: dashboardQuery.error,
-	};
-}

frontend/src/hooks/dashboard/useDashboardFromLocalStorage.ts

@@ -1,68 +0,0 @@
-import getLocalStorageKey from 'api/browser/localstorage/get';
-import setLocalStorageKey from 'api/browser/localstorage/set';
-import { LOCALSTORAGE } from 'constants/localStorage';
-import { IDashboardVariable } from 'types/api/dashboard/getAll';
-
-export interface LocalStoreDashboardVariables {
-	[id: string]: {
-		selectedValue: IDashboardVariable['selectedValue'];
-		allSelected: boolean;
-	};
-}
-
-interface DashboardLocalStorageVariables {
-	[id: string]: LocalStoreDashboardVariables;
-}
-
-function readAll(): DashboardLocalStorageVariables {
-	const raw = getLocalStorageKey(LOCALSTORAGE.DASHBOARD_VARIABLES);
-	if (!raw) {
-		return {};
-	}
-	try {
-		return JSON.parse(raw);
-	} catch {
-		console.error('Failed to parse dashboard variables from local storage');
-		return {};
-	}
-}
-
-function writeAll(data: DashboardLocalStorageVariables): void {
-	try {
-		setLocalStorageKey(LOCALSTORAGE.DASHBOARD_VARIABLES, JSON.stringify(data));
-	} catch {
-		console.error('Failed to set dashboard variables in local storage');
-	}
-}
-
-/** Read the saved variable selections for a dashboard from localStorage. */
-export function getLocalStorageDashboardVariables(
-	dashboardId: string,
-): LocalStoreDashboardVariables {
-	return readAll()[dashboardId] ?? {};
-}
-
-/**
- * Write one variable's selection for a dashboard to localStorage.
- * All call sites write to the same store with no React state coordination.
- */
-export function updateLocalStorageDashboardVariable(
-	dashboardId: string,
-	id: string,
-	selectedValue: IDashboardVariable['selectedValue'],
-	allSelected: boolean,
-	isDynamic?: boolean,
-): void {
-	const all = readAll();
-	all[dashboardId] = {
-		...(all[dashboardId] ?? {}),
-		[id]:
-			isDynamic && allSelected
-				? {
-						selectedValue: (undefined as unknown) as IDashboardVariable['selectedValue'],
-						allSelected: true,
-				  }
-				: { selectedValue, allSelected },
-	};
-	writeAll(all);
-}

frontend/src/hooks/dashboard/useDashboardFromLocalStorage.tsx

@@ -0,0 +1,110 @@
+import { useEffect, useState } from 'react';
+import getLocalStorageKey from 'api/browser/localstorage/get';
+import setLocalStorageKey from 'api/browser/localstorage/set';
+import { LOCALSTORAGE } from 'constants/localStorage';
+import { defaultTo } from 'lodash-es';
+import { IDashboardVariable } from 'types/api/dashboard/getAll';
+
+interface LocalStoreDashboardVariables {
+	[id: string]: {
+		selectedValue: IDashboardVariable['selectedValue'];
+		allSelected: boolean;
+	};
+}
+interface DashboardLocalStorageVariables {
+	[id: string]: LocalStoreDashboardVariables;
+}
+
+export interface UseDashboardVariablesFromLocalStorageReturn {
+	currentDashboard: LocalStoreDashboardVariables;
+	updateLocalStorageDashboardVariables: (
+		id: string,
+		selectedValue: IDashboardVariable['selectedValue'],
+		allSelected: boolean,
+		isDynamic?: boolean,
+	) => void;
+}
+
+export const useDashboardVariablesFromLocalStorage = (
+	dashboardId: string,
+): UseDashboardVariablesFromLocalStorageReturn => {
+	const [
+		allDashboards,
+		setAllDashboards,
+	] = useState<DashboardLocalStorageVariables>({});
+
+	const [
+		currentDashboard,
+		setCurrentDashboard,
+	] = useState<LocalStoreDashboardVariables>({});
+
+	useEffect(() => {
+		const localStoreDashboardVariablesString = getLocalStorageKey(
+			LOCALSTORAGE.DASHBOARD_VARIABLES,
+		);
+		let localStoreDashboardVariables: DashboardLocalStorageVariables = {};
+		if (localStoreDashboardVariablesString === null) {
+			try {
+				const serialzedData = JSON.stringify({
+					[dashboardId]: {},
+				});
+
+				setLocalStorageKey(LOCALSTORAGE.DASHBOARD_VARIABLES, serialzedData);
+			} catch {
+				console.error('Failed to seralise the data');
+			}
+		} else {
+			try {
+				localStoreDashboardVariables = JSON.parse(
+					localStoreDashboardVariablesString,
+				);
+			} catch {
+				console.error('Failed to parse dashboards from local storage');
+				localStoreDashboardVariables = {};
+			} finally {
+				setAllDashboards(localStoreDashboardVariables);
+			}
+		}
+		setCurrentDashboard(defaultTo(localStoreDashboardVariables[dashboardId], {}));
+	}, [dashboardId]);
+
+	useEffect(() => {
+		try {
+			const serializedData = JSON.stringify(allDashboards);
+			setLocalStorageKey(LOCALSTORAGE.DASHBOARD_VARIABLES, serializedData);
+		} catch {
+			console.error('Failed to set dashboards in local storage');
+		}
+	}, [allDashboards]);
+
+	useEffect(() => {
+		setAllDashboards((prev) => ({
+			...prev,
+			[dashboardId]: { ...currentDashboard },
+		}));
+		// eslint-disable-next-line react-hooks/exhaustive-deps
+	}, [currentDashboard]);
+
+	const updateLocalStorageDashboardVariables = (
+		id: string,
+		selectedValue: IDashboardVariable['selectedValue'],
+		allSelected: boolean,
+		isDynamic?: boolean,
+	): void => {
+		setCurrentDashboard((prev) => ({
+			...prev,
+			[id]:
+				isDynamic && allSelected
+					? {
+							selectedValue: (undefined as unknown) as IDashboardVariable['selectedValue'],
+							allSelected: true,
+					  }
+					: { selectedValue, allSelected },
+		}));
+	};
+
+	return {
+		currentDashboard,
+		updateLocalStorageDashboardVariables,
+	};
+};

frontend/src/hooks/dashboard/useDashboardQuery.ts

@@ -1,49 +0,0 @@
-import { useQuery, UseQueryResult } from 'react-query';
-// eslint-disable-next-line no-restricted-imports
-import { useSelector } from 'react-redux';
-import getDashboard from 'api/v1/dashboards/id/get';
-import {
-	DASHBOARD_CACHE_TIME,
-	DASHBOARD_CACHE_TIME_ON_REFRESH_ENABLED,
-} from 'constants/queryCacheTime';
-import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import { useAppContext } from 'providers/App/App';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import { AppState } from 'store/reducers';
-import { SuccessResponseV2 } from 'types/api';
-import { Dashboard } from 'types/api/dashboard/getAll';
-import APIError from 'types/api/error';
-import { GlobalReducer } from 'types/reducer/globalTime';
-
-/**
- * Fetches a dashboard by ID. Handles auth gating, cache time based on
- * auto-refresh setting, and surfaces API errors via the error modal.
- */
-export function useDashboardQuery(
-	dashboardId: string,
-): UseQueryResult<SuccessResponseV2<Dashboard>> {
-	const { isLoggedIn } = useAppContext();
-	const { showErrorModal } = useErrorModal();
-	const globalTime = useSelector<AppState, GlobalReducer>(
-		(state) => state.globalTime,
-	);
-
-	return useQuery(
-		[
-			REACT_QUERY_KEY.DASHBOARD_BY_ID,
-			dashboardId,
-			globalTime.isAutoRefreshDisabled,
-		],
-		{
-			enabled: !!dashboardId && isLoggedIn,
-			queryFn: () => getDashboard({ id: dashboardId }),
-			refetchOnWindowFocus: false,
-			cacheTime: globalTime.isAutoRefreshDisabled
-				? DASHBOARD_CACHE_TIME
-				: DASHBOARD_CACHE_TIME_ON_REFRESH_ENABLED,
-			onError: (error) => {
-				showErrorModal(error as APIError);
-			},
-		},
-	);
-}

frontend/src/hooks/dashboard/useDashboardVariablesSync.ts

@@ -1,33 +0,0 @@
-import { useEffect } from 'react';
-import isEqual from 'lodash-es/isEqual';
-import {
-	setDashboardVariablesStore,
-	updateDashboardVariablesStore,
-} from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStore';
-import {
-	DashboardStore,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
-
-import { useDashboardVariablesSelector } from './useDashboardVariables';
-
-/**
- * Keeps the external variables store in sync with the zustand dashboard store.
- * When selectedDashboard changes, propagates variable updates to the variables store.
- */
-export function useDashboardVariablesSync(dashboardId: string): void {
-	const dashboardVariables = useDashboardVariablesSelector((s) => s.variables);
-	const savedDashboardId = useDashboardVariablesSelector((s) => s.dashboardId);
-	const selectedDashboard = useDashboardStore(
-		(s: DashboardStore) => s.selectedDashboard,
-	);
-
-	useEffect(() => {
-		const updatedVariables = selectedDashboard?.data.variables || {};
-		if (savedDashboardId !== dashboardId) {
-			setDashboardVariablesStore({ dashboardId, variables: updatedVariables });
-		} else if (!isEqual(dashboardVariables, updatedVariables)) {
-			updateDashboardVariablesStore({ dashboardId, variables: updatedVariables });
-		}
-	}, [selectedDashboard]); // eslint-disable-line react-hooks/exhaustive-deps
-}

frontend/src/hooks/dashboard/useLockDashboard.ts

@@ -1,42 +0,0 @@
-import { useMutation } from 'react-query';
-import locked from 'api/v1/dashboards/id/lock';
-import {
-	getSelectedDashboard,
-	useDashboardStore,
-} from 'providers/Dashboard/store/useDashboardStore';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import APIError from 'types/api/error';
-
-/**
- * Hook for toggling dashboard locked state.
- * Calls the lock API and syncs the result into the Zustand store.
- */
-export function useLockDashboard(): (value: boolean) => Promise<void> {
-	const { showErrorModal } = useErrorModal();
-	const { setSelectedDashboard } = useDashboardStore();
-
-	const { mutate: lockDashboard } = useMutation(locked, {
-		onSuccess: (_, props) => {
-			setSelectedDashboard((prev) =>
-				prev ? { ...prev, locked: props.lock } : prev,
-			);
-		},
-		onError: (error) => {
-			showErrorModal(error as APIError);
-		},
-	});
-
-	return async (value: boolean): Promise<void> => {
-		const selectedDashboard = getSelectedDashboard();
-		if (selectedDashboard) {
-			try {
-				await lockDashboard({
-					id: selectedDashboard.id,
-					lock: value,
-				});
-			} catch (error) {
-				showErrorModal(error as APIError);
-			}
-		}
-	};
-}

frontend/src/hooks/dashboard/useTransformDashboardVariables.ts

@@ -1,5 +1,8 @@
 import { ALL_SELECTED_VALUE } from 'components/NewSelect/utils';
-import { getLocalStorageDashboardVariables } from 'hooks/dashboard/useDashboardFromLocalStorage';
+import {
+	useDashboardVariablesFromLocalStorage,
+	UseDashboardVariablesFromLocalStorageReturn,
+} from 'hooks/dashboard/useDashboardFromLocalStorage';
 import useVariablesFromUrl, {
 	UseVariablesFromUrlReturn,
 } from 'hooks/dashboard/useVariablesFromUrl';
@@ -10,10 +13,14 @@ import { v4 as generateUUID } from 'uuid';
 
 export function useTransformDashboardVariables(
 	dashboardId: string,
-): Pick<UseVariablesFromUrlReturn, 'getUrlVariables' | 'updateUrlVariable'> & {
-	transformDashboardVariables: (data: Dashboard) => Dashboard;
-	currentDashboard: ReturnType<typeof getLocalStorageDashboardVariables>;
-} {
+): Pick<UseVariablesFromUrlReturn, 'getUrlVariables' | 'updateUrlVariable'> &
+	UseDashboardVariablesFromLocalStorageReturn & {
+		transformDashboardVariables: (data: Dashboard) => Dashboard;
+	} {
+	const {
+		currentDashboard,
+		updateLocalStorageDashboardVariables,
+	} = useDashboardVariablesFromLocalStorage(dashboardId);
 	const { getUrlVariables, updateUrlVariable } = useVariablesFromUrl();
 
 	const mergeDBWithLocalStorage = (
@@ -73,7 +80,7 @@ export function useTransformDashboardVariables(
 		if (data && data.data && data.data.variables) {
 			const clonedDashboardData = mergeDBWithLocalStorage(
 				JSON.parse(JSON.stringify(data)),
-				getLocalStorageDashboardVariables(dashboardId),
+				currentDashboard,
 			);
 			const { variables } = clonedDashboardData.data;
 			const existingOrders: Set<number> = new Set();
@@ -115,6 +122,7 @@ export function useTransformDashboardVariables(
 		transformDashboardVariables,
 		getUrlVariables,
 		updateUrlVariable,
-		currentDashboard: getLocalStorageDashboardVariables(dashboardId),
+		currentDashboard,
+		updateLocalStorageDashboardVariables,
 	};
 }

frontend/src/hooks/dashboard/useUpdateDashboard.tsx

@@ -1,5 +1,7 @@
 import { useMutation, UseMutationResult } from 'react-query';
 import update from 'api/v1/dashboards/id/update';
+import dayjs from 'dayjs';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { useErrorModal } from 'providers/ErrorModalProvider';
 import { SuccessResponseV2 } from 'types/api';
 import { Dashboard } from 'types/api/dashboard/getAll';
@@ -7,8 +9,14 @@ import { Props } from 'types/api/dashboard/update';
 import APIError from 'types/api/error';
 
 export const useUpdateDashboard = (): UseUpdateDashboard => {
+	const { updatedTimeRef } = useDashboard();
 	const { showErrorModal } = useErrorModal();
 	return useMutation(update, {
+		onSuccess: (data) => {
+			if (data.data) {
+				updatedTimeRef.current = dayjs(data.data.updatedAt);
+			}
+		},
 		onError: (error) => {
 			showErrorModal(error);
 		},

frontend/src/hooks/dashboard/useWidgetsByDynamicVariableId.ts

@@ -1,7 +1,7 @@
 import { useMemo } from 'react';
 import { PANEL_GROUP_TYPES } from 'constants/queryBuilder';
 import { createDynamicVariableToWidgetsMap } from 'hooks/dashboard/utils';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { Widgets } from 'types/api/dashboard/getAll';
 
 import { useDashboardVariablesByType } from './useDashboardVariablesByType';
@@ -12,7 +12,7 @@ import { useDashboardVariablesByType } from './useDashboardVariablesByType';
  */
 export function useWidgetsByDynamicVariableId(): Record<string, string[]> {
 	const dynamicVariables = useDashboardVariablesByType('DYNAMIC', 'values');
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 
 	return useMemo(() => {
 		const widgets =

frontend/src/hooks/queryBuilder/useCreateAlerts.tsx

@@ -17,7 +17,7 @@ import { useNotifications } from 'hooks/useNotifications';
 import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { isEmpty } from 'lodash-es';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { AppState } from 'store/reducers';
 import { Widgets } from 'types/api/dashboard/getAll';
 import { GlobalReducer } from 'types/reducer/globalTime';
@@ -33,7 +33,7 @@ const useCreateAlerts = (widget?: Widgets, caller?: string): VoidFunction => {
 
 	const { notifications } = useNotifications();
 
-	const { selectedDashboard } = useDashboardStore();
+	const { selectedDashboard } = useDashboard();
 
 	const { dashboardVariables } = useDashboardVariables();
 	const dashboardDynamicVariables = useDashboardVariablesByType(

frontend/src/pages/DashboardPage/DashboardPage.tsx

@@ -0,0 +1,40 @@
+import { useEffect } from 'react';
+import { Typography } from 'antd';
+import { AxiosError } from 'axios';
+import NotFound from 'components/NotFound';
+import Spinner from 'components/Spinner';
+import DashboardContainer from 'container/DashboardContainer';
+import { useDashboard } from 'providers/Dashboard/Dashboard';
+import { ErrorType } from 'types/common';
+
+function DashboardPage(): JSX.Element {
+	const { dashboardResponse } = useDashboard();
+
+	const { isFetching, isError, isLoading } = dashboardResponse;
+
+	const errorMessage = isError
+		? (dashboardResponse?.error as AxiosError<{ errorType: string }>)?.response
+				?.data?.errorType
+		: 'Something went wrong';
+
+	useEffect(() => {
+		const dashboardTitle = dashboardResponse.data?.data.data.title;
+		document.title = dashboardTitle || document.title;
+	}, [dashboardResponse.data?.data.data.title, isFetching]);
+
+	if (isError && !isFetching && errorMessage === ErrorType.NotFound) {
+		return <NotFound />;
+	}
+
+	if (isError && errorMessage) {
+		return <Typography>{errorMessage}</Typography>;
+	}
+
+	if (isLoading) {
+		return <Spinner tip="Loading.." />;
+	}
+
+	return <DashboardContainer />;
+}
+
+export default DashboardPage;

frontend/src/pages/DashboardPage/index.tsx

@@ -1,56 +1,16 @@
-import { useEffect } from 'react';
 import { useParams } from 'react-router-dom';
-import { Modal, Typography } from 'antd';
-import { AxiosError } from 'axios';
-import NotFound from 'components/NotFound';
-import Spinner from 'components/Spinner';
-import DashboardContainer from 'container/DashboardContainer';
-import { useDashboardBootstrap } from 'hooks/dashboard/useDashboardBootstrap';
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
-import { ErrorType } from 'types/common';
+import { DashboardProvider } from 'providers/Dashboard/Dashboard';
 
-function DashboardPage(): JSX.Element {
+import DashboardPage from './DashboardPage';
+
+function DashboardPageWithProvider(): JSX.Element {
 	const { dashboardId } = useParams<{ dashboardId: string }>();
 
-	const [onModal, Content] = Modal.useModal();
-
-	const {
-		isLoading,
-		isError,
-		isFetching,
-		error,
-	} = useDashboardBootstrap(dashboardId, { confirm: onModal.confirm });
-
-	const dashboardTitle = useDashboardStore(
-		(s) => s.selectedDashboard?.data.title,
-	);
-
-	useEffect(() => {
-		document.title = dashboardTitle || document.title;
-	}, [dashboardTitle]);
-
-	const errorMessage = isError
-		? (error as AxiosError<{ errorType: string }>)?.response?.data?.errorType
-		: 'Something went wrong';
-
-	if (isError && !isFetching && errorMessage === ErrorType.NotFound) {
-		return <NotFound />;
-	}
-
-	if (isError && errorMessage) {
-		return <Typography>{errorMessage}</Typography>;
-	}
-
-	if (isLoading) {
-		return <Spinner tip="Loading.." />;
-	}
-
 	return (
-		<>
-			{Content}
-			<DashboardContainer />
-		</>
+		<DashboardProvider dashboardId={dashboardId}>
+			<DashboardPage />
+		</DashboardProvider>
 	);
 }
 
-export default DashboardPage;
+export default DashboardPageWithProvider;

frontend/src/providers/Dashboard/Dashboard.tsx

@@ -0,0 +1,365 @@
+import {
+	// eslint-disable-next-line no-restricted-imports
+	createContext,
+	PropsWithChildren,
+	// eslint-disable-next-line no-restricted-imports
+	useContext,
+	useEffect,
+	useMemo,
+	useRef,
+	useState,
+} from 'react';
+import { Layout } from 'react-grid-layout';
+import { useTranslation } from 'react-i18next';
+import { useMutation, useQuery, UseQueryResult } from 'react-query';
+// eslint-disable-next-line no-restricted-imports
+import { useDispatch, useSelector } from 'react-redux';
+import { Modal } from 'antd';
+import getDashboard from 'api/v1/dashboards/id/get';
+import locked from 'api/v1/dashboards/id/lock';
+import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
+import dayjs, { Dayjs } from 'dayjs';
+import { useTransformDashboardVariables } from 'hooks/dashboard/useTransformDashboardVariables';
+import useTabVisibility from 'hooks/useTabFocus';
+import { getUpdatedLayout } from 'lib/dashboard/getUpdatedLayout';
+import { getMinMaxForSelectedTime } from 'lib/getMinMax';
+import { defaultTo } from 'lodash-es';
+import isEqual from 'lodash-es/isEqual';
+import isUndefined from 'lodash-es/isUndefined';
+import omitBy from 'lodash-es/omitBy';
+import { useAppContext } from 'providers/App/App';
+import { initializeDefaultVariables } from 'providers/Dashboard/initializeDefaultVariables';
+import { useErrorModal } from 'providers/ErrorModalProvider';
+// eslint-disable-next-line no-restricted-imports
+import { Dispatch } from 'redux';
+import { AppState } from 'store/reducers';
+import AppActions from 'types/actions';
+import { UPDATE_TIME_INTERVAL } from 'types/actions/globalTime';
+import { SuccessResponseV2 } from 'types/api';
+import { Dashboard } from 'types/api/dashboard/getAll';
+import APIError from 'types/api/error';
+import { GlobalReducer } from 'types/reducer/globalTime';
+
+import {
+	DASHBOARD_CACHE_TIME,
+	DASHBOARD_CACHE_TIME_ON_REFRESH_ENABLED,
+} from '../../constants/queryCacheTime';
+import { useDashboardVariablesSelector } from '../../hooks/dashboard/useDashboardVariables';
+import {
+	setDashboardVariablesStore,
+	updateDashboardVariablesStore,
+} from './store/dashboardVariables/dashboardVariablesStore';
+import { IDashboardContext, WidgetColumnWidths } from './types';
+import { sortLayout } from './util';
+
+export const DashboardContext = createContext<IDashboardContext>({
+	isDashboardLocked: false,
+	handleDashboardLockToggle: () => {},
+	dashboardResponse: {} as UseQueryResult<
+		SuccessResponseV2<Dashboard>,
+		APIError
+	>,
+	selectedDashboard: {} as Dashboard,
+	layouts: [],
+	panelMap: {},
+	setPanelMap: () => {},
+
+	setLayouts: () => {},
+	setSelectedDashboard: () => {},
+	updatedTimeRef: {} as React.MutableRefObject<Dayjs | null>,
+	updateLocalStorageDashboardVariables: () => {},
+	dashboardQueryRangeCalled: false,
+	setDashboardQueryRangeCalled: () => {},
+	isDashboardFetching: false,
+	columnWidths: {},
+	setColumnWidths: () => {},
+});
+
+// eslint-disable-next-line sonarjs/cognitive-complexity
+export function DashboardProvider({
+	children,
+	dashboardId,
+}: PropsWithChildren<{ dashboardId: string }>): JSX.Element {
+	const [isDashboardLocked, setIsDashboardLocked] = useState<boolean>(false);
+
+	const [
+		dashboardQueryRangeCalled,
+		setDashboardQueryRangeCalled,
+	] = useState<boolean>(false);
+
+	const { showErrorModal } = useErrorModal();
+
+	const dispatch = useDispatch<Dispatch<AppActions>>();
+
+	const globalTime = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
+
+	const [onModal, Content] = Modal.useModal();
+
+	const [layouts, setLayouts] = useState<Layout[]>([]);
+
+	const [panelMap, setPanelMap] = useState<
+		Record<string, { widgets: Layout[]; collapsed: boolean }>
+	>({});
+
+	const { isLoggedIn } = useAppContext();
+
+	const [selectedDashboard, setSelectedDashboard] = useState<Dashboard>();
+	const dashboardVariables = useDashboardVariablesSelector((s) => s.variables);
+	const savedDashboardId = useDashboardVariablesSelector((s) => s.dashboardId);
+
+	useEffect(() => {
+		const existingVariables = dashboardVariables;
+		const updatedVariables = selectedDashboard?.data.variables || {};
+
+		if (savedDashboardId !== dashboardId) {
+			setDashboardVariablesStore({
+				dashboardId,
+				variables: updatedVariables,
+			});
+		} else if (!isEqual(existingVariables, updatedVariables)) {
+			updateDashboardVariablesStore({
+				dashboardId,
+				variables: updatedVariables,
+			});
+		}
+	}, [selectedDashboard]);
+
+	const {
+		currentDashboard,
+		updateLocalStorageDashboardVariables,
+		getUrlVariables,
+		updateUrlVariable,
+		transformDashboardVariables,
+	} = useTransformDashboardVariables(dashboardId);
+
+	const updatedTimeRef = useRef<Dayjs | null>(null); // Using ref to store the updated time
+	const modalRef = useRef<any>(null);
+
+	const isVisible = useTabVisibility();
+
+	const { t } = useTranslation(['dashboard']);
+	const dashboardRef = useRef<Dashboard>();
+
+	const [isDashboardFetching, setIsDashboardFetching] = useState<boolean>(false);
+
+	const dashboardResponse = useQuery(
+		[
+			REACT_QUERY_KEY.DASHBOARD_BY_ID,
+			dashboardId,
+			globalTime.isAutoRefreshDisabled,
+		],
+		{
+			enabled: !!dashboardId && isLoggedIn,
+			queryFn: async () => {
+				setIsDashboardFetching(true);
+				try {
+					return await getDashboard({
+						id: dashboardId,
+					});
+				} catch (error) {
+					showErrorModal(error as APIError);
+					return;
+				} finally {
+					setIsDashboardFetching(false);
+				}
+			},
+			refetchOnWindowFocus: false,
+			cacheTime: globalTime.isAutoRefreshDisabled
+				? DASHBOARD_CACHE_TIME
+				: DASHBOARD_CACHE_TIME_ON_REFRESH_ENABLED,
+			onError: (error) => {
+				showErrorModal(error as APIError);
+			},
+
+			onSuccess: (data: SuccessResponseV2<Dashboard>) => {
+				const updatedDashboardData = transformDashboardVariables(data?.data);
+
+				// initialize URL variables after dashboard state is set to avoid race conditions
+				const variables = updatedDashboardData?.data?.variables;
+				if (variables) {
+					initializeDefaultVariables(variables, getUrlVariables, updateUrlVariable);
+				}
+
+				const updatedDate = dayjs(updatedDashboardData?.updatedAt);
+
+				setIsDashboardLocked(updatedDashboardData?.locked || false);
+
+				// on first render
+				if (updatedTimeRef.current === null) {
+					setSelectedDashboard(updatedDashboardData);
+
+					updatedTimeRef.current = updatedDate;
+
+					dashboardRef.current = updatedDashboardData;
+
+					setLayouts(
+						sortLayout(getUpdatedLayout(updatedDashboardData?.data.layout)),
+					);
+
+					setPanelMap(defaultTo(updatedDashboardData?.data?.panelMap, {}));
+				}
+
+				if (
+					updatedTimeRef.current !== null &&
+					updatedDate.isAfter(updatedTimeRef.current) &&
+					isVisible &&
+					dashboardRef.current?.id === updatedDashboardData?.id
+				) {
+					// show modal when state is out of sync
+					const modal = onModal.confirm({
+						centered: true,
+						title: t('dashboard_has_been_updated'),
+						content: t('do_you_want_to_refresh_the_dashboard'),
+						onOk() {
+							setSelectedDashboard(updatedDashboardData);
+
+							const { maxTime, minTime } = getMinMaxForSelectedTime(
+								globalTime.selectedTime,
+								globalTime.minTime,
+								globalTime.maxTime,
+							);
+
+							dispatch({
+								type: UPDATE_TIME_INTERVAL,
+								payload: {
+									maxTime,
+									minTime,
+									selectedTime: globalTime.selectedTime,
+								},
+							});
+
+							dashboardRef.current = updatedDashboardData;
+
+							updatedTimeRef.current = dayjs(updatedDashboardData?.updatedAt);
+
+							setLayouts(
+								sortLayout(getUpdatedLayout(updatedDashboardData?.data.layout)),
+							);
+
+							setPanelMap(defaultTo(updatedDashboardData?.data.panelMap, {}));
+						},
+					});
+
+					modalRef.current = modal;
+				} else {
+					// normal flow
+					updatedTimeRef.current = dayjs(updatedDashboardData?.updatedAt);
+
+					dashboardRef.current = updatedDashboardData;
+
+					if (!isEqual(selectedDashboard, updatedDashboardData)) {
+						setSelectedDashboard(updatedDashboardData);
+					}
+
+					if (
+						!isEqual(
+							[omitBy(layouts, (value): boolean => isUndefined(value))[0]],
+							updatedDashboardData?.data.layout,
+						)
+					) {
+						setLayouts(
+							sortLayout(getUpdatedLayout(updatedDashboardData?.data.layout)),
+						);
+
+						setPanelMap(defaultTo(updatedDashboardData?.data.panelMap, {}));
+					}
+				}
+			},
+		},
+	);
+
+	useEffect(() => {
+		// make the call on tab visibility only if the user is on dashboard / widget page
+		if (isVisible && updatedTimeRef.current && !!dashboardId) {
+			dashboardResponse.refetch();
+		}
+		// eslint-disable-next-line react-hooks/exhaustive-deps
+	}, [isVisible]);
+
+	useEffect(() => {
+		if (!isVisible && modalRef.current) {
+			modalRef.current.destroy();
+		}
+	}, [isVisible]);
+
+	const { mutate: lockDashboard } = useMutation(locked, {
+		onSuccess: (_, props) => {
+			setIsDashboardLocked(props.lock);
+		},
+		onError: (error) => {
+			showErrorModal(error as APIError);
+		},
+	});
+
+	const handleDashboardLockToggle = async (value: boolean): Promise<void> => {
+		if (selectedDashboard) {
+			try {
+				await lockDashboard({
+					id: selectedDashboard.id,
+					lock: value,
+				});
+			} catch (error) {
+				showErrorModal(error as APIError);
+			}
+		}
+	};
+
+	const [columnWidths, setColumnWidths] = useState<WidgetColumnWidths>({});
+
+	const value: IDashboardContext = useMemo(
+		() => ({
+			isDashboardLocked,
+			handleDashboardLockToggle,
+			dashboardResponse,
+			selectedDashboard,
+			dashboardId,
+			layouts,
+			panelMap,
+			setLayouts,
+			setPanelMap,
+			setSelectedDashboard,
+			updatedTimeRef,
+			updateLocalStorageDashboardVariables,
+			dashboardQueryRangeCalled,
+			setDashboardQueryRangeCalled,
+			isDashboardFetching,
+			columnWidths,
+			setColumnWidths,
+		}),
+		// eslint-disable-next-line react-hooks/exhaustive-deps
+		[
+			isDashboardLocked,
+			dashboardResponse,
+			selectedDashboard,
+			dashboardId,
+			layouts,
+			panelMap,
+			updateLocalStorageDashboardVariables,
+			currentDashboard,
+			dashboardQueryRangeCalled,
+			setDashboardQueryRangeCalled,
+			isDashboardFetching,
+			columnWidths,
+			setColumnWidths,
+		],
+	);
+
+	return (
+		<DashboardContext.Provider value={value}>
+			{Content}
+			{children}
+		</DashboardContext.Provider>
+	);
+}
+
+export const useDashboard = (): IDashboardContext => {
+	const context = useContext(DashboardContext);
+
+	if (!context) {
+		throw new Error('Should be used inside the context');
+	}
+
+	return context;
+};

frontend/src/providers/Dashboard/__tests__/Dashboard.test.tsx

@@ -1,4 +1,3 @@
-import { ReactNode } from 'react';
 import { QueryClient, QueryClientProvider } from 'react-query';
 // eslint-disable-next-line no-restricted-imports
 import { useSelector } from 'react-redux';
@@ -7,20 +6,7 @@ import { render, RenderResult, screen, waitFor } from '@testing-library/react';
 import getDashboard from 'api/v1/dashboards/id/get';
 import { DASHBOARD_CACHE_TIME_ON_REFRESH_ENABLED } from 'constants/queryCacheTime';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import { useDashboardBootstrap } from 'hooks/dashboard/useDashboardBootstrap';
-
-function DashboardBootstrapWrapper({
-	dashboardId,
-	children,
-}: {
-	dashboardId: string;
-	children: ReactNode;
-}): JSX.Element {
-	useDashboardBootstrap(dashboardId);
-	// eslint-disable-next-line react/jsx-no-useless-fragment
-	return <>{children}</>;
-}
-import { useDashboardStore } from 'providers/Dashboard/store/useDashboardStore';
+import { DashboardProvider, useDashboard } from 'providers/Dashboard/Dashboard';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
 import { useDashboardVariables } from '../../../hooks/dashboard/useDashboardVariables';
@@ -69,12 +55,17 @@ jest.mock('react-redux', () => ({
 jest.mock('uuid', () => ({ v4: jest.fn(() => 'mock-uuid') }));
 
 function TestComponent(): JSX.Element {
-	const { selectedDashboard } = useDashboardStore();
+	const { dashboardResponse, selectedDashboard } = useDashboard();
 	const { dashboardVariables } = useDashboardVariables();
 
 	return (
 		<div>
 			<div data-testid="dashboard-id">{selectedDashboard?.id}</div>
+			<div data-testid="query-status">{dashboardResponse.status}</div>
+			<div data-testid="is-loading">{dashboardResponse.isLoading.toString()}</div>
+			<div data-testid="is-fetching">
+				{dashboardResponse.isFetching.toString()}
+			</div>
 			<div data-testid="dashboard-variables">
 				{dashboardVariables ? JSON.stringify(dashboardVariables) : 'null'}
 			</div>
@@ -98,7 +89,7 @@ function createTestQueryClient(): QueryClient {
 }
 
 // Helper to render with dashboard provider
-function renderWithDashboardBootstrap(
+function renderWithDashboardProvider(
 	dashboardId = 'test-dashboard-id',
 ): RenderResult {
 	const queryClient = createTestQueryClient();
@@ -107,9 +98,9 @@ function renderWithDashboardBootstrap(
 	return render(
 		<QueryClientProvider client={queryClient}>
 			<MemoryRouter initialEntries={[initialRoute]}>
-				<DashboardBootstrapWrapper dashboardId={dashboardId}>
+				<DashboardProvider dashboardId={dashboardId}>
 					<TestComponent />
-				</DashboardBootstrapWrapper>
+				</DashboardProvider>
 			</MemoryRouter>
 		</QueryClientProvider>,
 	);
@@ -181,7 +172,7 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 	describe('Query Key Behavior', () => {
 		it('should include route params in query key when on dashboard page', async () => {
 			const dashboardId = 'test-dashboard-id';
-			renderWithDashboardBootstrap(dashboardId);
+			renderWithDashboardProvider(dashboardId);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: dashboardId });
@@ -196,7 +187,7 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 			const newDashboardId = 'new-dashboard-id';
 
 			// First render with initial dashboard ID
-			const { rerender } = renderWithDashboardBootstrap(initialDashboardId);
+			const { rerender } = renderWithDashboardProvider(initialDashboardId);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: initialDashboardId });
@@ -206,9 +197,9 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 			rerender(
 				<QueryClientProvider client={createTestQueryClient()}>
 					<MemoryRouter initialEntries={[`/dashboard/${newDashboardId}`]}>
-						<DashboardBootstrapWrapper dashboardId={newDashboardId}>
+						<DashboardProvider dashboardId={newDashboardId}>
 							<TestComponent />
-						</DashboardBootstrapWrapper>
+						</DashboardProvider>
 					</MemoryRouter>
 				</QueryClientProvider>,
 			);
@@ -222,7 +213,7 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 		});
 
 		it('should not fetch when no dashboardId is provided', () => {
-			renderWithDashboardBootstrap('');
+			renderWithDashboardProvider('');
 
 			// Should not call the API
 			expect(mockGetDashboard).not.toHaveBeenCalled();
@@ -238,9 +229,9 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 			const { rerender } = render(
 				<QueryClientProvider client={queryClient}>
 					<MemoryRouter initialEntries={[`/dashboard/${dashboardId1}`]}>
-						<DashboardBootstrapWrapper dashboardId={dashboardId1}>
+						<DashboardProvider dashboardId={dashboardId1}>
 							<TestComponent />
-						</DashboardBootstrapWrapper>
+						</DashboardProvider>
 					</MemoryRouter>
 				</QueryClientProvider>,
 			);
@@ -252,9 +243,9 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 			rerender(
 				<QueryClientProvider client={queryClient}>
 					<MemoryRouter initialEntries={[`/dashboard/${dashboardId2}`]}>
-						<DashboardBootstrapWrapper dashboardId={dashboardId2}>
+						<DashboardProvider dashboardId={dashboardId2}>
 							<TestComponent />
-						</DashboardBootstrapWrapper>
+						</DashboardProvider>
 					</MemoryRouter>
 				</QueryClientProvider>,
 			);
@@ -295,9 +286,9 @@ describe('Dashboard Provider - Query Key with Route Params', () => {
 			render(
 				<QueryClientProvider client={queryClient}>
 					<MemoryRouter initialEntries={[`/dashboard/${dashboardId}`]}>
-						<DashboardBootstrapWrapper dashboardId={dashboardId}>
+						<DashboardProvider dashboardId={dashboardId}>
 							<TestComponent />
-						</DashboardBootstrapWrapper>
+						</DashboardProvider>
 					</MemoryRouter>
 				</QueryClientProvider>,
 			);
@@ -374,7 +365,7 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			// Empty URL variables - tests initialization flow
 			mockGetUrlVariables.mockReturnValue({});
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -430,7 +421,7 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 				.mockReturnValueOnce('development')
 				.mockReturnValueOnce(['db', 'cache']);
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -490,7 +481,7 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 
 			mockGetUrlVariables.mockReturnValue(urlVariables);
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -526,7 +517,7 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 				.mockReturnValueOnce('development')
 				.mockReturnValueOnce(['api']);
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				// Verify normalization was called with the specific values and variable configs
@@ -593,7 +584,7 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			} as any);
 			/* eslint-enable @typescript-eslint/no-explicit-any */
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -635,7 +626,7 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			} as any);
 			/* eslint-enable @typescript-eslint/no-explicit-any */
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -678,7 +669,7 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			} as any);
 			/* eslint-enable @typescript-eslint/no-explicit-any */
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });
@@ -720,7 +711,7 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			} as any);
 			/* eslint-enable @typescript-eslint/no-explicit-any */
 
-			renderWithDashboardBootstrap(DASHBOARD_ID);
+			renderWithDashboardProvider(DASHBOARD_ID);
 
 			await waitFor(() => {
 				expect(mockGetDashboard).toHaveBeenCalledWith({ id: DASHBOARD_ID });

frontend/src/providers/Dashboard/store/slices/dashboardLayoutSlice.ts

@@ -1,51 +0,0 @@
-import type { Layout } from 'react-grid-layout';
-import type { StateCreator } from 'zustand';
-
-import type { DashboardStore } from '../useDashboardStore';
-
-export interface DashboardLayoutSlice {
-	//
-	layouts: Layout[];
-	setLayouts: (updater: Layout[] | ((prev: Layout[]) => Layout[])) => void;
-	//
-	panelMap: Record<string, { widgets: Layout[]; collapsed: boolean }>;
-	setPanelMap: (
-		updater:
-			| Record<string, { widgets: Layout[]; collapsed: boolean }>
-			| ((
-					prev: Record<string, { widgets: Layout[]; collapsed: boolean }>,
-			  ) => Record<string, { widgets: Layout[]; collapsed: boolean }>),
-	) => void;
-	// resetDashboardLayout: () => void;
-}
-
-export const initialDashboardLayoutState = {
-	layouts: [] as Layout[],
-	panelMap: {} as Record<string, { widgets: Layout[]; collapsed: boolean }>,
-};
-
-export const createDashboardLayoutSlice: StateCreator<
-	DashboardStore,
-	[['zustand/immer', never]],
-	[],
-	DashboardLayoutSlice
-> = (set) => ({
-	...initialDashboardLayoutState,
-
-	setLayouts: (updater): void =>
-		set((state) => {
-			state.layouts =
-				typeof updater === 'function' ? updater(state.layouts) : updater;
-		}),
-
-	setPanelMap: (updater): void =>
-		set((state) => {
-			state.panelMap =
-				typeof updater === 'function' ? updater(state.panelMap) : updater;
-		}),
-
-	// resetDashboardLayout: () =>
-	// 	set((state) => {
-	// 		Object.assign(state, initialDashboardLayoutState);
-	// 	}),
-});

frontend/src/providers/Dashboard/store/slices/dashboardUISlice.ts

@@ -1,57 +0,0 @@
-import type { Dashboard } from 'types/api/dashboard/getAll';
-import type { StateCreator } from 'zustand';
-
-import type { DashboardStore } from '../useDashboardStore';
-
-export type WidgetColumnWidths = {
-	[widgetId: string]: Record<string, number>;
-};
-
-export interface DashboardUISlice {
-	//
-	selectedDashboard: Dashboard | undefined;
-	setSelectedDashboard: (
-		updater:
-			| Dashboard
-			| undefined
-			| ((prev: Dashboard | undefined) => Dashboard | undefined),
-	) => void;
-	//
-	columnWidths: WidgetColumnWidths;
-	setColumnWidths: (
-		updater:
-			| WidgetColumnWidths
-			| ((prev: WidgetColumnWidths) => WidgetColumnWidths),
-	) => void;
-}
-
-export const initialDashboardUIState = {
-	selectedDashboard: undefined as Dashboard | undefined,
-	columnWidths: {} as WidgetColumnWidths,
-};
-
-export const createDashboardUISlice: StateCreator<
-	DashboardStore,
-	[['zustand/immer', never]],
-	[],
-	DashboardUISlice
-> = (set) => ({
-	...initialDashboardUIState,
-
-	setSelectedDashboard: (updater): void =>
-		set((state: DashboardUISlice): void => {
-			state.selectedDashboard =
-				typeof updater === 'function' ? updater(state.selectedDashboard) : updater;
-		}),
-
-	setColumnWidths: (updater): void =>
-		set((state: DashboardUISlice): void => {
-			state.columnWidths =
-				typeof updater === 'function' ? updater(state.columnWidths) : updater;
-		}),
-
-	resetDashboardUI: (): void =>
-		set((state: DashboardUISlice): void => {
-			Object.assign(state, initialDashboardUIState);
-		}),
-});

frontend/src/providers/Dashboard/store/useDashboardStore.ts

@@ -1,50 +0,0 @@
-import type { Layout } from 'react-grid-layout';
-import type { Dashboard } from 'types/api/dashboard/getAll';
-import { create } from 'zustand';
-import { immer } from 'zustand/middleware/immer';
-
-import {
-	createDashboardLayoutSlice,
-	DashboardLayoutSlice,
-	initialDashboardLayoutState,
-} from './slices/dashboardLayoutSlice';
-import {
-	createDashboardUISlice,
-	DashboardUISlice,
-	initialDashboardUIState,
-} from './slices/dashboardUISlice';
-
-export type DashboardStore = DashboardUISlice &
-	DashboardLayoutSlice & {
-		resetDashboardStore: () => void;
-	};
-
-/**
- * 'select*' is a redux naming convention that can be carried over to zustand.
- * It is used to select a piece of state from the store.
- * In this case, we are selecting the locked state of the selected dashboard.
- * */
-export const selectIsDashboardLocked = (s: DashboardStore): boolean =>
-	s.selectedDashboard?.locked ?? false;
-
-export const useDashboardStore = create<DashboardStore>()(
-	immer((set, get, api) => ({
-		...createDashboardUISlice(set, get, api),
-		...createDashboardLayoutSlice(set, get, api),
-
-		resetDashboardStore: (): void =>
-			set((state: DashboardStore) => {
-				Object.assign(state, initialDashboardUIState, initialDashboardLayoutState);
-			}),
-	})),
-);
-
-// Standalone imperative accessors — use these instead of calling useDashboardStore.getState() at call sites.
-export const getSelectedDashboard = (): Dashboard | undefined =>
-	useDashboardStore.getState().selectedDashboard;
-
-export const getDashboardLayouts = (): Layout[] =>
-	useDashboardStore.getState().layouts;
-
-export const resetDashboard = (): void =>
-	useDashboardStore.getState().resetDashboardStore();

frontend/src/providers/Dashboard/types.ts

@@ -0,0 +1,41 @@
+import { Layout } from 'react-grid-layout';
+import { UseQueryResult } from 'react-query';
+import dayjs from 'dayjs';
+import { SuccessResponseV2 } from 'types/api';
+import { Dashboard } from 'types/api/dashboard/getAll';
+
+export type WidgetColumnWidths = {
+	[widgetId: string]: Record<string, number>;
+};
+
+export interface IDashboardContext {
+	isDashboardLocked: boolean;
+	handleDashboardLockToggle: (value: boolean) => void;
+	dashboardResponse: UseQueryResult<SuccessResponseV2<Dashboard>, unknown>;
+	selectedDashboard: Dashboard | undefined;
+	layouts: Layout[];
+	panelMap: Record<string, { widgets: Layout[]; collapsed: boolean }>;
+	setPanelMap: React.Dispatch<React.SetStateAction<Record<string, any>>>;
+	setLayouts: React.Dispatch<React.SetStateAction<Layout[]>>;
+	setSelectedDashboard: React.Dispatch<
+		React.SetStateAction<Dashboard | undefined>
+	>;
+	updatedTimeRef: React.MutableRefObject<dayjs.Dayjs | null>;
+	updateLocalStorageDashboardVariables: (
+		id: string,
+		selectedValue:
+			| string
+			| number
+			| boolean
+			| (string | number | boolean)[]
+			| null
+			| undefined,
+		allSelected: boolean,
+		isDynamic?: boolean,
+	) => void;
+	dashboardQueryRangeCalled: boolean;
+	setDashboardQueryRangeCalled: (value: boolean) => void;
+	isDashboardFetching: boolean;
+	columnWidths: WidgetColumnWidths;
+	setColumnWidths: React.Dispatch<React.SetStateAction<WidgetColumnWidths>>;
+}

go.mod

@@ -81,8 +81,6 @@ require (
 	golang.org/x/oauth2 v0.34.0
 	golang.org/x/sync v0.19.0
 	golang.org/x/text v0.33.0
-	gonum.org/v1/gonum v0.17.0
-	google.golang.org/api v0.265.0
 	google.golang.org/protobuf v1.36.11
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
@@ -379,6 +377,8 @@ require (
 	golang.org/x/sys v0.40.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
 	golang.org/x/tools v0.41.0 // indirect
+	gonum.org/v1/gonum v0.17.0 // indirect
+	google.golang.org/api v0.265.0
 	google.golang.org/genproto/googleapis/api v0.0.0-20260203192932-546029d2fa20 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 // indirect
 	google.golang.org/grpc v1.78.0 // indirect

pkg/apiserver/signozapiserver/provider.go

@@ -50,7 +50,6 @@ type provider struct {
 	zeusHandler            zeus.Handler
 	querierHandler         querier.Handler
 	serviceAccountHandler  serviceaccount.Handler
-	factoryHandler         factory.Handler
 }
 
 func NewFactory(
@@ -73,7 +72,6 @@ func NewFactory(
 	zeusHandler zeus.Handler,
 	querierHandler querier.Handler,
 	serviceAccountHandler serviceaccount.Handler,
-	factoryHandler factory.Handler,
 ) factory.ProviderFactory[apiserver.APIServer, apiserver.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("signoz"), func(ctx context.Context, providerSettings factory.ProviderSettings, config apiserver.Config) (apiserver.APIServer, error) {
 		return newProvider(
@@ -99,7 +97,6 @@ func NewFactory(
 			zeusHandler,
 			querierHandler,
 			serviceAccountHandler,
-			factoryHandler,
 		)
 	})
 }
@@ -127,7 +124,6 @@ func newProvider(
 	zeusHandler zeus.Handler,
 	querierHandler querier.Handler,
 	serviceAccountHandler serviceaccount.Handler,
-	factoryHandler factory.Handler,
 ) (apiserver.APIServer, error) {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/apiserver/signozapiserver")
 	router := mux.NewRouter().UseEncodedPath()
@@ -153,7 +149,6 @@ func newProvider(
 		zeusHandler:            zeusHandler,
 		querierHandler:         querierHandler,
 		serviceAccountHandler:  serviceAccountHandler,
-		factoryHandler:         factoryHandler,
 	}
 
 	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz)
@@ -238,10 +233,6 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}
 
-	if err := provider.addRegistryRoutes(router); err != nil {
-		return err
-	}
-
 	return nil
 }
 

pkg/apiserver/signozapiserver/registry.go

@@ -1,84 +0,0 @@
-package signozapiserver
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	pkghandler "github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/gorilla/mux"
-	openapi "github.com/swaggest/openapi-go"
-)
-
-type healthOpenAPIHandler struct {
-	handlerFunc http.HandlerFunc
-	id          string
-	summary     string
-}
-
-func newHealthOpenAPIHandler(handlerFunc http.HandlerFunc, id, summary string) pkghandler.Handler {
-	return &healthOpenAPIHandler{
-		handlerFunc: handlerFunc,
-		id:          id,
-		summary:     summary,
-	}
-}
-
-func (handler *healthOpenAPIHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	handler.handlerFunc.ServeHTTP(rw, req)
-}
-
-func (handler *healthOpenAPIHandler) ServeOpenAPI(opCtx openapi.OperationContext) {
-	opCtx.SetID(handler.id)
-	opCtx.SetTags("health")
-	opCtx.SetSummary(handler.summary)
-
-	response := render.SuccessResponse{
-		Status: render.StatusSuccess.String(),
-		Data:   new(factory.Response),
-	}
-
-	opCtx.AddRespStructure(
-		response,
-		openapi.WithContentType("application/json"),
-		openapi.WithHTTPStatus(http.StatusOK),
-	)
-	opCtx.AddRespStructure(
-		response,
-		openapi.WithContentType("application/json"),
-		openapi.WithHTTPStatus(http.StatusServiceUnavailable),
-	)
-}
-
-func (provider *provider) addRegistryRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v2/healthz", newHealthOpenAPIHandler(
-		provider.authZ.OpenAccess(provider.factoryHandler.Healthz),
-		"Healthz",
-		"Health check",
-	)).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/readyz", newHealthOpenAPIHandler(
-		provider.authZ.OpenAccess(provider.factoryHandler.Readyz),
-		"Readyz",
-		"Readiness check",
-	)).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/livez", pkghandler.New(provider.authZ.OpenAccess(provider.factoryHandler.Livez),
-		pkghandler.OpenAPIDef{
-			ID:                  "Livez",
-			Tags:                []string{"health"},
-			Summary:             "Liveness check",
-			Response:            new(factory.Response),
-			ResponseContentType: "application/json",
-			SuccessStatusCode:   http.StatusOK,
-		},
-	)).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	return nil
-}

pkg/apiserver/signozapiserver/user.go

@@ -43,6 +43,74 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
+	if err := router.Handle("/api/v1/pats", handler.New(provider.authZ.AdminAccess(provider.userHandler.CreateAPIKey), handler.OpenAPIDef{
+		ID:                  "CreateAPIKey",
+		Tags:                []string{"users"},
+		Summary:             "Create api key",
+		Description:         "This endpoint creates an api key",
+		Request:             new(types.PostableAPIKey),
+		RequestContentType:  "application/json",
+		Response:            new(types.GettableAPIKey),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/pats", handler.New(provider.authZ.AdminAccess(provider.userHandler.ListAPIKeys), handler.OpenAPIDef{
+		ID:                  "ListAPIKeys",
+		Tags:                []string{"users"},
+		Summary:             "List api keys",
+		Description:         "This endpoint lists all api keys",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            make([]*types.GettableAPIKey, 0),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/pats/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.UpdateAPIKey), handler.OpenAPIDef{
+		ID:                  "UpdateAPIKey",
+		Tags:                []string{"users"},
+		Summary:             "Update api key",
+		Description:         "This endpoint updates an api key",
+		Request:             new(types.StorableAPIKey),
+		RequestContentType:  "application/json",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/pats/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.RevokeAPIKey), handler.OpenAPIDef{
+		ID:                  "RevokeAPIKey",
+		Tags:                []string{"users"},
+		Summary:             "Revoke api key",
+		Description:         "This endpoint revokes an api key",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/user", handler.New(provider.authZ.AdminAccess(provider.userHandler.ListUsers), handler.OpenAPIDef{
 		ID:                  "ListUsers",
 		Tags:                []string{"users"},

pkg/authn/passwordauthn/emailpasswordauthn/authn.go

@@ -21,7 +21,7 @@ func New(store authtypes.AuthNStore) *AuthN {
 }
 
 func (a *AuthN) Authenticate(ctx context.Context, email string, password string, orgID valuer.UUID) (*authtypes.Identity, error) {
-	user, factorPassword, _, err := a.store.GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx, email, orgID)
+	user, factorPassword, userRoles, err := a.store.GetActiveUserAndFactorPasswordByEmailAndOrgID(ctx, email, orgID)
 	if err != nil {
 		return nil, err
 	}
@@ -30,5 +30,11 @@ func (a *AuthN) Authenticate(ctx context.Context, email string, password string,
 		return nil, errors.New(errors.TypeUnauthenticated, types.ErrCodeIncorrectPassword, "invalid email or password")
 	}
 
-	return authtypes.NewPrincipalUserIdentity(user.ID, orgID, user.Email, authtypes.IdentNProviderTokenizer), nil
+	if len(userRoles) == 0 {
+		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeUserRolesNotFound, "no user roles entries found")
+	}
+
+	role := authtypes.SigNozManagedRoleToExistingLegacyRole[userRoles[0].Role.Name]
+
+	return authtypes.NewIdentity(user.ID, orgID, user.Email, role, authtypes.IdentNProviderTokenizer), nil
 }

pkg/authz/authz.go

@@ -11,7 +11,7 @@ import (
 )
 
 type AuthZ interface {
-	factory.ServiceWithHealthy
+	factory.Service
 
 	// CheckWithTupleCreation takes upon the responsibility for generating the tuples alongside everything Check does.
 	CheckWithTupleCreation(context.Context, authtypes.Claims, valuer.UUID, authtypes.Relation, authtypes.Typeable, []authtypes.Selector, []authtypes.Selector) error

pkg/authz/authzstore/sqlauthzstore/store.go

@@ -97,7 +97,11 @@ func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID,
 	}
 
 	if len(roles) != len(names) {
-		return nil, errors.Newf(errors.TypeInvalidInput, authtypes.ErrCodeRoleNotFound, "not all roles found for the provided names: %v", names)
+		return nil, store.sqlstore.WrapNotFoundErrf(
+			nil,
+			authtypes.ErrCodeRoleNotFound,
+			"not all roles found for the provided names: %v", names,
+		)
 	}
 
 	return roles, nil
@@ -118,7 +122,11 @@ func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, id
 	}
 
 	if len(roles) != len(ids) {
-		return nil, errors.Newf(errors.TypeInvalidInput, authtypes.ErrCodeRoleNotFound, "not all roles found for the provided names: %v", ids)
+		return nil, store.sqlstore.WrapNotFoundErrf(
+			nil,
+			authtypes.ErrCodeRoleNotFound,
+			"not all roles found for the provided ids: %v", ids,
+		)
 	}
 
 	return roles, nil

pkg/authz/openfgaauthz/provider.go

@@ -43,10 +43,6 @@ func (provider *provider) Start(ctx context.Context) error {
 	return provider.server.Start(ctx)
 }
 
-func (provider *provider) Healthy() <-chan struct{} {
-	return provider.server.Healthy()
-}
-
 func (provider *provider) Stop(ctx context.Context) error {
 	return provider.server.Stop(ctx)
 }

pkg/authz/openfgaserver/server.go

@@ -31,7 +31,6 @@ type Server struct {
 	modelID       string
 	mtx           sync.RWMutex
 	stopChan      chan struct{}
-	healthyC      chan struct{}
 }
 
 func NewOpenfgaServer(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (*Server, error) {
@@ -62,7 +61,6 @@ func NewOpenfgaServer(ctx context.Context, settings factory.ProviderSettings, co
 		openfgaSchema: openfgaSchema,
 		mtx:           sync.RWMutex{},
 		stopChan:      make(chan struct{}),
-		healthyC:      make(chan struct{}),
 	}, nil
 }
 
@@ -82,16 +80,10 @@ func (server *Server) Start(ctx context.Context) error {
 	server.storeID = storeID
 	server.mtx.Unlock()
 
-	close(server.healthyC)
-
 	<-server.stopChan
 	return nil
 }
 
-func (server *Server) Healthy() <-chan struct{} {
-	return server.healthyC
-}
-
 func (server *Server) Stop(ctx context.Context) error {
 	server.openfgaServer.Close()
 	close(server.stopChan)
@@ -136,22 +128,9 @@ func (server *Server) BatchCheck(ctx context.Context, tupleReq map[string]*openf
 }
 
 func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject := ""
-	switch claims.Principal {
-	case authtypes.PrincipalUser.StringValue():
-		user, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-		if err != nil {
-			return err
-		}
-
-		subject = user
-	case authtypes.PrincipalServiceAccount.StringValue():
-		serviceAccount, err := authtypes.NewSubject(authtypes.TypeableServiceAccount, claims.ServiceAccountID, orgID, nil)
-		if err != nil {
-			return err
-		}
-
-		subject = serviceAccount
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
 	}
 
 	tupleSlice, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)

pkg/factory/handler.go

@@ -1,67 +0,0 @@
-package factory
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/http/render"
-)
-
-// Handler provides HTTP handler functions for service health checks.
-type Handler interface {
-	// Readyz reports whether services are ready.
-	Readyz(http.ResponseWriter, *http.Request)
-
-	// Livez reports whether services are alive.
-	Livez(http.ResponseWriter, *http.Request)
-
-	// Healthz reports overall service health.
-	Healthz(http.ResponseWriter, *http.Request)
-}
-
-type handler struct {
-	registry *Registry
-}
-
-func NewHandler(registry *Registry) Handler {
-	return &handler{
-		registry: registry,
-	}
-}
-
-type Response struct {
-	Healthy  bool             `json:"healthy"`
-	Services map[State][]Name `json:"services"`
-}
-
-func (handler *handler) Healthz(rw http.ResponseWriter, req *http.Request) {
-	byState := handler.registry.ServicesByState()
-	healthy := handler.registry.IsHealthy()
-
-	statusCode := http.StatusOK
-	if !healthy {
-		statusCode = http.StatusServiceUnavailable
-	}
-
-	render.Success(rw, statusCode, Response{
-		Healthy:  healthy,
-		Services: byState,
-	})
-}
-
-func (handler *handler) Readyz(rw http.ResponseWriter, req *http.Request) {
-	healthy := handler.registry.IsHealthy()
-
-	statusCode := http.StatusOK
-	if !healthy {
-		statusCode = http.StatusServiceUnavailable
-	}
-
-	render.Success(rw, statusCode, Response{
-		Healthy:  healthy,
-		Services: handler.registry.ServicesByState(),
-	})
-}
-
-func (handler *handler) Livez(rw http.ResponseWriter, req *http.Request) {
-	render.Success(rw, http.StatusOK, nil)
-}

pkg/factory/name.go

@@ -5,11 +5,9 @@ import (
 	"regexp"
 
 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/swaggest/jsonschema-go"
 )
 
 var _ slog.LogValuer = (Name{})
-var _ jsonschema.Exposer = (Name{})
 
 var (
 	// nameRegex is a regex that matches a valid name.
@@ -29,21 +27,6 @@ func (n Name) String() string {
 	return n.name
 }
 
-// MarshalText implements encoding.TextMarshaler for JSON serialization.
-func (n Name) MarshalText() ([]byte, error) {
-	return []byte(n.name), nil
-}
-
-// MarshalJSON implements json.Marshaler so Name serializes as a JSON string.
-func (n Name) MarshalJSON() ([]byte, error) {
-	return []byte(`"` + n.name + `"`), nil
-}
-
-// JSONSchema implements jsonschema.Exposer so OpenAPI reflects Name as a string.
-func (n Name) JSONSchema() (jsonschema.Schema, error) {
-	return *new(jsonschema.Schema).WithType(jsonschema.String.Type()), nil
-}
-
 // NewName creates a new name.
 func NewName(name string) (Name, error) {
 	if !nameRegex.MatchString(name) {

pkg/factory/registry.go

@@ -8,26 +8,21 @@ import (
 	"syscall"
 
 	"github.com/SigNoz/signoz/pkg/errors"
-	"gonum.org/v1/gonum/graph/simple"
-	"gonum.org/v1/gonum/graph/topo"
 )
 
 var (
-	ErrCodeInvalidRegistry  = errors.MustNewCode("invalid_registry")
-	ErrCodeDependencyFailed = errors.MustNewCode("dependency_failed")
-	ErrCodeServiceFailed    = errors.MustNewCode("service_failed")
+	ErrCodeInvalidRegistry = errors.MustNewCode("invalid_registry")
 )
 
 type Registry struct {
-	services       []*serviceWithState
-	servicesByName map[Name]*serviceWithState
-	logger         *slog.Logger
-	startC         chan error
-	stopC          chan error
+	services NamedMap[NamedService]
+	logger   *slog.Logger
+	startCh  chan error
+	stopCh   chan error
 }
 
 // New creates a new registry of services. It needs at least one service in the input.
-func NewRegistry(ctx context.Context, logger *slog.Logger, services ...NamedService) (*Registry, error) {
+func NewRegistry(logger *slog.Logger, services ...NamedService) (*Registry, error) {
 	if logger == nil {
 		return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidRegistry, "cannot build registry, logger is required")
 	}
@@ -36,131 +31,59 @@ func NewRegistry(ctx context.Context, logger *slog.Logger, services ...NamedServ
 		return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidRegistry, "cannot build registry, at least one service is required")
 	}
 
-	servicesWithState := make([]*serviceWithState, len(services))
-	servicesByName := make(map[Name]*serviceWithState, len(services))
-	for i, s := range services {
-		if _, ok := servicesByName[s.Name()]; ok {
-			return nil, errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidRegistry, "cannot build registry, duplicate service name %q", s.Name())
-		}
-		ss := newServiceWithState(s)
-		servicesWithState[i] = ss
-		servicesByName[s.Name()] = ss
-	}
-
-	registryLogger := logger.With(slog.String("pkg", "github.com/SigNoz/signoz/pkg/factory"))
-
-	for _, ss := range servicesWithState {
-		for _, dep := range ss.service.DependsOn() {
-			if dep == ss.service.Name() {
-				registryLogger.ErrorContext(ctx, "ignoring self-dependency", slog.Any("service", ss.service.Name()))
-				continue
-			}
-
-			if _, ok := servicesByName[dep]; !ok {
-				registryLogger.ErrorContext(ctx, "ignoring unknown dependency", slog.Any("service", ss.service.Name()), slog.Any("dependency", dep))
-				continue
-			}
-
-			ss.dependsOn = append(ss.dependsOn, dep)
-		}
-	}
-
-	if err := detectCyclicDeps(servicesWithState); err != nil {
+	m, err := NewNamedMap(services...)
+	if err != nil {
 		return nil, err
 	}
 
 	return &Registry{
-		logger:         registryLogger,
-		services:       servicesWithState,
-		servicesByName: servicesByName,
-		startC:         make(chan error, 1),
-		stopC:          make(chan error, len(services)),
+		logger:   logger.With(slog.String("pkg", "go.signoz.io/pkg/factory")),
+		services: m,
+		startCh:  make(chan error, 1),
+		stopCh:   make(chan error, len(services)),
 	}, nil
 }
 
-func (registry *Registry) Start(ctx context.Context) {
-	for _, ss := range registry.services {
-		go func(ss *serviceWithState) {
-			// Wait for all dependencies to be healthy before starting.
-			for _, dep := range ss.dependsOn {
-				depState := registry.servicesByName[dep]
-				registry.logger.InfoContext(ctx, "service waiting for dependency", slog.Any("service", ss.service.Name()), slog.Any("dependency", dep))
-				select {
-				case <-ctx.Done():
-					ss.mu.Lock()
-					ss.state = StateFailed
-					ss.startErr = ctx.Err()
-					ss.mu.Unlock()
-					close(ss.startReturnedC)
-					registry.startC <- ctx.Err()
-					return
-				case <-depState.healthyC:
-					// Dependency is healthy, continue.
-				case <-depState.startReturnedC:
-					// Dependency failed before becoming healthy.
-					err := errors.Newf(errors.TypeInternal, ErrCodeDependencyFailed, "dependency %q of service %q failed", dep, ss.service.Name())
-					ss.mu.Lock()
-					ss.state = StateFailed
-					ss.startErr = err
-					ss.mu.Unlock()
-					close(ss.startReturnedC)
-					registry.startC <- err
-					return
-				}
-			}
-
-			registry.logger.InfoContext(ctx, "starting service", slog.Any("service", ss.service.Name()))
-
-			go func() {
-				select {
-				case <-ss.service.Healthy():
-					ss.setState(StateRunning)
-				case <-ss.startReturnedC:
-				}
-			}()
-
-			err := ss.service.Start(ctx)
-			if err != nil {
-				ss.mu.Lock()
-				ss.state = StateFailed
-				ss.startErr = err
-				ss.mu.Unlock()
-			}
-			close(ss.startReturnedC)
-			registry.startC <- err
-		}(ss)
+func (r *Registry) Start(ctx context.Context) {
+	for _, s := range r.services.GetInOrder() {
+		go func(s NamedService) {
+			r.logger.InfoContext(ctx, "starting service", slog.Any("service", s.Name()))
+			err := s.Start(ctx)
+			r.startCh <- err
+		}(s)
 	}
+
 }
 
-func (registry *Registry) Wait(ctx context.Context) error {
+func (r *Registry) Wait(ctx context.Context) error {
 	interrupt := make(chan os.Signal, 1)
 	signal.Notify(interrupt, syscall.SIGINT, syscall.SIGTERM)
 
 	select {
 	case <-ctx.Done():
-		registry.logger.InfoContext(ctx, "caught context error, exiting", errors.Attr(ctx.Err()))
+		r.logger.InfoContext(ctx, "caught context error, exiting", errors.Attr(ctx.Err()))
 	case s := <-interrupt:
-		registry.logger.InfoContext(ctx, "caught interrupt signal, exiting", slog.Any("signal", s))
-	case err := <-registry.startC:
-		registry.logger.ErrorContext(ctx, "caught service error, exiting", errors.Attr(err))
+		r.logger.InfoContext(ctx, "caught interrupt signal, exiting", slog.Any("signal", s))
+	case err := <-r.startCh:
+		r.logger.ErrorContext(ctx, "caught service error, exiting", errors.Attr(err))
 		return err
 	}
 
 	return nil
 }
 
-func (registry *Registry) Stop(ctx context.Context) error {
-	for _, ss := range registry.services {
-		go func(ss *serviceWithState) {
-			registry.logger.InfoContext(ctx, "stopping service", slog.Any("service", ss.service.Name()))
-			err := ss.service.Stop(ctx)
-			registry.stopC <- err
-		}(ss)
+func (r *Registry) Stop(ctx context.Context) error {
+	for _, s := range r.services.GetInOrder() {
+		go func(s NamedService) {
+			r.logger.InfoContext(ctx, "stopping service", slog.Any("service", s.Name()))
+			err := s.Stop(ctx)
+			r.stopCh <- err
+		}(s)
 	}
 
-	errs := make([]error, len(registry.services))
-	for i := 0; i < len(registry.services); i++ {
-		err := <-registry.stopC
+	errs := make([]error, len(r.services.GetInOrder()))
+	for i := 0; i < len(r.services.GetInOrder()); i++ {
+		err := <-r.stopCh
 		if err != nil {
 			errs = append(errs, err)
 		}
@@ -168,83 +91,3 @@ func (registry *Registry) Stop(ctx context.Context) error {
 
 	return errors.Join(errs...)
 }
-
-// AwaitHealthy blocks until all services reach the RUNNING state or any service fails.
-func (registry *Registry) AwaitHealthy(ctx context.Context) error {
-	for _, ss := range registry.services {
-		select {
-		case <-ctx.Done():
-			return ctx.Err()
-		case <-ss.healthyC:
-		case <-ss.startReturnedC:
-			ss.mu.RLock()
-			err := ss.startErr
-			ss.mu.RUnlock()
-			if err != nil {
-				return errors.Wrapf(err, errors.TypeInternal, ErrCodeServiceFailed, "service %q failed before becoming healthy", ss.service.Name())
-			}
-			return errors.Newf(errors.TypeInternal, ErrCodeServiceFailed, "service %q terminated before becoming healthy", ss.service.Name())
-		}
-	}
-	return nil
-}
-
-// ServicesByState returns a snapshot of the current state of all services.
-func (registry *Registry) ServicesByState() map[State][]Name {
-	result := make(map[State][]Name)
-	for _, ss := range registry.services {
-		state := ss.getState()
-		result[state] = append(result[state], ss.service.Name())
-	}
-	return result
-}
-
-// IsHealthy returns true if all services are in the RUNNING state.
-func (registry *Registry) IsHealthy() bool {
-	for _, ss := range registry.services {
-		if ss.getState() != StateRunning {
-			return false
-		}
-	}
-	return true
-}
-
-// detectCyclicDeps returns an error listing all dependency cycles found using
-// gonum's Tarjan SCC algorithm.
-func detectCyclicDeps(services []*serviceWithState) error {
-	nameToID := make(map[Name]int64, len(services))
-	idToName := make(map[int64]Name, len(services))
-	for i, ss := range services {
-		id := int64(i)
-		nameToID[ss.service.Name()] = id
-		idToName[id] = ss.service.Name()
-	}
-
-	g := simple.NewDirectedGraph()
-	for _, ss := range services {
-		g.AddNode(simple.Node(nameToID[ss.service.Name()]))
-	}
-	for _, ss := range services {
-		fromID := nameToID[ss.service.Name()]
-		for _, dep := range ss.dependsOn {
-			g.SetEdge(simple.Edge{F: simple.Node(fromID), T: simple.Node(nameToID[dep])})
-		}
-	}
-
-	if _, err := topo.Sort(g); err == nil {
-		return nil
-	}
-
-	var cycles [][]Name
-	for _, scc := range topo.TarjanSCC(g) {
-		if len(scc) > 1 {
-			cycle := make([]Name, len(scc))
-			for i, n := range scc {
-				cycle[i] = idToName[n.ID()]
-			}
-			cycles = append(cycles, cycle)
-		}
-	}
-
-	return errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidRegistry, "dependency cycles detected: %v", cycles)
-}

pkg/factory/registry_test.go

@@ -5,10 +5,7 @@ import (
 	"log/slog"
 	"sync"
 	"testing"
-	"time"
 
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
@@ -31,46 +28,11 @@ func (s *tservice) Stop(_ context.Context) error {
 	return nil
 }
 
-type healthyTestService struct {
-	tservice
-	healthyC chan struct{}
-}
-
-func newHealthyTestService(t *testing.T) *healthyTestService {
-	t.Helper()
-	return &healthyTestService{
-		tservice: tservice{c: make(chan struct{})},
-		healthyC: make(chan struct{}),
-	}
-}
-
-func (s *healthyTestService) Healthy() <-chan struct{} {
-	return s.healthyC
-}
-
-// failingHealthyService implements Healthy but fails before signaling healthy.
-type failingHealthyService struct {
-	healthyC chan struct{}
-	err      error
-}
-
-func (s *failingHealthyService) Start(_ context.Context) error {
-	return s.err
-}
-
-func (s *failingHealthyService) Stop(_ context.Context) error {
-	return nil
-}
-
-func (s *failingHealthyService) Healthy() <-chan struct{} {
-	return s.healthyC
-}
-
 func TestRegistryWith2Services(t *testing.T) {
 	s1 := newTestService(t)
 	s2 := newTestService(t)
 
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
+	registry, err := NewRegistry(slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
 	require.NoError(t, err)
 
 	ctx, cancel := context.WithCancel(context.Background())
@@ -79,8 +41,8 @@ func TestRegistryWith2Services(t *testing.T) {
 	go func() {
 		defer wg.Done()
 		registry.Start(ctx)
-		assert.NoError(t, registry.Wait(ctx))
-		assert.NoError(t, registry.Stop(ctx))
+		require.NoError(t, registry.Wait(ctx))
+		require.NoError(t, registry.Stop(ctx))
 	}()
 	cancel()
 
@@ -91,7 +53,7 @@ func TestRegistryWith2ServicesWithoutWait(t *testing.T) {
 	s1 := newTestService(t)
 	s2 := newTestService(t)
 
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
+	registry, err := NewRegistry(slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
 	require.NoError(t, err)
 
 	ctx := context.Background()
@@ -100,245 +62,8 @@ func TestRegistryWith2ServicesWithoutWait(t *testing.T) {
 	go func() {
 		defer wg.Done()
 		registry.Start(ctx)
-		assert.NoError(t, registry.Stop(ctx))
+		require.NoError(t, registry.Stop(ctx))
 	}()
 
 	wg.Wait()
 }
-
-func TestServiceStateTransitions(t *testing.T) {
-	s1 := newTestService(t)
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	require.NoError(t, registry.AwaitHealthy(ctx))
-
-	byState := registry.ServicesByState()
-	assert.Len(t, byState[StateRunning], 1)
-	assert.True(t, registry.IsHealthy())
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestServiceStateWithHealthy(t *testing.T) {
-	s1 := newHealthyTestService(t)
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	// Poll until STARTING state is observed
-	require.Eventually(t, func() bool {
-		byState := registry.ServicesByState()
-		return len(byState[StateStarting]) == 1
-	}, time.Second, time.Millisecond)
-	assert.False(t, registry.IsHealthy())
-
-	// Signal healthy
-	close(s1.healthyC)
-
-	require.NoError(t, registry.AwaitHealthy(ctx))
-	assert.True(t, registry.IsHealthy())
-
-	byState := registry.ServicesByState()
-	assert.Len(t, byState[StateRunning], 1)
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestAwaitHealthy(t *testing.T) {
-	s1 := newTestService(t)
-	s2 := newTestService(t)
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	assert.NoError(t, registry.AwaitHealthy(ctx))
-	assert.True(t, registry.IsHealthy())
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestAwaitHealthyWithFailure(t *testing.T) {
-	s1 := &failingHealthyService{
-		healthyC: make(chan struct{}),
-		err:      errors.Newf(errors.TypeInternal, errors.CodeInternal,"startup failed"),
-	}
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	err = registry.AwaitHealthy(ctx)
-	assert.Error(t, err)
-	assert.Contains(t, err.Error(), "startup failed")
-}
-
-func TestServicesByState(t *testing.T) {
-	s1 := newTestService(t)
-	s2 := newHealthyTestService(t)
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1), NewNamedService(MustNewName("s2"), s2))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	// Wait for s1 to be running (no Healthy interface) and s2 to be starting
-	require.Eventually(t, func() bool {
-		byState := registry.ServicesByState()
-		return len(byState[StateRunning]) == 1 && len(byState[StateStarting]) == 1
-	}, time.Second, time.Millisecond)
-
-	// Make s2 healthy
-	close(s2.healthyC)
-
-	require.NoError(t, registry.AwaitHealthy(ctx))
-	byState := registry.ServicesByState()
-	assert.Len(t, byState[StateRunning], 2)
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestDependsOnStartsAfterDependency(t *testing.T) {
-	s1 := newHealthyTestService(t)
-	s2 := newTestService(t)
-
-	// s2 depends on s1
-	registry, err := NewRegistry(
-		context.Background(),
-		slog.New(slog.DiscardHandler),
-		NewNamedService(MustNewName("s1"), s1),
-		NewNamedService(MustNewName("s2"), s2, MustNewName("s1")),
-	)
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	// s2 should still be STARTING because s1 hasn't become healthy yet
-	require.Eventually(t, func() bool {
-		byState := registry.ServicesByState()
-		return len(byState[StateStarting]) == 2
-	}, time.Second, time.Millisecond)
-
-	// Make s1 healthy — s2 should then start and become RUNNING
-	close(s1.healthyC)
-
-	assert.NoError(t, registry.AwaitHealthy(ctx))
-	assert.True(t, registry.IsHealthy())
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestDependsOnFailsWhenDependencyFails(t *testing.T) {
-	s1 := &failingHealthyService{
-		healthyC: make(chan struct{}),
-		err:      errors.Newf(errors.TypeInternal, errors.CodeInternal,"s1 crashed"),
-	}
-	s2 := newTestService(t)
-
-	// s2 depends on s1
-	registry, err := NewRegistry(
-		context.Background(),
-		slog.New(slog.DiscardHandler),
-		NewNamedService(MustNewName("s1"), s1),
-		NewNamedService(MustNewName("s2"), s2, MustNewName("s1")),
-	)
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	// Both should eventually fail
-	assert.Eventually(t, func() bool {
-		byState := registry.ServicesByState()
-		return len(byState[StateFailed]) == 2
-	}, time.Second, time.Millisecond)
-}
-
-func TestDependsOnUnknownServiceIsIgnored(t *testing.T) {
-	s1 := newTestService(t)
-
-	// Unknown dependency is logged and ignored, not an error.
-	registry, err := NewRegistry(
-		context.Background(),
-		slog.New(slog.DiscardHandler),
-		NewNamedService(MustNewName("s1"), s1, MustNewName("unknown")),
-	)
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	assert.NoError(t, registry.AwaitHealthy(ctx))
-	assert.True(t, registry.IsHealthy())
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestServiceStateFailed(t *testing.T) {
-	s1 := &failingHealthyService{
-		healthyC: make(chan struct{}),
-		err:      errors.Newf(errors.TypeInternal, errors.CodeInternal,"fatal error"),
-	}
-
-	registry, err := NewRegistry(context.Background(), slog.New(slog.DiscardHandler), NewNamedService(MustNewName("s1"), s1))
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	// Wait for the service to fail
-	assert.Eventually(t, func() bool {
-		byState := registry.ServicesByState()
-		return len(byState[StateFailed]) == 1
-	}, time.Second, time.Millisecond)
-	assert.False(t, registry.IsHealthy())
-}
-
-func TestDependsOnSelfDependencyIsIgnored(t *testing.T) {
-	s1 := newTestService(t)
-
-	// Self-dependency is logged and ignored.
-	registry, err := NewRegistry(
-		context.Background(),
-		slog.New(slog.DiscardHandler),
-		NewNamedService(MustNewName("s1"), s1, MustNewName("s1")),
-	)
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	registry.Start(ctx)
-
-	assert.NoError(t, registry.AwaitHealthy(ctx))
-	assert.True(t, registry.IsHealthy())
-
-	assert.NoError(t, registry.Stop(ctx))
-}
-
-func TestDependsOnCycleReturnsError(t *testing.T) {
-	s1 := newTestService(t)
-	s2 := newTestService(t)
-
-	// A -> B and B -> A is a cycle.
-	_, err := NewRegistry(
-		context.Background(),
-		slog.New(slog.DiscardHandler),
-		NewNamedService(MustNewName("s1"), s1, MustNewName("s2")),
-		NewNamedService(MustNewName("s2"), s2, MustNewName("s1")),
-	)
-	assert.Error(t, err)
-	assert.Contains(t, err.Error(), "dependency cycles detected")
-}

pkg/factory/service.go

@@ -2,81 +2,30 @@ package factory
 
 import "context"
 
-// Service is the core lifecycle interface for long-running services.
 type Service interface {
 	// Starts a service. It should block and should not return until the service is stopped or it fails.
 	Start(context.Context) error
-
 	// Stops a service.
 	Stop(context.Context) error
 }
 
-// Healthy is an optional interface that services can implement to signal
-// when they have completed startup and are ready to serve.
-// Services that do not implement this interface are considered healthy
-// immediately after Start() is called.
-type Healthy interface {
-	// Healthy returns a channel that is closed when the service is healthy.
-	Healthy() <-chan struct{}
-}
-
-// ServiceWithHealthy is a Service that explicitly signals when it is healthy.
-type ServiceWithHealthy interface {
-	Service
-	Healthy
-}
-
-// NamedService is a Service with a Name and optional dependencies.
 type NamedService interface {
 	Named
-	ServiceWithHealthy
-	// DependsOn returns the names of services that must be healthy before this service starts.
-	DependsOn() []Name
+	Service
 }
 
-// closedC is a pre-closed channel returned for services that don't implement Healthy.
-var closedC = func() chan struct{} {
-	c := make(chan struct{})
-	close(c)
-	return c
-}()
-
 type namedService struct {
-	name      Name
-	dependsOn []Name
-	service   Service
-}
-
-// NewNamedService wraps a Service with a Name and optional dependency names.
-func NewNamedService(name Name, service Service, dependsOn ...Name) NamedService {
-	return &namedService{
-		name:      name,
-		dependsOn: dependsOn,
-		service:   service,
-	}
+	name Name
+	Service
 }
 
 func (s *namedService) Name() Name {
 	return s.name
 }
 
-func (s *namedService) DependsOn() []Name {
-	return s.dependsOn
-}
-
-func (s *namedService) Start(ctx context.Context) error {
-	return s.service.Start(ctx)
-}
-
-func (s *namedService) Stop(ctx context.Context) error {
-	return s.service.Stop(ctx)
-}
-
-// Healthy delegates to the underlying service if it implements Healthy,
-// otherwise returns an already-closed channel (immediately healthy).
-func (s *namedService) Healthy() <-chan struct{} {
-	if h, ok := s.service.(Healthy); ok {
-		return h.Healthy()
+func NewNamedService(name Name, service Service) NamedService {
+	return &namedService{
+		name:    name,
+		Service: service,
 	}
-	return closedC
 }

pkg/factory/state.go

@@ -1,75 +0,0 @@
-package factory
-
-import "sync"
-
-// State represents the lifecycle state of a service.
-type State struct {
-	s string
-}
-
-func (s State) String() string {
-	return s.s
-}
-
-// MarshalText implements encoding.TextMarshaler so State can be used as a JSON map key.
-func (s State) MarshalText() ([]byte, error) {
-	return []byte(s.s), nil
-}
-
-var (
-	StateStarting = State{"starting"}
-	StateRunning  = State{"running"}
-	StateFailed   = State{"failed"}
-)
-
-// serviceWithState wraps a NamedService with thread-safe state tracking.
-type serviceWithState struct {
-	// service is the underlying named service.
-	service NamedService
-
-	// dependsOn is the validated subset of declared dependencies that exist in the registry.
-	dependsOn []Name
-
-	// mu protects state and startErr from concurrent access.
-	mu sync.RWMutex
-
-	// state is the current lifecycle state of the service.
-	state State
-
-	// healthyC is closed when the service transitions to StateRunning.
-	healthyC chan struct{}
-
-	// startReturnedC is closed when Start() returns, whether with nil or an error.
-	startReturnedC chan struct{}
-
-	// startErr is the error returned by Start(), or nil if it returned successfully.
-	startErr error
-}
-
-func newServiceWithState(service NamedService) *serviceWithState {
-	return &serviceWithState{
-		service:        service,
-		state:          StateStarting,
-		healthyC:       make(chan struct{}),
-		startReturnedC: make(chan struct{}),
-	}
-}
-
-func (ss *serviceWithState) setState(state State) {
-	ss.mu.Lock()
-	defer ss.mu.Unlock()
-	ss.state = state
-	if state == StateRunning {
-		select {
-		case <-ss.healthyC:
-		default:
-			close(ss.healthyC)
-		}
-	}
-}
-
-func (ss *serviceWithState) getState() State {
-	ss.mu.RLock()
-	defer ss.mu.RUnlock()
-	return ss.state
-}

pkg/http/middleware/authz.go

@@ -40,6 +40,17 @@ func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIKey.StringValue() {
+			if err := claims.IsViewer(); err != nil {
+				middleware.logger.WarnContext(ctx, authzDeniedMessage, slog.Any("claims", claims))
+				render.Error(rw, err)
+				return
+			}
+
+			next(rw, req)
+			return
+		}
+
 		selectors := []authtypes.Selector{
 			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
 			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozEditorRoleName),
@@ -79,6 +90,17 @@ func (middleware *AuthZ) EditAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIKey.StringValue() {
+			if err := claims.IsEditor(); err != nil {
+				middleware.logger.WarnContext(ctx, authzDeniedMessage, slog.Any("claims", claims))
+				render.Error(rw, err)
+				return
+			}
+
+			next(rw, req)
+			return
+		}
+
 		selectors := []authtypes.Selector{
 			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
 			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozEditorRoleName),
@@ -117,6 +139,17 @@ func (middleware *AuthZ) AdminAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIKey.StringValue() {
+			if err := claims.IsAdmin(); err != nil {
+				middleware.logger.WarnContext(ctx, authzDeniedMessage, slog.Any("claims", claims))
+				render.Error(rw, err)
+				return
+			}
+
+			next(rw, req)
+			return
+		}
+
 		selectors := []authtypes.Selector{
 			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
 		}
@@ -153,28 +186,13 @@ func (middleware *AuthZ) SelfAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
-		selectors := []authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
+		id := mux.Vars(req)["id"]
+		if err := claims.IsSelfAccess(id); err != nil {
+			middleware.logger.WarnContext(req.Context(), authzDeniedMessage, slog.Any("claims", claims))
+			render.Error(rw, err)
+			return
 		}
 
-		err = middleware.authzService.CheckWithTupleCreation(
-			req.Context(),
-			claims,
-			valuer.MustNewUUID(claims.OrgID),
-			authtypes.RelationAssignee,
-			authtypes.TypeableRole,
-			selectors,
-			selectors,
-		)
-
-		if err != nil {
-			id := mux.Vars(req)["id"]
-			if err := claims.IsSelfAccess(id); err != nil {
-				middleware.logger.WarnContext(req.Context(), authzDeniedMessage, slog.Any("claims", claims))
-				render.Error(rw, err)
-				return
-			}
-		}
 		next(rw, req)
 	})
 }

pkg/http/middleware/identn.go

@@ -63,8 +63,6 @@ func (m *IdentN) Wrap(next http.Handler) http.Handler {
 		comment := ctxtypes.CommentFromContext(ctx)
 		comment.Set("identn_provider", claims.IdentNProvider)
 		comment.Set("user_id", claims.UserID)
-		comment.Set("service_account_id", claims.ServiceAccountID)
-		comment.Set("principal", claims.Principal)
 		comment.Set("org_id", claims.OrgID)
 		ctx = ctxtypes.NewContextWithComment(ctx, comment)
 

pkg/identn/apikeyidentn/provider.go

@@ -10,29 +10,33 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/identn"
-	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 )
 
+// todo: will move this in types layer with service account integration
+type apiKeyTokenKey struct{}
+
 type provider struct {
-	serviceAccount serviceaccount.Module
-	config         identn.Config
-	settings       factory.ScopedProviderSettings
-	sfGroup        *singleflight.Group
+	store    sqlstore.SQLStore
+	config   identn.Config
+	settings factory.ScopedProviderSettings
+	sfGroup  *singleflight.Group
 }
 
-func NewFactory(serviceAccount serviceaccount.Module) factory.ProviderFactory[identn.IdentN, identn.Config] {
+func NewFactory(store sqlstore.SQLStore) factory.ProviderFactory[identn.IdentN, identn.Config] {
 	return factory.NewProviderFactory(factory.MustNewName(authtypes.IdentNProviderAPIKey.StringValue()), func(ctx context.Context, providerSettings factory.ProviderSettings, config identn.Config) (identn.IdentN, error) {
-		return New(serviceAccount, config, providerSettings)
+		return New(providerSettings, store, config)
 	})
 }
 
-func New(serviceAccount serviceaccount.Module, config identn.Config, providerSettings factory.ProviderSettings) (identn.IdentN, error) {
+func New(providerSettings factory.ProviderSettings, store sqlstore.SQLStore, config identn.Config) (identn.IdentN, error) {
 	return &provider{
-		serviceAccount: serviceAccount,
-		config:         config,
-		settings:       factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/apikeyidentn"),
-		sfGroup:        &singleflight.Group{},
+		store:    store,
+		config:   config,
+		settings: factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/identn/apikeyidentn"),
+		sfGroup:  &singleflight.Group{},
 	}, nil
 }
 
@@ -50,44 +54,75 @@ func (provider *provider) Test(req *http.Request) bool {
 }
 
 func (provider *provider) Pre(req *http.Request) *http.Request {
-	apiKey := provider.extractToken(req)
-	if apiKey == "" {
+	token := provider.extractToken(req)
+	if token == "" {
 		return req
 	}
 
-	ctx := authtypes.NewContextWithAPIKey(req.Context(), apiKey)
+	ctx := context.WithValue(req.Context(), apiKeyTokenKey{}, token)
 	return req.WithContext(ctx)
 }
 
 func (provider *provider) GetIdentity(req *http.Request) (*authtypes.Identity, error) {
 	ctx := req.Context()
-	apiKey, err := authtypes.APIKeyFromContext(ctx)
+	apiKeyToken, ok := ctx.Value(apiKeyTokenKey{}).(string)
+	if !ok || apiKeyToken == "" {
+		return nil, errors.New(errors.TypeUnauthenticated, errors.CodeUnauthenticated, "missing api key")
+	}
+
+	var apiKey types.StorableAPIKey
+	err := provider.
+		store.
+		BunDB().
+		NewSelect().
+		Model(&apiKey).
+		Where("token = ?", apiKeyToken).
+		Scan(ctx)
 	if err != nil {
 		return nil, err
 	}
 
-	identity, err := provider.serviceAccount.GetIdentity(ctx, apiKey)
+	if apiKey.ExpiresAt.Before(time.Now()) && !apiKey.ExpiresAt.Equal(types.NEVER_EXPIRES) {
+		return nil, errors.New(errors.TypeUnauthenticated, errors.CodeUnauthenticated, "api key has expired")
+	}
+
+	var user types.User
+	err = provider.
+		store.
+		BunDB().
+		NewSelect().
+		Model(&user).
+		Where("id = ?", apiKey.UserID).
+		Scan(ctx)
 	if err != nil {
 		return nil, err
 	}
 
+	identity := authtypes.NewIdentity(user.ID, user.OrgID, user.Email, apiKey.Role, provider.Name())
 	return identity, nil
 }
 
 func (provider *provider) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {
-	apiKey, err := authtypes.APIKeyFromContext(ctx)
-	if err != nil {
+	apiKeyToken, ok := ctx.Value(apiKeyTokenKey{}).(string)
+	if !ok || apiKeyToken == "" {
 		return
 	}
 
-	_, _, _ = provider.sfGroup.Do(apiKey, func() (any, error) {
-		if err := provider.serviceAccount.SetLastObservedAt(ctx, apiKey, time.Now()); err != nil {
-			provider.settings.Logger().ErrorContext(ctx, "failed to set last observed at", errors.Attr(err))
-			return false, err
+	_, _, _ = provider.sfGroup.Do(apiKeyToken, func() (any, error) {
+		_, err := provider.
+			store.
+			BunDB().
+			NewUpdate().
+			Model(new(types.StorableAPIKey)).
+			Set("last_used = ?", time.Now()).
+			Where("token = ?", apiKeyToken).
+			Where("revoked = false").
+			Exec(ctx)
+		if err != nil {
+			provider.settings.Logger().ErrorContext(ctx, "failed to update last used of api key", errors.Attr(err))
 		}
 		return true, nil
 	})
-
 }
 
 func (provider *provider) extractToken(req *http.Request) string {

pkg/identn/impersonationidentn/provider.go

@@ -79,15 +79,22 @@ func (provider *provider) GetIdentity(req *http.Request) (*authtypes.Identity, e
 		return nil, err
 	}
 
-	rootUser, _, err := provider.userGetter.GetRootUserByOrgID(ctx, org.ID)
+	rootUser, userRoles, err := provider.userGetter.GetRootUserByOrgID(ctx, org.ID)
 	if err != nil {
 		return nil, err
 	}
 
-	provider.identity = authtypes.NewPrincipalUserIdentity(
+	if len(userRoles) == 0 {
+		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeUserRolesNotFound, "no user roles entries found")
+	}
+
+	role := authtypes.SigNozManagedRoleToExistingLegacyRole[userRoles[0].Role.Name]
+
+	provider.identity = authtypes.NewIdentity(
 		rootUser.ID,
 		rootUser.OrgID,
 		rootUser.Email,
+		role,
 		authtypes.IdentNProviderImpersonation,
 	)
 

pkg/modules/dashboard/dashboard.go

@@ -43,7 +43,7 @@ type Module interface {
 
 	Update(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, data dashboardtypes.UpdatableDashboard, diff int) (*dashboardtypes.Dashboard, error)
 
-	LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error
+	LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error
 
 	Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error
 

pkg/modules/dashboard/impldashboard/handler.go

@@ -7,7 +7,6 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/http/binding"
@@ -23,12 +22,11 @@ import (
 
 type handler struct {
 	module           dashboard.Module
-	authz            authz.AuthZ
 	providerSettings factory.ProviderSettings
 }
 
-func NewHandler(module dashboard.Module, providerSettings factory.ProviderSettings, authz authz.AuthZ) dashboard.Handler {
-	return &handler{module: module, providerSettings: providerSettings, authz: authz}
+func NewHandler(module dashboard.Module, providerSettings factory.ProviderSettings) dashboard.Handler {
+	return &handler{module: module, providerSettings: providerSettings}
 }
 
 func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
@@ -59,7 +57,7 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		dashboardMigrator.Migrate(ctx, req)
 	}
 
-	dashboard, err := handler.module.Create(ctx, orgID, claims.Email, valuer.MustNewUUID(claims.IdentityID()), req)
+	dashboard, err := handler.module.Create(ctx, orgID, claims.Email, valuer.MustNewUUID(claims.UserID), req)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -157,24 +155,7 @@ func (handler *handler) LockUnlock(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	isAdmin := false
-	selectors := []authtypes.Selector{
-		authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
-	}
-	err = handler.authz.CheckWithTupleCreation(
-		ctx,
-		claims,
-		valuer.MustNewUUID(claims.OrgID),
-		authtypes.RelationAssignee,
-		authtypes.TypeableRole,
-		selectors,
-		selectors,
-	)
-	if err == nil {
-		isAdmin = true
-	}
-
-	err = handler.module.LockUnlock(ctx, orgID, dashboardID, claims.Email, isAdmin, *req.Locked)
+	err = handler.module.LockUnlock(ctx, orgID, dashboardID, claims.Email, claims.Role, *req.Locked)
 	if err != nil {
 		render.Error(rw, err)
 		return

pkg/modules/dashboard/impldashboard/module.go

@@ -100,13 +100,13 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, id valuer.U
 	return dashboard, nil
 }
 
-func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
+func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, role types.Role, lock bool) error {
 	dashboard, err := module.Get(ctx, orgID, id)
 	if err != nil {
 		return err
 	}
 
-	err = dashboard.LockUnlock(lock, isAdmin, updatedBy)
+	err = dashboard.LockUnlock(lock, role, updatedBy)
 	if err != nil {
 		return err
 	}

pkg/modules/serviceaccount/config.go

@@ -1,29 +0,0 @@
-package serviceaccount
-
-import (
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
-)
-
-type Config struct {
-	Prefix string `mapstructure:"prefix"`
-}
-
-func NewConfigFactory() factory.ConfigFactory {
-	return factory.NewConfigFactory(factory.MustNewName("serviceaccount"), newConfig)
-}
-
-func newConfig() factory.Config {
-	return &Config{
-		Prefix: "signoz",
-	}
-}
-
-func (c Config) Validate() error {
-	if c.Prefix == "" {
-		return errors.New(errors.TypeInvalidInput, serviceaccounttypes.ErrCodeServiceAccountInvalidConfig, "prefix cannot be empty")
-	}
-
-	return nil
-}

pkg/modules/serviceaccount/implserviceaccount/handler.go

@@ -35,7 +35,7 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	serviceAccount := serviceaccounttypes.NewServiceAccount(req.Name, handler.module.Config().Prefix, req.Roles, serviceaccounttypes.StatusActive, valuer.MustNewUUID(claims.OrgID))
+	serviceAccount := serviceaccounttypes.NewServiceAccount(req.Name, req.Email, req.Roles, serviceaccounttypes.StatusActive, valuer.MustNewUUID(claims.OrgID))
 	err = handler.module.Create(ctx, valuer.MustNewUUID(claims.OrgID), serviceAccount)
 	if err != nil {
 		render.Error(rw, err)
@@ -111,7 +111,7 @@ func (handler *handler) Update(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = serviceAccount.Update(req.Name, req.Roles)
+	err = serviceAccount.Update(req.Name, req.Email, req.Roles)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -299,12 +299,7 @@ func (handler *handler) UpdateFactorAPIKey(rw http.ResponseWriter, r *http.Reque
 		return
 	}
 
-	err = factorAPIKey.Update(req.Name, req.ExpiresAt)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
+	factorAPIKey.Update(req.Name, req.ExpiresAt)
 	err = handler.module.UpdateFactorAPIKey(ctx, valuer.MustNewUUID(claims.OrgID), serviceAccount.ID, factorAPIKey)
 	if err != nil {
 		render.Error(rw, err)

pkg/modules/serviceaccount/implserviceaccount/module.go

@@ -2,36 +2,28 @@ package implserviceaccount
 
 import (
 	"context"
-	"time"
 
-	"github.com/SigNoz/signoz/pkg/analytics"
 	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/cache"
+	"github.com/SigNoz/signoz/pkg/emailing"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cachetypes"
+	"github.com/SigNoz/signoz/pkg/types/emailtypes"
 	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
-var (
-	emptyOrgID valuer.UUID = valuer.UUID{}
-)
-
 type module struct {
-	store     serviceaccounttypes.Store
-	authz     authz.AuthZ
-	cache     cache.Cache
-	analytics analytics.Analytics
-	settings  factory.ScopedProviderSettings
-	config    serviceaccount.Config
+	store    serviceaccounttypes.Store
+	authz    authz.AuthZ
+	emailing emailing.Emailing
+	settings factory.ScopedProviderSettings
 }
 
-func NewModule(store serviceaccounttypes.Store, authz authz.AuthZ, cache cache.Cache, analytics analytics.Analytics, providerSettings factory.ProviderSettings, config serviceaccount.Config) serviceaccount.Module {
+func NewModule(store serviceaccounttypes.Store, authz authz.AuthZ, emailing emailing.Emailing, providerSettings factory.ProviderSettings) serviceaccount.Module {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount")
-	return &module{store: store, authz: authz, cache: cache, analytics: analytics, settings: settings, config: config}
+	return &module{store: store, authz: authz, emailing: emailing, settings: settings}
 }
 
 func (module *module) Create(ctx context.Context, orgID valuer.UUID, serviceAccount *serviceaccounttypes.ServiceAccount) error {
@@ -66,8 +58,6 @@ func (module *module) Create(ctx context.Context, orgID valuer.UUID, serviceAcco
 		return err
 	}
 
-	module.analytics.IdentifyUser(ctx, orgID.String(), serviceAccount.ID.String(), serviceAccount.Traits())
-	module.analytics.TrackUser(ctx, orgID.String(), serviceAccount.ID.String(), "Service Account Created", serviceAccount.Traits())
 	return nil
 }
 
@@ -78,7 +68,7 @@ func (module *module) GetOrCreate(ctx context.Context, serviceAccount *serviceac
 	}
 
 	if existingServiceAccount != nil {
-		return serviceaccounttypes.NewServiceAccountFromStorables(existingServiceAccount, serviceAccount.Roles), nil
+		return serviceAccount, nil
 	}
 
 	err = module.Create(ctx, serviceAccount.OrgID, serviceAccount)
@@ -86,8 +76,6 @@ func (module *module) GetOrCreate(ctx context.Context, serviceAccount *serviceac
 		return nil, err
 	}
 
-	module.analytics.IdentifyUser(ctx, serviceAccount.OrgID.String(), serviceAccount.ID.String(), serviceAccount.Traits())
-	module.analytics.TrackUser(ctx, serviceAccount.OrgID.String(), serviceAccount.ID.String(), "Service Account Created", serviceAccount.Traits())
 	return serviceAccount, nil
 }
 
@@ -198,8 +186,6 @@ func (module *module) Update(ctx context.Context, orgID valuer.UUID, input *serv
 		return err
 	}
 
-	module.analytics.IdentifyUser(ctx, orgID.String(), input.ID.String(), input.Traits())
-	module.analytics.TrackUser(ctx, orgID.String(), input.ID.String(), "Service Account Updated", input.Traits())
 	return nil
 }
 
@@ -228,11 +214,6 @@ func (module *module) UpdateStatus(ctx context.Context, orgID valuer.UUID, input
 		return err
 	}
 
-	// delete the cache when updating status for service account
-	module.cache.Delete(ctx, emptyOrgID, identityCacheKey(input.ID))
-
-	module.analytics.IdentifyUser(ctx, orgID.String(), input.ID.String(), input.Traits())
-	module.analytics.TrackUser(ctx, orgID.String(), input.ID.String(), "Service Account Deleted", map[string]any{})
 	return nil
 }
 
@@ -270,11 +251,6 @@ func (module *module) Delete(ctx context.Context, orgID valuer.UUID, id valuer.U
 		return err
 	}
 
-	// delete the cache when deleting service account
-	module.cache.Delete(ctx, emptyOrgID, identityCacheKey(id))
-
-	module.analytics.IdentifyUser(ctx, orgID.String(), serviceAccount.ID.String(), serviceAccount.Traits())
-	module.analytics.TrackUser(ctx, orgID.String(), id.String(), "Service Account Deleted", map[string]any{})
 	return nil
 }
 
@@ -287,36 +263,22 @@ func (module *module) CreateFactorAPIKey(ctx context.Context, factorAPIKey *serv
 	}
 
 	serviceAccount, err := module.store.GetByID(ctx, factorAPIKey.ServiceAccountID)
-	if err == nil {
-		module.analytics.TrackUser(ctx, serviceAccount.OrgID, serviceAccount.ID.String(), "API Key created", factorAPIKey.Traits())
+	if err != nil {
+		return err
+	}
+
+	if err := module.emailing.SendHTML(ctx, serviceAccount.Email, "New API Key created for your SigNoz account", emailtypes.TemplateNameAPIKeyEvent, map[string]any{
+		"Name":         serviceAccount.Name,
+		"KeyName":      factorAPIKey.Name,
+		"KeyID":        factorAPIKey.ID.String(),
+		"KeyCreatedAt": factorAPIKey.CreatedAt.String(),
+	}); err != nil {
+		module.settings.Logger().ErrorContext(ctx, "failed to send email", errors.Attr(err))
 	}
 
 	return nil
 }
 
-func (module *module) GetOrCreateFactorAPIKey(ctx context.Context, factorAPIKey *serviceaccounttypes.FactorAPIKey) (*serviceaccounttypes.FactorAPIKey, error) {
-	existingFactorAPIKey, err := module.store.GetFactorAPIKeyByName(ctx, factorAPIKey.ServiceAccountID, factorAPIKey.Name)
-	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-		return nil, err
-	}
-
-	if existingFactorAPIKey != nil {
-		return serviceaccounttypes.NewFactorAPIKeyFromStorable(existingFactorAPIKey), nil
-	}
-
-	err = module.CreateFactorAPIKey(ctx, factorAPIKey)
-	if err != nil {
-		return nil, err
-	}
-
-	serviceAccount, err := module.store.GetByID(ctx, factorAPIKey.ServiceAccountID)
-	if err == nil {
-		module.analytics.TrackUser(ctx, serviceAccount.OrgID, serviceAccount.ID.String(), "API Key created", factorAPIKey.Traits())
-	}
-
-	return factorAPIKey, nil
-}
-
 func (module *module) GetFactorAPIKey(ctx context.Context, serviceAccountID valuer.UUID, id valuer.UUID) (*serviceaccounttypes.FactorAPIKey, error) {
 	storableFactorAPIKey, err := module.store.GetFactorAPIKey(ctx, serviceAccountID, id)
 	if err != nil {
@@ -335,15 +297,12 @@ func (module *module) ListFactorAPIKey(ctx context.Context, serviceAccountID val
 	return serviceaccounttypes.NewFactorAPIKeyFromStorables(storables), nil
 }
 
-func (module *module) UpdateFactorAPIKey(ctx context.Context, orgID valuer.UUID, serviceAccountID valuer.UUID, factorAPIKey *serviceaccounttypes.FactorAPIKey) error {
+func (module *module) UpdateFactorAPIKey(ctx context.Context, _ valuer.UUID, serviceAccountID valuer.UUID, factorAPIKey *serviceaccounttypes.FactorAPIKey) error {
 	err := module.store.UpdateFactorAPIKey(ctx, serviceAccountID, serviceaccounttypes.NewStorableFactorAPIKey(factorAPIKey))
 	if err != nil {
 		return err
 	}
 
-	// delete the cache when updating the factor api key
-	module.cache.Delete(ctx, emptyOrgID, apiKeyCacheKey(factorAPIKey.Key))
-	module.analytics.TrackUser(ctx, orgID.String(), serviceAccountID.String(), "API Key updated", factorAPIKey.Traits())
 	return nil
 }
 
@@ -363,108 +322,14 @@ func (module *module) RevokeFactorAPIKey(ctx context.Context, serviceAccountID v
 		return err
 	}
 
-	// delete the cache when revoking the factor api key
-	module.cache.Delete(ctx, emptyOrgID, apiKeyCacheKey(factorAPIKey.Key))
-	module.analytics.TrackUser(ctx, serviceAccount.OrgID, serviceAccountID.String(), "API Key revoked", factorAPIKey.Traits())
+	if err := module.emailing.SendHTML(ctx, serviceAccount.Email, "API Key revoked for your SigNoz account", emailtypes.TemplateNameAPIKeyEvent, map[string]any{
+		"Name":         serviceAccount.Name,
+		"KeyName":      factorAPIKey.Name,
+		"KeyID":        factorAPIKey.ID.String(),
+		"KeyCreatedAt": factorAPIKey.CreatedAt.String(),
+	}); err != nil {
+		module.settings.Logger().ErrorContext(ctx, "failed to send email", errors.Attr(err))
+	}
+
 	return nil
 }
-
-func (module *module) Config() serviceaccount.Config {
-	return module.config
-}
-
-func (module *module) Collect(ctx context.Context, orgID valuer.UUID) (map[string]any, error) {
-	stats := make(map[string]any)
-
-	count, err := module.store.CountByOrgID(ctx, orgID)
-	if err == nil {
-		stats["serviceaccount.count"] = count
-	}
-
-	count, err = module.store.CountFactorAPIKeysByOrgID(ctx, orgID)
-	if err == nil {
-		stats["serviceaccount.keys.count"] = count
-	}
-
-	return stats, nil
-}
-
-func (module *module) GetIdentity(ctx context.Context, key string) (*authtypes.Identity, error) {
-	apiKey, err := module.getOrGetSetAPIKey(ctx, key)
-	if err != nil {
-		return nil, err
-	}
-
-	if err := apiKey.IsExpired(); err != nil {
-		return nil, err
-	}
-
-	identity, err := module.getOrGetSetIdentity(ctx, apiKey.ServiceAccountID)
-	if err != nil {
-		return nil, err
-	}
-
-	return identity, nil
-}
-
-func (module *module) SetLastObservedAt(ctx context.Context, key string, lastObservedAt time.Time) error {
-	return module.store.UpdateLastObservedAt(ctx, key, lastObservedAt)
-}
-
-func (module *module) getOrGetSetAPIKey(ctx context.Context, key string) (*serviceaccounttypes.FactorAPIKey, error) {
-	factorAPIkey := new(serviceaccounttypes.FactorAPIKey)
-	err := module.cache.Get(ctx, emptyOrgID, apiKeyCacheKey(key), factorAPIkey)
-	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-		return nil, err
-	}
-
-	if err == nil {
-		return factorAPIkey, nil
-	}
-
-	storable, err := module.store.GetFactorAPIKeyByKey(ctx, key)
-	if err != nil {
-		return nil, err
-	}
-
-	factorAPIkey = serviceaccounttypes.NewFactorAPIKeyFromStorable(storable)
-	err = module.cache.Set(ctx, emptyOrgID, apiKeyCacheKey(key), factorAPIkey, time.Duration(factorAPIkey.ExpiresAt))
-	if err != nil {
-		return nil, err
-	}
-
-	return factorAPIkey, nil
-}
-
-func (module *module) getOrGetSetIdentity(ctx context.Context, serviceAccountID valuer.UUID) (*authtypes.Identity, error) {
-	identity := new(authtypes.Identity)
-	err := module.cache.Get(ctx, emptyOrgID, identityCacheKey(serviceAccountID), identity)
-	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-		return nil, err
-	}
-
-	if err == nil {
-		return identity, nil
-	}
-
-	storableServiceAccount, err := module.store.GetByID(ctx, serviceAccountID)
-	if err != nil {
-		return nil, err
-	}
-
-	identity = storableServiceAccount.ToIdentity()
-	err = module.cache.Set(ctx, emptyOrgID, identityCacheKey(serviceAccountID), identity, 0)
-	if err != nil {
-		return nil, err
-	}
-
-	return identity, nil
-}
-
-func apiKeyCacheKey(apiKey string) string {
-	return "api_key::" + cachetypes.NewSha1CacheKey(apiKey)
-}
-
-func identityCacheKey(serviceAccountID valuer.UUID) string {
-	return "identity::" + serviceAccountID.String()
-}

pkg/modules/serviceaccount/implserviceaccount/store.go

@@ -2,7 +2,6 @@ package implserviceaccount
 
 import (
 	"context"
-	"time"
 
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
@@ -85,23 +84,6 @@ func (store *store) GetByID(ctx context.Context, id valuer.UUID) (*serviceaccoun
 	return storable, nil
 }
 
-func (store *store) CountByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
-	storable := new(serviceaccounttypes.StorableServiceAccount)
-
-	count, err := store.
-		sqlstore.
-		BunDB().
-		NewSelect().
-		Model(storable).
-		Where("org_id = ?", orgID).
-		Count(ctx)
-	if err != nil {
-		return 0, err
-	}
-
-	return int64(count), nil
-}
-
 func (store *store) List(ctx context.Context, orgID valuer.UUID) ([]*serviceaccounttypes.StorableServiceAccount, error) {
 	storables := make([]*serviceaccounttypes.StorableServiceAccount, 0)
 
@@ -249,60 +231,6 @@ func (store *store) GetFactorAPIKey(ctx context.Context, serviceAccountID valuer
 	return storable, nil
 }
 
-func (store *store) GetFactorAPIKeyByKey(ctx context.Context, key string) (*serviceaccounttypes.StorableFactorAPIKey, error) {
-	storable := new(serviceaccounttypes.StorableFactorAPIKey)
-
-	err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(storable).
-		Where("key = ?", key).
-		Scan(ctx)
-	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, serviceaccounttypes.ErrCodeAPIKeytNotFound, "api key with key: %s doesn't exist.", key)
-	}
-
-	return storable, nil
-}
-
-func (store *store) GetFactorAPIKeyByName(ctx context.Context, serviceAccountID valuer.UUID, name string) (*serviceaccounttypes.StorableFactorAPIKey, error) {
-	storable := new(serviceaccounttypes.StorableFactorAPIKey)
-
-	err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(storable).
-		Where("service_account_id = ?", serviceAccountID.String()).
-		Where("name = ?", name).
-		Scan(ctx)
-	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, serviceaccounttypes.ErrCodeAPIKeytNotFound, "api key with name: %s doesn't exist in service account: %s", name, serviceAccountID.String())
-	}
-
-	return storable, nil
-}
-
-func (store *store) CountFactorAPIKeysByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
-	storable := new(serviceaccounttypes.StorableFactorAPIKey)
-
-	count, err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(storable).
-		Join("JOIN service_account").
-		JoinOn("service_account.id = factor_api_key.service_account_id").
-		Where("service_account.org_id = ?", orgID).
-		Count(ctx)
-	if err != nil {
-		return 0, err
-	}
-
-	return int64(count), nil
-}
-
 func (store *store) ListFactorAPIKey(ctx context.Context, serviceAccountID valuer.UUID) ([]*serviceaccounttypes.StorableFactorAPIKey, error) {
 	storables := make([]*serviceaccounttypes.StorableFactorAPIKey, 0)
 
@@ -326,7 +254,6 @@ func (store *store) UpdateFactorAPIKey(ctx context.Context, serviceAccountID val
 		BunDBCtx(ctx).
 		NewUpdate().
 		Model(storable).
-		WherePK().
 		Where("service_account_id = ?", serviceAccountID).
 		Exec(ctx)
 	if err != nil {
@@ -336,22 +263,6 @@ func (store *store) UpdateFactorAPIKey(ctx context.Context, serviceAccountID val
 	return nil
 }
 
-func (store *store) UpdateLastObservedAt(ctx context.Context, key string, lastObservedAt time.Time) error {
-	_, err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewUpdate().
-		TableExpr("factor_api_key").
-		Set("last_observed_at = ?", lastObservedAt).
-		Where("key = ?", key).
-		Exec(ctx)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func (store *store) RevokeFactorAPIKey(ctx context.Context, serviceAccountID valuer.UUID, id valuer.UUID) error {
 	_, err := store.
 		sqlstore.

pkg/modules/serviceaccount/serviceaccount.go

@@ -3,9 +3,7 @@ package serviceaccount
 import (
 	"context"
 	"net/http"
-	"time"
 
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -41,24 +39,14 @@ type Module interface {
 	// Gets a factor API key by id
 	GetFactorAPIKey(context.Context, valuer.UUID, valuer.UUID) (*serviceaccounttypes.FactorAPIKey, error)
 
-	GetOrCreateFactorAPIKey(context.Context, *serviceaccounttypes.FactorAPIKey) (*serviceaccounttypes.FactorAPIKey, error)
-
 	// Lists all the API keys for a service account
 	ListFactorAPIKey(context.Context, valuer.UUID) ([]*serviceaccounttypes.FactorAPIKey, error)
 
 	// Updates an existing API key for a service account
 	UpdateFactorAPIKey(context.Context, valuer.UUID, valuer.UUID, *serviceaccounttypes.FactorAPIKey) error
 
-	// Set the last observed at for an api key.
-	SetLastObservedAt(context.Context, string, time.Time) error
-
 	// Revokes an existing API key for a service account
 	RevokeFactorAPIKey(context.Context, valuer.UUID, valuer.UUID) error
-
-	// Gets the identity for service account based on the factor api key.
-	GetIdentity(context.Context, string) (*authtypes.Identity, error)
-
-	Config() Config
 }
 
 type Handler interface {

pkg/modules/session/implsession/module.go

@@ -160,7 +160,18 @@ func (module *module) CreateCallbackAuthNSession(ctx context.Context, authNProvi
 		return "", errors.WithAdditionalf(err, "root user can only authenticate via password")
 	}
 
-	token, err := module.tokenizer.CreateToken(ctx, authtypes.NewPrincipalUserIdentity(newUser.ID, newUser.OrgID, newUser.Email, authtypes.IdentNProviderTokenizer), map[string]string{})
+	userRoles, err := module.userGetter.GetUserRoles(ctx, newUser.ID)
+	if err != nil {
+		return "", err
+	}
+
+	if len(userRoles) == 0 {
+		return "", errors.New(errors.TypeUnexpected, authtypes.ErrCodeUserRolesNotFound, "no user roles entries found")
+	}
+
+	finalRole := authtypes.SigNozManagedRoleToExistingLegacyRole[userRoles[0].Role.Name]
+
+	token, err := module.tokenizer.CreateToken(ctx, authtypes.NewIdentity(newUser.ID, newUser.OrgID, newUser.Email, finalRole, authtypes.IdentNProviderTokenizer), map[string]string{})
 	if err != nil {
 		return "", err
 	}

pkg/modules/spanpercentile/implspanpercentile/handler.go

@@ -35,7 +35,7 @@ func (h *handler) GetSpanPercentileDetails(w http.ResponseWriter, r *http.Reques
 		return
 	}
 
-	result, err := h.module.GetSpanPercentile(r.Context(), valuer.MustNewUUID(claims.OrgID), spanPercentileRequest)
+	result, err := h.module.GetSpanPercentile(r.Context(), valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), spanPercentileRequest)
 	if err != nil {
 		render.Error(w, err)
 		return

pkg/modules/spanpercentile/implspanpercentile/module.go

@@ -28,7 +28,7 @@ func NewModule(
 	}
 }
 
-func (m *module) GetSpanPercentile(ctx context.Context, orgID valuer.UUID, req *spanpercentiletypes.SpanPercentileRequest) (*spanpercentiletypes.SpanPercentileResponse, error) {
+func (m *module) GetSpanPercentile(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, req *spanpercentiletypes.SpanPercentileRequest) (*spanpercentiletypes.SpanPercentileResponse, error) {
 	ctx = ctxtypes.NewContextWithCommentVals(ctx, map[string]string{
 		instrumentationtypes.CodeNamespace:    "spanpercentile",
 		instrumentationtypes.CodeFunctionName: "GetSpanPercentile",

pkg/modules/spanpercentile/spanpercentile.go

@@ -9,7 +9,7 @@ import (
 )
 
 type Module interface {
-	GetSpanPercentile(ctx context.Context, orgID valuer.UUID, req *spanpercentiletypes.SpanPercentileRequest) (*spanpercentiletypes.SpanPercentileResponse, error)
+	GetSpanPercentile(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, req *spanpercentiletypes.SpanPercentileRequest) (*spanpercentiletypes.SpanPercentileResponse, error)
 }
 
 type Handler interface {

pkg/modules/user/impluser/handler.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"net/http"
+	"slices"
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
@@ -12,6 +13,7 @@ import (
 	root "github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/integrationtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 )
@@ -41,7 +43,7 @@ func (h *handler) CreateInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	invites, err := h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &types.PostableBulkInviteRequest{
+	invites, err := h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), &types.PostableBulkInviteRequest{
 		Invites: []types.PostableInvite{req},
 	})
 	if err != nil {
@@ -74,7 +76,7 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	_, err = h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.IdentityID()), valuer.MustNewEmail(claims.Email), &req)
+	_, err = h.setter.CreateBulkInvite(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), &req)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -160,7 +162,7 @@ func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	updatedUser, err := h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), id, &user)
+	updatedUser, err := h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), id, &user, claims.UserID)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -181,7 +183,7 @@ func (h *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := h.setter.DeleteUser(ctx, valuer.MustNewUUID(claims.OrgID), id, claims.IdentityID()); err != nil {
+	if err := h.setter.DeleteUser(ctx, valuer.MustNewUUID(claims.OrgID), id, claims.UserID); err != nil {
 		render.Error(w, err)
 		return
 	}
@@ -272,3 +274,172 @@ func (h *handler) ForgotPassword(w http.ResponseWriter, r *http.Request) {
 
 	render.Success(w, http.StatusNoContent, nil)
 }
+
+func (h *handler) CreateAPIKey(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	req := new(types.PostableAPIKey)
+	if err := json.NewDecoder(r.Body).Decode(req); err != nil {
+		render.Error(w, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to decode api key"))
+		return
+	}
+
+	apiKey, err := types.NewStorableAPIKey(
+		req.Name,
+		valuer.MustNewUUID(claims.UserID),
+		req.Role,
+		req.ExpiresInDays,
+	)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	err = h.setter.CreateAPIKey(ctx, apiKey)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	createdApiKey, err := h.setter.GetAPIKey(ctx, valuer.MustNewUUID(claims.OrgID), apiKey.ID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	// just corrected the status code, response is same,
+	render.Success(w, http.StatusCreated, createdApiKey)
+}
+
+func (h *handler) ListAPIKeys(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	apiKeys, err := h.setter.ListAPIKeys(ctx, valuer.MustNewUUID(claims.OrgID))
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	// for backward compatibility
+	if len(apiKeys) == 0 {
+		render.Success(w, http.StatusOK, []types.GettableAPIKey{})
+		return
+	}
+
+	result := make([]*types.GettableAPIKey, len(apiKeys))
+	for i, apiKey := range apiKeys {
+		result[i] = types.NewGettableAPIKeyFromStorableAPIKey(apiKey)
+	}
+
+	render.Success(w, http.StatusOK, result)
+
+}
+
+func (h *handler) UpdateAPIKey(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	req := types.StorableAPIKey{}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		render.Error(w, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to decode api key"))
+		return
+	}
+
+	idStr := mux.Vars(r)["id"]
+	id, err := valuer.NewUUID(idStr)
+	if err != nil {
+		render.Error(w, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is not a valid uuid-v7"))
+		return
+	}
+
+	//get the API Key
+	existingAPIKey, err := h.setter.GetAPIKey(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	// get the user
+	createdByUser, err := h.getter.Get(ctx, existingAPIKey.UserID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	if slices.Contains(integrationtypes.AllIntegrationUserEmails, integrationtypes.IntegrationUserEmail(createdByUser.Email.String())) {
+		render.Error(w, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "API Keys for integration users cannot be revoked"))
+		return
+	}
+
+	err = h.setter.UpdateAPIKey(ctx, id, &req, valuer.MustNewUUID(claims.UserID))
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	render.Success(w, http.StatusNoContent, nil)
+}
+
+func (h *handler) RevokeAPIKey(w http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	idStr := mux.Vars(r)["id"]
+	id, err := valuer.NewUUID(idStr)
+	if err != nil {
+		render.Error(w, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is not a valid uuid-v7"))
+		return
+	}
+
+	//get the API Key
+	existingAPIKey, err := h.setter.GetAPIKey(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	// get the user
+	createdByUser, err := h.getter.Get(ctx, existingAPIKey.UserID)
+	if err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	if slices.Contains(integrationtypes.AllIntegrationUserEmails, integrationtypes.IntegrationUserEmail(createdByUser.Email.String())) {
+		render.Error(w, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "API Keys for integration users cannot be revoked"))
+		return
+	}
+
+	if err := h.setter.RevokeAPIKey(ctx, id, valuer.MustNewUUID(claims.UserID)); err != nil {
+		render.Error(w, err)
+		return
+	}
+
+	render.Success(w, http.StatusNoContent, nil)
+}

pkg/modules/user/impluser/service.go

@@ -23,7 +23,6 @@ type service struct {
 	authz     authz.AuthZ
 	config    user.RootConfig
 	stopC     chan struct{}
-	healthyC  chan struct{}
 }
 
 func NewService(
@@ -43,14 +42,12 @@ func NewService(
 		orgGetter: orgGetter,
 		authz:     authz,
 		config:    config,
-		stopC:    make(chan struct{}),
-		healthyC: make(chan struct{}),
+		stopC:     make(chan struct{}),
 	}
 }
 
 func (s *service) Start(ctx context.Context) error {
 	if !s.config.Enabled {
-		close(s.healthyC)
 		<-s.stopC
 		return nil
 	}
@@ -62,7 +59,6 @@ func (s *service) Start(ctx context.Context) error {
 		err := s.reconcile(ctx)
 		if err == nil {
 			s.settings.Logger().InfoContext(ctx, "root user reconciliation completed successfully")
-			close(s.healthyC)
 			<-s.stopC
 			return nil
 		}
@@ -78,10 +74,6 @@ func (s *service) Start(ctx context.Context) error {
 	}
 }
 
-func (s *service) Healthy() <-chan struct{} {
-	return s.healthyC
-}
-
 func (s *service) Stop(ctx context.Context) error {
 	close(s.stopC)
 	return nil

pkg/modules/user/impluser/setter.go

@@ -56,7 +56,12 @@ func NewSetter(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing em
 }
 
 // CreateBulk implements invite.Module.
-func (module *setter) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, identityID valuer.UUID, identityEmail valuer.Email, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error) {
+func (module *setter) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error) {
+	creator, err := module.store.GetUser(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+
 	// validate all emails to be invited
 	emails := make([]string, len(bulkInvites.Invites))
 	for idx, invite := range bulkInvites.Invites {
@@ -123,7 +128,7 @@ func (module *setter) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, i
 
 	// send password reset emails to all the invited users
 	for idx, userWithToken := range newUsersWithResetToken {
-		module.analytics.TrackUser(ctx, orgID.String(), identityID.String(), "Invite Sent", map[string]any{
+		module.analytics.TrackUser(ctx, orgID.String(), creator.ID.String(), "Invite Sent", map[string]any{
 			"invitee_email": userWithToken.User.Email,
 			"invitee_role":  userWithToken.Role,
 		})
@@ -157,7 +162,7 @@ func (module *setter) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, i
 		humanizedTokenLifetime := strings.TrimSpace(humanize.RelTime(time.Now(), time.Now().Add(tokenLifetime), "", ""))
 
 		if err := module.emailing.SendHTML(ctx, userWithToken.User.Email.String(), "You're Invited to Join SigNoz", emailtypes.TemplateNameInvitationEmail, map[string]any{
-			"inviter_email": identityEmail.StringValue(),
+			"inviter_email": creator.Email,
 			"link":          resetLink,
 			"Expiry":        humanizedTokenLifetime,
 		}); err != nil {
@@ -215,12 +220,7 @@ func (module *setter) CreateUser(ctx context.Context, user *types.User, opts ...
 	return nil
 }
 
-func (module *setter) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser) (*types.DeprecatedUser, error) {
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-
+func (module *setter) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error) {
 	existingUser, err := module.getter.GetDeprecatedUserByOrgIDAndID(ctx, orgID, valuer.MustNewUUID(id))
 	if err != nil {
 		return nil, err
@@ -234,29 +234,19 @@ func (module *setter) UpdateUser(ctx context.Context, orgID valuer.UUID, id stri
 		return nil, errors.WithAdditionalf(err, "cannot update deleted user")
 	}
 
+	requestor, err := module.getter.GetDeprecatedUserByOrgIDAndID(ctx, orgID, valuer.MustNewUUID(updatedBy))
+	if err != nil {
+		return nil, err
+	}
+
 	roleChange := user.Role != "" && user.Role != existingUser.Role
 
-	if roleChange {
-		selectors := []authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
-		}
-		err = module.authz.CheckWithTupleCreation(
-			ctx,
-			claims,
-			valuer.MustNewUUID(claims.OrgID),
-			authtypes.RelationAssignee,
-			authtypes.TypeableRole,
-			selectors,
-			selectors,
-		)
-
-		if err != nil {
-			return nil, errors.New(errors.TypeForbidden, errors.CodeForbidden, "only admins can change roles")
-		}
+	if roleChange && requestor.Role != types.RoleAdmin {
+		return nil, errors.New(errors.TypeForbidden, errors.CodeForbidden, "only admins can change roles")
 	}
 
 	// make sure the user is not demoting self from admin
-	if roleChange && existingUser.ID == valuer.MustNewUUID(claims.IdentityID()) && existingUser.Role == types.RoleAdmin && user.Role != types.RoleAdmin {
+	if roleChange && existingUser.ID == requestor.ID && existingUser.Role == types.RoleAdmin && user.Role != types.RoleAdmin {
 		return nil, errors.New(errors.TypeForbidden, errors.CodeForbidden, "cannot change self role")
 	}
 
@@ -638,6 +628,26 @@ func (module *setter) GetOrCreateUser(ctx context.Context, user *types.User, opt
 	return user, nil
 }
 
+func (module *setter) CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error {
+	return module.store.CreateAPIKey(ctx, apiKey)
+}
+
+func (module *setter) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error {
+	return module.store.UpdateAPIKey(ctx, id, apiKey, updaterID)
+}
+
+func (module *setter) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error) {
+	return module.store.ListAPIKeys(ctx, orgID)
+}
+
+func (module *setter) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*types.StorableAPIKeyUser, error) {
+	return module.store.GetAPIKey(ctx, orgID, id)
+}
+
+func (module *setter) RevokeAPIKey(ctx context.Context, id, removedByUserID valuer.UUID) error {
+	return module.store.RevokeAPIKey(ctx, id, removedByUserID)
+}
+
 func (module *setter) CreateFirstUser(ctx context.Context, organization *types.Organization, name string, email valuer.Email, passwd string) (*types.User, error) {
 	user, err := types.NewRootUser(name, email, organization.ID)
 	if err != nil {
@@ -693,6 +703,11 @@ func (module *setter) Collect(ctx context.Context, orgID valuer.UUID) (map[strin
 		stats["user.count.pending_invite"] = counts[types.UserStatusPendingInvite]
 	}
 
+	count, err := module.store.CountAPIKeyByOrgID(ctx, orgID)
+	if err == nil {
+		stats["factor.api_key.count"] = count
+	}
+
 	return stats, nil
 }
 

pkg/modules/user/impluser/store.go

@@ -3,6 +3,7 @@ package impluser
 import (
 	"context"
 	"database/sql"
+	"sort"
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
@@ -181,6 +182,15 @@ func (store *store) DeleteUser(ctx context.Context, orgID string, id string) err
 		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to delete factor password")
 	}
 
+	// delete api keys
+	_, err = tx.NewDelete().
+		Model(&types.StorableAPIKey{}).
+		Where("user_id = ?", id).
+		Exec(ctx)
+	if err != nil {
+		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to delete API keys")
+	}
+
 	// delete user_preference
 	_, err = tx.NewDelete().
 		Model(new(preferencetypes.StorableUserPreference)).
@@ -256,6 +266,15 @@ func (store *store) SoftDeleteUser(ctx context.Context, orgID string, id string)
 		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to delete factor password")
 	}
 
+	// delete api keys
+	_, err = tx.NewDelete().
+		Model(&types.StorableAPIKey{}).
+		Where("user_id = ?", id).
+		Exec(ctx)
+	if err != nil {
+		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to delete API keys")
+	}
+
 	// delete user_preference
 	_, err = tx.NewDelete().
 		Model(new(preferencetypes.StorableUserPreference)).
@@ -402,6 +421,111 @@ func (store *store) UpdatePassword(ctx context.Context, factorPassword *types.Fa
 	return nil
 }
 
+// --- API KEY ---
+func (store *store) CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error {
+	_, err := store.sqlstore.BunDB().NewInsert().
+		Model(apiKey).
+		Exec(ctx)
+	if err != nil {
+		return store.sqlstore.WrapAlreadyExistsErrf(err, types.ErrAPIKeyAlreadyExists, "API key with token: %s already exists", apiKey.Token)
+	}
+
+	return nil
+}
+
+func (store *store) UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error {
+	apiKey.UpdatedBy = updaterID.String()
+	apiKey.UpdatedAt = time.Now()
+	_, err := store.sqlstore.BunDB().NewUpdate().
+		Model(apiKey).
+		Column("role", "name", "updated_at", "updated_by").
+		Where("id = ?", id).
+		Where("revoked = false").
+		Exec(ctx)
+	if err != nil {
+		return store.sqlstore.WrapNotFoundErrf(err, types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+	}
+	return nil
+}
+
+func (store *store) ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error) {
+	orgUserAPIKeys := new(types.OrgUserAPIKey)
+
+	if err := store.sqlstore.BunDB().NewSelect().
+		Model(orgUserAPIKeys).
+		Relation("Users").
+		Relation("Users.APIKeys", func(q *bun.SelectQuery) *bun.SelectQuery {
+			return q.Where("revoked = false")
+		},
+		).
+		Relation("Users.APIKeys.CreatedByUser").
+		Relation("Users.APIKeys.UpdatedByUser").
+		Where("id = ?", orgID).
+		Scan(ctx); err != nil {
+		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to fetch API keys")
+	}
+
+	// Flatten the API keys from all users
+	var allAPIKeys []*types.StorableAPIKeyUser
+	for _, user := range orgUserAPIKeys.Users {
+		if user.APIKeys != nil {
+			allAPIKeys = append(allAPIKeys, user.APIKeys...)
+		}
+	}
+
+	// sort the API keys by updated_at
+	sort.Slice(allAPIKeys, func(i, j int) bool {
+		return allAPIKeys[i].UpdatedAt.After(allAPIKeys[j].UpdatedAt)
+	})
+
+	return allAPIKeys, nil
+}
+
+func (store *store) RevokeAPIKey(ctx context.Context, id, revokedByUserID valuer.UUID) error {
+	updatedAt := time.Now().Unix()
+	_, err := store.sqlstore.BunDB().NewUpdate().
+		Model(&types.StorableAPIKey{}).
+		Set("revoked = ?", true).
+		Set("updated_by = ?", revokedByUserID).
+		Set("updated_at = ?", updatedAt).
+		Where("id = ?", id).
+		Exec(ctx)
+	if err != nil {
+		return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to revoke API key")
+	}
+	return nil
+}
+
+func (store *store) GetAPIKey(ctx context.Context, orgID, id valuer.UUID) (*types.StorableAPIKeyUser, error) {
+	apiKey := new(types.OrgUserAPIKey)
+	if err := store.sqlstore.BunDB().NewSelect().
+		Model(apiKey).
+		Relation("Users").
+		Relation("Users.APIKeys", func(q *bun.SelectQuery) *bun.SelectQuery {
+			return q.Where("revoked = false").Where("storable_api_key.id = ?", id).
+				OrderExpr("storable_api_key.updated_at DESC").Limit(1)
+		},
+		).
+		Relation("Users.APIKeys.CreatedByUser").
+		Relation("Users.APIKeys.UpdatedByUser").
+		Scan(ctx); err != nil {
+		return nil, store.sqlstore.WrapNotFoundErrf(err, types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+	}
+
+	// flatten the API keys
+	flattenedAPIKeys := []*types.StorableAPIKeyUser{}
+	for _, user := range apiKey.Users {
+		if user.APIKeys != nil {
+			flattenedAPIKeys = append(flattenedAPIKeys, user.APIKeys...)
+		}
+	}
+	if len(flattenedAPIKeys) == 0 {
+		return nil, store.sqlstore.WrapNotFoundErrf(errors.New(errors.TypeNotFound, errors.CodeNotFound, "API key with id: %s does not exist"), types.ErrAPIKeyNotFound, "API key with id: %s does not exist", id)
+	}
+
+	return flattenedAPIKeys[0], nil
+}
+
 func (store *store) CountByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
 	user := new(types.User)
 
@@ -449,6 +573,24 @@ func (store *store) CountByOrgIDAndStatuses(ctx context.Context, orgID valuer.UU
 	return counts, nil
 }
 
+func (store *store) CountAPIKeyByOrgID(ctx context.Context, orgID valuer.UUID) (int64, error) {
+	apiKey := new(types.StorableAPIKey)
+
+	count, err := store.
+		sqlstore.
+		BunDB().
+		NewSelect().
+		Model(apiKey).
+		Join("JOIN users ON users.id = storable_api_key.user_id").
+		Where("org_id = ?", orgID).
+		Count(ctx)
+	if err != nil {
+		return 0, err
+	}
+
+	return int64(count), nil
+}
+
 func (store *store) RunInTx(ctx context.Context, cb func(ctx context.Context) error) error {
 	return store.sqlstore.RunInTxCtx(ctx, nil, func(ctx context.Context) error {
 		return cb(ctx)

pkg/modules/user/service.go

@@ -3,5 +3,5 @@ package user
 import "github.com/SigNoz/signoz/pkg/factory"
 
 type Service interface {
-	factory.ServiceWithHealthy
+	factory.Service
 }

pkg/modules/user/user.go

@@ -34,14 +34,21 @@ type Setter interface {
 	// Initiate forgot password flow for a user
 	ForgotPassword(ctx context.Context, orgID valuer.UUID, email valuer.Email, frontendBaseURL string) error
 
-	UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser) (*types.DeprecatedUser, error)
+	UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error)
 
 	// UpdateAnyUser updates a user and persists the changes to the database along with the analytics and identity deletion.
 	UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.DeprecatedUser) error
 	DeleteUser(ctx context.Context, orgID valuer.UUID, id string, deletedBy string) error
 
 	// invite
-	CreateBulkInvite(ctx context.Context, orgID valuer.UUID, identityID valuer.UUID, identityEmail valuer.Email, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error)
+	CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, bulkInvites *types.PostableBulkInviteRequest) ([]*types.Invite, error)
+
+	// API KEY
+	CreateAPIKey(ctx context.Context, apiKey *types.StorableAPIKey) error
+	UpdateAPIKey(ctx context.Context, id valuer.UUID, apiKey *types.StorableAPIKey, updaterID valuer.UUID) error
+	ListAPIKeys(ctx context.Context, orgID valuer.UUID) ([]*types.StorableAPIKeyUser, error)
+	RevokeAPIKey(ctx context.Context, id, removedByUserID valuer.UUID) error
+	GetAPIKey(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*types.StorableAPIKeyUser, error)
 
 	// Roles
 	UpdateUserRoles(ctx context.Context, orgID, userID valuer.UUID, finalRoleNames []string) error
@@ -97,4 +104,10 @@ type Handler interface {
 	ResetPassword(http.ResponseWriter, *http.Request)
 	ChangePassword(http.ResponseWriter, *http.Request)
 	ForgotPassword(http.ResponseWriter, *http.Request)
+
+	// API KEY
+	CreateAPIKey(http.ResponseWriter, *http.Request)
+	ListAPIKeys(http.ResponseWriter, *http.Request)
+	UpdateAPIKey(http.ResponseWriter, *http.Request)
+	RevokeAPIKey(http.ResponseWriter, *http.Request)
 }