Merge branch 'nv/v2-dashboard-update' into nv/other-dashboard-v2-update-methods

Merge branch 'nv/v2-dashboard-get' into nv/v2-dashboard-update
Merge branch 'nv/v2-dashboard-create' into nv/v2-dashboard-get
2026-05-14 06:00:30 +01:00 · 2026-05-13 22:43:14 +05:30 · 2026-05-13 22:42:32 +05:30 · 2026-05-13 22:41:57 +05:30 · 2026-05-13 22:41:17 +05:30 · 2026-05-13 22:40:29 +05:30
47 changed files with 5647 additions and 228 deletions
--- a/cmd/community/server.go
+++ b/cmd/community/server.go
@@ -29,6 +29,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/retention"
 	"github.com/SigNoz/signoz/pkg/modules/rulestatehistory"
@@ -103,8 +104,8 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e

 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, authtypes.NewRegistry()), nil
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
-			return impldashboard.NewModule(impldashboard.NewStore(store), settings, analytics, orgGetter, queryParser)
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing, tagModule tag.Module) dashboard.Module {
+			return impldashboard.NewModule(impldashboard.NewStore(store), store, settings, analytics, orgGetter, queryParser, tagModule)
 		},
 		func(_ licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return noopgateway.NewProviderFactory()
--- a/cmd/enterprise/server.go
+++ b/cmd/enterprise/server.go
@@ -48,6 +48,7 @@ import (
 	pkgcloudintegration "github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/retention"
 	"github.com/SigNoz/signoz/pkg/modules/rulestatehistory"
@@ -151,8 +152,8 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 			}
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), openfgaDataStore, licensing, onBeforeRoleDelete, authtypes.NewRegistry()), nil
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
-			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing, tagModule tag.Module) dashboard.Module {
+			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), store, settings, analytics, orgGetter, queryParser, querier, licensing, tagModule)
 		},
 		func(licensing licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return httpgateway.NewProviderFactory(licensing)
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
--- a/ee/modules/dashboard/impldashboard/module.go
+++ b/ee/modules/dashboard/impldashboard/module.go
@@ -11,8 +11,10 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/coretypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
@@ -30,9 +32,9 @@ type module struct {
 	licensing          licensing.Licensing
 }

-func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+func NewModule(store dashboardtypes.Store, sqlstore sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing, tagModule tag.Module) dashboard.Module {
 	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard")
-	pkgDashboardModule := pkgimpldashboard.NewModule(store, settings, analytics, orgGetter, queryParser)
+	pkgDashboardModule := pkgimpldashboard.NewModule(store, sqlstore, settings, analytics, orgGetter, queryParser, tagModule)

 	return &module{
 		pkgDashboardModule: pkgDashboardModule,
@@ -197,6 +199,64 @@ func (module *module) Create(ctx context.Context, orgID valuer.UUID, createdBy s
 	return module.pkgDashboardModule.Create(ctx, orgID, createdBy, creator, data)
 }

+func (module *module) CreateV2(ctx context.Context, orgID valuer.UUID, createdBy string, creator valuer.UUID, postable dashboardtypes.PostableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	return module.pkgDashboardModule.CreateV2(ctx, orgID, createdBy, creator, postable)
+}
+
+func (module *module) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardV2, error) {
+	return module.pkgDashboardModule.GetV2(ctx, orgID, id)
+}
+
+func (module *module) UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updateable dashboardtypes.UpdateableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	return module.pkgDashboardModule.UpdateV2(ctx, orgID, id, updatedBy, updateable)
+}
+
+func (module *module) LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
+	return module.pkgDashboardModule.LockUnlockV2(ctx, orgID, id, updatedBy, isAdmin, lock)
+}
+
+func (module *module) CreatePublicV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, postable dashboardtypes.PostablePublicDashboard) (*dashboardtypes.DashboardV2, error) {
+	if _, err := module.licensing.GetActive(ctx, orgID); err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	existing, err := module.pkgDashboardModule.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	if existing.PublicConfig != nil {
+		return nil, errors.Newf(errors.TypeAlreadyExists, dashboardtypes.ErrCodePublicDashboardAlreadyExists, "dashboard with id %s is already public", id)
+	}
+
+	publicDashboard := dashboardtypes.NewPublicDashboard(postable.TimeRangeEnabled, postable.DefaultTimeRange, id)
+	if err := module.store.CreatePublic(ctx, dashboardtypes.NewStorablePublicDashboardFromPublicDashboard(publicDashboard)); err != nil {
+		return nil, err
+	}
+
+	existing.PublicConfig = publicDashboard
+	return existing, nil
+}
+
+func (module *module) UpdatePublicV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatable dashboardtypes.UpdatablePublicDashboard) (*dashboardtypes.DashboardV2, error) {
+	if _, err := module.licensing.GetActive(ctx, orgID); err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	existing, err := module.pkgDashboardModule.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	if existing.PublicConfig == nil {
+		return nil, errors.Newf(errors.TypeNotFound, dashboardtypes.ErrCodePublicDashboardNotFound, "dashboard with id %s isn't public", id)
+	}
+
+	existing.PublicConfig.Update(updatable.TimeRangeEnabled, updatable.DefaultTimeRange)
+	if err := module.store.UpdatePublic(ctx, dashboardtypes.NewStorablePublicDashboardFromPublicDashboard(existing.PublicConfig)); err != nil {
+		return nil, err
+	}
+	return existing, nil
+}
+
 func (module *module) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.Dashboard, error) {
 	return module.pkgDashboardModule.Get(ctx, orgID, id)
 }
--- a/frontend/src/api/generated/services/dashboard/index.ts
+++ b/frontend/src/api/generated/services/dashboard/index.ts
@@ -18,19 +18,31 @@ import type {
 } from 'react-query';

 import type {
+	CreateDashboardV2201,
 	CreatePublicDashboard201,
 	CreatePublicDashboardPathParameters,
+	CreatePublicDashboardV2200,
+	CreatePublicDashboardV2PathParameters,
+	DashboardtypesPostableDashboardV2DTO,
 	DashboardtypesPostablePublicDashboardDTO,
 	DashboardtypesUpdatablePublicDashboardDTO,
 	DeletePublicDashboardPathParameters,
+	GetDashboardV2200,
+	GetDashboardV2PathParameters,
 	GetPublicDashboard200,
 	GetPublicDashboardData200,
 	GetPublicDashboardDataPathParameters,
 	GetPublicDashboardPathParameters,
 	GetPublicDashboardWidgetQueryRange200,
 	GetPublicDashboardWidgetQueryRangePathParameters,
+	LockDashboardV2PathParameters,
 	RenderErrorResponseDTO,
+	UnlockDashboardV2PathParameters,
+	UpdateDashboardV2200,
+	UpdateDashboardV2PathParameters,
 	UpdatePublicDashboardPathParameters,
+	UpdatePublicDashboardV2200,
+	UpdatePublicDashboardV2PathParameters,
 } from '../sigNoz.schemas';

 import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
@@ -634,3 +646,641 @@ export const invalidateGetPublicDashboardWidgetQueryRange = async (

 	return queryClient;
 };
+
+/**
+ * This endpoint creates a v2-shape dashboard with structured metadata, a typed data tree, and resolved tags.
+ * @summary Create dashboard (v2)
+ */
+export const createDashboardV2 = (
+	dashboardtypesPostableDashboardV2DTO: BodyType<DashboardtypesPostableDashboardV2DTO>,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<CreateDashboardV2201>({
+		url: `/api/v2/dashboards`,
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		data: dashboardtypesPostableDashboardV2DTO,
+		signal,
+	});
+};
+
+export const getCreateDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createDashboardV2>>,
+		TError,
+		{ data: BodyType<DashboardtypesPostableDashboardV2DTO> },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof createDashboardV2>>,
+	TError,
+	{ data: BodyType<DashboardtypesPostableDashboardV2DTO> },
+	TContext
+> => {
+	const mutationKey = ['createDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof createDashboardV2>>,
+		{ data: BodyType<DashboardtypesPostableDashboardV2DTO> }
+	> = (props) => {
+		const { data } = props ?? {};
+
+		return createDashboardV2(data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type CreateDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof createDashboardV2>>
+>;
+export type CreateDashboardV2MutationBody =
+	BodyType<DashboardtypesPostableDashboardV2DTO>;
+export type CreateDashboardV2MutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Create dashboard (v2)
+ */
+export const useCreateDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createDashboardV2>>,
+		TError,
+		{ data: BodyType<DashboardtypesPostableDashboardV2DTO> },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof createDashboardV2>>,
+	TError,
+	{ data: BodyType<DashboardtypesPostableDashboardV2DTO> },
+	TContext
+> => {
+	const mutationOptions = getCreateDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint returns a v2-shape dashboard with its tags and public sharing config (if any).
+ * @summary Get dashboard (v2)
+ */
+export const getDashboardV2 = (
+	{ id }: GetDashboardV2PathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<GetDashboardV2200>({
+		url: `/api/v2/dashboards/${id}`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getGetDashboardV2QueryKey = ({
+	id,
+}: GetDashboardV2PathParameters) => {
+	return [`/api/v2/dashboards/${id}`] as const;
+};
+
+export const getGetDashboardV2QueryOptions = <
+	TData = Awaited<ReturnType<typeof getDashboardV2>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(
+	{ id }: GetDashboardV2PathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getDashboardV2>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey = queryOptions?.queryKey ?? getGetDashboardV2QueryKey({ id });
+
+	const queryFn: QueryFunction<Awaited<ReturnType<typeof getDashboardV2>>> = ({
+		signal,
+	}) => getDashboardV2({ id }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!id,
+		...queryOptions,
+	} as UseQueryOptions<
+		Awaited<ReturnType<typeof getDashboardV2>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type GetDashboardV2QueryResult = NonNullable<
+	Awaited<ReturnType<typeof getDashboardV2>>
+>;
+export type GetDashboardV2QueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Get dashboard (v2)
+ */
+
+export function useGetDashboardV2<
+	TData = Awaited<ReturnType<typeof getDashboardV2>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(
+	{ id }: GetDashboardV2PathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getDashboardV2>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getGetDashboardV2QueryOptions({ id }, options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Get dashboard (v2)
+ */
+export const invalidateGetDashboardV2 = async (
+	queryClient: QueryClient,
+	{ id }: GetDashboardV2PathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getGetDashboardV2QueryKey({ id }) },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * This endpoint updates a v2-shape dashboard's metadata, data, and tag set. Locked dashboards are rejected.
+ * @summary Update dashboard (v2)
+ */
+export const updateDashboardV2 = (
+	{ id }: UpdateDashboardV2PathParameters,
+	dashboardtypesPostableDashboardV2DTO: BodyType<DashboardtypesPostableDashboardV2DTO>,
+) => {
+	return GeneratedAPIInstance<UpdateDashboardV2200>({
+		url: `/api/v2/dashboards/${id}`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: dashboardtypesPostableDashboardV2DTO,
+	});
+};
+
+export const getUpdateDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateDashboardV2>>,
+		TError,
+		{
+			pathParams: UpdateDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostableDashboardV2DTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updateDashboardV2>>,
+	TError,
+	{
+		pathParams: UpdateDashboardV2PathParameters;
+		data: BodyType<DashboardtypesPostableDashboardV2DTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updateDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updateDashboardV2>>,
+		{
+			pathParams: UpdateDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostableDashboardV2DTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updateDashboardV2(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdateDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof updateDashboardV2>>
+>;
+export type UpdateDashboardV2MutationBody =
+	BodyType<DashboardtypesPostableDashboardV2DTO>;
+export type UpdateDashboardV2MutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Update dashboard (v2)
+ */
+export const useUpdateDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateDashboardV2>>,
+		TError,
+		{
+			pathParams: UpdateDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostableDashboardV2DTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updateDashboardV2>>,
+	TError,
+	{
+		pathParams: UpdateDashboardV2PathParameters;
+		data: BodyType<DashboardtypesPostableDashboardV2DTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdateDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint unlocks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.
+ * @summary Unlock dashboard (v2)
+ */
+export const unlockDashboardV2 = ({ id }: UnlockDashboardV2PathParameters) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v2/dashboards/${id}/lock`,
+		method: 'DELETE',
+	});
+};
+
+export const getUnlockDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof unlockDashboardV2>>,
+		TError,
+		{ pathParams: UnlockDashboardV2PathParameters },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof unlockDashboardV2>>,
+	TError,
+	{ pathParams: UnlockDashboardV2PathParameters },
+	TContext
+> => {
+	const mutationKey = ['unlockDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof unlockDashboardV2>>,
+		{ pathParams: UnlockDashboardV2PathParameters }
+	> = (props) => {
+		const { pathParams } = props ?? {};
+
+		return unlockDashboardV2(pathParams);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UnlockDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof unlockDashboardV2>>
+>;
+
+export type UnlockDashboardV2MutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Unlock dashboard (v2)
+ */
+export const useUnlockDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof unlockDashboardV2>>,
+		TError,
+		{ pathParams: UnlockDashboardV2PathParameters },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof unlockDashboardV2>>,
+	TError,
+	{ pathParams: UnlockDashboardV2PathParameters },
+	TContext
+> => {
+	const mutationOptions = getUnlockDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint locks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.
+ * @summary Lock dashboard (v2)
+ */
+export const lockDashboardV2 = ({ id }: LockDashboardV2PathParameters) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v2/dashboards/${id}/lock`,
+		method: 'PUT',
+	});
+};
+
+export const getLockDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof lockDashboardV2>>,
+		TError,
+		{ pathParams: LockDashboardV2PathParameters },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof lockDashboardV2>>,
+	TError,
+	{ pathParams: LockDashboardV2PathParameters },
+	TContext
+> => {
+	const mutationKey = ['lockDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof lockDashboardV2>>,
+		{ pathParams: LockDashboardV2PathParameters }
+	> = (props) => {
+		const { pathParams } = props ?? {};
+
+		return lockDashboardV2(pathParams);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type LockDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof lockDashboardV2>>
+>;
+
+export type LockDashboardV2MutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Lock dashboard (v2)
+ */
+export const useLockDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof lockDashboardV2>>,
+		TError,
+		{ pathParams: LockDashboardV2PathParameters },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof lockDashboardV2>>,
+	TError,
+	{ pathParams: LockDashboardV2PathParameters },
+	TContext
+> => {
+	const mutationOptions = getLockDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint creates the public sharing config for a v2 dashboard and returns the dashboard with the new public config attached. Lock state does not gate this endpoint.
+ * @summary Make a dashboard v2 public
+ */
+export const createPublicDashboardV2 = (
+	{ id }: CreatePublicDashboardV2PathParameters,
+	dashboardtypesPostablePublicDashboardDTO: BodyType<DashboardtypesPostablePublicDashboardDTO>,
+) => {
+	return GeneratedAPIInstance<CreatePublicDashboardV2200>({
+		url: `/api/v2/dashboards/${id}/public`,
+		method: 'PATCH',
+		headers: { 'Content-Type': 'application/json' },
+		data: dashboardtypesPostablePublicDashboardDTO,
+	});
+};
+
+export const getCreatePublicDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createPublicDashboardV2>>,
+		TError,
+		{
+			pathParams: CreatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostablePublicDashboardDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof createPublicDashboardV2>>,
+	TError,
+	{
+		pathParams: CreatePublicDashboardV2PathParameters;
+		data: BodyType<DashboardtypesPostablePublicDashboardDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['createPublicDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof createPublicDashboardV2>>,
+		{
+			pathParams: CreatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostablePublicDashboardDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return createPublicDashboardV2(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type CreatePublicDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof createPublicDashboardV2>>
+>;
+export type CreatePublicDashboardV2MutationBody =
+	BodyType<DashboardtypesPostablePublicDashboardDTO>;
+export type CreatePublicDashboardV2MutationError =
+	ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Make a dashboard v2 public
+ */
+export const useCreatePublicDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createPublicDashboardV2>>,
+		TError,
+		{
+			pathParams: CreatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesPostablePublicDashboardDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof createPublicDashboardV2>>,
+	TError,
+	{
+		pathParams: CreatePublicDashboardV2PathParameters;
+		data: BodyType<DashboardtypesPostablePublicDashboardDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getCreatePublicDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint updates the public sharing config (time range settings) of an already-public v2 dashboard. Lock state does not gate this endpoint.
+ * @summary Update public sharing config for a dashboard v2
+ */
+export const updatePublicDashboardV2 = (
+	{ id }: UpdatePublicDashboardV2PathParameters,
+	dashboardtypesUpdatablePublicDashboardDTO: BodyType<DashboardtypesUpdatablePublicDashboardDTO>,
+) => {
+	return GeneratedAPIInstance<UpdatePublicDashboardV2200>({
+		url: `/api/v2/dashboards/${id}/public`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: dashboardtypesUpdatablePublicDashboardDTO,
+	});
+};
+
+export const getUpdatePublicDashboardV2MutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updatePublicDashboardV2>>,
+		TError,
+		{
+			pathParams: UpdatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updatePublicDashboardV2>>,
+	TError,
+	{
+		pathParams: UpdatePublicDashboardV2PathParameters;
+		data: BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updatePublicDashboardV2'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+			'mutationKey' in options.mutation &&
+			options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updatePublicDashboardV2>>,
+		{
+			pathParams: UpdatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updatePublicDashboardV2(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdatePublicDashboardV2MutationResult = NonNullable<
+	Awaited<ReturnType<typeof updatePublicDashboardV2>>
+>;
+export type UpdatePublicDashboardV2MutationBody =
+	BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+export type UpdatePublicDashboardV2MutationError =
+	ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Update public sharing config for a dashboard v2
+ */
+export const useUpdatePublicDashboardV2 = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown,
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updatePublicDashboardV2>>,
+		TError,
+		{
+			pathParams: UpdatePublicDashboardV2PathParameters;
+			data: BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updatePublicDashboardV2>>,
+	TError,
+	{
+		pathParams: UpdatePublicDashboardV2PathParameters;
+		data: BodyType<DashboardtypesUpdatablePublicDashboardDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdatePublicDashboardV2MutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
--- a/frontend/src/api/generated/services/sigNoz.schemas.ts
+++ b/frontend/src/api/generated/services/sigNoz.schemas.ts
--- a/frontend/src/components/CustomTimePicker/CustomTimePicker.tsx
+++ b/frontend/src/components/CustomTimePicker/CustomTimePicker.tsx
@@ -596,7 +596,6 @@ function CustomTimePicker({
 				>
 					<Input
 						ref={inputRef}
-						autoComplete="off"
 						className={cx(
 							'timeSelection-input',
 							inputStatus === CustomTimePickerInputStatus.ERROR ? 'error' : '',
--- a/frontend/src/container/CustomDomainSettings/tests/CustomDomainSettings.test.tsx
+++ b/frontend/src/container/CustomDomainSettings/tests/CustomDomainSettings.test.tsx
@@ -1,6 +1,6 @@
 import { GetHosts200 } from 'api/generated/services/sigNoz.schemas';
 import { rest, server } from 'mocks-server/server';
-import { fireEvent, render, screen, waitFor } from 'tests/test-utils';
+import { render, screen, userEvent, waitFor } from 'tests/test-utils';

 import CustomDomainSettings from '../CustomDomainSettings';

@@ -44,20 +44,18 @@ const mockHostsResponse: GetHosts200 = {
 };

 describe('CustomDomainSettings', () => {
-	beforeEach(() => {
-		server.use(
-			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
-				res(ctx.status(200), ctx.json(mockHostsResponse)),
-			),
-		);
-	});
-
 	afterEach(() => {
 		server.resetHandlers();
 		mockToastCustom.mockClear();
 	});

 	it('renders active host URL in the trigger button', async () => {
+		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
+		);
+
 		render(<CustomDomainSettings />);

 		// The active host is the non-default one (custom-host)
@@ -65,11 +63,20 @@ describe('CustomDomainSettings', () => {
 	});

 	it('opens edit modal when clicking the edit button', async () => {
+		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
+		);
+
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);

-		fireEvent.click(screen.getByRole('button', { name: /edit workspace link/i }));
+		await user.click(
+			screen.getByRole('button', { name: /edit workspace link/i }),
+		);

 		expect(
 			screen.getByRole('dialog', { name: /edit workspace link/i }),
@@ -82,20 +89,28 @@ describe('CustomDomainSettings', () => {
 		let capturedBody: Record<string, unknown> = {};

 		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
 			rest.put(ZEUS_HOSTS_ENDPOINT, async (req, res, ctx) => {
 				capturedBody = await req.json<Record<string, unknown>>();
 				return res(ctx.status(200), ctx.json({}));
 			}),
 		);

+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);
-		fireEvent.click(screen.getByRole('button', { name: /edit workspace link/i }));
+		await user.click(
+			screen.getByRole('button', { name: /edit workspace link/i }),
+		);

+		// The input is inside the modal — find it by its role
 		const input = screen.getByRole('textbox');
-		fireEvent.change(input, { target: { value: 'myteam' } });
-		fireEvent.click(screen.getByRole('button', { name: /apply changes/i }));
+		await user.clear(input);
+		await user.type(input, 'myteam');
+		await user.click(screen.getByRole('button', { name: /apply changes/i }));

 		await waitFor(() => {
 			expect(capturedBody).toStrictEqual({ name: 'myteam' });
@@ -104,6 +119,9 @@ describe('CustomDomainSettings', () => {

 	it('shows contact support option when domain update returns 409', async () => {
 		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
 			rest.put(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
 				res(
 					ctx.status(409),
@@ -112,14 +130,18 @@ describe('CustomDomainSettings', () => {
 			),
 		);

+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);
-		fireEvent.click(screen.getByRole('button', { name: /edit workspace link/i }));
+		await user.click(
+			screen.getByRole('button', { name: /edit workspace link/i }),
+		);

 		const input = screen.getByRole('textbox');
-		fireEvent.change(input, { target: { value: 'myteam' } });
-		fireEvent.click(screen.getByRole('button', { name: /apply changes/i }));
+		await user.clear(input);
+		await user.type(input, 'myteam');
+		await user.click(screen.getByRole('button', { name: /apply changes/i }));

 		await expect(
 			screen.findByRole('button', { name: /contact support/i }),
@@ -127,14 +149,24 @@ describe('CustomDomainSettings', () => {
 	});

 	it('shows validation error when subdomain is less than 3 characters', async () => {
+		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
+		);
+
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);
-		fireEvent.click(screen.getByRole('button', { name: /edit workspace link/i }));
+		await user.click(
+			screen.getByRole('button', { name: /edit workspace link/i }),
+		);

 		const input = screen.getByRole('textbox');
-		fireEvent.change(input, { target: { value: 'ab' } });
-		fireEvent.click(screen.getByRole('button', { name: /apply changes/i }));
+		await user.clear(input);
+		await user.type(input, 'ab');
+		await user.click(screen.getByRole('button', { name: /apply changes/i }));

 		expect(
 			screen.getByText(/minimum 3 characters required/i),
@@ -142,12 +174,19 @@ describe('CustomDomainSettings', () => {
 	});

 	it('shows all workspace URLs as links in the dropdown', async () => {
+		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
+		);
+
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);

 		// Open the URL dropdown
-		fireEvent.click(
+		await user.click(
 			screen.getByRole('button', { name: /custom-host\.test\.cloud/i }),
 		);

@@ -168,19 +207,26 @@ describe('CustomDomainSettings', () => {

 	it('calls toast.custom with new URL after successful domain update', async () => {
 		server.use(
+			rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+				res(ctx.status(200), ctx.json(mockHostsResponse)),
+			),
 			rest.put(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
 				res(ctx.status(200), ctx.json({})),
 			),
 		);

+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		render(<CustomDomainSettings />);

 		await screen.findByText(/custom-host\.test\.cloud/i);
-		fireEvent.click(screen.getByRole('button', { name: /edit workspace link/i }));
+		await user.click(
+			screen.getByRole('button', { name: /edit workspace link/i }),
+		);

 		const input = screen.getByRole('textbox');
-		fireEvent.change(input, { target: { value: 'myteam' } });
-		fireEvent.click(screen.getByRole('button', { name: /apply changes/i }));
+		await user.clear(input);
+		await user.type(input, 'myteam');
+		await user.click(screen.getByRole('button', { name: /apply changes/i }));

 		// Verify toast.custom was called
 		await waitFor(() => {
@@ -197,6 +243,12 @@ describe('CustomDomainSettings', () => {

 	describe('Workspace Name rendering', () => {
 		it('renders org displayName when available from appContext', async () => {
+			server.use(
+				rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+					res(ctx.status(200), ctx.json(mockHostsResponse)),
+				),
+			);
+
 			render(<CustomDomainSettings />, undefined, {
 				appContextOverrides: {
 					org: [{ id: 'xyz', displayName: 'My Org Name', createdAt: 0 }],
@@ -207,6 +259,12 @@ describe('CustomDomainSettings', () => {
 		});

 		it('falls back to customDomainSubdomain when org displayName is missing', async () => {
+			server.use(
+				rest.get(ZEUS_HOSTS_ENDPOINT, (_, res, ctx) =>
+					res(ctx.status(200), ctx.json(mockHostsResponse)),
+				),
+			);
+
 			render(<CustomDomainSettings />, undefined, {
 				appContextOverrides: { org: [] },
 			});
--- a/frontend/src/container/GeneralSettings/tests/GeneralSettings.test.tsx
+++ b/frontend/src/container/GeneralSettings/tests/GeneralSettings.test.tsx
@@ -1,6 +1,12 @@
 import setRetentionApiV2 from 'api/settings/setRetentionV2';
 import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
-import { fireEvent, render, screen, waitFor } from 'tests/test-utils';
+import {
+	fireEvent,
+	render,
+	screen,
+	userEvent,
+	waitFor,
+} from 'tests/test-utils';
 import { IDiskType } from 'types/api/disks/getDisks';
 import {
 	PayloadPropsLogs,
@@ -109,6 +115,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {

 	describe('Test 1: S3 Enabled - Only Days in Dropdown', () => {
 		it('should show only Days option for S3 retention and send correct API payload', async () => {
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(
 				<GeneralSettings
 					metricsTtlValuesPayload={mockMetricsRetention}
@@ -151,7 +159,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 			fireEvent.click(document.body);

 			// Change S3 retention value to 5 days
-			fireEvent.change(s3Input, { target: { value: '5' } });
+			await user.clear(s3Input);
+			await user.type(s3Input, '5');

 			// Find the save button in the Logs row
 			const saveButton = logsRow.querySelector(
@@ -208,6 +217,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {

 	describe('Test 2: S3 Disabled - Field Hidden', () => {
 		it('should hide S3 retention field and send empty S3 values to API', async () => {
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(
 				<GeneralSettings
 					metricsTtlValuesPayload={mockMetricsRetention}
@@ -234,7 +245,7 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 			const totalDropdown = logsRow.querySelector(
 				'.ant-select-selector',
 			) as HTMLElement;
-			fireEvent.mouseDown(totalDropdown);
+			await user.click(totalDropdown);

 			// Wait for dropdown options to appear
 			await waitFor(() => {
@@ -248,10 +259,11 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 				opt.textContent?.includes('Days'),
 			);
 			expect(daysOption).toBeInTheDocument();
-			fireEvent.click(daysOption as HTMLElement);
+			await user.click(daysOption as HTMLElement);

 			// Now change the value
-			fireEvent.change(totalInput, { target: { value: '60' } });
+			await user.clear(totalInput);
+			await user.type(totalInput, '60');

 			// Find the save button
 			const saveButton = logsRow.querySelector(
@@ -265,14 +277,14 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 			});

 			// Click save button
-			fireEvent.click(saveButton);
+			await user.click(saveButton);

 			// Wait for modal to appear
 			const okButton = await screen.findByRole('button', { name: /ok/i });
 			expect(okButton).toBeInTheDocument();

 			// Click OK button
-			fireEvent.click(okButton);
+			await user.click(okButton);

 			// Verify API was called with empty S3 values (60 days)
 			await waitFor(() => {
@@ -321,6 +333,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {

 	describe('Test 4: Save Button State with S3 Disabled', () => {
 		it('should disable save button when cold_storage_ttl_days is -1 and no changes made', async () => {
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(
 				<GeneralSettings
 					metricsTtlValuesPayload={mockMetricsRetention}
@@ -351,7 +365,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 			const totalInput = inputs[0] as HTMLInputElement;

 			// Change total retention value to trigger button enable
-			fireEvent.change(totalInput, { target: { value: '60' } });
+			await user.clear(totalInput);
+			await user.type(totalInput, '60');

 			// Button should now be enabled after change
 			await waitFor(() => {
@@ -359,7 +374,8 @@ describe('GeneralSettings - S3 Logs Retention', () => {
 			});

 			// Revert to original value (30 days displays as 1 Month)
-			fireEvent.change(totalInput, { target: { value: '1' } });
+			await user.clear(totalInput);
+			await user.type(totalInput, '1');

 			// Button should be disabled again (back to original state)
 			await waitFor(() => {
--- a/frontend/src/container/ListAlertRules/ToggleAlertState.tsx
+++ b/frontend/src/container/ListAlertRules/ToggleAlertState.tsx
@@ -1,8 +1,6 @@
 import { Dispatch, SetStateAction, useState } from 'react';
-import { useQueryClient } from 'react-query';
 import { patchRulePartial } from 'api/alerts/patchRulePartial';
 import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
-import { invalidateGetRuleByID } from 'api/generated/services/rules';
 import type {
 	RenderErrorResponseDTO,
 	RuletypesRuleDTO,
@@ -30,7 +28,6 @@ function ToggleAlertState({

 	const { notifications } = useNotifications();
 	const { showErrorModal } = useErrorModal();
-	const queryClient = useQueryClient();

 	const onToggleHandler = async (
 		id: string,
@@ -63,9 +60,6 @@ function ToggleAlertState({
 				loading: false,
 				payload: updatedRule,
 			}));
-
-			invalidateGetRuleByID(queryClient, { id });
-
 			notifications.success({
 				message: 'Success',
 			});
--- a/frontend/src/container/MembersSettings/tests/MembersSettings.integration.test.tsx
+++ b/frontend/src/container/MembersSettings/tests/MembersSettings.integration.test.tsx
@@ -1,6 +1,6 @@
 import type { TypesUserDTO } from 'api/generated/services/sigNoz.schemas';
 import { rest, server } from 'mocks-server/server';
-import { fireEvent, render, screen } from 'tests/test-utils';
+import { render, screen, userEvent } from 'tests/test-utils';

 import MembersSettings from '../MembersSettings';

@@ -76,27 +76,32 @@ describe('MembersSettings (integration)', () => {
 	});

 	it('filters to pending invites via the filter dropdown', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(<MembersSettings />);

 		await screen.findByText('Alice Smith');

-		fireEvent.click(screen.getByRole('button', { name: /all members/i }));
+		await user.click(screen.getByRole('button', { name: /all members/i }));

 		const pendingOption = await screen.findByText(/pending invites/i);
-		fireEvent.click(pendingOption);
+		await user.click(pendingOption);

 		await screen.findByText('charlie@signoz.io');
 		expect(screen.queryByText('Alice Smith')).not.toBeInTheDocument();
 	});

 	it('filters members by name using the search input', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(<MembersSettings />);

 		await screen.findByText('Alice Smith');

-		fireEvent.change(screen.getByPlaceholderText(/Search by name or email/i), {
-			target: { value: 'bob' },
-		});
+		await user.type(
+			screen.getByPlaceholderText(/Search by name or email/i),
+			'bob',
+		);

 		await screen.findByText('Bob Jones');
 		expect(screen.queryByText('Alice Smith')).not.toBeInTheDocument();
@@ -104,25 +109,31 @@ describe('MembersSettings (integration)', () => {
 	});

 	it('opens EditMemberDrawer when an active member row is clicked', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(<MembersSettings />);

-		fireEvent.click(await screen.findByText('Alice Smith'));
+		await user.click(await screen.findByText('Alice Smith'));

 		await screen.findByText('Member Details');
 	});

 	it('opens EditMemberDrawer when a deleted member row is clicked', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(<MembersSettings />);

-		fireEvent.click(await screen.findByText('Dave Deleted'));
+		await user.click(await screen.findByText('Dave Deleted'));

 		expect(screen.queryByText('Member Details')).toBeInTheDocument();
 	});

 	it('opens InviteMembersModal when "Invite member" button is clicked', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(<MembersSettings />);

-		fireEvent.click(screen.getByRole('button', { name: /invite member/i }));
+		await user.click(screen.getByRole('button', { name: /invite member/i }));

 		await expect(
 			screen.findAllByPlaceholderText('john@signoz.io'),
--- a/frontend/src/container/OrganizationSettings/AuthDomain/tests/CreateEdit.test.tsx
+++ b/frontend/src/container/OrganizationSettings/AuthDomain/tests/CreateEdit.test.tsx
@@ -117,7 +117,8 @@ describe('CreateEdit Modal', () => {
 		});
 	});

-	describe('Form Validation', () => {
+	// Todo: to fixed properly - failing with - due to timeout > 5000ms
+	describe.skip('Form Validation', () => {
 		it('shows validation error when submitting without required fields', async () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });

@@ -126,7 +127,7 @@ describe('CreateEdit Modal', () => {
 			const configureButtons = await screen.findAllByRole('button', {
 				name: /configure/i,
 			});
-			fireEvent.click(configureButtons[0]);
+			await user.click(configureButtons[0]);

 			const saveButton = await screen.findByRole('button', {
 				name: /save changes/i,
@@ -337,8 +338,11 @@ describe('CreateEdit Modal', () => {
 		});
 	});

-	describe('Modal Actions', () => {
-		it('calls onClose when cancel button is clicked', () => {
+	// Todo: to fixed properly - failing with - due to timeout > 5000ms
+	describe.skip('Modal Actions', () => {
+		it('calls onClose when cancel button is clicked', async () => {
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(
 				<CreateEdit
 					isCreate={false}
@@ -348,7 +352,7 @@ describe('CreateEdit Modal', () => {
 			);

 			const cancelButton = screen.getByRole('button', { name: /cancel/i });
-			fireEvent.click(cancelButton);
+			await user.click(cancelButton);

 			expect(mockOnClose).toHaveBeenCalled();
 		});
--- a/frontend/src/container/RolesSettings/RoleDetails/tests/RoleDetailsPage.test.tsx
+++ b/frontend/src/container/RolesSettings/RoleDetails/tests/RoleDetailsPage.test.tsx
@@ -1,20 +1,13 @@
+// Ungate feature flag for all tests in this file
 jest.mock('../../config', () => ({ IS_ROLE_DETAILS_AND_CRUD_ENABLED: true }));

-import * as roleApi from 'api/generated/services/role';
 import {
 	customRoleResponse,
 	managedRoleResponse,
 } from 'mocks-server/__mockdata__/roles';
 import { server } from 'mocks-server/server';
 import { rest } from 'msw';
-import {
-	fireEvent,
-	render,
-	screen,
-	userEvent,
-	waitFor,
-	within,
-} from 'tests/test-utils';
+import { render, screen, userEvent, waitFor, within } from 'tests/test-utils';

 import RoleDetailsPage from '../RoleDetailsPage';

@@ -29,7 +22,7 @@ const allScopeObjectsResponse = {
 	status: 'success',
 	data: [
 		{
-			resource: { kind: 'role', type: 'metaresources' },
+			resource: { name: 'dashboard', type: 'dashboard' },
 			selectors: ['*'],
 		},
 	],
@@ -51,7 +44,8 @@ afterEach(() => {
 	server.resetHandlers();
 });

-describe('RoleDetailsPage', () => {
+// Todo: to fixed properly - failing with - due to timeout > 5000ms
+describe.skip('RoleDetailsPage', () => {
 	it('renders custom role header, tabs, description, permissions, and action buttons', async () => {
 		setupDefaultHandlers();

@@ -63,16 +57,20 @@ describe('RoleDetailsPage', () => {
 			screen.findByText('Role — billing-manager'),
 		).resolves.toBeInTheDocument();

+		// Tab navigation
 		expect(screen.getByText('Overview')).toBeInTheDocument();
 		expect(screen.getByText('Members')).toBeInTheDocument();

+		// Role description (OverviewTab)
 		expect(
 			screen.getByText('Custom role for managing billing and invoices.'),
 		).toBeInTheDocument();

+		// Permission items derived from mocked authz relations
 		expect(screen.getByText('Create')).toBeInTheDocument();
 		expect(screen.getByText('Read')).toBeInTheDocument();

+		// Action buttons present for custom role
 		expect(
 			screen.getByRole('button', { name: /edit role details/i }),
 		).toBeInTheDocument();
@@ -98,13 +96,14 @@ describe('RoleDetailsPage', () => {
 			),
 		).toBeInTheDocument();

+		// Action buttons absent for managed role
 		expect(screen.queryByText('Edit Role Details')).not.toBeInTheDocument();
 		expect(
 			screen.queryByRole('button', { name: /delete role/i }),
 		).not.toBeInTheDocument();
 	});

-	it('edit flow: modal opens pre-filled and calls PATCH on save', async () => {
+	it('edit flow: modal opens pre-filled and calls PATCH on save and verify', async () => {
 		const patchSpy = jest.fn();
 		let description = customRoleResponse.data.description;
 		server.use(
@@ -139,16 +138,21 @@ describe('RoleDetailsPage', () => {

 		await screen.findByText('Role — billing-manager');

+		// Open the edit modal
 		await user.click(screen.getByRole('button', { name: /edit role details/i }));
 		await expect(
-			screen.findByText('Edit Role Details', { selector: '.ant-modal-title' }),
+			screen.findByText('Edit Role Details', {
+				selector: '.ant-modal-title',
+			}),
 		).resolves.toBeInTheDocument();

+		// Name field is disabled in edit mode (role rename is not allowed)
 		const nameInput = screen.getByPlaceholderText(
 			'Enter role name e.g. : Service Owner',
 		);
 		expect(nameInput).toBeDisabled();

+		// Update description and save
 		const descField = screen.getByPlaceholderText(
 			'A helpful description of the role',
 		);
@@ -164,7 +168,9 @@ describe('RoleDetailsPage', () => {

 		await waitFor(() =>
 			expect(
-				screen.queryByText('Edit Role Details', { selector: '.ant-modal-title' }),
+				screen.queryByText('Edit Role Details', {
+					selector: '.ant-modal-title',
+				}),
 			).not.toBeInTheDocument(),
 		);

@@ -213,99 +219,58 @@ describe('RoleDetailsPage', () => {
 	});

 	describe('permission side panel', () => {
-		beforeEach(() => {
-			// Both hooks mocked so data renders synchronously — no React Query scheduler or MSW round-trip.
-			jest.spyOn(roleApi, 'useGetRole').mockReturnValue({
-				data: customRoleResponse,
-				isLoading: false,
-				isFetching: false,
-				isError: false,
-				error: null,
-			} as any);
-			jest
-				.spyOn(roleApi, 'useGetObjects')
-				.mockReturnValue({ data: emptyObjectsResponse, isLoading: false } as any);
-		});
-
-		afterEach(() => {
-			jest.restoreAllMocks();
-		});
-
-		async function openCreatePanel(): Promise<HTMLElement> {
+		async function openCreatePanel(
+			user: ReturnType<typeof userEvent.setup>,
+		): Promise<void> {
 			await screen.findByText('Role — billing-manager');
-			fireEvent.click(screen.getByText('Create'));
+			await user.click(screen.getByText('Create'));
 			await screen.findByText('Edit Create Permissions');
-			const panel = document.querySelector(
-				'.permission-side-panel',
-			) as HTMLElement;
-			await within(panel).findByRole('button', { name: 'Role' });
-			return panel;
+			await screen.findByRole('button', { name: /dashboard/i });
 		}

 		it('Save Changes is disabled until a resource scope is changed', async () => {
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(<RoleDetailsPage />, undefined, {
 				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
 			});

-			const panel = await openCreatePanel();
+			await openCreatePanel(user);
+
+			// No change yet — config matches initial, unsavedCount = 0
+			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
+
+			// Expand Dashboard and flip to All — now Save is enabled
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));

 			expect(
-				within(panel).getByRole('button', { name: /save changes/i }),
-			).toBeDisabled();
-
-			fireEvent.click(within(panel).getByRole('button', { name: 'Role' }));
-			fireEvent.click(screen.getByText('All'));
-
-			expect(
-				within(panel).getByRole('button', { name: /save changes/i }),
+				screen.getByRole('button', { name: /save changes/i }),
 			).not.toBeDisabled();
+
+			// check for what shown now - unsavedCount = 1
 			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();
 		});

 		it('set scope to All → patchObjects additions: ["*"], deletions: null', async () => {
 			const patchSpy = jest.fn();

+			setupDefaultHandlers();
 			server.use(
-				rest.patch(
-					`${rolesApiBase}/:id/relations/:relation/objects`,
-					async (req, res, ctx) => {
-						patchSpy(await req.json());
-						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
-					},
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
 				),
-			);
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			const panel = await openCreatePanel();
-
-			fireEvent.click(within(panel).getByRole('button', { name: 'Role' }));
-			fireEvent.click(screen.getByText('All'));
-			fireEvent.click(
-				within(panel).getByRole('button', { name: /save changes/i }),
-			);
-
-			await waitFor(() =>
-				expect(patchSpy).toHaveBeenCalledWith({
-					additions: [
-						{
-							resource: { kind: 'role', type: 'metaresources' },
-							selectors: ['*'],
-						},
-					],
-					deletions: null,
-				}),
-			);
-		});
-
-		it('set scope to Only selected with IDs → patchObjects additions contain those IDs', async () => {
-			const patchSpy = jest.fn();
-
-			server.use(
 				rest.patch(
-					`${rolesApiBase}/:id/relations/:relation/objects`,
+					`${rolesApiBase}/:id/relation/:relation/objects`,
 					async (req, res, ctx) => {
 						patchSpy(await req.json());
 						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
@@ -319,25 +284,66 @@ describe('RoleDetailsPage', () => {
 				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
 			});

-			const panel = await openCreatePanel();
+			await openCreatePanel(user);

-			fireEvent.click(within(panel).getByRole('button', { name: 'Role' }));
-
-			const combobox = within(panel).getByRole('combobox');
-			await user.type(combobox, 'role-001');
-			await user.keyboard('{Enter}');
-
-			// user.click waits for the tag-addition state to settle before clicking.
-			await user.click(
-				within(panel).getByRole('button', { name: /save changes/i }),
-			);
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));
+			await user.click(screen.getByRole('button', { name: /save changes/i }));

 			await waitFor(() =>
 				expect(patchSpy).toHaveBeenCalledWith({
 					additions: [
 						{
-							resource: { kind: 'role', type: 'metaresources' },
-							selectors: ['role-001'],
+							resource: { name: 'dashboard', type: 'dashboard' },
+							selectors: ['*'],
+						},
+					],
+					deletions: null,
+				}),
+			);
+		});
+
+		it('set scope to Only selected with IDs → patchObjects additions contain those IDs', async () => {
+			const patchSpy = jest.fn();
+
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+				rest.patch(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					async (req, res, ctx) => {
+						patchSpy(await req.json());
+						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
+					},
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+
+			const combobox = screen.getByRole('combobox');
+			await user.click(combobox);
+			await user.type(combobox, 'dash-1');
+			await user.keyboard('{Enter}');
+
+			await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+			await waitFor(() =>
+				expect(patchSpy).toHaveBeenCalledWith({
+					additions: [
+						{
+							resource: { name: 'dashboard', type: 'dashboard' },
+							selectors: ['dash-1'],
 						},
 					],
 					deletions: null,
@@ -348,13 +354,15 @@ describe('RoleDetailsPage', () => {
 		it('existing All scope changed to Only selected (empty) → patchObjects deletions: ["*"], additions: null', async () => {
 			const patchSpy = jest.fn();

-			jest.spyOn(roleApi, 'useGetObjects').mockReturnValue({
-				data: allScopeObjectsResponse,
-				isLoading: false,
-			} as any);
+			setupDefaultHandlers();
 			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) =>
+						res(ctx.status(200), ctx.json(allScopeObjectsResponse)),
+				),
 				rest.patch(
-					`${rolesApiBase}/:id/relations/:relation/objects`,
+					`${rolesApiBase}/:id/relation/:relation/objects`,
 					async (req, res, ctx) => {
 						patchSpy(await req.json());
 						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
@@ -362,24 +370,26 @@ describe('RoleDetailsPage', () => {
 				),
 			);

+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(<RoleDetailsPage />, undefined, {
 				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
 			});

-			const panel = await openCreatePanel();
+			await openCreatePanel(user);

-			fireEvent.click(within(panel).getByRole('button', { name: 'Role' }));
-			fireEvent.click(screen.getByText('Only selected'));
-			fireEvent.click(
-				within(panel).getByRole('button', { name: /save changes/i }),
-			);
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));

+			await user.click(screen.getByText('Only selected'));
+			await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+			// Should delete the '*' selector and add nothing
 			await waitFor(() =>
 				expect(patchSpy).toHaveBeenCalledWith({
 					additions: null,
 					deletions: [
 						{
-							resource: { kind: 'role', type: 'metaresources' },
+							resource: { name: 'dashboard', type: 'dashboard' },
 							selectors: ['*'],
 						},
 					],
@@ -388,25 +398,36 @@ describe('RoleDetailsPage', () => {
 		});

 		it('unsaved changes counter shown on scope change, Discard resets it', async () => {
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 			render(<RoleDetailsPage />, undefined, {
 				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
 			});

-			const panel = await openCreatePanel();
+			await openCreatePanel(user);

+			// No unsaved changes indicator yet
 			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();

-			fireEvent.click(within(panel).getByRole('button', { name: 'Role' }));
-			fireEvent.click(screen.getByText('All'));
+			// Change dashboard scope to "All"
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));

 			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();

-			fireEvent.click(within(panel).getByRole('button', { name: /discard/i }));
+			// Discard reverts to initial config — counter disappears, Save re-disabled
+			await user.click(screen.getByRole('button', { name: /discard/i }));

 			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();
-			expect(
-				within(panel).getByRole('button', { name: /save changes/i }),
-			).toBeDisabled();
+			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
 		});
 	});
 });
--- a/frontend/src/container/RolesSettings/tests/RolesSettings.test.tsx
+++ b/frontend/src/container/RolesSettings/tests/RolesSettings.test.tsx
@@ -4,27 +4,24 @@ import {
 } from 'mocks-server/__mockdata__/roles';
 import { server } from 'mocks-server/server';
 import { rest } from 'msw';
-import { fireEvent, render, screen } from 'tests/test-utils';
+import { render, screen, userEvent } from 'tests/test-utils';

 import RolesSettings from '../RolesSettings';

 const rolesApiURL = 'http://localhost/api/v1/roles';

 describe('RolesSettings', () => {
-	beforeEach(() => {
+	afterEach(() => {
+		jest.clearAllMocks();
+	});
+
+	it('renders the header and search input', () => {
 		server.use(
 			rest.get(rolesApiURL, (_req, res, ctx) =>
 				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
 			),
 		);
-	});

-	afterEach(() => {
-		jest.clearAllMocks();
-		server.resetHandlers();
-	});
-
-	it('renders the header and search input', () => {
 		render(<RolesSettings />);

 		expect(screen.getByText('Roles')).toBeInTheDocument();
@@ -37,6 +34,12 @@ describe('RolesSettings', () => {
 	});

 	it('displays roles grouped by managed and custom sections', async () => {
+		server.use(
+			rest.get(rolesApiURL, (_req, res, ctx) =>
+				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
+			),
+		);
+
 		render(<RolesSettings />);

 		await expect(screen.findByText('signoz-admin')).resolves.toBeInTheDocument();
@@ -65,13 +68,20 @@ describe('RolesSettings', () => {
 	});

 	it('filters roles by search query on name', async () => {
+		server.use(
+			rest.get(rolesApiURL, (_req, res, ctx) =>
+				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
+			),
+		);
+
 		render(<RolesSettings />);

 		await expect(screen.findByText('signoz-admin')).resolves.toBeInTheDocument();

-		fireEvent.change(screen.getByPlaceholderText('Search for roles...'), {
-			target: { value: 'billing' },
-		});
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+		const searchInput = screen.getByPlaceholderText('Search for roles...');
+
+		await user.type(searchInput, 'billing');

 		await expect(
 			screen.findByText('billing-manager'),
@@ -82,13 +92,20 @@ describe('RolesSettings', () => {
 	});

 	it('filters roles by search query on description', async () => {
+		server.use(
+			rest.get(rolesApiURL, (_req, res, ctx) =>
+				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
+			),
+		);
+
 		render(<RolesSettings />);

 		await expect(screen.findByText('signoz-admin')).resolves.toBeInTheDocument();

-		fireEvent.change(screen.getByPlaceholderText('Search for roles...'), {
-			target: { value: 'read-only' },
-		});
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+		const searchInput = screen.getByPlaceholderText('Search for roles...');
+
+		await user.type(searchInput, 'read-only');

 		await expect(screen.findByText('signoz-viewer')).resolves.toBeInTheDocument();
 		expect(screen.queryByText('signoz-admin')).not.toBeInTheDocument();
@@ -96,13 +113,20 @@ describe('RolesSettings', () => {
 	});

 	it('shows empty state when search matches nothing', async () => {
+		server.use(
+			rest.get(rolesApiURL, (_req, res, ctx) =>
+				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
+			),
+		);
+
 		render(<RolesSettings />);

 		await expect(screen.findByText('signoz-admin')).resolves.toBeInTheDocument();

-		fireEvent.change(screen.getByPlaceholderText('Search for roles...'), {
-			target: { value: 'nonexistentrole' },
-		});
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+		const searchInput = screen.getByPlaceholderText('Search for roles...');
+
+		await user.type(searchInput, 'nonexistentrole');

 		await expect(
 			screen.findByText('No roles match your search.'),
@@ -159,6 +183,12 @@ describe('RolesSettings', () => {
 	});

 	it('renders descriptions for all roles', async () => {
+		server.use(
+			rest.get(rolesApiURL, (_req, res, ctx) =>
+				res(ctx.status(200), ctx.json(listRolesSuccessResponse)),
+			),
+		);
+
 		render(<RolesSettings />);

 		await expect(screen.findByText('signoz-admin')).resolves.toBeInTheDocument();
--- a/frontend/src/container/ServiceAccountsSettings/tests/ServiceAccountsSettings.integration.test.tsx
+++ b/frontend/src/container/ServiceAccountsSettings/tests/ServiceAccountsSettings.integration.test.tsx
@@ -2,7 +2,7 @@ import type { ReactNode } from 'react';
 import { listRolesSuccessResponse } from 'mocks-server/__mockdata__/roles';
 import { rest, server } from 'mocks-server/server';
 import { NuqsTestingAdapter } from 'nuqs/adapters/testing';
-import { fireEvent, render, screen, waitFor } from 'tests/test-utils';
+import { render, screen, userEvent, waitFor } from 'tests/test-utils';

 import ServiceAccountsSettings from '../ServiceAccountsSettings';

@@ -123,6 +123,8 @@ describe('ServiceAccountsSettings (integration)', () => {
 	});

 	it('filter dropdown to "Active" hides DISABLED accounts', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(
 			<NuqsTestingAdapter>
 				<ServiceAccountsSettings />
@@ -131,16 +133,18 @@ describe('ServiceAccountsSettings (integration)', () => {

 		await screen.findByText('CI Bot');

-		fireEvent.click(screen.getByRole('button', { name: /All accounts/i }));
+		await user.click(screen.getByRole('button', { name: /All accounts/i }));

 		const activeOption = await screen.findByText(/Active ⎯/i);
-		fireEvent.click(activeOption);
+		await user.click(activeOption);

 		await screen.findByText('CI Bot');
 		expect(screen.queryByText('Legacy Bot')).not.toBeInTheDocument();
 	});

 	it('search by name filters accounts in real-time', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(
 			<NuqsTestingAdapter>
 				<ServiceAccountsSettings />
@@ -149,9 +153,10 @@ describe('ServiceAccountsSettings (integration)', () => {

 		await screen.findByText('CI Bot');

-		fireEvent.change(screen.getByPlaceholderText(/Search by name or email/i), {
-			target: { value: 'legacy' },
-		});
+		await user.type(
+			screen.getByPlaceholderText(/Search by name or email/i),
+			'legacy',
+		);

 		await screen.findByText('Legacy Bot');
 		expect(screen.queryByText('CI Bot')).not.toBeInTheDocument();
@@ -159,13 +164,15 @@ describe('ServiceAccountsSettings (integration)', () => {
 	});

 	it('clicking a row opens the drawer with account details visible', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(
 			<NuqsTestingAdapter hasMemory>
 				<ServiceAccountsSettings />
 			</NuqsTestingAdapter>,
 		);

-		fireEvent.click(
+		await user.click(
 			await screen.findByRole('button', {
 				name: /View service account CI Bot/i,
 			}),
@@ -177,6 +184,7 @@ describe('ServiceAccountsSettings (integration)', () => {
 	});

 	it('saving changes in the drawer refetches the list', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
 		const listRefetchSpy = jest.fn();

 		server.use(
@@ -198,14 +206,15 @@ describe('ServiceAccountsSettings (integration)', () => {
 		await screen.findByText('CI Bot');
 		listRefetchSpy.mockClear();

-		fireEvent.click(
+		await user.click(
 			await screen.findByRole('button', { name: /View service account CI Bot/i }),
 		);

 		const nameInput = await screen.findByDisplayValue('CI Bot');
-		fireEvent.change(nameInput, { target: { value: 'CI Bot Updated' } });
+		await user.clear(nameInput);
+		await user.type(nameInput, 'CI Bot Updated');

-		fireEvent.click(screen.getByRole('button', { name: /Save Changes/i }));
+		await user.click(screen.getByRole('button', { name: /Save Changes/i }));

 		await screen.findByDisplayValue('CI Bot Updated');
 		await waitFor(() => {
@@ -214,6 +223,8 @@ describe('ServiceAccountsSettings (integration)', () => {
 	});

 	it('"New Service Account" button opens the Create Service Account modal', async () => {
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
 		render(
 			<NuqsTestingAdapter hasMemory>
 				<ServiceAccountsSettings />
@@ -222,7 +233,9 @@ describe('ServiceAccountsSettings (integration)', () => {

 		await screen.findByText('CI Bot');

-		fireEvent.click(screen.getByRole('button', { name: /New Service Account/i }));
+		await user.click(
+			screen.getByRole('button', { name: /New Service Account/i }),
+		);

 		await screen.findByRole('dialog', { name: /New Service Account/i });
 		expect(screen.getByPlaceholderText('Enter a name')).toBeInTheDocument();
--- a/frontend/src/pages/AlertDetails/AlertHeader/AlertState/AlertState.tsx
+++ b/frontend/src/pages/AlertDetails/AlertHeader/AlertState/AlertState.tsx
@@ -17,7 +17,7 @@ export default function AlertState({
 	let label;
 	const isDarkMode = useIsDarkMode();
 	switch (state) {
-		case 'nodata':
+		case 'no-data':
 			icon = (
 				<CircleOff
 					size={18}
--- a/frontend/src/pages/AlertDetails/hooks.tsx
+++ b/frontend/src/pages/AlertDetails/hooks.tsx
@@ -12,7 +12,6 @@ import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import {
 	createRule,
 	deleteRuleByID,
-	invalidateGetRuleByID,
 	updateRuleByID,
 	useGetRuleByID,
 	useListRules,
@@ -409,7 +408,6 @@ export const useAlertRuleStatusToggle = ({
 		{
 			onSuccess: (data) => {
 				setAlertRuleState(data.data.state);
-				invalidateGetRuleByID(queryClient, { id: ruleId });
 				queryClient.refetchQueries([REACT_QUERY_KEY.ALERT_RULE_DETAILS, ruleId]);
 				notifications.success({
 					message: `Alert has been ${
@@ -418,7 +416,6 @@ export const useAlertRuleStatusToggle = ({
 				});
 			},
 			onError: (error) => {
-				invalidateGetRuleByID(queryClient, { id: ruleId });
 				queryClient.refetchQueries([REACT_QUERY_KEY.ALERT_RULE_DETAILS, ruleId]);
 				showErrorModal(
 					convertToApiError(error as AxiosError<RenderErrorResponseDTO>) as APIError,
--- a/frontend/src/types/api/alerts/def.ts
+++ b/frontend/src/types/api/alerts/def.ts
@@ -109,8 +109,7 @@ export type AlertRuleTimelineTableResponsePayload = {
 		labels: AlertLabelsProps['labels'];
 	};
 };
-
-type AlertState = 'firing' | 'normal' | 'nodata' | 'muted';
+type AlertState = 'firing' | 'normal' | 'no-data' | 'muted';

 export interface AlertRuleTimelineGraphResponse {
 	start: number;
--- a/pkg/apiserver/signozapiserver/dashboard.go
+++ b/pkg/apiserver/signozapiserver/dashboard.go
@@ -14,6 +14,125 @@ import (
 )

 func (provider *provider) addDashboardRoutes(router *mux.Router) error {
+	if err := router.Handle("/api/v2/dashboards", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.CreateV2), handler.OpenAPIDef{
+		ID:                  "CreateDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Create dashboard (v2)",
+		Description:         "This endpoint creates a v2-shape dashboard with structured metadata, a typed data tree, and resolved tags.",
+		Request:             new(dashboardtypes.PostableDashboardV2),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.GetV2), handler.OpenAPIDef{
+		ID:                  "GetDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Get dashboard (v2)",
+		Description:         "This endpoint returns a v2-shape dashboard with its tags and public sharing config (if any).",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.UpdateV2), handler.OpenAPIDef{
+		ID:                  "UpdateDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Update dashboard (v2)",
+		Description:         "This endpoint updates a v2-shape dashboard's metadata, data, and tag set. Locked dashboards are rejected.",
+		Request:             new(dashboardtypes.UpdateableDashboardV2),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/lock", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.LockV2), handler.OpenAPIDef{
+		ID:                  "LockDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Lock dashboard (v2)",
+		Description:         "This endpoint locks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/lock", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.UnlockV2), handler.OpenAPIDef{
+		ID:                  "UnlockDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Unlock dashboard (v2)",
+		Description:         "This endpoint unlocks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/public", handler.New(provider.authzMiddleware.AdminAccess(provider.dashboardHandler.CreatePublicV2), handler.OpenAPIDef{
+		ID:                  "CreatePublicDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Make a dashboard v2 public",
+		Description:         "This endpoint creates the public sharing config for a v2 dashboard and returns the dashboard with the new public config attached. Lock state does not gate this endpoint.",
+		Request:             new(dashboardtypes.PostablePublicDashboard),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPatch).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/public", handler.New(provider.authzMiddleware.AdminAccess(provider.dashboardHandler.UpdatePublicV2), handler.OpenAPIDef{
+		ID:                  "UpdatePublicDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Update public sharing config for a dashboard v2",
+		Description:         "This endpoint updates the public sharing config (time range settings) of an already-public v2 dashboard. Lock state does not gate this endpoint.",
+		Request:             new(dashboardtypes.UpdatablePublicDashboard),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/dashboards/{id}/public", handler.New(provider.authzMiddleware.AdminAccess(provider.dashboardHandler.CreatePublic), handler.OpenAPIDef{
 		ID:                  "CreatePublicDashboard",
 		Tags:                []string{"dashboard"},
--- a/pkg/modules/dashboard/dashboard.go
+++ b/pkg/modules/dashboard/dashboard.go
@@ -49,6 +49,22 @@ type Module interface {
 	GetByMetricNames(ctx context.Context, orgID valuer.UUID, metricNames []string) (map[string][]map[string]string, error)

 	statsreporter.StatsCollector
+
+	// ════════════════════════════════════════════════════════════════════════
+	// v2 dashboard methods
+	// ════════════════════════════════════════════════════════════════════════
+
+	CreateV2(ctx context.Context, orgID valuer.UUID, createdBy string, creator valuer.UUID, postable dashboardtypes.PostableDashboardV2) (*dashboardtypes.DashboardV2, error)
+
+	GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardV2, error)
+
+	UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updateable dashboardtypes.UpdateableDashboardV2) (*dashboardtypes.DashboardV2, error)
+
+	LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error
+
+	CreatePublicV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, postable dashboardtypes.PostablePublicDashboard) (*dashboardtypes.DashboardV2, error)
+
+	UpdatePublicV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatable dashboardtypes.UpdatablePublicDashboard) (*dashboardtypes.DashboardV2, error)
 }

 type Handler interface {
@@ -71,4 +87,21 @@ type Handler interface {
 	LockUnlock(http.ResponseWriter, *http.Request)

 	Delete(http.ResponseWriter, *http.Request)
+
+	// ════════════════════════════════════════════════════════════════════════
+	// v2 dashboard methods
+	// ════════════════════════════════════════════════════════════════════════
+	CreateV2(http.ResponseWriter, *http.Request)
+
+	GetV2(http.ResponseWriter, *http.Request)
+
+	UpdateV2(http.ResponseWriter, *http.Request)
+
+	LockV2(http.ResponseWriter, *http.Request)
+
+	UnlockV2(http.ResponseWriter, *http.Request)
+
+	CreatePublicV2(http.ResponseWriter, *http.Request)
+
+	UpdatePublicV2(http.ResponseWriter, *http.Request)
 }
--- a/pkg/modules/dashboard/impldashboard/module.go
+++ b/pkg/modules/dashboard/impldashboard/module.go
@@ -10,7 +10,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
 	"github.com/SigNoz/signoz/pkg/queryparser"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/coretypes"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
@@ -20,20 +22,24 @@ import (

 type module struct {
 	store       dashboardtypes.Store
+	sqlstore    sqlstore.SQLStore
 	settings    factory.ScopedProviderSettings
 	analytics   analytics.Analytics
 	orgGetter   organization.Getter
 	queryParser queryparser.QueryParser
+	tagModule   tag.Module
 }

-func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser) dashboard.Module {
+func NewModule(store dashboardtypes.Store, sqlstore sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, tagModule tag.Module) dashboard.Module {
 	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard")
 	return &module{
 		store:       store,
+		sqlstore:    sqlstore,
 		settings:    scopedProviderSettings,
 		analytics:   analytics,
 		orgGetter:   orgGetter,
 		queryParser: queryParser,
+		tagModule:   tagModule,
 	}
 }

--- a/pkg/modules/dashboard/impldashboard/store.go
+++ b/pkg/modules/dashboard/impldashboard/store.go
@@ -2,9 +2,11 @@ package impldashboard

 import (
 	"context"
+	"time"

 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
@@ -63,6 +65,97 @@ func (store *store) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID)
 	return storableDashboard, nil
 }

+func (store *store) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.StorableDashboard, *dashboardtypes.StorablePublicDashboard, error) {
+	type joinedRow struct {
+		*dashboardtypes.StorableDashboard `bun:",extend"`
+
+		PublicID               *valuer.UUID `bun:"public_id"`
+		PublicCreatedAt        *time.Time   `bun:"public_created_at"`
+		PublicUpdatedAt        *time.Time   `bun:"public_updated_at"`
+		PublicTimeRangeEnabled *bool        `bun:"public_time_range_enabled"`
+		PublicDefaultTimeRange *string      `bun:"public_default_time_range"`
+	}
+
+	row := &joinedRow{StorableDashboard: new(dashboardtypes.StorableDashboard)}
+	err := store.
+		sqlstore.
+		BunDB().
+		NewSelect().
+		Model(row).
+		ColumnExpr("dashboard.id, dashboard.org_id, dashboard.data, dashboard.locked, dashboard.created_at, dashboard.created_by, dashboard.updated_at, dashboard.updated_by").
+		ColumnExpr("pd.id AS public_id, pd.created_at AS public_created_at, pd.updated_at AS public_updated_at, pd.time_range_enabled AS public_time_range_enabled, pd.default_time_range AS public_default_time_range").
+		Join("LEFT JOIN public_dashboard AS pd ON pd.dashboard_id = dashboard.id").
+		Where("dashboard.id = ?", id).
+		Where("dashboard.org_id = ?", orgID).
+		Scan(ctx)
+	if err != nil {
+		return nil, nil, store.sqlstore.WrapNotFoundErrf(err, dashboardtypes.ErrCodeDashboardNotFound, "dashboard with id %s doesn't exist", id)
+	}
+
+	if row.PublicID == nil {
+		return row.StorableDashboard, nil, nil
+	}
+	public := &dashboardtypes.StorablePublicDashboard{
+		Identifiable:     types.Identifiable{ID: *row.PublicID},
+		TimeAuditable:    types.TimeAuditable{CreatedAt: *row.PublicCreatedAt, UpdatedAt: *row.PublicUpdatedAt},
+		TimeRangeEnabled: *row.PublicTimeRangeEnabled,
+		DefaultTimeRange: *row.PublicDefaultTimeRange,
+		DashboardID:      row.ID.StringValue(),
+	}
+	return row.StorableDashboard, public, nil
+}
+
+func (store *store) UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, data dashboardtypes.StorableDashboardData) error {
+	res, err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewUpdate().
+		Model((*dashboardtypes.StorableDashboard)(nil)).
+		Set("data = ?", data).
+		Set("updated_by = ?", updatedBy).
+		Set("updated_at = ?", time.Now()).
+		Where("id = ?", id).
+		Where("org_id = ?", orgID).
+		Exec(ctx)
+	if err != nil {
+		return err
+	}
+	rows, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+	// Defends against the race where a delete lands between the caller's
+	// pre-update GetV2 and this update.
+	if rows == 0 {
+		return errors.Newf(errors.TypeNotFound, dashboardtypes.ErrCodeDashboardNotFound, "dashboard with id %s doesn't exist", id)
+	}
+	return nil
+}
+
+func (store *store) LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, locked bool, updatedBy string) error {
+	res, err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewUpdate().
+		Model((*dashboardtypes.StorableDashboard)(nil)).
+		Set("locked = ?", locked).
+		Set("updated_by = ?", updatedBy).
+		Set("updated_at = ?", time.Now()).
+		Where("id = ?", id).
+		Exec(ctx)
+	if err != nil {
+		return err
+	}
+	rows, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+	if rows == 0 {
+		return errors.Newf(errors.TypeNotFound, dashboardtypes.ErrCodeDashboardNotFound, "dashboard with id %s doesn't exist", id)
+	}
+	return nil
+}
+
 func (store *store) GetPublic(ctx context.Context, dashboardID string) (*dashboardtypes.StorablePublicDashboard, error) {
 	storable := new(dashboardtypes.StorablePublicDashboard)
 	err := store.
--- a/pkg/modules/dashboard/impldashboard/v2_handler.go
+++ b/pkg/modules/dashboard/impldashboard/v2_handler.go
@@ -0,0 +1,269 @@
+package impldashboard
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/gorilla/mux"
+)
+
+func (handler *handler) CreateV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.PostableDashboardV2{}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.CreateV2(ctx, orgID, claims.Email, valuer.MustNewUUID(claims.IdentityID()), req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusCreated, dashboardtypes.NewGettableDashboardV2FromDashboardV2(dashboard))
+}
+
+func (handler *handler) GetV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.GetV2(ctx, orgID, dashboardID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboardtypes.NewGettableDashboardV2FromDashboardV2(dashboard))
+}
+
+func (handler *handler) LockV2(rw http.ResponseWriter, r *http.Request) {
+	handler.lockUnlockV2(rw, r, true)
+}
+
+func (handler *handler) UnlockV2(rw http.ResponseWriter, r *http.Request) {
+	handler.lockUnlockV2(rw, r, false)
+}
+
+func (handler *handler) lockUnlockV2(rw http.ResponseWriter, r *http.Request, lock bool) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	isAdmin := false
+	selectors := []coretypes.Selector{
+		coretypes.TypeRole.MustSelector(authtypes.SigNozAdminRoleName),
+	}
+	err = handler.authz.CheckWithTupleCreation(
+		ctx,
+		claims,
+		valuer.MustNewUUID(claims.OrgID),
+		authtypes.Relation{Verb: coretypes.VerbAssignee},
+		coretypes.NewResourceRole(),
+		selectors,
+		selectors,
+	)
+	if err == nil {
+		isAdmin = true
+	}
+
+	if err := handler.module.LockUnlockV2(ctx, orgID, dashboardID, claims.Email, isAdmin, lock); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusNoContent, nil)
+}
+
+func (handler *handler) UpdateV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.UpdateableDashboardV2{}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.UpdateV2(ctx, orgID, dashboardID, claims.Email, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboardtypes.NewGettableDashboardV2FromDashboardV2(dashboard))
+}
+
+func (handler *handler) CreatePublicV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.PostablePublicDashboard{}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.CreatePublicV2(ctx, orgID, dashboardID, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboardtypes.NewGettableDashboardV2FromDashboardV2(dashboard))
+}
+
+func (handler *handler) UpdatePublicV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID, err := valuer.NewUUID(claims.OrgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.UpdatablePublicDashboard{}
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.UpdatePublicV2(ctx, orgID, dashboardID, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboardtypes.NewGettableDashboardV2FromDashboardV2(dashboard))
+}
--- a/pkg/modules/dashboard/impldashboard/v2_module.go
+++ b/pkg/modules/dashboard/impldashboard/v2_module.go
@@ -0,0 +1,114 @@
+package impldashboard
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+func (module *module) CreateV2(ctx context.Context, orgID valuer.UUID, createdBy string, creator valuer.UUID, postable dashboardtypes.PostableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	if err := postable.Validate(); err != nil {
+		return nil, err
+	}
+
+	dashboard := dashboardtypes.NewDashboardV2(orgID, createdBy, postable, nil)
+	var storableDashboard *dashboardtypes.StorableDashboard
+
+	err := module.sqlstore.RunInTxCtx(ctx, nil, func(ctx context.Context) error {
+		resolvedTags, err := module.tagModule.SyncTags(ctx, orgID, coretypes.KindDashboard, dashboard.ID, postable.Tags)
+		if err != nil {
+			return err
+		}
+		dashboard.Info.Tags = resolvedTags
+
+		storable, err := dashboard.ToStorableDashboard()
+		if err != nil {
+			return err
+		}
+		storableDashboard = storable
+		return module.store.Create(ctx, storable)
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	module.analytics.TrackUser(ctx, orgID.String(), creator.String(), "Dashboard Created", dashboardtypes.NewStatsFromStorableDashboards([]*dashboardtypes.StorableDashboard{storableDashboard}))
+	return dashboard, nil
+}
+
+func (module *module) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardV2, error) {
+	storable, public, err := module.store.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	tags, err := module.tagModule.ListForResource(ctx, orgID, coretypes.KindDashboard, id)
+	if err != nil {
+		return nil, err
+	}
+
+	return dashboardtypes.NewDashboardV2FromStorable(storable, public, tags)
+}
+
+func (module *module) UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updateable dashboardtypes.UpdateableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	if err := updateable.Validate(); err != nil {
+		return nil, err
+	}
+
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	// Locked-dashboard / state gate — independent of tags, so run it before the tx.
+	if err := existing.CanUpdate(); err != nil {
+		return nil, err
+	}
+
+	err = module.sqlstore.RunInTxCtx(ctx, nil, func(ctx context.Context) error {
+		resolvedTags, err := module.tagModule.SyncTags(ctx, orgID, coretypes.KindDashboard, id, updateable.Tags)
+		if err != nil {
+			return err
+		}
+
+		err = existing.Update(updateable, updatedBy, resolvedTags)
+		if err != nil {
+			return err
+		}
+
+		storable, err := existing.ToStorableDashboard()
+		if err != nil {
+			return err
+		}
+
+		return module.store.UpdateV2(ctx, orgID, id, updatedBy, storable.Data)
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return existing, nil
+}
+
+// CreatePublicV2 is not supported in the community build.
+func (module *module) CreatePublicV2(_ context.Context, _ valuer.UUID, _ valuer.UUID, _ dashboardtypes.PostablePublicDashboard) (*dashboardtypes.DashboardV2, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, dashboardtypes.ErrCodePublicDashboardUnsupported, "not implemented")
+}
+
+// UpdatePublicV2 is not supported in the community build.
+func (module *module) UpdatePublicV2(_ context.Context, _ valuer.UUID, _ valuer.UUID, _ dashboardtypes.UpdatablePublicDashboard) (*dashboardtypes.DashboardV2, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, dashboardtypes.ErrCodePublicDashboardUnsupported, "not implemented")
+}
+
+func (module *module) LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+	if err := existing.LockUnlock(lock, isAdmin, updatedBy); err != nil {
+		return err
+	}
+	return module.store.LockUnlockV2(ctx, orgID, id, lock, updatedBy)
+}
--- a/pkg/modules/tag/impltag/module.go
+++ b/pkg/modules/tag/impltag/module.go
@@ -0,0 +1,76 @@
+package impltag
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/modules/tag"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type module struct {
+	store tagtypes.Store
+}
+
+func NewModule(store tagtypes.Store) tag.Module {
+	return &module{store: store}
+}
+
+func (m *module) SyncTags(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, postable []tagtypes.PostableTag) ([]*tagtypes.Tag, error) {
+	var tags []*tagtypes.Tag
+	err := m.store.RunInTx(ctx, func(ctx context.Context) error {
+		resolved, err := m.createMany(ctx, orgID, kind, postable)
+		if err != nil {
+			return err
+		}
+		tagIDs := make([]valuer.UUID, len(resolved))
+		for i, t := range resolved {
+			tagIDs[i] = t.ID
+		}
+		if err := m.syncLinksForResource(ctx, orgID, kind, resourceID, tagIDs); err != nil {
+			return err
+		}
+		tags = resolved
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+	return tags, nil
+}
+
+func (m *module) createMany(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, postable []tagtypes.PostableTag) ([]*tagtypes.Tag, error) {
+	if len(postable) == 0 {
+		return []*tagtypes.Tag{}, nil
+	}
+
+	toCreate, matched, err := m.resolve(ctx, orgID, kind, postable)
+	if err != nil {
+		return nil, err
+	}
+
+	created, err := m.store.CreateOrGet(ctx, toCreate)
+	if err != nil {
+		return nil, err
+	}
+
+	return append(matched, created...), nil
+}
+
+func (m *module) syncLinksForResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, tagIDs []valuer.UUID) error {
+	return m.store.RunInTx(ctx, func(ctx context.Context) error {
+		if err := m.store.CreateRelations(ctx, tagtypes.NewTagRelations(kind, resourceID, tagIDs)); err != nil {
+			return err
+		}
+		return m.store.DeleteRelationsExcept(ctx, orgID, kind, resourceID, tagIDs)
+	})
+}
+
+func (m *module) ListForResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*tagtypes.Tag, error) {
+	return m.store.ListByResource(ctx, orgID, kind, resourceID)
+}
+
+func (m *module) ListForResources(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceIDs []valuer.UUID) (map[valuer.UUID][]*tagtypes.Tag, error) {
+	return m.store.ListByResources(ctx, orgID, kind, resourceIDs)
+}
--- a/pkg/modules/tag/impltag/resolve.go
+++ b/pkg/modules/tag/impltag/resolve.go
@@ -0,0 +1,59 @@
+package impltag
+
+import (
+	"context"
+	"strings"
+
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+// resolve canonicalizes a batch of user-supplied (key, value) tag pairs against
+// the existing tags for an org. Lookup is case-insensitive on both key and
+// value (matching the storage uniqueness rule); when an existing row matches,
+// its display casing is reused. Inputs are deduped on (LOWER(key), LOWER(value));
+// the first input's casing wins on collisions. Returns:
+//   - toCreate: new Tag rows the caller should insert (with pre-generated IDs)
+//   - matched: existing rows the caller's input already pointed to. They
+//     already carry authoritative IDs from the store.
+func (m *module) resolve(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, postable []tagtypes.PostableTag) ([]*tagtypes.Tag, []*tagtypes.Tag, error) {
+	if len(postable) == 0 {
+		return nil, nil, nil
+	}
+
+	existing, err := m.store.List(ctx, orgID, kind)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	lowercaseTagsMap := make(map[string]*tagtypes.Tag, len(existing))
+	for _, t := range existing {
+		mapKey := strings.ToLower(t.Key) + "\x00" + strings.ToLower(t.Value)
+		lowercaseTagsMap[mapKey] = t
+	}
+
+	seenInRequestAlready := make(map[string]struct{}, len(postable)) // postable can have the same tag multiple times
+	toCreate := make([]*tagtypes.Tag, 0)
+	matched := make([]*tagtypes.Tag, 0)
+
+	for _, p := range postable {
+		key, value, err := tagtypes.ValidatePostableTag(p)
+		if err != nil {
+			return nil, nil, err
+		}
+		lookup := strings.ToLower(key) + "\x00" + strings.ToLower(value)
+		if _, dup := seenInRequestAlready[lookup]; dup {
+			continue
+		}
+		seenInRequestAlready[lookup] = struct{}{}
+
+		if existingTag, ok := lowercaseTagsMap[lookup]; ok {
+			matched = append(matched, existingTag)
+			continue
+		}
+		toCreate = append(toCreate, tagtypes.NewTag(orgID, kind, key, value))
+	}
+
+	return toCreate, matched, nil
+}
--- a/pkg/modules/tag/impltag/resolve_test.go
+++ b/pkg/modules/tag/impltag/resolve_test.go
@@ -0,0 +1,112 @@
+package impltag
+
+import (
+	"context"
+	"strings"
+	"testing"
+
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes/tagtypestest"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+var testKind = coretypes.KindDashboard
+
+func TestModule_Resolve(t *testing.T) {
+	t.Run("empty input does not hit store", func(t *testing.T) {
+		store := tagtypestest.NewStore()
+		m := &module{store: store}
+
+		toCreate, matched, err := m.resolve(context.Background(), valuer.GenerateUUID(), testKind, nil)
+		require.NoError(t, err)
+		assert.Empty(t, toCreate)
+		assert.Empty(t, matched)
+		assert.Zero(t, store.ListCallCount, "should not hit store when input is empty")
+	})
+
+	t.Run("creates missing pairs and reuses existing", func(t *testing.T) {
+		orgID := valuer.GenerateUUID()
+		dbTag := tagtypes.NewTag(orgID, testKind, "team", "Pulse")
+		dbTag2 := tagtypes.NewTag(orgID, testKind, "Database", "redis")
+		store := tagtypestest.NewStore()
+		store.Tags = []*tagtypes.Tag{dbTag, dbTag2}
+		m := &module{store: store}
+
+		toCreate, matched, err := m.resolve(context.Background(), orgID, testKind, []tagtypes.PostableTag{
+			{Key: "team", Value: "events"},    // new
+			{Key: "DATABASE", Value: "REDIS"}, // case-only conflict
+			{Key: "Brand", Value: "New"},      // new
+		})
+		require.NoError(t, err)
+
+		createdLowerKVs := []string{}
+		for _, tg := range toCreate {
+			createdLowerKVs = append(createdLowerKVs, strings.ToLower(tg.Key)+"\x00"+strings.ToLower(tg.Value))
+		}
+		assert.ElementsMatch(t, []string{"team\x00events", "brand\x00new"}, createdLowerKVs,
+			"only the two missing pairs should be returned for insertion")
+
+		require.Len(t, matched, 1, "DATABASE:REDIS should hit the existing 'Database:redis' tag")
+		assert.Same(t, dbTag2, matched[0], "matched should return the existing pointer with its authoritative ID")
+	})
+
+	t.Run("dedupes inputs that map to the same lower(key)+lower(value)", func(t *testing.T) {
+		orgID := valuer.GenerateUUID()
+		store := tagtypestest.NewStore()
+		m := &module{store: store}
+
+		toCreate, matched, err := m.resolve(context.Background(), orgID, testKind, []tagtypes.PostableTag{
+			{Key: "Foo", Value: "Bar"},
+			{Key: "foo", Value: "bar"},
+			{Key: "FOO", Value: "BAR"},
+		})
+		require.NoError(t, err)
+
+		require.Empty(t, matched)
+		require.Len(t, toCreate, 1, "duplicate inputs must collapse into a single insert")
+		assert.Equal(t, "Foo", toCreate[0].Key, "first input's casing wins")
+		assert.Equal(t, "Bar", toCreate[0].Value, "first input's casing wins")
+	})
+
+	t.Run("preserves existing casing on case-only match", func(t *testing.T) {
+		orgID := valuer.GenerateUUID()
+		dbTag := tagtypes.NewTag(orgID, testKind, "Team", "Pulse")
+		store := tagtypestest.NewStore()
+		store.Tags = []*tagtypes.Tag{dbTag}
+		m := &module{store: store}
+
+		toCreate, matched, err := m.resolve(context.Background(), orgID, testKind, []tagtypes.PostableTag{
+			{Key: "team", Value: "PULSE"},
+		})
+		require.NoError(t, err)
+
+		assert.Empty(t, toCreate)
+		require.Len(t, matched, 1)
+		assert.Equal(t, "Team", matched[0].Key)
+		assert.Equal(t, "Pulse", matched[0].Value)
+	})
+
+	t.Run("propagates validation error from any input", func(t *testing.T) {
+		store := tagtypestest.NewStore()
+		m := &module{store: store}
+
+		_, _, err := m.resolve(context.Background(), valuer.GenerateUUID(), testKind, []tagtypes.PostableTag{
+			{Key: "team", Value: "pulse"},
+			{Key: "", Value: "x"},
+		})
+		require.Error(t, err)
+	})
+
+	t.Run("propagates regex validation error", func(t *testing.T) {
+		store := tagtypestest.NewStore()
+		m := &module{store: store}
+
+		_, _, err := m.resolve(context.Background(), valuer.GenerateUUID(), testKind, []tagtypes.PostableTag{
+			{Key: "team!eng", Value: "pulse"},
+		})
+		require.Error(t, err)
+	})
+}
--- a/pkg/modules/tag/impltag/store.go
+++ b/pkg/modules/tag/impltag/store.go
@@ -0,0 +1,148 @@
+package impltag
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/uptrace/bun"
+)
+
+type store struct {
+	sqlstore sqlstore.SQLStore
+}
+
+func NewStore(sqlstore sqlstore.SQLStore) tagtypes.Store {
+	return &store{sqlstore: sqlstore}
+}
+
+func (s *store) List(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind) ([]*tagtypes.Tag, error) {
+	tags := make([]*tagtypes.Tag, 0)
+	err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(&tags).
+		Where("org_id = ?", orgID).
+		Where("kind = ?", kind).
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return tags, nil
+}
+
+func (s *store) ListByResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*tagtypes.Tag, error) {
+	tags := make([]*tagtypes.Tag, 0)
+	err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(&tags).
+		Join("JOIN tag_relation AS tr ON tr.tag_id = tag.id").
+		Where("tr.kind = ?", kind).
+		Where("tr.resource_id = ?", resourceID).
+		Where("tag.org_id = ?", orgID).
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return tags, nil
+}
+
+func (s *store) ListByResources(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceIDs []valuer.UUID) (map[valuer.UUID][]*tagtypes.Tag, error) {
+	if len(resourceIDs) == 0 {
+		return map[valuer.UUID][]*tagtypes.Tag{}, nil
+	}
+
+	type joinedRow struct {
+		tagtypes.Tag `bun:",extend"`
+		ResourceID   valuer.UUID `bun:"resource_id"`
+	}
+
+	rows := make([]*joinedRow, 0)
+	err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(&rows).
+		ColumnExpr("tag.*, tr.resource_id").
+		Join("JOIN tag_relation AS tr ON tr.tag_id = tag.id").
+		Where("tr.kind = ?", kind).
+		Where("tr.resource_id IN (?)", bun.In(resourceIDs)).
+		Where("tag.org_id = ?", orgID).
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	out := make(map[valuer.UUID][]*tagtypes.Tag)
+	for _, r := range rows {
+		tag := r.Tag
+		out[r.ResourceID] = append(out[r.ResourceID], &tag)
+	}
+	return out, nil
+}
+
+func (s *store) CreateOrGet(ctx context.Context, tags []*tagtypes.Tag) ([]*tagtypes.Tag, error) {
+	if len(tags) == 0 {
+		return tags, nil
+	}
+	// DO UPDATE on a self-set is a deliberate no-op write whose only purpose
+	// is to make RETURNING fire on conflicting rows. Without it, RETURNING is
+	// silent on the conflict path and we'd have to refetch by (key, value) to
+	// learn the existing rows' IDs after a concurrent-insert race. Setting
+	// key = tag.key (the existing row's value) preserves the first writer's
+	// casing on case-only collisions.
+	err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewInsert().
+		Model(&tags).
+		On("CONFLICT (org_id, kind, (LOWER(key)), (LOWER(value))) DO UPDATE").
+		Set("key = tag.key").
+		Returning("*").
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return tags, nil
+}
+
+func (s *store) CreateRelations(ctx context.Context, relations []*tagtypes.TagRelation) error {
+	if len(relations) == 0 {
+		return nil
+	}
+	_, err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewInsert().
+		Model(&relations).
+		On("CONFLICT (kind, resource_id, tag_id) DO NOTHING").
+		Exec(ctx)
+	return err
+}
+
+func (s *store) DeleteRelationsExcept(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, keepTagIDs []valuer.UUID) error {
+	// Scope the delete to the caller's org via a subquery on tag — bun's
+	// DELETE-with-JOIN syntax isn't uniformly portable across Postgres/SQLite.
+	tagIDsToDelete := s.sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		TableExpr("tag").
+		Column("id").
+		Where("org_id = ?", orgID)
+	if len(keepTagIDs) > 0 {
+		tagIDsToDelete = tagIDsToDelete.Where("id NOT IN (?)", bun.In(keepTagIDs))
+	}
+	_, err := s.sqlstore.
+		BunDBCtx(ctx).
+		NewDelete().
+		Model((*tagtypes.TagRelation)(nil)).
+		Where("kind = ?", kind).
+		Where("resource_id = ?", resourceID).
+		Where("tag_id IN (?)", tagIDsToDelete).
+		Exec(ctx)
+	return err
+}
+
+func (s *store) RunInTx(ctx context.Context, cb func(ctx context.Context) error) error {
+	return s.sqlstore.RunInTxCtx(ctx, nil, cb)
+}
--- a/pkg/modules/tag/impltag/store_test.go
+++ b/pkg/modules/tag/impltag/store_test.go
@@ -0,0 +1,147 @@
+package impltag
+
+import (
+	"context"
+	"path/filepath"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/factory/factorytest"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/sqlstore/sqlitesqlstore"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"github.com/uptrace/bun"
+)
+
+func newTestStore(t *testing.T) sqlstore.SQLStore {
+	t.Helper()
+	dbPath := filepath.Join(t.TempDir(), "test.db")
+	store, err := sqlitesqlstore.New(context.Background(), factorytest.NewSettings(), sqlstore.Config{
+		Provider: "sqlite",
+		Connection: sqlstore.ConnectionConfig{
+			MaxOpenConns:    1,
+			MaxConnLifetime: 0,
+		},
+		Sqlite: sqlstore.SqliteConfig{
+			Path:            dbPath,
+			Mode:            "wal",
+			BusyTimeout:     5 * time.Second,
+			TransactionMode: "deferred",
+		},
+	})
+	require.NoError(t, err)
+
+	_, err = store.BunDB().NewCreateTable().
+		Model((*tagtypes.Tag)(nil)).
+		IfNotExists().
+		Exec(context.Background())
+	require.NoError(t, err)
+
+	_, err = store.BunDB().Exec(`CREATE UNIQUE INDEX IF NOT EXISTS uq_tag_org_kind_lower_key_lower_value ON tag (org_id, kind, LOWER(key), LOWER(value))`)
+	require.NoError(t, err)
+	return store
+}
+
+var dashboardKind = coretypes.KindDashboard
+
+func tagsByLowerKeyValue(t *testing.T, db *bun.DB) map[string]*tagtypes.Tag {
+	t.Helper()
+	all := make([]*tagtypes.Tag, 0)
+	require.NoError(t, db.NewSelect().Model(&all).Scan(context.Background()))
+	out := map[string]*tagtypes.Tag{}
+	for _, tag := range all {
+		out[strings.ToLower(tag.Key)+"\x00"+strings.ToLower(tag.Value)] = tag
+	}
+	return out
+}
+
+func TestStore_Create_PopulatesIDsOnFreshInsert(t *testing.T) {
+	ctx := context.Background()
+	sqlstore := newTestStore(t)
+	s := NewStore(sqlstore)
+
+	orgID := valuer.GenerateUUID()
+	tagA := tagtypes.NewTag(orgID, dashboardKind, "tag", "Database")
+	tagB := tagtypes.NewTag(orgID, dashboardKind, "team", "BLR")
+	preIDA := tagA.ID
+	preIDB := tagB.ID
+
+	got, err := s.CreateOrGet(ctx, []*tagtypes.Tag{tagA, tagB})
+	require.NoError(t, err)
+	require.Len(t, got, 2)
+
+	// No race → pre-generated IDs stand. The slice is what we passed in,
+	// confirming Scan didn't reallocate.
+	assert.Equal(t, preIDA, got[0].ID)
+	assert.Equal(t, preIDB, got[1].ID)
+
+	// And the rows are in the DB.
+	stored := tagsByLowerKeyValue(t, sqlstore.BunDB())
+	require.Contains(t, stored, "tag\x00database")
+	require.Contains(t, stored, "team\x00blr")
+	assert.Equal(t, preIDA, stored["tag\x00database"].ID)
+	assert.Equal(t, preIDB, stored["team\x00blr"].ID)
+}
+
+func TestStore_Create_ConflictReturnsExistingRowID(t *testing.T) {
+	ctx := context.Background()
+	sqlstore := newTestStore(t)
+	s := NewStore(sqlstore)
+
+	orgID := valuer.GenerateUUID()
+
+	// Simulate a concurrent insert: someone else has already inserted "tag:Database".
+	winner := tagtypes.NewTag(orgID, dashboardKind, "tag", "Database")
+	_, err := s.CreateOrGet(ctx, []*tagtypes.Tag{winner})
+	require.NoError(t, err)
+	winnerID := winner.ID
+
+	// Now our request runs with a different pre-generated ID for the same
+	// (key, value) — case differs but the functional unique index collapses
+	// them. RETURNING should overwrite our stale ID with winner's ID.
+	loser := tagtypes.NewTag(orgID, dashboardKind, "TAG", "DATABASE")
+	loserPreID := loser.ID
+	require.NotEqual(t, winnerID, loserPreID, "pre-generated IDs must differ for this test to be meaningful")
+
+	got, err := s.CreateOrGet(ctx, []*tagtypes.Tag{loser})
+	require.NoError(t, err)
+	require.Len(t, got, 1)
+
+	assert.Equal(t, winnerID, got[0].ID, "returned slice should carry the existing row's ID, not our stale one")
+	assert.Equal(t, winnerID, loser.ID, "input slice element is mutated in place")
+
+	// And the DB still has exactly one row for that (lower(key), lower(value)) — winner's, with winner's casing.
+	stored := tagsByLowerKeyValue(t, sqlstore.BunDB())
+	require.Len(t, stored, 1)
+	assert.Equal(t, winnerID, stored["tag\x00database"].ID)
+	assert.Equal(t, "tag", stored["tag\x00database"].Key, "winner's casing preserved in key")
+	assert.Equal(t, "Database", stored["tag\x00database"].Value, "winner's casing preserved in value")
+}
+
+func TestStore_Create_MixedFreshAndConflict(t *testing.T) {
+	ctx := context.Background()
+	sqlstore := newTestStore(t)
+	s := NewStore(sqlstore)
+
+	orgID := valuer.GenerateUUID()
+	pre := tagtypes.NewTag(orgID, dashboardKind, "tag", "Database")
+	_, err := s.CreateOrGet(ctx, []*tagtypes.Tag{pre})
+	require.NoError(t, err)
+	preExistingID := pre.ID
+
+	conflict := tagtypes.NewTag(orgID, dashboardKind, "tag", "Database")
+	fresh := tagtypes.NewTag(orgID, dashboardKind, "team", "BLR")
+	freshPreID := fresh.ID
+
+	got, err := s.CreateOrGet(ctx, []*tagtypes.Tag{conflict, fresh})
+	require.NoError(t, err)
+	require.Len(t, got, 2)
+
+	assert.Equal(t, preExistingID, got[0].ID, "conflicting row's ID overwritten with the existing row's")
+	assert.Equal(t, freshPreID, got[1].ID, "fresh row's pre-generated ID is preserved")
+}
--- a/pkg/modules/tag/tag.go
+++ b/pkg/modules/tag/tag.go
@@ -0,0 +1,20 @@
+package tag
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Module interface {
+	// SyncTags resolves the given postable tags (creating new rows as needed)
+	// and reconciles the resource's links to exactly that set, all in one transaction.
+	SyncTags(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, postable []tagtypes.PostableTag) ([]*tagtypes.Tag, error)
+
+	ListForResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*tagtypes.Tag, error)
+
+	// Resources with no tags are absent from the returned map.
+	ListForResources(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceIDs []valuer.UUID) (map[valuer.UUID][]*tagtypes.Tag, error)
+}
--- a/pkg/query-service/model/alerting.go
+++ b/pkg/query-service/model/alerting.go
@@ -134,7 +134,7 @@ type RuleStateHistory struct {
 	// One of ["normal", "firing"]
 	OverallState        AlertState `json:"overallState" ch:"overall_state"`
 	OverallStateChanged bool       `json:"overallStateChanged" ch:"overall_state_changed"`
-	// One of ["normal", "firing", "nodata", "muted"]
+	// One of ["normal", "firing", "no_data", "muted"]
 	State        AlertState   `json:"state" ch:"state"`
 	StateChanged bool         `json:"stateChanged" ch:"state_changed"`
 	UnixMilli    int64        `json:"unixMilli" ch:"unix_milli"`
--- a/pkg/signoz/handler_test.go
+++ b/pkg/signoz/handler_test.go
@@ -17,6 +17,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
 	"github.com/SigNoz/signoz/pkg/modules/retention/implretention"
+	"github.com/SigNoz/signoz/pkg/modules/tag/impltag"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -45,7 +46,8 @@ func TestNewHandlers(t *testing.T) {
 	emailing := emailingtest.New()
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
-	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
+	tagModule := impltag.NewModule(impltag.NewStore(sqlstore))
+	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), sqlstore, providerSettings, nil, orgGetter, queryParser, tagModule)

 	flagger, err := flagger.New(context.Background(), instrumentationtest.New().ToProviderSettings(), flagger.Config{}, flagger.MustNewRegistry())
 	require.NoError(t, err)
@@ -53,8 +55,9 @@ func TestNewHandlers(t *testing.T) {
 	userRoleStore := impluser.NewUserRoleStore(sqlstore, providerSettings)

 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings), userRoleStore, flagger)
+
 	retentionGetter := implretention.NewGetter(implretention.NewStore(sqlstore))
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, nil, nil, retentionGetter, flagger)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, nil, nil, retentionGetter, flagger, tagModule)

 	querierHandler := querier.NewHandler(providerSettings, nil, nil)
 	registryHandler := factory.NewHandler(nil)
--- a/pkg/signoz/module.go
+++ b/pkg/signoz/module.go
@@ -45,6 +45,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/spanmapper/implspanmapper"
 	"github.com/SigNoz/signoz/pkg/modules/spanpercentile"
 	"github.com/SigNoz/signoz/pkg/modules/spanpercentile/implspanpercentile"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
 	"github.com/SigNoz/signoz/pkg/modules/tracedetail"
 	"github.com/SigNoz/signoz/pkg/modules/tracedetail/impltracedetail"
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel"
@@ -88,6 +89,7 @@ type Modules struct {
 	TraceDetail      tracedetail.Module
 	SpanMapper       spanmapper.Module
 	LLMPricingRule   llmpricingrule.Module
+	Tag              tag.Module
 }

 func NewModules(
@@ -113,6 +115,7 @@ func NewModules(
 	cloudIntegrationModule cloudintegration.Module,
 	retentionGetter retention.Getter,
 	fl flagger.Flagger,
+	tagModule tag.Module,
 ) Modules {
 	quickfilter := implquickfilter.NewModule(implquickfilter.NewStore(sqlstore))
 	orgSetter := implorganization.NewSetter(implorganization.NewStore(sqlstore), alertmanager, quickfilter)
@@ -145,5 +148,6 @@ func NewModules(
 		TraceDetail:      impltracedetail.NewModule(impltracedetail.NewTraceStore(telemetryStore), providerSettings, config.TraceDetail),
 		SpanMapper:       implspanmapper.NewModule(implspanmapper.NewStore(sqlstore)),
 		LLMPricingRule:   impllmpricingrule.NewModule(impllmpricingrule.NewStore(sqlstore)),
+		Tag:              tagModule,
 	}
 }
--- a/pkg/signoz/module_test.go
+++ b/pkg/signoz/module_test.go
@@ -19,6 +19,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/retention/implretention"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount"
+	"github.com/SigNoz/signoz/pkg/modules/tag/impltag"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
@@ -46,7 +47,8 @@ func TestNewModules(t *testing.T) {
 	emailing := emailingtest.New()
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
-	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
+	tagModule := impltag.NewModule(impltag.NewStore(sqlstore))
+	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), sqlstore, providerSettings, nil, orgGetter, queryParser, tagModule)

 	flagger, err := flagger.New(context.Background(), instrumentationtest.New().ToProviderSettings(), flagger.Config{}, flagger.MustNewRegistry())
 	require.NoError(t, err)
@@ -58,7 +60,8 @@ func TestNewModules(t *testing.T) {
 	serviceAccount := implserviceaccount.NewModule(implserviceaccount.NewStore(sqlstore), nil, nil, nil, providerSettings, serviceaccount.Config{})

 	retentionGetter := implretention.NewGetter(implretention.NewStore(sqlstore))
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, serviceAccount, implcloudintegration.NewModule(), retentionGetter, flagger)
+
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, userGetter, userRoleStore, serviceAccount, implcloudintegration.NewModule(), retentionGetter, flagger, tagModule)

 	reflectVal := reflect.ValueOf(modules)
 	for i := 0; i < reflectVal.NumField(); i++ {
--- a/pkg/signoz/provider.go
+++ b/pkg/signoz/provider.go
@@ -200,6 +200,7 @@ func NewSQLMigrationProviderFactories(
 		sqlmigration.NewAddServiceAccountManagedRoleTransactionsFactory(sqlstore),
 		sqlmigration.NewAddSpanMapperFactory(sqlstore, sqlschema),
 		sqlmigration.NewAddLLMPricingRulesFactory(sqlstore, sqlschema),
+		sqlmigration.NewAddTagsFactory(sqlstore, sqlschema),
 	)
 }

--- a/pkg/signoz/signoz.go
+++ b/pkg/signoz/signoz.go
@@ -32,6 +32,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/rulestatehistory"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/serviceaccount/implserviceaccount"
+	"github.com/SigNoz/signoz/pkg/modules/tag"
+	"github.com/SigNoz/signoz/pkg/modules/tag/impltag"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -105,7 +107,7 @@ func New(
 	telemetrystoreProviderFactories factory.NamedMap[factory.ProviderFactory[telemetrystore.TelemetryStore, telemetrystore.Config]],
 	authNsCallback func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error),
 	authzCallback func(context.Context, sqlstore.SQLStore, authz.Config, licensing.Licensing, []authz.OnBeforeRoleDelete) (factory.ProviderFactory[authz.AuthZ, authz.Config], error),
-	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
+	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing, tag.Module) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
 	auditorProviderFactories func(licensing.Licensing) factory.NamedMap[factory.ProviderFactory[auditor.Auditor, auditor.Config]],
 	meterReporterProviderFactories func(context.Context, factory.ProviderSettings, flagger.Flagger, licensing.Licensing, telemetrystore.TelemetryStore, retention.Getter, organization.Getter, zeus.Zeus) (factory.NamedMap[factory.ProviderFactory[meterreporter.Reporter, meterreporter.Config]], string),
@@ -332,8 +334,13 @@ func New(
 	// Initialize query parser (needed for dashboard module)
 	queryParser := queryparser.New(providerSettings)

-	// Initialize dashboard module
-	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, queryParser, querier, licensing)
+	// Initialize tag module — shared across modules that link entities to tags
+	// (currently dashboard; future: alerts, RBAC). Built once here and injected
+	// where needed.
+	tagModule := impltag.NewModule(impltag.NewStore(sqlstore))
+
+	// Initialize dashboard module (needed for authz registry)
+	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, queryParser, querier, licensing, tagModule)

 	// Initialize user getter
 	userGetter := impluser.NewGetter(userStore, userRoleStore, flagger)
@@ -455,7 +462,7 @@ func New(
 	}

 	// Initialize all modules
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter, userRoleStore, serviceAccount, cloudIntegrationModule, retentionGetter, flagger)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter, userRoleStore, serviceAccount, cloudIntegrationModule, retentionGetter, flagger, tagModule)

 	// Initialize ruler from the variant-specific provider factories
 	rulerInstance, err := factory.NewProviderFromNamedMap(ctx, providerSettings, config.Ruler, rulerProviderFactories(cache, alertmanager, sqlstore, telemetrystore, telemetryMetadataStore, prometheus, orgGetter, modules.RuleStateHistory, querier, queryParser), "signoz")
--- a/pkg/sqlmigration/081_add_tags.go
+++ b/pkg/sqlmigration/081_add_tags.go
@@ -0,0 +1,114 @@
+package sqlmigration
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/sqlschema"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/uptrace/bun"
+	"github.com/uptrace/bun/migrate"
+)
+
+type addTags struct {
+	sqlstore  sqlstore.SQLStore
+	sqlschema sqlschema.SQLSchema
+}
+
+func NewAddTagsFactory(sqlstore sqlstore.SQLStore, sqlschema sqlschema.SQLSchema) factory.ProviderFactory[SQLMigration, Config] {
+	return factory.NewProviderFactory(factory.MustNewName("add_tags"), func(ctx context.Context, ps factory.ProviderSettings, c Config) (SQLMigration, error) {
+		return &addTags{
+			sqlstore:  sqlstore,
+			sqlschema: sqlschema,
+		}, nil
+	})
+}
+
+func (migration *addTags) Register(migrations *migrate.Migrations) error {
+	return migrations.Register(migration.Up, migration.Down)
+}
+
+func (migration *addTags) Up(ctx context.Context, db *bun.DB) error {
+	tx, err := db.BeginTx(ctx, nil)
+	if err != nil {
+		return err
+	}
+
+	defer func() {
+		_ = tx.Rollback()
+	}()
+
+	sqls := [][]byte{}
+
+	tagTableSQLs := migration.sqlschema.Operator().CreateTable(&sqlschema.Table{
+		Name: "tag",
+		Columns: []*sqlschema.Column{
+			{Name: "id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "key", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "value", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "org_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "kind", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "created_at", DataType: sqlschema.DataTypeTimestamp, Nullable: false},
+			{Name: "updated_at", DataType: sqlschema.DataTypeTimestamp, Nullable: false},
+		},
+		PrimaryKeyConstraint: &sqlschema.PrimaryKeyConstraint{ColumnNames: []sqlschema.ColumnName{"id"}},
+		ForeignKeyConstraints: []*sqlschema.ForeignKeyConstraint{
+			{
+				ReferencingColumnName: sqlschema.ColumnName("org_id"),
+				ReferencedTableName:   sqlschema.TableName("organizations"),
+				ReferencedColumnName:  sqlschema.ColumnName("id"),
+			},
+		},
+	})
+	sqls = append(sqls, tagTableSQLs...)
+
+	// Case-insensitive uniqueness on (org_id, kind, key, value) — both Postgres
+	// and SQLite (modernc 3.50.x) support expression indexes.
+	tagUniqueIndexSQLs := migration.sqlschema.Operator().CreateIndex(
+		(&sqlschema.UniqueIndex{
+			TableName:   "tag",
+			ColumnNames: []sqlschema.ColumnName{"org_id", "kind", "key", "value"},
+			Expressions: []string{"org_id", "kind", "LOWER(key)", "LOWER(value)"},
+		}).Named("uq_tag_org_kind_lower_key_lower_value"),
+	)
+	sqls = append(sqls, tagUniqueIndexSQLs...)
+
+	tagRelationsTableSQLs := migration.sqlschema.Operator().CreateTable(&sqlschema.Table{
+		Name: "tag_relation",
+		Columns: []*sqlschema.Column{
+			{Name: "id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "kind", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "resource_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "tag_id", DataType: sqlschema.DataTypeText, Nullable: false},
+		},
+		PrimaryKeyConstraint: &sqlschema.PrimaryKeyConstraint{ColumnNames: []sqlschema.ColumnName{"id"}},
+		ForeignKeyConstraints: []*sqlschema.ForeignKeyConstraint{
+			{
+				ReferencingColumnName: sqlschema.ColumnName("tag_id"),
+				ReferencedTableName:   sqlschema.TableName("tag"),
+				ReferencedColumnName:  sqlschema.ColumnName("id"),
+			},
+		},
+	})
+	sqls = append(sqls, tagRelationsTableSQLs...)
+
+	tagRelationUniqueIndexSQLs := migration.sqlschema.Operator().CreateIndex(
+		&sqlschema.UniqueIndex{
+			TableName:   "tag_relation",
+			ColumnNames: []sqlschema.ColumnName{"kind", "resource_id", "tag_id"},
+		},
+	)
+	sqls = append(sqls, tagRelationUniqueIndexSQLs...)
+
+	for _, sql := range sqls {
+		if _, err := tx.ExecContext(ctx, string(sql)); err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (migration *addTags) Down(_ context.Context, _ *bun.DB) error {
+	return nil
+}
--- a/pkg/sqlschema/index.go
+++ b/pkg/sqlschema/index.go
@@ -1,6 +1,8 @@
 package sqlschema

 import (
+	"fmt"
+	"hash/fnv"
 	"slices"
 	"strings"

@@ -49,9 +51,23 @@ type Index interface {
 	ToDropSQL(fmter SQLFormatter) []byte
 }

+// UniqueIndex models a unique index on a table.
+//
+// In the common case the index keys on plain columns: set only ColumnNames and
+// the SQL is emitted with each column identifier-quoted by the formatter
+// (`CREATE UNIQUE INDEX uq_t_a_b ON t (a, b)`).
+//
+// For functional indexes (e.g. case-insensitive uniqueness on `LOWER(col)`),
+// set Expressions to the raw SQL parts and use ColumnNames as metadata for
+// "which columns does this index touch". When Expressions is non-empty, it
+// overrides ColumnNames for SQL emission — each entry is written verbatim, so
+// the caller owns well-formedness — and the auto-generated name uses a hash
+// suffix instead of a readable column join because expressions aren't valid
+// identifier fragments.
 type UniqueIndex struct {
 	TableName   TableName
 	ColumnNames []ColumnName
+	Expressions []string
 	name        string
 }

@@ -71,16 +87,28 @@ func (index *UniqueIndex) Name() string {
 		}
 		b.WriteString(string(column))
 	}
+
+	if len(index.Expressions) > 0 {
+		if len(index.ColumnNames) > 0 {
+			b.WriteString("_")
+		}
+		hasher := fnv.New32a()
+		_, _ = hasher.Write([]byte(strings.Join(index.Expressions, "\x00")))
+		fmt.Fprintf(&b, "%08x", hasher.Sum32())
+	}
 	return b.String()
 }

 func (index *UniqueIndex) Named(name string) Index {
 	copyOfColumnNames := make([]ColumnName, len(index.ColumnNames))
 	copy(copyOfColumnNames, index.ColumnNames)
+	copyOfExpressions := make([]string, len(index.Expressions))
+	copy(copyOfExpressions, index.Expressions)

 	return &UniqueIndex{
 		TableName:   index.TableName,
 		ColumnNames: copyOfColumnNames,
+		Expressions: copyOfExpressions,
 		name:        name,
 	}
 }
@@ -101,7 +129,18 @@ func (index *UniqueIndex) Equals(other Index) bool {
 	if other.Type() != IndexTypeUnique {
 		return false
 	}
-
+	otherUnique, ok := other.(*UniqueIndex)
+	if !ok {
+		return false
+	}
+	// Plain and functional indexes produce different SQL even if their column
+	// sets overlap; require both shapes to match.
+	if (len(index.Expressions) == 0) != (len(otherUnique.Expressions) == 0) {
+		return false
+	}
+	if len(index.Expressions) > 0 && !slices.Equal(index.Expressions, otherUnique.Expressions) {
+		return false
+	}
 	return index.Name() == other.Name() && slices.Equal(index.Columns(), other.Columns())
 }

@@ -114,12 +153,20 @@ func (index *UniqueIndex) ToCreateSQL(fmter SQLFormatter) []byte {
 	sql = fmter.AppendIdent(sql, string(index.TableName))
 	sql = append(sql, " ("...)

-	for i, column := range index.ColumnNames {
-		if i > 0 {
-			sql = append(sql, ", "...)
+	if len(index.Expressions) > 0 {
+		for i, expr := range index.Expressions {
+			if i > 0 {
+				sql = append(sql, ", "...)
+			}
+			sql = append(sql, expr...)
+		}
+	} else {
+		for i, column := range index.ColumnNames {
+			if i > 0 {
+				sql = append(sql, ", "...)
+			}
+			sql = fmter.AppendIdent(sql, string(column))
 		}
-
-		sql = fmter.AppendIdent(sql, string(column))
 	}

 	sql = append(sql, ")"...)
--- a/pkg/sqlschema/index_test.go
+++ b/pkg/sqlschema/index_test.go
@@ -38,6 +38,43 @@ func TestIndexToCreateSQL(t *testing.T) {
 			},
 			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "my_index" ON "users" ("id", "name", "email")`,
 		},
+		{
+			name: "Unique_Functional_SingleExpression",
+			index: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"LOWER(email)"},
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "uq_users_email_1e5a87f1" ON "users" (LOWER(email))`,
+		},
+		{
+			name: "Unique_Functional_MixedColumnsAndExpressions",
+			index: &UniqueIndex{
+				TableName:   "tag",
+				ColumnNames: []ColumnName{"org_id", "kind", "key", "value"},
+				Expressions: []string{"org_id", "kind", "LOWER(key)", "LOWER(value)"},
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "uq_tag_org_id_kind_key_value_57e8f81f" ON "tag" (org_id, kind, LOWER(key), LOWER(value))`,
+		},
+		{
+			name: "Unique_Functional_ComplexExpression",
+			index: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"first_name", "last_name"},
+				Expressions: []string{"LOWER(TRIM(first_name) || ' ' || TRIM(last_name))"},
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "uq_users_first_name_last_name_adb1ff53" ON "users" (LOWER(TRIM(first_name) || ' ' || TRIM(last_name)))`,
+		},
+		{
+			name: "Unique_Functional_Named",
+			index: &UniqueIndex{
+				TableName:   "tag",
+				ColumnNames: []ColumnName{"org_id", "kind", "key", "value"},
+				Expressions: []string{"org_id", "kind", "LOWER(key)", "LOWER(value)"},
+				name:        "uq_tag_org_kind_lower_key_lower_value",
+			},
+			sql: `CREATE UNIQUE INDEX IF NOT EXISTS "uq_tag_org_kind_lower_key_lower_value" ON "tag" (org_id, kind, LOWER(key), LOWER(value))`,
+		},
 		{
 			name: "PartialUnique_1Column",
 			index: &PartialUniqueIndex{
@@ -229,6 +266,47 @@ func TestIndexEquals(t *testing.T) {
 			},
 			equals: false,
 		},
+		{
+			name: "Unique_Functional_Same",
+			a: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"LOWER(email)"},
+			},
+			b: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"LOWER(email)"},
+			},
+			equals: true,
+		},
+		{
+			name: "Unique_Functional_DifferentExpressions",
+			a: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"LOWER(email)"},
+			},
+			b: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"UPPER(email)"},
+			},
+			equals: false,
+		},
+		{
+			name: "Unique_Functional_NotEqualToPlainSameColumns",
+			a: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+				Expressions: []string{"LOWER(email)"},
+			},
+			b: &UniqueIndex{
+				TableName:   "users",
+				ColumnNames: []ColumnName{"email"},
+			},
+			equals: false,
+		},
 	}

 	for _, testCase := range testCases {
@@ -238,6 +316,75 @@ func TestIndexEquals(t *testing.T) {
 	}
 }

+func TestUniqueIndexFunctionalName(t *testing.T) {
+	t.Run("autogen uses uq_<table>_<hash>", func(t *testing.T) {
+		idx := &UniqueIndex{
+			TableName:   "tag",
+			ColumnNames: []ColumnName{"org_id", "kind", "key", "value"},
+			Expressions: []string{"org_id", "kind", "LOWER(key)", "LOWER(value)"},
+		}
+		assert.Equal(t, "uq_tag_org_id_kind_key_value_57e8f81f", idx.Name())
+	})
+
+	t.Run("same expressions produce the same name", func(t *testing.T) {
+		a := &UniqueIndex{
+			TableName:   "users",
+			Expressions: []string{"LOWER(email)"},
+		}
+		b := &UniqueIndex{
+			TableName:   "users",
+			Expressions: []string{"LOWER(email)"},
+		}
+		assert.Equal(t, a.Name(), b.Name())
+	})
+
+	t.Run("different expressions produce different names", func(t *testing.T) {
+		a := &UniqueIndex{
+			TableName:   "users",
+			Expressions: []string{"LOWER(email)"},
+		}
+		b := &UniqueIndex{
+			TableName:   "users",
+			Expressions: []string{"UPPER(email)"},
+		}
+		assert.NotEqual(t, a.Name(), b.Name())
+	})
+
+	t.Run("expressions in different order produce different names", func(t *testing.T) {
+		a := &UniqueIndex{
+			TableName:   "tag",
+			Expressions: []string{"org_id", "LOWER(key)"},
+		}
+		b := &UniqueIndex{
+			TableName:   "tag",
+			Expressions: []string{"LOWER(key)", "org_id"},
+		}
+		assert.NotEqual(t, a.Name(), b.Name())
+	})
+
+	t.Run("functional autogen differs from plain autogen for same columns", func(t *testing.T) {
+		plain := &UniqueIndex{
+			TableName:   "users",
+			ColumnNames: []ColumnName{"email"},
+		}
+		functional := &UniqueIndex{
+			TableName:   "users",
+			ColumnNames: []ColumnName{"email"},
+			Expressions: []string{"LOWER(email)"},
+		}
+		assert.Equal(t, "uq_users_email", plain.Name())
+		assert.NotEqual(t, plain.Name(), functional.Name())
+	})
+
+	t.Run("Named() override wins over hash", func(t *testing.T) {
+		idx := (&UniqueIndex{
+			TableName:   "tag",
+			Expressions: []string{"org_id", "LOWER(key)"},
+		}).Named("my_functional_index")
+		assert.Equal(t, "my_functional_index", idx.Name())
+	})
+}
+
 func TestPartialUniqueIndexName(t *testing.T) {
 	a := &PartialUniqueIndex{
 		TableName:   "users",
--- a/pkg/types/dashboardtypes/perses_dashboard.go
+++ b/pkg/types/dashboardtypes/perses_dashboard.go
@@ -0,0 +1,276 @@
+package dashboardtypes
+
+import (
+	"bytes"
+	"encoding/json"
+	"strings"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+const (
+	SchemaVersion       = "v6"
+	MaxTagsPerDashboard = 5
+)
+
+type DSLKey string
+
+const (
+	DSLKeyName        DSLKey = "name"
+	DSLKeyDescription DSLKey = "description"
+	DSLKeyCreatedAt   DSLKey = "created_at"
+	DSLKeyUpdatedAt   DSLKey = "updated_at"
+	DSLKeyCreatedBy   DSLKey = "created_by"
+	DSLKeyLocked      DSLKey = "locked"
+	DSLKeyPublic      DSLKey = "public"
+)
+
+// reservedDSLKeys are dashboard column-level filter names in the list-query DSL.
+// A tag whose key collides with one of these would make the DSL ambiguous, so
+// they're rejected (case-insensitively) at write time.
+var reservedDSLKeys = map[DSLKey]struct{}{
+	DSLKeyName:        {},
+	DSLKeyDescription: {},
+	DSLKeyCreatedAt:   {},
+	DSLKeyUpdatedAt:   {},
+	DSLKeyCreatedBy:   {},
+	DSLKeyLocked:      {},
+	DSLKeyPublic:      {},
+}
+
+type DashboardV2 struct {
+	types.Identifiable
+	types.TimeAuditable
+	types.UserAuditable
+
+	OrgID        valuer.UUID      `json:"orgId"`
+	Locked       bool             `json:"locked"`
+	Info         DashboardInfo    `json:"info"`
+	PublicConfig *PublicDashboard `json:"publicConfig,omitempty"`
+}
+
+// DashboardInfo is the serializable view of a dashboard's contents — what the UI renders as "the dashboard JSON".
+type DashboardInfo struct {
+	StoredDashboardInfo
+	Tags []*tagtypes.Tag `json:"tags,omitempty"`
+}
+
+// StoredDashboardInfo is exactly what serializes into the dashboard.data column.
+type StoredDashboardInfo struct {
+	Metadata DashboardMetadata `json:"metadata"`
+	Data     DashboardData     `json:"data"`
+}
+
+type DashboardMetadata struct {
+	SchemaVersion   string `json:"schemaVersion"`
+	Image           string `json:"image,omitempty"`
+	UploadedGrafana bool   `json:"uploadedGrafana"`
+}
+
+type PostableDashboardV2 struct {
+	StoredDashboardInfo
+	Tags []tagtypes.PostableTag `json:"tags,omitempty"`
+}
+
+type UpdateableDashboardV2 = PostableDashboardV2
+
+func (p *PostableDashboardV2) UnmarshalJSON(data []byte) error {
+	dec := json.NewDecoder(bytes.NewReader(data))
+	dec.DisallowUnknownFields()
+	type alias PostableDashboardV2
+	var tmp alias
+	if err := dec.Decode(&tmp); err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s", err.Error())
+	}
+	*p = PostableDashboardV2(tmp)
+	return p.Validate()
+}
+
+func (p *PostableDashboardV2) Validate() error {
+	if p.Metadata.SchemaVersion != SchemaVersion {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "metadata.schemaVersion must be %q, got %q", SchemaVersion, p.Metadata.SchemaVersion)
+	}
+	if p.Data.Display == nil || p.Data.Display.Name == "" {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "data.display.name is required")
+	}
+	if err := p.validateTags(); err != nil {
+		return err
+	}
+	return p.Data.Validate()
+}
+
+func (p *PostableDashboardV2) validateTags() error {
+	if len(p.Tags) > MaxTagsPerDashboard {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "a dashboard can have at most %d tags", MaxTagsPerDashboard)
+	}
+	for _, tag := range p.Tags {
+		if _, reserved := reservedDSLKeys[DSLKey(strings.ToLower(strings.TrimSpace(tag.Key)))]; reserved {
+			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "tag key %q is reserved", tag.Key)
+		}
+	}
+	return nil
+}
+
+type GettableDashboardV2 struct {
+	types.Identifiable
+	types.TimeAuditable
+	types.UserAuditable
+
+	OrgID        valuer.UUID               `json:"orgId"`
+	Locked       bool                      `json:"locked"`
+	Info         GettableDashboardInfo     `json:"info"`
+	PublicConfig *GettablePublicDasbhboard `json:"publicConfig,omitempty"`
+}
+
+type GettableDashboardInfo struct {
+	StoredDashboardInfo
+	Tags []*tagtypes.GettableTag `json:"tags,omitempty"`
+}
+
+func NewGettableDashboardV2FromDashboardV2(dashboard *DashboardV2) *GettableDashboardV2 {
+	gettable := &GettableDashboardV2{
+		Identifiable:  dashboard.Identifiable,
+		TimeAuditable: dashboard.TimeAuditable,
+		UserAuditable: dashboard.UserAuditable,
+		OrgID:         dashboard.OrgID,
+		Locked:        dashboard.Locked,
+		Info: GettableDashboardInfo{
+			StoredDashboardInfo: dashboard.Info.StoredDashboardInfo,
+			Tags:                tagtypes.NewGettableTagsFromTags(dashboard.Info.Tags),
+		},
+	}
+	if dashboard.PublicConfig != nil {
+		gettable.PublicConfig = NewGettablePublicDashboard(dashboard.PublicConfig)
+	}
+	return gettable
+}
+
+func NewDashboardV2(orgID valuer.UUID, createdBy string, postable PostableDashboardV2, resolvedTags []*tagtypes.Tag) *DashboardV2 {
+	now := time.Now()
+
+	return &DashboardV2{
+		Identifiable:  types.Identifiable{ID: valuer.GenerateUUID()},
+		TimeAuditable: types.TimeAuditable{CreatedAt: now, UpdatedAt: now},
+		UserAuditable: types.UserAuditable{CreatedBy: createdBy, UpdatedBy: createdBy},
+		OrgID:         orgID,
+		Locked:        false,
+		Info: DashboardInfo{
+			StoredDashboardInfo: StoredDashboardInfo{
+				Metadata: postable.Metadata,
+				Data:     postable.Data,
+			},
+			Tags: resolvedTags,
+		},
+	}
+}
+
+// rejects rows that don't carry a v2-shape blob — those are pre-migration v1 dashboards that the v2 API can't render.
+func NewDashboardV2FromStorable(storable *StorableDashboard, public *StorablePublicDashboard, tags []*tagtypes.Tag) (*DashboardV2, error) {
+	metadata, _ := storable.Data["metadata"].(map[string]any)
+	if metadata == nil || metadata["schemaVersion"] != SchemaVersion {
+		return nil, errors.Newf(errors.TypeUnsupported, ErrCodeDashboardInvalidData, "dashboard %s is not in %s schema", storable.ID, SchemaVersion)
+	}
+
+	raw, err := json.Marshal(storable.Data)
+	if err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "marshal stored v2 dashboard data")
+	}
+	var stored StoredDashboardInfo
+	if err := json.Unmarshal(raw, &stored); err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "unmarshal stored v2 dashboard data")
+	}
+
+	var publicConfig *PublicDashboard
+	if public != nil {
+		publicConfig = NewPublicDashboardFromStorablePublicDashboard(public)
+	}
+
+	return &DashboardV2{
+		Identifiable:  storable.Identifiable,
+		TimeAuditable: storable.TimeAuditable,
+		UserAuditable: storable.UserAuditable,
+		OrgID:         storable.OrgID,
+		Locked:        storable.Locked,
+		Info: DashboardInfo{
+			StoredDashboardInfo: stored,
+			Tags:                tags,
+		},
+		PublicConfig: publicConfig,
+	}, nil
+}
+
+func (d *DashboardV2) CanLockUnlock(lock bool, isAdmin bool, updatedBy string) error {
+	if d.CreatedBy != updatedBy && !isAdmin {
+		return errors.Newf(errors.TypeForbidden, errors.CodeForbidden, "you are not authorized to lock/unlock this dashboard")
+	}
+	if d.Locked == lock {
+		if lock {
+			return errors.Newf(errors.TypeAlreadyExists, errors.CodeAlreadyExists, "dashboard is already locked")
+		}
+		return errors.Newf(errors.TypeAlreadyExists, errors.CodeAlreadyExists, "dashboard is already unlocked")
+	}
+	return nil
+}
+
+func (d *DashboardV2) LockUnlock(lock bool, isAdmin bool, updatedBy string) error {
+	if err := d.CanLockUnlock(lock, isAdmin, updatedBy); err != nil {
+		return err
+	}
+	d.Locked = lock
+	d.UpdatedBy = updatedBy
+	d.UpdatedAt = time.Now()
+	return nil
+}
+
+func (d *DashboardV2) CanUpdate() error {
+	if d.Locked {
+		return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "cannot update a locked dashboard, please unlock the dashboard to update")
+	}
+	return nil
+}
+
+func (d *DashboardV2) Update(updateable UpdateableDashboardV2, updatedBy string, resolvedTags []*tagtypes.Tag) error {
+	if err := d.CanUpdate(); err != nil {
+		return err
+	}
+	d.Info.Metadata = updateable.Metadata
+	d.Info.Data = updateable.Data
+	d.Info.Tags = resolvedTags
+	d.UpdatedBy = updatedBy
+	d.UpdatedAt = time.Now()
+	return nil
+}
+
+// ToStorableDashboard packages a Dashboard into the bun row that goes into
+// the dashboard table. Tags are intentionally omitted — they live in
+// tag_relations and are inserted separately by the caller.
+func (d *DashboardV2) ToStorableDashboard() (*StorableDashboard, error) {
+	data, err := d.Info.toStorableDashboardData()
+	if err != nil {
+		return nil, err
+	}
+	return &StorableDashboard{
+		Identifiable:  types.Identifiable{ID: d.ID},
+		TimeAuditable: d.TimeAuditable,
+		UserAuditable: d.UserAuditable,
+		OrgID:         d.OrgID,
+		Locked:        d.Locked,
+		Data:          data,
+	}, nil
+}
+
+func (s StoredDashboardInfo) toStorableDashboardData() (StorableDashboardData, error) {
+	raw, err := json.Marshal(s)
+	if err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "marshal v2 dashboard data")
+	}
+	out := StorableDashboardData{}
+	if err := json.Unmarshal(raw, &out); err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "unmarshal v2 dashboard data")
+	}
+	return out, nil
+}
--- a/pkg/types/dashboardtypes/store.go
+++ b/pkg/types/dashboardtypes/store.go
@@ -32,4 +32,13 @@ type Store interface {
 	DeletePublic(context.Context, string) error

 	RunInTx(context.Context, func(context.Context) error) error
+
+	// ════════════════════════════════════════════════════════════════════════
+	// v2 dashboard methods
+	// ════════════════════════════════════════════════════════════════════════
+	GetV2(context.Context, valuer.UUID, valuer.UUID) (*StorableDashboard, *StorablePublicDashboard, error)
+
+	UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, data StorableDashboardData) error
+
+	LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, locked bool, updatedBy string) error
 }
--- a/pkg/types/tagtypes/store.go
+++ b/pkg/types/tagtypes/store.go
@@ -0,0 +1,30 @@
+package tagtypes
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Store interface {
+	List(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind) ([]*Tag, error)
+
+	ListByResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*Tag, error)
+
+	ListByResources(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceIDs []valuer.UUID) (map[valuer.UUID][]*Tag, error)
+
+	// CreateOrGet upserts the given tags and returns them with authoritative IDs.
+	// On conflict on (org_id, kind, LOWER(key), LOWER(value)) — which
+	// happens only when a concurrent insert raced ours, including casing-only
+	// collisions — the returned entry carries the existing row's ID rather
+	// than the pre-generated one in the input.
+	CreateOrGet(ctx context.Context, tags []*Tag) ([]*Tag, error)
+
+	// CreateRelations inserts tag-resource relations. Conflicts on the composite primary key are ignored.
+	CreateRelations(ctx context.Context, relations []*TagRelation) error
+
+	DeleteRelationsExcept(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, keepTagIDs []valuer.UUID) error
+
+	RunInTx(ctx context.Context, cb func(ctx context.Context) error) error
+}
--- a/pkg/types/tagtypes/tag.go
+++ b/pkg/types/tagtypes/tag.go
@@ -0,0 +1,113 @@
+package tagtypes
+
+import (
+	"regexp"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/uptrace/bun"
+)
+
+const (
+	MAX_LEN_TAG_KEY   = 32
+	MAX_LEN_TAG_VALUE = 32
+)
+
+var (
+	tagKeyRegex   = regexp.MustCompile(`^[a-zA-Z$_@{#][a-zA-Z0-9$_@#{}:/-]*$`)
+	tagValueRegex = regexp.MustCompile(`^[a-zA-Z0-9$_@#{}:.+=/-]*$`)
+
+	ErrCodeTagInvalidKey   = errors.MustNewCode("tag_invalid_key")
+	ErrCodeTagInvalidValue = errors.MustNewCode("tag_invalid_value")
+	ErrCodeTagNotFound     = errors.MustNewCode("tag_not_found")
+)
+
+type Tag struct {
+	bun.BaseModel `bun:"table:tag,alias:tag"`
+
+	types.Identifiable
+	types.TimeAuditable
+	Key   string         `json:"key" required:"true" bun:"key,type:text,notnull"`
+	Value string         `json:"value" required:"true" bun:"value,type:text,notnull"`
+	OrgID valuer.UUID    `json:"orgId" required:"true" bun:"org_id,type:text,notnull"`
+	Kind  coretypes.Kind `json:"kind" required:"true" bun:"kind,type:text,notnull"`
+}
+
+type PostableTag struct {
+	Key   string `json:"key" required:"true"`
+	Value string `json:"value" required:"true"`
+}
+
+type GettableTag = PostableTag
+
+func NewGettableTagFromTag(tag *Tag) *GettableTag {
+	return &GettableTag{Key: tag.Key, Value: tag.Value}
+}
+
+func NewGettableTagsFromTags(tags []*Tag) []*GettableTag {
+	out := make([]*GettableTag, len(tags))
+	for i, t := range tags {
+		out[i] = NewGettableTagFromTag(t)
+	}
+	return out
+}
+
+func NewPostableTagFromTag(tag *Tag) PostableTag {
+	return PostableTag{Key: tag.Key, Value: tag.Value}
+}
+
+func NewPostableTagsFromTags(tags []*Tag) []PostableTag {
+	out := make([]PostableTag, len(tags))
+	for i, t := range tags {
+		out[i] = NewPostableTagFromTag(t)
+	}
+	return out
+}
+
+func NewTag(orgID valuer.UUID, kind coretypes.Kind, key, value string) *Tag {
+	now := time.Now()
+	return &Tag{
+		Identifiable: types.Identifiable{ID: valuer.GenerateUUID()},
+		TimeAuditable: types.TimeAuditable{
+			CreatedAt: now,
+			UpdatedAt: now,
+		},
+		Key:   key,
+		Value: value,
+		OrgID: orgID,
+		Kind:  kind,
+	}
+}
+
+// ValidatePostableTag trims and validates a user-supplied (key, value) pair.
+// Returns the cleaned values on success. Entity-specific reserved-key checks
+// (e.g. dashboard column names that would collide with the list-query DSL) are
+// the caller's responsibility — perform them before calling into the tag module.
+func ValidatePostableTag(p PostableTag) (string, string, error) {
+	key := strings.TrimSpace(p.Key)
+	value := strings.TrimSpace(p.Value)
+	if key == "" {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidKey, "tag key cannot be empty")
+	}
+	if value == "" {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidValue, "tag value cannot be empty")
+	}
+	if !tagKeyRegex.MatchString(key) {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidKey, "tag key %q contains disallowed characters", key)
+	}
+	if !tagValueRegex.MatchString(value) {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidValue, "tag value %q contains disallowed characters", value)
+	}
+	if utf8.RuneCountInString(key) > MAX_LEN_TAG_KEY {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidKey, "tag key %q exceeds the %d-character limit", key, MAX_LEN_TAG_KEY)
+	}
+	if utf8.RuneCountInString(value) > MAX_LEN_TAG_VALUE {
+		return "", "", errors.Newf(errors.TypeInvalidInput, ErrCodeTagInvalidValue, "tag value %q exceeds the %d-character limit", value, MAX_LEN_TAG_VALUE)
+	}
+	return key, value, nil
+}
--- a/pkg/types/tagtypes/tag_relation.go
+++ b/pkg/types/tagtypes/tag_relation.go
@@ -0,0 +1,34 @@
+package tagtypes
+
+import (
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/uptrace/bun"
+)
+
+type TagRelation struct {
+	bun.BaseModel `bun:"table:tag_relation,alias:tag_relation"`
+
+	types.Identifiable
+	Kind       coretypes.Kind `json:"kind" required:"true" bun:"kind,type:text,notnull"`
+	ResourceID valuer.UUID    `json:"resourceId" required:"true" bun:"resource_id,type:text,notnull"`
+	TagID      valuer.UUID    `json:"tagId" required:"true" bun:"tag_id,type:text,notnull"`
+}
+
+func NewTagRelation(kind coretypes.Kind, resourceID valuer.UUID, tagID valuer.UUID) *TagRelation {
+	return &TagRelation{
+		Identifiable: types.Identifiable{ID: valuer.GenerateUUID()},
+		Kind:         kind,
+		ResourceID:   resourceID,
+		TagID:        tagID,
+	}
+}
+
+func NewTagRelations(kind coretypes.Kind, resourceID valuer.UUID, tagIDs []valuer.UUID) []*TagRelation {
+	relations := make([]*TagRelation, 0, len(tagIDs))
+	for _, tagID := range tagIDs {
+		relations = append(relations, NewTagRelation(kind, resourceID, tagID))
+	}
+	return relations
+}
--- a/pkg/types/tagtypes/tag_test.go
+++ b/pkg/types/tagtypes/tag_test.go
@@ -0,0 +1,69 @@
+package tagtypes
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestValidatePostableTag(t *testing.T) {
+	tests := []struct {
+		name      string
+		input     PostableTag
+		wantKey   string
+		wantValue string
+		wantError bool
+	}{
+		{name: "simple pair", input: PostableTag{Key: "team", Value: "pulse"}, wantKey: "team", wantValue: "pulse"},
+		{name: "preserves casing", input: PostableTag{Key: "Team", Value: "Pulse"}, wantKey: "Team", wantValue: "Pulse"},
+		{name: "trims key", input: PostableTag{Key: "  team  ", Value: "pulse"}, wantKey: "team", wantValue: "pulse"},
+		{name: "trims value", input: PostableTag{Key: "team", Value: "  pulse  "}, wantKey: "team", wantValue: "pulse"},
+
+		{name: "empty key rejected", input: PostableTag{Key: "", Value: "pulse"}, wantError: true},
+		{name: "empty value rejected", input: PostableTag{Key: "team", Value: ""}, wantError: true},
+		{name: "whitespace-only key rejected", input: PostableTag{Key: "   ", Value: "pulse"}, wantError: true},
+		{name: "whitespace-only value rejected", input: PostableTag{Key: "team", Value: "   "}, wantError: true},
+
+		{name: "slash accepted", input: PostableTag{Key: "team/eng", Value: "pulse/events"}, wantKey: "team/eng", wantValue: "pulse/events"},
+		{name: "colon accepted", input: PostableTag{Key: "team:eng", Value: "env:prod"}, wantKey: "team:eng", wantValue: "env:prod"},
+		{name: "extra punctuation accepted in both", input: PostableTag{Key: "a_b-c@d#e$f{g}h", Value: "a_b-c@d#e$f{g}h"}, wantKey: "a_b-c@d#e$f{g}h", wantValue: "a_b-c@d#e$f{g}h"},
+
+		// Key is strict; value allows the extra `. + =` plus leading digits.
+		{name: "dot in key rejected", input: PostableTag{Key: "team.eng", Value: "pulse"}, wantError: true},
+		{name: "dot in value accepted", input: PostableTag{Key: "team", Value: "pulse.events"}, wantKey: "team", wantValue: "pulse.events"},
+		{name: "plus in key rejected", input: PostableTag{Key: "team+eng", Value: "pulse"}, wantError: true},
+		{name: "plus in value accepted", input: PostableTag{Key: "team", Value: "a+b"}, wantKey: "team", wantValue: "a+b"},
+		{name: "equals in key rejected", input: PostableTag{Key: "team=eng", Value: "pulse"}, wantError: true},
+		{name: "equals in value accepted", input: PostableTag{Key: "team", Value: "a=b"}, wantKey: "team", wantValue: "a=b"},
+		{name: "leading digit in key rejected", input: PostableTag{Key: "2024team", Value: "pulse"}, wantError: true},
+		{name: "leading digit in value accepted", input: PostableTag{Key: "team", Value: "2024_team"}, wantKey: "team", wantValue: "2024_team"},
+
+		{name: "unicode letter in key rejected", input: PostableTag{Key: "チーム", Value: "pulse"}, wantError: true},
+		{name: "unicode letter in value rejected", input: PostableTag{Key: "team", Value: "東京"}, wantError: true},
+
+		{name: "internal space in key rejected", input: PostableTag{Key: "team eng", Value: "pulse"}, wantError: true},
+		{name: "internal space in value rejected", input: PostableTag{Key: "team", Value: "pulse two"}, wantError: true},
+
+		{name: "disallowed char in key rejected", input: PostableTag{Key: "team!eng", Value: "pulse"}, wantError: true},
+		{name: "disallowed char in value rejected", input: PostableTag{Key: "team", Value: "pulse!one"}, wantError: true},
+		{name: "control char rejected", input: PostableTag{Key: "team\tone", Value: "pulse"}, wantError: true},
+
+		{name: "key at the 32-char limit accepted", input: PostableTag{Key: "abcdefghijklmnopabcdefghijklmnop", Value: "pulse"}, wantKey: "abcdefghijklmnopabcdefghijklmnop", wantValue: "pulse"},
+		{name: "value at the 32-char limit accepted", input: PostableTag{Key: "team", Value: "abcdefghijklmnopabcdefghijklmnop"}, wantKey: "team", wantValue: "abcdefghijklmnopabcdefghijklmnop"},
+		{name: "key over the 32-char limit rejected", input: PostableTag{Key: "abcdefghijklmnopabcdefghijklmnopq", Value: "pulse"}, wantError: true},
+		{name: "value over the 32-char limit rejected", input: PostableTag{Key: "team", Value: "abcdefghijklmnopabcdefghijklmnopq"}, wantError: true},
+	}
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			gotKey, gotValue, err := ValidatePostableTag(tc.input)
+			if tc.wantError {
+				require.Error(t, err)
+				return
+			}
+			require.NoError(t, err)
+			assert.Equal(t, tc.wantKey, gotKey)
+			assert.Equal(t, tc.wantValue, gotValue)
+		})
+	}
+}
--- a/pkg/types/tagtypes/tagtypestest/store.go
+++ b/pkg/types/tagtypes/tagtypestest/store.go
@@ -0,0 +1,53 @@
+package tagtypestest
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+// MockStore is an in-memory tagtypes.MockStore implementation for tests. Most methods
+// are inert no-ops; List returns the contents of Tags and increments
+// ListCallCount so tests can assert on lookup behavior. Set Tags directly to
+// preload fixtures.
+type MockStore struct {
+	Tags          []*tagtypes.Tag
+	ListCallCount int
+}
+
+func NewStore() *MockStore {
+	return &MockStore{}
+}
+
+func (s *MockStore) List(_ context.Context, _ valuer.UUID, _ coretypes.Kind) ([]*tagtypes.Tag, error) {
+	s.ListCallCount++
+	out := make([]*tagtypes.Tag, len(s.Tags))
+	copy(out, s.Tags)
+	return out, nil
+}
+
+func (s *MockStore) CreateOrGet(_ context.Context, tags []*tagtypes.Tag) ([]*tagtypes.Tag, error) {
+	return tags, nil
+}
+
+func (s *MockStore) CreateRelations(_ context.Context, _ []*tagtypes.TagRelation) error {
+	return nil
+}
+
+func (s *MockStore) ListByResource(_ context.Context, _ valuer.UUID, _ coretypes.Kind, _ valuer.UUID) ([]*tagtypes.Tag, error) {
+	return []*tagtypes.Tag{}, nil
+}
+
+func (s *MockStore) ListByResources(_ context.Context, _ valuer.UUID, _ coretypes.Kind, _ []valuer.UUID) (map[valuer.UUID][]*tagtypes.Tag, error) {
+	return map[valuer.UUID][]*tagtypes.Tag{}, nil
+}
+
+func (s *MockStore) DeleteRelationsExcept(_ context.Context, _ valuer.UUID, _ coretypes.Kind, _ valuer.UUID, _ []valuer.UUID) error {
+	return nil
+}
+
+func (s *MockStore) RunInTx(ctx context.Context, cb func(ctx context.Context) error) error {
+	return cb(ctx)
+}
--- a/tests/integration/tests/dashboard/03_v2_dashboard.py
+++ b/tests/integration/tests/dashboard/03_v2_dashboard.py
@@ -0,0 +1,191 @@
+import json
+from collections.abc import Callable
+from http import HTTPStatus
+from pathlib import Path
+
+import requests
+
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
+from fixtures.types import Operation, SigNoz
+
+_PERSES_FIXTURE = (
+    Path(__file__).parents[4]
+    / "pkg/types/dashboardtypes/dashboardtypesv2/testdata/perses.json"
+)
+
+
+def _post_dashboard(signoz: SigNoz, token: str, body: dict) -> requests.Response:
+    return requests.post(
+        signoz.self.host_configs["8080"].get("/api/v2/dashboards"),
+        json=body,
+        headers={"Authorization": f"Bearer {token}"},
+        timeout=2,
+    )
+
+
+def test_empty_body_rejected_for_missing_schema_version(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _post_dashboard(signoz, admin_token, {})
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["status"] == "error"
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == 'metadata.schemaVersion must be "v6", got ""'
+
+
+def test_missing_display_name_rejected(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _post_dashboard(signoz, admin_token, {"metadata": {"schemaVersion": "v6"}})
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["status"] == "error"
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == "data.display.name is required"
+
+
+def test_minimal_valid_body_creates_dashboard(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _post_dashboard(
+        signoz,
+        admin_token,
+        {
+            "metadata": {"schemaVersion": "v6"},
+            "data": {"display": {"name": "test name"}},
+        },
+    )
+
+    assert response.status_code == HTTPStatus.CREATED
+    body = response.json()
+    assert body["status"] == "success"
+    data = body["data"]
+    assert data["info"]["data"]["display"]["name"] == "test name"
+    assert data["info"]["metadata"]["schemaVersion"] == "v6"
+
+
+def test_unknown_root_field_rejected(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _post_dashboard(
+        signoz,
+        admin_token,
+        {
+            "metadata": {"schemaVersion": "v6"},
+            "data": {"display": {"name": "test name"}},
+            "unknownfieldattheroot": "shouldgiveanerror",
+        },
+    )
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["status"] == "error"
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == 'json: unknown field "unknownfieldattheroot"'
+
+
+def test_unknown_nested_field_rejected(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _post_dashboard(
+        signoz,
+        admin_token,
+        {
+            "metadata": {"schemaVersion": "v6"},
+            "data": {
+                "display": {
+                    "name": "test name",
+                    "unknownfieldinside": "shouldgiveanerror",
+                },
+            },
+        },
+    )
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["status"] == "error"
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == 'json: unknown field "unknownfieldinside"'
+
+
+def test_perses_fixture_creates_dashboard(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    """The perses.json fixture is the kitchen-sink dashboard the schema tests
+    use; round-tripping it through the create API exercises the full plugin
+    surface end-to-end."""
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    data = json.loads(_PERSES_FIXTURE.read_text())
+    response = _post_dashboard(
+        signoz,
+        admin_token,
+        {"metadata": {"schemaVersion": "v6"}, "data": data},
+    )
+
+    assert response.status_code == HTTPStatus.CREATED
+    body = response.json()
+    assert body["status"] == "success"
+    assert body["data"]["info"]["data"]["display"]["name"] == data["display"]["name"]
+
+
+def test_tag_casing_is_inherited_from_existing_parent(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    """A second dashboard tagged with a sibling under a casing-variant parent
+    path should adopt the existing parent's casing while keeping the
+    user-supplied casing for the new leaf segment."""
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    first = _post_dashboard(
+        signoz,
+        admin_token,
+        {
+            "metadata": {"schemaVersion": "v6"},
+            "data": {"display": {"name": "dac"}},
+            "tags": [{"name": "engineering/US/NYC"}],
+        },
+    )
+    assert first.status_code == HTTPStatus.CREATED
+    first_tags = first.json()["data"]["info"]["tags"]
+    assert first_tags == [{"name": "engineering/US/NYC"}]
+
+    second = _post_dashboard(
+        signoz,
+        admin_token,
+        {
+            "metadata": {"schemaVersion": "v6"},
+            "data": {"display": {"name": "dac"}},
+            "tags": [{"name": "engineering/us/SF"}],
+        },
+    )
+    assert second.status_code == HTTPStatus.CREATED
+    second_tags = second.json()["data"]["info"]["tags"]
+    assert second_tags == [{"name": "engineering/US/SF"}]