Merge branch 'main' into nv/4102

* feat: removed the sso auth announcement banner

* feat: updated icon to use signozhq icons

.github/workflows/jsci.yaml

@@ -61,3 +61,59 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
+  md-languages:
+    if: |
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+      - name: validate md languages
+        run: bash frontend/scripts/validate-md-languages.sh
+  authz:
+    if: |
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: "22"
+
+      - name: Install frontend dependencies
+        working-directory: ./frontend
+        run: |
+          yarn install
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+
+      - name: Install Python dependencies
+        working-directory: ./tests/integration
+        run: |
+          uv sync
+
+      - name: Start test environment
+        run: |
+          make py-test-setup
+
+      - name: Generate permissions.type.ts
+        run: |
+          node frontend/scripts/generate-permissions-type.js
+
+      - name: Teardown test environment
+        if: always()
+        run: |
+          make py-test-teardown
+
+      - name: Check for changes
+        run: |
+          if ! git diff --exit-code frontend/src/hooks/useAuthZ/permissions.type.ts; then
+            echo "::error::frontend/src/hooks/useAuthZ/permissions.type.ts is out of date. Please run the generator locally and commit the changes: npm run generate:permissions-type (from the frontend directory)"
+            exit 1
+          fi

.vscode/settings.json

@@ -17,7 +17,5 @@
 	},
 	"[html]": {
 		"editor.defaultFormatter": "vscode.html-language-features"
-	},
-	"python-envs.defaultEnvManager": "ms-python.python:system",
-	"python-envs.pythonProjects": []
+	}
 }

docs/api/openapi.yml

@@ -1763,6 +1763,134 @@ components:
       - type
       - orgId
       type: object
+    ServiceaccounttypesFactorAPIKey:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        expires_at:
+          minimum: 0
+          type: integer
+        id:
+          type: string
+        key:
+          type: string
+        last_used:
+          format: date-time
+          type: string
+        name:
+          type: string
+        service_account_id:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+      required:
+      - id
+      - key
+      - expires_at
+      - last_used
+      - service_account_id
+      type: object
+    ServiceaccounttypesGettableFactorAPIKeyWithKey:
+      properties:
+        id:
+          type: string
+        key:
+          type: string
+      required:
+      - id
+      - key
+      type: object
+    ServiceaccounttypesPostableFactorAPIKey:
+      properties:
+        expires_at:
+          minimum: 0
+          type: integer
+        name:
+          type: string
+      required:
+      - name
+      - expires_at
+      type: object
+    ServiceaccounttypesPostableServiceAccount:
+      properties:
+        email:
+          type: string
+        name:
+          type: string
+        roles:
+          items:
+            type: string
+          type: array
+      required:
+      - name
+      - email
+      - roles
+      type: object
+    ServiceaccounttypesServiceAccount:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        email:
+          type: string
+        id:
+          type: string
+        name:
+          type: string
+        orgID:
+          type: string
+        roles:
+          items:
+            type: string
+          type: array
+        status:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+      required:
+      - id
+      - name
+      - email
+      - roles
+      - status
+      - orgID
+      type: object
+    ServiceaccounttypesUpdatableFactorAPIKey:
+      properties:
+        expires_at:
+          minimum: 0
+          type: integer
+        name:
+          type: string
+      required:
+      - name
+      - expires_at
+      type: object
+    ServiceaccounttypesUpdatableServiceAccount:
+      properties:
+        email:
+          type: string
+        name:
+          type: string
+        roles:
+          items:
+            type: string
+          type: array
+      required:
+      - name
+      - email
+      - roles
+      type: object
+    ServiceaccounttypesUpdatableServiceAccountStatus:
+      properties:
+        status:
+          type: string
+      required:
+      - status
+      type: object
     TelemetrytypesFieldContext:
       enum:
       - metric
@@ -2858,186 +2986,6 @@ paths:
       summary: Update auth domain
       tags:
       - authdomains
-  /api/v1/export_raw_data:
-    get:
-      deprecated: false
-      description: This endpoints allows simple query exporting raw data for traces
-        and logs
-      operationId: HandleExportRawDataGET
-      parameters:
-      - in: query
-        name: format
-        schema:
-          default: csv
-          enum:
-          - csv
-          - jsonl
-          type: string
-      - in: query
-        name: signal
-        required: true
-        schema:
-          $ref: '#/components/schemas/TelemetrytypesSignal'
-      - deprecated: true
-        in: query
-        name: source
-        schema:
-          deprecated: true
-          type: string
-      - in: query
-        name: start
-        schema:
-          minimum: 0
-          type: integer
-      - in: query
-        name: end
-        schema:
-          minimum: 0
-          type: integer
-      - in: query
-        name: limit
-        schema:
-          default: 10000
-          maximum: 50000
-          minimum: 1
-          type: integer
-      - deprecated: true
-        in: query
-        name: filter
-        schema:
-          deprecated: true
-          type: string
-      - content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/Querybuildertypesv5Filter'
-        in: query
-        name: filterExpression
-      - deprecated: true
-        in: query
-        name: columns
-        schema:
-          deprecated: true
-          items:
-            type: string
-          type: array
-      - in: query
-        name: selectFields
-        schema:
-          items:
-            $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
-          type: array
-      - deprecated: true
-        in: query
-        name: order_by
-        schema:
-          deprecated: true
-          type: string
-      - in: query
-        name: order
-        schema:
-          items:
-            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
-          type: array
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                type: string
-          description: OK
-        "400":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Bad Request
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - VIEWER
-      - tokenizer:
-        - VIEWER
-      summary: Export raw data
-      tags:
-      - logs
-      - traces
-    post:
-      deprecated: false
-      description: This endpoints allows complex query exporting raw data for traces
-        and logs
-      operationId: HandleExportRawDataPOST
-      parameters:
-      - in: query
-        name: format
-        schema:
-          default: csv
-          enum:
-          - csv
-          - jsonl
-          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/Querybuildertypesv5QueryRangeRequest'
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                type: string
-          description: OK
-        "400":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Bad Request
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - VIEWER
-      - tokenizer:
-        - VIEWER
-      summary: Export raw data
-      tags:
-      - logs
-      - traces
   /api/v1/fields/keys:
     get:
       deprecated: false
@@ -4717,6 +4665,586 @@ paths:
       summary: Patch objects for a role by relation
       tags:
       - role
+  /api/v1/service_accounts:
+    get:
+      deprecated: false
+      description: This endpoint lists the service accounts for an organisation
+      operationId: ListServiceAccounts
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    items:
+                      $ref: '#/components/schemas/ServiceaccounttypesServiceAccount'
+                    type: array
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: List service accounts
+      tags:
+      - serviceaccount
+    post:
+      deprecated: false
+      description: This endpoint creates a service account
+      operationId: CreateServiceAccount
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ServiceaccounttypesPostableServiceAccount'
+      responses:
+        "201":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TypesIdentifiable'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: Created
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "409":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Conflict
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Create service account
+      tags:
+      - serviceaccount
+  /api/v1/service_accounts/{id}:
+    delete:
+      deprecated: false
+      description: This endpoint deletes an existing service account
+      operationId: DeleteServiceAccount
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Deletes a service account
+      tags:
+      - serviceaccount
+    get:
+      deprecated: false
+      description: This endpoint gets an existing service account
+      operationId: GetServiceAccount
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/ServiceaccounttypesServiceAccount'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Gets a service account
+      tags:
+      - serviceaccount
+    put:
+      deprecated: false
+      description: This endpoint updates an existing service account
+      operationId: UpdateServiceAccount
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ServiceaccounttypesUpdatableServiceAccount'
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Updates a service account
+      tags:
+      - serviceaccount
+  /api/v1/service_accounts/{id}/keys:
+    get:
+      deprecated: false
+      description: This endpoint lists the service account keys
+      operationId: ListServiceAccountKeys
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    items:
+                      $ref: '#/components/schemas/ServiceaccounttypesFactorAPIKey'
+                    type: array
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: List service account keys
+      tags:
+      - serviceaccount
+    post:
+      deprecated: false
+      description: This endpoint creates a service account key
+      operationId: CreateServiceAccountKey
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ServiceaccounttypesPostableFactorAPIKey'
+      responses:
+        "201":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/ServiceaccounttypesGettableFactorAPIKeyWithKey'
+                  status:
+                    type: string
+                required:
+                - status
+                - data
+                type: object
+          description: Created
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "409":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Conflict
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Create a service account key
+      tags:
+      - serviceaccount
+  /api/v1/service_accounts/{id}/keys/{fid}:
+    delete:
+      deprecated: false
+      description: This endpoint revokes an existing service account key
+      operationId: RevokeServiceAccountKey
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      - in: path
+        name: fid
+        required: true
+        schema:
+          type: string
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Revoke a service account key
+      tags:
+      - serviceaccount
+    put:
+      deprecated: false
+      description: This endpoint updates an existing service account key
+      operationId: UpdateServiceAccountKey
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      - in: path
+        name: fid
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ServiceaccounttypesUpdatableFactorAPIKey'
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Updates a service account key
+      tags:
+      - serviceaccount
+  /api/v1/service_accounts/{id}/status:
+    put:
+      deprecated: false
+      description: This endpoint updates an existing service account status
+      operationId: UpdateServiceAccountStatus
+      parameters:
+      - in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ServiceaccounttypesUpdatableServiceAccountStatus'
+      responses:
+        "204":
+          content:
+            application/json:
+              schema:
+                type: string
+          description: No Content
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Not Found
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Updates a service account status
+      tags:
+      - serviceaccount
   /api/v1/user:
     get:
       deprecated: false
@@ -5639,6 +6167,10 @@ paths:
         name: searchText
         schema:
           type: string
+      - in: query
+        name: source
+        schema:
+          type: string
       responses:
         "200":
           content:

docs/contributing/go/abstractions.md

@@ -0,0 +1,127 @@
+# Abstractions
+
+This document provides rules for deciding when a new type, interface, or intermediate representation is warranted in Go code. The goal is to keep the codebase navigable by ensuring every abstraction earns its place.
+
+## The cost of a new abstraction
+
+Every exported type, interface, or wrapper is a permanent commitment. It must be named, documented, tested, and understood by every future contributor. It creates a new concept in the codebase vocabulary. Before introducing one, verify that the cost is justified by a concrete benefit that cannot be achieved with existing mechanisms.
+
+## Before you introduce anything new
+
+Answer these four questions. If writing a PR, include the answers in the description.
+
+1. **What already exists?** Name the specific type, function, interface, or library that covers this ground today.
+2. **What does the new abstraction add?** Name the concrete operation, guarantee, or capability. "Cleaner" or "more reusable" are not sufficient; name what the caller can do that it could not do before.
+3. **What does the new abstraction drop?** If it wraps or mirrors an existing structure, list what it cannot represent. Every gap must be either justified or handled with an explicit error.
+4. **Who consumes it?** List the call sites. If there is only one producer and one consumer in the same call chain, you likely need a function, not a type.
+
+## Rules
+
+### 1. Prefer functions over types
+
+If a piece of logic has one input and one output, write a function. Do not create a struct to hold intermediate state that is built in one place and read in one place. A function is easier to test, easier to inline, and does not expand the vocabulary of the codebase.
+
+```go
+// Prefer this:
+func ConvertConfig(src ExternalConfig) (InternalConfig, error)
+
+// Over this:
+type ConfigAdapter struct { ... }
+func NewConfigAdapter(src ExternalConfig) *ConfigAdapter
+func (a *ConfigAdapter) ToInternal() (InternalConfig, error)
+```
+
+The two-step version is only justified when `ConfigAdapter` has multiple distinct consumers that use it in different ways.
+
+### 2. Do not duplicate structures you do not own
+
+When a library or external package produces a structured output, operate on that output directly. Do not create a parallel type that mirrors a subset of its fields.
+
+A partial copy will:
+- **Silently lose data** when the source has fields or variants the copy does not account for.
+- **Drift** when the source evolves and the copy is not updated in lockstep.
+- **Add a conversion step** that doubles the code surface and the opportunity for bugs.
+
+If you need to shield consumers from a dependency, define a narrow interface over the dependency's type rather than copying its shape into a new struct.
+
+### 3. Never silently discard input
+
+If your code receives structured input and cannot handle part of it, return an error. Do not silently return nil, skip the element, or produce a partial result. Silent data loss is the hardest class of bug to detect because the code appears to work, it just produces wrong results.
+
+```go
+// Wrong: silently ignores the unrecognized case.
+default:
+    return nil
+
+// Right: makes the gap visible.
+default:
+    return nil, fmt.Errorf("unsupported %T value: %v", v, v)
+```
+
+This applies broadly: type switches, format conversions, data migrations, enum mappings, configuration parsing. Anywhere a `default` or `else` branch can swallow input, it should surface an error instead.
+
+### 4. Do not expose methods that lose information
+
+A method on a structured type should not strip meaning from the structure it belongs to. If a caller needs to iterate over elements for a specific purpose (validation, aggregation, logging), write that logic as a standalone function that operates on the structure with full context, rather than adding a method that returns a reduced view.
+
+```go
+// Problematic: callers cannot distinguish how items were related.
+func (o *Order) AllLineItems() []LineItem { ... }
+
+// Better: the validation logic operates on the full structure.
+func ValidateOrder(o *Order) error { ... }
+```
+
+Public methods shape how a type is used. Once a lossy accessor exists, callers will depend on it, and the lost information becomes unrecoverable at those call sites.
+
+### 5. Interfaces should be discovered, not predicted
+
+Do not define an interface before you have at least two concrete implementations that need it. An interface with one implementation is not abstraction; it is indirection that makes it harder to navigate from call site to implementation.
+
+The exception is interfaces required for testing (e.g., for mocking an external dependency). In that case, define the interface in the **consuming** package, not the providing package, following the Go convention of [accepting interfaces and returning structs](https://go.dev/wiki/CodeReviewComments#interfaces).
+
+### 6. Wrappers must add semantics, not just rename
+
+A wrapper type is justified when it adds meaning, validation, or invariants that the underlying type does not carry. It is not justified when it merely renames fields or reorganizes the same data into a different shape.
+
+```go
+// Justified: adds validation that the underlying string does not carry.
+type OrgID struct{ value string }
+func NewOrgID(s string) (OrgID, error) { /* validates format */ }
+
+// Not justified: renames fields with no new invariant or behavior.
+type UserInfo struct {
+    Name  string // same as source.Name
+    Email string // same as source.Email
+}
+```
+
+Ask: what does the wrapper guarantee that the underlying type does not? If the answer is nothing, use the underlying type directly.
+
+## When a new type IS warranted
+
+A new type earns its place when it meets **at least one** of these criteria:
+
+- **Serialization boundary**: It must be persisted, sent over the wire, or written to config. The source type is unsuitable (unexported fields, function pointers, cycles).
+- **Invariant enforcement**: The constructor or methods enforce constraints that raw data does not carry (e.g., non-empty, validated format, bounded range).
+- **Multiple distinct consumers**: Three or more call sites use the type in meaningfully different ways. The type is the shared vocabulary between them.
+- **Dependency firewall**: The type lives in a lightweight package so that consumers avoid importing a heavy dependency.
+
+## What should I remember?
+
+- A function is almost always simpler than a type. Start with a function; promote to a type only when you have evidence of need.
+- Never silently drop data. If you cannot handle it, error.
+- If your new type mirrors an existing one, you need a strong reason beyond "nicer to work with".
+- If your type has one producer and one consumer, it is indirection, not abstraction.
+- Interfaces come from need (multiple implementations), not from prediction.
+- When in doubt, do not add it. It is easier to add an abstraction later when the need is clear than to remove one after it has spread through the codebase.
+
+## Further reading
+
+These works and our own lessions shaped the above guidelines
+
+- [The Wrong Abstraction](https://sandimetz.com/blog/2016/1/20/the-wrong-abstraction) - Sandi Metz. The wrong abstraction is worse than duplication. If you find yourself passing parameters and adding conditional paths through shared code, inline it back into every caller and let the duplication show you what the right abstraction is.
+- [Write code that is easy to delete, not easy to extend](https://programmingisterrible.com/post/139222674273/write-code-that-is-easy-to-delete-not-easy-to) - tef. Every abstraction is a bet on the future. Optimize for how cheaply you can remove code when the bet is wrong, not for how easily you can extend it when the bet is right.
+- [Goodbye, Clean Code](https://overreacted.io/goodbye-clean-code/) - Dan Abramov. A refactoring that removes duplication can look cleaner while making the code harder to change. Clean-looking and easy-to-change are not the same thing.
+- [A Philosophy of Software Design](https://www.amazon.com/Philosophy-Software-Design-John-Ousterhout/dp/1732102201) - John Ousterhout. Good abstractions are deep: simple interface, complex implementation. A "false abstraction" omits important details while appearing simple, and is worse than no abstraction at all. ([Summary by Pragmatic Engineer](https://blog.pragmaticengineer.com/a-philosophy-of-software-design-review/))
+- [Simplicity is Complicated](https://go.dev/talks/2015/simplicity-is-complicated.slide) - Rob Pike. Go-specific. Fewer orthogonal concepts that compose predictably beat many overlapping ones. Features were left out of Go deliberately; the same discipline applies to your own code.

docs/contributing/go/handler.md

@@ -123,7 +123,6 @@ if err := router.Handle("/api/v1/things", handler.New(
         Description:         "This endpoint creates a thing",
         Request:             new(types.PostableThing),
         RequestContentType:  "application/json",
-        RequestQuery:        new(types.QueryableThing),
         Response:            new(types.GettableThing),
         ResponseContentType: "application/json",
         SuccessStatusCode:   http.StatusCreated,
@@ -156,8 +155,6 @@ The `handler.New` function ties the HTTP handler to OpenAPI metadata via `OpenAP
 - **Request / RequestContentType**:
   - `Request` is a Go type that describes the request body or form.
   - `RequestContentType` is usually `"application/json"` or `"application/x-www-form-urlencoded"` (for callbacks like SAML).
-- **RequestQuery**:
-  - `RequestQuery` is a Go type that descirbes query url params.
 - **RequestExamples**: An array of `handler.OpenAPIExample` that provide concrete request payloads in the generated spec. See [Adding request examples](#adding-request-examples) below.
 - **Response / ResponseContentType**:
   - `Response` is the Go type for the successful response payload.

docs/contributing/go/packages.md

@@ -0,0 +1,126 @@
+# Packages
+
+All shared Go code in SigNoz lives under `pkg/`. Each package represents a distinct domain concept and exposes a clear public interface. This guide covers the conventions for creating, naming, and organising packages so the codebase stays consistent as it grows.
+
+## How should I name a package?
+
+Use short, lowercase, single-word names. No underscores or camelCase (`querier`, `cache`, `authz`, not `query_builder` or `dataStore`).
+
+Names must be **domain-specific**. A package name should tell you what problem domain it deals with, not what data structure it wraps. Prefer `alertmanager` over `manager`, `licensing` over `checker`.
+
+Avoid generic names like `util`, `helpers`, `common`, `misc`, or `base`. If you can't name it, the code probably belongs in an existing package.
+
+## When should I create a new package?
+
+Create a new package when:
+
+- The functionality represents a **distinct domain concept** (e.g., `authz`, `licensing`, `cache`).
+- Two or more other packages would import it; it serves as shared infrastructure.
+- The code has a clear public interface that can stand on its own.
+
+Do **not** create a new package when:
+
+- There is already a package that covers the same domain. Extend the existing package instead.
+- The code is only used in one place. Keep it local to the caller.
+- You are splitting purely for file size. Use multiple files within the same package instead.
+
+## How should I lay out a package?
+
+A typical package looks like:
+
+```
+pkg/cache/
+├── cache.go            # Public interface + exported types
+├── config.go           # Configuration types if needed
+├── memorycache/        # Implementation sub-package
+├── rediscache/         # Another implementation
+└── cachetest/          # Test helpers for consumers
+```
+
+Follow these rules:
+
+1. **Interface-first file**: The file matching the package name (e.g., `cache.go` in `pkg/cache/`) should define the public interface and core exported types. Keep implementation details out of this file.
+
+2. **One responsibility per file**: Name files after what they contain (`config.go`, `handler.go`, `service.go`), not after the package name. If a package merges two concerns, prefix files to group them (e.g., `memory_store.go`, `redis_store.go` in a storage package).
+
+3. **Sub-packages for implementations**: When a package defines an interface with multiple implementations, put each implementation in its own sub-package (`memorycache/`, `rediscache/`). This keeps the parent package import-free of implementation dependencies.
+
+4. **Test helpers in `{pkg}test/`**: If consumers need test mocks or builders, put them in a `{pkg}test/` sub-package (e.g., `cachetest/`, `sqlstoretest/`). This avoids polluting the main package with test-only code.
+
+5. **Test files stay alongside source**: Unit tests go in `_test.go` files next to the code they test, in the same package.
+
+## How should I name symbols?
+
+### Exported symbols
+
+- **Interfaces**: For single-method interfaces, follow the standard `-er` suffix convention (`Reader`, `Writer`, `Closer`). For multi-method interfaces, use clear nouns (`Cache`, `Store`, `Provider`).
+- **Constructors**: `New<Type>(...)` (e.g., `NewMemoryCache()`).
+- **Avoid stutter**: Since callers qualify with the package name, don't repeat it. Write `cache.Cache`, not `cache.CacheInterface`. Write `authz.FromRole`, not `authz.AuthzFromRole`.
+
+### Unexported symbols
+
+- Struct receivers: one or two characters (`c`, `f`, `br`).
+- Helper functions: descriptive lowercase names (`parseToken`, `buildQuery`).
+
+### Constants
+
+- Use `PascalCase` for exported constants.
+- When merging files from different origins into one package, watch out for **name collisions** across files. Prefix to disambiguate when two types share a natural name.
+
+## How should I organise imports?
+
+Group imports in three blocks separated by blank lines:
+
+```go
+import (
+    // 1. Standard library
+    "fmt"
+    "net/http"
+
+    // 2. External dependencies
+    "github.com/gorilla/mux"
+
+    // 3. Internal
+    "github.com/SigNoz/signoz/pkg/errors"
+    "github.com/SigNoz/signoz/pkg/types"
+)
+```
+
+Never introduce circular imports. If package A needs package B and B needs A, extract the shared types into a third package (often under `pkg/types/`).
+
+## Where do shared types go?
+
+Most types belong in `pkg/types/` under a domain-specific sub-package (e.g., `pkg/types/ruletypes`, `pkg/types/authtypes`).
+
+Do not put domain logic in `pkg/types/`. Only data structures, constants, and simple methods.
+
+## How do I merge or move packages?
+
+When two packages are tightly coupled (one imports the other's constants, they cover the same domain), merge them:
+
+1. Pick a domain-specific name for the combined package.
+2. Prefix files to preserve origin (e.g., `memory_store.go`, `redis_store.go`).
+3. Resolve symbol conflicts explicitly; rename with a prefix rather than silently shadowing.
+4. Update all consumers in a single change.
+5. Delete the old packages. Do not leave behind re-export shims.
+6. Verify with `go build ./...`, `go test ./<new-pkg>/...`, and `go vet ./...`.
+
+## When should I add documentation?
+
+Add a `doc.go` with a package-level comment for any package that is non-trivial or has multiple consumers. Keep it to 1–3 sentences:
+
+```go
+// Package cache provides a caching interface with pluggable backends
+// for in-memory and Redis-based storage.
+package cache
+```
+
+## What should I remember?
+
+- Package names are domain-specific and lowercase. Never generic names like `util` or `common`.
+- The file matching the package name (e.g., `cache.go`) defines the public interface. Implementation details go elsewhere.
+- Never introduce circular imports. Extract shared types into `pkg/types/` when needed.
+- Watch for symbol name collisions when merging packages, prefix to disambiguate.
+- Put test helpers in a `{pkg}test/` sub-package, not in the main package.
+- Before submitting, verify with `go build ./...`, `go test ./<your-pkg>/...`, and `go vet ./...`.
+- Update all consumers when you rename or move symbols.

docs/contributing/go/readme.md

@@ -8,4 +8,15 @@ We adhere to three primary style guides as our foundation:
 - [Code Review Comments](https://go.dev/wiki/CodeReviewComments) - For understanding common comments in code reviews
 - [Google Style Guide](https://google.github.io/styleguide/go/) - Additional practices from Google
 
-We **recommend** (almost enforce) reviewing these guides before contributing to the codebase. They provide valuable insights into writing idiomatic Go code and will help you understand our approach to backend development. In addition, we have a few additional rules that make certain areas stricter than the above which can be found in area-specific files in this package.
+We **recommend** (almost enforce) reviewing these guides before contributing to the codebase. They provide valuable insights into writing idiomatic Go code and will help you understand our approach to backend development. In addition, we have a few additional rules that make certain areas stricter than the above which can be found in area-specific files in this package:
+
+- [Abstractions](abstractions.md) - When to introduce new types and intermediate representations
+- [Errors](errors.md) - Structured error handling
+- [Endpoint](endpoint.md) - HTTP endpoint patterns
+- [Flagger](flagger.md) - Feature flag patterns
+- [Handler](handler.md) - HTTP handler patterns
+- [Integration](integration.md) - Integration testing
+- [Provider](provider.md) - Dependency injection and provider patterns
+- [Packages](packages.md) - Naming, layout, and conventions for `pkg/` packages
+- [Service](service.md) - Managed service lifecycle with `factory.Service`
+- [SQL](sql.md) - Database and SQL patterns

docs/contributing/go/service.md

@@ -0,0 +1,269 @@
+# Service
+
+A service is a component with a managed lifecycle: it starts, runs for the lifetime of the application, and stops gracefully.
+
+Services are distinct from [providers](provider.md). A provider adapts an external dependency behind an interface. A service has a managed lifecycle that is tied to the lifetime of the application.
+
+## When do you need a service?
+
+You need a service when your component needs to do work that outlives a single method call:
+
+- **Periodic work**: polling an external system, garbage-collecting expired data, syncing state on an interval.
+- **Graceful shutdown**: holding resources (connections, caches, buffers) that must be flushed or closed before the process exits.
+- **Blocking on readiness**: waiting for an external dependency to become available before the application can proceed.
+
+If your component only responds to calls and holds no state that requires cleanup, it is a provider, not a service. If it does both (responds to calls *and* needs a lifecycle), embed `factory.Service` in the provider interface; see [How to create a service](#how-to-create-a-service).
+
+## The interface
+
+The `factory.Service` interface in `pkg/factory/service.go` defines two methods:
+
+```go
+type Service interface {
+    // Starts a service. It should block and should not return until the service is stopped or it fails.
+    Start(context.Context) error
+    // Stops a service.
+    Stop(context.Context) error
+}
+```
+
+`Start` **must block**. It should not return until the service is stopped (returning `nil`) or something goes wrong (returning an error). If `Start` returns an error, the entire application shuts down.
+
+`Stop` should cause `Start` to unblock and return. It must be safe to call from a different goroutine than the one running `Start`.
+
+## Shutdown coordination
+
+Every service uses a `stopC chan struct{}` to coordinate shutdown:
+
+- **Constructor**: `stopC: make(chan struct{})`
+- **Start**: blocks on `<-stopC` (or uses it in a `select` loop)
+- **Stop**: `close(stopC)` to unblock `Start`
+
+This is the standard pattern. Do not use `context.WithCancel` or other mechanisms for service-level shutdown coordination. See the examples in the next section.
+
+## Service shapes
+
+Two shapes recur across the codebase (these are not exhaustive, if a new shape is needed, bring it up for discussion before going ahead with the implementation), implemented by convention rather than base classes.
+
+### Idle service
+
+The service does work during startup or shutdown but has nothing to do while running. `Start` blocks on `<-stopC`. `Stop` closes `stopC` and optionally does cleanup.
+
+The JWT tokenizer (`pkg/tokenizer/jwttokenizer/provider.go`) is a good example. It validates and creates tokens on demand via method calls, but has no periodic work to do. It still needs the service lifecycle so the registry can manage its lifetime:
+
+```go
+// pkg/tokenizer/jwttokenizer/provider.go
+
+func (provider *provider) Start(ctx context.Context) error {
+    <-provider.stopC
+    return nil
+}
+
+func (provider *provider) Stop(ctx context.Context) error {
+    close(provider.stopC)
+    return nil
+}
+```
+
+The instrumentation SDK (`pkg/instrumentation/sdk.go`) is idle while running but does real cleanup in `Stop` shutting down its OpenTelemetry tracer and meter providers:
+
+```go
+// pkg/instrumentation/sdk.go
+
+func (i *SDK) Start(ctx context.Context) error {
+    <-i.startCh
+    return nil
+}
+
+func (i *SDK) Stop(ctx context.Context) error {
+    close(i.startCh)
+    return errors.Join(
+        i.sdk.Shutdown(ctx),
+        i.meterProviderShutdownFunc(ctx),
+    )
+}
+```
+
+### Scheduled service
+
+The service runs an operation repeatedly on a fixed interval. `Start` runs a ticker loop with a `select` on `stopC` and the ticker channel.
+
+The opaque tokenizer (`pkg/tokenizer/opaquetokenizer/provider.go`) garbage-collects expired tokens and flushes cached last-observed-at timestamps to the database on a configurable interval:
+
+```go
+// pkg/tokenizer/opaquetokenizer/provider.go
+
+func (provider *provider) Start(ctx context.Context) error {
+    ticker := time.NewTicker(provider.config.Opaque.GC.Interval)
+    defer ticker.Stop()
+
+    for {
+        select {
+        case <-provider.stopC:
+            return nil
+        case <-ticker.C:
+            orgs, err := provider.orgGetter.ListByOwnedKeyRange(ctx)
+            if err != nil {
+                provider.settings.Logger().ErrorContext(ctx, "failed to get orgs data", "error", err)
+                continue
+            }
+
+            for _, org := range orgs {
+                if err := provider.gc(ctx, org); err != nil {
+                    provider.settings.Logger().ErrorContext(ctx, "failed to garbage collect tokens", "error", err, "org_id", org.ID)
+                }
+
+                if err := provider.flushLastObservedAt(ctx, org); err != nil {
+                    provider.settings.Logger().ErrorContext(ctx, "failed to flush tokens", "error", err, "org_id", org.ID)
+                }
+            }
+        }
+    }
+}
+```
+
+Its `Stop` does a final gc and flush before returning, so no data is lost on shutdown:
+
+```go
+// pkg/tokenizer/opaquetokenizer/provider.go
+
+func (provider *provider) Stop(ctx context.Context) error {
+    close(provider.stopC)
+
+    orgs, err := provider.orgGetter.ListByOwnedKeyRange(ctx)
+    if err != nil {
+        return err
+    }
+
+    for _, org := range orgs {
+        if err := provider.gc(ctx, org); err != nil {
+            provider.settings.Logger().ErrorContext(ctx, "failed to garbage collect tokens", "error", err, "org_id", org.ID)
+        }
+
+        if err := provider.flushLastObservedAt(ctx, org); err != nil {
+            provider.settings.Logger().ErrorContext(ctx, "failed to flush tokens", "error", err, "org_id", org.ID)
+        }
+    }
+
+    return nil
+}
+```
+
+The key points:
+
+- In the loop, `select` on `stopC` and the ticker. Errors in iterations are logged but do not cause the service to return (which would shut down the application).
+- Only return an error from `Start` if the failure is unrecoverable.
+- Use `Stop` to flush or drain any in-memory state before the process exits.
+
+## How to create a service
+
+There are two cases: a standalone service and a provider that is also a service.
+
+### Standalone service
+
+A standalone service only has the `factory.Service` lifecycle i.e it does not serve as a dependency for other packages. The user reconciliation service is an example.
+
+1. Define the service interface in your package. Embed `factory.Service`:
+
+    ```go
+    // pkg/modules/user/service.go
+    package user
+
+    type Service interface {
+        factory.Service
+    }
+    ```
+
+2. Create the implementation in an `impl` sub-package. Use an unexported struct with an exported constructor that returns the interface:
+
+    ```go
+    // pkg/modules/user/impluser/service.go
+    package impluser
+
+    type service struct {
+        settings factory.ScopedProviderSettings
+        // ... dependencies ...
+        stopC    chan struct{}
+    }
+
+    func NewService(
+        providerSettings factory.ProviderSettings,
+        // ... dependencies ...
+    ) user.Service {
+        return &service{
+            settings: factory.NewScopedProviderSettings(providerSettings, "go.signoz.io/pkg/modules/user"),
+            // ... dependencies ...
+            stopC:    make(chan struct{}),
+        }
+    }
+
+    func (s *service) Start(ctx context.Context) error { ... }
+    func (s *service) Stop(ctx context.Context) error { ... }
+    ```
+
+### Provider that is also a service
+
+Many providers need a managed lifecycle: they poll, sync, or garbage-collect in the background. In this case, embed `factory.Service` in the provider interface. The implementation satisfies both the provider methods and `Start`/`Stop`.
+
+```go
+// pkg/tokenizer/tokenizer.go
+package tokenizer
+
+type Tokenizer interface {
+    factory.Service
+    CreateToken(context.Context, *authtypes.Identity, map[string]string) (*authtypes.Token, error)
+    GetIdentity(context.Context, string) (*authtypes.Identity, error)
+    // ... other methods ...
+}
+```
+
+The implementation (e.g. `pkg/tokenizer/opaquetokenizer/provider.go`) implements `Start`, `Stop`, and all the provider methods on the same struct. See the [provider guide](provider.md) for how to set up the factory, config, and constructor. The `stopC` channel and `Start`/`Stop` methods follow the same patterns described above.
+
+## How to wire it up
+
+Wiring happens in `pkg/signoz/signoz.go`.
+
+### 1. Instantiate the service
+
+For a standalone service, call the constructor directly:
+
+```go
+userService := impluser.NewService(providerSettings, store, module, orgGetter, authz, config.User.Root)
+```
+
+For a provider that is also a service, use `factory.NewProviderFromNamedMap` as described in the [provider guide](provider.md). The returned value already implements `factory.Service`.
+
+### 2. Register in the registry
+
+Wrap the service with `factory.NewNamedService` and pass it to `factory.NewRegistry`:
+
+```go
+registry, err := factory.NewRegistry(
+    instrumentation.Logger(),
+    // ... other services ...
+    factory.NewNamedService(factory.MustNewName("user"), userService),
+)
+```
+
+The name must be unique across all services. The registry handles the rest:
+
+- **Start**: launches all services concurrently in goroutines.
+- **Wait**: blocks until a service returns an error, the context is cancelled, or a SIGINT/SIGTERM is received. Any service error triggers application shutdown.
+- **Stop**: stops all services concurrently, collects errors via `errors.Join`.
+
+You do not call `Start` or `Stop` on individual services. The registry does it.
+
+## What should I remember?
+
+- A service has a managed lifecycle: `Start` blocks, `Stop` unblocks it.
+- Use `stopC chan struct{}` for shutdown coordination. `close(stopC)` in `Stop`, `<-stopC` in `Start`.
+- Service shapes: idle (block on `stopC`) and scheduled (ticker loop with `select`).
+- Unexported struct, exported `NewService` constructor returning the interface.
+- First constructor parameter is `factory.ProviderSettings`. Create scoped settings with `factory.NewScopedProviderSettings`.
+- Register in `factory.Registry` with `factory.NewNamedService`. The registry starts and stops everything.
+- Only return an error from `Start` if the failure is unrecoverable. Log and continue for transient errors in polling loops.
+
+## Further reading
+
+- [Google Guava - ServiceExplained](https://github.com/google/guava/wiki/ServiceExplained) - the service lifecycle pattern takes inspiration from this
+- [OpenTelemetry Collector](https://github.com/open-telemetry/opentelemetry-collector) - Worth studying for its approach to building composable components

ee/authz/openfgaauthz/provider.go

@@ -98,16 +98,20 @@ func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.
 	return provider.pkgAuthzService.ListByOrgIDAndNames(ctx, orgID, names)
 }
 
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Grant(ctx, orgID, name, subject)
+func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.Role, error) {
+	return provider.pkgAuthzService.ListByOrgIDAndIDs(ctx, orgID, ids)
 }
 
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	return provider.pkgAuthzService.ModifyGrant(ctx, orgID, existingRoleName, updatedRoleName, subject)
+func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, names []string, subject string) error {
+	return provider.pkgAuthzService.Grant(ctx, orgID, names, subject)
 }
 
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Revoke(ctx, orgID, name, subject)
+func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleNames []string, updatedRoleNames []string, subject string) error {
+	return provider.pkgAuthzService.ModifyGrant(ctx, orgID, existingRoleNames, updatedRoleNames, subject)
+}
+
+func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, names []string, subject string) error {
+	return provider.pkgAuthzService.Revoke(ctx, orgID, names, subject)
 }
 
 func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*roletypes.Role) error {

frontend/.eslintrc.js

@@ -2,7 +2,11 @@
  * ESLint Configuration for SigNoz Frontend
  */
 module.exports = {
-	ignorePatterns: ['src/parser/*.ts', 'scripts/update-registry.js'],
+	ignorePatterns: [
+		'src/parser/*.ts',
+		'scripts/update-registry.js',
+		'scripts/generate-permissions-type.js',
+	],
 	env: {
 		browser: true,
 		es2021: true,

frontend/jest.config.ts

@@ -19,6 +19,8 @@ const config: Config.InitialOptions = {
 		'^.*/useSafeNavigate$': USE_SAFE_NAVIGATE_MOCK_PATH,
 		'^@signozhq/icons$':
 			'<rootDir>/node_modules/@signozhq/icons/dist/index.esm.js',
+		'^react-syntax-highlighter/dist/esm/(.*)$':
+			'<rootDir>/node_modules/react-syntax-highlighter/dist/cjs/$1',
 	},
 	globals: {
 		extensionsToTreatAsEsm: ['.ts'],

frontend/package.json

@@ -19,7 +19,8 @@
 		"commitlint": "commitlint --edit $1",
 		"test": "jest",
 		"test:changedsince": "jest --changedSince=main --coverage --silent",
-		"generate:api": "orval --config ./orval.config.ts && sh scripts/post-types-generation.sh"
+		"generate:api": "orval --config ./orval.config.ts && sh scripts/post-types-generation.sh",
+		"generate:permissions-type": "node scripts/generate-permissions-type.js"
 	},
 	"engines": {
 		"node": ">=16.15.0"
@@ -214,7 +215,7 @@
 		"@types/react-redux": "^7.1.11",
 		"@types/react-resizable": "3.0.3",
 		"@types/react-router-dom": "^5.1.6",
-		"@types/react-syntax-highlighter": "15.5.7",
+		"@types/react-syntax-highlighter": "15.5.13",
 		"@types/redux-mock-store": "1.0.4",
 		"@types/styled-components": "^5.1.4",
 		"@types/uuid": "^8.3.1",

frontend/scripts/extract-md-languages.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+# Extracts unique fenced code block language identifiers from all .md files under frontend/src/
+# Usage: bash frontend/scripts/extract-md-languages.sh
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+SRC_DIR="$SCRIPT_DIR/../src"
+
+grep -roh '```[a-zA-Z0-9_+-]*' "$SRC_DIR" --include='*.md' \
+  | sed 's/^```//' \
+  | grep -v '^$' \
+  | sort -u

frontend/scripts/generate-permissions-type.js

@@ -0,0 +1,199 @@
+#!/usr/bin/env node
+
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+const axios = require('axios');
+
+const PERMISSIONS_TYPE_FILE = path.join(
+	__dirname,
+	'../src/hooks/useAuthZ/permissions.type.ts',
+);
+
+const SIGNOZ_INTEGRATION_IMAGE = 'signoz:integration';
+const LOCAL_BACKEND_URL = 'http://localhost:8080';
+
+function log(message) {
+	console.log(`[generate-permissions-type] ${message}`);
+}
+
+function getBackendUrlFromDocker() {
+	try {
+		const output = execSync(
+			`docker ps --filter "ancestor=${SIGNOZ_INTEGRATION_IMAGE}" --format "{{.Ports}}"`,
+			{ encoding: 'utf8', stdio: ['pipe', 'pipe', 'pipe'] },
+		).trim();
+
+		if (!output) {
+			return null;
+		}
+
+		const portMatch = output.match(/0\.0\.0\.0:(\d+)->8080\/tcp/);
+		if (portMatch) {
+			return `http://localhost:${portMatch[1]}`;
+		}
+
+		const ipv6Match = output.match(/:::(\d+)->8080\/tcp/);
+		if (ipv6Match) {
+			return `http://localhost:${ipv6Match[1]}`;
+		}
+	} catch (err) {
+		log(`Warning: Could not get port from docker: ${err.message}`);
+	}
+	return null;
+}
+
+async function checkBackendHealth(url, maxAttempts = 3, delayMs = 1000) {
+	for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+		try {
+			await axios.get(`${url}/api/v1/health`, {
+				timeout: 5000,
+				validateStatus: (status) => status === 200,
+			});
+			return true;
+		} catch (err) {
+			if (attempt < maxAttempts) {
+				await new Promise((r) => setTimeout(r, delayMs));
+			}
+		}
+	}
+	return false;
+}
+
+async function discoverBackendUrl() {
+	const dockerUrl = getBackendUrlFromDocker();
+	if (dockerUrl) {
+		log(`Found ${SIGNOZ_INTEGRATION_IMAGE} container, trying ${dockerUrl}...`);
+		if (await checkBackendHealth(dockerUrl)) {
+			log(`Backend found at ${dockerUrl} (from py-test-setup)`);
+			return dockerUrl;
+		}
+		log(`Backend at ${dockerUrl} is not responding`);
+	}
+
+	log(`Trying local backend at ${LOCAL_BACKEND_URL}...`);
+	if (await checkBackendHealth(LOCAL_BACKEND_URL)) {
+		log(`Backend found at ${LOCAL_BACKEND_URL}`);
+		return LOCAL_BACKEND_URL;
+	}
+
+	return null;
+}
+
+async function fetchResources(backendUrl) {
+	log('Fetching resources from API...');
+	const resourcesUrl = `${backendUrl}/api/v1/authz/resources`;
+
+	const { data: response } = await axios.get(resourcesUrl);
+
+	return response;
+}
+
+function transformResponse(apiResponse) {
+	if (!apiResponse.data) {
+		throw new Error('Invalid API response: missing data field');
+	}
+
+	const { resources, relations } = apiResponse.data;
+
+	return {
+		status: apiResponse.status || 'success',
+		data: {
+			resources: resources,
+			relations: relations,
+		},
+	};
+}
+
+function generateTypeScriptFile(data) {
+	const resourcesStr = data.data.resources
+		.map(
+			(r) =>
+				`\t\t\t{\n\t\t\t\tname: '${r.name}',\n\t\t\t\ttype: '${r.type}',\n\t\t\t}`,
+		)
+		.join(',\n');
+
+	const relationsStr = Object.entries(data.data.relations)
+		.map(
+			([type, relations]) =>
+				`\t\t\t${type}: [${relations.map((r) => `'${r}'`).join(', ')}]`,
+		)
+		.join(',\n');
+
+	return `// AUTO GENERATED FILE - DO NOT EDIT - GENERATED BY scripts/generate-permissions-type
+export default {
+\tstatus: '${data.status}',
+\tdata: {
+\t\tresources: [
+${resourcesStr}
+\t\t],
+\t\trelations: {
+${relationsStr}
+\t\t},
+\t},
+} as const;
+`;
+}
+
+async function main() {
+	try {
+		log('Starting permissions type generation...');
+
+		const backendUrl = await discoverBackendUrl();
+
+		if (!backendUrl) {
+			console.error('\n' + '='.repeat(80));
+			console.error('ERROR: No running SigNoz backend found!');
+			console.error('='.repeat(80));
+			console.error(
+				'\nThe permissions type generator requires a running SigNoz backend.',
+			);
+			console.error('\nFor local development, start the backend with:');
+			console.error('  make go-run-enterprise');
+			console.error(
+				'\nFor CI or integration testing, start the test environment with:',
+			);
+			console.error('  make py-test-setup');
+			console.error(
+				'\nIf running in CI and seeing this error, check that the py-test-setup',
+			);
+			console.error('step completed successfully before this step runs.');
+			console.error('='.repeat(80) + '\n');
+			process.exit(1);
+		}
+
+		log('Fetching resources...');
+		const apiResponse = await fetchResources(backendUrl);
+
+		log('Transforming response...');
+		const transformed = transformResponse(apiResponse);
+
+		log('Generating TypeScript file...');
+		const content = generateTypeScriptFile(transformed);
+
+		log(`Writing to ${PERMISSIONS_TYPE_FILE}...`);
+		fs.writeFileSync(PERMISSIONS_TYPE_FILE, content, 'utf8');
+
+		const rootDir = path.join(__dirname, '../..');
+		const relativePath = path.relative(
+			path.join(rootDir, 'frontend'),
+			PERMISSIONS_TYPE_FILE,
+		);
+		log('Linting generated file...');
+		execSync(`cd frontend && yarn eslint --fix ${relativePath}`, {
+			cwd: rootDir,
+			stdio: 'inherit',
+		});
+
+		log('Successfully generated permissions.type.ts');
+	} catch (error) {
+		log(`Error: ${error.message}`);
+		process.exit(1);
+	}
+}
+
+if (require.main === module) {
+	main();
+}
+
+module.exports = { main };

frontend/scripts/validate-md-languages.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+# Validates that all fenced code block languages used in .md files are registered
+# in the syntax highlighter.
+# Usage: bash frontend/scripts/validate-md-languages.sh
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+SYNTAX_HIGHLIGHTER="$SCRIPT_DIR/../src/components/MarkdownRenderer/syntaxHighlighter.ts"
+
+# Get all languages used in .md files
+md_languages=$("$SCRIPT_DIR/extract-md-languages.sh")
+
+# Get all registered languages from syntaxHighlighter.ts
+registered_languages=$(grep -oP "registerLanguage\('\K[^']+" "$SYNTAX_HIGHLIGHTER" | sort -u)
+
+missing_languages=()
+
+for lang in $md_languages; do
+  if ! echo "$registered_languages" | grep -qx "$lang"; then
+    missing_languages+=("$lang")
+  fi
+done
+
+if [ ${#missing_languages[@]} -gt 0 ]; then
+  echo "Error: The following languages are used in .md files but not registered in syntaxHighlighter.ts:"
+  for lang in "${missing_languages[@]}"; do
+    echo "  - $lang"
+  done
+  echo ""
+  echo "Please add them to: frontend/src/components/MarkdownRenderer/syntaxHighlighter.ts"
+  exit 1
+fi
+
+echo "All markdown code block languages are registered in syntaxHighlighter.ts"

frontend/src/api/generated/services/logs/index.ts

@@ -20,11 +20,8 @@ import { useMutation, useQuery } from 'react-query';
 import type { BodyType, ErrorType } from '../../../generatedAPIInstance';
 import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
 import type {
-	HandleExportRawDataGETParams,
-	HandleExportRawDataPOSTParams,
 	ListPromotedAndIndexedPaths200,
 	PromotetypesPromotePathDTO,
-	Querybuildertypesv5QueryRangeRequestDTO,
 	RenderErrorResponseDTO,
 } from '../sigNoz.schemas';
 
@@ -32,206 +29,6 @@ type AwaitedInput<T> = PromiseLike<T> | T;
 
 type Awaited<O> = O extends AwaitedInput<infer T> ? T : never;
 
-/**
- * This endpoints allows simple query exporting raw data for traces and logs
- * @summary Export raw data
- */
-export const handleExportRawDataGET = (
-	params?: HandleExportRawDataGETParams,
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<string>({
-		url: `/api/v1/export_raw_data`,
-		method: 'GET',
-		params,
-		signal,
-	});
-};
-
-export const getHandleExportRawDataGETQueryKey = (
-	params?: HandleExportRawDataGETParams,
-) => {
-	return [`/api/v1/export_raw_data`, ...(params ? [params] : [])] as const;
-};
-
-export const getHandleExportRawDataGETQueryOptions = <
-	TData = Awaited<ReturnType<typeof handleExportRawDataGET>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(
-	params?: HandleExportRawDataGETParams,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof handleExportRawDataGET>>,
-			TError,
-			TData
-		>;
-	},
-) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey =
-		queryOptions?.queryKey ?? getHandleExportRawDataGETQueryKey(params);
-
-	const queryFn: QueryFunction<
-		Awaited<ReturnType<typeof handleExportRawDataGET>>
-	> = ({ signal }) => handleExportRawDataGET(params, signal);
-
-	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-		Awaited<ReturnType<typeof handleExportRawDataGET>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type HandleExportRawDataGETQueryResult = NonNullable<
-	Awaited<ReturnType<typeof handleExportRawDataGET>>
->;
-export type HandleExportRawDataGETQueryError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Export raw data
- */
-
-export function useHandleExportRawDataGET<
-	TData = Awaited<ReturnType<typeof handleExportRawDataGET>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(
-	params?: HandleExportRawDataGETParams,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof handleExportRawDataGET>>,
-			TError,
-			TData
-		>;
-	},
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getHandleExportRawDataGETQueryOptions(params, options);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Export raw data
- */
-export const invalidateHandleExportRawDataGET = async (
-	queryClient: QueryClient,
-	params?: HandleExportRawDataGETParams,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getHandleExportRawDataGETQueryKey(params) },
-		options,
-	);
-
-	return queryClient;
-};
-
-/**
- * This endpoints allows complex query exporting raw data for traces and logs
- * @summary Export raw data
- */
-export const handleExportRawDataPOST = (
-	querybuildertypesv5QueryRangeRequestDTO: BodyType<Querybuildertypesv5QueryRangeRequestDTO>,
-	params?: HandleExportRawDataPOSTParams,
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<string>({
-		url: `/api/v1/export_raw_data`,
-		method: 'POST',
-		headers: { 'Content-Type': 'application/json' },
-		data: querybuildertypesv5QueryRangeRequestDTO,
-		params,
-		signal,
-	});
-};
-
-export const getHandleExportRawDataPOSTMutationOptions = <
-	TError = ErrorType<RenderErrorResponseDTO>,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof handleExportRawDataPOST>>,
-		TError,
-		{
-			data: BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-			params?: HandleExportRawDataPOSTParams;
-		},
-		TContext
-	>;
-}): UseMutationOptions<
-	Awaited<ReturnType<typeof handleExportRawDataPOST>>,
-	TError,
-	{
-		data: BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-		params?: HandleExportRawDataPOSTParams;
-	},
-	TContext
-> => {
-	const mutationKey = ['handleExportRawDataPOST'];
-	const { mutation: mutationOptions } = options
-		? options.mutation &&
-		  'mutationKey' in options.mutation &&
-		  options.mutation.mutationKey
-			? options
-			: { ...options, mutation: { ...options.mutation, mutationKey } }
-		: { mutation: { mutationKey } };
-
-	const mutationFn: MutationFunction<
-		Awaited<ReturnType<typeof handleExportRawDataPOST>>,
-		{
-			data: BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-			params?: HandleExportRawDataPOSTParams;
-		}
-	> = (props) => {
-		const { data, params } = props ?? {};
-
-		return handleExportRawDataPOST(data, params);
-	};
-
-	return { mutationFn, ...mutationOptions };
-};
-
-export type HandleExportRawDataPOSTMutationResult = NonNullable<
-	Awaited<ReturnType<typeof handleExportRawDataPOST>>
->;
-export type HandleExportRawDataPOSTMutationBody = BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-export type HandleExportRawDataPOSTMutationError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Export raw data
- */
-export const useHandleExportRawDataPOST = <
-	TError = ErrorType<RenderErrorResponseDTO>,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof handleExportRawDataPOST>>,
-		TError,
-		{
-			data: BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-			params?: HandleExportRawDataPOSTParams;
-		},
-		TContext
-	>;
-}): UseMutationResult<
-	Awaited<ReturnType<typeof handleExportRawDataPOST>>,
-	TError,
-	{
-		data: BodyType<Querybuildertypesv5QueryRangeRequestDTO>;
-		params?: HandleExportRawDataPOSTParams;
-	},
-	TContext
-> => {
-	const mutationOptions = getHandleExportRawDataPOSTMutationOptions(options);
-
-	return useMutation(mutationOptions);
-};
 /**
  * This endpoints promotes and indexes paths
  * @summary Promote and index paths

frontend/src/api/generated/services/serviceaccount/index.ts

@@ -0,0 +1,973 @@
+/**
+ * ! Do not edit manually
+ * * The file has been auto-generated using Orval for SigNoz
+ * * regenerate with 'yarn generate:api'
+ * SigNoz
+ */
+import type {
+	InvalidateOptions,
+	MutationFunction,
+	QueryClient,
+	QueryFunction,
+	QueryKey,
+	UseMutationOptions,
+	UseMutationResult,
+	UseQueryOptions,
+	UseQueryResult,
+} from 'react-query';
+import { useMutation, useQuery } from 'react-query';
+
+import type { BodyType, ErrorType } from '../../../generatedAPIInstance';
+import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
+import type {
+	CreateServiceAccount201,
+	CreateServiceAccountKey201,
+	CreateServiceAccountKeyPathParameters,
+	DeleteServiceAccountPathParameters,
+	GetServiceAccount200,
+	GetServiceAccountPathParameters,
+	ListServiceAccountKeys200,
+	ListServiceAccountKeysPathParameters,
+	ListServiceAccounts200,
+	RenderErrorResponseDTO,
+	RevokeServiceAccountKeyPathParameters,
+	ServiceaccounttypesPostableFactorAPIKeyDTO,
+	ServiceaccounttypesPostableServiceAccountDTO,
+	ServiceaccounttypesUpdatableFactorAPIKeyDTO,
+	ServiceaccounttypesUpdatableServiceAccountDTO,
+	ServiceaccounttypesUpdatableServiceAccountStatusDTO,
+	UpdateServiceAccountKeyPathParameters,
+	UpdateServiceAccountPathParameters,
+	UpdateServiceAccountStatusPathParameters,
+} from '../sigNoz.schemas';
+
+type AwaitedInput<T> = PromiseLike<T> | T;
+
+type Awaited<O> = O extends AwaitedInput<infer T> ? T : never;
+
+/**
+ * This endpoint lists the service accounts for an organisation
+ * @summary List service accounts
+ */
+export const listServiceAccounts = (signal?: AbortSignal) => {
+	return GeneratedAPIInstance<ListServiceAccounts200>({
+		url: `/api/v1/service_accounts`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getListServiceAccountsQueryKey = () => {
+	return [`/api/v1/service_accounts`] as const;
+};
+
+export const getListServiceAccountsQueryOptions = <
+	TData = Awaited<ReturnType<typeof listServiceAccounts>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof listServiceAccounts>>,
+		TError,
+		TData
+	>;
+}) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey = queryOptions?.queryKey ?? getListServiceAccountsQueryKey();
+
+	const queryFn: QueryFunction<
+		Awaited<ReturnType<typeof listServiceAccounts>>
+	> = ({ signal }) => listServiceAccounts(signal);
+
+	return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+		Awaited<ReturnType<typeof listServiceAccounts>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type ListServiceAccountsQueryResult = NonNullable<
+	Awaited<ReturnType<typeof listServiceAccounts>>
+>;
+export type ListServiceAccountsQueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary List service accounts
+ */
+
+export function useListServiceAccounts<
+	TData = Awaited<ReturnType<typeof listServiceAccounts>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(options?: {
+	query?: UseQueryOptions<
+		Awaited<ReturnType<typeof listServiceAccounts>>,
+		TError,
+		TData
+	>;
+}): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getListServiceAccountsQueryOptions(options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary List service accounts
+ */
+export const invalidateListServiceAccounts = async (
+	queryClient: QueryClient,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getListServiceAccountsQueryKey() },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * This endpoint creates a service account
+ * @summary Create service account
+ */
+export const createServiceAccount = (
+	serviceaccounttypesPostableServiceAccountDTO: BodyType<ServiceaccounttypesPostableServiceAccountDTO>,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<CreateServiceAccount201>({
+		url: `/api/v1/service_accounts`,
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		data: serviceaccounttypesPostableServiceAccountDTO,
+		signal,
+	});
+};
+
+export const getCreateServiceAccountMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createServiceAccount>>,
+		TError,
+		{ data: BodyType<ServiceaccounttypesPostableServiceAccountDTO> },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof createServiceAccount>>,
+	TError,
+	{ data: BodyType<ServiceaccounttypesPostableServiceAccountDTO> },
+	TContext
+> => {
+	const mutationKey = ['createServiceAccount'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof createServiceAccount>>,
+		{ data: BodyType<ServiceaccounttypesPostableServiceAccountDTO> }
+	> = (props) => {
+		const { data } = props ?? {};
+
+		return createServiceAccount(data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type CreateServiceAccountMutationResult = NonNullable<
+	Awaited<ReturnType<typeof createServiceAccount>>
+>;
+export type CreateServiceAccountMutationBody = BodyType<ServiceaccounttypesPostableServiceAccountDTO>;
+export type CreateServiceAccountMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Create service account
+ */
+export const useCreateServiceAccount = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createServiceAccount>>,
+		TError,
+		{ data: BodyType<ServiceaccounttypesPostableServiceAccountDTO> },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof createServiceAccount>>,
+	TError,
+	{ data: BodyType<ServiceaccounttypesPostableServiceAccountDTO> },
+	TContext
+> => {
+	const mutationOptions = getCreateServiceAccountMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint deletes an existing service account
+ * @summary Deletes a service account
+ */
+export const deleteServiceAccount = ({
+	id,
+}: DeleteServiceAccountPathParameters) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/service_accounts/${id}`,
+		method: 'DELETE',
+	});
+};
+
+export const getDeleteServiceAccountMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof deleteServiceAccount>>,
+		TError,
+		{ pathParams: DeleteServiceAccountPathParameters },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof deleteServiceAccount>>,
+	TError,
+	{ pathParams: DeleteServiceAccountPathParameters },
+	TContext
+> => {
+	const mutationKey = ['deleteServiceAccount'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof deleteServiceAccount>>,
+		{ pathParams: DeleteServiceAccountPathParameters }
+	> = (props) => {
+		const { pathParams } = props ?? {};
+
+		return deleteServiceAccount(pathParams);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type DeleteServiceAccountMutationResult = NonNullable<
+	Awaited<ReturnType<typeof deleteServiceAccount>>
+>;
+
+export type DeleteServiceAccountMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Deletes a service account
+ */
+export const useDeleteServiceAccount = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof deleteServiceAccount>>,
+		TError,
+		{ pathParams: DeleteServiceAccountPathParameters },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof deleteServiceAccount>>,
+	TError,
+	{ pathParams: DeleteServiceAccountPathParameters },
+	TContext
+> => {
+	const mutationOptions = getDeleteServiceAccountMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint gets an existing service account
+ * @summary Gets a service account
+ */
+export const getServiceAccount = (
+	{ id }: GetServiceAccountPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<GetServiceAccount200>({
+		url: `/api/v1/service_accounts/${id}`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getGetServiceAccountQueryKey = ({
+	id,
+}: GetServiceAccountPathParameters) => {
+	return [`/api/v1/service_accounts/${id}`] as const;
+};
+
+export const getGetServiceAccountQueryOptions = <
+	TData = Awaited<ReturnType<typeof getServiceAccount>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: GetServiceAccountPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getServiceAccount>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey =
+		queryOptions?.queryKey ?? getGetServiceAccountQueryKey({ id });
+
+	const queryFn: QueryFunction<
+		Awaited<ReturnType<typeof getServiceAccount>>
+	> = ({ signal }) => getServiceAccount({ id }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!id,
+		...queryOptions,
+	} as UseQueryOptions<
+		Awaited<ReturnType<typeof getServiceAccount>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type GetServiceAccountQueryResult = NonNullable<
+	Awaited<ReturnType<typeof getServiceAccount>>
+>;
+export type GetServiceAccountQueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Gets a service account
+ */
+
+export function useGetServiceAccount<
+	TData = Awaited<ReturnType<typeof getServiceAccount>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: GetServiceAccountPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof getServiceAccount>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getGetServiceAccountQueryOptions({ id }, options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary Gets a service account
+ */
+export const invalidateGetServiceAccount = async (
+	queryClient: QueryClient,
+	{ id }: GetServiceAccountPathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getGetServiceAccountQueryKey({ id }) },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * This endpoint updates an existing service account
+ * @summary Updates a service account
+ */
+export const updateServiceAccount = (
+	{ id }: UpdateServiceAccountPathParameters,
+	serviceaccounttypesUpdatableServiceAccountDTO: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>,
+) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/service_accounts/${id}`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: serviceaccounttypesUpdatableServiceAccountDTO,
+	});
+};
+
+export const getUpdateServiceAccountMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccount>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updateServiceAccount>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updateServiceAccount'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updateServiceAccount>>,
+		{
+			pathParams: UpdateServiceAccountPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updateServiceAccount(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdateServiceAccountMutationResult = NonNullable<
+	Awaited<ReturnType<typeof updateServiceAccount>>
+>;
+export type UpdateServiceAccountMutationBody = BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+export type UpdateServiceAccountMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Updates a service account
+ */
+export const useUpdateServiceAccount = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccount>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updateServiceAccount>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableServiceAccountDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdateServiceAccountMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint lists the service account keys
+ * @summary List service account keys
+ */
+export const listServiceAccountKeys = (
+	{ id }: ListServiceAccountKeysPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<ListServiceAccountKeys200>({
+		url: `/api/v1/service_accounts/${id}/keys`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getListServiceAccountKeysQueryKey = ({
+	id,
+}: ListServiceAccountKeysPathParameters) => {
+	return [`/api/v1/service_accounts/${id}/keys`] as const;
+};
+
+export const getListServiceAccountKeysQueryOptions = <
+	TData = Awaited<ReturnType<typeof listServiceAccountKeys>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: ListServiceAccountKeysPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof listServiceAccountKeys>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey =
+		queryOptions?.queryKey ?? getListServiceAccountKeysQueryKey({ id });
+
+	const queryFn: QueryFunction<
+		Awaited<ReturnType<typeof listServiceAccountKeys>>
+	> = ({ signal }) => listServiceAccountKeys({ id }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!id,
+		...queryOptions,
+	} as UseQueryOptions<
+		Awaited<ReturnType<typeof listServiceAccountKeys>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type ListServiceAccountKeysQueryResult = NonNullable<
+	Awaited<ReturnType<typeof listServiceAccountKeys>>
+>;
+export type ListServiceAccountKeysQueryError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary List service account keys
+ */
+
+export function useListServiceAccountKeys<
+	TData = Awaited<ReturnType<typeof listServiceAccountKeys>>,
+	TError = ErrorType<RenderErrorResponseDTO>
+>(
+	{ id }: ListServiceAccountKeysPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof listServiceAccountKeys>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getListServiceAccountKeysQueryOptions({ id }, options);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	query.queryKey = queryOptions.queryKey;
+
+	return query;
+}
+
+/**
+ * @summary List service account keys
+ */
+export const invalidateListServiceAccountKeys = async (
+	queryClient: QueryClient,
+	{ id }: ListServiceAccountKeysPathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getListServiceAccountKeysQueryKey({ id }) },
+		options,
+	);
+
+	return queryClient;
+};
+
+/**
+ * This endpoint creates a service account key
+ * @summary Create a service account key
+ */
+export const createServiceAccountKey = (
+	{ id }: CreateServiceAccountKeyPathParameters,
+	serviceaccounttypesPostableFactorAPIKeyDTO: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<CreateServiceAccountKey201>({
+		url: `/api/v1/service_accounts/${id}/keys`,
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		data: serviceaccounttypesPostableFactorAPIKeyDTO,
+		signal,
+	});
+};
+
+export const getCreateServiceAccountKeyMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createServiceAccountKey>>,
+		TError,
+		{
+			pathParams: CreateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof createServiceAccountKey>>,
+	TError,
+	{
+		pathParams: CreateServiceAccountKeyPathParameters;
+		data: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['createServiceAccountKey'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof createServiceAccountKey>>,
+		{
+			pathParams: CreateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return createServiceAccountKey(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type CreateServiceAccountKeyMutationResult = NonNullable<
+	Awaited<ReturnType<typeof createServiceAccountKey>>
+>;
+export type CreateServiceAccountKeyMutationBody = BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+export type CreateServiceAccountKeyMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Create a service account key
+ */
+export const useCreateServiceAccountKey = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof createServiceAccountKey>>,
+		TError,
+		{
+			pathParams: CreateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof createServiceAccountKey>>,
+	TError,
+	{
+		pathParams: CreateServiceAccountKeyPathParameters;
+		data: BodyType<ServiceaccounttypesPostableFactorAPIKeyDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getCreateServiceAccountKeyMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint revokes an existing service account key
+ * @summary Revoke a service account key
+ */
+export const revokeServiceAccountKey = ({
+	id,
+	fid,
+}: RevokeServiceAccountKeyPathParameters) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/service_accounts/${id}/keys/${fid}`,
+		method: 'DELETE',
+	});
+};
+
+export const getRevokeServiceAccountKeyMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof revokeServiceAccountKey>>,
+		TError,
+		{ pathParams: RevokeServiceAccountKeyPathParameters },
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof revokeServiceAccountKey>>,
+	TError,
+	{ pathParams: RevokeServiceAccountKeyPathParameters },
+	TContext
+> => {
+	const mutationKey = ['revokeServiceAccountKey'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof revokeServiceAccountKey>>,
+		{ pathParams: RevokeServiceAccountKeyPathParameters }
+	> = (props) => {
+		const { pathParams } = props ?? {};
+
+		return revokeServiceAccountKey(pathParams);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type RevokeServiceAccountKeyMutationResult = NonNullable<
+	Awaited<ReturnType<typeof revokeServiceAccountKey>>
+>;
+
+export type RevokeServiceAccountKeyMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Revoke a service account key
+ */
+export const useRevokeServiceAccountKey = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof revokeServiceAccountKey>>,
+		TError,
+		{ pathParams: RevokeServiceAccountKeyPathParameters },
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof revokeServiceAccountKey>>,
+	TError,
+	{ pathParams: RevokeServiceAccountKeyPathParameters },
+	TContext
+> => {
+	const mutationOptions = getRevokeServiceAccountKeyMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint updates an existing service account key
+ * @summary Updates a service account key
+ */
+export const updateServiceAccountKey = (
+	{ id, fid }: UpdateServiceAccountKeyPathParameters,
+	serviceaccounttypesUpdatableFactorAPIKeyDTO: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>,
+) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/service_accounts/${id}/keys/${fid}`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: serviceaccounttypesUpdatableFactorAPIKeyDTO,
+	});
+};
+
+export const getUpdateServiceAccountKeyMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccountKey>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updateServiceAccountKey>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountKeyPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updateServiceAccountKey'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updateServiceAccountKey>>,
+		{
+			pathParams: UpdateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updateServiceAccountKey(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdateServiceAccountKeyMutationResult = NonNullable<
+	Awaited<ReturnType<typeof updateServiceAccountKey>>
+>;
+export type UpdateServiceAccountKeyMutationBody = BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+export type UpdateServiceAccountKeyMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Updates a service account key
+ */
+export const useUpdateServiceAccountKey = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccountKey>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountKeyPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updateServiceAccountKey>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountKeyPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableFactorAPIKeyDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdateServiceAccountKeyMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};
+/**
+ * This endpoint updates an existing service account status
+ * @summary Updates a service account status
+ */
+export const updateServiceAccountStatus = (
+	{ id }: UpdateServiceAccountStatusPathParameters,
+	serviceaccounttypesUpdatableServiceAccountStatusDTO: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>,
+) => {
+	return GeneratedAPIInstance<string>({
+		url: `/api/v1/service_accounts/${id}/status`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: serviceaccounttypesUpdatableServiceAccountStatusDTO,
+	});
+};
+
+export const getUpdateServiceAccountStatusMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccountStatus>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountStatusPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updateServiceAccountStatus>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountStatusPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updateServiceAccountStatus'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updateServiceAccountStatus>>,
+		{
+			pathParams: UpdateServiceAccountStatusPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updateServiceAccountStatus(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdateServiceAccountStatusMutationResult = NonNullable<
+	Awaited<ReturnType<typeof updateServiceAccountStatus>>
+>;
+export type UpdateServiceAccountStatusMutationBody = BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+export type UpdateServiceAccountStatusMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Updates a service account status
+ */
+export const useUpdateServiceAccountStatus = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateServiceAccountStatus>>,
+		TError,
+		{
+			pathParams: UpdateServiceAccountStatusPathParameters;
+			data: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updateServiceAccountStatus>>,
+	TError,
+	{
+		pathParams: UpdateServiceAccountStatusPathParameters;
+		data: BodyType<ServiceaccounttypesUpdatableServiceAccountStatusDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdateServiceAccountStatusMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -2090,6 +2090,154 @@ export interface RoletypesRoleDTO {
 	updatedAt?: Date;
 }
 
+export interface ServiceaccounttypesFactorAPIKeyDTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: Date;
+	/**
+	 * @type integer
+	 * @minimum 0
+	 */
+	expires_at: number;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	key: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	last_used: Date;
+	/**
+	 * @type string
+	 */
+	name?: string;
+	/**
+	 * @type string
+	 */
+	service_account_id: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: Date;
+}
+
+export interface ServiceaccounttypesGettableFactorAPIKeyWithKeyDTO {
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	key: string;
+}
+
+export interface ServiceaccounttypesPostableFactorAPIKeyDTO {
+	/**
+	 * @type integer
+	 * @minimum 0
+	 */
+	expires_at: number;
+	/**
+	 * @type string
+	 */
+	name: string;
+}
+
+export interface ServiceaccounttypesPostableServiceAccountDTO {
+	/**
+	 * @type string
+	 */
+	email: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type array
+	 */
+	roles: string[];
+}
+
+export interface ServiceaccounttypesServiceAccountDTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: Date;
+	/**
+	 * @type string
+	 */
+	email: string;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type string
+	 */
+	orgID: string;
+	/**
+	 * @type array
+	 */
+	roles: string[];
+	/**
+	 * @type string
+	 */
+	status: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: Date;
+}
+
+export interface ServiceaccounttypesUpdatableFactorAPIKeyDTO {
+	/**
+	 * @type integer
+	 * @minimum 0
+	 */
+	expires_at: number;
+	/**
+	 * @type string
+	 */
+	name: string;
+}
+
+export interface ServiceaccounttypesUpdatableServiceAccountDTO {
+	/**
+	 * @type string
+	 */
+	email: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type array
+	 */
+	roles: string[];
+}
+
+export interface ServiceaccounttypesUpdatableServiceAccountStatusDTO {
+	/**
+	 * @type string
+	 */
+	status: string;
+}
+
 export enum TelemetrytypesFieldContextDTO {
 	metric = 'metric',
 	log = 'log',
@@ -2732,76 +2880,6 @@ export type DeleteAuthDomainPathParameters = {
 export type UpdateAuthDomainPathParameters = {
 	id: string;
 };
-export type HandleExportRawDataGETParams = {
-	/**
-	 * @enum csv,jsonl
-	 * @type string
-	 * @description undefined
-	 */
-	format?: HandleExportRawDataGETFormat;
-	/**
-	 * @enum logs,traces
-	 * @type string
-	 * @description undefined
-	 */
-	source?: HandleExportRawDataGETSource;
-	/**
-	 * @type integer
-	 * @minimum 0
-	 * @description undefined
-	 */
-	start?: number;
-	/**
-	 * @type integer
-	 * @minimum 0
-	 * @description undefined
-	 */
-	end?: number;
-	/**
-	 * @type integer
-	 * @maximum 50000
-	 * @minimum 1
-	 * @description undefined
-	 */
-	limit?: number;
-	/**
-	 * @type string
-	 * @description undefined
-	 */
-	filter?: string;
-	/**
-	 * @type array
-	 * @description undefined
-	 */
-	columns?: string[];
-	/**
-	 * @type string
-	 * @description undefined
-	 */
-	order_by?: string;
-};
-
-export enum HandleExportRawDataGETFormat {
-	csv = 'csv',
-	jsonl = 'jsonl',
-}
-export enum HandleExportRawDataGETSource {
-	logs = 'logs',
-	traces = 'traces',
-}
-export type HandleExportRawDataPOSTParams = {
-	/**
-	 * @enum csv,jsonl
-	 * @type string
-	 * @description undefined
-	 */
-	format?: HandleExportRawDataPOSTFormat;
-};
-
-export enum HandleExportRawDataPOSTFormat {
-	csv = 'csv',
-	jsonl = 'jsonl',
-}
 export type GetFieldsKeysParams = {
 	/**
 	 * @description undefined
@@ -3120,6 +3198,78 @@ export type PatchObjectsPathParameters = {
 	id: string;
 	relation: string;
 };
+export type ListServiceAccounts200 = {
+	/**
+	 * @type array
+	 */
+	data: ServiceaccounttypesServiceAccountDTO[];
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type CreateServiceAccount201 = {
+	data: TypesIdentifiableDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type DeleteServiceAccountPathParameters = {
+	id: string;
+};
+export type GetServiceAccountPathParameters = {
+	id: string;
+};
+export type GetServiceAccount200 = {
+	data: ServiceaccounttypesServiceAccountDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type UpdateServiceAccountPathParameters = {
+	id: string;
+};
+export type ListServiceAccountKeysPathParameters = {
+	id: string;
+};
+export type ListServiceAccountKeys200 = {
+	/**
+	 * @type array
+	 */
+	data: ServiceaccounttypesFactorAPIKeyDTO[];
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type CreateServiceAccountKeyPathParameters = {
+	id: string;
+};
+export type CreateServiceAccountKey201 = {
+	data: ServiceaccounttypesGettableFactorAPIKeyWithKeyDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type RevokeServiceAccountKeyPathParameters = {
+	id: string;
+	fid: string;
+};
+export type UpdateServiceAccountKeyPathParameters = {
+	id: string;
+	fid: string;
+};
+export type UpdateServiceAccountStatusPathParameters = {
+	id: string;
+};
 export type ListUsers200 = {
 	/**
 	 * @type array
@@ -3301,6 +3451,11 @@ export type ListMetricsParams = {
 	 * @description undefined
 	 */
 	searchText?: string;
+	/**
+	 * @type string
+	 * @description undefined
+	 */
+	source?: string;
 };
 
 export type ListMetrics200 = {

frontend/src/components/GuardAuthZ/GuardAuthZ.test.tsx

@@ -0,0 +1,321 @@
+import { ReactElement } from 'react';
+import {
+	AuthtypesGettableTransactionDTO,
+	AuthtypesTransactionDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { ENVIRONMENT } from 'constants/env';
+import { BrandedPermission } from 'hooks/useAuthZ/types';
+import { buildPermission } from 'hooks/useAuthZ/utils';
+import { server } from 'mocks-server/server';
+import { rest } from 'msw';
+import { render, screen, waitFor } from 'tests/test-utils';
+
+import { GuardAuthZ } from './GuardAuthZ';
+
+const BASE_URL = ENVIRONMENT.baseURL || '';
+const AUTHZ_CHECK_URL = `${BASE_URL}/api/v1/authz/check`;
+
+function authzMockResponse(
+	payload: AuthtypesTransactionDTO[],
+	authorizedByIndex: boolean[],
+): { data: AuthtypesGettableTransactionDTO[]; status: string } {
+	return {
+		data: payload.map((txn, i) => ({
+			relation: txn.relation,
+			object: txn.object,
+			authorized: authorizedByIndex[i] ?? false,
+		})),
+		status: 'success',
+	};
+}
+
+describe('GuardAuthZ', () => {
+	const TestChild = (): ReactElement => <div>Protected Content</div>;
+	const LoadingFallback = (): ReactElement => <div>Loading...</div>;
+	const ErrorFallback = (error: Error): ReactElement => (
+		<div>Error occurred: {error.message}</div>
+	);
+	const NoPermissionFallback = (_response: {
+		requiredPermissionName: BrandedPermission;
+	}): ReactElement => <div>Access denied</div>;
+	const NoPermissionFallbackWithSuggestions = (response: {
+		requiredPermissionName: BrandedPermission;
+	}): ReactElement => (
+		<div>
+			Access denied. Required permission: {response.requiredPermissionName}
+		</div>
+	);
+
+	it('should render children when permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		render(
+			<GuardAuthZ relation="read" object="dashboard:*">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(screen.getByText('Protected Content')).toBeInTheDocument();
+		});
+	});
+
+	it('should render fallbackOnLoading when loading', () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (_req, res, ctx) => {
+				return res(
+					ctx.delay('infinite'),
+					ctx.status(200),
+					ctx.json({ data: [], status: 'success' }),
+				);
+			}),
+		);
+
+		render(
+			<GuardAuthZ
+				relation="read"
+				object="dashboard:*"
+				fallbackOnLoading={<LoadingFallback />}
+			>
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		expect(screen.getByText('Loading...')).toBeInTheDocument();
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should render null when loading and no fallbackOnLoading provided', () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (_req, res, ctx) => {
+				return res(
+					ctx.delay('infinite'),
+					ctx.status(200),
+					ctx.json({ data: [], status: 'success' }),
+				);
+			}),
+		);
+
+		const { container } = render(
+			<GuardAuthZ relation="read" object="dashboard:*">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		expect(container.firstChild).toBeNull();
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should render fallbackOnError when API error occurs', async () => {
+		const errorMessage = 'Internal Server Error';
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(500), ctx.json({ error: errorMessage }));
+			}),
+		);
+
+		render(
+			<GuardAuthZ
+				relation="read"
+				object="dashboard:*"
+				fallbackOnError={ErrorFallback}
+			>
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(screen.getByText(/Error occurred:/)).toBeInTheDocument();
+		});
+
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should pass error object to fallbackOnError function', async () => {
+		const errorMessage = 'Network request failed';
+		let receivedError: Error | null = null;
+
+		const errorFallbackWithCapture = (error: Error): ReactElement => {
+			receivedError = error;
+			return <div>Captured error: {error.message}</div>;
+		};
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(500), ctx.json({ error: errorMessage }));
+			}),
+		);
+
+		render(
+			<GuardAuthZ
+				relation="read"
+				object="dashboard:*"
+				fallbackOnError={errorFallbackWithCapture}
+			>
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(receivedError).not.toBeNull();
+		});
+
+		expect(receivedError).toBeInstanceOf(Error);
+		expect(screen.getByText(/Captured error:/)).toBeInTheDocument();
+	});
+
+	it('should render null when error occurs and no fallbackOnError provided', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(500), ctx.json({ error: 'Internal Server Error' }));
+			}),
+		);
+
+		const { container } = render(
+			<GuardAuthZ relation="read" object="dashboard:*">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(container.firstChild).toBeNull();
+		});
+
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should render fallbackOnNoPermissions when permission is denied', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [false])));
+			}),
+		);
+
+		render(
+			<GuardAuthZ
+				relation="update"
+				object="dashboard:123"
+				fallbackOnNoPermissions={NoPermissionFallback}
+			>
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(screen.getByText('Access denied')).toBeInTheDocument();
+		});
+
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should render null when permission is denied and no fallbackOnNoPermissions provided', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [false])));
+			}),
+		);
+
+		const { container } = render(
+			<GuardAuthZ relation="update" object="dashboard:123">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(container.firstChild).toBeNull();
+		});
+
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should render null when permissions object is null', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(200), ctx.json({ data: [], status: 'success' }));
+			}),
+		);
+
+		const { container } = render(
+			<GuardAuthZ relation="read" object="dashboard:*">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(container.firstChild).toBeNull();
+		});
+
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should pass requiredPermissionName to fallbackOnNoPermissions', async () => {
+		const permission = buildPermission('update', 'dashboard:123');
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [false])));
+			}),
+		);
+
+		render(
+			<GuardAuthZ
+				relation="update"
+				object="dashboard:123"
+				fallbackOnNoPermissions={NoPermissionFallbackWithSuggestions}
+			>
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(
+				screen.getByText(/Access denied. Required permission:/),
+			).toBeInTheDocument();
+		});
+
+		expect(
+			screen.getAllByText(
+				new RegExp(permission.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')),
+			).length,
+		).toBeGreaterThan(0);
+		expect(screen.queryByText('Protected Content')).not.toBeInTheDocument();
+	});
+
+	it('should handle different relation and object combinations', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const { rerender } = render(
+			<GuardAuthZ relation="read" object="dashboard:*">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(screen.getByText('Protected Content')).toBeInTheDocument();
+		});
+
+		rerender(
+			<GuardAuthZ relation="delete" object="dashboard:456">
+				<TestChild />
+			</GuardAuthZ>,
+		);
+
+		await waitFor(() => {
+			expect(screen.getByText('Protected Content')).toBeInTheDocument();
+		});
+	});
+});

frontend/src/components/GuardAuthZ/GuardAuthZ.tsx

@@ -0,0 +1,50 @@
+import { ReactElement } from 'react';
+import {
+	AuthZObject,
+	AuthZRelation,
+	BrandedPermission,
+} from 'hooks/useAuthZ/types';
+import { useAuthZ } from 'hooks/useAuthZ/useAuthZ';
+import { buildPermission } from 'hooks/useAuthZ/utils';
+
+export type GuardAuthZProps<R extends AuthZRelation> = {
+	children: ReactElement;
+	relation: R;
+	object: AuthZObject<R>;
+	fallbackOnLoading?: JSX.Element;
+	fallbackOnError?: (error: Error) => JSX.Element;
+	fallbackOnNoPermissions?: (response: {
+		requiredPermissionName: BrandedPermission;
+	}) => JSX.Element;
+};
+
+export function GuardAuthZ<R extends AuthZRelation>({
+	children,
+	relation,
+	object,
+	fallbackOnLoading,
+	fallbackOnError,
+	fallbackOnNoPermissions,
+}: GuardAuthZProps<R>): JSX.Element | null {
+	const permission = buildPermission<R>(relation, object);
+
+	const { permissions, isLoading, error } = useAuthZ([permission]);
+
+	if (isLoading) {
+		return fallbackOnLoading ?? null;
+	}
+
+	if (error) {
+		return fallbackOnError?.(error) ?? null;
+	}
+
+	if (!permissions?.[permission]?.isGranted) {
+		return (
+			fallbackOnNoPermissions?.({
+				requiredPermissionName: permission,
+			}) ?? null
+		);
+	}
+
+	return children;
+}

frontend/src/components/MarkdownRenderer/MarkdownRenderer.tsx

@@ -2,13 +2,12 @@
 
 import ReactMarkdown from 'react-markdown';
 import { CodeProps } from 'react-markdown/lib/ast-to-react';
-import { Prism as SyntaxHighlighter } from 'react-syntax-highlighter';
-import { a11yDark } from 'react-syntax-highlighter/dist/cjs/styles/prism';
 import logEvent from 'api/common/logEvent';
 import { isEmpty } from 'lodash-es';
 import rehypeRaw from 'rehype-raw';
 
 import CodeCopyBtn from './CodeCopyBtn/CodeCopyBtn';
+import SyntaxHighlighter, { a11yDark } from './syntaxHighlighter';
 
 interface LinkProps {
 	href: string;

frontend/src/components/MarkdownRenderer/syntaxHighlighter.ts

@@ -0,0 +1,34 @@
+import { PrismLight as SyntaxHighlighter } from 'react-syntax-highlighter';
+import bash from 'react-syntax-highlighter/dist/esm/languages/prism/bash';
+import docker from 'react-syntax-highlighter/dist/esm/languages/prism/docker';
+import elixir from 'react-syntax-highlighter/dist/esm/languages/prism/elixir';
+import go from 'react-syntax-highlighter/dist/esm/languages/prism/go';
+import javascript from 'react-syntax-highlighter/dist/esm/languages/prism/javascript';
+import json from 'react-syntax-highlighter/dist/esm/languages/prism/json';
+import jsx from 'react-syntax-highlighter/dist/esm/languages/prism/jsx';
+import rust from 'react-syntax-highlighter/dist/esm/languages/prism/rust';
+import swift from 'react-syntax-highlighter/dist/esm/languages/prism/swift';
+import tsx from 'react-syntax-highlighter/dist/esm/languages/prism/tsx';
+import typescript from 'react-syntax-highlighter/dist/esm/languages/prism/typescript';
+import yaml from 'react-syntax-highlighter/dist/esm/languages/prism/yaml';
+import a11yDark from 'react-syntax-highlighter/dist/esm/styles/prism/a11y-dark';
+
+SyntaxHighlighter.registerLanguage('bash', bash);
+SyntaxHighlighter.registerLanguage('docker', docker);
+SyntaxHighlighter.registerLanguage('dockerfile', docker);
+SyntaxHighlighter.registerLanguage('elixir', elixir);
+SyntaxHighlighter.registerLanguage('go', go);
+SyntaxHighlighter.registerLanguage('javascript', javascript);
+SyntaxHighlighter.registerLanguage('js', javascript);
+SyntaxHighlighter.registerLanguage('json', json);
+SyntaxHighlighter.registerLanguage('jsx', jsx);
+SyntaxHighlighter.registerLanguage('rust', rust);
+SyntaxHighlighter.registerLanguage('swift', swift);
+SyntaxHighlighter.registerLanguage('ts', typescript);
+SyntaxHighlighter.registerLanguage('tsx', tsx);
+SyntaxHighlighter.registerLanguage('typescript', typescript);
+SyntaxHighlighter.registerLanguage('yaml', yaml);
+SyntaxHighlighter.registerLanguage('yml', yaml);
+
+export default SyntaxHighlighter;
+export { a11yDark };

frontend/src/components/QueryBuilderV2/QueryBuilderV2.styles.scss

@@ -60,11 +60,30 @@
 			gap: 8px;
 
 			margin-left: 108px;
+			position: relative;
+
+			/* Vertical dashed line connecting query elements */
+			&::after {
+				content: '';
+				position: absolute;
+				left: -28px;
+				top: 0;
+				bottom: 0;
+				width: 1px;
+				background: repeating-linear-gradient(
+					to bottom,
+					#1d212d,
+					#1d212d 4px,
+					transparent 4px,
+					transparent 8px
+				);
+			}
 
 			.code-mirror-where-clause,
 			.query-aggregation-container,
 			.query-add-ons,
-			.metrics-aggregation-section-content {
+			.metrics-aggregation-section-content,
+			.metrics-container {
 				position: relative;
 
 				&::before {
@@ -102,6 +121,10 @@
 			.qb-elements-container {
 				margin-left: 0px;
 
+				&::after {
+					display: none;
+				}
+
 				.code-mirror-where-clause,
 				.query-aggregation-container,
 				.query-add-ons,
@@ -333,28 +356,7 @@
 				text-transform: uppercase;
 
 				&::before {
-					content: '';
-					height: 120px;
-					content: '';
-					position: absolute;
-					left: 0;
-					top: 31px;
-					bottom: 0;
-					width: 1px;
-					background: repeating-linear-gradient(
-						to bottom,
-						#1d212d,
-						#1d212d 4px,
-						transparent 4px,
-						transparent 8px
-					);
-					left: 15px;
-				}
-
-				&.has-trace-operator {
-					&::before {
-						height: 0px;
-					}
+					display: none;
 				}
 			}
 
@@ -462,10 +464,21 @@
 
 		.qb-content-section {
 			.qb-elements-container {
+				&::after {
+					background: repeating-linear-gradient(
+						to bottom,
+						var(--bg-vanilla-300),
+						var(--bg-vanilla-300) 4px,
+						transparent 4px,
+						transparent 8px
+					);
+				}
+
 				.code-mirror-where-clause,
 				.query-aggregation-container,
 				.query-add-ons,
-				.metrics-aggregation-section-content {
+				.metrics-aggregation-section-content,
+				.metrics-container {
 					&::before {
 						border-left: 6px dotted var(--bg-vanilla-300);
 					}
@@ -529,18 +542,6 @@
 
 		.qb-entity-options {
 			.options {
-				.query-name {
-					&::before {
-						background: repeating-linear-gradient(
-							to bottom,
-							var(--bg-vanilla-300),
-							var(--bg-vanilla-300) 4px,
-							transparent 4px,
-							transparent 8px
-						);
-					}
-				}
-
 				.formula-name {
 					&::before {
 						background: repeating-linear-gradient(

frontend/src/components/QueryBuilderV2/QueryBuilderV2.tsx

@@ -207,6 +207,7 @@ export const QueryBuilderV2 = memo(function QueryBuilderV2({
 							queryVariant={config?.queryVariant || 'dropdown'}
 							showOnlyWhereClause={showOnlyWhereClause}
 							isListViewPanel={isListViewPanel}
+							signalSource={currentQuery.builder.queryData[0].source as 'meter' | ''}
 							onSignalSourceChange={onSignalSourceChange || ((): void => {})}
 							signalSourceChangeEnabled={signalSourceChangeEnabled}
 							queriesCount={1}

frontend/src/components/QueryBuilderV2/QueryV2/MetricsSelect/MetricsSelect.tsx

@@ -1,14 +1,13 @@
-import { memo, useCallback, useMemo, useState } from 'react';
+import { memo, useCallback, useMemo } from 'react';
 import { Select } from 'antd';
 import {
 	initialQueriesMap,
 	initialQueryMeterWithType,
 	PANEL_TYPES,
 } from 'constants/queryBuilder';
-import { AggregatorFilter } from 'container/QueryBuilder/filters';
+import { MetricNameSelector } from 'container/QueryBuilder/filters';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
 import { useQueryOperations } from 'hooks/queryBuilder/useQueryBuilderOperations';
-import { BaseAutocompleteData } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';
 import { DataSource } from 'types/common/queryBuilder';
 import { SelectOption } from 'types/common/select';
@@ -44,21 +43,12 @@ export const MetricsSelect = memo(function MetricsSelect({
 	signalSourceChangeEnabled: boolean;
 	savePreviousQuery: boolean;
 }): JSX.Element {
-	const [attributeKeys, setAttributeKeys] = useState<BaseAutocompleteData[]>([]);
-
 	const { handleChangeAggregatorAttribute } = useQueryOperations({
 		index,
 		query,
 		entityVersion: version,
 	});
 
-	const handleAggregatorAttributeChange = useCallback(
-		(value: BaseAutocompleteData, isEditMode?: boolean) => {
-			handleChangeAggregatorAttribute(value, isEditMode, attributeKeys || []);
-		},
-		[handleChangeAggregatorAttribute, attributeKeys],
-	);
-
 	const {
 		updateAllQueriesOperators,
 		handleSetQueryData,
@@ -164,12 +154,10 @@ export const MetricsSelect = memo(function MetricsSelect({
 				/>
 			)}
 
-			<AggregatorFilter
-				onChange={handleAggregatorAttributeChange}
+			<MetricNameSelector
+				onChange={handleChangeAggregatorAttribute}
 				query={query}
-				index={index}
 				signalSource={signalSource || ''}
-				setAttributeKeys={setAttributeKeys}
 			/>
 		</div>
 	);

frontend/src/components/QueryBuilderV2/QueryV2/QueryAddOns/QueryAddOns.tsx

@@ -202,8 +202,8 @@ function QueryAddOns({
 		} else {
 			filteredAddOns = Object.values(ADD_ONS);
 
-			// Filter out group_by for metrics data source
 			if (query.dataSource === DataSource.METRICS) {
+				// Filter out group_by for metrics data source (handled in MetricsAggregateSection)
 				filteredAddOns = filteredAddOns.filter(
 					(addOn) => addOn.key !== ADD_ONS_KEYS.GROUP_BY,
 				);

frontend/src/components/QueryBuilderV2/__tests__/QueryBuilder.PrevQuery.test.tsx

@@ -43,6 +43,7 @@ jest.mock(
 );
 jest.mock('container/QueryBuilder/filters', () => ({
 	AggregatorFilter: (): JSX.Element => <div />,
+	MetricNameSelector: (): JSX.Element => <div />,
 }));
 // Mock hooks
 jest.mock('hooks/queryBuilder/useQueryBuilder');

frontend/src/components/createGuardedRoute/createGuardedRoute.styles.scss

@@ -0,0 +1,41 @@
+.guard-authz-error-no-authz {
+	display: flex;
+	align-items: center;
+	justify-content: center;
+
+	width: 100%;
+	height: 100%;
+
+	padding: 24px;
+
+	.guard-authz-error-no-authz-content {
+		display: flex;
+		flex-direction: column;
+		justify-content: flex-start;
+		gap: 8px;
+		max-width: 500px;
+	}
+
+	img {
+		width: 32px;
+		height: 32px;
+	}
+
+	h3 {
+		font-size: 18px;
+		color: var(--l1-foreground);
+		line-height: 18px;
+	}
+
+	p {
+		font-size: 14px;
+		color: var(--l3-foreground);
+		line-height: 18px;
+
+		span {
+			background-color: var(--l3-background);
+			white-space: nowrap;
+			padding: 0 2px;
+		}
+	}
+}

frontend/src/components/createGuardedRoute/createGuardedRoute.test.tsx

@@ -0,0 +1,472 @@
+import { ReactElement } from 'react';
+import type { RouteComponentProps } from 'react-router-dom';
+import {
+	AuthtypesGettableTransactionDTO,
+	AuthtypesTransactionDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { ENVIRONMENT } from 'constants/env';
+import { server } from 'mocks-server/server';
+import { rest } from 'msw';
+import { render, screen, waitFor } from 'tests/test-utils';
+
+import { createGuardedRoute } from './createGuardedRoute';
+
+const BASE_URL = ENVIRONMENT.baseURL || '';
+const AUTHZ_CHECK_URL = `${BASE_URL}/api/v1/authz/check`;
+
+function authzMockResponse(
+	payload: AuthtypesTransactionDTO[],
+	authorizedByIndex: boolean[],
+): { data: AuthtypesGettableTransactionDTO[]; status: string } {
+	return {
+		data: payload.map((txn, i) => ({
+			relation: txn.relation,
+			object: txn.object,
+			authorized: authorizedByIndex[i] ?? false,
+		})),
+		status: 'success',
+	};
+}
+
+describe('createGuardedRoute', () => {
+	const TestComponent = ({ testProp }: { testProp: string }): ReactElement => (
+		<div>Test Component: {testProp}</div>
+	);
+
+	it('should render component when permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:*',
+		);
+
+		const mockMatch = {
+			params: {},
+			isExact: true,
+			path: '/dashboard',
+			url: '/dashboard',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value')).toBeInTheDocument();
+		});
+	});
+
+	it('should substitute route parameters in object string', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:{id}',
+		);
+
+		const mockMatch = {
+			params: { id: '123' },
+			isExact: true,
+			path: '/dashboard/:id',
+			url: '/dashboard/123',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value')).toBeInTheDocument();
+		});
+	});
+
+	it('should handle multiple route parameters', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = (await req.json()) as AuthtypesTransactionDTO[];
+				const txn = payload[0];
+				const responseData: AuthtypesGettableTransactionDTO[] = [
+					{
+						relation: txn.relation,
+						object: {
+							resource: {
+								name: txn.object.resource.name,
+								type: txn.object.resource.type,
+							},
+							selector: '123:456',
+						},
+						authorized: true,
+					},
+				];
+				return res(
+					ctx.status(200),
+					ctx.json({ data: responseData, status: 'success' }),
+				);
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'update',
+			'dashboard:{id}:{version}',
+		);
+
+		const mockMatch = {
+			params: { id: '123', version: '456' },
+			isExact: true,
+			path: '/dashboard/:id/:version',
+			url: '/dashboard/123/456',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value')).toBeInTheDocument();
+		});
+	});
+
+	it('should keep placeholder when route parameter is missing', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:{id}',
+		);
+
+		const mockMatch = {
+			params: {},
+			isExact: true,
+			path: '/dashboard',
+			url: '/dashboard',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value')).toBeInTheDocument();
+		});
+	});
+
+	it('should render loading fallback when loading', () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (_req, res, ctx) => {
+				return res(
+					ctx.delay('infinite'),
+					ctx.status(200),
+					ctx.json({ data: [], status: 'success' }),
+				);
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:*',
+		);
+
+		const mockMatch = {
+			params: {},
+			isExact: true,
+			path: '/dashboard',
+			url: '/dashboard',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		expect(screen.getByText('SigNoz')).toBeInTheDocument();
+		expect(
+			screen.queryByText('Test Component: test-value'),
+		).not.toBeInTheDocument();
+	});
+
+	it('should render error fallback when API error occurs', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(500), ctx.json({ error: 'Internal Server Error' }));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:*',
+		);
+
+		const mockMatch = {
+			params: {},
+			isExact: true,
+			path: '/dashboard',
+			url: '/dashboard',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText(/Something went wrong/i)).toBeInTheDocument();
+		});
+
+		expect(
+			screen.queryByText('Test Component: test-value'),
+		).not.toBeInTheDocument();
+	});
+
+	it('should render no permissions fallback when permission is denied', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [false])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'update',
+			'dashboard:{id}',
+		);
+
+		const mockMatch = {
+			params: { id: '123' },
+			isExact: true,
+			path: '/dashboard/:id',
+			url: '/dashboard/123',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			const heading = document.querySelector('h3');
+			expect(heading).toBeInTheDocument();
+			expect(heading?.textContent).toMatch(/permission to view/i);
+		});
+
+		expect(screen.getByText('update')).toBeInTheDocument();
+		expect(screen.getByText('dashboard:123')).toBeInTheDocument();
+		expect(
+			screen.queryByText('Test Component: test-value'),
+		).not.toBeInTheDocument();
+	});
+
+	it('should pass all props to wrapped component', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const ComponentWithMultipleProps = ({
+			prop1,
+			prop2,
+			prop3,
+		}: {
+			prop1: string;
+			prop2: number;
+			prop3: boolean;
+		}): ReactElement => (
+			<div>
+				{prop1} - {prop2} - {prop3.toString()}
+			</div>
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			ComponentWithMultipleProps,
+			'read',
+			'dashboard:*',
+		);
+
+		const mockMatch = {
+			params: {},
+			isExact: true,
+			path: '/dashboard',
+			url: '/dashboard',
+		};
+
+		const props = {
+			prop1: 'value1',
+			prop2: 42,
+			prop3: true,
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('value1 - 42 - true')).toBeInTheDocument();
+		});
+	});
+
+	it('should memoize resolved object based on route params', async () => {
+		let requestCount = 0;
+		const requestedObjects: string[] = [];
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = (await req.json()) as AuthtypesTransactionDTO[];
+				const obj = payload[0]?.object;
+				const name = obj?.resource?.name;
+				const selector = obj?.selector ?? '*';
+				const objectStr =
+					obj?.resource?.type === 'metaresources' ? name : `${name}:${selector}`;
+				requestedObjects.push(objectStr ?? '');
+
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'read',
+			'dashboard:{id}',
+		);
+
+		const mockMatch1 = {
+			params: { id: '123' },
+			isExact: true,
+			path: '/dashboard/:id',
+			url: '/dashboard/123',
+		};
+
+		const props1 = {
+			testProp: 'test-value-1',
+			match: mockMatch1,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		const { unmount } = render(<GuardedComponent {...props1} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value-1')).toBeInTheDocument();
+		});
+
+		expect(requestCount).toBe(1);
+		expect(requestedObjects).toContain('dashboard:123');
+
+		unmount();
+
+		const mockMatch2 = {
+			params: { id: '456' },
+			isExact: true,
+			path: '/dashboard/:id',
+			url: '/dashboard/456',
+		};
+
+		const props2 = {
+			testProp: 'test-value-2',
+			match: mockMatch2,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props2} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value-2')).toBeInTheDocument();
+		});
+
+		expect(requestCount).toBe(2);
+		expect(requestedObjects).toContain('dashboard:456');
+	});
+
+	it('should handle different relation types', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+			}),
+		);
+
+		const GuardedComponent = createGuardedRoute(
+			TestComponent,
+			'delete',
+			'dashboard:{id}',
+		);
+
+		const mockMatch = {
+			params: { id: '789' },
+			isExact: true,
+			path: '/dashboard/:id',
+			url: '/dashboard/789',
+		};
+
+		const props = {
+			testProp: 'test-value',
+			match: mockMatch,
+			location: ({} as unknown) as RouteComponentProps['location'],
+			history: ({} as unknown) as RouteComponentProps['history'],
+		};
+
+		render(<GuardedComponent {...props} />);
+
+		await waitFor(() => {
+			expect(screen.getByText('Test Component: test-value')).toBeInTheDocument();
+		});
+	});
+});

frontend/src/components/createGuardedRoute/createGuardedRoute.tsx

@@ -0,0 +1,73 @@
+import { ComponentType, ReactElement, useMemo } from 'react';
+import { RouteComponentProps } from 'react-router-dom';
+import {
+	AuthZObject,
+	AuthZRelation,
+	BrandedPermission,
+} from 'hooks/useAuthZ/types';
+import { parsePermission } from 'hooks/useAuthZ/utils';
+
+import ErrorBoundaryFallback from '../../pages/ErrorBoundaryFallback/ErrorBoundaryFallback';
+import AppLoading from '../AppLoading/AppLoading';
+import { GuardAuthZ } from '../GuardAuthZ/GuardAuthZ';
+
+import './createGuardedRoute.styles.scss';
+
+const onErrorFallback = (): JSX.Element => <ErrorBoundaryFallback />;
+
+function OnNoPermissionsFallback(response: {
+	requiredPermissionName: BrandedPermission;
+}): ReactElement {
+	const { relation, object } = parsePermission(response.requiredPermissionName);
+
+	return (
+		<div className="guard-authz-error-no-authz">
+			<div className="guard-authz-error-no-authz-content">
+				<img src="/Icons/no-data.svg" alt="No permission" />
+				<h3>Uh-oh! You don’t have permission to view this page.</h3>
+				<p>
+					You need the following permission to view this page:
+					<br />
+					Relation: <span>{relation}</span>
+					<br />
+					Object: <span>{object}</span>
+					<br />
+					Ask your SigNoz administrator to grant access.
+				</p>
+			</div>
+		</div>
+	);
+}
+
+// eslint-disable-next-line @typescript-eslint/ban-types
+export function createGuardedRoute<P extends object, R extends AuthZRelation>(
+	Component: ComponentType<P>,
+	relation: R,
+	object: AuthZObject<R>,
+): ComponentType<P & RouteComponentProps<Record<string, string>>> {
+	return function GuardedRouteComponent(
+		props: P & RouteComponentProps<Record<string, string>>,
+	): ReactElement {
+		const resolvedObject = useMemo(() => {
+			const paramPattern = /\{([^}]+)\}/g;
+			return object.replace(paramPattern, (match, paramName) => {
+				const paramValue = props.match?.params?.[paramName];
+				return paramValue !== undefined ? paramValue : match;
+			}) as AuthZObject<R>;
+		}, [props.match?.params]);
+
+		return (
+			<GuardAuthZ
+				relation={relation}
+				object={resolvedObject}
+				fallbackOnLoading={<AppLoading />}
+				fallbackOnError={onErrorFallback}
+				fallbackOnNoPermissions={(response): ReactElement => (
+					<OnNoPermissionsFallback {...response} />
+				)}
+			>
+				<Component {...props} />
+			</GuardAuthZ>
+		);
+	};
+}

frontend/src/constants/localStorage.ts

@@ -29,7 +29,6 @@ export enum LOCALSTORAGE {
 	DONT_SHOW_SLOW_API_WARNING = 'DONT_SHOW_SLOW_API_WARNING',
 	METRICS_LIST_OPTIONS = 'METRICS_LIST_OPTIONS',
 	SHOW_EXCEPTIONS_QUICK_FILTERS = 'SHOW_EXCEPTIONS_QUICK_FILTERS',
-	BANNER_DISMISSED = 'BANNER_DISMISSED',
 	QUICK_FILTERS_SETTINGS_ANNOUNCEMENT = 'QUICK_FILTERS_SETTINGS_ANNOUNCEMENT',
 	FUNNEL_STEPS = 'FUNNEL_STEPS',
 	SPAN_DETAILS_PINNED_ATTRIBUTES = 'SPAN_DETAILS_PINNED_ATTRIBUTES',

frontend/src/constants/queryBuilder.ts

@@ -1,4 +1,5 @@
 // ** Helpers
+import { MetrictypesTypeDTO } from 'api/generated/services/sigNoz.schemas';
 import { createIdFromObjectFields } from 'lib/createIdFromObjectFields';
 import { createNewBuilderItemName } from 'lib/newQueryBuilder/createNewBuilderItemName';
 import { IAttributeValuesResponse } from 'types/api/queryBuilder/getAttributesValues';
@@ -177,7 +178,7 @@ export const initialQueryBuilderFormValues: IBuilderQuery = {
 		{
 			metricName: '',
 			temporality: '',
-			timeAggregation: MetricAggregateOperator.COUNT,
+			timeAggregation: MetricAggregateOperator.AVG,
 			spaceAggregation: MetricAggregateOperator.SUM,
 			reduceTo: ReduceOperators.AVG,
 		},
@@ -225,7 +226,7 @@ export const initialQueryBuilderFormMeterValues: IBuilderQuery = {
 		{
 			metricName: '',
 			temporality: '',
-			timeAggregation: MeterAggregateOperator.COUNT,
+			timeAggregation: MeterAggregateOperator.AVG,
 			spaceAggregation: MeterAggregateOperator.SUM,
 			reduceTo: ReduceOperators.AVG,
 		},
@@ -371,6 +372,31 @@ export enum ATTRIBUTE_TYPES {
 	EXPONENTIAL_HISTOGRAM = 'ExponentialHistogram',
 }
 
+const METRIC_TYPE_TO_ATTRIBUTE_TYPE: Record<
+	MetrictypesTypeDTO,
+	ATTRIBUTE_TYPES
+> = {
+	[MetrictypesTypeDTO.sum]: ATTRIBUTE_TYPES.SUM,
+	[MetrictypesTypeDTO.gauge]: ATTRIBUTE_TYPES.GAUGE,
+	[MetrictypesTypeDTO.histogram]: ATTRIBUTE_TYPES.HISTOGRAM,
+	[MetrictypesTypeDTO.summary]: ATTRIBUTE_TYPES.GAUGE,
+	[MetrictypesTypeDTO.exponentialhistogram]:
+		ATTRIBUTE_TYPES.EXPONENTIAL_HISTOGRAM,
+};
+
+export function toAttributeType(
+	metricType: MetrictypesTypeDTO | undefined,
+	isMonotonic?: boolean,
+): ATTRIBUTE_TYPES | '' {
+	if (!metricType) {
+		return '';
+	}
+	if (metricType === MetrictypesTypeDTO.sum && isMonotonic === false) {
+		return ATTRIBUTE_TYPES.GAUGE;
+	}
+	return METRIC_TYPE_TO_ATTRIBUTE_TYPE[metricType] || '';
+}
+
 export type IQueryBuilderState = 'search';
 
 export const QUERY_BUILDER_SEARCH_VALUES = {

frontend/src/container/CreateAlertV2/Footer/__tests__/utils.test.ts

@@ -441,7 +441,7 @@ describe('Footer utils', () => {
 											reduceTo: undefined,
 											spaceAggregation: 'sum',
 											temporality: undefined,
-											timeAggregation: 'count',
+											timeAggregation: 'avg',
 										},
 									],
 									disabled: false,

frontend/src/container/Download/Download.tsx

@@ -1,6 +1,6 @@
+import { useState } from 'react';
 import { CloudDownloadOutlined } from '@ant-design/icons';
 import { Button, Dropdown, MenuProps } from 'antd';
-import { Excel } from 'antd-table-saveas-excel';
 import { unparse } from 'papaparse';
 
 import { DownloadProps } from './Download.types';
@@ -8,25 +8,36 @@ import { DownloadProps } from './Download.types';
 import './Download.styles.scss';
 
 function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
-	const downloadExcelFile = (): void => {
-		const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
-			const updatedTitle = item
-				.split('_')
-				.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
-				.join(' ');
-			return {
-				title: updatedTitle,
-				dataIndex: item,
-			};
-		});
-		const excel = new Excel();
-		excel
-			.addSheet(fileName)
-			.addColumns(headers)
-			.addDataSource(data, {
-				str2Percent: true,
-			})
-			.saveAs(`${fileName}.xlsx`);
+	const [isDownloading, setIsDownloading] = useState(false);
+
+	const downloadExcelFile = async (): Promise<void> => {
+		setIsDownloading(true);
+
+		try {
+			const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
+				const updatedTitle = item
+					.split('_')
+					.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
+					.join(' ');
+				return {
+					title: updatedTitle,
+					dataIndex: item,
+				};
+			});
+
+			const excelLib = await import('antd-table-saveas-excel');
+
+			const excel = new excelLib.Excel();
+			excel
+				.addSheet(fileName)
+				.addColumns(headers)
+				.addDataSource(data, {
+					str2Percent: true,
+				})
+				.saveAs(`${fileName}.xlsx`);
+		} finally {
+			setIsDownloading(false);
+		}
 	};
 
 	const downloadCsvFile = (): void => {
@@ -59,7 +70,7 @@ function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
 		<Dropdown menu={menu} trigger={['click']}>
 			<Button
 				className="download-button"
-				loading={isLoading}
+				loading={isLoading || isDownloading}
 				size="small"
 				type="link"
 			>

frontend/src/container/DownloadV2/DownloadV2.tsx

@@ -1,5 +1,5 @@
+import { useState } from 'react';
 import { Button, Popover, Typography } from 'antd';
-import { Excel } from 'antd-table-saveas-excel';
 import { FileDigit, FileDown, Sheet } from 'lucide-react';
 import { unparse } from 'papaparse';
 
@@ -8,25 +8,34 @@ import { DownloadProps } from './DownloadV2.types';
 import './DownloadV2.styles.scss';
 
 function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
-	const downloadExcelFile = (): void => {
-		const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
-			const updatedTitle = item
-				.split('_')
-				.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
-				.join(' ');
-			return {
-				title: updatedTitle,
-				dataIndex: item,
-			};
-		});
-		const excel = new Excel();
-		excel
-			.addSheet(fileName)
-			.addColumns(headers)
-			.addDataSource(data, {
-				str2Percent: true,
-			})
-			.saveAs(`${fileName}.xlsx`);
+	const [isDownloading, setIsDownloading] = useState(false);
+
+	const downloadExcelFile = async (): Promise<void> => {
+		setIsDownloading(true);
+
+		try {
+			const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
+				const updatedTitle = item
+					.split('_')
+					.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
+					.join(' ');
+				return {
+					title: updatedTitle,
+					dataIndex: item,
+				};
+			});
+			const excelLib = await import('antd-table-saveas-excel');
+			const excel = new excelLib.Excel();
+			excel
+				.addSheet(fileName)
+				.addColumns(headers)
+				.addDataSource(data, {
+					str2Percent: true,
+				})
+				.saveAs(`${fileName}.xlsx`);
+		} finally {
+			setIsDownloading(false);
+		}
 	};
 
 	const downloadCsvFile = (): void => {
@@ -54,6 +63,7 @@ function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
 						type="text"
 						onClick={downloadExcelFile}
 						className="action-btns"
+						loading={isDownloading}
 					>
 						Excel (.xlsx)
 					</Button>

frontend/src/container/Home/Home.styles.scss

@@ -25,51 +25,6 @@
 		background: var(--bg-slate-500);
 	}
 
-	.home-container-banner {
-		position: relative;
-		display: flex;
-		flex-direction: row;
-		align-items: center;
-		justify-content: center;
-		padding: 8px 12px;
-		width: 100%;
-		background-color: var(--bg-robin-500);
-
-		.home-container-banner-close {
-			display: flex;
-			align-items: center;
-			justify-content: center;
-			cursor: pointer;
-			color: var(--bg-vanilla-100);
-
-			position: absolute;
-			right: 12px;
-		}
-
-		.home-container-banner-content {
-			display: flex;
-			align-items: center;
-			justify-content: center;
-			gap: 4px;
-			color: var(--bg-vanilla-100);
-			font-family: Inter;
-			font-size: 12px;
-			font-style: normal;
-			font-weight: 400;
-			line-height: 20px;
-
-			.home-container-banner-link {
-				color: var(--bg-vanilla-100);
-				font-size: 12px;
-				font-style: normal;
-				font-weight: 400;
-				line-height: 20px;
-				letter-spacing: -0.07px;
-				text-decoration: underline;
-			}
-		}
-	}
-
 	.home-header-left {
 		display: flex;
 		align-items: center;

frontend/src/container/Home/Home.tsx

@@ -1,13 +1,13 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useMutation, useQuery } from 'react-query';
 import { Color } from '@signozhq/design-tokens';
+import { Compass, Dot, House, Plus, Wrench } from '@signozhq/icons';
 import { Button, Popover } from 'antd';
 import logEvent from 'api/common/logEvent';
 import listUserPreferences from 'api/v1/user/preferences/list';
 import updateUserPreferenceAPI from 'api/v1/user/preferences/name/update';
 import Header from 'components/Header/Header';
 import { ENTITY_VERSION_V5 } from 'constants/app';
-import { LOCALSTORAGE } from 'constants/localStorage';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import { initialQueriesMap, PANEL_TYPES } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
@@ -15,10 +15,8 @@ import ROUTES from 'constants/routes';
 import { getMetricsListQuery } from 'container/MetricsExplorer/Summary/utils';
 import { useGetMetricsList } from 'hooks/metricsExplorer/useGetMetricsList';
 import { useGetQueryRange } from 'hooks/queryBuilder/useGetQueryRange';
-import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
 import history from 'lib/history';
 import cloneDeep from 'lodash-es/cloneDeep';
-import { CompassIcon, DotIcon, HomeIcon, Plus, Wrench, X } from 'lucide-react';
 import { AnimatePresence } from 'motion/react';
 import * as motion from 'motion/react-client';
 import Card from 'periscope/components/Card/Card';
@@ -51,8 +49,6 @@ export default function Home(): JSX.Element {
 	const [updatingUserPreferences, setUpdatingUserPreferences] = useState(false);
 	const [loadingUserPreferences, setLoadingUserPreferences] = useState(true);
 
-	const { isCommunityUser, isCommunityEnterpriseUser } = useGetTenantLicense();
-
 	const [checklistItems, setChecklistItems] = useState<ChecklistItem[]>(
 		defaultChecklistItemsState,
 	);
@@ -61,13 +57,6 @@ export default function Home(): JSX.Element {
 		false,
 	);
 
-	const [isBannerDismissed, setIsBannerDismissed] = useState(false);
-
-	useEffect(() => {
-		const bannerDismissed = localStorage.getItem(LOCALSTORAGE.BANNER_DISMISSED);
-		setIsBannerDismissed(bannerDismissed === 'true');
-	}, []);
-
 	useEffect(() => {
 		const now = new Date();
 		const startTime = new Date(now.getTime() - homeInterval);
@@ -298,44 +287,13 @@ export default function Home(): JSX.Element {
 		logEvent('Homepage: Visited', {});
 	}, []);
 
-	const hideBanner = (): void => {
-		localStorage.setItem(LOCALSTORAGE.BANNER_DISMISSED, 'true');
-		setIsBannerDismissed(true);
-	};
-
-	const showBanner = useMemo(
-		() => !isBannerDismissed && (isCommunityUser || isCommunityEnterpriseUser),
-		[isBannerDismissed, isCommunityUser, isCommunityEnterpriseUser],
-	);
-
 	return (
 		<div className="home-container">
 			<div className="sticky-header">
-				{showBanner && (
-					<div className="home-container-banner">
-						<div className="home-container-banner-content">
-							Big News: SigNoz Community Edition now available with SSO (Google OAuth)
-							and API keys -
-							<a
-								href="https://signoz.io/blog/open-source-signoz-now-available-with-sso-and-api-keys/"
-								target="_blank"
-								rel="noreferrer"
-								className="home-container-banner-link"
-							>
-								<i>read more</i>
-							</a>
-						</div>
-
-						<div className="home-container-banner-close">
-							<X size={16} onClick={hideBanner} />
-						</div>
-					</div>
-				)}
-
 				<Header
 					leftComponent={
 						<div className="home-header-left">
-							<HomeIcon size={14} /> Home
+							<House size={14} /> Home
 						</div>
 					}
 					rightComponent={
@@ -400,7 +358,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -427,7 +385,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Logs
 										</div>
 									</div>
@@ -441,7 +399,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -468,7 +426,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Traces
 										</div>
 									</div>
@@ -482,7 +440,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -509,7 +467,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Metrics
 										</div>
 									</div>

frontend/src/container/MeterExplorer/Explorer/TimeSeries.tsx

@@ -6,6 +6,7 @@ import { isAxiosError } from 'axios';
 import { ENTITY_VERSION_V5 } from 'constants/app';
 import { initialQueryMeterWithType, PANEL_TYPES } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
+import EmptyMetricsSearch from 'container/MetricsExplorer/Explorer/EmptyMetricsSearch';
 import { BuilderUnitsFilter } from 'container/QueryBuilder/filters/BuilderUnitsFilter';
 import TimeSeriesView from 'container/TimeSeriesView/TimeSeriesView';
 import { convertDataValueToMs } from 'container/TimeSeriesView/utils';
@@ -115,27 +116,34 @@ function TimeSeries(): JSX.Element {
 		setYAxisUnit(value);
 	};
 
+	const hasMetricSelected = useMemo(
+		() => currentQuery.builder.queryData.some((q) => q.aggregateAttribute?.key),
+		[currentQuery],
+	);
+
 	return (
 		<div className="meter-time-series-container">
 			<BuilderUnitsFilter onChange={onUnitChangeHandler} yAxisUnit={yAxisUnit} />
 			<div className="time-series-container">
-				{responseData.map((datapoint, index) => (
-					<div
-						className="time-series-view-panel"
-						// eslint-disable-next-line react/no-array-index-key
-						key={index}
-					>
-						<TimeSeriesView
-							isFilterApplied={false}
-							isError={queries[index].isError}
-							isLoading={queries[index].isLoading}
-							data={datapoint}
-							dataSource={DataSource.METRICS}
-							yAxisUnit={yAxisUnit}
-							panelType={PANEL_TYPES.BAR}
-						/>
-					</div>
-				))}
+				{!hasMetricSelected && <EmptyMetricsSearch />}
+				{hasMetricSelected &&
+					responseData.map((datapoint, index) => (
+						<div
+							className="time-series-view-panel"
+							// eslint-disable-next-line react/no-array-index-key
+							key={index}
+						>
+							<TimeSeriesView
+								isFilterApplied={false}
+								isError={queries[index].isError}
+								isLoading={queries[index].isLoading}
+								data={datapoint}
+								dataSource={DataSource.METRICS}
+								yAxisUnit={yAxisUnit}
+								panelType={PANEL_TYPES.BAR}
+							/>
+						</div>
+					))}
 			</div>
 		</div>
 	);

frontend/src/container/MetricsExplorer/Explorer/EmptyMetricsSearch.tsx

@@ -1,13 +1,21 @@
 import { Typography } from 'antd';
 import { Empty } from 'antd/lib';
 
-export default function EmptyMetricsSearch(): JSX.Element {
+interface EmptyMetricsSearchProps {
+	hasQueryResult?: boolean;
+}
+
+export default function EmptyMetricsSearch({
+	hasQueryResult,
+}: EmptyMetricsSearchProps): JSX.Element {
 	return (
 		<div className="empty-metrics-search">
 			<Empty
 				description={
 					<Typography.Title level={5}>
-						Please build and run a valid query to see the result
+						{hasQueryResult
+							? 'No data'
+							: 'Select a metric and run a query to see the results'}
 					</Typography.Title>
 				}
 			/>

frontend/src/container/MetricsExplorer/Explorer/Explorer.tsx

@@ -69,7 +69,7 @@ function Explorer(): JSX.Element {
 			!isMetricUnitsLoading &&
 			!isMetricUnitsError &&
 			units.length > 0 &&
-			units.every((unit) => unit && unit === units[0]),
+			units.every((unit) => unit === units[0]),
 		[units, isMetricUnitsLoading, isMetricUnitsError],
 	);
 

frontend/src/container/MetricsExplorer/Explorer/TimeSeries.tsx

@@ -28,6 +28,7 @@ import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
 import { DataSource } from 'types/common/queryBuilder';
 import { GlobalReducer } from 'types/reducer/globalTime';
 
+import EmptyMetricsSearch from './EmptyMetricsSearch';
 import { TimeSeriesProps } from './types';
 import {
 	buildUpdateMetricYAxisUnitPayload,
@@ -209,7 +210,7 @@ function TimeSeries({
 						{showSaveUnitButton && (
 							<div className="save-unit-container">
 								<Typography.Text>
-									Save the selected unit for this metric?
+									Set the selected unit as the metric unit?
 								</Typography.Text>
 								<Button
 									type="primary"
@@ -229,64 +230,71 @@ function TimeSeries({
 					'time-series-container': changeLayoutForOneChartPerQuery,
 				})}
 			>
-				{responseData.map((datapoint, index) => {
-					const isQueryDataItem = index < metricNames.length;
-					const metricName = isQueryDataItem ? metricNames[index] : undefined;
-					const metricUnit = isQueryDataItem ? metricUnits[index] : undefined;
+				{metricNames.length === 0 && <EmptyMetricsSearch />}
+				{metricNames.length > 0 &&
+					responseData.map((datapoint, index) => {
+						const isQueryDataItem = index < metricNames.length;
+						const metricName = isQueryDataItem ? metricNames[index] : undefined;
+						const metricUnit = isQueryDataItem ? metricUnits[index] : undefined;
 
-					// Show the no unit warning if -
-					// 1. The metric query is not loading
-					// 2. The metric units are not loading
-					// 3. There are more than one metric
-					// 4. The current metric unit is empty
-					// 5. Is a queryData item
-					const isMetricUnitEmpty =
-						isQueryDataItem &&
-						!queries[index].isLoading &&
-						!isMetricUnitsLoading &&
-						metricUnits.length > 1 &&
-						!metricUnit &&
-						metricName;
+						// Show the no unit warning if -
+						// 1. The metric query is not loading
+						// 2. The metric units are not loading
+						// 3. There are more than one metric
+						// 4. The current metric unit is empty
+						// 5. Is a queryData item
+						const isMetricUnitEmpty =
+							isQueryDataItem &&
+							!queries[index].isLoading &&
+							!isMetricUnitsLoading &&
+							metricUnits.length > 1 &&
+							!metricUnit &&
+							metricName;
 
-					const currentYAxisUnit = yAxisUnit || metricUnit;
+						const currentYAxisUnit = yAxisUnit || metricUnit;
 
-					return (
-						<div
-							className="time-series-view"
-							// eslint-disable-next-line react/no-array-index-key
-							key={index}
-						>
-							{isMetricUnitEmpty && metricName && (
-								<Tooltip
-									className="no-unit-warning"
-									title={
-										<Typography.Text>
-											This metric does not have a unit. Please set one for it in the{' '}
-											<Typography.Link
-												onClick={(): void => handleOpenMetricDetails(metricName)}
-											>
-												metric details
-											</Typography.Link>{' '}
-											page.
-										</Typography.Text>
-									}
-								>
-									<AlertTriangle size={16} color={Color.BG_AMBER_400} />
-								</Tooltip>
-							)}
-							<TimeSeriesView
-								isFilterApplied={false}
-								isError={queries[index].isError}
-								isLoading={queries[index].isLoading || isMetricUnitsLoading}
-								data={datapoint}
-								yAxisUnit={currentYAxisUnit}
-								dataSource={DataSource.METRICS}
-								error={queries[index].error as APIError}
-								setWarning={setWarning}
-							/>
-						</div>
-					);
-				})}
+						return (
+							<div
+								className="time-series-view"
+								// eslint-disable-next-line react/no-array-index-key
+								key={index}
+							>
+								{isMetricUnitEmpty && metricName && (
+									<Tooltip
+										className="no-unit-warning"
+										title={
+											<Typography.Text>
+												No unit is set for this metric. You can assign one from the{' '}
+												<Typography.Link
+													onClick={(): void => handleOpenMetricDetails(metricName)}
+												>
+													metric details
+												</Typography.Link>{' '}
+												page.
+											</Typography.Text>
+										}
+									>
+										<AlertTriangle
+											size={16}
+											color={Color.BG_AMBER_400}
+											role="img"
+											aria-label="no unit warning"
+										/>
+									</Tooltip>
+								)}
+								<TimeSeriesView
+									isFilterApplied={false}
+									isError={queries[index].isError}
+									isLoading={queries[index].isLoading || isMetricUnitsLoading}
+									data={datapoint}
+									yAxisUnit={currentYAxisUnit}
+									dataSource={DataSource.METRICS}
+									error={queries[index].error as APIError}
+									setWarning={setWarning}
+								/>
+							</div>
+						);
+					})}
 			</div>
 		</>
 	);

frontend/src/container/MetricsExplorer/Explorer/__tests__/EmptyMetricsSearch.test.tsx

@@ -0,0 +1,19 @@
+import { render, screen } from '@testing-library/react';
+
+import EmptyMetricsSearch from '../EmptyMetricsSearch';
+
+describe('EmptyMetricsSearch', () => {
+	it('shows select metric message when no query has been run', () => {
+		render(<EmptyMetricsSearch />);
+
+		expect(
+			screen.getByText('Select a metric and run a query to see the results'),
+		).toBeInTheDocument();
+	});
+
+	it('shows no data message when a query returned empty results', () => {
+		render(<EmptyMetricsSearch hasQueryResult />);
+
+		expect(screen.getByText('No data')).toBeInTheDocument();
+	});
+});

frontend/src/container/MetricsExplorer/Explorer/__tests__/Explorer.test.tsx

@@ -8,7 +8,7 @@ import {
 	MetrictypesTemporalityDTO,
 	MetrictypesTypeDTO,
 } from 'api/generated/services/sigNoz.schemas';
-import { initialQueriesMap, PANEL_TYPES } from 'constants/queryBuilder';
+import { initialQueriesMap } from 'constants/queryBuilder';
 import * as useOptionsMenuHooks from 'container/OptionsMenu';
 import * as useUpdateDashboardHooks from 'hooks/dashboard/useUpdateDashboard';
 import * as useQueryBuilderHooks from 'hooks/queryBuilder/useQueryBuilder';
@@ -157,26 +157,6 @@ describe('Explorer', () => {
 		jest.clearAllMocks();
 	});
 
-	it('should render Explorer query builder with metrics datasource selected', () => {
-		jest.spyOn(useQueryBuilderHooks, 'useQueryBuilder').mockReturnValue({
-			...mockUseQueryBuilderData,
-			stagedQuery: initialQueriesMap[DataSource.TRACES],
-		} as any);
-
-		(useSearchParams as jest.Mock).mockReturnValue([
-			new URLSearchParams({ isOneChartPerQueryEnabled: 'false' }),
-			mockSetSearchParams,
-		]);
-
-		renderExplorer();
-
-		expect(mockUpdateAllQueriesOperators).toHaveBeenCalledWith(
-			initialQueriesMap[DataSource.METRICS],
-			PANEL_TYPES.TIME_SERIES,
-			DataSource.METRICS,
-		);
-	});
-
 	it('should enable one chart per query toggle when oneChartPerQuery=true in URL', () => {
 		(useSearchParams as jest.Mock).mockReturnValue([
 			new URLSearchParams({ isOneChartPerQueryEnabled: 'true' }),
@@ -241,20 +221,46 @@ describe('Explorer', () => {
 		expect(yAxisUnitSelector).not.toBeInTheDocument();
 	});
 
-	it('should hide y axis unit selector for multiple metrics with different units', () => {
+	it('one chart per query toggle should be forced on and disabled when multiple metrics have different units', () => {
+		const mockQueryData = {
+			...initialQueriesMap[DataSource.METRICS].builder.queryData[0],
+			aggregateAttribute: {
+				...(initialQueriesMap[DataSource.METRICS].builder.queryData[0]
+					.aggregateAttribute as BaseAutocompleteData),
+				key: 'metric1',
+			},
+		};
+		const mockStagedQueryWithMultipleQueries = {
+			...initialQueriesMap[DataSource.METRICS],
+			builder: {
+				...initialQueriesMap[DataSource.METRICS].builder,
+				queryData: [mockQueryData, mockQueryData],
+			},
+		};
+
+		jest.spyOn(useQueryBuilderHooks, 'useQueryBuilder').mockReturnValue(({
+			...mockUseQueryBuilderData,
+			stagedQuery: mockStagedQueryWithMultipleQueries,
+		} as Partial<QueryBuilderContextType>) as QueryBuilderContextType);
+
 		jest.spyOn(useGetMetricsHooks, 'useGetMetrics').mockReturnValue({
 			isLoading: false,
 			isError: false,
-			metrics: [MOCK_METRIC_METADATA, MOCK_METRIC_METADATA],
+			metrics: [
+				{ ...MOCK_METRIC_METADATA, unit: 'seconds' },
+				{ ...MOCK_METRIC_METADATA, unit: 'bytes' },
+			],
 		});
 
+		(useSearchParams as jest.Mock).mockReturnValue([
+			new URLSearchParams({ isOneChartPerQueryEnabled: 'false' }),
+			mockSetSearchParams,
+		]);
+
 		renderExplorer();
 
-		const yAxisUnitSelector = screen.queryByTestId(Y_AXIS_UNIT_SELECTOR_TEST_ID);
-		expect(yAxisUnitSelector).not.toBeInTheDocument();
-
-		// One chart per query toggle should be disabled
 		const oneChartPerQueryToggle = screen.getByRole('switch');
+		expect(oneChartPerQueryToggle).toBeChecked();
 		expect(oneChartPerQueryToggle).toBeDisabled();
 	});
 
@@ -327,4 +333,53 @@ describe('Explorer', () => {
 		const oneChartPerQueryToggle = screen.getByRole('switch');
 		expect(oneChartPerQueryToggle).toBeEnabled();
 	});
+
+	it('one chart per query toggle should be enabled when multiple metrics have no unit', () => {
+		const metricWithNoUnit = {
+			type: MetrictypesTypeDTO.sum,
+			description: 'metric without unit',
+			unit: '',
+			temporality: MetrictypesTemporalityDTO.cumulative,
+			isMonotonic: true,
+		};
+		const mockQueryData = {
+			...initialQueriesMap[DataSource.METRICS].builder.queryData[0],
+			aggregateAttribute: {
+				...(initialQueriesMap[DataSource.METRICS].builder.queryData[0]
+					.aggregateAttribute as BaseAutocompleteData),
+				key: 'metric1',
+			},
+		};
+		const mockStagedQueryWithMultipleQueries = {
+			...initialQueriesMap[DataSource.METRICS],
+			builder: {
+				...initialQueriesMap[DataSource.METRICS].builder,
+				queryData: [mockQueryData, mockQueryData],
+			},
+		};
+
+		jest.spyOn(useQueryBuilderHooks, 'useQueryBuilder').mockReturnValue(({
+			...mockUseQueryBuilderData,
+			stagedQuery: mockStagedQueryWithMultipleQueries,
+		} as Partial<QueryBuilderContextType>) as QueryBuilderContextType);
+
+		jest.spyOn(useGetMetricsHooks, 'useGetMetrics').mockReturnValue({
+			isLoading: false,
+			isError: false,
+			metrics: [metricWithNoUnit, metricWithNoUnit],
+		});
+
+		(useSearchParams as jest.Mock).mockReturnValue([
+			new URLSearchParams({ isOneChartPerQueryEnabled: 'false' }),
+			mockSetSearchParams,
+		]);
+
+		renderExplorer();
+
+		const oneChartPerQueryToggle = screen.getByRole('switch');
+		// Toggle should be enabled (not forced/disabled) since both metrics
+		// have the same unit (no unit) and should be viewable on the same graph
+		expect(oneChartPerQueryToggle).toBeEnabled();
+		expect(oneChartPerQueryToggle).not.toBeChecked();
+	});
 });

frontend/src/container/MetricsExplorer/Explorer/__tests__/TimeSeries.test.tsx

@@ -1,4 +1,4 @@
-import { render, RenderResult, screen, waitFor } from '@testing-library/react';
+import { render, screen } from '@testing-library/react';
 import userEvent from '@testing-library/user-event';
 import * as metricsExplorerHooks from 'api/generated/services/metrics';
 
@@ -56,7 +56,7 @@ const mockSetYAxisUnit = jest.fn();
 
 function renderTimeSeries(
 	overrides: Partial<TimeSeriesProps> = {},
-): RenderResult {
+): ReturnType<typeof render> {
 	return render(
 		<TimeSeries
 			showOneChartPerQuery={false}
@@ -84,45 +84,57 @@ describe('TimeSeries', () => {
 		} as Partial<UseUpdateMetricMetadataReturnType>) as UseUpdateMetricMetadataReturnType);
 	});
 
+	it('shows select metric message when no metric is selected', () => {
+		renderTimeSeries({ metricNames: [] });
+
+		expect(
+			screen.getByText('Select a metric and run a query to see the results'),
+		).toBeInTheDocument();
+		expect(screen.queryByText('TimeSeriesView')).not.toBeInTheDocument();
+	});
+
+	it('renders chart view when a metric is selected', () => {
+		renderTimeSeries({
+			metricNames: ['metric1'],
+			metricUnits: ['count'],
+			metrics: [MOCK_METRIC_METADATA],
+		});
+
+		expect(screen.getByText('TimeSeriesView')).toBeInTheDocument();
+		expect(
+			screen.queryByText('Select a metric and run a query to see the results'),
+		).not.toBeInTheDocument();
+	});
+
 	it('should render a warning icon when a metric has no unit among multiple metrics', () => {
-		const user = userEvent.setup();
-		const { container } = renderTimeSeries({
+		renderTimeSeries({
 			metricUnits: ['', 'count'],
 			metricNames: ['metric1', 'metric2'],
 			metrics: [undefined, undefined],
 		});
 
-		const alertIcon = container.querySelector('.no-unit-warning') as HTMLElement;
-		user.hover(alertIcon);
-		waitFor(() =>
-			expect(
-				screen.findByText('This metric does not have a unit'),
-			).toBeInTheDocument(),
-		);
+		expect(
+			screen.getByRole('img', { name: 'no unit warning' }),
+		).toBeInTheDocument();
 	});
 
-	it('clicking on warning icon tooltip should open metric details modal', async () => {
+	it('warning tooltip shows metric details link', async () => {
 		const user = userEvent.setup();
-		const { container } = renderTimeSeries({
+		renderTimeSeries({
 			metricUnits: ['', 'count'],
 			metricNames: ['metric1', 'metric2'],
 			metrics: [MOCK_METRIC_METADATA, MOCK_METRIC_METADATA],
 			yAxisUnit: 'seconds',
 		});
 
-		const alertIcon = container.querySelector('.no-unit-warning') as HTMLElement;
-		user.hover(alertIcon);
+		const alertIcon = screen.getByRole('img', { name: 'no unit warning' });
+		await user.hover(alertIcon);
 
-		const metricDetailsLink = await screen.findByText('metric details');
-		user.click(metricDetailsLink);
-
-		waitFor(() =>
-			expect(mockSetIsMetricDetailsOpen).toHaveBeenCalledWith('metric1'),
-		);
+		expect(await screen.findByText('metric details')).toBeInTheDocument();
 	});
 
-	it('shows Save unit button when metric had no unit but one is selected', async () => {
-		const { findByText, getByRole } = renderTimeSeries({
+	it('shows save unit prompt with enabled button when metric has no unit and a unit is selected', async () => {
+		renderTimeSeries({
 			metricUnits: [undefined],
 			metricNames: ['metric1'],
 			metrics: [MOCK_METRIC_METADATA],
@@ -131,38 +143,10 @@ describe('TimeSeries', () => {
 		});
 
 		expect(
-			await findByText('Save the selected unit for this metric?'),
+			await screen.findByText('Set the selected unit as the metric unit?'),
 		).toBeInTheDocument();
 
-		const yesButton = getByRole('button', { name: 'Yes' });
-		expect(yesButton).toBeInTheDocument();
+		const yesButton = screen.getByRole('button', { name: 'Yes' });
 		expect(yesButton).toBeEnabled();
 	});
-
-	it('clicking on save unit button shoould upated metric metadata', async () => {
-		const user = userEvent.setup();
-		const { getByRole } = renderTimeSeries({
-			metricUnits: [''],
-			metricNames: ['metric1'],
-			metrics: [MOCK_METRIC_METADATA],
-			yAxisUnit: 'seconds',
-			showYAxisUnitSelector: true,
-		});
-
-		const yesButton = getByRole('button', { name: /Yes/i });
-		await user.click(yesButton);
-
-		expect(mockUpdateMetricMetadata).toHaveBeenCalledWith(
-			{
-				pathParams: {
-					metricName: 'metric1',
-				},
-				data: expect.objectContaining({ unit: 'seconds' }),
-			},
-			expect.objectContaining({
-				onSuccess: expect.any(Function),
-				onError: expect.any(Function),
-			}),
-		);
-	});
 });

frontend/src/container/MetricsExplorer/Explorer/__tests__/utils.test.tsx

@@ -139,4 +139,14 @@ describe('getMetricUnits', () => {
 		expect(result).toHaveLength(1);
 		expect(result[0]).toBe('s');
 	});
+
+	it('should return undefined for metrics with no unit', () => {
+		const result = getMetricUnits([
+			{ ...MOCK_METRIC_METADATA, unit: '' },
+			{ ...MOCK_METRIC_METADATA, unit: '' },
+		]);
+		expect(result).toHaveLength(2);
+		expect(result[0]).toBeUndefined();
+		expect(result[1]).toBeUndefined();
+	});
 });

frontend/src/container/MetricsExplorer/Inspect/MetricNameSearch.tsx

@@ -1,7 +1,7 @@
 import { useState } from 'react';
 import { Typography } from 'antd';
 import { initialQueriesMap } from 'constants/queryBuilder';
-import { AggregatorFilter } from 'container/QueryBuilder/filters';
+import { MetricNameSelector } from 'container/QueryBuilder/filters';
 import { BaseAutocompleteData } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { DataSource } from 'types/common/queryBuilder';
 
@@ -27,7 +27,7 @@ function MetricNameSearch({
 			className="inspect-metrics-input-group metric-name-search"
 		>
 			<Typography.Text>From</Typography.Text>
-			<AggregatorFilter
+			<MetricNameSelector
 				defaultValue={searchText ?? ''}
 				query={initialQueriesMap[DataSource.METRICS].builder.queryData[0]}
 				onSelect={handleSetMetricName}

frontend/src/container/MetricsExplorer/Inspect/__tests__/QueryBuilder.test.tsx

@@ -1,8 +1,9 @@
 import { QueryClient, QueryClientProvider } from 'react-query';
 // eslint-disable-next-line no-restricted-imports
 import { Provider } from 'react-redux';
-import { render, screen } from '@testing-library/react';
+import { fireEvent, render, screen, within } from '@testing-library/react';
 import userEvent from '@testing-library/user-event';
+import * as metricsService from 'api/generated/services/metrics';
 import { MetricType } from 'api/metricsExplorer/getMetricsList';
 import * as appContextHooks from 'providers/App/App';
 import store from 'store';
@@ -23,27 +24,31 @@ jest.mock('react-router-dom', () => ({
 	}),
 }));
 
-jest.mock('container/QueryBuilder/filters', () => ({
-	AggregatorFilter: ({ onSelect, onChange, defaultValue }: any): JSX.Element => (
-		<div data-testid="mock-aggregator-filter">
-			<input
-				data-testid="metric-name-input"
-				defaultValue={defaultValue}
-				onChange={(e: React.ChangeEvent<HTMLInputElement>): void =>
-					onChange({ key: e.target.value })
-				}
-			/>
-			<button
-				type="button"
-				data-testid="select-metric-button"
-				onClick={(): void => onSelect({ key: 'test_metric_2' })}
-			>
-				Select Metric
-			</button>
-		</div>
-	),
+jest.mock('api/generated/services/metrics', () => ({
+	useListMetrics: jest.fn().mockReturnValue({
+		isFetching: false,
+		isError: false,
+		data: { data: { metrics: [] } },
+	}),
+	useUpdateMetricMetadata: jest.fn().mockReturnValue({
+		mutate: jest.fn(),
+		isLoading: false,
+	}),
 }));
 
+jest.mock('hooks/useDebounce', () => ({
+	__esModule: true,
+	default: <T,>(value: T): T => value,
+}));
+
+jest.mock(
+	'container/QueryBuilder/filters/QueryBuilderSearch/OptionRenderer',
+	() => ({
+		__esModule: true,
+		default: ({ value }: { value: string }): JSX.Element => <span>{value}</span>,
+	}),
+);
+
 jest.spyOn(appContextHooks, 'useAppContext').mockReturnValue({
 	user: {
 		role: 'admin',
@@ -123,6 +128,24 @@ describe('QueryBuilder', () => {
 
 	it('should call setCurrentMetricName when metric name is selected', async () => {
 		const user = userEvent.setup();
+		(metricsService.useListMetrics as jest.Mock).mockReturnValue({
+			isFetching: false,
+			isError: false,
+			data: {
+				data: {
+					metrics: [
+						{
+							metricName: 'test_metric_2',
+							type: 'Sum',
+							isMonotonic: true,
+							description: '',
+							temporality: 'cumulative',
+							unit: '',
+						},
+					],
+				},
+			},
+		});
 
 		render(
 			<QueryClientProvider client={queryClient}>
@@ -137,8 +160,12 @@ describe('QueryBuilder', () => {
 
 		expect(screen.getByText('From')).toBeInTheDocument();
 
-		const selectButton = screen.getByTestId('select-metric-button');
-		await user.click(selectButton);
+		const input = within(metricNameSearch).getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'test_metric_2' } });
+
+		const options = document.querySelectorAll('.ant-select-item');
+		expect(options.length).toBeGreaterThan(0);
+		await user.click(options[0] as HTMLElement);
 
 		expect(mockSetCurrentMetricName).toHaveBeenCalledWith('test_metric_2');
 	});

frontend/src/container/MetricsExplorer/MetricDetails/AllAttributes.tsx

@@ -1,4 +1,4 @@
-import { useCallback, useMemo, useState } from 'react';
+import { useCallback, useMemo, useRef, useState } from 'react';
 import { useCopyToClipboard } from 'react-use';
 import {
 	Button,
@@ -6,7 +6,7 @@ import {
 	Input,
 	Menu,
 	Popover,
-	Skeleton,
+	Tooltip,
 	Typography,
 } from 'antd';
 import { ColumnsType } from 'antd/es/table';
@@ -14,148 +14,50 @@ import logEvent from 'api/common/logEvent';
 import { useGetMetricAttributes } from 'api/generated/services/metrics';
 import { ResizeTable } from 'components/ResizeTable';
 import { DataType } from 'container/LogDetailedView/TableView';
-import { useNotifications } from 'hooks/useNotifications';
-import { Compass, Copy, Search } from 'lucide-react';
+import { Check, Copy, Info, Search, SquareArrowOutUpRight } from 'lucide-react';
 
 import { PANEL_TYPES } from '../../../constants/queryBuilder';
 import ROUTES from '../../../constants/routes';
 import { useHandleExplorerTabChange } from '../../../hooks/useHandleExplorerTabChange';
 import { MetricsExplorerEventKeys, MetricsExplorerEvents } from '../events';
-import MetricDetailsErrorState from './MetricDetailsErrorState';
 import {
-	AllAttributesEmptyTextProps,
-	AllAttributesProps,
-	AllAttributesValueProps,
-} from './types';
+	AllAttributesEmptyText,
+	AllAttributesValue,
+} from './AllAttributesValue';
+import { AllAttributesProps } from './types';
 import { getMetricDetailsQuery } from './utils';
 
 const ALL_ATTRIBUTES_KEY = 'all-attributes';
-
-function AllAttributesEmptyText({
-	isErrorAttributes,
-	refetchAttributes,
-}: AllAttributesEmptyTextProps): JSX.Element {
-	if (isErrorAttributes) {
-		return (
-			<div className="all-attributes-error-state">
-				<MetricDetailsErrorState
-					refetch={refetchAttributes}
-					errorMessage="Something went wrong while fetching attributes"
-				/>
-			</div>
-		);
-	}
-	return <Typography.Text>No attributes found</Typography.Text>;
-}
-
-export function AllAttributesValue({
-	filterKey,
-	filterValue,
-	goToMetricsExploreWithAppliedAttribute,
-}: AllAttributesValueProps): JSX.Element {
-	const [visibleIndex, setVisibleIndex] = useState(5);
-	const [attributePopoverKey, setAttributePopoverKey] = useState<string | null>(
-		null,
-	);
-	const [, copyToClipboard] = useCopyToClipboard();
-	const { notifications } = useNotifications();
-
-	const handleShowMore = (): void => {
-		setVisibleIndex(visibleIndex + 5);
-	};
-
-	const handleMenuItemClick = useCallback(
-		(key: string, attribute: string): void => {
-			switch (key) {
-				case 'open-in-explorer':
-					goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
-					break;
-				case 'copy-attribute':
-					copyToClipboard(attribute);
-					notifications.success({
-						message: 'Attribute copied!',
-					});
-					break;
-				default:
-					break;
-			}
-			setAttributePopoverKey(null);
-		},
-		[
-			goToMetricsExploreWithAppliedAttribute,
-			filterKey,
-			copyToClipboard,
-			notifications,
-		],
-	);
-
-	const attributePopoverContent = useCallback(
-		(attribute: string) => (
-			<Menu
-				items={[
-					{
-						icon: <Compass size={16} />,
-						label: 'Open in Explorer',
-						key: 'open-in-explorer',
-					},
-					{
-						icon: <Copy size={16} />,
-						label: 'Copy Attribute',
-						key: 'copy-attribute',
-					},
-				]}
-				onClick={(info): void => {
-					handleMenuItemClick(info.key, attribute);
-				}}
-			/>
-		),
-		[handleMenuItemClick],
-	);
-	return (
-		<div className="all-attributes-value">
-			{filterValue.slice(0, visibleIndex).map((attribute) => (
-				<Popover
-					key={attribute}
-					content={attributePopoverContent(attribute)}
-					trigger="click"
-					open={attributePopoverKey === `${filterKey}-${attribute}`}
-					onOpenChange={(open): void => {
-						if (!open) {
-							setAttributePopoverKey(null);
-						} else {
-							setAttributePopoverKey(`${filterKey}-${attribute}`);
-						}
-					}}
-				>
-					<Button key={attribute} type="text">
-						<Typography.Text>{attribute}</Typography.Text>
-					</Button>
-				</Popover>
-			))}
-			{visibleIndex < filterValue.length && (
-				<Button type="text" onClick={handleShowMore}>
-					Show More
-				</Button>
-			)}
-		</div>
-	);
-}
+const COPY_FEEDBACK_DURATION_MS = 1500;
 
 function AllAttributes({
 	metricName,
 	metricType,
+	isMonotonic,
+	minTime,
+	maxTime,
 }: AllAttributesProps): JSX.Element {
 	const [searchString, setSearchString] = useState('');
 	const [activeKey, setActiveKey] = useState<string[]>([ALL_ATTRIBUTES_KEY]);
+	const [keyPopoverOpen, setKeyPopoverOpen] = useState<string | null>(null);
+	const [copiedKey, setCopiedKey] = useState<string | null>(null);
+	const [, copyToClipboard] = useCopyToClipboard();
+	const copyTimerRef = useRef<ReturnType<typeof setTimeout>>();
 
 	const {
 		data: attributesData,
 		isLoading: isLoadingAttributes,
 		isError: isErrorAttributes,
 		refetch: refetchAttributes,
-	} = useGetMetricAttributes({
-		metricName,
-	});
+	} = useGetMetricAttributes(
+		{
+			metricName,
+		},
+		{
+			start: minTime ? Math.floor(minTime / 1000000) : undefined,
+			end: maxTime ? Math.floor(maxTime / 1000000) : undefined,
+		},
+	);
 
 	const attributes = useMemo(() => attributesData?.data.attributes ?? [], [
 		attributesData,
@@ -164,12 +66,15 @@ function AllAttributes({
 	const { handleExplorerTabChange } = useHandleExplorerTabChange();
 
 	const goToMetricsExplorerwithAppliedSpaceAggregation = useCallback(
-		(groupBy: string) => {
+		(groupBy: string, valueCount?: number) => {
+			const limit = valueCount && valueCount > 250 ? 100 : undefined;
 			const compositeQuery = getMetricDetailsQuery(
 				metricName,
 				metricType,
 				undefined,
 				groupBy,
+				limit,
+				isMonotonic,
 			);
 			handleExplorerTabChange(
 				PANEL_TYPES.TIME_SERIES,
@@ -179,6 +84,7 @@ function AllAttributes({
 					id: metricName,
 				},
 				ROUTES.METRICS_EXPLORER_EXPLORER,
+				true,
 			);
 			logEvent(MetricsExplorerEvents.OpenInExplorerClicked, {
 				[MetricsExplorerEventKeys.MetricName]: metricName,
@@ -187,15 +93,19 @@ function AllAttributes({
 				[MetricsExplorerEventKeys.AttributeKey]: groupBy,
 			});
 		},
-		[metricName, metricType, handleExplorerTabChange],
+		[metricName, metricType, isMonotonic, handleExplorerTabChange],
 	);
 
 	const goToMetricsExploreWithAppliedAttribute = useCallback(
 		(key: string, value: string) => {
-			const compositeQuery = getMetricDetailsQuery(metricName, metricType, {
-				key,
-				value,
-			});
+			const compositeQuery = getMetricDetailsQuery(
+				metricName,
+				metricType,
+				{ key, value },
+				undefined,
+				undefined,
+				isMonotonic,
+			);
 			handleExplorerTabChange(
 				PANEL_TYPES.TIME_SERIES,
 				{
@@ -204,6 +114,7 @@ function AllAttributes({
 					id: metricName,
 				},
 				ROUTES.METRICS_EXPLORER_EXPLORER,
+				true,
 			);
 			logEvent(MetricsExplorerEvents.OpenInExplorerClicked, {
 				[MetricsExplorerEventKeys.MetricName]: metricName,
@@ -213,7 +124,29 @@ function AllAttributes({
 				[MetricsExplorerEventKeys.AttributeValue]: value,
 			});
 		},
-		[metricName, metricType, handleExplorerTabChange],
+		[metricName, metricType, isMonotonic, handleExplorerTabChange],
+	);
+
+	const handleKeyMenuItemClick = useCallback(
+		(menuKey: string, attributeKey: string, valueCount?: number): void => {
+			switch (menuKey) {
+				case 'open-in-explorer':
+					goToMetricsExplorerwithAppliedSpaceAggregation(attributeKey, valueCount);
+					break;
+				case 'copy-key':
+					copyToClipboard(attributeKey);
+					setCopiedKey(attributeKey);
+					clearTimeout(copyTimerRef.current);
+					copyTimerRef.current = setTimeout(() => {
+						setCopiedKey(null);
+					}, COPY_FEEDBACK_DURATION_MS);
+					break;
+				default:
+					break;
+			}
+			setKeyPopoverOpen(null);
+		},
+		[goToMetricsExplorerwithAppliedSpaceAggregation, copyToClipboard],
 	);
 
 	const filteredAttributes = useMemo(
@@ -254,21 +187,57 @@ function AllAttributes({
 				width: 50,
 				align: 'left',
 				className: 'metric-metadata-key',
-				render: (field: { label: string; contribution: number }): JSX.Element => (
-					<div className="all-attributes-key">
-						<Button
-							type="text"
-							onClick={(): void =>
-								goToMetricsExplorerwithAppliedSpaceAggregation(field.label)
-							}
-						>
-							<Typography.Text>{field.label}</Typography.Text>
-						</Button>
-						<Typography.Text className="all-attributes-contribution">
-							{field.contribution}
-						</Typography.Text>
-					</div>
-				),
+				render: (field: { label: string; contribution: number }): JSX.Element => {
+					const isCopied = copiedKey === field.label;
+					return (
+						<div className="all-attributes-key">
+							<Popover
+								content={
+									<Menu
+										items={[
+											{
+												icon: <SquareArrowOutUpRight size={14} />,
+												label: 'Open in Metric Explorer',
+												key: 'open-in-explorer',
+											},
+											{
+												icon: <Copy size={14} />,
+												label: 'Copy Key',
+												key: 'copy-key',
+											},
+										]}
+										onClick={(info): void => {
+											handleKeyMenuItemClick(info.key, field.label, field.contribution);
+										}}
+									/>
+								}
+								trigger="click"
+								placement="right"
+								overlayClassName="metric-details-popover attribute-key-popover-overlay"
+								open={keyPopoverOpen === field.label}
+								onOpenChange={(open): void => {
+									if (!open) {
+										setKeyPopoverOpen(null);
+									} else {
+										setKeyPopoverOpen(field.label);
+									}
+								}}
+							>
+								<Button type="text">
+									<Typography.Text>{field.label}</Typography.Text>
+								</Button>
+							</Popover>
+							{isCopied && (
+								<span className="copy-feedback">
+									<Check size={12} />
+								</span>
+							)}
+							<Typography.Text className="all-attributes-contribution">
+								{field.contribution}
+							</Typography.Text>
+						</div>
+					);
+				},
 			},
 			{
 				title: 'Value',
@@ -291,7 +260,9 @@ function AllAttributes({
 		],
 		[
 			goToMetricsExploreWithAppliedAttribute,
-			goToMetricsExplorerwithAppliedSpaceAggregation,
+			handleKeyMenuItemClick,
+			keyPopoverOpen,
+			copiedKey,
 		],
 	);
 
@@ -300,7 +271,12 @@ function AllAttributes({
 			{
 				label: (
 					<div className="metrics-accordion-header">
-						<Typography.Text>All Attributes</Typography.Text>
+						<div className="all-attributes-header-title">
+							<Typography.Text>All Attributes</Typography.Text>
+							<Tooltip title="Showing attributes for the selected time range">
+								<Info size={14} />
+							</Tooltip>
+						</div>
 						<Input
 							className="all-attributes-search-input"
 							placeholder="Search"
@@ -329,7 +305,9 @@ function AllAttributes({
 						className="metrics-accordion-content all-attributes-content"
 						scroll={{ y: 600 }}
 						locale={{
-							emptyText: (
+							emptyText: isLoadingAttributes ? (
+								' '
+							) : (
 								<AllAttributesEmptyText
 									isErrorAttributes={isErrorAttributes}
 									refetchAttributes={refetchAttributes}
@@ -350,14 +328,6 @@ function AllAttributes({
 		],
 	);
 
-	if (isLoadingAttributes) {
-		return (
-			<div className="all-attributes-skeleton-container">
-				<Skeleton active paragraph={{ rows: 8 }} />
-			</div>
-		);
-	}
-
 	return (
 		<Collapse
 			bordered

frontend/src/container/MetricsExplorer/MetricDetails/AllAttributesValue.tsx

@@ -0,0 +1,212 @@
+import { useCallback, useMemo, useRef, useState } from 'react';
+import { useCopyToClipboard } from 'react-use';
+import { Button, Input, Menu, Popover, Tooltip, Typography } from 'antd';
+import { Check, Copy, Search, SquareArrowOutUpRight } from 'lucide-react';
+
+import MetricDetailsErrorState from './MetricDetailsErrorState';
+import { AllAttributesEmptyTextProps, AllAttributesValueProps } from './types';
+
+const INITIAL_VISIBLE_COUNT = 5;
+const COPY_FEEDBACK_DURATION_MS = 1500;
+
+export function AllAttributesEmptyText({
+	isErrorAttributes,
+	refetchAttributes,
+}: AllAttributesEmptyTextProps): JSX.Element {
+	if (isErrorAttributes) {
+		return (
+			<div className="all-attributes-error-state">
+				<MetricDetailsErrorState
+					refetch={refetchAttributes}
+					errorMessage="Something went wrong while fetching attributes"
+				/>
+			</div>
+		);
+	}
+	return <Typography.Text>No attributes found</Typography.Text>;
+}
+
+export function AllAttributesValue({
+	filterKey,
+	filterValue,
+	goToMetricsExploreWithAppliedAttribute,
+}: AllAttributesValueProps): JSX.Element {
+	const [attributePopoverKey, setAttributePopoverKey] = useState<string | null>(
+		null,
+	);
+	const [allValuesOpen, setAllValuesOpen] = useState(false);
+	const [allValuesSearch, setAllValuesSearch] = useState('');
+	const [copiedValue, setCopiedValue] = useState<string | null>(null);
+	const [, copyToClipboard] = useCopyToClipboard();
+	const copyTimerRef = useRef<ReturnType<typeof setTimeout>>();
+
+	const handleCopyWithFeedback = useCallback(
+		(value: string): void => {
+			copyToClipboard(value);
+			setCopiedValue(value);
+			clearTimeout(copyTimerRef.current);
+			copyTimerRef.current = setTimeout(() => {
+				setCopiedValue(null);
+			}, COPY_FEEDBACK_DURATION_MS);
+		},
+		[copyToClipboard],
+	);
+
+	const handleMenuItemClick = useCallback(
+		(key: string, attribute: string): void => {
+			switch (key) {
+				case 'open-in-explorer':
+					goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
+					break;
+				case 'copy-value':
+					handleCopyWithFeedback(attribute);
+					break;
+				default:
+					break;
+			}
+			setAttributePopoverKey(null);
+		},
+		[goToMetricsExploreWithAppliedAttribute, filterKey, handleCopyWithFeedback],
+	);
+
+	const attributePopoverContent = useCallback(
+		(attribute: string) => (
+			<Menu
+				items={[
+					{
+						icon: <SquareArrowOutUpRight size={14} />,
+						label: 'Open in Metric Explorer',
+						key: 'open-in-explorer',
+					},
+					{
+						icon: <Copy size={14} />,
+						label: 'Copy Value',
+						key: 'copy-value',
+					},
+				]}
+				onClick={(info): void => {
+					handleMenuItemClick(info.key, attribute);
+				}}
+			/>
+		),
+		[handleMenuItemClick],
+	);
+
+	const filteredAllValues = useMemo(
+		() =>
+			allValuesSearch
+				? filterValue.filter((v) =>
+						v.toLowerCase().includes(allValuesSearch.toLowerCase()),
+				  )
+				: filterValue,
+		[filterValue, allValuesSearch],
+	);
+
+	const allValuesPopoverContent = (
+		<div className="all-values-popover">
+			<Input
+				placeholder="Search values"
+				size="small"
+				prefix={<Search size={12} />}
+				value={allValuesSearch}
+				onChange={(e): void => setAllValuesSearch(e.target.value)}
+				allowClear
+			/>
+			<div className="all-values-list">
+				{allValuesOpen &&
+					filteredAllValues.map((attribute) => {
+						const isCopied = copiedValue === attribute;
+						return (
+							<div key={attribute} className="all-values-item">
+								<Typography.Text ellipsis className="all-values-item-text">
+									{attribute}
+								</Typography.Text>
+								<div className="all-values-item-actions">
+									<Tooltip title={isCopied ? 'Copied!' : 'Copy value'}>
+										<Button
+											type="text"
+											size="small"
+											className={isCopied ? 'copy-success' : ''}
+											icon={isCopied ? <Check size={12} /> : <Copy size={12} />}
+											onClick={(): void => {
+												handleCopyWithFeedback(attribute);
+											}}
+										/>
+									</Tooltip>
+									<Tooltip title="Open in Metric Explorer">
+										<Button
+											type="text"
+											size="small"
+											icon={<SquareArrowOutUpRight size={12} />}
+											onClick={(): void => {
+												goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
+												setAllValuesOpen(false);
+											}}
+										/>
+									</Tooltip>
+								</div>
+							</div>
+						);
+					})}
+				{allValuesOpen && filteredAllValues.length === 0 && (
+					<Typography.Text type="secondary" className="all-values-empty">
+						No values found
+					</Typography.Text>
+				)}
+			</div>
+		</div>
+	);
+
+	return (
+		<div className="all-attributes-value">
+			{filterValue.slice(0, INITIAL_VISIBLE_COUNT).map((attribute) => {
+				const isCopied = copiedValue === attribute;
+				return (
+					<div key={attribute} className="all-attributes-value-item">
+						<Popover
+							content={attributePopoverContent(attribute)}
+							trigger="click"
+							overlayClassName="metric-details-popover attribute-value-popover-overlay"
+							open={attributePopoverKey === `${filterKey}-${attribute}`}
+							onOpenChange={(open): void => {
+								if (!open) {
+									setAttributePopoverKey(null);
+								} else {
+									setAttributePopoverKey(`${filterKey}-${attribute}`);
+								}
+							}}
+						>
+							<Button type="text">
+								<Typography.Text>{attribute}</Typography.Text>
+							</Button>
+						</Popover>
+						{isCopied && (
+							<span className="copy-feedback">
+								<Check size={12} />
+							</span>
+						)}
+					</div>
+				);
+			})}
+			{filterValue.length > INITIAL_VISIBLE_COUNT && (
+				<Popover
+					content={allValuesPopoverContent}
+					trigger="click"
+					open={allValuesOpen}
+					onOpenChange={(open): void => {
+						setAllValuesOpen(open);
+						if (!open) {
+							setAllValuesSearch('');
+							setCopiedValue(null);
+						}
+					}}
+					overlayClassName="metric-details-popover all-values-popover-overlay"
+				>
+					<Button type="text" className="all-values-button">
+						All values ({filterValue.length})
+					</Button>
+				</Popover>
+			)}
+		</div>
+	);
+}

frontend/src/container/MetricsExplorer/MetricDetails/DashboardsAndAlertsPopover.tsx

@@ -9,9 +9,7 @@ import {
 } from 'api/generated/services/metrics';
 import { QueryParams } from 'constants/query';
 import ROUTES from 'constants/routes';
-import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
-import history from 'lib/history';
 import { Bell, Grid } from 'lucide-react';
 import { pluralize } from 'utils/pluralize';
 
@@ -20,7 +18,6 @@ import { DashboardsAndAlertsPopoverProps } from './types';
 function DashboardsAndAlertsPopover({
 	metricName,
 }: DashboardsAndAlertsPopoverProps): JSX.Element | null {
-	const { safeNavigate } = useSafeNavigate();
 	const params = useUrlQuery();
 
 	const {
@@ -75,7 +72,7 @@ function DashboardsAndAlertsPopover({
 						key={alert.alertId}
 						onClick={(): void => {
 							params.set(QueryParams.ruleId, alert.alertId);
-							history.push(`${ROUTES.ALERT_OVERVIEW}?${params.toString()}`);
+							window.open(`${ROUTES.ALERT_OVERVIEW}?${params.toString()}`, '_blank');
 						}}
 						className="dashboards-popover-content-item"
 					>
@@ -95,10 +92,11 @@ function DashboardsAndAlertsPopover({
 					<Typography.Link
 						key={dashboard.dashboardId}
 						onClick={(): void => {
-							safeNavigate(
+							window.open(
 								generatePath(ROUTES.DASHBOARD, {
 									dashboardId: dashboard.dashboardId,
 								}),
+								'_blank',
 							);
 						}}
 						className="dashboards-popover-content-item"
@@ -109,7 +107,7 @@ function DashboardsAndAlertsPopover({
 			}));
 		}
 		return null;
-	}, [dashboards, safeNavigate]);
+	}, [dashboards]);
 
 	if (isLoadingAlerts || isLoadingDashboards) {
 		return (

frontend/src/container/MetricsExplorer/MetricDetails/Highlights.tsx

@@ -1,5 +1,5 @@
 import { Color } from '@signozhq/design-tokens';
-import { Button, Skeleton, Tooltip, Typography } from 'antd';
+import { Button, Spin, Tooltip, Typography } from 'antd';
 import { useGetMetricHighlights } from 'api/generated/services/metrics';
 import { InfoIcon } from 'lucide-react';
 
@@ -39,17 +39,6 @@ function Highlights({ metricName }: HighlightsProps): JSX.Element {
 		metricHighlights?.lastReceived,
 	);
 
-	if (isLoadingMetricHighlights) {
-		return (
-			<div
-				className="metric-details-content-grid"
-				data-testid="metric-highlights-loading-state"
-			>
-				<Skeleton title={false} paragraph={{ rows: 2 }} active />
-			</div>
-		);
-	}
-
 	if (isErrorMetricHighlights) {
 		return (
 			<div className="metric-details-content-grid">
@@ -89,32 +78,41 @@ function Highlights({ metricName }: HighlightsProps): JSX.Element {
 				</Typography.Text>
 			</div>
 			<div className="values-row">
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-data-points"
-				>
-					<Tooltip title={metricHighlights?.dataPoints?.toLocaleString()}>
-						{formatNumberIntoHumanReadableFormat(metricHighlights?.dataPoints ?? 0)}
-					</Tooltip>
-				</Typography.Text>
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-time-series-total"
-				>
-					<Tooltip
-						title="Active time series are those that have received data points in the last 1
-					hour."
-						placement="top"
-					>
-						<span>{`${timeSeriesTotal} total ⎯ ${timeSeriesActive} active`}</span>
-					</Tooltip>
-				</Typography.Text>
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-last-received"
-				>
-					<Tooltip title={lastReceivedText}>{lastReceivedText}</Tooltip>
-				</Typography.Text>
+				{isLoadingMetricHighlights ? (
+					<div className="metric-highlights-loading-inline">
+						<Spin size="small" />
+						<Typography.Text type="secondary">Loading metric stats</Typography.Text>
+					</div>
+				) : (
+					<>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-data-points"
+						>
+							<Tooltip title={metricHighlights?.dataPoints?.toLocaleString()}>
+								{formatNumberIntoHumanReadableFormat(metricHighlights?.dataPoints ?? 0)}
+							</Tooltip>
+						</Typography.Text>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-time-series-total"
+						>
+							<Tooltip
+								title="Active time series are those that have received data points in the last 1
+							hour."
+								placement="top"
+							>
+								<span>{`${timeSeriesTotal} total ⎯ ${timeSeriesActive} active`}</span>
+							</Tooltip>
+						</Typography.Text>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-last-received"
+						>
+							<Tooltip title={lastReceivedText}>{lastReceivedText}</Tooltip>
+						</Typography.Text>
+					</>
+				)}
 			</div>
 		</div>
 	);

frontend/src/container/MetricsExplorer/MetricDetails/Metadata.tsx

@@ -1,6 +1,6 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useQueryClient } from 'react-query';
-import { Button, Collapse, Input, Select, Skeleton, Typography } from 'antd';
+import { Button, Collapse, Input, Select, Spin, Typography } from 'antd';
 import { ColumnsType } from 'antd/es/table';
 import logEvent from 'api/common/logEvent';
 import {
@@ -334,7 +334,7 @@ function Metadata({
 						e.stopPropagation();
 						setIsEditing(true);
 					}}
-					disabled={isUpdatingMetricsMetadata}
+					disabled={isUpdatingMetricsMetadata || isLoadingMetricMetadata}
 				>
 					<Edit2 size={14} />
 					<Typography.Text>Edit</Typography.Text>
@@ -345,6 +345,7 @@ function Metadata({
 		isEditing,
 		isErrorMetricMetadata,
 		isUpdatingMetricsMetadata,
+		isLoadingMetricMetadata,
 		cancelEdit,
 		handleSave,
 	]);
@@ -359,7 +360,11 @@ function Metadata({
 					</div>
 				),
 				key: 'metric-metadata',
-				children: isErrorMetricMetadata ? (
+				children: isLoadingMetricMetadata ? (
+					<div className="metrics-accordion-loading-state">
+						<Spin size="small" />
+					</div>
+				) : isErrorMetricMetadata ? (
 					<div className="metric-metadata-error-state">
 						<MetricDetailsErrorState
 							refetch={refetchMetricMetadata}
@@ -381,20 +386,13 @@ function Metadata({
 		[
 			actionButton,
 			columns,
+			isLoadingMetricMetadata,
 			isErrorMetricMetadata,
 			refetchMetricMetadata,
 			tableData,
 		],
 	);
 
-	if (isLoadingMetricMetadata) {
-		return (
-			<div className="metrics-metadata-skeleton-container">
-				<Skeleton active paragraph={{ rows: 8 }} />
-			</div>
-		);
-	}
-
 	return (
 		<Collapse
 			bordered

frontend/src/container/MetricsExplorer/MetricDetails/MetricDetails.styles.scss

@@ -52,6 +52,13 @@
 				align-items: center;
 			}
 
+			.metric-highlights-loading-inline {
+				grid-column: 1 / -1;
+				display: flex;
+				align-items: center;
+				gap: 8px;
+			}
+
 			.metric-highlights-error-state {
 				display: flex;
 				gap: 8px;
@@ -120,12 +127,11 @@
 			}
 		}
 
-		.metrics-metadata-skeleton-container {
-			height: 330px;
-		}
-
-		.all-attributes-skeleton-container {
-			height: 600px;
+		.metrics-accordion-loading-state {
+			display: flex;
+			justify-content: center;
+			align-items: center;
+			padding: 24px;
 		}
 
 		.metrics-accordion {
@@ -153,6 +159,18 @@
 				justify-content: space-between;
 				align-items: center;
 				height: 36px;
+
+				.all-attributes-header-title {
+					display: flex;
+					align-items: center;
+					gap: 6px;
+
+					.lucide-info {
+						cursor: pointer;
+						color: var(--bg-vanilla-400);
+					}
+				}
+
 				.ant-typography {
 					font-family: 'Geist Mono';
 					color: var(--bg-robin-400);
@@ -186,6 +204,7 @@
 					.all-attributes-key {
 						display: flex;
 						justify-content: space-between;
+						align-items: center;
 						.ant-btn {
 							.ant-typography:first-child {
 								font-family: 'Geist Mono';
@@ -193,17 +212,15 @@
 								background-color: transparent;
 							}
 						}
+						.copy-feedback {
+							display: inline-flex;
+							align-items: center;
+							color: var(--bg-forest-500);
+							animation: fade-in-out 1.5s ease-in-out;
+						}
 						.all-attributes-contribution {
 							font-family: 'Geist Mono';
 							color: var(--bg-vanilla-400);
-							background-color: rgba(171, 189, 255, 0.1);
-							height: 24px;
-							min-width: 24px;
-							border-radius: 50%;
-							text-align: center;
-							display: flex;
-							align-items: center;
-							justify-content: center;
 						}
 					}
 				}
@@ -228,6 +245,18 @@
 							background: var(--bg-slate-300);
 							border-radius: 1px;
 						}
+						.all-attributes-value-item {
+							display: flex;
+							align-items: center;
+							gap: 4px;
+
+							.copy-feedback {
+								display: inline-flex;
+								align-items: center;
+								color: var(--bg-forest-500);
+								animation: fade-in-out 1.5s ease-in-out;
+							}
+						}
 						.ant-btn {
 							text-align: left;
 							width: fit-content;
@@ -259,10 +288,8 @@
 			}
 
 			.metric-metadata-key {
-				cursor: pointer;
 				padding-left: 10px;
 				vertical-align: middle;
-				text-align: center;
 				.field-renderer-container {
 					.label {
 						color: var(--bg-vanilla-400);
@@ -383,9 +410,8 @@
 					}
 
 					.all-attributes-key {
-						.ant-typography:last-child {
-							color: var(--bg-vanilla-200);
-							background-color: var(--bg-robin-300);
+						.all-attributes-contribution {
+							color: var(--bg-slate-400);
 						}
 					}
 				}
@@ -448,3 +474,146 @@
 	height: 100%;
 	width: 100%;
 }
+
+.attribute-key-popover-overlay {
+	.ant-popover-inner {
+		padding: 0 !important;
+		border-radius: 4px;
+		border: 1px solid var(--bg-slate-400);
+		background: linear-gradient(
+			139deg,
+			rgba(18, 19, 23, 0.8) 0%,
+			rgba(18, 19, 23, 0.9) 98.68%
+		);
+		box-shadow: 4px 10px 16px 2px rgba(0, 0, 0, 0.2);
+		backdrop-filter: blur(20px);
+	}
+
+	.ant-menu {
+		font-size: 12px;
+		background: transparent;
+
+		.ant-menu-item {
+			height: 32px;
+			line-height: 32px;
+			padding: 0 12px;
+			font-size: 12px;
+		}
+	}
+}
+
+.all-values-popover-overlay {
+	.ant-popover-inner {
+		padding: 0 !important;
+		border-radius: 4px;
+		border: 1px solid var(--bg-slate-400);
+		background: linear-gradient(
+			139deg,
+			rgba(18, 19, 23, 0.8) 0%,
+			rgba(18, 19, 23, 0.9) 98.68%
+		);
+		box-shadow: 4px 10px 16px 2px rgba(0, 0, 0, 0.2);
+		backdrop-filter: blur(20px);
+	}
+}
+
+.all-values-popover {
+	width: 320px;
+	display: flex;
+	flex-direction: column;
+	gap: 8px;
+	padding: 12px;
+
+	.all-values-list {
+		max-height: 300px;
+		overflow-y: auto;
+		display: flex;
+		flex-direction: column;
+		gap: 4px;
+
+		&::-webkit-scrollbar {
+			width: 2px;
+		}
+
+		&::-webkit-scrollbar-track {
+			background: transparent;
+		}
+
+		&::-webkit-scrollbar-thumb {
+			background: var(--bg-slate-300);
+			border-radius: 1px;
+		}
+	}
+
+	.all-values-item {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+		padding: 4px 8px;
+		border-radius: 4px;
+		gap: 8px;
+
+		&:hover {
+			background: rgba(255, 255, 255, 0.04);
+		}
+
+		.all-values-item-text {
+			flex: 1;
+			min-width: 0;
+			font-family: 'Geist Mono';
+			font-size: 12px;
+		}
+
+		.all-values-item-actions {
+			display: flex;
+			gap: 2px;
+			flex-shrink: 0;
+
+			.copy-success {
+				color: var(--bg-forest-500);
+			}
+		}
+	}
+
+	.all-values-empty {
+		padding: 8px;
+		text-align: center;
+	}
+}
+
+.all-values-button {
+	color: var(--bg-robin-400) !important;
+}
+
+.lightMode {
+	.attribute-key-popover-overlay,
+	.all-values-popover-overlay {
+		.ant-popover-inner {
+			border: 1px solid var(--bg-vanilla-400);
+			background: var(--bg-vanilla-100) !important;
+		}
+	}
+
+	.all-values-popover {
+		.all-values-item {
+			&:hover {
+				background: rgba(0, 0, 0, 0.04);
+			}
+		}
+	}
+}
+
+@keyframes fade-in-out {
+	0% {
+		opacity: 0;
+	}
+	15% {
+		opacity: 1;
+	}
+	85% {
+		opacity: 1;
+	}
+	100% {
+		opacity: 0;
+	}
+}

frontend/src/container/MetricsExplorer/MetricDetails/MetricDetails.tsx

@@ -1,10 +1,14 @@
 import { useCallback, useEffect, useMemo } from 'react';
+// eslint-disable-next-line no-restricted-imports
+import { useSelector } from 'react-redux';
 import { Color } from '@signozhq/design-tokens';
 import { Button, Divider, Drawer, Typography } from 'antd';
 import logEvent from 'api/common/logEvent';
 import { useGetMetricMetadata } from 'api/generated/services/metrics';
 import { useIsDarkMode } from 'hooks/useDarkMode';
 import { Compass, Crosshair, X } from 'lucide-react';
+import { AppState } from 'store/reducers';
+import { GlobalReducer } from 'types/reducer/globalTime';
 
 import { PANEL_TYPES } from '../../../constants/queryBuilder';
 import ROUTES from '../../../constants/routes';
@@ -29,6 +33,9 @@ function MetricDetails({
 }: MetricDetailsProps): JSX.Element {
 	const isDarkMode = useIsDarkMode();
 	const { handleExplorerTabChange } = useHandleExplorerTabChange();
+	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
 
 	const {
 		data: metricMetadataResponse,
@@ -73,7 +80,14 @@ function MetricDetails({
 
 	const goToMetricsExplorerwithSelectedMetric = useCallback(() => {
 		if (metricName) {
-			const compositeQuery = getMetricDetailsQuery(metricName, metadata?.type);
+			const compositeQuery = getMetricDetailsQuery(
+				metricName,
+				metadata?.type,
+				undefined,
+				undefined,
+				undefined,
+				metadata?.isMonotonic,
+			);
 			handleExplorerTabChange(
 				PANEL_TYPES.TIME_SERIES,
 				{
@@ -82,6 +96,7 @@ function MetricDetails({
 					id: metricName,
 				},
 				ROUTES.METRICS_EXPLORER_EXPLORER,
+				true,
 			);
 			logEvent(MetricsExplorerEvents.OpenInExplorerClicked, {
 				[MetricsExplorerEventKeys.MetricName]: metricName,
@@ -89,7 +104,12 @@ function MetricDetails({
 				[MetricsExplorerEventKeys.Modal]: 'metric-details',
 			});
 		}
-	}, [metricName, handleExplorerTabChange, metadata?.type]);
+	}, [
+		metricName,
+		handleExplorerTabChange,
+		metadata?.type,
+		metadata?.isMonotonic,
+	]);
 
 	useEffect(() => {
 		logEvent(MetricsExplorerEvents.ModalOpened, {
@@ -100,6 +120,21 @@ function MetricDetails({
 	const isActionButtonDisabled =
 		!metricName || isLoadingMetricMetadata || isErrorMetricMetadata;
 
+	const handleDrawerClose = useCallback(
+		(e: React.MouseEvent | React.KeyboardEvent): void => {
+			if ('key' in e && e.key === 'Escape') {
+				const openPopover = document.querySelector(
+					'.metric-details-popover:not(.ant-popover-hidden)',
+				);
+				if (openPopover) {
+					return;
+				}
+			}
+			onClose();
+		},
+		[onClose],
+	);
+
 	return (
 		<Drawer
 			width="60%"
@@ -137,7 +172,7 @@ function MetricDetails({
 				</div>
 			}
 			placement="right"
-			onClose={onClose}
+			onClose={handleDrawerClose}
 			open={isOpen}
 			style={{
 				overscrollBehavior: 'contain',
@@ -157,7 +192,13 @@ function MetricDetails({
 					isLoadingMetricMetadata={isLoadingMetricMetadata}
 					refetchMetricMetadata={refetchMetricMetadata}
 				/>
-				<AllAttributes metricName={metricName} metricType={metadata?.type} />
+				<AllAttributes
+					metricName={metricName}
+					metricType={metadata?.type}
+					isMonotonic={metadata?.isMonotonic}
+					minTime={minTime}
+					maxTime={maxTime}
+				/>
 			</div>
 		</Drawer>
 	);

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/AllAttributes.test.tsx

@@ -1,12 +1,11 @@
-import * as reactUseHooks from 'react-use';
 import { render, screen } from '@testing-library/react';
 import * as metricsExplorerHooks from 'api/generated/services/metrics';
 import { MetrictypesTypeDTO } from 'api/generated/services/sigNoz.schemas';
-import * as useHandleExplorerTabChange from 'hooks/useHandleExplorerTabChange';
 import { userEvent } from 'tests/test-utils';
 
 import ROUTES from '../../../../constants/routes';
-import AllAttributes, { AllAttributesValue } from '../AllAttributes';
+import AllAttributes from '../AllAttributes';
+import { AllAttributesValue } from '../AllAttributesValue';
 import { getMockMetricAttributesData, MOCK_METRIC_NAME } from './testUtlls';
 
 jest.mock('react-router-dom', () => ({
@@ -15,17 +14,6 @@ jest.mock('react-router-dom', () => ({
 		pathname: `${ROUTES.METRICS_EXPLORER}`,
 	}),
 }));
-const mockHandleExplorerTabChange = jest.fn();
-jest
-	.spyOn(useHandleExplorerTabChange, 'useHandleExplorerTabChange')
-	.mockReturnValue({
-		handleExplorerTabChange: mockHandleExplorerTabChange,
-	});
-
-const mockUseCopyToClipboard = jest.fn();
-jest
-	.spyOn(reactUseHooks, 'useCopyToClipboard')
-	.mockReturnValue([{ value: 'value1' }, mockUseCopyToClipboard] as any);
 
 const useGetMetricAttributesMock = jest.spyOn(
 	metricsExplorerHooks,
@@ -34,12 +22,13 @@ const useGetMetricAttributesMock = jest.spyOn(
 
 describe('AllAttributes', () => {
 	beforeEach(() => {
+		jest.clearAllMocks();
 		useGetMetricAttributesMock.mockReturnValue({
 			...getMockMetricAttributesData(),
 		});
 	});
 
-	it('renders attributes section with title', () => {
+	it('renders attribute keys, values, and value counts from API data', () => {
 		render(
 			<AllAttributes
 				metricName={MOCK_METRIC_NAME}
@@ -47,39 +36,13 @@ describe('AllAttributes', () => {
 			/>,
 		);
 
-		expect(screen.getByText('All Attributes')).toBeInTheDocument();
-	});
-
-	it('renders all attribute keys and values', () => {
-		render(
-			<AllAttributes
-				metricName={MOCK_METRIC_NAME}
-				metricType={MetrictypesTypeDTO.gauge}
-			/>,
-		);
-
-		// Check attribute keys are rendered
 		expect(screen.getByText('attribute1')).toBeInTheDocument();
 		expect(screen.getByText('attribute2')).toBeInTheDocument();
-
-		// Check attribute values are rendered
 		expect(screen.getByText('value1')).toBeInTheDocument();
 		expect(screen.getByText('value2')).toBeInTheDocument();
 		expect(screen.getByText('value3')).toBeInTheDocument();
 	});
 
-	it('renders value counts correctly', () => {
-		render(
-			<AllAttributes
-				metricName={MOCK_METRIC_NAME}
-				metricType={MetrictypesTypeDTO.gauge}
-			/>,
-		);
-
-		expect(screen.getByText('2')).toBeInTheDocument(); // For attribute1
-		expect(screen.getByText('1')).toBeInTheDocument(); // For attribute2
-	});
-
 	it('handles empty attributes array', () => {
 		useGetMetricAttributesMock.mockReturnValue({
 			...getMockMetricAttributesData({
@@ -100,7 +63,7 @@ describe('AllAttributes', () => {
 		expect(screen.getByText('No attributes found')).toBeInTheDocument();
 	});
 
-	it('clicking on an attribute key opens the explorer with the attribute filter applied', async () => {
+	it('clicking on an attribute key shows popover with Open in Metric Explorer option', async () => {
 		render(
 			<AllAttributes
 				metricName={MOCK_METRIC_NAME}
@@ -108,7 +71,8 @@ describe('AllAttributes', () => {
 			/>,
 		);
 		await userEvent.click(screen.getByText('attribute1'));
-		expect(mockHandleExplorerTabChange).toHaveBeenCalled();
+		expect(screen.getByText('Open in Metric Explorer')).toBeInTheDocument();
+		expect(screen.getByText('Copy Key')).toBeInTheDocument();
 	});
 
 	it('filters attributes based on search input', async () => {
@@ -123,26 +87,66 @@ describe('AllAttributes', () => {
 		expect(screen.getByText('attribute1')).toBeInTheDocument();
 		expect(screen.getByText('value1')).toBeInTheDocument();
 	});
+
+	it('shows error state when attribute fetching fails', () => {
+		useGetMetricAttributesMock.mockReturnValue({
+			...getMockMetricAttributesData(
+				{
+					data: {
+						attributes: [],
+						totalKeys: 0,
+					},
+				},
+				{
+					isError: true,
+				},
+			),
+		});
+		render(
+			<AllAttributes
+				metricName={MOCK_METRIC_NAME}
+				metricType={MetrictypesTypeDTO.gauge}
+			/>,
+		);
+
+		expect(
+			screen.getByText('Something went wrong while fetching attributes'),
+		).toBeInTheDocument();
+	});
+
+	it('does not show misleading empty text while loading', () => {
+		useGetMetricAttributesMock.mockReturnValue({
+			...getMockMetricAttributesData(
+				{
+					data: {
+						attributes: [],
+						totalKeys: 0,
+					},
+				},
+				{
+					isLoading: true,
+				},
+			),
+		});
+		render(
+			<AllAttributes
+				metricName={MOCK_METRIC_NAME}
+				metricType={MetrictypesTypeDTO.gauge}
+			/>,
+		);
+
+		expect(screen.queryByText('No attributes found')).not.toBeInTheDocument();
+	});
 });
 
 describe('AllAttributesValue', () => {
 	const mockGoToMetricsExploreWithAppliedAttribute = jest.fn();
 
-	it('renders all attribute values', () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		expect(screen.getByText('value2')).toBeInTheDocument();
+	beforeEach(() => {
+		jest.clearAllMocks();
 	});
 
-	it('loads more attributes when show more button is clicked', async () => {
+	it('shows All values button when there are more than 5 values', () => {
 		render(
 			<AllAttributesValue
 				filterKey="attribute1"
@@ -153,58 +157,59 @@ describe('AllAttributesValue', () => {
 			/>,
 		);
 		expect(screen.queryByText('value6')).not.toBeInTheDocument();
-		await userEvent.click(screen.getByText('Show More'));
-		expect(screen.getByText('value6')).toBeInTheDocument();
+		expect(screen.getByText('All values (6)')).toBeInTheDocument();
 	});
 
-	it('does not render show more button when there are no more attributes to show', () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.queryByText('Show More')).not.toBeInTheDocument();
-	});
-
-	it('copy button should copy the attribute value to the clipboard', async () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('value1'));
-		expect(screen.getByText('Copy Attribute')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('Copy Attribute'));
-		expect(mockUseCopyToClipboard).toHaveBeenCalledWith('value1');
-	});
-
-	it('explorer button should go to metrics explore with the attribute filter applied', async () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('value1'));
-
-		expect(screen.getByText('Open in Explorer')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('Open in Explorer'));
-		expect(mockGoToMetricsExploreWithAppliedAttribute).toHaveBeenCalledWith(
-			'attribute1',
+	it('All values popover shows values beyond the initial 5', async () => {
+		const values = [
 			'value1',
+			'value2',
+			'value3',
+			'value4',
+			'value5',
+			'value6',
+			'value7',
+		];
+		render(
+			<AllAttributesValue
+				filterKey="attribute1"
+				filterValue={values}
+				goToMetricsExploreWithAppliedAttribute={
+					mockGoToMetricsExploreWithAppliedAttribute
+				}
+			/>,
 		);
+
+		await userEvent.click(screen.getByText('All values (7)'));
+
+		expect(screen.getByText('value6')).toBeInTheDocument();
+		expect(screen.getByText('value7')).toBeInTheDocument();
+	});
+
+	it('All values popover search filters the value list', async () => {
+		const values = [
+			'alpha',
+			'bravo',
+			'charlie',
+			'delta',
+			'echo',
+			'fig-special',
+			'golf-target',
+		];
+		render(
+			<AllAttributesValue
+				filterKey="attribute1"
+				filterValue={values}
+				goToMetricsExploreWithAppliedAttribute={
+					mockGoToMetricsExploreWithAppliedAttribute
+				}
+			/>,
+		);
+
+		await userEvent.click(screen.getByText('All values (7)'));
+		await userEvent.type(screen.getByPlaceholderText('Search values'), 'golf');
+
+		expect(screen.getByText('golf-target')).toBeInTheDocument();
+		expect(screen.queryByText('fig-special')).not.toBeInTheDocument();
 	});
 });

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/DashboardsAndAlertsPopover.test.tsx

@@ -14,12 +14,8 @@ import {
 	MOCK_METRIC_NAME,
 } from './testUtlls';
 
-const mockSafeNavigate = jest.fn();
-jest.mock('hooks/useSafeNavigate', () => ({
-	useSafeNavigate: (): any => ({
-		safeNavigate: mockSafeNavigate,
-	}),
-}));
+const mockWindowOpen = jest.fn();
+Object.defineProperty(window, 'open', { value: mockWindowOpen });
 const mockSetQuery = jest.fn();
 const mockUrlQuery = {
 	set: mockSetQuery,
@@ -43,6 +39,7 @@ describe('DashboardsAndAlertsPopover', () => {
 	beforeEach(() => {
 		useGetMetricAlertsMock.mockReturnValue(getMockAlertsData());
 		useGetMetricDashboardsMock.mockReturnValue(getMockDashboardsData());
+		mockWindowOpen.mockClear();
 	});
 
 	it('renders the popover correctly with multiple dashboards and alerts', () => {
@@ -140,9 +137,10 @@ describe('DashboardsAndAlertsPopover', () => {
 		// Click on the first dashboard
 		await userEvent.click(screen.getByText(MOCK_DASHBOARD_1.dashboardName));
 
-		// Should navigate to the dashboard
-		expect(mockSafeNavigate).toHaveBeenCalledWith(
+		// Should open dashboard in new tab
+		expect(mockWindowOpen).toHaveBeenCalledWith(
 			`/dashboard/${MOCK_DASHBOARD_1.dashboardId}`,
+			'_blank',
 		);
 	});
 
@@ -158,11 +156,12 @@ describe('DashboardsAndAlertsPopover', () => {
 		// Click on the first alert rule
 		await userEvent.click(screen.getByText(MOCK_ALERT_1.alertName));
 
-		// Should navigate to the alert rule
+		// Should open alert in new tab
 		expect(mockSetQuery).toHaveBeenCalledWith(
 			QueryParams.ruleId,
 			MOCK_ALERT_1.alertId,
 		);
+		expect(mockWindowOpen).toHaveBeenCalled();
 	});
 
 	it('renders unique dashboards even when there are duplicates', async () => {

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/Highlights.test.tsx

@@ -48,7 +48,7 @@ describe('Highlights', () => {
 		).toBeInTheDocument();
 	});
 
-	it('should render loading state when data is loading', () => {
+	it('should show labels and loading text but not stale data values while loading', () => {
 		useGetMetricHighlightsMock.mockReturnValue(
 			getMockMetricHighlightsData(
 				{},
@@ -60,8 +60,19 @@ describe('Highlights', () => {
 
 		render(<Highlights metricName={MOCK_METRIC_NAME} />);
 
+		expect(screen.getByText('SAMPLES')).toBeInTheDocument();
+		expect(screen.getByText('TIME SERIES')).toBeInTheDocument();
+		expect(screen.getByText('LAST RECEIVED')).toBeInTheDocument();
+		expect(screen.getByText('Loading metric stats')).toBeInTheDocument();
+
 		expect(
-			screen.getByTestId('metric-highlights-loading-state'),
-		).toBeInTheDocument();
+			screen.queryByTestId('metric-highlights-data-points'),
+		).not.toBeInTheDocument();
+		expect(
+			screen.queryByTestId('metric-highlights-time-series-total'),
+		).not.toBeInTheDocument();
+		expect(
+			screen.queryByTestId('metric-highlights-last-received'),
+		).not.toBeInTheDocument();
 	});
 });

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/Metadata.test.tsx

@@ -324,6 +324,22 @@ describe('Metadata', () => {
 		expect(editButton2).toBeInTheDocument();
 	});
 
+	it('should show section header with disabled edit while loading', () => {
+		render(
+			<Metadata
+				metricName={MOCK_METRIC_NAME}
+				metadata={null}
+				isErrorMetricMetadata={false}
+				isLoadingMetricMetadata
+				refetchMetricMetadata={mockRefetchMetricMetadata}
+			/>,
+		);
+
+		expect(screen.getByText('Metadata')).toBeInTheDocument();
+		const editButton = screen.getByText('Edit').closest('button');
+		expect(editButton).toBeDisabled();
+	});
+
 	it('should not allow editing of unit if it is already set', async () => {
 		render(
 			<Metadata

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/MetricDetails.test.tsx

@@ -24,6 +24,13 @@ jest.mock('react-router-dom', () => ({
 		pathname: `${ROUTES.METRICS_EXPLORER}`,
 	}),
 }));
+jest.mock('react-redux', () => ({
+	...jest.requireActual('react-redux'),
+	useSelector: jest.fn().mockReturnValue({
+		maxTime: 1700000000000000000,
+		minTime: 1699900000000000000,
+	}),
+}));
 jest.mock('hooks/useSafeNavigate', () => ({
 	useSafeNavigate: (): any => ({
 		safeNavigate: jest.fn(),

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/utils.test.ts

@@ -2,6 +2,7 @@ import {
 	MetrictypesTemporalityDTO,
 	MetrictypesTypeDTO,
 } from 'api/generated/services/sigNoz.schemas';
+import { ATTRIBUTE_TYPES } from 'constants/queryBuilder';
 
 import {
 	determineIsMonotonic,
@@ -139,7 +140,7 @@ describe('MetricDetails utils', () => {
 				TEST_METRIC_NAME,
 			);
 			expect(query.builder.queryData[0]?.aggregateAttribute?.type).toBe(
-				MetrictypesTypeDTO.sum,
+				ATTRIBUTE_TYPES.SUM,
 			);
 			expect(query.builder.queryData[0]?.aggregateOperator).toBe('rate');
 			expect(query.builder.queryData[0]?.timeAggregation).toBe('rate');
@@ -156,7 +157,7 @@ describe('MetricDetails utils', () => {
 				TEST_METRIC_NAME,
 			);
 			expect(query.builder.queryData[0]?.aggregateAttribute?.type).toBe(
-				MetrictypesTypeDTO.gauge,
+				ATTRIBUTE_TYPES.GAUGE,
 			);
 			expect(query.builder.queryData[0]?.aggregateOperator).toBe('avg');
 			expect(query.builder.queryData[0]?.timeAggregation).toBe('avg');
@@ -173,7 +174,7 @@ describe('MetricDetails utils', () => {
 				TEST_METRIC_NAME,
 			);
 			expect(query.builder.queryData[0]?.aggregateAttribute?.type).toBe(
-				MetrictypesTypeDTO.summary,
+				ATTRIBUTE_TYPES.GAUGE,
 			);
 			expect(query.builder.queryData[0]?.aggregateOperator).toBe('noop');
 			expect(query.builder.queryData[0]?.timeAggregation).toBe('noop');
@@ -190,7 +191,7 @@ describe('MetricDetails utils', () => {
 				TEST_METRIC_NAME,
 			);
 			expect(query.builder.queryData[0]?.aggregateAttribute?.type).toBe(
-				MetrictypesTypeDTO.histogram,
+				ATTRIBUTE_TYPES.HISTOGRAM,
 			);
 			expect(query.builder.queryData[0]?.aggregateOperator).toBe('noop');
 			expect(query.builder.queryData[0]?.timeAggregation).toBe('noop');
@@ -207,7 +208,7 @@ describe('MetricDetails utils', () => {
 				TEST_METRIC_NAME,
 			);
 			expect(query.builder.queryData[0]?.aggregateAttribute?.type).toBe(
-				MetrictypesTypeDTO.exponentialhistogram,
+				ATTRIBUTE_TYPES.EXPONENTIAL_HISTOGRAM,
 			);
 			expect(query.builder.queryData[0]?.aggregateOperator).toBe('noop');
 			expect(query.builder.queryData[0]?.timeAggregation).toBe('noop');

frontend/src/container/MetricsExplorer/MetricDetails/types.ts

@@ -34,6 +34,9 @@ export interface MetadataProps {
 export interface AllAttributesProps {
 	metricName: string;
 	metricType: MetrictypesTypeDTO | undefined;
+	isMonotonic?: boolean;
+	minTime?: number;
+	maxTime?: number;
 }
 
 export interface AllAttributesValueProps {

frontend/src/container/MetricsExplorer/MetricDetails/utils.tsx

@@ -5,7 +5,7 @@ import {
 	MetrictypesTypeDTO,
 } from 'api/generated/services/sigNoz.schemas';
 import { SpaceAggregation, TimeAggregation } from 'api/v5/v5';
-import { initialQueriesMap } from 'constants/queryBuilder';
+import { initialQueriesMap, toAttributeType } from 'constants/queryBuilder';
 import { DataTypes } from 'types/api/queryBuilder/queryAutocompleteResponse';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';
 import { DataSource, ReduceOperators } from 'types/common/queryBuilder';
@@ -87,15 +87,26 @@ export function getMetricDetailsQuery(
 	metricType: MetrictypesTypeDTO | undefined,
 	filter?: { key: string; value: string },
 	groupBy?: string,
+	limit?: number,
+	isMonotonic?: boolean,
 ): Query {
 	let timeAggregation;
 	let spaceAggregation;
 	let aggregateOperator;
+	const isNonMonotonicSum =
+		metricType === MetrictypesTypeDTO.sum && isMonotonic === false;
+
 	switch (metricType) {
 		case MetrictypesTypeDTO.sum:
-			timeAggregation = 'rate';
-			spaceAggregation = 'sum';
-			aggregateOperator = 'rate';
+			if (isNonMonotonicSum) {
+				timeAggregation = 'avg';
+				spaceAggregation = 'avg';
+				aggregateOperator = 'avg';
+			} else {
+				timeAggregation = 'rate';
+				spaceAggregation = 'sum';
+				aggregateOperator = 'rate';
+			}
 			break;
 		case MetrictypesTypeDTO.gauge:
 			timeAggregation = 'avg';
@@ -120,6 +131,8 @@ export function getMetricDetailsQuery(
 			break;
 	}
 
+	const attributeType = toAttributeType(metricType, isMonotonic);
+
 	return {
 		...initialQueriesMap[DataSource.METRICS],
 		builder: {
@@ -128,8 +141,8 @@ export function getMetricDetailsQuery(
 					...initialQueriesMap[DataSource.METRICS].builder.queryData[0],
 					aggregateAttribute: {
 						key: metricName,
-						type: metricType ?? '',
-						id: `${metricName}----${metricType}---string--`,
+						type: attributeType,
+						id: `${metricName}----${attributeType}---string--`,
 						dataType: DataTypes.String,
 					},
 					aggregations: [
@@ -170,6 +183,7 @@ export function getMetricDetailsQuery(
 								},
 						  ]
 						: [],
+					...(limit ? { limit } : {}),
 				},
 			],
 			queryFormulas: [],

frontend/src/container/MetricsExplorer/Summary/MetricsSearch.tsx

@@ -1,9 +1,7 @@
 import { useCallback } from 'react';
-import { Tooltip } from 'antd';
 import QuerySearch from 'components/QueryBuilderV2/QueryV2/QuerySearch/QuerySearch';
 import RunQueryBtn from 'container/QueryBuilder/components/RunQueryBtn/RunQueryBtn';
 import DateTimeSelectionV2 from 'container/TopNav/DateTimeSelectionV2';
-import { Info } from 'lucide-react';
 import { DataSource } from 'types/common/queryBuilder';
 
 import { MetricsSearchProps } from './types';
@@ -26,15 +24,17 @@ function MetricsSearch({
 		onChange(currentQueryFilterExpression);
 	}, [currentQueryFilterExpression, onChange]);
 
+	const handleRunQuery = useCallback(
+		(expression: string): void => {
+			setCurrentQueryFilterExpression(expression);
+			onChange(expression);
+		},
+		[setCurrentQueryFilterExpression, onChange],
+	);
+
 	return (
 		<div className="metrics-search-container">
 			<div data-testid="qb-search-container" className="qb-search-container">
-				<Tooltip
-					title="Use filters to refine metrics based on attributes. Example: service_name=api - Shows all metrics associated with the API service"
-					placement="right"
-				>
-					<Info size={16} />
-				</Tooltip>
 				<QuerySearch
 					onChange={handleOnChange}
 					dataSource={DataSource.METRICS}
@@ -45,8 +45,9 @@ function MetricsSearch({
 							expression: currentQueryFilterExpression,
 						},
 					}}
-					onRun={handleOnChange}
+					onRun={handleRunQuery}
 					showFilterSuggestionsWithoutMetric
+					placeholder="Try metric_name CONTAINS 'http.server' to view all HTTP Server metrics being sent"
 				/>
 			</div>
 			<RunQueryBtn

frontend/src/container/MetricsExplorer/Summary/Summary.styles.scss

@@ -37,7 +37,7 @@
 
 	.metrics-search-container {
 		display: flex;
-		gap: 16px;
+		gap: 8px;
 		align-items: center;
 
 		.metrics-search-options {
@@ -51,10 +51,6 @@
 			gap: 8px;
 			flex: 1;
 
-			.lucide-info {
-				cursor: pointer;
-			}
-
 			.query-builder-search-container {
 				width: 100%;
 			}
@@ -66,8 +62,6 @@
 			margin-left: -16px;
 			margin-right: -16px;
 
-			max-height: 500px;
-			overflow-y: auto;
 			.ant-table-thead > tr > th {
 				padding: 12px;
 				font-weight: 500;

frontend/src/container/MetricsExplorer/Summary/Summary.tsx

@@ -15,13 +15,12 @@ import {
 	Querybuildertypesv5OrderByDTO,
 	Querybuildertypesv5OrderDirectionDTO,
 } from 'api/generated/services/sigNoz.schemas';
-import {
-	convertExpressionToFilters,
-	convertFiltersToExpression,
-} from 'components/QueryBuilderV2/utils';
+import { convertExpressionToFilters } from 'components/QueryBuilderV2/utils';
+import { initialQueriesMap } from 'constants/queryBuilder';
 import { usePageSize } from 'container/InfraMonitoringK8s/utils';
 import NoLogs from 'container/NoLogs/NoLogs';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
+import { useShareBuilderUrl } from 'hooks/queryBuilder/useShareBuilderUrl';
 import ErrorBoundaryFallback from 'pages/ErrorBoundaryFallback/ErrorBoundaryFallback';
 import { AppState } from 'store/reducers';
 import { TagFilter } from 'types/api/queryBuilder/queryBuilderData';
@@ -61,10 +60,13 @@ function Summary(): JSX.Element {
 		heatmapView,
 		setHeatmapView,
 	] = useState<MetricsexplorertypesTreemapModeDTO>(
-		MetricsexplorertypesTreemapModeDTO.timeseries,
+		MetricsexplorertypesTreemapModeDTO.samples,
 	);
 
 	const { currentQuery, redirectWithQueryBuilderData } = useQueryBuilder();
+
+	useShareBuilderUrl({ defaultValue: initialQueriesMap[DataSource.METRICS] });
+
 	const query = useMemo(() => currentQuery?.builder?.queryData[0], [
 		currentQuery,
 	]);
@@ -89,6 +91,15 @@ function Summary(): JSX.Element {
 		setCurrentQueryFilterExpression,
 	] = useState<string>(query?.filter?.expression || '');
 
+	const [appliedFilterExpression, setAppliedFilterExpression] = useState(
+		query?.filter?.expression || '',
+	);
+
+	const queryFilterExpression = useMemo(
+		() => ({ expression: appliedFilterExpression }),
+		[appliedFilterExpression],
+	);
+
 	useEffect(() => {
 		logEvent(MetricsExplorerEvents.TabChanged, {
 			[MetricsExplorerEventKeys.Tab]: 'summary',
@@ -100,11 +111,6 @@ function Summary(): JSX.Element {
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, []);
 
-	const queryFilterExpression = useMemo(() => {
-		const filters = query.filters || { items: [], op: 'AND' };
-		return convertFiltersToExpression(filters);
-	}, [query.filters]);
-
 	const metricsListQuery: MetricsexplorertypesStatsRequestDTO = useMemo(() => {
 		return {
 			start: convertNanoToMilliseconds(minTime),
@@ -187,6 +193,7 @@ function Summary(): JSX.Element {
 				},
 			});
 			setCurrentQueryFilterExpression(expression);
+			setAppliedFilterExpression(expression);
 			setCurrentPage(1);
 			if (expression) {
 				logEvent(MetricsExplorerEvents.FilterApplied, {
@@ -305,7 +312,9 @@ function Summary(): JSX.Element {
 				/>
 				{showFullScreenLoading ? (
 					<MetricsLoading />
-				) : isMetricsListDataEmpty && isMetricsTreeMapDataEmpty ? (
+				) : isMetricsListDataEmpty &&
+				  isMetricsTreeMapDataEmpty &&
+				  !appliedFilterExpression ? (
 					<NoLogs dataSource={DataSource.METRICS} />
 				) : (
 					<>

frontend/src/container/QueryBuilder/components/Query/Query.tsx

@@ -24,6 +24,7 @@ import {
 	AggregatorFilter,
 	GroupByFilter,
 	HavingFilter,
+	MetricNameSelector,
 	OperatorsSelect,
 	OrderByFilter,
 	ReduceToFilter,
@@ -403,7 +404,7 @@ export const Query = memo(function Query({
 										)}
 
 										<Col flex="auto">
-											<AggregatorFilter
+											<MetricNameSelector
 												onChange={handleChangeAggregatorAttribute}
 												query={query}
 											/>

frontend/src/container/QueryBuilder/filters/MetricNameSelector/MetricNameSelector.styles.scss

@@ -0,0 +1,6 @@
+.metric-name-selector {
+	.ant-select-selection-placeholder {
+		color: var(--bg-slate-200);
+		font-style: italic;
+	}
+}

frontend/src/container/QueryBuilder/filters/MetricNameSelector/MetricNameSelector.test.tsx

@@ -0,0 +1,887 @@
+import { useEffect, useState } from 'react';
+import { fireEvent, render, screen, within } from '@testing-library/react';
+import {
+	MetricsexplorertypesListMetricDTO,
+	MetrictypesTypeDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { ENTITY_VERSION_V5 } from 'constants/app';
+import { ATTRIBUTE_TYPES } from 'constants/queryBuilder';
+import { useQueryOperations } from 'hooks/queryBuilder/useQueryBuilderOperations';
+import { DataTypes } from 'types/api/queryBuilder/queryAutocompleteResponse';
+import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';
+import { MetricAggregation } from 'types/api/v5/queryRange';
+import { DataSource, ReduceOperators } from 'types/common/queryBuilder';
+
+import { MetricNameSelector } from './MetricNameSelector';
+
+const mockUseListMetrics = jest.fn();
+jest.mock('api/generated/services/metrics', () => ({
+	useListMetrics: (...args: unknown[]): ReturnType<typeof mockUseListMetrics> =>
+		mockUseListMetrics(...args),
+}));
+
+jest.mock('hooks/useDebounce', () => ({
+	__esModule: true,
+	default: <T,>(value: T): T => value,
+}));
+
+jest.mock('../QueryBuilderSearch/OptionRenderer', () => ({
+	__esModule: true,
+	default: ({ value }: { value: string }): JSX.Element => <span>{value}</span>,
+}));
+
+// Ref lets StatefulMetricQueryHarness wire handleSetQueryData to real state,
+// while other tests keep the default no-op mock.
+const handleSetQueryDataRef: {
+	current: (index: number, query: IBuilderQuery) => void;
+} = {
+	current: jest.fn(),
+};
+
+jest.mock('hooks/queryBuilder/useQueryBuilder', () => ({
+	useQueryBuilder: (): Record<string, unknown> => ({
+		handleSetQueryData: (index: number, query: IBuilderQuery): void =>
+			handleSetQueryDataRef.current(index, query),
+		handleSetTraceOperatorData: jest.fn(),
+		handleSetFormulaData: jest.fn(),
+		removeQueryBuilderEntityByIndex: jest.fn(),
+		panelType: 'TIME_SERIES',
+		initialDataSource: DataSource.METRICS,
+		currentQuery: {
+			builder: { queryData: [], queryFormulas: [], queryTraceOperator: [] },
+			queryType: 'builder',
+		},
+		setLastUsedQuery: jest.fn(),
+		redirectWithQueryBuilderData: jest.fn(),
+	}),
+}));
+
+function makeMetric(
+	overrides: Partial<MetricsexplorertypesListMetricDTO> = {},
+): MetricsexplorertypesListMetricDTO {
+	return {
+		metricName: 'http_requests_total',
+		type: MetrictypesTypeDTO.sum,
+		isMonotonic: true,
+		description: '',
+		temporality: 'cumulative' as never,
+		unit: '',
+		...overrides,
+	};
+}
+
+function makeQuery(overrides: Partial<IBuilderQuery> = {}): IBuilderQuery {
+	return {
+		dataSource: DataSource.METRICS,
+		queryName: 'A',
+		aggregateOperator: 'count',
+		aggregateAttribute: { key: '', type: '', dataType: DataTypes.Float64 },
+		timeAggregation: 'avg',
+		spaceAggregation: 'sum',
+		filter: { expression: '' },
+		aggregations: [],
+		functions: [],
+		filters: { items: [], op: 'AND' },
+		expression: 'A',
+		disabled: false,
+		stepInterval: null,
+		having: [],
+		limit: null,
+		orderBy: [],
+		groupBy: [],
+		legend: '',
+		reduceTo: ReduceOperators.AVG,
+		...overrides,
+	} as IBuilderQuery;
+}
+
+function returnMetrics(
+	metrics: MetricsexplorertypesListMetricDTO[],
+	overrides: Record<string, unknown> = {},
+): void {
+	mockUseListMetrics.mockReturnValue({
+		isFetching: false,
+		isError: false,
+		data: { data: { metrics } },
+		queryKey: ['/api/v2/metrics'],
+		...overrides,
+	});
+}
+
+// snippet so tests can assert on them.
+function MetricQueryHarness({ query }: { query: IBuilderQuery }): JSX.Element {
+	const {
+		handleChangeAggregatorAttribute,
+		operators,
+		spaceAggregationOptions,
+	} = useQueryOperations({
+		query,
+		index: 0,
+		entityVersion: ENTITY_VERSION_V5,
+	});
+
+	return (
+		<div>
+			<MetricNameSelector
+				query={query}
+				onChange={handleChangeAggregatorAttribute}
+			/>
+			<ul data-testid="time-agg-options">
+				{operators.map((op) => (
+					<li key={op.value}>{op.label}</li>
+				))}
+			</ul>
+			<ul data-testid="space-agg-options">
+				{spaceAggregationOptions.map((op) => (
+					<li key={op.value}>{op.label}</li>
+				))}
+			</ul>
+		</div>
+	);
+}
+
+function getOptionLabels(testId: string): string[] {
+	const list = screen.getByTestId(testId);
+	const items = within(list).queryAllByRole('listitem');
+	return items.map((el) => el.textContent || '');
+}
+
+describe('MetricNameSelector', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('shows metric names from API as dropdown options', () => {
+		returnMetrics([
+			makeMetric({ metricName: 'http_requests_total' }),
+			makeMetric({
+				metricName: 'cpu_usage_percent',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+		]);
+
+		render(<MetricNameSelector query={makeQuery()} onChange={jest.fn()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'h' } });
+
+		expect(
+			screen.getAllByText('http_requests_total').length,
+		).toBeGreaterThanOrEqual(1);
+		expect(
+			screen.getAllByText('cpu_usage_percent').length,
+		).toBeGreaterThanOrEqual(1);
+	});
+
+	it('retains typed metric name in input after blur', () => {
+		returnMetrics([makeMetric({ metricName: 'http_requests_total' })]);
+
+		render(<MetricNameSelector query={makeQuery()} onChange={jest.fn()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'http_requests_total' } });
+		fireEvent.blur(input);
+
+		expect(input).toHaveValue('http_requests_total');
+	});
+
+	it('shows error message when API request fails', () => {
+		mockUseListMetrics.mockReturnValue({
+			isFetching: false,
+			isError: true,
+			data: undefined,
+			queryKey: ['/api/v2/metrics'],
+		});
+
+		render(<MetricNameSelector query={makeQuery()} onChange={jest.fn()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.focus(input);
+		fireEvent.change(input, { target: { value: 'test' } });
+
+		expect(screen.getByText('Failed to load metrics')).toBeInTheDocument();
+	});
+
+	it('shows loading spinner while fetching metrics', () => {
+		mockUseListMetrics.mockReturnValue({
+			isFetching: true,
+			isError: false,
+			data: undefined,
+			queryKey: ['/api/v2/metrics'],
+		});
+
+		const { container } = render(
+			<MetricNameSelector query={makeQuery()} onChange={jest.fn()} />,
+		);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'test' } });
+
+		expect(container.querySelector('.ant-spin-spinning')).toBeInTheDocument();
+	});
+});
+
+describe('selecting a metric type updates the aggregation options', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('Sum metric shows Rate/Increase time options and Sum/Avg/Min/Max space options', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'http_requests_total',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: true,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'http_requests_total' } });
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual(['Rate', 'Increase']);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+		]);
+	});
+
+	it('Gauge metric shows Latest/Sum/Avg/Min/Max/Count/Count Distinct time options and Sum/Avg/Min/Max space options', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'cpu_usage_percent',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'cpu_usage_percent' } });
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([
+			'Latest',
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+			'Count',
+			'Count Distinct',
+		]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+		]);
+	});
+
+	it('non-monotonic Sum metric is treated as Gauge', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'active_connections',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: false,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, {
+			target: { value: 'active_connections' },
+		});
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([
+			'Latest',
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+			'Count',
+			'Count Distinct',
+		]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+		]);
+	});
+
+	it('Histogram metric shows no time options and P50–P99 space options', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'request_duration_seconds',
+				type: MetrictypesTypeDTO.histogram,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, {
+			target: { value: 'request_duration_seconds' },
+		});
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'P50',
+			'P75',
+			'P90',
+			'P95',
+			'P99',
+		]);
+	});
+
+	it('ExponentialHistogram metric shows no time options and P50–P99 space options', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'request_duration_exp',
+				type: MetrictypesTypeDTO.exponentialhistogram,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, {
+			target: { value: 'request_duration_exp' },
+		});
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'P50',
+			'P75',
+			'P90',
+			'P95',
+			'P99',
+		]);
+	});
+
+	it('unknown metric (typed name not in API results) shows all time and space options', () => {
+		returnMetrics([makeMetric({ metricName: 'known_metric' })]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'unknown_metric' } });
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([
+			'Max',
+			'Min',
+			'Sum',
+			'Avg',
+			'Count',
+			'Rate',
+			'Increase',
+		]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+			'P50',
+			'P75',
+			'P90',
+			'P95',
+			'P99',
+		]);
+	});
+});
+
+// these tests require the previous state, so we setup it to
+// tracks previousMetricInfo across metric selections
+function StatefulMetricQueryHarness({
+	initialQuery,
+}: {
+	initialQuery: IBuilderQuery;
+}): JSX.Element {
+	const [query, setQuery] = useState(initialQuery);
+
+	useEffect(() => {
+		handleSetQueryDataRef.current = (
+			_index: number,
+			newQuery: IBuilderQuery,
+		): void => {
+			setQuery(newQuery);
+		};
+		return (): void => {
+			handleSetQueryDataRef.current = jest.fn();
+		};
+	}, []);
+
+	const {
+		handleChangeAggregatorAttribute,
+		operators,
+		spaceAggregationOptions,
+	} = useQueryOperations({
+		query,
+		index: 0,
+		entityVersion: ENTITY_VERSION_V5,
+	});
+
+	const currentAggregation = query.aggregations?.[0] as MetricAggregation;
+
+	return (
+		<div>
+			<MetricNameSelector
+				query={query}
+				onChange={handleChangeAggregatorAttribute}
+			/>
+			<ul data-testid="time-agg-options">
+				{operators.map((op) => (
+					<li key={op.value}>{op.label}</li>
+				))}
+			</ul>
+			<ul data-testid="space-agg-options">
+				{spaceAggregationOptions.map((op) => (
+					<li key={op.value}>{op.label}</li>
+				))}
+			</ul>
+			<div data-testid="selected-time-agg">
+				{currentAggregation?.timeAggregation || ''}
+			</div>
+			<div data-testid="selected-space-agg">
+				{currentAggregation?.spaceAggregation || ''}
+			</div>
+			<div data-testid="selected-metric-name">
+				{currentAggregation?.metricName || ''}
+			</div>
+		</div>
+	);
+}
+
+describe('switching between metrics of the same type preserves aggregation settings', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('Sum: preserves non-default increase/avg when switching to another Sum metric', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'metric_a',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: true,
+			}),
+			makeMetric({
+				metricName: 'metric_b',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: true,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'metric_a',
+						type: ATTRIBUTE_TYPES.SUM,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: 'increase',
+							spaceAggregation: 'avg',
+							metricName: 'metric_a',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('increase');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('avg');
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'metric_b' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('increase');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('avg');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'metric_b',
+		);
+	});
+
+	it('Gauge: preserves non-default min/max when switching to another Gauge metric', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'cpu_usage',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+			makeMetric({
+				metricName: 'mem_usage',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'cpu_usage',
+						type: ATTRIBUTE_TYPES.GAUGE,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: 'min',
+							spaceAggregation: 'max',
+							metricName: 'cpu_usage',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('min');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('max');
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'mem_usage' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('min');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('max');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'mem_usage',
+		);
+	});
+
+	it('Histogram: preserves non-default p99 when switching to another Histogram metric', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'req_duration',
+				type: MetrictypesTypeDTO.histogram,
+			}),
+			makeMetric({
+				metricName: 'db_latency',
+				type: MetrictypesTypeDTO.histogram,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'req_duration',
+						type: ATTRIBUTE_TYPES.HISTOGRAM,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: '',
+							spaceAggregation: 'p99',
+							metricName: 'req_duration',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('p99');
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'db_latency' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('p99');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'db_latency',
+		);
+	});
+
+	it('ExponentialHistogram: preserves non-default p75 when switching to another ExponentialHistogram metric', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'exp_hist_a',
+				type: MetrictypesTypeDTO.exponentialhistogram,
+			}),
+			makeMetric({
+				metricName: 'exp_hist_b',
+				type: MetrictypesTypeDTO.exponentialhistogram,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'exp_hist_a',
+						type: ATTRIBUTE_TYPES.EXPONENTIAL_HISTOGRAM,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: '',
+							spaceAggregation: 'p75',
+							metricName: 'exp_hist_a',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('p75');
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'exp_hist_b' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('p75');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'exp_hist_b',
+		);
+	});
+});
+
+describe('switching to a different metric type resets aggregation to new defaults', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('Sum to Gauge: resets from increase/avg to the Gauge defaults avg/avg', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'sum_metric',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: true,
+			}),
+			makeMetric({
+				metricName: 'gauge_metric',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'sum_metric',
+						type: ATTRIBUTE_TYPES.SUM,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: 'increase',
+							spaceAggregation: 'avg',
+							metricName: 'sum_metric',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'gauge_metric' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('avg');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('avg');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'gauge_metric',
+		);
+	});
+
+	it('Gauge to Histogram: resets from min/max to the Histogram defaults (no time, p90 space)', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'gauge_metric',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+			makeMetric({
+				metricName: 'hist_metric',
+				type: MetrictypesTypeDTO.histogram,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'gauge_metric',
+						type: ATTRIBUTE_TYPES.GAUGE,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: 'min',
+							spaceAggregation: 'max',
+							metricName: 'gauge_metric',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'hist_metric' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('p90');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'hist_metric',
+		);
+	});
+
+	it('Histogram to Sum: resets from p99 to the Sum defaults rate/sum', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'hist_metric',
+				type: MetrictypesTypeDTO.histogram,
+			}),
+			makeMetric({
+				metricName: 'sum_metric',
+				type: MetrictypesTypeDTO.sum,
+				isMonotonic: true,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'hist_metric',
+						type: ATTRIBUTE_TYPES.HISTOGRAM,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: '',
+							spaceAggregation: 'p99',
+							metricName: 'hist_metric',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'sum_metric' } });
+		fireEvent.blur(input);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('rate');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('sum');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'sum_metric',
+		);
+	});
+});
+
+describe('typed metric not in search results is committed with unknown defaults', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('Gauge to unknown metric: resets from Gauge aggregations to unknown defaults (avg/avg)', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'cpu_usage',
+				type: MetrictypesTypeDTO.gauge,
+			}),
+		]);
+
+		render(
+			<StatefulMetricQueryHarness
+				initialQuery={makeQuery({
+					aggregateAttribute: {
+						key: 'cpu_usage',
+						type: ATTRIBUTE_TYPES.GAUGE,
+						dataType: DataTypes.Float64,
+					},
+					aggregations: [
+						{
+							timeAggregation: 'min',
+							spaceAggregation: 'max',
+							metricName: 'cpu_usage',
+							temporality: '',
+						},
+					] as MetricAggregation[],
+				})}
+			/>,
+		);
+
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('min');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('max');
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, { target: { value: 'unknown_metric' } });
+		fireEvent.blur(input);
+
+		// Metric not in search results is committed with empty type resets to unknown defaults
+		expect(screen.getByTestId('selected-time-agg')).toHaveTextContent('avg');
+		expect(screen.getByTestId('selected-space-agg')).toHaveTextContent('avg');
+		expect(screen.getByTestId('selected-metric-name')).toHaveTextContent(
+			'unknown_metric',
+		);
+	});
+});
+
+describe('Summary metric type is treated as Gauge', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		handleSetQueryDataRef.current = jest.fn();
+		returnMetrics([]);
+	});
+
+	it('selecting a Summary metric shows Gauge aggregation options', () => {
+		returnMetrics([
+			makeMetric({
+				metricName: 'rpc_duration_summary',
+				type: MetrictypesTypeDTO.summary,
+			}),
+		]);
+
+		render(<MetricQueryHarness query={makeQuery()} />);
+
+		const input = screen.getByRole('combobox');
+		fireEvent.change(input, {
+			target: { value: 'rpc_duration_summary' },
+		});
+		fireEvent.blur(input);
+
+		expect(getOptionLabels('time-agg-options')).toEqual([
+			'Latest',
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+			'Count',
+			'Count Distinct',
+		]);
+		expect(getOptionLabels('space-agg-options')).toEqual([
+			'Sum',
+			'Avg',
+			'Min',
+			'Max',
+		]);
+	});
+});

frontend/src/container/QueryBuilder/filters/MetricNameSelector/MetricNameSelector.tsx

@@ -0,0 +1,266 @@
+import { memo, useCallback, useEffect, useMemo, useRef, useState } from 'react';
+import { flushSync } from 'react-dom';
+import { AutoComplete, Spin, Typography } from 'antd';
+import { useListMetrics } from 'api/generated/services/metrics';
+import { MetricsexplorertypesListMetricDTO } from 'api/generated/services/sigNoz.schemas';
+import { ATTRIBUTE_TYPES, toAttributeType } from 'constants/queryBuilder';
+import { DEBOUNCE_DELAY } from 'constants/queryBuilderFilterConfig';
+import useDebounce from 'hooks/useDebounce';
+import {
+	BaseAutocompleteData,
+	DataTypes,
+} from 'types/api/queryBuilder/queryAutocompleteResponse';
+import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';
+import { MetricAggregation } from 'types/api/v5/queryRange';
+import { ExtendedSelectOption } from 'types/common/select';
+import { popupContainer } from 'utils/selectPopupContainer';
+
+import { selectStyle } from '../QueryBuilderSearch/config';
+import OptionRenderer from '../QueryBuilderSearch/OptionRenderer';
+
+import './MetricNameSelector.styles.scss';
+
+export type MetricNameSelectorProps = {
+	query: IBuilderQuery;
+	onChange: (value: BaseAutocompleteData, isEditMode?: boolean) => void;
+	disabled?: boolean;
+	defaultValue?: string;
+	onSelect?: (value: BaseAutocompleteData) => void;
+	signalSource?: 'meter' | '';
+};
+
+function getAttributeType(
+	metric: MetricsexplorertypesListMetricDTO,
+): ATTRIBUTE_TYPES | '' {
+	return toAttributeType(metric.type, metric.isMonotonic);
+}
+
+function createAutocompleteData(
+	metricName: string,
+	type: string,
+): BaseAutocompleteData {
+	return { key: metricName, type, dataType: DataTypes.Float64 };
+}
+
+// N.B on the metric name selector behaviour.
+//
+// Metric aggregation options resolution:
+//   The component maintains a ref (metricsRef) of the latest API results.
+//   When the user commits a metric name (via dropdown select, blur, or Cmd+Enter),
+//   resolveMetricFromText looks up the metric in metricsRef to determine its type
+//   (Sum, Gauge, Histogram, etc.). If the metric isn't found (e.g. the user typed
+//   a name before the debounced search returned), the type is empty and downstream
+//   treats it as unknown.
+//
+// Selection handling:
+//   - Dropdown select: user picks from the dropdown; type is always resolved
+//      since the option came from the current API results.
+//   - Blur: user typed a name and tabbed/clicked away without selecting from
+//      the dropdown. If the name differs from the current metric, it's resolved
+//      and committed. If the input is empty, it resets to the current metric name.
+//   - Cmd/Ctrl+Enter: resolves the typed name and commits it using flushSync
+//      so the state update is processed synchronously before QueryBuilderV2's
+//      onKeyDownCapture fires handleRunQuery. Uses document-level capture phase
+//      to run before React's root-level event dispatch. However, there is still one
+//      need to be handled here. TODO(srikanthccv): enter before n/w req completion
+//
+// Edit mode:
+//   When a saved query is loaded, the metric name may be set via aggregations
+//   but aggregateAttribute.type may be missing. Once the API returns metric data,
+//   the component calls onChange with isEditMode=true to backfill the type without
+//   resetting aggregation options.
+//
+// Signal source:
+//   When signalSource is 'meter', the API is filtered to meter metrics only.
+//   Changing signalSource clears the input and search text.
+
+export const MetricNameSelector = memo(function MetricNameSelector({
+	query,
+	onChange,
+	disabled,
+	defaultValue,
+	onSelect,
+	signalSource,
+}: MetricNameSelectorProps): JSX.Element {
+	const currentMetricName =
+		(query.aggregations?.[0] as MetricAggregation)?.metricName ||
+		query.aggregateAttribute?.key ||
+		'';
+
+	const [inputValue, setInputValue] = useState<string>(
+		currentMetricName || defaultValue || '',
+	);
+	const [searchText, setSearchText] = useState<string>(currentMetricName);
+
+	const metricsRef = useRef<MetricsexplorertypesListMetricDTO[]>([]);
+	const selectedFromDropdownRef = useRef(false);
+	const prevSignalSourceRef = useRef(signalSource);
+
+	useEffect(() => {
+		setInputValue(currentMetricName || defaultValue || '');
+	}, [defaultValue, currentMetricName]);
+
+	useEffect(() => {
+		if (prevSignalSourceRef.current !== signalSource) {
+			prevSignalSourceRef.current = signalSource;
+			setSearchText('');
+			setInputValue('');
+		}
+	}, [signalSource]);
+
+	const debouncedValue = useDebounce(searchText, DEBOUNCE_DELAY);
+
+	const { isFetching, isError, data: listMetricsData } = useListMetrics(
+		{
+			searchText: debouncedValue,
+			limit: 100,
+			source: signalSource || undefined,
+		} as Record<string, unknown>,
+		{
+			query: {
+				keepPreviousData: false,
+				retry: 2,
+			},
+		},
+	);
+
+	const metrics = useMemo(() => listMetricsData?.data?.metrics ?? [], [
+		listMetricsData,
+	]);
+
+	useEffect(() => {
+		metricsRef.current = metrics;
+	}, [metrics]);
+
+	const optionsData = useMemo((): ExtendedSelectOption[] => {
+		if (!metrics.length) {
+			return [];
+		}
+
+		return metrics.map((metric) => ({
+			label: (
+				<OptionRenderer
+					label={metric.metricName}
+					value={metric.metricName}
+					dataType={DataTypes.Float64}
+					type={getAttributeType(metric) || ''}
+				/>
+			),
+			value: metric.metricName,
+			key: metric.metricName,
+		}));
+	}, [metrics]);
+
+	useEffect(() => {
+		const metricName = (query.aggregations?.[0] as MetricAggregation)?.metricName;
+		const hasAggregateAttributeType = query.aggregateAttribute?.type;
+
+		if (metricName && !hasAggregateAttributeType && metrics.length > 0) {
+			const found = metrics.find((m) => m.metricName === metricName);
+			if (found) {
+				onChange(
+					createAutocompleteData(found.metricName, getAttributeType(found)),
+					true,
+				);
+			}
+		}
+	}, [metrics, query.aggregations, query.aggregateAttribute?.type, onChange]);
+
+	const resolveMetricFromText = useCallback(
+		(text: string): BaseAutocompleteData => {
+			const found = metricsRef.current.find((m) => m.metricName === text);
+			if (found) {
+				return createAutocompleteData(found.metricName, getAttributeType(found));
+			}
+			return createAutocompleteData(text, '');
+		},
+		[],
+	);
+
+	const placeholder = useMemo(() => {
+		if (signalSource === 'meter') {
+			return 'Search for a meter metric...';
+		}
+		return 'Search for a metric...';
+	}, [signalSource]);
+
+	const handleChange = useCallback((value: string): void => {
+		setInputValue(value);
+	}, []);
+
+	const handleSearch = useCallback((value: string): void => {
+		setSearchText(value);
+		selectedFromDropdownRef.current = false;
+	}, []);
+
+	const handleSelect = useCallback(
+		(value: string): void => {
+			selectedFromDropdownRef.current = true;
+			const resolved = resolveMetricFromText(value);
+			onChange(resolved);
+			if (onSelect) {
+				onSelect(resolved);
+			}
+			setSearchText('');
+		},
+		[onChange, onSelect, resolveMetricFromText],
+	);
+
+	const handleBlur = useCallback(() => {
+		if (selectedFromDropdownRef.current) {
+			selectedFromDropdownRef.current = false;
+			return;
+		}
+
+		const typedValue = inputValue?.trim() || '';
+		if (typedValue && typedValue !== currentMetricName) {
+			onChange(resolveMetricFromText(typedValue));
+		} else if (!typedValue && currentMetricName) {
+			setInputValue(currentMetricName);
+		}
+	}, [inputValue, currentMetricName, onChange, resolveMetricFromText]);
+
+	useEffect(() => {
+		const handleKeyDown = (e: KeyboardEvent): void => {
+			if (e.key === 'Enter' && (e.metaKey || e.ctrlKey)) {
+				const typedValue = inputValue?.trim() || '';
+				if (typedValue && typedValue !== currentMetricName) {
+					flushSync(() => {
+						onChange(resolveMetricFromText(typedValue));
+					});
+				}
+			}
+		};
+
+		document.addEventListener('keydown', handleKeyDown, true);
+		return (): void => {
+			document.removeEventListener('keydown', handleKeyDown, true);
+		};
+	}, [inputValue, currentMetricName, onChange, resolveMetricFromText]);
+
+	return (
+		<AutoComplete
+			className="metric-name-selector"
+			getPopupContainer={popupContainer}
+			style={selectStyle}
+			filterOption={false}
+			placeholder={placeholder}
+			onSearch={handleSearch}
+			onChange={handleChange}
+			notFoundContent={
+				isFetching ? (
+					<Spin size="small" />
+				) : isError ? (
+					<Typography.Text type="danger" style={{ fontSize: 12 }}>
+						Failed to load metrics
+					</Typography.Text>
+				) : null
+			}
+			options={optionsData}
+			value={inputValue}
+			onBlur={handleBlur}
+			onSelect={handleSelect}
+			disabled={disabled}
+		/>
+	);
+});

frontend/src/container/QueryBuilder/filters/MetricNameSelector/index.ts

@@ -0,0 +1,2 @@
+export type { MetricNameSelectorProps } from './MetricNameSelector';
+export { MetricNameSelector } from './MetricNameSelector';

frontend/src/container/QueryBuilder/filters/index.ts

@@ -2,6 +2,7 @@ export { AggregatorFilter } from './AggregatorFilter';
 export { BuilderUnitsFilter } from './BuilderUnitsFilter';
 export { GroupByFilter } from './GroupByFilter';
 export { HavingFilter } from './HavingFilter';
+export { MetricNameSelector } from './MetricNameSelector';
 export { OperatorsSelect } from './OperatorsSelect';
 export { OrderByFilter } from './OrderByFilter';
 export { ReduceToFilter } from './ReduceToFilter';

frontend/src/container/TimeSeriesView/TimeSeriesView.tsx

@@ -257,7 +257,9 @@ function TimeSeriesView({
 					chartData[0]?.length === 0 &&
 					!isLoading &&
 					!isError &&
-					dataSource === DataSource.METRICS && <EmptyMetricsSearch />}
+					dataSource === DataSource.METRICS && (
+						<EmptyMetricsSearch hasQueryResult={data !== undefined} />
+					)}
 
 				{!isLoading &&
 					!isError &&

frontend/src/hooks/queryBuilder/useQueryBuilderOperations.ts

@@ -248,19 +248,12 @@ export const useQueryOperations: UseQueryOperations = ({
 	);
 
 	const handleChangeAggregatorAttribute = useCallback(
-		(
-			value: BaseAutocompleteData,
-			isEditMode?: boolean,
-			attributeKeys?: BaseAutocompleteData[],
-		): void => {
+		(value: BaseAutocompleteData, isEditMode?: boolean): void => {
 			const newQuery: IBuilderQuery = {
 				...query,
 				aggregateAttribute: value,
 			};
 
-			const getAttributeKeyFromMetricName = (metricName: string): string =>
-				attributeKeys?.find((key) => key.key === metricName)?.type || '';
-
 			if (
 				newQuery.dataSource === DataSource.METRICS &&
 				entityVersion === ENTITY_VERSION_V4
@@ -311,9 +304,7 @@ export const useQueryOperations: UseQueryOperations = ({
 					// Get current metric info
 					const currentMetricType = newQuery.aggregateAttribute?.type || '';
 
-					const prevMetricType = previousMetricInfo?.type
-						? previousMetricInfo.type
-						: getAttributeKeyFromMetricName(previousMetricInfo?.name || '');
+					const prevMetricType = previousMetricInfo?.type || '';
 
 					// Check if metric type has changed by comparing with tracked previous values
 					const metricTypeChanged =
@@ -374,7 +365,7 @@ export const useQueryOperations: UseQueryOperations = ({
 
 						// Handled query with unknown metric to avoid 400 and 500 errors
 						// With metric value typed and not available then - time - 'avg', space - 'avg'
-						// If not typed - time - 'rate', space - 'sum', op - 'count'
+						// If not typed - time - 'avg', space - 'sum'
 						if (isEmpty(newQuery.aggregateAttribute?.type)) {
 							if (!isEmpty(newQuery.aggregateAttribute?.key)) {
 								newQuery.aggregations = [
@@ -388,7 +379,7 @@ export const useQueryOperations: UseQueryOperations = ({
 							} else {
 								newQuery.aggregations = [
 									{
-										timeAggregation: MetricAggregateOperator.COUNT,
+										timeAggregation: MetricAggregateOperator.AVG,
 										metricName: newQuery.aggregateAttribute?.key || '',
 										temporality: '',
 										spaceAggregation: MetricAggregateOperator.SUM,
@@ -408,6 +399,29 @@ export const useQueryOperations: UseQueryOperations = ({
 							];
 						}
 					}
+
+					// Override with safe defaults when metric type is unknown to avoid 400/500 errors
+					if (isEmpty(newQuery.aggregateAttribute?.type)) {
+						if (!isEmpty(newQuery.aggregateAttribute?.key)) {
+							newQuery.aggregations = [
+								{
+									timeAggregation: MetricAggregateOperator.AVG,
+									metricName: newQuery.aggregateAttribute?.key || '',
+									temporality: '',
+									spaceAggregation: MetricAggregateOperator.AVG,
+								},
+							];
+						} else {
+							newQuery.aggregations = [
+								{
+									timeAggregation: MetricAggregateOperator.AVG,
+									metricName: newQuery.aggregateAttribute?.key || '',
+									temporality: '',
+									spaceAggregation: MetricAggregateOperator.SUM,
+								},
+							];
+						}
+					}
 				}
 			}
 

frontend/src/hooks/useAuthZ/permissions.type.ts

@@ -0,0 +1,23 @@
+// AUTO GENERATED FILE - DO NOT EDIT - GENERATED BY scripts/generate-permissions-type
+export default {
+	status: 'success',
+	data: {
+		resources: [
+			{
+				name: 'dashboard',
+				type: 'metaresource',
+			},
+			{
+				name: 'dashboards',
+				type: 'metaresources',
+			},
+		],
+		relations: {
+			create: ['metaresources'],
+			delete: ['user', 'role', 'organization', 'metaresource'],
+			list: ['metaresources'],
+			read: ['user', 'role', 'organization', 'metaresource'],
+			update: ['user', 'role', 'organization', 'metaresource'],
+		},
+	},
+} as const;

frontend/src/hooks/useAuthZ/types.ts

@@ -0,0 +1,57 @@
+import permissionsType from './permissions.type';
+import { ObjectSeparator } from './utils';
+
+type PermissionsData = typeof permissionsType.data;
+export type Resource = PermissionsData['resources'][number];
+export type ResourceName = Resource['name'];
+export type ResourceType = Resource['type'];
+
+type RelationsByType = PermissionsData['relations'];
+
+type ResourceTypeMap = {
+	[K in ResourceName]: Extract<Resource, { name: K }>['type'];
+};
+
+type RelationName = keyof RelationsByType;
+
+type ResourcesForRelation<R extends RelationName> = Extract<
+	Resource,
+	{ type: RelationsByType[R][number] }
+>['name'];
+
+type IsPluralResource<
+	R extends ResourceName
+> = ResourceTypeMap[R] extends 'metaresources' ? true : false;
+
+type ObjectForResource<R extends ResourceName> = R extends infer U
+	? U extends ResourceName
+		? IsPluralResource<U> extends true
+			? U
+			: `${U}${typeof ObjectSeparator}${string}`
+		: never
+	: never;
+
+type RelationToObject<R extends RelationName> = ObjectForResource<
+	ResourcesForRelation<R>
+>;
+
+type AllRelations = RelationName;
+
+export type AuthZRelation = AllRelations;
+export type AuthZResource = ResourceName;
+export type AuthZObject<R extends AuthZRelation> = RelationToObject<R>;
+
+export type BrandedPermission = string & { __brandedPermission: true };
+
+export type AuthZCheckResponse = Record<
+	BrandedPermission,
+	{
+		isGranted: boolean;
+	}
+>;
+
+export type UseAuthZResult = {
+	isLoading: boolean;
+	error: Error | null;
+	permissions: AuthZCheckResponse | null;
+};

frontend/src/hooks/useAuthZ/useAuthZ.test.tsx

@@ -0,0 +1,496 @@
+import { ReactElement } from 'react';
+import { renderHook, waitFor } from '@testing-library/react';
+import {
+	AuthtypesGettableTransactionDTO,
+	AuthtypesTransactionDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { ENVIRONMENT } from 'constants/env';
+import { server } from 'mocks-server/server';
+import { rest } from 'msw';
+import { AllTheProviders } from 'tests/test-utils';
+
+import { BrandedPermission } from './types';
+import { useAuthZ } from './useAuthZ';
+import { buildPermission } from './utils';
+
+const BASE_URL = ENVIRONMENT.baseURL || '';
+const AUTHZ_CHECK_URL = `${BASE_URL}/api/v1/authz/check`;
+
+function authzMockResponse(
+	payload: AuthtypesTransactionDTO[],
+	authorizedByIndex: boolean[],
+): { data: AuthtypesGettableTransactionDTO[]; status: string } {
+	return {
+		data: payload.map((txn, i) => ({
+			relation: txn.relation,
+			object: txn.object,
+			authorized: authorizedByIndex[i] ?? false,
+		})),
+		status: 'success',
+	};
+}
+
+const wrapper = ({ children }: { children: ReactElement }): ReactElement => (
+	<AllTheProviders>{children}</AllTheProviders>
+);
+
+describe('useAuthZ', () => {
+	it('should fetch and return permissions successfully', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+
+		const expectedResponse = {
+			[permission1]: {
+				isGranted: true,
+			},
+			[permission2]: {
+				isGranted: false,
+			},
+		};
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [true, false])),
+				);
+			}),
+		);
+
+		const { result } = renderHook(() => useAuthZ([permission1, permission2]), {
+			wrapper,
+		});
+
+		expect(result.current.isLoading).toBe(true);
+		expect(result.current.permissions).toBeNull();
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(result.current.error).toBeNull();
+		expect(result.current.permissions).toEqual(expectedResponse);
+	});
+
+	it('should handle API errors', async () => {
+		const permission = buildPermission('read', 'dashboard:*');
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(500), ctx.json({ error: 'Internal Server Error' }));
+			}),
+		);
+
+		const { result } = renderHook(() => useAuthZ([permission]), {
+			wrapper,
+		});
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(result.current.error).not.toBeNull();
+		expect(result.current.permissions).toBeNull();
+	});
+
+	it('should refetch when permissions array changes', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+		const permission3 = buildPermission('delete', 'dashboard:456');
+
+		let requestCount = 0;
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = await req.json();
+
+				if (payload.length === 1) {
+					return res(ctx.status(200), ctx.json(authzMockResponse(payload, [true])));
+				}
+
+				const authorized = payload.map(
+					(txn: { relation: string }) =>
+						txn.relation === 'read' || txn.relation === 'delete',
+				);
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, authorized)),
+				);
+			}),
+		);
+
+		const { result, rerender } = renderHook<
+			ReturnType<typeof useAuthZ>,
+			BrandedPermission[]
+		>((permissions) => useAuthZ(permissions), {
+			wrapper,
+			initialProps: [permission1],
+		});
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(requestCount).toBe(1);
+		expect(result.current.permissions).toEqual({
+			[permission1]: {
+				isGranted: true,
+			},
+		});
+
+		rerender([permission1, permission2, permission3]);
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(requestCount).toBe(2);
+		expect(result.current.permissions).toEqual({
+			[permission1]: {
+				isGranted: true,
+			},
+			[permission2]: {
+				isGranted: false,
+			},
+			[permission3]: {
+				isGranted: true,
+			},
+		});
+	});
+
+	it('should not refetch when permissions array order changes but content is the same', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+
+		let requestCount = 0;
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [true, false])),
+				);
+			}),
+		);
+
+		const { result, rerender } = renderHook<
+			ReturnType<typeof useAuthZ>,
+			BrandedPermission[]
+		>((permissions) => useAuthZ(permissions), {
+			wrapper,
+			initialProps: [permission1, permission2],
+		});
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(requestCount).toBe(1);
+
+		rerender([permission2, permission1]);
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(requestCount).toBe(1);
+	});
+
+	it('should handle empty permissions array', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_req, res, ctx) => {
+				return res(ctx.status(200), ctx.json({ data: [], status: 'success' }));
+			}),
+		);
+
+		const { result } = renderHook(() => useAuthZ([]), {
+			wrapper,
+		});
+
+		expect(result.current.isLoading).toBe(false);
+		expect(result.current.error).toBeNull();
+		expect(result.current.permissions).toEqual({});
+	});
+
+	it('should send correct payload format to API', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+
+		let receivedPayload: any = null;
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				receivedPayload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(receivedPayload, [true, false])),
+				);
+			}),
+		);
+
+		const { result } = renderHook(() => useAuthZ([permission1, permission2]), {
+			wrapper,
+		});
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(receivedPayload).toHaveLength(2);
+		expect(receivedPayload[0]).toMatchObject({
+			relation: 'read',
+			object: {
+				resource: { name: 'dashboard', type: 'metaresource' },
+				selector: '*',
+			},
+		});
+		expect(receivedPayload[1]).toMatchObject({
+			relation: 'update',
+			object: {
+				resource: { name: 'dashboard', type: 'metaresource' },
+				selector: '123',
+			},
+		});
+	});
+
+	it('should batch multiple hooks into single flight request', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+		const permission3 = buildPermission('delete', 'dashboard:456');
+
+		let requestCount = 0;
+		const receivedPayloads: any[] = [];
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = await req.json();
+				receivedPayloads.push(payload);
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [true, false, true])),
+				);
+			}),
+		);
+
+		const { result: result1 } = renderHook(() => useAuthZ([permission1]), {
+			wrapper,
+		});
+
+		const { result: result2 } = renderHook(() => useAuthZ([permission2]), {
+			wrapper,
+		});
+
+		const { result: result3 } = renderHook(() => useAuthZ([permission3]), {
+			wrapper,
+		});
+
+		await waitFor(
+			() => {
+				expect(result1.current.isLoading).toBe(false);
+				expect(result2.current.isLoading).toBe(false);
+				expect(result3.current.isLoading).toBe(false);
+			},
+			{ timeout: 200 },
+		);
+
+		expect(requestCount).toBe(1);
+		expect(receivedPayloads).toHaveLength(1);
+		expect(receivedPayloads[0]).toHaveLength(3);
+		expect(receivedPayloads[0][0]).toMatchObject({
+			relation: 'read',
+			object: {
+				resource: { name: 'dashboard', type: 'metaresource' },
+				selector: '*',
+			},
+		});
+		expect(receivedPayloads[0][1]).toMatchObject({
+			relation: 'update',
+			object: { resource: { name: 'dashboard' }, selector: '123' },
+		});
+		expect(receivedPayloads[0][2]).toMatchObject({
+			relation: 'delete',
+			object: { resource: { name: 'dashboard' }, selector: '456' },
+		});
+
+		expect(result1.current.permissions).toEqual({
+			[permission1]: { isGranted: true },
+		});
+		expect(result2.current.permissions).toEqual({
+			[permission2]: { isGranted: false },
+		});
+		expect(result3.current.permissions).toEqual({
+			[permission3]: { isGranted: true },
+		});
+	});
+
+	it('should create separate batches for calls after single flight window', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+		const permission3 = buildPermission('delete', 'dashboard:456');
+
+		let requestCount = 0;
+		const receivedPayloads: any[] = [];
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = await req.json();
+				receivedPayloads.push(payload);
+				const authorized = payload.length === 1 ? [true] : [false, true];
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, authorized)),
+				);
+			}),
+		);
+
+		const { result: result1 } = renderHook(() => useAuthZ([permission1]), {
+			wrapper,
+		});
+
+		await waitFor(
+			() => {
+				expect(result1.current.isLoading).toBe(false);
+			},
+			{ timeout: 200 },
+		);
+
+		expect(requestCount).toBe(1);
+		expect(receivedPayloads[0]).toHaveLength(1);
+
+		await new Promise((resolve) => setTimeout(resolve, 100));
+
+		const { result: result2 } = renderHook(() => useAuthZ([permission2]), {
+			wrapper,
+		});
+
+		const { result: result3 } = renderHook(() => useAuthZ([permission3]), {
+			wrapper,
+		});
+
+		await waitFor(
+			() => {
+				expect(result2.current.isLoading).toBe(false);
+				expect(result3.current.isLoading).toBe(false);
+			},
+			{ timeout: 200 },
+		);
+
+		expect(requestCount).toBe(2);
+		expect(receivedPayloads).toHaveLength(2);
+		expect(receivedPayloads[1]).toHaveLength(2);
+		expect(receivedPayloads[1][0]).toMatchObject({
+			relation: 'update',
+			object: { resource: { name: 'dashboard' }, selector: '123' },
+		});
+		expect(receivedPayloads[1][1]).toMatchObject({
+			relation: 'delete',
+			object: { resource: { name: 'dashboard' }, selector: '456' },
+		});
+	});
+
+	it('should map permissions correctly when API returns response out of order', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+		const permission3 = buildPermission('delete', 'dashboard:456');
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				const reversed = [...payload].reverse();
+				const authorizedByReversed = [true, false, true];
+				return res(
+					ctx.status(200),
+					ctx.json({
+						data: reversed.map((txn: any, i: number) => ({
+							relation: txn.relation,
+							object: txn.object,
+							authorized: authorizedByReversed[i],
+						})),
+						status: 'success',
+					}),
+				);
+			}),
+		);
+
+		const { result } = renderHook(
+			() => useAuthZ([permission1, permission2, permission3]),
+			{ wrapper },
+		);
+
+		await waitFor(() => {
+			expect(result.current.isLoading).toBe(false);
+		});
+
+		expect(result.current.permissions).toEqual({
+			[permission1]: { isGranted: true },
+			[permission2]: { isGranted: false },
+			[permission3]: { isGranted: true },
+		});
+	});
+
+	it('should not leak state between separate batches', async () => {
+		const permission1 = buildPermission('read', 'dashboard:*');
+		const permission2 = buildPermission('update', 'dashboard:123');
+
+		let requestCount = 0;
+
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				requestCount++;
+				const payload = await req.json();
+				const authorized = payload.map(
+					(txn: { relation: string }) => txn.relation === 'read',
+				);
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, authorized)),
+				);
+			}),
+		);
+
+		const { result: result1 } = renderHook(() => useAuthZ([permission1]), {
+			wrapper,
+		});
+
+		await waitFor(
+			() => {
+				expect(result1.current.isLoading).toBe(false);
+			},
+			{ timeout: 200 },
+		);
+
+		expect(requestCount).toBe(1);
+		expect(result1.current.permissions).toEqual({
+			[permission1]: { isGranted: true },
+		});
+
+		await new Promise((resolve) => setTimeout(resolve, 100));
+
+		const { result: result2 } = renderHook(() => useAuthZ([permission2]), {
+			wrapper,
+		});
+
+		await waitFor(
+			() => {
+				expect(result2.current.isLoading).toBe(false);
+			},
+			{ timeout: 200 },
+		);
+
+		expect(requestCount).toBe(2);
+		expect(result1.current.permissions).toEqual({
+			[permission1]: { isGranted: true },
+		});
+		expect(result2.current.permissions).toEqual({
+			[permission2]: { isGranted: false },
+		});
+		expect(result1.current.permissions).not.toHaveProperty(permission2);
+		expect(result2.current.permissions).not.toHaveProperty(permission1);
+	});
+});

frontend/src/hooks/useAuthZ/useAuthZ.tsx

@@ -0,0 +1,129 @@
+import { useMemo } from 'react';
+import { useQueries } from 'react-query';
+import { authzCheck } from 'api/generated/services/authz';
+import type {
+	AuthtypesObjectDTO,
+	AuthtypesTransactionDTO,
+} from 'api/generated/services/sigNoz.schemas';
+
+import { AuthZCheckResponse, BrandedPermission, UseAuthZResult } from './types';
+import {
+	gettableTransactionToPermission,
+	permissionToTransactionDto,
+} from './utils';
+
+let ctx: Promise<AuthZCheckResponse> | null;
+let pendingPermissions: BrandedPermission[] = [];
+const SINGLE_FLIGHT_WAIT_TIME_MS = 50;
+const AUTHZ_CACHE_TIME = 20_000;
+
+function dispatchPermission(
+	permission: BrandedPermission,
+): Promise<AuthZCheckResponse> {
+	pendingPermissions.push(permission);
+
+	if (!ctx) {
+		let resolve: (v: AuthZCheckResponse) => void, reject: (reason?: any) => void;
+		ctx = new Promise<AuthZCheckResponse>((r, re) => {
+			resolve = r;
+			reject = re;
+		});
+
+		setTimeout(() => {
+			const copiedPermissions = pendingPermissions.slice();
+			pendingPermissions = [];
+			ctx = null;
+
+			fetchManyPermissions(copiedPermissions).then(resolve).catch(reject);
+		}, SINGLE_FLIGHT_WAIT_TIME_MS);
+	}
+
+	return ctx;
+}
+
+async function fetchManyPermissions(
+	permissions: BrandedPermission[],
+): Promise<AuthZCheckResponse> {
+	const payload: AuthtypesTransactionDTO[] = permissions.map((permission) => {
+		const dto = permissionToTransactionDto(permission);
+		const object: AuthtypesObjectDTO = {
+			resource: {
+				name: dto.object.resource.name,
+				type: dto.object.resource.type,
+			},
+			selector: dto.object.selector,
+		};
+		return { relation: dto.relation, object };
+	});
+
+	const { data } = await authzCheck(payload);
+
+	const fromApi = (data ?? []).reduce<AuthZCheckResponse>((acc, item) => {
+		const permission = gettableTransactionToPermission(item);
+		acc[permission] = { isGranted: !!item.authorized };
+		return acc;
+	}, {} as AuthZCheckResponse);
+
+	return permissions.reduce<AuthZCheckResponse>((acc, permission) => {
+		acc[permission] = fromApi[permission] ?? { isGranted: false };
+		return acc;
+	}, {} as AuthZCheckResponse);
+}
+
+export function useAuthZ(permissions: BrandedPermission[]): UseAuthZResult {
+	const queryResults = useQueries(
+		permissions.map((permission) => {
+			return {
+				queryKey: ['authz', permission],
+				cacheTime: AUTHZ_CACHE_TIME,
+				refetchOnMount: false,
+				refetchIntervalInBackground: false,
+				refetchOnWindowFocus: false,
+				refetchOnReconnect: true,
+				queryFn: async (): Promise<AuthZCheckResponse> => {
+					const response = await dispatchPermission(permission);
+
+					return {
+						[permission]: {
+							isGranted: response[permission].isGranted,
+						},
+					};
+				},
+			};
+		}),
+	);
+
+	const isLoading = useMemo(() => queryResults.some((q) => q.isLoading), [
+		queryResults,
+	]);
+	const error = useMemo(
+		() =>
+			!isLoading
+				? (queryResults.find((q) => !!q.error)?.error as Error) || null
+				: null,
+		[isLoading, queryResults],
+	);
+	const data = useMemo(() => {
+		if (isLoading || error) {
+			return null;
+		}
+
+		return queryResults.reduce((acc, q) => {
+			if (!q.data) {
+				return acc;
+			}
+
+			for (const [key, value] of Object.entries(q.data)) {
+				acc[key as BrandedPermission] = value;
+			}
+
+			return acc;
+		}, {} as AuthZCheckResponse);
+	}, [isLoading, error, queryResults]);
+
+	return {
+		isLoading,
+		error,
+		permissions: data ?? null,
+	};
+}

frontend/src/hooks/useAuthZ/utils.ts

@@ -0,0 +1,85 @@
+import { AuthtypesTransactionDTO } from '../../api/generated/services/sigNoz.schemas';
+import permissionsType from './permissions.type';
+import {
+	AuthZObject,
+	AuthZRelation,
+	AuthZResource,
+	BrandedPermission,
+	ResourceName,
+	ResourceType,
+} from './types';
+
+export const PermissionSeparator = '||__||';
+export const ObjectSeparator = ':';
+
+export function buildPermission<R extends AuthZRelation>(
+	relation: R,
+	object: AuthZObject<R>,
+): BrandedPermission {
+	return `${relation}${PermissionSeparator}${object}` as BrandedPermission;
+}
+
+export function buildObjectString(
+	resource: AuthZResource,
+	objectId: string,
+): `${AuthZResource}${typeof ObjectSeparator}${string}` {
+	return `${resource}${ObjectSeparator}${objectId}` as const;
+}
+
+export function parsePermission(
+	permission: BrandedPermission,
+): {
+	relation: AuthZRelation;
+	object: string;
+} {
+	const [relation, object] = permission.split(PermissionSeparator);
+	return { relation: relation as AuthZRelation, object };
+}
+
+const resourceNameToType = permissionsType.data.resources.reduce((acc, r) => {
+	acc[r.name] = r.type;
+	return acc;
+}, {} as Record<ResourceName, ResourceType>);
+
+export function permissionToTransactionDto(
+	permission: BrandedPermission,
+): AuthtypesTransactionDTO {
+	const { relation, object: objectStr } = parsePermission(permission);
+	const directType = resourceNameToType[objectStr as ResourceName];
+	if (directType === 'metaresources') {
+		return {
+			relation,
+			object: {
+				resource: { name: objectStr, type: directType },
+				selector: '*',
+			},
+		};
+	}
+	const [resourceName, selector] = objectStr.split(ObjectSeparator);
+	const type =
+		resourceNameToType[resourceName as ResourceName] ?? 'metaresource';
+
+	return {
+		relation,
+		object: {
+			resource: { name: resourceName, type },
+			selector: selector || '*',
+		},
+	};
+}
+
+export function gettableTransactionToPermission(
+	item: AuthtypesTransactionDTO,
+): BrandedPermission {
+	const {
+		relation,
+		object: { resource, selector },
+	} = item;
+	const resourceName = String(resource.name);
+	const selectorStr = typeof selector === 'string' ? selector : '*';
+	const objectStr =
+		resource.type === 'metaresources'
+			? resourceName
+			: `${resourceName}${ObjectSeparator}${selectorStr}`;
+	return `${relation}${PermissionSeparator}${objectStr}` as BrandedPermission;
+}

frontend/src/hooks/useHandleExplorerTabChange.ts

@@ -20,6 +20,7 @@ export const useHandleExplorerTabChange = (): {
 		type: string,
 		querySearchParameters?: ICurrentQueryData,
 		redirectToUrl?: typeof ROUTES[keyof typeof ROUTES],
+		newTab?: boolean,
 	) => void;
 } => {
 	const {
@@ -63,6 +64,7 @@ export const useHandleExplorerTabChange = (): {
 			type: string,
 			currentQueryData?: ICurrentQueryData,
 			redirectToUrl?: typeof ROUTES[keyof typeof ROUTES],
+			newTab?: boolean,
 		) => {
 			const newPanelType = type as PANEL_TYPES;
 
@@ -81,13 +83,21 @@ export const useHandleExplorerTabChange = (): {
 						[QueryParams.viewKey]: currentQueryData?.id || viewKey,
 					},
 					redirectToUrl,
+					undefined,
+					newTab,
 				);
 			} else {
-				redirectWithQueryBuilderData(query, {
-					[QueryParams.panelTypes]: newPanelType,
-					[QueryParams.viewName]: currentQueryData?.name || viewName,
-					[QueryParams.viewKey]: currentQueryData?.id || viewKey,
-				});
+				redirectWithQueryBuilderData(
+					query,
+					{
+						[QueryParams.panelTypes]: newPanelType,
+						[QueryParams.viewName]: currentQueryData?.name || viewName,
+						[QueryParams.viewKey]: currentQueryData?.id || viewKey,
+					},
+					undefined,
+					undefined,
+					newTab,
+				);
 			}
 		},
 		[panelType, getUpdateQuery, redirectWithQueryBuilderData, viewName, viewKey],

frontend/src/lib/newQueryBuilder/queryBuilderMappers/__tests__/mapQueryDataFromApiInputs.ts

@@ -54,7 +54,7 @@ export const stepIntervalUnchanged = {
 					{
 						metricName: '',
 						temporality: '',
-						timeAggregation: 'count',
+						timeAggregation: 'avg',
 						spaceAggregation: 'sum',
 						reduceTo: ReduceOperators.AVG,
 					},
@@ -177,7 +177,7 @@ export const replaceVariables = {
 					{
 						metricName: '',
 						temporality: '',
-						timeAggregation: 'count',
+						timeAggregation: 'avg',
 						spaceAggregation: 'sum',
 						reduceTo: ReduceOperators.AVG,
 					},
@@ -267,7 +267,7 @@ export const defaultOutput = {
 						reduceTo: ReduceOperators.AVG,
 						spaceAggregation: 'sum',
 						temporality: '',
-						timeAggregation: 'count',
+						timeAggregation: 'avg',
 					},
 				],
 				filter: { expression: '' },
@@ -392,7 +392,7 @@ export const outputWithFunctions = {
 					{
 						metricName: '',
 						temporality: '',
-						timeAggregation: 'count',
+						timeAggregation: 'avg',
 						spaceAggregation: 'sum',
 						reduceTo: ReduceOperators.AVG,
 					},
@@ -429,7 +429,7 @@ export const outputWithFunctions = {
 					{
 						metricName: '',
 						temporality: '',
-						timeAggregation: 'count',
+						timeAggregation: 'avg',
 						spaceAggregation: 'sum',
 						reduceTo: ReduceOperators.AVG,
 					},

frontend/src/lib/uPlotV2/plugins/TooltipPlugin/TooltipPlugin.tsx

@@ -8,6 +8,7 @@ import {
 	createSetCursorHandler,
 	createSetLegendHandler,
 	createSetSeriesHandler,
+	getPlot,
 	isScrollEventInPlot,
 	updatePlotVisibility,
 	updateWindowSize,
@@ -53,7 +54,7 @@ export default function TooltipPlugin({
 	const [viewState, setState] = useState<TooltipViewState>(
 		createInitialViewState,
 	);
-	const { plot, isHovering, isPinned, contents, style } = viewState;
+	const { hasPlot, isHovering, isPinned, contents, style } = viewState;
 
 	/**
 	 * Merge a partial view update into the current React state.
@@ -72,12 +73,25 @@ export default function TooltipPlugin({
 		layoutRef.current?.observer.disconnect();
 		layoutRef.current = createLayoutObserver(layoutRef);
 
+		/**
+		 * Plot lifecycle and GC: viewState uses hasPlot (boolean), not the plot
+		 * reference; clearPlotReferences runs in cleanup so
+		 * detached canvases can be garbage collected.
+		 */
 		// Controller holds the mutable interaction state for this tooltip
 		// instance. It is intentionally *not* React state so uPlot hooks
 		// and DOM listeners can update it freely without triggering a
 		// render on every mouse move.
 		const controller: TooltipControllerState = createInitialControllerState();
 
+		/**
+		 * Clear plot references so detached canvases can be garbage collected.
+		 */
+		const clearPlotReferences = (): void => {
+			controller.plot = null;
+			updateState({ hasPlot: false });
+		};
+
 		const syncTooltipWithDashboard = syncMode === DashboardCursorSync.Tooltip;
 
 		// Enable uPlot's built-in cursor sync when requested so that
@@ -110,9 +124,10 @@ export default function TooltipPlugin({
 		// Lock uPlot's internal cursor when the tooltip is pinned so
 		// subsequent mouse moves do not move the crosshair.
 		function updateCursorLock(): void {
-			if (controller.plot) {
+			const plot = getPlot(controller);
+			if (plot) {
 				// @ts-ignore uPlot cursor lock is not working as expected
-				controller.plot.cursor._lock = controller.pinned;
+				plot.cursor._lock = controller.pinned;
 			}
 		}
 
@@ -142,8 +157,9 @@ export default function TooltipPlugin({
 			const isPinnedBeforeDismiss = controller.pinned;
 			controller.pinned = false;
 			controller.hoverActive = false;
-			if (controller.plot) {
-				controller.plot.setCursor({ left: -10, top: -10 });
+			const plot = getPlot(controller);
+			if (plot) {
+				plot.setCursor({ left: -10, top: -10 });
 			}
 			scheduleRender(isPinnedBeforeDismiss);
 		}
@@ -151,11 +167,12 @@ export default function TooltipPlugin({
 		// Build the React node to be rendered inside the tooltip by
 		// delegating to the caller-provided `render` function.
 		function createTooltipContents(): React.ReactNode {
-			if (!controller.hoverActive || !controller.plot) {
+			const plot = getPlot(controller);
+			if (!controller.hoverActive || !plot) {
 				return null;
 			}
 			return renderRef.current({
-				uPlotInstance: controller.plot,
+				uPlotInstance: plot,
 				dataIndexes: controller.seriesIndexes,
 				seriesIndex: controller.focusedSeriesIndex,
 				isPinned: controller.pinned,
@@ -240,9 +257,13 @@ export default function TooltipPlugin({
 
 		// When pinning is enabled, a click on the plot overlay while
 		// hovering converts the transient tooltip into a pinned one.
-		const handleUPlotOverClick = (u: uPlot, event: MouseEvent): void => {
+		// Uses getPlot(controller) to avoid closing over u (plot), which
+		// would retain the plot and detached canvases across unmounts.
+		const handleUPlotOverClick = (event: MouseEvent): void => {
+			const plot = getPlot(controller);
 			if (
-				event.target === u.over &&
+				plot &&
+				event.target === plot.over &&
 				controller.hoverActive &&
 				!controller.pinned &&
 				controller.focusedSeriesIndex != null
@@ -260,10 +281,9 @@ export default function TooltipPlugin({
 		// on the controller and optionally attach the pinning handler.
 		const handleInit = (u: uPlot): void => {
 			controller.plot = u;
-			updateState({ plot: u });
+			updateState({ hasPlot: true });
 			if (canPinTooltip) {
-				overClickHandler = (event: MouseEvent): void =>
-					handleUPlotOverClick(u, event);
+				overClickHandler = handleUPlotOverClick;
 				u.over.addEventListener('click', overClickHandler);
 			}
 		};
@@ -299,7 +319,6 @@ export default function TooltipPlugin({
 		const handleSetCursor = createSetCursorHandler(ctx);
 
 		handleWindowResize();
-
 		const removeReadyHook = config.addHook('ready', (): void =>
 			updatePlotVisibility(controller),
 		);
@@ -325,16 +344,20 @@ export default function TooltipPlugin({
 			removeSetSeriesHook();
 			removeSetLegendHook();
 			removeSetCursorHook();
-			if (controller.plot && overClickHandler) {
-				controller.plot.over.removeEventListener('click', overClickHandler);
+			if (overClickHandler) {
+				const plot = getPlot(controller);
+				if (plot) {
+					plot.over.removeEventListener('click', overClickHandler);
+				}
 				overClickHandler = null;
 			}
+			clearPlotReferences();
 		};
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, [config]);
 
 	useLayoutEffect((): void => {
-		if (!plot || !layoutRef.current) {
+		if (!hasPlot || !layoutRef.current) {
 			return;
 		}
 		const layout = layoutRef.current;
@@ -349,9 +372,9 @@ export default function TooltipPlugin({
 			layout.width = 0;
 			layout.height = 0;
 		}
-	}, [isHovering, plot]);
+	}, [isHovering, hasPlot]);
 
-	if (!plot) {
+	if (!hasPlot) {
 		return null;
 	}
 

frontend/src/lib/uPlotV2/plugins/TooltipPlugin/tooltipController.ts

@@ -10,6 +10,11 @@ import {
 
 const WINDOW_OFFSET = 16;
 
+/** Get the plot instance from the controller; returns null if never set or cleared. */
+export function getPlot(controller: TooltipControllerState): uPlot | null {
+	return controller.plot ?? null;
+}
+
 export function createInitialControllerState(): TooltipControllerState {
 	return {
 		plot: null,
@@ -46,12 +51,13 @@ export function updateWindowSize(controller: TooltipControllerState): void {
  * This is used to decide if a synced tooltip should be shown at all.
  */
 export function updatePlotVisibility(controller: TooltipControllerState): void {
-	if (!controller.plot) {
+	const plot = getPlot(controller);
+	if (!plot) {
 		controller.plotWithinViewport = false;
 		return;
 	}
 	controller.plotWithinViewport = isPlotInViewport(
-		controller.plot.rect,
+		plot.rect,
 		controller.windowWidth,
 		controller.windowHeight,
 	);
@@ -66,10 +72,11 @@ export function isScrollEventInPlot(
 	event: Event,
 	controller: TooltipControllerState,
 ): boolean {
+	const plot = getPlot(controller);
 	return (
 		event.target instanceof Node &&
-		controller.plot !== null &&
-		event.target.contains(controller.plot.root)
+		plot !== null &&
+		event.target.contains(plot.root)
 	);
 }
 
@@ -165,11 +172,12 @@ export function createSetLegendHandler(
 ): (u: uPlot) => void {
 	return (u: uPlot): void => {
 		const { controller } = ctx;
-		if (!controller.plot?.cursor?.idxs) {
+		const plot = getPlot(controller);
+		if (!plot?.cursor?.idxs) {
 			return;
 		}
 
-		const newSeriesIndexes = controller.plot.cursor.idxs.slice();
+		const newSeriesIndexes = plot.cursor.idxs.slice();
 		const isAnySeriesActive = newSeriesIndexes.some((v, i) => i > 0 && v != null);
 
 		const previousCursorDrivenBySync = controller.cursorDrivenBySync;

frontend/src/lib/uPlotV2/plugins/TooltipPlugin/types.ts

@@ -18,7 +18,8 @@ export enum DashboardCursorSync {
 }
 
 export interface TooltipViewState {
-	plot?: uPlot | null;
+	/** Whether a plot instance exists; plot reference is in controller, not state. */
+	hasPlot?: boolean;
 	style: Partial<CSSProperties>;
 	isHovering: boolean;
 	isPinned: boolean;

frontend/src/lib/uPlotV2/plugins/TooltipPlugin/utils.ts

@@ -123,7 +123,7 @@ export function createInitialViewState(): TooltipViewState {
 		isHovering: false,
 		isPinned: false,
 		contents: null,
-		plot: null,
+		hasPlot: false,
 		dismiss: (): void => {},
 	};
 }

frontend/src/providers/QueryBuilder.tsx

@@ -947,6 +947,7 @@ export function QueryBuilderProvider({
 			searchParams?: Record<string, unknown>,
 			redirectingUrl?: typeof ROUTES[keyof typeof ROUTES],
 			shouldNotStringify?: boolean,
+			newTab?: boolean,
 		) => {
 			const queryType =
 				!query.queryType || !Object.values(EQueryType).includes(query.queryType)
@@ -1013,7 +1014,7 @@ export function QueryBuilderProvider({
 				? `${redirectingUrl}?${urlQuery}`
 				: `${location.pathname}?${urlQuery}`;
 
-			safeNavigate(generatedUrl);
+			safeNavigate(generatedUrl, { newTab });
 		},
 		[location.pathname, safeNavigate, urlQuery],
 	);

frontend/src/types/common/operations.types.ts

@@ -72,7 +72,6 @@ export type UseQueryOperations = (
 	handleChangeAggregatorAttribute: (
 		value: BaseAutocompleteData,
 		isEditMode?: boolean,
-		attributeKeys?: BaseAutocompleteData[],
 	) => void;
 	handleChangeDataSource: (newSource: DataSource) => void;
 	handleDeleteQuery: () => void;

frontend/src/types/common/queryBuilder.ts

@@ -278,6 +278,7 @@ export type QueryBuilderContextType = {
 		searchParams?: Record<string, unknown>,
 		redirectToUrl?: typeof ROUTES[keyof typeof ROUTES],
 		shallStringify?: boolean,
+		newTab?: boolean,
 	) => void;
 	handleRunQuery: () => void;
 	resetQuery: (newCurrentQuery?: QueryState) => void;

frontend/yarn.lock

@@ -6205,10 +6205,10 @@
     "@types/history" "^4.7.11"
     "@types/react" "*"
 
-"@types/react-syntax-highlighter@15.5.7":
-  version "15.5.7"
-  resolved "https://registry.yarnpkg.com/@types/react-syntax-highlighter/-/react-syntax-highlighter-15.5.7.tgz#bd29020ccb118543d88779848f99059b64b02d0f"
-  integrity sha512-bo5fEO5toQeyCp0zVHBeggclqf5SQ/Z5blfFmjwO5dkMVGPgmiwZsJh9nu/Bo5L7IHTuGWrja6LxJVE2uB5ZrQ==
+"@types/react-syntax-highlighter@15.5.13":
+  version "15.5.13"
+  resolved "https://registry.yarnpkg.com/@types/react-syntax-highlighter/-/react-syntax-highlighter-15.5.13.tgz#c5baf62a3219b3bf28d39cfea55d0a49a263d1f2"
+  integrity sha512-uLGJ87j6Sz8UaBAooU0T6lWJ0dBmjZgN1PZTrj05TNql2/XpC6+4HhMT5syIdFUUt+FASfCeLLv4kBygNU+8qA==
   dependencies:
     "@types/react" "*"
 

go.mod

@@ -1,51 +1,51 @@
 module github.com/SigNoz/signoz
 
-go 1.24.0
+go 1.25.0
 
 require (
-	dario.cat/mergo v1.0.1
+	dario.cat/mergo v1.0.2
 	github.com/AfterShip/clickhouse-sql-parser v0.4.16
 	github.com/ClickHouse/clickhouse-go/v2 v2.40.1
 	github.com/DATA-DOG/go-sqlmock v1.5.2
 	github.com/SigNoz/govaluate v0.0.0-20240203125216-988004ccc7fd
-	github.com/SigNoz/signoz-otel-collector v0.129.10-rc.9
+	github.com/SigNoz/signoz-otel-collector v0.144.2
 	github.com/antlr4-go/antlr/v4 v4.13.1
 	github.com/antonmedv/expr v1.15.3
 	github.com/bytedance/sonic v1.14.1
 	github.com/cespare/xxhash/v2 v2.3.0
-	github.com/coreos/go-oidc/v3 v3.14.1
+	github.com/coreos/go-oidc/v3 v3.17.0
 	github.com/dgraph-io/ristretto/v2 v2.3.0
 	github.com/dustin/go-humanize v1.0.1
 	github.com/gin-gonic/gin v1.11.0
 	github.com/go-co-op/gocron v1.30.1
-	github.com/go-openapi/runtime v0.28.0
-	github.com/go-openapi/strfmt v0.23.0
+	github.com/go-openapi/runtime v0.29.2
+	github.com/go-openapi/strfmt v0.25.0
 	github.com/go-redis/redismock/v9 v9.2.0
-	github.com/go-viper/mapstructure/v2 v2.4.0
+	github.com/go-viper/mapstructure/v2 v2.5.0
 	github.com/gojek/heimdall/v7 v7.0.3
-	github.com/golang-jwt/jwt/v5 v5.3.0
+	github.com/golang-jwt/jwt/v5 v5.3.1
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/mux v1.8.1
 	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674
 	github.com/huandu/go-sqlbuilder v1.35.0
 	github.com/jackc/pgx/v5 v5.7.6
-	github.com/json-iterator/go v1.1.12
+	github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12
 	github.com/knadh/koanf v1.5.0
-	github.com/knadh/koanf/v2 v2.2.0
-	github.com/mailru/easyjson v0.7.7
-	github.com/open-telemetry/opamp-go v0.19.0
-	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza v0.128.0
+	github.com/knadh/koanf/v2 v2.3.2
+	github.com/mailru/easyjson v0.9.0
+	github.com/open-telemetry/opamp-go v0.22.0
+	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza v0.144.0
 	github.com/openfga/api/proto v0.0.0-20250909172242-b4b2a12f5c67
 	github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20250428093642-7aeebe78bbfe
 	github.com/opentracing/opentracing-go v1.2.0
 	github.com/pkg/errors v0.9.1
-	github.com/prometheus/alertmanager v0.28.1
+	github.com/prometheus/alertmanager v0.31.0
 	github.com/prometheus/client_golang v1.23.2
-	github.com/prometheus/common v0.66.1
-	github.com/prometheus/prometheus v0.304.1
+	github.com/prometheus/common v0.67.5
+	github.com/prometheus/prometheus v0.310.0
 	github.com/redis/go-redis/extra/redisotel/v9 v9.15.1
-	github.com/redis/go-redis/v9 v9.15.1
+	github.com/redis/go-redis/v9 v9.17.2
 	github.com/rs/cors v1.11.1
 	github.com/russellhaering/gosaml2 v0.9.0
 	github.com/russellhaering/goxmldsig v1.2.0
@@ -54,7 +54,7 @@ require (
 	github.com/sethvargo/go-password v0.2.0
 	github.com/smartystreets/goconvey v1.8.1
 	github.com/soheilhy/cmux v0.1.5
-	github.com/spf13/cobra v1.10.1
+	github.com/spf13/cobra v1.10.2
 	github.com/srikanthccv/ClickHouse-go-mock v0.13.0
 	github.com/stretchr/testify v1.11.1
 	github.com/swaggest/jsonschema-go v0.3.78
@@ -64,43 +64,71 @@ require (
 	github.com/uptrace/bun/dialect/pgdialect v1.2.9
 	github.com/uptrace/bun/dialect/sqlitedialect v1.2.9
 	github.com/uptrace/bun/extra/bunotel v1.2.9
-	go.opentelemetry.io/collector/confmap v1.34.0
-	go.opentelemetry.io/collector/otelcol v0.128.0
-	go.opentelemetry.io/collector/pdata v1.34.0
+	go.opentelemetry.io/collector/confmap v1.51.0
+	go.opentelemetry.io/collector/otelcol v0.144.0
+	go.opentelemetry.io/collector/pdata v1.51.0
 	go.opentelemetry.io/contrib/config v0.10.0
 	go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.63.0
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0
-	go.opentelemetry.io/otel v1.38.0
-	go.opentelemetry.io/otel/metric v1.38.0
-	go.opentelemetry.io/otel/sdk v1.38.0
-	go.opentelemetry.io/otel/trace v1.38.0
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0
+	go.opentelemetry.io/otel v1.40.0
+	go.opentelemetry.io/otel/metric v1.40.0
+	go.opentelemetry.io/otel/sdk v1.40.0
+	go.opentelemetry.io/otel/trace v1.40.0
 	go.uber.org/multierr v1.11.0
-	go.uber.org/zap v1.27.0
-	golang.org/x/crypto v0.46.0
-	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
-	golang.org/x/net v0.47.0
-	golang.org/x/oauth2 v0.30.0
+	go.uber.org/zap v1.27.1
+	golang.org/x/crypto v0.47.0
+	golang.org/x/exp v0.0.0-20260112195511-716be5621a96
+	golang.org/x/net v0.49.0
+	golang.org/x/oauth2 v0.34.0
 	golang.org/x/sync v0.19.0
-	golang.org/x/text v0.32.0
-	google.golang.org/protobuf v1.36.9
+	golang.org/x/text v0.33.0
+	google.golang.org/protobuf v1.36.11
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/apimachinery v0.34.0
+	k8s.io/apimachinery v0.35.0
 	modernc.org/sqlite v1.39.1
 )
 
 require (
+	github.com/aws/aws-sdk-go-v2 v1.41.1 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.32.7 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.19.7 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/signin v1.0.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sns v1.39.11 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.30.9 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect
+	github.com/aws/smithy-go v1.24.0 // indirect
 	github.com/bytedance/gopkg v0.1.3 // indirect
 	github.com/bytedance/sonic/loader v0.3.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
+	github.com/go-openapi/swag/cmdutils v0.25.4 // indirect
+	github.com/go-openapi/swag/conv v0.25.4 // indirect
+	github.com/go-openapi/swag/fileutils v0.25.4 // indirect
+	github.com/go-openapi/swag/jsonname v0.25.4 // indirect
+	github.com/go-openapi/swag/jsonutils v0.25.4 // indirect
+	github.com/go-openapi/swag/loading v0.25.4 // indirect
+	github.com/go-openapi/swag/mangling v0.25.4 // indirect
+	github.com/go-openapi/swag/netutils v0.25.4 // indirect
+	github.com/go-openapi/swag/stringutils v0.25.4 // indirect
+	github.com/go-openapi/swag/typeutils v0.25.4 // indirect
+	github.com/go-openapi/swag/yamlutils v0.25.4 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.27.0 // indirect
-	github.com/goccy/go-yaml v1.18.0 // indirect
+	github.com/goccy/go-yaml v1.19.2 // indirect
+	github.com/hashicorp/go-metrics v0.5.4 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/ncruces/go-strftime v0.1.9 // indirect
+	github.com/prometheus/client_golang/exp v0.0.0-20260108101519-fb0838f53562 // indirect
 	github.com/redis/go-redis/extra/rediscmd/v9 v9.15.1 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/swaggest/refl v1.4.0 // indirect
@@ -108,69 +136,70 @@ require (
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.3.0 // indirect
 	github.com/uptrace/opentelemetry-go-extra/otelsql v0.3.2 // indirect
-	go.opentelemetry.io/collector/config/configretry v1.34.0 // indirect
-	go.yaml.in/yaml/v2 v2.4.2 // indirect
+	go.opentelemetry.io/collector/client v1.50.0 // indirect
+	go.opentelemetry.io/collector/config/configoptional v1.50.0 // indirect
+	go.opentelemetry.io/collector/config/configretry v1.50.0 // indirect
+	go.opentelemetry.io/collector/exporter/exporterhelper v0.144.0 // indirect
+	go.opentelemetry.io/collector/internal/componentalias v0.145.0 // indirect
+	go.opentelemetry.io/collector/pdata/xpdata v0.144.0 // indirect
+	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	golang.org/x/arch v0.20.0 // indirect
-	golang.org/x/tools/godoc v0.1.0-deprecated // indirect
 	modernc.org/libc v1.66.10 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
 )
 
 require (
-	cel.dev/expr v0.24.0 // indirect
-	cloud.google.com/go/auth v0.16.1 // indirect
+	cel.dev/expr v0.25.1 // indirect
+	cloud.google.com/go/auth v0.18.1 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
-	cloud.google.com/go/compute/metadata v0.8.2 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect
+	cloud.google.com/go/compute/metadata v0.9.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0 // indirect
 	github.com/ClickHouse/ch-go v0.67.0 // indirect
 	github.com/Masterminds/squirrel v1.5.4 // indirect
 	github.com/Yiling-J/theine-go v0.6.2 // indirect
 	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b // indirect
 	github.com/andybalholm/brotli v1.2.0 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
-	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/aws/aws-sdk-go v1.55.7 // indirect
 	github.com/beevik/etree v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cenkalti/backoff/v5 v5.0.3 // indirect
-	github.com/coder/quartz v0.1.2 // indirect
-	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/coder/quartz v0.3.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.6.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dennwc/varint v1.0.0 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/docker/go-units v0.5.0 // indirect
-	github.com/ebitengine/purego v0.8.4 // indirect
+	github.com/ebitengine/purego v0.9.1 // indirect
 	github.com/edsrzf/mmap-go v1.2.0 // indirect
-	github.com/elastic/lunes v0.1.0 // indirect
+	github.com/elastic/lunes v0.2.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
-	github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
-	github.com/expr-lang/expr v1.17.5
+	github.com/envoyproxy/protoc-gen-validate v1.3.0 // indirect
+	github.com/expr-lang/expr v1.17.7
 	github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/go-faster/city v1.0.1 // indirect
 	github.com/go-faster/errors v0.7.1 // indirect
-	github.com/go-jose/go-jose/v4 v4.1.1 // indirect
+	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
 	github.com/go-logr/logr v1.4.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
-	github.com/go-openapi/analysis v0.23.0 // indirect
-	github.com/go-openapi/errors v0.22.0 // indirect
-	github.com/go-openapi/jsonpointer v0.21.0 // indirect
-	github.com/go-openapi/jsonreference v0.21.0 // indirect
-	github.com/go-openapi/loads v0.22.0 // indirect
-	github.com/go-openapi/spec v0.21.0 // indirect
-	github.com/go-openapi/swag v0.23.0 // indirect
-	github.com/go-openapi/validate v0.24.0 // indirect
+	github.com/go-openapi/analysis v0.24.2 // indirect
+	github.com/go-openapi/errors v0.22.6 // indirect
+	github.com/go-openapi/jsonpointer v0.22.4 // indirect
+	github.com/go-openapi/jsonreference v0.21.4 // indirect
+	github.com/go-openapi/loads v0.23.2 // indirect
+	github.com/go-openapi/spec v0.22.3 // indirect
+	github.com/go-openapi/swag v0.25.4 // indirect
+	github.com/go-openapi/validate v0.25.1 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
-	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/gojek/valkyrie v0.0.0-20180215180059-6aee720afcdf // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
@@ -178,22 +207,22 @@ require (
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/cel-go v0.26.1 // indirect
 	github.com/google/s2a-go v0.1.9 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
-	github.com/googleapis/gax-go/v2 v2.14.2 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.11 // indirect
+	github.com/googleapis/gax-go/v2 v2.16.0 // indirect
 	github.com/gopherjs/gopherjs v1.17.2 // indirect
-	github.com/grafana/regexp v0.0.0-20240518133315-a468a5bfb3bc // indirect
+	github.com/grafana/regexp v0.0.0-20250905093917-f7b3be9d1853 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.2 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.7 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
-	github.com/hashicorp/go-msgpack/v2 v2.1.1 // indirect
+	github.com/hashicorp/go-msgpack/v2 v2.1.5 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-sockaddr v1.0.7 // indirect
-	github.com/hashicorp/go-version v1.7.0 // indirect
+	github.com/hashicorp/go-version v1.8.0 // indirect
 	github.com/hashicorp/golang-lru v1.0.2 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
-	github.com/hashicorp/memberlist v0.5.1 // indirect
+	github.com/hashicorp/memberlist v0.5.4 // indirect
 	github.com/huandu/xstrings v1.4.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
@@ -201,26 +230,25 @@ require (
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jessevdk/go-flags v1.6.1 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
-	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/jonboulle/clockwork v0.5.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/jpillora/backoff v1.0.0 // indirect
 	github.com/jtolds/gls v4.20.0+incompatible // indirect
-	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/compress v1.18.3 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
-	github.com/leodido/go-syslog/v4 v4.2.0 // indirect
+	github.com/leodido/go-syslog/v4 v4.3.0 // indirect
 	github.com/leodido/ragel-machinery v0.0.0-20190525184631-5f46317e436b // indirect
-	github.com/lufia/plan9stats v0.0.0-20250317134145-8bc96cf8fc35 // indirect
+	github.com/lufia/plan9stats v0.0.0-20251013123823-9fd1530e3ec3 // indirect
 	github.com/magefile/mage v1.15.0 // indirect
 	github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
-	github.com/mdlayher/socket v0.4.1 // indirect
+	github.com/mdlayher/socket v0.5.1 // indirect
 	github.com/mdlayher/vsock v1.2.1 // indirect
 	github.com/mfridman/interpolate v0.0.2 // indirect
-	github.com/miekg/dns v1.1.65 // indirect
+	github.com/miekg/dns v1.1.72 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
@@ -229,27 +257,27 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f // indirect
 	github.com/natefinch/wrap v0.2.0 // indirect
-	github.com/oklog/run v1.1.0 // indirect
+	github.com/oklog/run v1.2.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/oklog/ulid/v2 v2.1.1
 	github.com/open-feature/go-sdk v1.17.0
-	github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal v0.128.0 // indirect
-	github.com/open-telemetry/opentelemetry-collector-contrib/internal/exp/metrics v0.128.0 // indirect
-	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/pdatautil v0.128.0 // indirect
-	github.com/open-telemetry/opentelemetry-collector-contrib/processor/deltatocumulativeprocessor v0.128.0 // indirect
+	github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal v0.144.0 // indirect
+	github.com/open-telemetry/opentelemetry-collector-contrib/internal/exp/metrics v0.145.0 // indirect
+	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/pdatautil v0.145.0 // indirect
+	github.com/open-telemetry/opentelemetry-collector-contrib/processor/deltatocumulativeprocessor v0.145.0 // indirect
 	github.com/openfga/openfga v1.10.1
 	github.com/paulmach/orb v0.11.1 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
-	github.com/pierrec/lz4/v4 v4.1.22 // indirect
+	github.com/pierrec/lz4/v4 v4.1.23 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
 	github.com/pressly/goose/v3 v3.25.0 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
-	github.com/prometheus/exporter-toolkit v0.14.0 // indirect
-	github.com/prometheus/otlptranslator v0.0.0-20250320144820-d800c8b0eb07 // indirect
-	github.com/prometheus/procfs v0.16.1 // indirect
-	github.com/prometheus/sigv4 v0.1.2 // indirect
+	github.com/prometheus/exporter-toolkit v0.15.1 // indirect
+	github.com/prometheus/otlptranslator v1.0.0 // indirect
+	github.com/prometheus/procfs v0.19.2 // indirect
+	github.com/prometheus/sigv4 v0.4.1 // indirect
 	github.com/puzpuzpuz/xsync/v3 v3.5.1 // indirect
 	github.com/robfig/cron/v3 v3.0.1 // indirect
 	github.com/sagikazarmark/locafero v0.9.0 // indirect
@@ -257,7 +285,7 @@ require (
 	github.com/segmentio/asm v1.2.0 // indirect
 	github.com/segmentio/backo-go v1.0.1 // indirect
 	github.com/sethvargo/go-retry v0.3.0 // indirect
-	github.com/shirou/gopsutil/v4 v4.25.5 // indirect
+	github.com/shirou/gopsutil/v4 v4.25.12 // indirect
 	github.com/shopspring/decimal v1.4.0 // indirect
 	github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c // indirect
 	github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92 // indirect
@@ -272,94 +300,92 @@ require (
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/swaggest/openapi-go v0.2.60
 	github.com/tidwall/match v1.1.1 // indirect
-	github.com/tidwall/pretty v1.2.0 // indirect
-	github.com/tklauser/go-sysconf v0.3.15 // indirect
-	github.com/tklauser/numcpus v0.10.0 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tklauser/go-sysconf v0.3.16 // indirect
+	github.com/tklauser/numcpus v0.11.0 // indirect
 	github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc // indirect
-	github.com/trivago/tgo v1.0.7 // indirect
-	github.com/valyala/fastjson v1.6.4 // indirect
+	github.com/valyala/fastjson v1.6.7 // indirect
 	github.com/vjeantet/grok v1.0.1 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	github.com/zeebo/xxh3 v1.0.2 // indirect
-	go.mongodb.org/mongo-driver v1.17.1 // indirect
-	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
-	go.opentelemetry.io/collector/component v1.34.0 // indirect
-	go.opentelemetry.io/collector/component/componentstatus v0.128.0 // indirect
-	go.opentelemetry.io/collector/component/componenttest v0.128.0 // indirect
-	go.opentelemetry.io/collector/config/configtelemetry v0.128.0 // indirect
-	go.opentelemetry.io/collector/confmap/provider/envprovider v1.34.0 // indirect
-	go.opentelemetry.io/collector/confmap/provider/fileprovider v1.34.0 // indirect
-	go.opentelemetry.io/collector/confmap/xconfmap v0.128.0 // indirect
-	go.opentelemetry.io/collector/connector v0.128.0 // indirect
-	go.opentelemetry.io/collector/connector/connectortest v0.128.0 // indirect
-	go.opentelemetry.io/collector/connector/xconnector v0.128.0 // indirect
-	go.opentelemetry.io/collector/consumer v1.34.0 // indirect
-	go.opentelemetry.io/collector/consumer/consumererror v0.128.0 // indirect
-	go.opentelemetry.io/collector/consumer/consumertest v0.128.0 // indirect
-	go.opentelemetry.io/collector/consumer/xconsumer v0.128.0 // indirect
-	go.opentelemetry.io/collector/exporter v0.128.0 // indirect
-	go.opentelemetry.io/collector/exporter/exportertest v0.128.0 // indirect
-	go.opentelemetry.io/collector/exporter/xexporter v0.128.0 // indirect
-	go.opentelemetry.io/collector/extension v1.34.0 // indirect
-	go.opentelemetry.io/collector/extension/extensioncapabilities v0.128.0 // indirect
-	go.opentelemetry.io/collector/extension/extensiontest v0.128.0 // indirect
-	go.opentelemetry.io/collector/extension/xextension v0.128.0 // indirect
-	go.opentelemetry.io/collector/featuregate v1.34.0 // indirect
-	go.opentelemetry.io/collector/internal/fanoutconsumer v0.128.0 // indirect
-	go.opentelemetry.io/collector/internal/telemetry v0.128.0 // indirect
-	go.opentelemetry.io/collector/pdata/pprofile v0.128.0 // indirect
-	go.opentelemetry.io/collector/pdata/testdata v0.128.0 // indirect
-	go.opentelemetry.io/collector/pipeline v0.128.0 // indirect
-	go.opentelemetry.io/collector/pipeline/xpipeline v0.128.0 // indirect
-	go.opentelemetry.io/collector/processor v1.34.0 // indirect
-	go.opentelemetry.io/collector/processor/processorhelper v0.128.0 // indirect
-	go.opentelemetry.io/collector/processor/processortest v0.128.0 // indirect
-	go.opentelemetry.io/collector/processor/xprocessor v0.128.0 // indirect
-	go.opentelemetry.io/collector/receiver v1.34.0 // indirect
-	go.opentelemetry.io/collector/receiver/receiverhelper v0.128.0 // indirect
-	go.opentelemetry.io/collector/receiver/receivertest v0.128.0 // indirect
-	go.opentelemetry.io/collector/receiver/xreceiver v0.128.0 // indirect
-	go.opentelemetry.io/collector/semconv v0.128.0
-	go.opentelemetry.io/collector/service v0.128.0 // indirect
-	go.opentelemetry.io/collector/service/hostcapabilities v0.128.0 // indirect
-	go.opentelemetry.io/contrib/bridges/otelzap v0.11.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.60.0 // indirect
-	go.opentelemetry.io/contrib/otelconf v0.16.0 // indirect
-	go.opentelemetry.io/contrib/propagators/b3 v1.36.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.12.2 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.12.2 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.36.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.36.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.36.0 // indirect
-	go.opentelemetry.io/otel/exporters/prometheus v0.58.0
-	go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.12.2 // indirect
-	go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.36.0 // indirect
-	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.38.0 // indirect
-	go.opentelemetry.io/otel/log v0.12.2 // indirect
-	go.opentelemetry.io/otel/sdk/log v0.12.2 // indirect
-	go.opentelemetry.io/otel/sdk/metric v1.38.0
-	go.opentelemetry.io/proto/otlp v1.8.0 // indirect
+	go.mongodb.org/mongo-driver v1.17.6 // indirect
+	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
+	go.opentelemetry.io/collector/component v1.51.0 // indirect
+	go.opentelemetry.io/collector/component/componentstatus v0.145.0 // indirect
+	go.opentelemetry.io/collector/component/componenttest v0.145.0 // indirect
+	go.opentelemetry.io/collector/config/configtelemetry v0.144.0 // indirect
+	go.opentelemetry.io/collector/confmap/provider/envprovider v1.50.0 // indirect
+	go.opentelemetry.io/collector/confmap/provider/fileprovider v1.50.0 // indirect
+	go.opentelemetry.io/collector/confmap/xconfmap v0.145.0 // indirect
+	go.opentelemetry.io/collector/connector v0.144.0 // indirect
+	go.opentelemetry.io/collector/connector/connectortest v0.144.0 // indirect
+	go.opentelemetry.io/collector/connector/xconnector v0.144.0 // indirect
+	go.opentelemetry.io/collector/consumer v1.51.0 // indirect
+	go.opentelemetry.io/collector/consumer/consumererror v0.144.0 // indirect
+	go.opentelemetry.io/collector/consumer/consumertest v0.145.0 // indirect
+	go.opentelemetry.io/collector/consumer/xconsumer v0.145.0 // indirect
+	go.opentelemetry.io/collector/exporter v1.50.0 // indirect
+	go.opentelemetry.io/collector/exporter/exportertest v0.144.0 // indirect
+	go.opentelemetry.io/collector/exporter/xexporter v0.144.0 // indirect
+	go.opentelemetry.io/collector/extension v1.50.0 // indirect
+	go.opentelemetry.io/collector/extension/extensioncapabilities v0.144.0 // indirect
+	go.opentelemetry.io/collector/extension/extensiontest v0.144.0 // indirect
+	go.opentelemetry.io/collector/extension/xextension v0.144.0 // indirect
+	go.opentelemetry.io/collector/featuregate v1.51.0 // indirect
+	go.opentelemetry.io/collector/internal/fanoutconsumer v0.144.0 // indirect
+	go.opentelemetry.io/collector/internal/telemetry v0.144.0 // indirect
+	go.opentelemetry.io/collector/pdata/pprofile v0.145.0 // indirect
+	go.opentelemetry.io/collector/pdata/testdata v0.145.0 // indirect
+	go.opentelemetry.io/collector/pipeline v1.51.0 // indirect
+	go.opentelemetry.io/collector/pipeline/xpipeline v0.144.0 // indirect
+	go.opentelemetry.io/collector/processor v1.51.0 // indirect
+	go.opentelemetry.io/collector/processor/processorhelper v0.144.0 // indirect
+	go.opentelemetry.io/collector/processor/processortest v0.145.0 // indirect
+	go.opentelemetry.io/collector/processor/xprocessor v0.145.0 // indirect
+	go.opentelemetry.io/collector/receiver v1.50.0 // indirect
+	go.opentelemetry.io/collector/receiver/receiverhelper v0.144.0 // indirect
+	go.opentelemetry.io/collector/receiver/receivertest v0.144.0 // indirect
+	go.opentelemetry.io/collector/receiver/xreceiver v0.144.0 // indirect
+	go.opentelemetry.io/collector/semconv v0.128.1-0.20250610090210-188191247685
+	go.opentelemetry.io/collector/service v0.144.0 // indirect
+	go.opentelemetry.io/collector/service/hostcapabilities v0.144.0 // indirect
+	go.opentelemetry.io/contrib/bridges/otelzap v0.13.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.65.0 // indirect
+	go.opentelemetry.io/contrib/otelconf v0.18.0 // indirect
+	go.opentelemetry.io/contrib/propagators/b3 v1.39.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.14.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.14.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.39.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.39.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/prometheus v0.60.0
+	go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.14.0 // indirect
+	go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.39.0 // indirect
+	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.39.0 // indirect
+	go.opentelemetry.io/otel/log v0.15.0 // indirect
+	go.opentelemetry.io/otel/sdk/log v0.14.0 // indirect
+	go.opentelemetry.io/otel/sdk/metric v1.40.0
+	go.opentelemetry.io/proto/otlp v1.9.0 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/mock v0.6.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/mod v0.30.0 // indirect
-	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/time v0.11.0 // indirect
-	golang.org/x/tools v0.39.0 // indirect
-	gonum.org/v1/gonum v0.16.0 // indirect
-	google.golang.org/api v0.236.0
-	google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5 // indirect
-	google.golang.org/grpc v1.75.1 // indirect
+	golang.org/x/mod v0.32.0 // indirect
+	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/time v0.14.0 // indirect
+	golang.org/x/tools v0.41.0 // indirect
+	gonum.org/v1/gonum v0.17.0 // indirect
+	google.golang.org/api v0.265.0
+	google.golang.org/genproto/googleapis/api v0.0.0-20260203192932-546029d2fa20 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 // indirect
+	google.golang.org/grpc v1.78.0 // indirect
 	gopkg.in/telebot.v3 v3.3.8 // indirect
-	k8s.io/client-go v0.34.0 // indirect
+	k8s.io/client-go v0.35.0 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
-	k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect
-	sigs.k8s.io/yaml v1.6.0 // indirect
+	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
 )
 
 replace github.com/expr-lang/expr => github.com/SigNoz/expr v1.17.7-beta

pkg/alertmanager/alertmanagerserver/dispatcher.go

@@ -95,7 +95,7 @@ func (d *Dispatcher) Run() {
 	d.ctx, d.cancel = context.WithCancel(context.Background())
 	d.mtx.Unlock()
 
-	d.run(d.alerts.Subscribe())
+	d.run(d.alerts.Subscribe(fmt.Sprintf("dispatcher-%s", d.orgID)))
 	close(d.done)
 }
 
@@ -107,14 +107,15 @@ func (d *Dispatcher) run(it provider.AlertIterator) {
 
 	for {
 		select {
-		case alert, ok := <-it.Next():
-			if !ok {
+		case alertWrapper, ok := <-it.Next():
+			if !ok || alertWrapper == nil {
 				// Iterator exhausted for some reason.
 				if err := it.Err(); err != nil {
 					d.logger.ErrorContext(d.ctx, "Error on alert update", "err", err)
 				}
 				return
 			}
+			alert := alertWrapper.Data
 
 			d.logger.DebugContext(d.ctx, "SigNoz Custom Dispatcher: Received alert", "alert", alert)
 

pkg/alertmanager/alertmanagerserver/distpatcher_test.go

@@ -365,7 +365,7 @@ route:
 	logger := providerSettings.Logger
 	route := dispatch.NewRoute(conf.Route, nil)
 	marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -496,7 +496,7 @@ route:
 		err := nfManager.SetNotificationConfig(orgId, ruleID, &config)
 		require.NoError(t, err)
 	}
-	err = alerts.Put(inputAlerts...)
+	err = alerts.Put(ctx, inputAlerts...)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -638,7 +638,7 @@ route:
 	logger := providerSettings.Logger
 	route := dispatch.NewRoute(conf.Route, nil)
 	marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -798,7 +798,7 @@ route:
 		err := nfManager.SetNotificationConfig(orgId, ruleID, &config)
 		require.NoError(t, err)
 	}
-	err = alerts.Put(inputAlerts...)
+	err = alerts.Put(ctx, inputAlerts...)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -897,7 +897,7 @@ route:
 	logger := providerSettings.Logger
 	route := dispatch.NewRoute(conf.Route, nil)
 	marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1028,7 +1028,7 @@ route:
 		err := nfManager.SetNotificationConfig(orgId, ruleID, &config)
 		require.NoError(t, err)
 	}
-	err = alerts.Put(inputAlerts...)
+	err = alerts.Put(ctx, inputAlerts...)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1159,7 +1159,7 @@ func newAlert(labels model.LabelSet) *alertmanagertypes.Alert {
 func TestDispatcherRace(t *testing.T) {
 	logger := promslog.NewNopLogger()
 	marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1175,6 +1175,7 @@ func TestDispatcherRace(t *testing.T) {
 }
 
 func TestDispatcherRaceOnFirstAlertNotDeliveredWhenGroupWaitIsZero(t *testing.T) {
+	ctx := context.Background()
 	const numAlerts = 5000
 	confData := `receivers:
 - name: 'slack'
@@ -1194,7 +1195,7 @@ route:
 	providerSettings := createTestProviderSettings()
 	logger := providerSettings.Logger
 	marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1247,7 +1248,7 @@ route:
 	for i := 0; i < numAlerts; i++ {
 		ruleId := fmt.Sprintf("Alert_%d", i)
 		alert := newAlert(model.LabelSet{"ruleId": model.LabelValue(ruleId)})
-		require.NoError(t, alerts.Put(alert))
+		require.NoError(t, alerts.Put(ctx, alert))
 	}
 
 	for deadline := time.Now().Add(5 * time.Second); time.Now().Before(deadline); {
@@ -1265,7 +1266,7 @@ func TestDispatcher_DoMaintenance(t *testing.T) {
 	r := prometheus.NewRegistry()
 	marker := alertmanagertypes.NewMarker(r)
 
-	alerts, err := mem.NewAlerts(context.Background(), marker, time.Minute, nil, promslog.NewNopLogger(), nil)
+	alerts, err := mem.NewAlerts(context.Background(), marker, time.Minute, 0, alertmanagertypes.AlertStoreCallback{}, promslog.NewNopLogger(), prometheus.NewRegistry(), nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1370,7 +1371,7 @@ route:
 			logger := providerSettings.Logger
 			route := dispatch.NewRoute(conf.Route, nil)
 			marker := alertmanagertypes.NewMarker(prometheus.NewRegistry())
-			alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, nil, logger, nil)
+			alerts, err := mem.NewAlerts(context.Background(), marker, time.Hour, 0, alertmanagertypes.AlertStoreCallback{}, logger, prometheus.NewRegistry(), nil)
 			if err != nil {
 				t.Fatal(err)
 			}

pkg/alertmanager/alertmanagerserver/server.go

@@ -190,7 +190,7 @@ func New(ctx context.Context, logger *slog.Logger, registry prometheus.Registere
 		})
 	}()
 
-	server.alerts, err = mem.NewAlerts(ctx, server.marker, server.srvConfig.Alerts.GCInterval, nil, server.logger, signozRegisterer)
+	server.alerts, err = mem.NewAlerts(ctx, server.marker, server.srvConfig.Alerts.GCInterval, 0, alertmanagertypes.AlertStoreCallback{}, server.logger, signozRegisterer, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -203,15 +203,15 @@ func New(ctx context.Context, logger *slog.Logger, registry prometheus.Registere
 
 func (server *Server) GetAlerts(ctx context.Context, params alertmanagertypes.GettableAlertsParams) (alertmanagertypes.GettableAlerts, error) {
 	return alertmanagertypes.NewGettableAlertsFromAlertProvider(server.alerts, server.alertmanagerConfig, server.marker.Status, func(labels model.LabelSet) {
-		server.inhibitor.Mutes(labels)
-		server.silencer.Mutes(labels)
+		server.inhibitor.Mutes(ctx, labels)
+		server.silencer.Mutes(ctx, labels)
 	}, params)
 }
 
 func (server *Server) PutAlerts(ctx context.Context, postableAlerts alertmanagertypes.PostableAlerts) error {
-	alerts, err := alertmanagertypes.NewAlertsFromPostableAlerts(postableAlerts, time.Duration(server.srvConfig.Global.ResolveTimeout), time.Now())
+	alerts, err := alertmanagertypes.NewAlertsFromPostableAlerts(postableAlerts, time.Duration(server.srvConfig.Global.ResolveTimeout), time.Now(), ctx)
 	// Notification sending alert takes precedence over validation errors.
-	if err := server.alerts.Put(alerts...); err != nil {
+	if err := server.alerts.Put(ctx, alerts...); err != nil {
 		return err
 	}
 
@@ -343,6 +343,7 @@ func (server *Server) TestAlert(ctx context.Context, receiversMap map[*alertmana
 		postableAlerts,
 		time.Duration(server.srvConfig.Global.ResolveTimeout),
 		time.Now(),
+		ctx,
 	)
 	if err != nil {
 		return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput,

pkg/alertmanager/alertmanagerserver/server_test.go

@@ -70,7 +70,7 @@ func TestServerTestReceiverTypeWebhook(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: webhookURL},
+				URL:        config.SecretTemplateURL(webhookURL.String()),
 			},
 		},
 	})
@@ -96,7 +96,7 @@ func TestServerPutAlerts(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: &url.URL{Host: "localhost", Path: "/test-receiver"}},
+				URL:        config.SecretTemplateURL("http://localhost/test-receiver"),
 			},
 		},
 	}))
@@ -176,7 +176,7 @@ func TestServerTestAlert(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: webhook1URL},
+				URL:        config.SecretTemplateURL(webhook1URL.String()),
 			},
 		},
 	}))
@@ -186,7 +186,7 @@ func TestServerTestAlert(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: webhook2URL},
+				URL:        config.SecretTemplateURL(webhook2URL.String()),
 			},
 		},
 	}))
@@ -268,7 +268,7 @@ func TestServerTestAlertContinuesOnFailure(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: webhookURL},
+				URL:        config.SecretTemplateURL(webhookURL.String()),
 			},
 		},
 	}))
@@ -278,7 +278,7 @@ func TestServerTestAlertContinuesOnFailure(t *testing.T) {
 		WebhookConfigs: []*config.WebhookConfig{
 			{
 				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				URL:        &config.SecretURL{URL: &url.URL{Scheme: "http", Host: "localhost:1", Path: "/webhook"}},
+				URL:        config.SecretTemplateURL("http://localhost:1/webhook"),
 			},
 		},
 	}))

pkg/apiserver/signozapiserver/provider.go

@@ -18,7 +18,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
-	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
+	"github.com/SigNoz/signoz/pkg/modules/serviceaccount"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -47,9 +47,9 @@ type provider struct {
 	gatewayHandler         gateway.Handler
 	fieldsHandler          fields.Handler
 	authzHandler           authz.Handler
-	rawDataExportHandler   rawdataexport.Handler
 	zeusHandler            zeus.Handler
 	querierHandler         querier.Handler
+	serviceAccountHandler  serviceaccount.Handler
 }
 
 func NewFactory(
@@ -69,9 +69,9 @@ func NewFactory(
 	gatewayHandler gateway.Handler,
 	fieldsHandler fields.Handler,
 	authzHandler authz.Handler,
-	rawDataExportHandler rawdataexport.Handler,
 	zeusHandler zeus.Handler,
 	querierHandler querier.Handler,
+	serviceAccountHandler serviceaccount.Handler,
 ) factory.ProviderFactory[apiserver.APIServer, apiserver.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("signoz"), func(ctx context.Context, providerSettings factory.ProviderSettings, config apiserver.Config) (apiserver.APIServer, error) {
 		return newProvider(
@@ -94,9 +94,9 @@ func NewFactory(
 			gatewayHandler,
 			fieldsHandler,
 			authzHandler,
-			rawDataExportHandler,
 			zeusHandler,
 			querierHandler,
+			serviceAccountHandler,
 		)
 	})
 }
@@ -121,9 +121,9 @@ func newProvider(
 	gatewayHandler gateway.Handler,
 	fieldsHandler fields.Handler,
 	authzHandler authz.Handler,
-	rawDataExportHandler rawdataexport.Handler,
 	zeusHandler zeus.Handler,
 	querierHandler querier.Handler,
+	serviceAccountHandler serviceaccount.Handler,
 ) (apiserver.APIServer, error) {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/apiserver/signozapiserver")
 	router := mux.NewRouter().UseEncodedPath()
@@ -146,9 +146,9 @@ func newProvider(
 		gatewayHandler:         gatewayHandler,
 		fieldsHandler:          fieldsHandler,
 		authzHandler:           authzHandler,
-		rawDataExportHandler:   rawDataExportHandler,
 		zeusHandler:            zeusHandler,
 		querierHandler:         querierHandler,
+		serviceAccountHandler:  serviceAccountHandler,
 	}
 
 	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz)
@@ -221,10 +221,6 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}
 
-	if err := provider.addRawDataExportRoutes(router); err != nil {
-    return err
-  }
-  
 	if err := provider.addZeusRoutes(router); err != nil {
 		return err
 	}
@@ -233,6 +229,10 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}
 
+	if err := provider.addServiceAccountRoutes(router); err != nil {
+		return err
+	}
+
 	return nil
 }
 

pkg/apiserver/signozapiserver/rawDataExport.go

@@ -1,47 +0,0 @@
-package signozapiserver
-
-import (
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/http/handler"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/exporttypes"
-	v5 "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/gorilla/mux"
-)
-
-func (provider *provider) addRawDataExportRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/export_raw_data", handler.New(provider.authZ.ViewAccess(provider.rawDataExportHandler.ExportRawData), handler.OpenAPIDef{
-		ID:                  "HandleExportRawDataGET",
-		Tags:                []string{"logs", "traces"},
-		Summary:             "Export raw data",
-		Description:         "This endpoints allows simple query exporting raw data for traces and logs",
-		RequestQuery:        new(exporttypes.ExportRawDataQueryParams),
-		RequestContentType:  "",
-		Response:            nil,
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-	if err := router.Handle("/api/v1/export_raw_data", handler.New(provider.authZ.ViewAccess(provider.rawDataExportHandler.ExportRawData), handler.OpenAPIDef{
-		ID:                  "HandleExportRawDataPOST",
-		Tags:                []string{"logs", "traces"},
-		Summary:             "Export raw data",
-		Description:         "This endpoints allows complex query exporting raw data for traces and logs",
-		Request:             new(v5.QueryRangeRequest),
-		RequestQuery:        new(exporttypes.ExportRawDataFormatQueryParam),
-		RequestContentType:  "application/json",
-		Response:            nil,
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusBadRequest},
-		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
-	})).Methods(http.MethodPost).GetError(); err != nil {
-		return err
-	}
-
-	return nil
-}

pkg/apiserver/signozapiserver/serviceaccount.go

@@ -0,0 +1,184 @@
+package signozapiserver
+
+import (
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/http/handler"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/serviceaccounttypes"
+	"github.com/gorilla/mux"
+)
+
+func (provider *provider) addServiceAccountRoutes(router *mux.Router) error {
+	if err := router.Handle("/api/v1/service_accounts", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.Create), handler.OpenAPIDef{
+		ID:                  "CreateServiceAccount",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Create service account",
+		Description:         "This endpoint creates a service account",
+		Request:             new(serviceaccounttypes.PostableServiceAccount),
+		RequestContentType:  "",
+		Response:            new(types.Identifiable),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.List), handler.OpenAPIDef{
+		ID:                  "ListServiceAccounts",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "List service accounts",
+		Description:         "This endpoint lists the service accounts for an organisation",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            make([]*serviceaccounttypes.ServiceAccount, 0),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.Get), handler.OpenAPIDef{
+		ID:                  "GetServiceAccount",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Gets a service account",
+		Description:         "This endpoint gets an existing service account",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(serviceaccounttypes.ServiceAccount),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.Update), handler.OpenAPIDef{
+		ID:                  "UpdateServiceAccount",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Updates a service account",
+		Description:         "This endpoint updates an existing service account",
+		Request:             new(serviceaccounttypes.UpdatableServiceAccount),
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}/status", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.UpdateStatus), handler.OpenAPIDef{
+		ID:                  "UpdateServiceAccountStatus",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Updates a service account status",
+		Description:         "This endpoint updates an existing service account status",
+		Request:             new(serviceaccounttypes.UpdatableServiceAccountStatus),
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound, http.StatusBadRequest},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.Delete), handler.OpenAPIDef{
+		ID:                  "DeleteServiceAccount",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Deletes a service account",
+		Description:         "This endpoint deletes an existing service account",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}/keys", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.CreateFactorAPIKey), handler.OpenAPIDef{
+		ID:                  "CreateServiceAccountKey",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Create a service account key",
+		Description:         "This endpoint creates a service account key",
+		Request:             new(serviceaccounttypes.PostableFactorAPIKey),
+		RequestContentType:  "",
+		Response:            new(serviceaccounttypes.GettableFactorAPIKeyWithKey),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusConflict},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}/keys", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.ListFactorAPIKey), handler.OpenAPIDef{
+		ID:                  "ListServiceAccountKeys",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "List service account keys",
+		Description:         "This endpoint lists the service account keys",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            make([]*serviceaccounttypes.FactorAPIKey, 0),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}/keys/{fid}", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.UpdateFactorAPIKey), handler.OpenAPIDef{
+		ID:                  "UpdateServiceAccountKey",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Updates a service account key",
+		Description:         "This endpoint updates an existing service account key",
+		Request:             new(serviceaccounttypes.UpdatableFactorAPIKey),
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/service_accounts/{id}/keys/{fid}", handler.New(provider.authZ.AdminAccess(provider.serviceAccountHandler.RevokeFactorAPIKey), handler.OpenAPIDef{
+		ID:                  "RevokeServiceAccountKey",
+		Tags:                []string{"serviceaccount"},
+		Summary:             "Revoke a service account key",
+		Description:         "This endpoint revokes an existing service account key",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	return nil
+}

pkg/authz/authz.go

@@ -62,14 +62,17 @@ type AuthZ interface {
 	//  Lists all the roles for the organization filtered by name
 	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
 
+	//  Lists all the roles for the organization filtered by ids
+	ListByOrgIDAndIDs(context.Context, valuer.UUID, []valuer.UUID) ([]*roletypes.Role, error)
+
 	// Grants a role to the subject based on role name.
-	Grant(context.Context, valuer.UUID, string, string) error
+	Grant(context.Context, valuer.UUID, []string, string) error
 
 	// Revokes a granted role from the subject based on role name.
-	Revoke(context.Context, valuer.UUID, string, string) error
+	Revoke(context.Context, valuer.UUID, []string, string) error
 
 	// Changes the granted role for the subject based on role name.
-	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
+	ModifyGrant(context.Context, valuer.UUID, []string, []string, string) error
 
 	// Bootstrap the managed roles.
 	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error

pkg/authz/authzstore/sqlauthzstore/store.go

@@ -96,6 +96,39 @@ func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID,
 		return nil, err
 	}
 
+	if len(roles) != len(names) {
+		return nil, store.sqlstore.WrapNotFoundErrf(
+			nil,
+			roletypes.ErrCodeRoleNotFound,
+			"not all roles found for the provided names: %v", names,
+		)
+	}
+
+	return roles, nil
+}
+
+func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.StorableRole, error) {
+	roles := make([]*roletypes.StorableRole, 0)
+	err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(&roles).
+		Where("org_id = ?", orgID).
+		Where("id IN (?)", bun.In(ids)).
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(roles) != len(ids) {
+		return nil, store.sqlstore.WrapNotFoundErrf(
+			nil,
+			roletypes.ErrCodeRoleNotFound,
+			"not all roles found for the provided ids: %v", ids,
+		)
+	}
+
 	return roles, nil
 }
 

pkg/authz/openfgaauthz/provider.go

@@ -114,28 +114,46 @@ func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.
 	return roles, nil
 }
 
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.Role, error) {
+	storableRoles, err := provider.store.ListByOrgIDAndIDs(ctx, orgID, ids)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storable := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+	}
+
+	return roles, nil
+}
+
+func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, names []string, subject string) error {
+	selectors := make([]authtypes.Selector, len(names))
+	for idx, name := range names {
+		selectors[idx] = authtypes.MustNewSelector(authtypes.TypeRole, name)
+	}
+
 	tuples, err := authtypes.TypeableRole.Tuples(
 		subject,
 		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
+		selectors,
 		orgID,
 	)
 	if err != nil {
 		return err
 	}
+
 	return provider.Write(ctx, tuples, nil)
 }
 
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	err := provider.Revoke(ctx, orgID, existingRoleName, subject)
+func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleNames []string, updatedRoleNames []string, subject string) error {
+	err := provider.Revoke(ctx, orgID, existingRoleNames, subject)
 	if err != nil {
 		return err
 	}
 
-	err = provider.Grant(ctx, orgID, updatedRoleName, subject)
+	err = provider.Grant(ctx, orgID, updatedRoleNames, subject)
 	if err != nil {
 		return err
 	}
@@ -143,13 +161,16 @@ func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, ex
 	return nil
 }
 
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, names []string, subject string) error {
+	selectors := make([]authtypes.Selector, len(names))
+	for idx, name := range names {
+		selectors[idx] = authtypes.MustNewSelector(authtypes.TypeRole, name)
+	}
+
 	tuples, err := authtypes.TypeableRole.Tuples(
 		subject,
 		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
+		selectors,
 		orgID,
 	)
 	if err != nil {
@@ -178,7 +199,7 @@ func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID,
 }
 
 func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
+	return provider.Grant(ctx, orgID, []string{roletypes.SigNozAdminRoleName}, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
 }
 
 func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {