Merge branch 'master' of https://github.com/OneUptime/oneuptime into timepkr

- Updated comments in Probe/Config.ts to use block comments for proxy configuration.
- Refactored comments in PortMonitor.ts, SyntheticMonitor.ts, and OnlineCheck.ts to block comments for better readability.
- Adjusted comments in ProbeIngest/API/Monitor.ts and ProbeIngest/API/Probe.ts to block comments for clarity.
- Standardized comments in various data migration scripts to block comments for consistency.
- Modified eslint.config.js to enforce multiline comment style as an error.

.github/instructions/instructions.md

@@ -0,0 +1,17 @@
+---
+applyTo: '**'
+---
+
+# Building and Compiling
+
+If you would like to compile or build any project. Please cd into the directory and run the following command:
+
+```
+npm run compile
+```
+
+Ths will make sure there are no type / syntax errors. 
+
+# Typescript Types.
+
+Please do not use "any" types. Please create proper types where required. 

.github/workflows/build.yml

@@ -19,11 +19,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Accounts/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Accounts/Dockerfile .
 
   docker-build-isolated-vm:
     runs-on: ubuntu-latest
@@ -34,11 +42,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./IsolatedVM/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./IsolatedVM/Dockerfile .
 
   docker-build-home:
     runs-on: ubuntu-latest
@@ -49,11 +65,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Home/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Home/Dockerfile .
 
   docker-build-worker:
     runs-on: ubuntu-latest
@@ -64,11 +88,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Worker/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Worker/Dockerfile .
 
   docker-build-workflow:
     runs-on: ubuntu-latest
@@ -79,11 +111,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Workflow/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Workflow/Dockerfile .
 
   docker-build-api-reference:
     runs-on: ubuntu-latest
@@ -94,11 +134,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./APIReference/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./APIReference/Dockerfile .
 
   docker-build-docs:
     runs-on: ubuntu-latest
@@ -109,11 +157,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Docs/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Docs/Dockerfile .
 
 
   docker-build-otel-collector:
@@ -125,11 +181,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./OTelCollector/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./OTelCollector/Dockerfile .
 
   docker-build-app:
     runs-on: ubuntu-latest
@@ -140,12 +204,20 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./App/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./App/Dockerfile .
 
 
   docker-build-copilot:
@@ -157,11 +229,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Copilot/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Copilot/Dockerfile .
 
   docker-build-e2e:
     runs-on: ubuntu-latest
@@ -172,12 +252,20 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./E2E/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./E2E/Dockerfile .
 
   docker-build-admin-dashboard:
     runs-on: ubuntu-latest
@@ -188,11 +276,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./AdminDashboard/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./AdminDashboard/Dockerfile .
 
   docker-build-dashboard:
     runs-on: ubuntu-latest
@@ -203,27 +299,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./Dashboard/Dockerfile .
-
-  docker-build-haraka:
-    runs-on: ubuntu-latest
-    env:
-      CI_PIPELINE_ID: ${{github.run_number}}
-    steps:
-      - name: Checkout 
-        uses: actions/checkout@v4
-
-      - name: Preinstall 
-        run: npm run prerun
-        
-      # build images
-      - name: build docker image
-        run: sudo docker build -f ./Haraka/Dockerfile .
-
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Dashboard/Dockerfile .
 
   docker-build-probe:
     runs-on: ubuntu-latest
@@ -234,11 +322,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./Probe/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Probe/Dockerfile .
 
   docker-build-probe-ingest:
     runs-on: ubuntu-latest
@@ -249,11 +345,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./ProbeIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./ProbeIngest/Dockerfile .
 
   docker-build-server-monitor-ingest:
     runs-on: ubuntu-latest
@@ -264,11 +368,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./ServerMonitorIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./ServerMonitorIngest/Dockerfile .
 
   docker-build-open-telemetry-ingest:
     runs-on: ubuntu-latest
@@ -279,11 +391,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./OpenTelemetryIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./OpenTelemetryIngest/Dockerfile .
 
   docker-build-incoming-request-ingest:
     runs-on: ubuntu-latest
@@ -294,11 +414,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./IncomingRequestIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./IncomingRequestIngest/Dockerfile .
 
   docker-build-fluent-ingest:
     runs-on: ubuntu-latest
@@ -309,11 +437,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./FluentIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./FluentIngest/Dockerfile .
 
   docker-build-status-page:
     runs-on: ubuntu-latest
@@ -324,11 +460,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./StatusPage/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./StatusPage/Dockerfile .
 
   docker-build-test-server:
     runs-on: ubuntu-latest
@@ -339,8 +483,16 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for mail service
       - name: build docker image
-        run: sudo docker build -f ./TestServer/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./TestServer/Dockerfile .

.github/workflows/compile.yml

@@ -20,7 +20,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Accounts && npm install && npm run compile && npm run dep-check
+      - name: Compile Accounts
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Accounts && npm install && npm run compile && npm run dep-check
 
   compile-isolated-vm:
     runs-on: ubuntu-latest
@@ -32,7 +37,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd IsolatedVM && npm install && npm run compile && npm run dep-check
+      - name: Compile IsolatedVM
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd IsolatedVM && npm install && npm run compile && npm run dep-check
 
   compile-common:
     runs-on: ubuntu-latest
@@ -43,7 +53,12 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: latest
-      - run: cd Common && npm install && npm run compile && npm run dep-check
+      - name: Compile Common
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Common && npm install && npm run compile && npm run dep-check
 
   compile-app:
     runs-on: ubuntu-latest
@@ -55,7 +70,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd App && npm install && npm run compile && npm run dep-check
+      - name: Compile App
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd App && npm install && npm run compile && npm run dep-check
 
   compile-home:
     runs-on: ubuntu-latest
@@ -67,7 +87,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Home && npm install && npm run compile && npm run dep-check
+      - name: Compile Home
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Home && npm install && npm run compile && npm run dep-check
 
   compile-worker:
     runs-on: ubuntu-latest
@@ -79,7 +104,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Worker && npm install && npm run compile && npm run dep-check
+      - name: Compile Worker
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Worker && npm install && npm run compile && npm run dep-check
 
   compile-workflow:
     runs-on: ubuntu-latest
@@ -91,7 +121,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Workflow && npm install && npm run compile && npm run dep-check
+      - name: Compile Workflow
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Workflow && npm install && npm run compile && npm run dep-check
 
   compile-api-reference:
     runs-on: ubuntu-latest
@@ -103,7 +138,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd APIReference && npm install && npm run compile && npm run dep-check
+      - name: Compile API Reference
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd APIReference && npm install && npm run compile && npm run dep-check
 
   compile-docs-reference:
     runs-on: ubuntu-latest
@@ -115,7 +155,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Docs && npm install && npm run compile && npm run dep-check
+      - name: Compile Docs Reference
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Docs && npm install && npm run compile && npm run dep-check
 
   compile-copilot:
     runs-on: ubuntu-latest
@@ -127,7 +172,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Copilot && npm install && npm run compile && npm run dep-check
+      - name: Compile Copilot
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Copilot && npm install && npm run compile && npm run dep-check
 
   compile-nginx:
     runs-on: ubuntu-latest
@@ -140,7 +190,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd Nginx && npm install && npm run compile && npm run dep-check
+      - name: Compile Nginx
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Nginx && npm install && npm run compile && npm run dep-check
 
   compile-infrastructure-agent:
     runs-on: ubuntu-latest
@@ -150,7 +205,12 @@ jobs:
       - uses: actions/checkout@v4
       # Setup Go
       - uses: actions/setup-go@v5
-      - run: cd InfrastructureAgent && go build .
+      - name: Compile Infrastructure Agent
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd InfrastructureAgent && go build .
   
 
   compile-admin-dashboard:
@@ -164,7 +224,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd AdminDashboard && npm install && npm run compile && npm run dep-check
+      - name: Compile Admin Dashboard
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd AdminDashboard && npm install && npm run compile && npm run dep-check
 
   compile-dashboard:
     runs-on: ubuntu-latest
@@ -177,7 +242,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd Dashboard && npm install && npm run compile && npm run dep-check
+      - name: Compile Dashboard
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Dashboard && npm install && npm run compile && npm run dep-check
 
 
   compile-e2e:
@@ -191,7 +261,12 @@ jobs:
           node-version: latest
       - run: sudo apt-get update
       - run: cd Common && npm install
-      - run: cd E2E && npm install && npm run compile && npm run dep-check
+      - name: Compile E2E
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd E2E && npm install && npm run compile && npm run dep-check
 
   compile-probe:
     runs-on: ubuntu-latest
@@ -203,7 +278,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Probe && npm install && npm run compile && npm run dep-check
+      - name: Compile Probe
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Probe && npm install && npm run compile && npm run dep-check
 
   compile-probe-ingest:
     runs-on: ubuntu-latest
@@ -215,7 +295,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd ProbeIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Probe Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd ProbeIngest && npm install && npm run compile && npm run dep-check
 
   compile-server-monitor-ingest:
     runs-on: ubuntu-latest
@@ -227,7 +312,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd ServerMonitorIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Server Monitor Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd ServerMonitorIngest && npm install && npm run compile && npm run dep-check
 
   compile-open-telemetry-ingest:
     runs-on: ubuntu-latest
@@ -239,7 +329,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd OpenTelemetryIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Open Telemetry Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd OpenTelemetryIngest && npm install && npm run compile && npm run dep-check
 
 
   compile-incoming-request-ingest: 
@@ -252,7 +347,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd IncomingRequestIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Incoming Request Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd IncomingRequestIngest && npm install && npm run compile && npm run dep-check
 
   compile-fluent-ingest:
     runs-on: ubuntu-latest
@@ -264,7 +364,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd FluentIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Fluent Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd FluentIngest && npm install && npm run compile && npm run dep-check
   
 
   compile-status-page:
@@ -278,7 +383,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd StatusPage && npm install && npm run compile && npm run dep-check
+      - name: Compile Status Page
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd StatusPage && npm install && npm run compile && npm run dep-check
 
   compile-test-server:
     runs-on: ubuntu-latest
@@ -290,7 +400,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd TestServer && npm install && npm run compile && npm run dep-check
+      - name: Compile Test Server
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd TestServer && npm install && npm run compile && npm run dep-check
 
   compile-mcp:
     runs-on: ubuntu-latest
@@ -302,4 +417,9 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd MCP && npm install && npm run compile && npm run dep-check
+      - name: Compile MCP
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd MCP && npm update @oneuptime/common && npm install && npm run compile && npm run dep-check

.github/workflows/terraform-provider-generation.yml

@@ -77,17 +77,21 @@ jobs:
           ls -la "$PROVIDER_DIR" || true
 
       - name: Test Go build
-        run: |
-          PROVIDER_DIR="./Terraform"
-          if [ -d "$PROVIDER_DIR" ] && [ -f "$PROVIDER_DIR/go.mod" ]; then
-            cd "$PROVIDER_DIR"
-            echo "🔨 Testing Go build..."
-            go mod tidy
-            go build -v ./...
-            echo "✅ Go build successful"
-          else
-            echo "⚠️ Cannot test build - missing go.mod or provider directory"
-          fi
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: |
+            PROVIDER_DIR="./Terraform"
+            if [ -d "$PROVIDER_DIR" ] && [ -f "$PROVIDER_DIR/go.mod" ]; then
+              cd "$PROVIDER_DIR"
+              echo "🔨 Testing Go build..."
+              go mod tidy
+              go build -v ./...
+              echo "✅ Go build successful"
+            else
+              echo "⚠️ Cannot test build - missing go.mod or provider directory"
+            fi
 
       - name: Upload Terraform provider as artifact
         uses: actions/upload-artifact@v4

.gitignore

@@ -86,9 +86,6 @@ Backups/*.tar
 
 .env
 
-Haraka/dkim/keys/private_base64.txt
-Haraka/dkim/keys/public_base64.txt
-
 .eslintcache
 
 HelmChart/Values/*.values.yaml
@@ -129,3 +126,5 @@ terraform-provider-example/**
 MCP/build/
 MCP/.env
 MCP/node_modules 
+Dashboard/public/sw.js
+.claude/settings.local.json

APIReference/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5

APIReference/Service/Authentication.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Retrieve resources documentation
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -16,7 +17,7 @@ export default class ServiceHandler {
 
     // Extract page parameter from request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set default page title and description for the authentication page
     pageTitle = "Authentication";

APIReference/Service/DataType.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -12,9 +13,9 @@ export default class ServiceHandler {
     _req: ExpressRequest,
     res: ExpressResponse,
   ): Promise<void> {
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
-    pageData.selectCode = await LocalCache.getOrSetString(
+    pageData["selectCode"] = await LocalCache.getOrSetString(
       "data-type",
       "select",
       async () => {
@@ -22,7 +23,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.sortCode = await LocalCache.getOrSetString(
+    pageData["sortCode"] = await LocalCache.getOrSetString(
       "data-type",
       "sort",
       async () => {
@@ -30,7 +31,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToCode = await LocalCache.getOrSetString(
+    pageData["equalToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to",
       async () => {
@@ -38,7 +39,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToOrNullCode = await LocalCache.getOrSetString(
+    pageData["equalToOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to-or-null",
       async () => {
@@ -48,7 +49,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanCode = await LocalCache.getOrSetString(
+    pageData["greaterThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than",
       async () => {
@@ -58,7 +59,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than-or-equal",
       async () => {
@@ -68,7 +69,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanCode = await LocalCache.getOrSetString(
+    pageData["lessThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than",
       async () => {
@@ -78,7 +79,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -88,7 +89,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.includesCode = await LocalCache.getOrSetString(
+    pageData["includesCode"] = await LocalCache.getOrSetString(
       "data-type",
       "includes",
       async () => {
@@ -98,7 +99,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -108,7 +109,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -118,7 +119,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.isNullCode = await LocalCache.getOrSetString(
+    pageData["isNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "is-null",
       async () => {
@@ -126,7 +127,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notNullCode = await LocalCache.getOrSetString(
+    pageData["notNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-null",
       async () => {
@@ -134,7 +135,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notEqualToCode = await LocalCache.getOrSetString(
+    pageData["notEqualToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-equals",
       async () => {

APIReference/Service/Errors.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -17,7 +18,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set the default page title and description
     pageTitle = "Errors";

APIReference/Service/Introduction.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Get all resources and featured resources from ResourceUtil
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -20,10 +21,10 @@ export default class ServiceHandler {
 
     // Get the requested page from the URL parameters
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set featured resources for the page
-    pageData.featuredResources = FeaturedResources;
+    pageData["featuredResources"] = FeaturedResources;
 
     // Set page title and description
     pageTitle = "Introduction";

APIReference/Service/Model.ts

@@ -3,7 +3,10 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import PageNotFoundServiceHandler from "./PageNotFound";
 import { AppApiRoute } from "Common/ServiceRoute";
 import { ColumnAccessControl } from "Common/Types/BaseDatabase/AccessControl";
-import { getTableColumns } from "Common/Types/Database/TableColumn";
+import {
+  getTableColumns,
+  TableColumnMetadata,
+} from "Common/Types/Database/TableColumn";
 import Dictionary from "Common/Types/Dictionary";
 import ObjectID from "Common/Types/ObjectID";
 import Permission, {
@@ -33,7 +36,7 @@ export default class ServiceHandler {
     let pageTitle: string = "";
     let pageDescription: string = "";
     let page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Check if page is provided
     if (!page) {
@@ -56,7 +59,9 @@ export default class ServiceHandler {
     page = "model";
 
     // Get table columns for current resource
-    const tableColumns: any = getTableColumns(currentResource.model);
+    const tableColumns: Dictionary<TableColumnMetadata> = getTableColumns(
+      currentResource.model,
+    );
 
     // Filter out columns with no access
     for (const key in tableColumns) {
@@ -77,12 +82,14 @@ export default class ServiceHandler {
         continue;
       }
 
-      if (tableColumns[key].hideColumnInDocumentation) {
+      if (tableColumns[key] && tableColumns[key]!.hideColumnInDocumentation) {
         delete tableColumns[key];
         continue;
       }
 
-      tableColumns[key].permissions = accessControl;
+      if (tableColumns[key]) {
+        (tableColumns[key] as any).permissions = accessControl;
+      }
     }
 
     // Remove unnecessary columns
@@ -92,11 +99,11 @@ export default class ServiceHandler {
     delete tableColumns["version"];
 
     // Set page data
-    pageData.title = currentResource.model.singularName;
-    pageData.description = currentResource.model.tableDescription;
-    pageData.columns = tableColumns;
+    pageData["title"] = currentResource.model.singularName;
+    pageData["description"] = currentResource.model.tableDescription;
+    pageData["columns"] = tableColumns;
 
-    pageData.tablePermissions = {
+    pageData["tablePermissions"] = {
       read: currentResource.model.readRecordPermissions.map(
         (permission: Permission) => {
           return PermissionDictionary[permission];
@@ -120,7 +127,7 @@ export default class ServiceHandler {
     };
 
     // Cache the list request data
-    pageData.listRequest = await LocalCache.getOrSetString(
+    pageData["listRequest"] = await LocalCache.getOrSetString(
       "model",
       "list-request",
       async () => {
@@ -130,7 +137,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item request data
-    pageData.itemRequest = await LocalCache.getOrSetString(
+    pageData["itemRequest"] = await LocalCache.getOrSetString(
       "model",
       "item-request",
       async () => {
@@ -140,7 +147,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item response data
-    pageData.itemResponse = await LocalCache.getOrSetString(
+    pageData["itemResponse"] = await LocalCache.getOrSetString(
       "model",
       "item-response",
       async () => {
@@ -152,7 +159,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count request data
-    pageData.countRequest = await LocalCache.getOrSetString(
+    pageData["countRequest"] = await LocalCache.getOrSetString(
       "model",
       "count-request",
       async () => {
@@ -164,7 +171,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count response data
-    pageData.countResponse = await LocalCache.getOrSetString(
+    pageData["countResponse"] = await LocalCache.getOrSetString(
       "model",
       "count-response",
       async () => {
@@ -175,7 +182,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateRequest = await LocalCache.getOrSetString(
+    pageData["updateRequest"] = await LocalCache.getOrSetString(
       "model",
       "update-request",
       async () => {
@@ -186,7 +193,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateResponse = await LocalCache.getOrSetString(
+    pageData["updateResponse"] = await LocalCache.getOrSetString(
       "model",
       "update-response",
       async () => {
@@ -197,7 +204,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createRequest = await LocalCache.getOrSetString(
+    pageData["createRequest"] = await LocalCache.getOrSetString(
       "model",
       "create-request",
       async () => {
@@ -208,7 +215,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createResponse = await LocalCache.getOrSetString(
+    pageData["createResponse"] = await LocalCache.getOrSetString(
       "model",
       "create-response",
       async () => {
@@ -219,7 +226,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteRequest = await LocalCache.getOrSetString(
+    pageData["deleteRequest"] = await LocalCache.getOrSetString(
       "model",
       "delete-request",
       async () => {
@@ -230,7 +237,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteResponse = await LocalCache.getOrSetString(
+    pageData["deleteResponse"] = await LocalCache.getOrSetString(
       "model",
       "delete-response",
       async () => {
@@ -242,7 +249,7 @@ export default class ServiceHandler {
     );
 
     // Get list response from cache or set it if it's not available
-    pageData.listResponse = await LocalCache.getOrSetString(
+    pageData["listResponse"] = await LocalCache.getOrSetString(
       "model",
       "list-response",
       async () => {
@@ -254,14 +261,15 @@ export default class ServiceHandler {
     );
 
     // Generate a unique ID for the example object
-    pageData.exampleObjectID = ObjectID.generate();
+    pageData["exampleObjectID"] = ObjectID.generate();
 
     // Construct the API path for the current resource
-    pageData.apiPath =
+    pageData["apiPath"] =
       AppApiRoute.toString() + currentResource.model.crudApiPath?.toString();
 
     // Check if the current resource is a master admin API
-    pageData.isMasterAdminApiDocs = currentResource.model.isMasterAdminApiDocs;
+    pageData["isMasterAdminApiDocs"] =
+      currentResource.model.isMasterAdminApiDocs;
 
     // Render the index page with the required data
     return res.render(`${ViewsPath}/pages/index`, {

APIReference/Service/OpenAPI.ts

@@ -7,6 +7,7 @@ import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import URL from "Common/Types/API/URL";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -22,7 +23,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {
+    const pageData: Dictionary<unknown> = {
       hostUrl: new URL(HttpProtocol, Host).toString(),
     };
 

APIReference/Service/Pagination.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources(); // Get all resources from ResourceUtil
 
@@ -15,14 +16,14 @@ export default class ServiceHandler {
     let pageTitle: string = ""; // Initialize page title
     let pageDescription: string = ""; // Initialize page description
     const page: string | undefined = req.params["page"]; // Get the page parameter from the request
-    const pageData: any = {}; // Initialize page data object
+    const pageData: Dictionary<unknown> = {}; // Initialize page data object
 
     // Set page title and description
     pageTitle = "Pagination";
     pageDescription = "Learn how to paginate requests with OneUptime API";
 
     // Get response and request code from LocalCache or LocalFile
-    pageData.responseCode = await LocalCache.getOrSetString(
+    pageData["responseCode"] = await LocalCache.getOrSetString(
       "pagination",
       "response",
       async () => {
@@ -33,7 +34,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.requestCode = await LocalCache.getOrSetString(
+    pageData["requestCode"] = await LocalCache.getOrSetString(
       "pagination",
       "request",
       async () => {

APIReference/Service/Permissions.ts

@@ -3,6 +3,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { PermissionHelper, PermissionProps } from "Common/Types/Permission";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -17,14 +18,14 @@ export default class ServiceHandler {
 
     // Get the requested page
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set page title and description
     pageTitle = "Permissions";
     pageDescription = "Learn how permissions work with OneUptime";
 
     // Filter permissions to only include those assignable to tenants
-    pageData.permissions = PermissionHelper.getAllPermissionProps().filter(
+    pageData["permissions"] = PermissionHelper.getAllPermissionProps().filter(
       (i: PermissionProps) => {
         return i.isAssignableToTenant;
       },

APIReference/nodemon.json

@@ -1,8 +1,14 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
-    "exec": "node --inspect=0.0.0.0:9229 --require ts-node/register Index.ts"
+    "watchOptions": {"useFsEvents": false, "interval": 500},
+    "env": {"TS_NODE_TRANSPILE_ONLY": "1", "TS_NODE_FILES": "false"},
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

APIReference/package-lock.json

@@ -55,6 +55,7 @@
         "@types/react-highlight": "^0.12.8",
         "@types/react-syntax-highlighter": "^15.5.13",
         "@types/uuid": "^8.3.4",
+        "@types/web-push": "^3.6.4",
         "acme-client": "^5.3.0",
         "airtable": "^0.12.2",
         "axios": "^1.7.2",
@@ -65,6 +66,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",
@@ -74,7 +76,6 @@
         "json5": "^2.2.3",
         "jsonwebtoken": "^9.0.0",
         "jwt-decode": "^4.0.0",
-        "lodash": "^4.17.21",
         "marked": "^12.0.2",
         "moment": "^2.30.1",
         "moment-timezone": "^0.5.45",
@@ -118,6 +119,7 @@
         "universal-cookie": "^7.2.1",
         "use-async-effect": "^2.2.6",
         "uuid": "^8.3.2",
+        "web-push": "^3.6.7",
         "zod": "^3.25.30"
       },
       "devDependencies": {
@@ -132,7 +134,6 @@
         "@types/jest": "^28.1.4",
         "@types/json2csv": "^5.0.3",
         "@types/jsonwebtoken": "^8.5.9",
-        "@types/lodash": "^4.14.202",
         "@types/node": "^17.0.45",
         "@types/node-cron": "^3.0.7",
         "@types/nodemailer": "^6.4.7",

APIReference/views/partials/head.ejs

@@ -135,7 +135,6 @@
    <link rel="apple-touch-icon-precomposed" href="/img/ou-wb.svg">
    <link rel="icon" href="/img/ou-wb.svg">
    <link rel="image_src" type="image/png" href="/img/hou-wb.svg">
-   <link rel="canonical" href="/">
    <link rel="manifest" href="/manifest.json">
    <meta property="og:title" content="OneUptime - One Complete Observability platform.">
    <meta property="og:url" content="https://oneuptime.com">

Accounts/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5

Accounts/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

Accounts/package-lock.json

@@ -59,6 +59,7 @@
                 "@types/react-highlight": "^0.12.8",
                 "@types/react-syntax-highlighter": "^15.5.13",
                 "@types/uuid": "^8.3.4",
+                "@types/web-push": "^3.6.4",
                 "acme-client": "^5.3.0",
                 "airtable": "^0.12.2",
                 "axios": "^1.7.2",
@@ -69,6 +70,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",
@@ -78,7 +80,6 @@
                 "json5": "^2.2.3",
                 "jsonwebtoken": "^9.0.0",
                 "jwt-decode": "^4.0.0",
-                "lodash": "^4.17.21",
                 "marked": "^12.0.2",
                 "moment": "^2.30.1",
                 "moment-timezone": "^0.5.45",
@@ -122,6 +123,7 @@
                 "universal-cookie": "^7.2.1",
                 "use-async-effect": "^2.2.6",
                 "uuid": "^8.3.2",
+                "web-push": "^3.6.7",
                 "zod": "^3.25.30"
             },
             "devDependencies": {
@@ -136,7 +138,6 @@
                 "@types/jest": "^28.1.4",
                 "@types/json2csv": "^5.0.3",
                 "@types/jsonwebtoken": "^8.5.9",
-                "@types/lodash": "^4.14.202",
                 "@types/node": "^17.0.45",
                 "@types/node-cron": "^3.0.7",
                 "@types/nodemailer": "^6.4.7",

Accounts/src/Pages/Login.tsx

@@ -1,6 +1,8 @@
 import {
   LOGIN_API_URL,
-  VERIFY_TWO_FACTOR_AUTH_API_URL,
+  VERIFY_TOTP_AUTH_API_URL,
+  GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+  VERIFY_WEBAUTHN_AUTH_API_URL,
 } from "../Utils/ApiPaths";
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
@@ -12,17 +14,20 @@ import { DASHBOARD_URL } from "Common/UI/Config";
 import OneUptimeLogo from "Common/UI/Images/logos/OneUptimeSVG/3-transparent.svg";
 import UiAnalytics from "Common/UI/Utils/Analytics";
 import LoginUtil from "Common/UI/Utils/Login";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
 import Navigation from "Common/UI/Utils/Navigation";
 import UserUtil from "Common/UI/Utils/User";
 import User from "Common/Models/DatabaseModels/User";
 import React from "react";
 import useAsyncEffect from "use-async-effect";
-import StaticModelList from "Common/UI/Components/ModelList/StaticModelList";
 import BasicForm from "Common/UI/Components/Forms/BasicForm";
 import API from "Common/UI/Utils/API/API";
 import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
 import HTTPResponse from "Common/Types/API/HTTPResponse";
+import Base64 from "Common/Utils/Base64";
+import ErrorMessage from "Common/UI/Components/ErrorMessage/ErrorMessage";
+import ComponentLoader from "Common/UI/Components/ComponentLoader/ComponentLoader";
 
 const LoginPage: () => JSX.Element = () => {
   const apiUrl: URL = LOGIN_API_URL;
@@ -36,14 +41,32 @@ const LoginPage: () => JSX.Element = () => {
   const [showTwoFactorAuth, setShowTwoFactorAuth] =
     React.useState<boolean>(false);
 
-  const [twoFactorAuthList, setTwoFactorAuthList] = React.useState<
-    UserTwoFactorAuth[]
-  >([]);
+  const [totpAuthList, setTotpAuthList] = React.useState<UserTotpAuth[]>([]);
 
-  const [selectedTwoFactorAuth, setSelectedTwoFactorAuth] = React.useState<
-    UserTwoFactorAuth | undefined
+  const [webAuthnList, setWebAuthnList] = React.useState<UserWebAuthn[]>([]);
+
+  const [selectedTotpAuth, setSelectedTotpAuth] = React.useState<
+    UserTotpAuth | undefined
   >(undefined);
 
+  const [selectedWebAuthn, setSelectedWebAuthn] = React.useState<
+    UserWebAuthn | undefined
+  >(undefined);
+
+  type TwoFactorMethod = {
+    type: "totp" | "webauthn";
+    item: UserTotpAuth | UserWebAuthn;
+  };
+
+  const twoFactorMethods: TwoFactorMethod[] = [
+    ...totpAuthList.map((item: UserTotpAuth) => {
+      return { type: "totp" as const, item };
+    }),
+    ...webAuthnList.map((item: UserWebAuthn) => {
+      return { type: "webauthn" as const, item };
+    }),
+  ];
+
   const [isTwoFactorAuthLoading, setIsTwoFactorAuthLoading] =
     React.useState<boolean>(false);
   const [twofactorAuthError, setTwoFactorAuthError] =
@@ -57,6 +80,96 @@ const LoginPage: () => JSX.Element = () => {
     }
   }, []);
 
+  useAsyncEffect(async () => {
+    if (selectedWebAuthn) {
+      setIsTwoFactorAuthLoading(true);
+      try {
+        const result: HTTPResponse<JSONObject> = await API.post({
+          url: GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+          data: {
+            data: {
+              email: initialValues["email"],
+            },
+          },
+        });
+
+        if (result instanceof HTTPErrorResponse) {
+          throw result;
+        }
+
+        const data: any = result.data as any;
+
+        // Convert base64url strings back to Uint8Array
+        data.options.challenge = Base64.base64UrlToUint8Array(
+          data.options.challenge,
+        );
+        if (data.options.allowCredentials) {
+          data.options.allowCredentials.forEach((cred: any) => {
+            cred.id = Base64.base64UrlToUint8Array(cred.id);
+          });
+        }
+
+        // Use WebAuthn API
+        const credential: PublicKeyCredential =
+          (await navigator.credentials.get({
+            publicKey: data.options,
+          })) as PublicKeyCredential;
+
+        const assertionResponse: AuthenticatorAssertionResponse =
+          credential.response as AuthenticatorAssertionResponse;
+
+        // Verify
+        const verifyResult: HTTPResponse<JSONObject> = await API.post({
+          url: VERIFY_WEBAUTHN_AUTH_API_URL,
+          data: {
+            data: {
+              ...initialValues,
+              challenge: data.challenge,
+              credential: {
+                id: credential.id,
+                rawId: Base64.uint8ArrayToBase64Url(
+                  new Uint8Array(credential.rawId),
+                ),
+                response: {
+                  authenticatorData: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.authenticatorData),
+                  ),
+                  clientDataJSON: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.clientDataJSON),
+                  ),
+                  signature: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.signature),
+                  ),
+                  userHandle: assertionResponse.userHandle
+                    ? Base64.uint8ArrayToBase64Url(
+                        new Uint8Array(assertionResponse.userHandle),
+                      )
+                    : null,
+                },
+                type: credential.type,
+              },
+            },
+          },
+        });
+
+        if (verifyResult instanceof HTTPErrorResponse) {
+          throw verifyResult;
+        }
+
+        const user: User = User.fromJSON(
+          verifyResult.data as JSONObject,
+          User,
+        ) as User;
+        const miscData: JSONObject = {};
+
+        login(user as User, miscData);
+      } catch (error) {
+        setTwoFactorAuthError(API.getFriendlyErrorMessage(error as Error));
+      }
+      setIsTwoFactorAuthLoading(false);
+    }
+  }, [selectedWebAuthn]);
+
   type LoginFunction = (user: User, miscData: JSONObject) => void;
 
   const login: LoginFunction = (user: User, miscData: JSONObject): void => {
@@ -156,16 +269,23 @@ const LoginPage: () => JSX.Element = () => {
               ) => {
                 if (
                   miscData &&
-                  (miscData as JSONObject)["twoFactorAuth"] === true
+                  ((((miscData as JSONObject)["totpAuthList"] as JSONArray)
+                    ?.length || 0) > 0 ||
+                    (((miscData as JSONObject)["webAuthnList"] as JSONArray)
+                      ?.length || 0) > 0)
                 ) {
-                  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-                    UserTwoFactorAuth.fromJSONArray(
-                      (miscData as JSONObject)[
-                        "twoFactorAuthList"
-                      ] as JSONArray,
-                      UserTwoFactorAuth,
+                  const totpAuthList: Array<UserTotpAuth> =
+                    UserTotpAuth.fromJSONArray(
+                      (miscData as JSONObject)["totpAuthList"] as JSONArray,
+                      UserTotpAuth,
                     );
-                  setTwoFactorAuthList(twoFactorAuthList);
+                  const webAuthnList: Array<UserWebAuthn> =
+                    UserWebAuthn.fromJSONArray(
+                      (miscData as JSONObject)["webAuthnList"] as JSONArray,
+                      UserWebAuthn,
+                    );
+                  setTotpAuthList(totpAuthList);
+                  setWebAuthnList(webAuthnList);
                   setShowTwoFactorAuth(true);
                   return;
                 }
@@ -187,19 +307,53 @@ const LoginPage: () => JSX.Element = () => {
             />
           )}
 
-          {showTwoFactorAuth && !selectedTwoFactorAuth && (
-            <StaticModelList<UserTwoFactorAuth>
-              titleField="name"
-              descriptionField=""
-              selectedItems={[]}
-              list={twoFactorAuthList}
-              onClick={(item: UserTwoFactorAuth) => {
-                setSelectedTwoFactorAuth(item);
-              }}
-            />
+          {showTwoFactorAuth && !selectedTotpAuth && !selectedWebAuthn && (
+            <div className="space-y-4">
+              {twoFactorMethods.map(
+                (method: TwoFactorMethod, index: number) => {
+                  return (
+                    <div
+                      key={index}
+                      className="cursor-pointer p-4 border border-gray-300 rounded-lg hover:bg-gray-50"
+                      onClick={() => {
+                        if (method.type === "totp") {
+                          setSelectedTotpAuth(method.item as UserTotpAuth);
+                        } else {
+                          setSelectedWebAuthn(method.item as UserWebAuthn);
+                        }
+                      }}
+                    >
+                      <div className="font-medium">
+                        {(method.item as any).name}
+                      </div>
+                      <div className="text-sm text-gray-500">
+                        {method.type === "totp"
+                          ? "Authenticator App"
+                          : "Security Key"}
+                      </div>
+                    </div>
+                  );
+                },
+              )}
+            </div>
           )}
 
-          {showTwoFactorAuth && selectedTwoFactorAuth && (
+          {showTwoFactorAuth && selectedWebAuthn && (
+            <div className="text-center">
+              <div className="text-lg font-medium mb-4">
+                Authenticating with Security Key
+              </div>
+              <div className="text-sm text-gray-500 mb-4">
+                Please follow the instructions on your security key device.
+              </div>
+              {isTwoFactorAuthLoading && <ComponentLoader />}
+              {twofactorAuthError && (
+                <ErrorMessage message={twofactorAuthError} />
+              )}
+            </div>
+          )}
+
+          {showTwoFactorAuth && selectedTotpAuth && (
             <BasicForm
               id="two-factor-auth-form"
               name="Two Factor Auth"
@@ -225,14 +379,17 @@ const LoginPage: () => JSX.Element = () => {
                 try {
                   const code: string = data["code"] as string;
                   const twoFactorAuthId: string =
-                    selectedTwoFactorAuth.id?.toString() as string;
+                    selectedTotpAuth!.id?.toString() as string;
 
                   const result: HTTPErrorResponse | HTTPResponse<JSONObject> =
-                    await API.post(VERIFY_TWO_FACTOR_AUTH_API_URL, {
+                    await API.post({
+                      url: VERIFY_TOTP_AUTH_API_URL,
                       data: {
-                        ...initialValues,
-                        code: code,
-                        twoFactorAuthId: twoFactorAuthId,
+                        data: {
+                          ...initialValues,
+                          code: code,
+                          twoFactorAuthId: twoFactorAuthId,
+                        },
                       },
                     });
 
@@ -261,7 +418,7 @@ const LoginPage: () => JSX.Element = () => {
           )}
         </div>
         <div className="mt-10 text-center">
-          {!selectedTwoFactorAuth && (
+          {!selectedTotpAuth && !selectedWebAuthn && (
             <div className="text-muted mb-0 text-gray-500">
               Don&apos;t have an account?{" "}
               <Link
@@ -272,11 +429,12 @@ const LoginPage: () => JSX.Element = () => {
               </Link>
             </div>
           )}
-          {selectedTwoFactorAuth ? (
+          {selectedTotpAuth || selectedWebAuthn ? (
             <div className="text-muted mb-0 text-gray-500">
               <Link
                 onClick={() => {
-                  setSelectedTwoFactorAuth(undefined);
+                  setSelectedTotpAuth(undefined);
+                  setSelectedWebAuthn(undefined);
                 }}
                 className="text-indigo-500 hover:text-indigo-900 cursor-pointer"
               >

Accounts/src/Pages/LoginWithSSO.tsx

@@ -42,12 +42,12 @@ const LoginPage: () => JSX.Element = () => {
       try {
         // get sso config by email.
         const listResult: HTTPErrorResponse | HTTPResponse<JSONArray> =
-          await API.get(
-            URL.fromString(apiUrl.toString()).addQueryParam(
+          await API.get({
+            url: URL.fromString(apiUrl.toString()).addQueryParam(
               "email",
               email.toString(),
             ),
-          );
+          });
 
         if (listResult instanceof HTTPErrorResponse) {
           throw listResult;

Accounts/src/Utils/ApiPaths.ts

@@ -1,6 +1,6 @@
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
-import { IDENTITY_URL } from "Common/UI/Config";
+import { IDENTITY_URL, APP_API_URL } from "Common/UI/Config";
 
 export const SIGNUP_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/signup"),
@@ -9,9 +9,17 @@ export const LOGIN_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/login"),
 );
 
-export const VERIFY_TWO_FACTOR_AUTH_API_URL: URL = URL.fromURL(
+export const VERIFY_TOTP_AUTH_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
+  new Route("/verify-totp-auth"),
+);
+
+export const GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL: URL = URL.fromURL(
+  APP_API_URL,
+).addRoute(new Route("/user-webauthn/generate-authentication-options"));
+
+export const VERIFY_WEBAUTHN_AUTH_API_URL: URL = URL.fromURL(
   IDENTITY_URL,
-).addRoute(new Route("/verify-two-factor-auth"));
+).addRoute(new Route("/verify-webauthn-auth"));
 
 export const SERVICE_PROVIDER_LOGIN_URL: URL = URL.fromURL(
   IDENTITY_URL,

AdminDashboard/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5

AdminDashboard/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

AdminDashboard/package-lock.json

@@ -58,6 +58,7 @@
                 "@types/react-highlight": "^0.12.8",
                 "@types/react-syntax-highlighter": "^15.5.13",
                 "@types/uuid": "^8.3.4",
+                "@types/web-push": "^3.6.4",
                 "acme-client": "^5.3.0",
                 "airtable": "^0.12.2",
                 "axios": "^1.7.2",
@@ -68,6 +69,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",
@@ -77,7 +79,6 @@
                 "json5": "^2.2.3",
                 "jsonwebtoken": "^9.0.0",
                 "jwt-decode": "^4.0.0",
-                "lodash": "^4.17.21",
                 "marked": "^12.0.2",
                 "moment": "^2.30.1",
                 "moment-timezone": "^0.5.45",
@@ -121,6 +122,7 @@
                 "universal-cookie": "^7.2.1",
                 "use-async-effect": "^2.2.6",
                 "uuid": "^8.3.2",
+                "web-push": "^3.6.7",
                 "zod": "^3.25.30"
             },
             "devDependencies": {
@@ -135,7 +137,6 @@
                 "@types/jest": "^28.1.4",
                 "@types/json2csv": "^5.0.3",
                 "@types/jsonwebtoken": "^8.5.9",
-                "@types/lodash": "^4.14.202",
                 "@types/node": "^17.0.45",
                 "@types/node-cron": "^3.0.7",
                 "@types/nodemailer": "^6.4.7",

AdminDashboard/src/Components/Footer/Footer.tsx

@@ -54,9 +54,9 @@ const DashboardFooter: () => JSX.Element = () => {
   const fetchAppVersion: (appName: string) => Promise<JSONObject> = async (
     appName: string,
   ): Promise<JSONObject> => {
-    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>(
-      URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
-    );
+    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>({
+      url: URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
+    });
 
     if (response.data) {
       return response.data as JSONObject;

AdminDashboard/src/Pages/Settings/Email/Index.tsx

@@ -21,7 +21,7 @@ import React, { FunctionComponent, ReactElement, useEffect } from "react";
 
 const Settings: FunctionComponent = (): ReactElement => {
   const [emailServerType, setemailServerType] = React.useState<EmailServerType>(
-    EmailServerType.Internal,
+    EmailServerType.CustomSMTP,
   );
 
   const [isLoading, setIsLoading] = React.useState<boolean>(true);
@@ -43,7 +43,7 @@ const Settings: FunctionComponent = (): ReactElement => {
 
     if (globalConfig) {
       setemailServerType(
-        globalConfig.emailServerType || EmailServerType.Internal,
+        globalConfig.emailServerType || EmailServerType.CustomSMTP,
       );
     }
 
@@ -127,7 +127,7 @@ const Settings: FunctionComponent = (): ReactElement => {
       />
 
       <CardModelDetail
-        name="Internal SMTP Settings"
+        name="Email Server Settings"
         cardProps={{
           title: "Email Server Settings",
           description:
@@ -172,7 +172,7 @@ const Settings: FunctionComponent = (): ReactElement => {
           cardProps={{
             title: "Custom Email and SMTP Settings",
             description:
-              "If you have not enabled Internal SMTP server to send emails. Please configure your SMTP server here.",
+              "Please configure your SMTP server here to send emails.",
           }}
           isEditable={true}
           editButtonText="Edit SMTP Config"

App/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5

App/FeatureSet/BaseAPI/Index.ts

@@ -1,5 +1,6 @@
 import BaseAPI from "Common/Server/API/BaseAPI";
 import BaseAnalyticsAPI from "Common/Server/API/BaseAnalyticsAPI";
+import BillingAPI from "Common/Server/API/BillingAPI";
 import BillingInvoiceAPI from "Common/Server/API/BillingInvoiceAPI";
 import BillingPaymentMethodAPI from "Common/Server/API/BillingPaymentMethodAPI";
 import CopilotCodeRepositoryAPI from "Common/Server/API/CopilotCodeRepositoryAPI";
@@ -23,7 +24,8 @@ import WorkspaceNotificationRuleAPI from "Common/Server/API/WorkspaceNotificatio
 import StatusPageDomainAPI from "Common/Server/API/StatusPageDomainAPI";
 import StatusPageSubscriberAPI from "Common/Server/API/StatusPageSubscriberAPI";
 import UserCallAPI from "Common/Server/API/UserCallAPI";
-import UserTwoFactorAuthAPI from "Common/Server/API/UserTwoFactorAuthAPI";
+import UserTotpAuthAPI from "Common/Server/API/UserTotpAuthAPI";
+import UserWebAuthnAPI from "Common/Server/API/UserWebAuthnAPI";
 import MonitorTest from "Common/Models/DatabaseModels/MonitorTest";
 // User Notification methods.
 import UserEmailAPI from "Common/Server/API/UserEmailAPI";
@@ -282,6 +284,9 @@ import ShortLinkService, {
 import SmsLogService, {
   Service as SmsLogServiceType,
 } from "Common/Server/Services/SmsLogService";
+import PushNotificationLogService, {
+  Service as PushNotificationLogServiceType,
+} from "Common/Server/Services/PushNotificationLogService";
 import SpanService, {
   SpanService as SpanServiceType,
 } from "Common/Server/Services/SpanService";
@@ -324,6 +329,9 @@ import TeamMemberService, {
 import TeamPermissionService, {
   Service as TeamPermissionServiceType,
 } from "Common/Server/Services/TeamPermissionService";
+import TeamComplianceSettingService, {
+  TeamComplianceSettingService as TeamComplianceSettingServiceType,
+} from "Common/Server/Services/TeamComplianceSettingService";
 import TeamService, {
   Service as TeamServiceType,
 } from "Common/Server/Services/TeamService";
@@ -379,6 +387,8 @@ import Span from "Common/Models/AnalyticsModels/Span";
 import ApiKey from "Common/Models/DatabaseModels/ApiKey";
 import ApiKeyPermission from "Common/Models/DatabaseModels/ApiKeyPermission";
 import CallLog from "Common/Models/DatabaseModels/CallLog";
+import PushNotificationLog from "Common/Models/DatabaseModels/PushNotificationLog";
+import WorkspaceNotificationLog from "Common/Models/DatabaseModels/WorkspaceNotificationLog";
 import Domain from "Common/Models/DatabaseModels/Domain";
 import EmailLog from "Common/Models/DatabaseModels/EmailLog";
 import EmailVerificationToken from "Common/Models/DatabaseModels/EmailVerificationToken";
@@ -464,6 +474,7 @@ import StatusPageSSO from "Common/Models/DatabaseModels/StatusPageSso";
 import Team from "Common/Models/DatabaseModels/Team";
 import TeamMember from "Common/Models/DatabaseModels/TeamMember";
 import TeamPermission from "Common/Models/DatabaseModels/TeamPermission";
+import TeamComplianceSetting from "Common/Models/DatabaseModels/TeamComplianceSetting";
 import TelemetryService from "Common/Models/DatabaseModels/TelemetryService";
 import TelemetryUsageBilling from "Common/Models/DatabaseModels/TelemetryUsageBilling";
 import User from "Common/Models/DatabaseModels/User";
@@ -480,6 +491,9 @@ import TelemetryAttribute from "Common/Models/AnalyticsModels/TelemetryAttribute
 import ExceptionInstance from "Common/Models/AnalyticsModels/ExceptionInstance";
 import TelemetyException from "Common/Models/DatabaseModels/TelemetryException";
 import CopilotActionTypePriority from "Common/Models/DatabaseModels/CopilotActionTypePriority";
+import WorkspaceNotificationLogService, {
+  Service as WorkspaceNotificationLogServiceType,
+} from "Common/Server/Services/WorkspaceNotificationLogService";
 
 // scheduled maintenance template
 import ScheduledMaintenanceTemplate from "Common/Models/DatabaseModels/ScheduledMaintenanceTemplate";
@@ -513,6 +527,7 @@ import ScheduledMaintenanceFeedService, {
 } from "Common/Server/Services/ScheduledMaintenanceFeedService";
 
 import SlackAPI from "Common/Server/API/SlackAPI";
+import MicrosoftTeamsAPI from "Common/Server/API/MicrosoftTeamsAPI";
 
 import WorkspaceProjectAuthToken from "Common/Models/DatabaseModels/WorkspaceProjectAuthToken";
 import WorkspaceProjectAuthTokenService, {
@@ -530,11 +545,6 @@ import WorkspaceSettingService, {
   Service as WorkspaceSettingServiceType,
 } from "Common/Server/Services/WorkspaceSettingService";
 
-import ProjectUser from "Common/Models/DatabaseModels/ProjectUser";
-import ProjectUserService, {
-  Service as ProjectUserServiceType,
-} from "Common/Server/Services/ProjectUserService";
-
 import MonitorFeed from "Common/Models/DatabaseModels/MonitorFeed";
 import MonitorFeedService, {
   Service as MonitorFeedServiceType,
@@ -547,10 +557,7 @@ import MetricTypeService, {
 import MetricType from "Common/Models/DatabaseModels/MetricType";
 
 import OnCallDutyPolicyAPI from "Common/Server/API/OnCallDutyPolicyAPI";
-
-// OnCallDutyPolicyOwnerTeam
-// OnCallDutyPolicyOwnerUser
-// OnCallDutyPolicyFeed
+import TeamComplianceAPI from "Common/Server/API/TeamComplianceAPI";
 
 import OnCallDutyPolicyFeed from "Common/Models/DatabaseModels/OnCallDutyPolicyFeed";
 import OnCallDutyPolicyFeedService, {
@@ -583,6 +590,18 @@ import StatusPageAnnouncementTemplateService, {
   Service as StatusPageAnnouncementTemplateServiceType,
 } from "Common/Server/Services/StatusPageAnnouncementTemplateService";
 
+// ProjectSCIM
+import ProjectSCIM from "Common/Models/DatabaseModels/ProjectSCIM";
+import ProjectSCIMService, {
+  Service as ProjectSCIMServiceType,
+} from "Common/Server/Services/ProjectSCIMService";
+
+// StatusPageSCIM
+import StatusPageSCIM from "Common/Models/DatabaseModels/StatusPageSCIM";
+import StatusPageSCIMService, {
+  Service as StatusPageSCIMServiceType,
+} from "Common/Server/Services/StatusPageSCIMService";
+
 // Open API Spec
 import OpenAPI from "Common/Server/API/OpenAPI";
 
@@ -618,6 +637,24 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
+    // Project SCIM
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<ProjectSCIM, ProjectSCIMServiceType>(
+        ProjectSCIM,
+        ProjectSCIMService,
+      ).getRouter(),
+    );
+
+    // Status Page SCIM
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<StatusPageSCIM, StatusPageSCIMServiceType>(
+        StatusPageSCIM,
+        StatusPageSCIMService,
+      ).getRouter(),
+    );
+
     // status page announcement templates
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
@@ -698,14 +735,6 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
-    app.use(
-      `/${APP_NAME.toLocaleLowerCase()}`,
-      new BaseAPI<ProjectUser, ProjectUserServiceType>(
-        ProjectUser,
-        ProjectUserService,
-      ).getRouter(),
-    );
-
     //service provider setting
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
@@ -1142,6 +1171,14 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<TeamComplianceSetting, TeamComplianceSettingServiceType>(
+        TeamComplianceSetting,
+        TeamComplianceSettingService,
+      ).getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<MonitorStatus, MonitorStatusServiceType>(
@@ -1501,6 +1538,22 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BaseAPI<SmsLog, SmsLogServiceType>(SmsLog, SmsLogService).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<PushNotificationLog, PushNotificationLogServiceType>(
+        PushNotificationLog,
+        PushNotificationLogService,
+      ).getRouter(),
+    );
+
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<
+        WorkspaceNotificationLog,
+        WorkspaceNotificationLogServiceType
+      >(WorkspaceNotificationLog, WorkspaceNotificationLogService).getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<EmailLog, EmailLogServiceType>(
@@ -1540,7 +1593,6 @@ const BaseAPIFeatureSet: FeatureSet = {
         MonitorTimelineStatusService,
       ).getRouter(),
     );
-
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new ShortLinkAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new MonitorAPI().getRouter());
     app.use(
@@ -1554,6 +1606,12 @@ const BaseAPIFeatureSet: FeatureSet = {
       new OnCallDutyPolicyAPI().getRouter(),
     );
 
+    // TeamComplianceAPI
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new TeamComplianceAPI().getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new WorkspaceNotificationRuleAPI().getRouter(),
@@ -1578,6 +1636,10 @@ const BaseAPIFeatureSet: FeatureSet = {
       new ResellerPlanAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new SlackAPI().getRouter());
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new MicrosoftTeamsAPI().getRouter(),
+    );
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new GlobalConfigAPI().getRouter(),
@@ -1605,7 +1667,11 @@ const BaseAPIFeatureSet: FeatureSet = {
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserCallAPI().getRouter());
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
-      new UserTwoFactorAuthAPI().getRouter(),
+      new UserTotpAuthAPI().getRouter(),
+    );
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new UserWebAuthnAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserEmailAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserSMSAPI().getRouter());
@@ -1629,6 +1695,8 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BillingInvoiceAPI().getRouter(),
     );
 
+    app.use(`/${APP_NAME.toLocaleLowerCase()}`, new BillingAPI().getRouter());
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<

App/FeatureSet/Identity/API/Authentication.ts

@@ -24,7 +24,7 @@ import AccessTokenService from "Common/Server/Services/AccessTokenService";
 import EmailVerificationTokenService from "Common/Server/Services/EmailVerificationTokenService";
 import MailService from "Common/Server/Services/MailService";
 import UserService from "Common/Server/Services/UserService";
-import UserTwoFactorAuthService from "Common/Server/Services/UserTwoFactorAuthService";
+import UserTotpAuthService from "Common/Server/Services/UserTotpAuthService";
 import CookieUtil from "Common/Server/Utils/Cookie";
 import Express, {
   ExpressRequest,
@@ -34,10 +34,12 @@ import Express, {
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
-import TwoFactorAuth from "Common/Server/Utils/TwoFactorAuth";
+import TotpAuth from "Common/Server/Utils/TotpAuth";
 import EmailVerificationToken from "Common/Models/DatabaseModels/EmailVerificationToken";
 import User from "Common/Models/DatabaseModels/User";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
+import UserWebAuthnService from "Common/Server/Services/UserWebAuthnService";
 
 const router: ExpressRouter = Express.getRouter();
 
@@ -503,7 +505,7 @@ router.post(
 );
 
 router.post(
-  "/verify-two-factor-auth",
+  "/verify-totp-auth",
   async (
     req: ExpressRequest,
     res: ExpressResponse,
@@ -513,7 +515,25 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: true,
+      verifyTotpAuth: true,
+      verifyWebAuthn: false,
+    });
+  },
+);
+
+router.post(
+  "/verify-webauthn-auth",
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
+    return login({
+      req: req,
+      res: res,
+      next: next,
+      verifyTotpAuth: false,
+      verifyWebAuthn: true,
     });
   },
 );
@@ -529,62 +549,99 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: false,
+      verifyTotpAuth: false,
+      verifyWebAuthn: false,
     });
   },
 );
 
-type FetchTwoFactorAuthListFunction = (
-  userId: ObjectID,
-) => Promise<Array<UserTwoFactorAuth>>;
+type FetchTotpAuthListFunction = (userId: ObjectID) => Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}>;
 
-const fetchTwoFactorAuthList: FetchTwoFactorAuthListFunction = async (
+const fetchTotpAuthList: FetchTotpAuthListFunction = async (
   userId: ObjectID,
-): Promise<Array<UserTwoFactorAuth>> => {
-  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-    await UserTwoFactorAuthService.findBy({
-      query: {
-        userId: userId,
-        isVerified: true,
-      },
-      select: {
-        _id: true,
-        userId: true,
-        name: true,
-      },
-      limit: LIMIT_PER_PROJECT,
-      skip: 0,
-      props: {
-        isRoot: true,
-      },
-    });
+): Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}> => {
+  const totpAuthList: Array<UserTotpAuth> = await UserTotpAuthService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
 
-  return twoFactorAuthList;
+  const webAuthnList: Array<UserWebAuthn> = await UserWebAuthnService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
+
+  return {
+    totpAuthList: totpAuthList || [],
+    webAuthnList: webAuthnList || [],
+  };
 };
 
 type LoginFunction = (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }) => Promise<void>;
 
 const login: LoginFunction = async (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }): Promise<void> => {
   const req: ExpressRequest = options.req;
   const res: ExpressResponse = options.res;
   const next: NextFunction = options.next;
-  const verifyTwoFactorAuth: boolean = options.verifyTwoFactorAuth;
+  const verifyTotpAuth: boolean = options.verifyTotpAuth;
+  const verifyWebAuthn: boolean = options.verifyWebAuthn;
 
   try {
     const data: JSONObject = req.body["data"];
 
+    logger.debug("Login request data: " + JSON.stringify(req.body, null, 2));
+
     const user: User = BaseModel.fromJSON(data as JSONObject, User) as User;
 
+    if (!user.email || !user.password) {
+      return Response.sendErrorResponse(
+        req,
+        res,
+        new BadDataException("Email and password are required."),
+      );
+    }
+
     await user.password?.hashValue(EncryptionSecret);
 
     const alreadySavedUser: User | null = await UserService.findOneBy({
@@ -638,13 +695,21 @@ const login: LoginFunction = async (options: {
         );
       }
 
-      if (alreadySavedUser.enableTwoFactorAuth && !verifyTwoFactorAuth) {
+      if (
+        alreadySavedUser.enableTwoFactorAuth &&
+        !verifyTotpAuth &&
+        !verifyWebAuthn
+      ) {
         // If two factor auth is enabled then we will send the user to the two factor auth page.
 
-        const twoFactorAuthList: Array<UserTwoFactorAuth> =
-          await fetchTwoFactorAuthList(alreadySavedUser.id!);
+        const { totpAuthList, webAuthnList } = await fetchTotpAuthList(
+          alreadySavedUser.id!,
+        );
 
-        if (!twoFactorAuthList || twoFactorAuthList.length === 0) {
+        if (
+          (!totpAuthList || totpAuthList.length === 0) &&
+          (!webAuthnList || webAuthnList.length === 0)
+        ) {
           const errorMessage: string = IsBillingEnabled
             ? "Two Factor Authentication is enabled but no two factor auth is setup. Please contact OneUptime support for help."
             : "Two Factor Authentication is enabled but no two factor auth is setup. Please contact your server admin to disable two factor auth for this account.";
@@ -656,62 +721,68 @@ const login: LoginFunction = async (options: {
           );
         }
 
-        return Response.sendEntityResponse(req, res, user, User, {
+        return Response.sendEntityResponse(req, res, alreadySavedUser, User, {
           miscData: {
-            twoFactorAuthList: UserTwoFactorAuth.toJSONArray(
-              twoFactorAuthList,
-              UserTwoFactorAuth,
-            ),
-            twoFactorAuth: true,
+            totpAuthList: UserTotpAuth.toJSONArray(totpAuthList, UserTotpAuth),
+            webAuthnList: UserWebAuthn.toJSONArray(webAuthnList, UserWebAuthn),
           },
         });
       }
 
-      if (verifyTwoFactorAuth) {
-        // code from req
-        const code: string = data["code"] as string;
-        const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
+      if (verifyTotpAuth || verifyWebAuthn) {
+        if (verifyTotpAuth) {
+          // code from req
+          const code: string = data["code"] as string;
+          const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
 
-        const twoFactorAuth: UserTwoFactorAuth | null =
-          await UserTwoFactorAuthService.findOneBy({
-            query: {
-              _id: twoFactorAuthId,
-              userId: alreadySavedUser.id!,
-              isVerified: true,
-            },
-            select: {
-              _id: true,
-              twoFactorSecret: true,
-            },
-            props: {
-              isRoot: true,
-            },
+          const totpAuth: UserTotpAuth | null =
+            await UserTotpAuthService.findOneBy({
+              query: {
+                _id: twoFactorAuthId,
+                userId: alreadySavedUser.id!,
+                isVerified: true,
+              },
+              select: {
+                _id: true,
+                twoFactorSecret: true,
+              },
+              props: {
+                isRoot: true,
+              },
+            });
+
+          if (!totpAuth) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid two factor auth id."),
+            );
+          }
+
+          const isVerified: boolean = TotpAuth.verifyToken({
+            token: code,
+            secret: totpAuth.twoFactorSecret!,
+            email: alreadySavedUser.email!,
           });
 
-        if (!twoFactorAuth) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid two factor auth id."),
-          );
+          if (!isVerified) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid code."),
+            );
+          }
+        } else if (verifyWebAuthn) {
+          const expectedChallenge: string = data["challenge"] as string;
+          const credential: any = data["credential"];
+
+          await UserWebAuthnService.verifyAuthentication({
+            userId: alreadySavedUser.id!.toString(),
+            challenge: expectedChallenge,
+            credential: credential,
+          });
         }
-
-        const isVerified: boolean = TwoFactorAuth.verifyToken({
-          token: code,
-          secret: twoFactorAuth.twoFactorSecret!,
-          email: alreadySavedUser.email!,
-        });
-
-        if (!isVerified) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid code."),
-          );
-        }
-      }
-
-      // Refresh Permissions for this user here.
+      } // Refresh Permissions for this user here.
       await AccessTokenService.refreshUserAllPermissions(alreadySavedUser.id!);
 
       if (alreadySavedUser.password.toString() === user.password!.toString()) {

App/FeatureSet/Identity/API/SSO.ts

@@ -40,8 +40,10 @@ import Name from "Common/Types/Name";
 
 const router: ExpressRouter = Express.getRouter();
 
-// This route is used to get the SSO config for the user.
-// when the user logs in from OneUptime and not from the IDP.
+/*
+ * This route is used to get the SSO config for the user.
+ * when the user logs in from OneUptime and not from the IDP.
+ */
 
 router.get(
   "/service-provider-login",
@@ -434,8 +436,10 @@ const loginUserWithSso: LoginUserWithSsoFunction = async (
       isNewUser = true;
     }
 
-    // If he does not then add him to teams that he should belong and log in.
-    // This should never happen because email is verified before he logs in with SSO.
+    /*
+     * If he does not then add him to teams that he should belong and log in.
+     * This should never happen because email is verified before he logs in with SSO.
+     */
     if (!alreadySavedUser.isEmailVerified && !isNewUser) {
       await AuthenticationEmail.sendVerificationEmail(alreadySavedUser!);
 

App/FeatureSet/Identity/API/StatusPageAuthentication.ts

@@ -168,6 +168,7 @@ router.post(
           },
           {
             projectId: statusPage.projectId!,
+            statusPageId: statusPage.id!,
           },
         ).catch((err: Error) => {
           logger.error(err);
@@ -306,6 +307,7 @@ router.post(
         },
         {
           projectId: statusPage.projectId!,
+          statusPageId: statusPage.id!,
         },
       ).catch((err: Error) => {
         logger.error(err);

App/FeatureSet/Identity/API/StatusPageSCIM.ts

@@ -0,0 +1,570 @@
+import SCIMMiddleware from "Common/Server/Middleware/SCIMAuthorization";
+import StatusPagePrivateUserService from "Common/Server/Services/StatusPagePrivateUserService";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+  OneUptimeRequest,
+} from "Common/Server/Utils/Express";
+import Response from "Common/Server/Utils/Response";
+import logger from "Common/Server/Utils/Logger";
+import ObjectID from "Common/Types/ObjectID";
+import Email from "Common/Types/Email";
+import { JSONObject } from "Common/Types/JSON";
+import StatusPagePrivateUser from "Common/Models/DatabaseModels/StatusPagePrivateUser";
+import StatusPageSCIM from "Common/Models/DatabaseModels/StatusPageSCIM";
+import BadRequestException from "Common/Types/Exception/BadRequestException";
+import NotFoundException from "Common/Types/Exception/NotFoundException";
+import LIMIT_MAX, { LIMIT_PER_PROJECT } from "Common/Types/Database/LimitMax";
+import {
+  formatUserForSCIM,
+  generateServiceProviderConfig,
+} from "../Utils/SCIMUtils";
+import Text from "Common/Types/Text";
+import HashedString from "Common/Types/HashedString";
+
+const router: ExpressRouter = Express.getRouter();
+
+// SCIM Service Provider Configuration - GET /status-page-scim/v2/ServiceProviderConfig
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/ServiceProviderConfig",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM ServiceProviderConfig - scimId: ${req.params["statusPageScimId"]!}`,
+      );
+
+      const serviceProviderConfig: JSONObject = generateServiceProviderConfig(
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      return Response.sendJsonObjectResponse(req, res, serviceProviderConfig);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Status Page Users endpoint - GET /status-page-scim/v2/Users
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/Users",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Users list request for statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+
+      // Parse query parameters
+      const startIndex: number =
+        parseInt(req.query["startIndex"] as string) || 1;
+      const count: number = Math.min(
+        parseInt(req.query["count"] as string) || 100,
+        LIMIT_PER_PROJECT,
+      );
+      const filter: string = req.query["filter"] as string;
+
+      logger.debug(
+        `Status Page SCIM Users - statusPageId: ${statusPageId}, startIndex: ${startIndex}, count: ${count}, filter: ${filter || "none"}`,
+      );
+
+      // Build query for status page users
+      const query: any = {
+        statusPageId: statusPageId,
+      };
+
+      // Handle SCIM filter for userName
+      if (filter) {
+        const emailMatch: RegExpMatchArray | null = filter.match(
+          /userName eq "([^"]+)"/i,
+        );
+        if (emailMatch) {
+          const email: string = emailMatch[1]!;
+          logger.debug(
+            `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filter by email: ${email}`,
+          );
+
+          if (email) {
+            if (Email.isValid(email)) {
+              query.email = new Email(email);
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filtering by email: ${email}`,
+              );
+            } else {
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, invalid email format in filter: ${email}`,
+              );
+              return Response.sendJsonObjectResponse(req, res, {
+                schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+                totalResults: 0,
+                startIndex: startIndex,
+                itemsPerPage: 0,
+                Resources: [],
+              });
+            }
+          }
+        }
+      }
+
+      // Get all private users for this status page
+      const statusPageUsers: Array<StatusPagePrivateUser> =
+        await StatusPagePrivateUserService.findBy({
+          query: query,
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          skip: 0,
+          limit: LIMIT_MAX,
+          props: { isRoot: true },
+        });
+
+      logger.debug(
+        `Status Page SCIM Users - found ${statusPageUsers.length} users`,
+      );
+
+      // Format users for SCIM
+      const users: Array<JSONObject> = statusPageUsers.map(
+        (user: StatusPagePrivateUser) => {
+          return formatUserForSCIM(
+            user,
+            req,
+            req.params["statusPageScimId"]!,
+            "status-page",
+          );
+        },
+      );
+
+      // Paginate the results
+      const paginatedUsers: Array<JSONObject> = users.slice(
+        (startIndex - 1) * count,
+        startIndex * count,
+      );
+
+      logger.debug(
+        `Status Page SCIM Users response prepared with ${users.length} users`,
+      );
+
+      return Response.sendJsonObjectResponse(req, res, {
+        schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+        totalResults: users.length,
+        startIndex: startIndex,
+        itemsPerPage: paginatedUsers.length,
+        Resources: paginatedUsers,
+      });
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Get Individual Status Page User - GET /status-page-scim/v2/Users/{id}
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Get individual user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const userId: string = req.params["userId"]!;
+
+      logger.debug(
+        `Status Page SCIM Get user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Get user - user not found for userId: ${userId}`,
+        );
+        throw new NotFoundException(
+          "User not found or not part of this status page",
+        );
+      }
+
+      const user: JSONObject = formatUserForSCIM(
+        statusPageUser,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      logger.debug(
+        `Status Page SCIM Get user - returning user with id: ${statusPageUser.id}`,
+      );
+
+      return Response.sendJsonObjectResponse(req, res, user);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Create Status Page User - POST /status-page-scim/v2/Users
+router.post(
+  "/status-page-scim/v2/:statusPageScimId/Users",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Create user request for statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const scimConfig: StatusPageSCIM = bearerData[
+        "scimConfig"
+      ] as StatusPageSCIM;
+
+      if (!scimConfig.autoProvisionUsers) {
+        throw new BadRequestException(
+          "Auto-provisioning is disabled for this status page",
+        );
+      }
+
+      const scimUser: JSONObject = req.body;
+
+      logger.debug(
+        `Status Page SCIM Create user - statusPageId: ${statusPageId}`,
+      );
+
+      logger.debug(
+        `Request body for Status Page SCIM Create user: ${JSON.stringify(scimUser, null, 2)}`,
+      );
+
+      // Extract user data from SCIM payload
+      const email: string =
+        (scimUser["userName"] as string) ||
+        ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string);
+
+      if (!email) {
+        throw new BadRequestException("Email is required for user creation");
+      }
+
+      logger.debug(`Status Page SCIM Create user - email: ${email}`);
+
+      // Check if user already exists for this status page
+      let user: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            email: new Email(email),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!user) {
+        logger.debug(
+          `Status Page SCIM Create user - creating new user with email: ${email}`,
+        );
+
+        const privateUser: StatusPagePrivateUser = new StatusPagePrivateUser();
+        privateUser.statusPageId = statusPageId;
+        privateUser.email = new Email(email);
+        privateUser.password = new HashedString(Text.generateRandomText(32));
+        privateUser.projectId = bearerData["projectId"] as ObjectID;
+
+        // Create new status page private user
+        user = await StatusPagePrivateUserService.create({
+          data: privateUser as any,
+          props: { isRoot: true },
+        });
+      } else {
+        logger.debug(
+          `Status Page SCIM Create user - user already exists with id: ${user.id}`,
+        );
+      }
+
+      const createdUser: JSONObject = formatUserForSCIM(
+        user,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      logger.debug(
+        `Status Page SCIM Create user - returning created user with id: ${user.id}`,
+      );
+
+      res.status(201);
+      return Response.sendJsonObjectResponse(req, res, createdUser);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Update Status Page User - PUT /status-page-scim/v2/Users/{id}
+router.put(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Update user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const userId: string = req.params["userId"]!;
+      const scimUser: JSONObject = req.body;
+
+      logger.debug(
+        `Status Page SCIM Update user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      logger.debug(
+        `Request body for Status Page SCIM Update user: ${JSON.stringify(scimUser, null, 2)}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Update user - user not found for userId: ${userId}`,
+        );
+        throw new NotFoundException(
+          "User not found or not part of this status page",
+        );
+      }
+
+      // Update user information
+      const email: string =
+        (scimUser["userName"] as string) ||
+        ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string);
+      const active: boolean = scimUser["active"] as boolean;
+
+      logger.debug(
+        `Status Page SCIM Update user - email: ${email}, active: ${active}`,
+      );
+
+      // Handle user deactivation by deleting from status page
+      if (active === false) {
+        logger.debug(
+          `Status Page SCIM Update user - user marked as inactive, removing from status page`,
+        );
+
+        const scimConfig: StatusPageSCIM = bearerData[
+          "scimConfig"
+        ] as StatusPageSCIM;
+        if (scimConfig.autoDeprovisionUsers) {
+          await StatusPagePrivateUserService.deleteOneById({
+            id: new ObjectID(userId),
+            props: { isRoot: true },
+          });
+
+          logger.debug(
+            `Status Page SCIM Update user - user removed from status page`,
+          );
+
+          // Return empty response for deleted user
+          return Response.sendJsonObjectResponse(req, res, {});
+        }
+      }
+
+      // Prepare update data
+      const updateData: {
+        email?: Email;
+      } = {};
+
+      if (email && email !== statusPageUser.email?.toString()) {
+        updateData.email = new Email(email);
+      }
+
+      // Only update if there are changes
+      if (Object.keys(updateData).length > 0) {
+        logger.debug(
+          `Status Page SCIM Update user - updating user with data: ${JSON.stringify(updateData)}`,
+        );
+
+        await StatusPagePrivateUserService.updateOneById({
+          id: new ObjectID(userId),
+          data: updateData,
+          props: { isRoot: true },
+        });
+
+        logger.debug(
+          `Status Page SCIM Update user - user updated successfully`,
+        );
+
+        // Fetch updated user
+        const updatedUser: StatusPagePrivateUser | null =
+          await StatusPagePrivateUserService.findOneById({
+            id: new ObjectID(userId),
+            select: {
+              _id: true,
+              email: true,
+              createdAt: true,
+              updatedAt: true,
+            },
+            props: { isRoot: true },
+          });
+
+        if (updatedUser) {
+          const user: JSONObject = formatUserForSCIM(
+            updatedUser,
+            req,
+            req.params["statusPageScimId"]!,
+            "status-page",
+          );
+          return Response.sendJsonObjectResponse(req, res, user);
+        }
+      }
+
+      logger.debug(
+        `Status Page SCIM Update user - no updates made, returning existing user`,
+      );
+
+      // If no updates were made, return the existing user
+      const user: JSONObject = formatUserForSCIM(
+        statusPageUser,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      return Response.sendJsonObjectResponse(req, res, user);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Delete Status Page User - DELETE /status-page-scim/v2/Users/{id}
+router.delete(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Delete user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const scimConfig: StatusPageSCIM = bearerData[
+        "scimConfig"
+      ] as StatusPageSCIM;
+      const userId: string = req.params["userId"]!;
+
+      if (!scimConfig.autoDeprovisionUsers) {
+        throw new BadRequestException(
+          "Auto-deprovisioning is disabled for this status page",
+        );
+      }
+
+      logger.debug(
+        `Status Page SCIM Delete user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Delete user - user not found for userId: ${userId}`,
+        );
+        // SCIM spec says to return 404 for non-existent resources
+        throw new NotFoundException("User not found");
+      }
+
+      // Delete the user from status page
+      await StatusPagePrivateUserService.deleteOneById({
+        id: new ObjectID(userId),
+        props: { isRoot: true },
+      });
+
+      logger.debug(
+        `Status Page SCIM Delete user - user deleted successfully for userId: ${userId}`,
+      );
+
+      // Return 204 No Content for successful deletion
+      res.status(204);
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+export default router;

App/FeatureSet/Identity/Index.ts

@@ -1,8 +1,10 @@
 import AuthenticationAPI from "./API/Authentication";
 import ResellerAPI from "./API/Reseller";
 import SsoAPI from "./API/SSO";
+import SCIMAPI from "./API/SCIM";
 import StatusPageAuthenticationAPI from "./API/StatusPageAuthentication";
 import StatusPageSsoAPI from "./API/StatusPageSSO";
+import StatusPageSCIMAPI from "./API/StatusPageSCIM";
 import FeatureSet from "Common/Server/Types/FeatureSet";
 import Express, { ExpressApplication } from "Common/Server/Utils/Express";
 import "ejs";
@@ -19,6 +21,10 @@ const IdentityFeatureSet: FeatureSet = {
 
     app.use([`/${APP_NAME}`, "/"], SsoAPI);
 
+    app.use([`/${APP_NAME}`, "/"], SCIMAPI);
+
+    app.use([`/${APP_NAME}`, "/"], StatusPageSCIMAPI);
+
     app.use([`/${APP_NAME}`, "/"], StatusPageSsoAPI);
 
     app.use(

App/FeatureSet/Identity/Utils/AuthenticationEmail.ts

@@ -35,6 +35,8 @@ export default class AuthenticationEmail {
     const host: Hostname = await DatabaseConfig.getHost();
     const httpProtocol: Protocol = await DatabaseConfig.getHttpProtocol();
 
+    logger.debug("Sending verification email");
+
     MailService.sendMail({
       toEmail: user.email!,
       subject: "Please verify email.",
@@ -50,8 +52,13 @@ export default class AuthenticationEmail {
         ).toString(),
         homeUrl: new URL(httpProtocol, host).toString(),
       },
-    }).catch((err: Error) => {
-      logger.error(err);
-    });
+    })
+      .then(() => {
+        logger.debug("Verification email sent");
+      })
+      .catch((err: Error) => {
+        logger.debug("Error sending verification email");
+        logger.error(err);
+      });
   }
 }

App/FeatureSet/Identity/Utils/SCIMUtils.ts

@@ -0,0 +1,265 @@
+import { ExpressRequest } from "Common/Server/Utils/Express";
+import logger from "Common/Server/Utils/Logger";
+import { JSONObject } from "Common/Types/JSON";
+import Email from "Common/Types/Email";
+import Name from "Common/Types/Name";
+import ObjectID from "Common/Types/ObjectID";
+
+/**
+ * Shared SCIM utility functions for both Project SCIM and Status Page SCIM
+ */
+
+// Base interface for SCIM user-like objects - compatible with User model
+export interface SCIMUser {
+  id?: ObjectID | null;
+  email?: Email;
+  name?: Name | string;
+  createdAt?: Date;
+  updatedAt?: Date;
+}
+
+/**
+ * Parse name information from SCIM user payload
+ */
+export const parseNameFromSCIM: (scimUser: JSONObject) => string = (
+  scimUser: JSONObject,
+): string => {
+  logger.debug(
+    `SCIM - Parsing name from SCIM user: ${JSON.stringify(scimUser, null, 2)}`,
+  );
+
+  const givenName: string =
+    ((scimUser["name"] as JSONObject)?.["givenName"] as string) || "";
+  const familyName: string =
+    ((scimUser["name"] as JSONObject)?.["familyName"] as string) || "";
+  const formattedName: string = (scimUser["name"] as JSONObject)?.[
+    "formatted"
+  ] as string;
+
+  // Construct full name: prefer formatted, then combine given+family, then fallback to displayName
+  if (formattedName) {
+    return formattedName;
+  } else if (givenName || familyName) {
+    return `${givenName} ${familyName}`.trim();
+  } else if (scimUser["displayName"]) {
+    return scimUser["displayName"] as string;
+  }
+  return "";
+};
+
+/**
+ * Parse full name into SCIM name format
+ */
+export const parseNameToSCIMFormat: (fullName: string) => {
+  givenName: string;
+  familyName: string;
+  formatted: string;
+} = (
+  fullName: string,
+): { givenName: string; familyName: string; formatted: string } => {
+  const nameParts: string[] = fullName.trim().split(/\s+/);
+  const givenName: string = nameParts[0] || "";
+  const familyName: string = nameParts.slice(1).join(" ") || "";
+
+  return {
+    givenName,
+    familyName,
+    formatted: fullName,
+  };
+};
+
+/**
+ * Format user object for SCIM response
+ */
+export const formatUserForSCIM: (
+  user: SCIMUser,
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+) => JSONObject = (
+  user: SCIMUser,
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+): JSONObject => {
+  const baseUrl: string = `${req.protocol}://${req.get("host")}`;
+  const userName: string = user.email?.toString() || "";
+  const fullName: string =
+    user.name?.toString() || userName.split("@")[0] || "Unknown User";
+
+  const nameData: { givenName: string; familyName: string; formatted: string } =
+    parseNameToSCIMFormat(fullName);
+
+  // Determine the correct endpoint path based on SCIM type
+  const endpointPath: string =
+    scimType === "project"
+      ? `/scim/v2/${scimId}/Users/${user.id?.toString()}`
+      : `/status-page-scim/v2/${scimId}/Users/${user.id?.toString()}`;
+
+  return {
+    schemas: ["urn:ietf:params:scim:schemas:core:2.0:User"],
+    id: user.id?.toString(),
+    userName: userName,
+    displayName: nameData.formatted,
+    name: {
+      formatted: nameData.formatted,
+      familyName: nameData.familyName,
+      givenName: nameData.givenName,
+    },
+    emails: [
+      {
+        value: userName,
+        type: "work",
+        primary: true,
+      },
+    ],
+    active: true,
+    meta: {
+      resourceType: "User",
+      created: user.createdAt?.toISOString(),
+      lastModified: user.updatedAt?.toISOString(),
+      location: `${baseUrl}${endpointPath}`,
+    },
+  };
+};
+
+/**
+ * Extract email from SCIM user payload
+ */
+export const extractEmailFromSCIM: (scimUser: JSONObject) => string = (
+  scimUser: JSONObject,
+): string => {
+  return (
+    (scimUser["userName"] as string) ||
+    ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string) ||
+    ""
+  );
+};
+
+/**
+ * Extract active status from SCIM user payload
+ */
+export const extractActiveFromSCIM: (scimUser: JSONObject) => boolean = (
+  scimUser: JSONObject,
+): boolean => {
+  return scimUser["active"] !== false; // Default to true if not specified
+};
+
+/**
+ * Generate SCIM ServiceProviderConfig response
+ */
+export const generateServiceProviderConfig: (
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+  documentationUrl?: string,
+) => JSONObject = (
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+  documentationUrl: string = "https://oneuptime.com/docs/identity/scim",
+): JSONObject => {
+  const baseUrl: string = `${req.protocol}://${req.get("host")}`;
+  const endpointPath: string =
+    scimType === "project"
+      ? `/scim/v2/${scimId}`
+      : `/status-page-scim/v2/${scimId}`;
+
+  return {
+    schemas: ["urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"],
+    documentationUri: documentationUrl,
+    patch: {
+      supported: true,
+    },
+    bulk: {
+      supported: true,
+      maxOperations: 1000,
+      maxPayloadSize: 1048576,
+    },
+    filter: {
+      supported: true,
+      maxResults: 200,
+    },
+    changePassword: {
+      supported: false,
+    },
+    sort: {
+      supported: true,
+    },
+    etag: {
+      supported: false,
+    },
+    authenticationSchemes: [
+      {
+        type: "httpbearer",
+        name: "HTTP Bearer",
+        description: "Authentication scheme using HTTP Bearer Token",
+        primary: true,
+      },
+    ],
+    meta: {
+      location: `${baseUrl}${endpointPath}/ServiceProviderConfig`,
+      resourceType: "ServiceProviderConfig",
+      created: "2023-01-01T00:00:00Z",
+      lastModified: "2023-01-01T00:00:00Z",
+    },
+  };
+};
+
+/**
+ * Generate SCIM ListResponse for users
+ */
+export const generateUsersListResponse: (
+  users: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+) => JSONObject = (
+  users: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+): JSONObject => {
+  return {
+    schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+    totalResults: totalResults,
+    startIndex: startIndex,
+    itemsPerPage: users.length,
+    Resources: users,
+  };
+};
+
+/**
+ * Generate SCIM ListResponse for groups
+ */
+export const generateGroupsListResponse: (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+) => JSONObject = (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+): JSONObject => {
+  return {
+    schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+    totalResults: totalResults,
+    startIndex: startIndex,
+    itemsPerPage: groups.length,
+    Resources: groups,
+  };
+};
+
+/**
+ * Parse query parameters for SCIM list requests
+ */
+export const parseSCIMQueryParams: (req: ExpressRequest) => {
+  startIndex: number;
+  count: number;
+} = (req: ExpressRequest): { startIndex: number; count: number } => {
+  const startIndex: number = parseInt(req.query["startIndex"] as string) || 1;
+  const count: number = Math.min(
+    parseInt(req.query["count"] as string) || 100,
+    200, // SCIM recommended max
+  );
+
+  return { startIndex, count };
+};

App/FeatureSet/Identity/Utils/SSO.ts

@@ -184,15 +184,17 @@ export default class SSOUtil {
       return null;
     }
 
-    // get displayName attribute.
-    //   {
-    //     "$": {
-    //         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
-    //     },
-    //     "AttributeValue": [
-    //         "Nawaz Dhandala"
-    //     ]
-    // },
+    /*
+     * get displayName attribute.
+     *   {
+     *     "$": {
+     *         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
+     *     },
+     *     "AttributeValue": [
+     *         "Nawaz Dhandala"
+     *     ]
+     * },
+     */
 
     for (let i: number = 0; i < samlAttribute.length; i++) {
       const attribute: JSONObject = samlAttribute[i] as JSONObject;

App/FeatureSet/Identity/Views/Partials/Head.ejs

@@ -67,7 +67,6 @@
 <link rel="apple-touch-icon-precomposed" href="/img/ou-wb.svg">
 <link rel="icon" href="/img/ou-wb.svg">
 <link rel="image_src" type="image/png" href="/img/hou-wb.svg">
-<link rel="canonical" href="/">
 <link rel="manifest" href="/manifest.json">
 <meta property="og:title" content="OneUptime - One Complete Observability platform.">
 <meta property="og:url" content="https://oneuptime.com">

App/FeatureSet/Notification/API/Call.ts

@@ -31,6 +31,22 @@ router.post(
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
       customTwilioConfig: body["customTwilioConfig"] as any,
+      incidentId: (body["incidentId"] as ObjectID) || undefined,
+      alertId: (body["alertId"] as ObjectID) || undefined,
+      scheduledMaintenanceId:
+        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+      statusPageAnnouncementId:
+        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+      userId: (body["userId"] as ObjectID) || undefined,
+      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+      onCallPolicyEscalationRuleId:
+        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+      onCallDutyPolicyExecutionLogTimelineId:
+        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+        undefined,
+      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+      teamId: (body["teamId"] as ObjectID) || undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/API/Mail.ts

@@ -43,6 +43,43 @@ router.post(
       emailServer: mailServer,
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+      incidentId: body["incidentId"]
+        ? new ObjectID(body["incidentId"].toString())
+        : undefined,
+      alertId: body["alertId"]
+        ? new ObjectID(body["alertId"].toString())
+        : undefined,
+      scheduledMaintenanceId: body["scheduledMaintenanceId"]
+        ? new ObjectID(body["scheduledMaintenanceId"].toString())
+        : undefined,
+      statusPageId: body["statusPageId"]
+        ? new ObjectID(body["statusPageId"].toString())
+        : undefined,
+      statusPageAnnouncementId: body["statusPageAnnouncementId"]
+        ? new ObjectID(body["statusPageAnnouncementId"].toString())
+        : undefined,
+      userId: body["userId"]
+        ? new ObjectID(body["userId"].toString())
+        : undefined,
+      onCallPolicyId: body["onCallPolicyId"]
+        ? new ObjectID(body["onCallPolicyId"].toString())
+        : undefined,
+      onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
+        ? new ObjectID(body["onCallPolicyEscalationRuleId"].toString())
+        : undefined,
+      onCallDutyPolicyExecutionLogTimelineId: body[
+        "onCallDutyPolicyExecutionLogTimelineId"
+      ]
+        ? new ObjectID(
+            body["onCallDutyPolicyExecutionLogTimelineId"].toString(),
+          )
+        : undefined,
+      onCallScheduleId: body["onCallScheduleId"]
+        ? new ObjectID(body["onCallScheduleId"].toString())
+        : undefined,
+      teamId: body["teamId"]
+        ? new ObjectID(body["teamId"].toString())
+        : undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/API/PushNotification.ts

@@ -0,0 +1,65 @@
+import PushService from "../Services/PushNotificationService";
+import ClusterKeyAuthorization from "Common/Server/Middleware/ClusterKeyAuthorization";
+import ObjectID from "Common/Types/ObjectID";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+} from "Common/Server/Utils/Express";
+import Response from "Common/Server/Utils/Response";
+import { JSONObject } from "Common/Types/JSON";
+import JSONFunctions from "Common/Types/JSONFunctions";
+
+const router: ExpressRouter = Express.getRouter();
+
+router.post(
+  "/send",
+  ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
+  async (req: ExpressRequest, res: ExpressResponse) => {
+    const body: JSONObject = JSONFunctions.deserialize(req.body);
+
+    // Support both new devices format and legacy deviceTokens/deviceNames format
+    let devices: Array<{ token: string; name?: string }> = [];
+
+    if (body["devices"]) {
+      // New format: devices as array of objects
+      devices = body["devices"] as Array<{ token: string; name?: string }>;
+    } else {
+      throw new Error("Invalid request format: 'devices' array is required.");
+    }
+
+    await PushService.send(
+      {
+        devices,
+        deviceType: (body["deviceType"] as any) || "web",
+        message: body["message"] as any,
+      },
+      {
+        projectId: (body["projectId"] as ObjectID) || undefined,
+        isSensitive: (body["isSensitive"] as boolean) || false,
+        userOnCallLogTimelineId:
+          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+        incidentId: (body["incidentId"] as ObjectID) || undefined,
+        alertId: (body["alertId"] as ObjectID) || undefined,
+        scheduledMaintenanceId:
+          (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+        statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+        statusPageAnnouncementId:
+          (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+        userId: (body["userId"] as ObjectID) || undefined,
+        onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+        onCallPolicyEscalationRuleId:
+          (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+        onCallDutyPolicyExecutionLogTimelineId:
+          (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+          undefined,
+        onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+        teamId: (body["teamId"] as ObjectID) || undefined,
+      },
+    );
+
+    return Response.sendEmptySuccessResponse(req, res);
+  },
+);
+
+export default router;

App/FeatureSet/Notification/API/SMS.ts

@@ -30,6 +30,22 @@ router.post(
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
       customTwilioConfig: body["customTwilioConfig"] as any,
+      incidentId: (body["incidentId"] as ObjectID) || undefined,
+      alertId: (body["alertId"] as ObjectID) || undefined,
+      scheduledMaintenanceId:
+        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+      statusPageAnnouncementId:
+        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+      userId: (body["userId"] as ObjectID) || undefined,
+      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+      onCallPolicyEscalationRuleId:
+        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+      onCallDutyPolicyExecutionLogTimelineId:
+        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+        undefined,
+      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+      teamId: (body["teamId"] as ObjectID) || undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/Config.ts

@@ -1,10 +1,8 @@
-import Hostname from "Common/Types/API/Hostname";
 import TwilioConfig from "Common/Types/CallAndSMS/TwilioConfig";
 import Email from "Common/Types/Email";
 import EmailServer from "Common/Types/Email/EmailServer";
 import BadDataException from "Common/Types/Exception/BadDataException";
 import ObjectID from "Common/Types/ObjectID";
-import Port from "Common/Types/Port";
 import { AdminDashboardClientURL } from "Common/Server/EnvironmentConfig";
 import GlobalConfigService from "Common/Server/Services/GlobalConfigService";
 import GlobalConfig, {
@@ -12,24 +10,6 @@ import GlobalConfig, {
 } from "Common/Models/DatabaseModels/GlobalConfig";
 import Phone from "Common/Types/Phone";
 
-export const InternalSmtpPassword: string =
-  process.env["INTERNAL_SMTP_PASSWORD"] || "";
-
-export const InternalSmtpHost: Hostname = new Hostname(
-  process.env["INTERNAL_SMTP_HOST"] || "haraka",
-);
-
-export const InternalSmtpPort: Port = new Port(2525);
-
-export const InternalSmtpSecure: boolean = false;
-
-export const InternalSmtpEmail: Email = new Email(
-  process.env["INTERNAL_SMTP_EMAIL"] || "noreply@oneuptime.com",
-);
-
-export const InternalSmtpFromName: string =
-  process.env["INTERNAL_SMTP_FROM_NAME"] || "OneUptime";
-
 type GetGlobalSMTPConfig = () => Promise<EmailServer | null>;
 
 export const getGlobalSMTPConfig: GetGlobalSMTPConfig =
@@ -132,10 +112,10 @@ export const getEmailServerType: GetEmailServerTypeFunction =
       });
 
     if (!globalConfig) {
-      return EmailServerType.Internal;
+      return EmailServerType.CustomSMTP;
     }
 
-    return globalConfig.emailServerType || EmailServerType.Internal;
+    return globalConfig.emailServerType || EmailServerType.CustomSMTP;
   };
 
 export interface SendGridConfig {

App/FeatureSet/Notification/Index.ts

@@ -2,6 +2,7 @@ import CallAPI from "./API/Call";
 // API
 import MailAPI from "./API/Mail";
 import SmsAPI from "./API/SMS";
+import PushNotificationAPI from "./API/PushNotification";
 import SMTPConfigAPI from "./API/SMTPConfig";
 import "./Utils/Handlebars";
 import FeatureSet from "Common/Server/Types/FeatureSet";
@@ -15,6 +16,7 @@ const NotificationFeatureSet: FeatureSet = {
 
     app.use([`/${APP_NAME}/email`, "/email"], MailAPI);
     app.use([`/${APP_NAME}/sms`, "/sms"], SmsAPI);
+    app.use([`/${APP_NAME}/push`, "/push"], PushNotificationAPI);
     app.use([`/${APP_NAME}/call`, "/call"], CallAPI);
     app.use([`/${APP_NAME}/smtp-config`, "/smtp-config"], SMTPConfigAPI);
   },

App/FeatureSet/Notification/Services/CallService.ts

@@ -28,6 +28,38 @@ import Twilio from "twilio";
 import { CallInstance } from "twilio/lib/rest/api/v2010/account/call";
 import Phone from "Common/Types/Phone";
 
+/**
+ * Extracts the main sayMessage values from a CallRequest's data array for call summary.
+ * Excludes acknowledgment responses, error messages, and other system messages.
+ * @param callRequest The call request containing data array with various objects
+ * @returns A string containing main call content messages separated by newlines
+ */
+function extractSayMessagesFromCallRequest(callRequest: CallRequest): string {
+  const sayMessages: string[] = [];
+
+  if (callRequest.data && Array.isArray(callRequest.data)) {
+    for (const item of callRequest.data) {
+      // Check if the item is a Say object with sayMessage
+      if ((item as Say).sayMessage) {
+        sayMessages.push((item as Say).sayMessage);
+      }
+      // Check if the item is a GatherInput with introMessage
+      if ((item as GatherInput).introMessage) {
+        sayMessages.push((item as GatherInput).introMessage);
+      }
+      /*
+       * NOTE: Excluding noInputMessage and onInputCallRequest messages from summary
+       * as they contain system responses like "Good bye", "Invalid input", "You have acknowledged"
+       * which should not be included in the call summary according to user requirements
+       */
+    }
+  }
+
+  return sayMessages.length > 0
+    ? sayMessages.join(" ")
+    : "No message content found";
+}
+
 export default class CallService {
   public static async makeCall(
     callRequest: CallRequest,
@@ -36,6 +68,18 @@ export default class CallService {
       isSensitive?: boolean; // if true, message will not be logged
       userOnCallLogTimelineId?: ObjectID | undefined; // user notification log timeline id
       customTwilioConfig?: TwilioConfig | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      // On-call policy related fields
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
     },
   ): Promise<void> {
     let callError: Error | null = null;
@@ -82,14 +126,58 @@ export default class CallService {
       callLog.fromNumber = fromNumber;
       callLog.callData =
         options && options.isSensitive
-          ? { message: "This call is sensitive and is not logged" }
-          : JSON.parse(JSON.stringify(callRequest));
+          ? ({ message: "This call is sensitive and is not logged" } as any)
+          : ({
+              message: extractSayMessagesFromCallRequest(callRequest),
+            } as any);
       callLog.callCostInUSDCents = 0;
 
       if (options.projectId) {
         callLog.projectId = options.projectId;
       }
 
+      if (options.incidentId) {
+        callLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        callLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        callLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        callLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        callLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        callLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        callLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        callLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        callLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        callLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
       let project: Project | null = null;
 
       // make sure project has enough balance.

App/FeatureSet/Notification/Services/MailService.ts

@@ -1,10 +1,4 @@
 import {
-  InternalSmtpEmail,
-  InternalSmtpFromName,
-  InternalSmtpHost,
-  InternalSmtpPassword,
-  InternalSmtpPort,
-  InternalSmtpSecure,
   SendGridConfig,
   getEmailServerType,
   getGlobalSMTPConfig,
@@ -202,19 +196,6 @@ export default class MailService {
     };
   }
 
-  public static getInternalEmailServer(): EmailServer {
-    return {
-      id: undefined,
-      username: InternalSmtpEmail.toString(),
-      password: InternalSmtpPassword,
-      host: InternalSmtpHost,
-      port: InternalSmtpPort,
-      fromEmail: InternalSmtpEmail,
-      fromName: InternalSmtpFromName,
-      secure: InternalSmtpSecure,
-    };
-  }
-
   public static async getGlobalFromEmail(): Promise<Email> {
     const emailServer: EmailServer | null = await this.getGlobalSmtpSettings();
 
@@ -364,6 +345,18 @@ export default class MailService {
           emailServer?: EmailServer | undefined;
           userOnCallLogTimelineId?: ObjectID | undefined;
           timeout?: number | undefined;
+          incidentId?: ObjectID | undefined;
+          alertId?: ObjectID | undefined;
+          scheduledMaintenanceId?: ObjectID | undefined;
+          statusPageId?: ObjectID | undefined;
+          statusPageAnnouncementId?: ObjectID | undefined;
+          userId?: ObjectID | undefined;
+          // On-call policy related fields
+          onCallPolicyId?: ObjectID | undefined;
+          onCallPolicyEscalationRuleId?: ObjectID | undefined;
+          onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+          onCallScheduleId?: ObjectID | undefined;
+          teamId?: ObjectID | undefined;
         }
       | undefined,
   ): Promise<void> {
@@ -378,6 +371,48 @@ export default class MailService {
       if (options.emailServer?.id) {
         emailLog.projectSmtpConfigId = options.emailServer?.id;
       }
+
+      if (options.incidentId) {
+        emailLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        emailLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        emailLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        emailLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        emailLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        emailLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        emailLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        emailLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        emailLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        emailLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
     }
 
     // default vars.
@@ -540,17 +575,6 @@ export default class MailService {
         options.emailServer = globalEmailServer;
       }
 
-      if (
-        emailServerType === EmailServerType.Internal &&
-        (!options || !options.emailServer)
-      ) {
-        if (!options) {
-          options = {};
-        }
-
-        options.emailServer = this.getInternalEmailServer();
-      }
-
       if (options && options.emailServer && emailLog) {
         emailLog.fromEmail = options.emailServer.fromEmail;
       }

App/FeatureSet/Notification/Services/PushNotificationService.ts

@@ -0,0 +1,44 @@
+import PushNotificationRequest from "Common/Types/PushNotification/PushNotificationRequest";
+import ObjectID from "Common/Types/ObjectID";
+import PushNotificationServiceCommon from "Common/Server/Services/PushNotificationService";
+
+export default class PushNotificationService {
+  public static async send(
+    request: PushNotificationRequest,
+    options: {
+      projectId?: ObjectID | undefined;
+      isSensitive?: boolean;
+      userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
+    } = {},
+  ): Promise<void> {
+    // Delegate to Common service which now handles logging and timeline updates
+    await PushNotificationServiceCommon.sendPushNotification(request, {
+      projectId: options.projectId,
+      isSensitive: Boolean(options.isSensitive),
+      userOnCallLogTimelineId: options.userOnCallLogTimelineId,
+      incidentId: options.incidentId,
+      alertId: options.alertId,
+      scheduledMaintenanceId: options.scheduledMaintenanceId,
+      statusPageId: options.statusPageId,
+      statusPageAnnouncementId: options.statusPageAnnouncementId,
+      userId: options.userId,
+      onCallPolicyId: options.onCallPolicyId,
+      onCallPolicyEscalationRuleId: options.onCallPolicyEscalationRuleId,
+      onCallDutyPolicyExecutionLogTimelineId:
+        options.onCallDutyPolicyExecutionLogTimelineId,
+      onCallScheduleId: options.onCallScheduleId,
+      teamId: options.teamId,
+    });
+  }
+}

App/FeatureSet/Notification/Services/SmsService.ts

@@ -31,6 +31,18 @@ export default class SmsService {
       customTwilioConfig?: TwilioConfig | undefined;
       isSensitive?: boolean; // if true, message will not be logged
       userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      // On-call policy related fields
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
     },
   ): Promise<void> {
     let smsError: Error | null = null;
@@ -71,6 +83,48 @@ export default class SmsService {
         smsLog.projectId = options.projectId;
       }
 
+      if (options.incidentId) {
+        smsLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        smsLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        smsLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        smsLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        smsLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        smsLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        smsLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        smsLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        smsLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        smsLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
       const twilioConfig: TwilioConfig | null =
         options.customTwilioConfig || (await getTwilioConfig());
 

App/FeatureSet/Notification/Utils/Handlebars.ts

@@ -42,10 +42,10 @@ loadPartials().catch((err: Error) => {
 
 Handlebars.registerHelper("ifCond", function (v1, v2, options) {
   if (v1 === v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });
 
@@ -56,9 +56,9 @@ Handlebars.registerHelper("concat", (v1: any, v2: any) => {
 
 Handlebars.registerHelper("ifNotCond", function (v1, v2, options) {
   if (v1 !== v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });

App/nodemon.json

@@ -1,8 +1,20 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
-    "exec": "node --inspect=0.0.0.0:9229 --require ts-node/register Index.ts"
+    "watchOptions": {
+        "useFsEvents": false,
+        "interval": 500
+    },
+    "env": {
+        "TS_NODE_TRANSPILE_ONLY": "1",
+        "TS_NODE_FILES": "false"
+    },
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

App/package-lock.json

@@ -65,6 +65,7 @@
         "@types/react-highlight": "^0.12.8",
         "@types/react-syntax-highlighter": "^15.5.13",
         "@types/uuid": "^8.3.4",
+        "@types/web-push": "^3.6.4",
         "acme-client": "^5.3.0",
         "airtable": "^0.12.2",
         "axios": "^1.7.2",
@@ -75,6 +76,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",
@@ -84,7 +86,6 @@
         "json5": "^2.2.3",
         "jsonwebtoken": "^9.0.0",
         "jwt-decode": "^4.0.0",
-        "lodash": "^4.17.21",
         "marked": "^12.0.2",
         "moment": "^2.30.1",
         "moment-timezone": "^0.5.45",
@@ -128,6 +129,7 @@
         "universal-cookie": "^7.2.1",
         "use-async-effect": "^2.2.6",
         "uuid": "^8.3.2",
+        "web-push": "^3.6.7",
         "zod": "^3.25.30"
       },
       "devDependencies": {
@@ -142,7 +144,6 @@
         "@types/jest": "^28.1.4",
         "@types/json2csv": "^5.0.3",
         "@types/jsonwebtoken": "^8.5.9",
-        "@types/lodash": "^4.14.202",
         "@types/node": "^17.0.45",
         "@types/node-cron": "^3.0.7",
         "@types/nodemailer": "^6.4.7",

Common/Models/DatabaseModels/AlertOwnerTeam.ts

@@ -64,6 +64,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "AlertOwnerTeam",
 })
+@Index(["alertId", "teamId", "projectId"])
 export default class AlertOwnerTeam extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/AlertOwnerUser.ts

@@ -63,6 +63,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "AlertOwnerUser",
 })
+@Index(["alertId", "userId", "projectId"])
 export default class AlertOwnerUser extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/AlertSeverity.ts

@@ -76,6 +76,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "AlertSeverity",
 })
+@Index(["projectId", "order"])
 export default class AlertSeverity extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/AlertState.ts

@@ -76,6 +76,10 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "AlertState",
 })
+@Index(["projectId", "isCreatedState"])
+@Index(["projectId", "isResolvedState"])
+@Index(["projectId", "isAcknowledgedState"])
+@Index(["projectId", "order"])
 export default class AlertState extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/AlertStateTimeline.ts

@@ -60,6 +60,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "AlertStateTimeline",
 })
+@Index(["alertId", "startsAt"])
 @TableMetadata({
   tableName: "AlertStateTimeline",
   singularName: "Alert State Timeline",

Common/Models/DatabaseModels/CallLog.ts

@@ -1,5 +1,14 @@
 import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
 import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import CallStatus from "../../Types/Call/CallStatus";
@@ -256,6 +265,575 @@ export default class CallLog extends BaseModel {
   })
   public callCostInUSDCents?: number = undefined;
 
+  // Relations to resources that triggered this Call (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description: "ID of On-Call Duty Policy associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/CopilotAction.ts

@@ -729,6 +729,7 @@ export default class CopilotAction extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Is Priority",
     description: "Is Priority",
+    defaultValue: false,
   })
   @Column({
     nullable: false,

Common/Models/DatabaseModels/EmailLog.ts

@@ -1,6 +1,15 @@
 import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
 import ProjectSmtpConfig from "./ProjectSmtpConfig";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
 import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
@@ -289,6 +298,576 @@ export default class EmailLog extends BaseModel {
   })
   public projectSmtpConfigId?: ObjectID = undefined;
 
+  // Relations to resources that triggered this email (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description:
+      "ID of On-Call Duty Policy associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/GlobalConfig.ts

@@ -17,7 +17,6 @@ import Port from "../../Types/Port";
 import { Column, Entity } from "typeorm";
 
 export enum EmailServerType {
-  Internal = "Internal",
   Sendgrid = "Sendgrid",
   CustomSMTP = "Custom SMTP",
 }
@@ -49,6 +48,7 @@ export default class GlobalConfig extends GlobalConfigModel {
     type: TableColumnType.Boolean,
     title: "Disable Signup",
     description: "Should we disable new user sign up to this server?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -339,6 +339,7 @@ export default class GlobalConfig extends GlobalConfigModel {
     type: TableColumnType.Boolean,
     title: "Is Master API Key Enabled",
     description: "Is Master API Key Enabled?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/Incident.ts

@@ -27,6 +27,7 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import {
   Column,
   Entity,
@@ -733,29 +734,74 @@ export default class Incident extends BaseModel {
   public changeMonitorStatusToId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectIncident,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadProjectIncident,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectIncident,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this incident?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description:
+      "Status of notification sent to subscribers about this incident",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnIncidentCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnIncidentCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectIncident,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectIncident,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectIncident,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentOwnerTeam.ts

@@ -64,6 +64,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "IncidentOwnerTeam",
 })
+@Index(["incidentId", "teamId", "projectId"])
 export default class IncidentOwnerTeam extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentOwnerUser.ts

@@ -63,6 +63,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "IncidentOwnerUser",
 })
+@Index(["incidentId", "userId", "projectId"])
 export default class IncidentOwnerUser extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentPublicNote.ts

@@ -17,6 +17,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -341,29 +342,73 @@ export default class IncidentPublicNote extends BaseModel {
   public note?: string = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadIncidentPublicNote,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentPublicNote,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this note?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description: "Status of notification sent to subscribers about this note",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnNoteCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnNoteCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentPublicNote,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentPublicNote,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentSeverity.ts

@@ -76,6 +76,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "IncidentSeverity",
 })
+@Index(["projectId", "order"])
 export default class IncidentSeverity extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentState.ts

@@ -76,6 +76,9 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "IncidentState",
 })
+@Index(["projectId", "isCreatedState"])
+@Index(["projectId", "isResolvedState"])
+@Index(["projectId", "order"])
 export default class IncidentState extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentStateTimeline.ts

@@ -19,11 +19,14 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
 @CanAccessIfCanReadOn("incident")
 @TenantColumn("projectId")
+@Index(["incidentId", "startsAt"]) // Composite index for efficient incident timeline queries
+@Index(["incidentId", "projectId", "startsAt"]) // Alternative composite index including project
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,
@@ -60,6 +63,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "IncidentStateTimeline",
 })
+@Index(["incidentId", "startsAt"])
 @TableMetadata({
   tableName: "IncidentStateTimeline",
   singularName: "Incident State Timeline",
@@ -388,29 +392,74 @@ export default class IncidentStateTimeline extends BaseModel {
   public incidentStateId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentStateTimeline,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadIncidentStateTimeline,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentStateTimeline,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this incident state change?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description:
+      "Status of notification sent to subscribers about this incident state change",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotified?: boolean = undefined;
+  public subscriberNotificationStatus?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentStateTimeline,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentStateTimeline,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentStateTimeline,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [
@@ -432,6 +481,7 @@ export default class IncidentStateTimeline extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Should subscribers be notified?",
     description: "Should subscribers be notified about this state change?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -458,6 +508,7 @@ export default class IncidentStateTimeline extends BaseModel {
     isDefaultValueColumn: true,
     title: "Are Owners Notified",
     description: "Are owners notified of state change?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/IncidentTemplate.ts

@@ -716,6 +716,77 @@ export default class IncidentTemplate extends BaseModel {
   })
   public changeMonitorStatusToId?: ObjectID = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "initialIncidentStateId",
+    type: TableColumnType.Entity,
+    modelType: IncidentState,
+    title: "Initial Incident State",
+    description:
+      "Relation to Incident State Object. Incidents created from this template will start in this state.",
+  })
+  @ManyToOne(
+    () => {
+      return IncidentState;
+    },
+    {
+      eager: false,
+      nullable: true,
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "initialIncidentStateId" })
+  public initialIncidentState?: IncidentState = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentTemplate,
+    ],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    title: "Initial Incident State ID",
+    description:
+      "Relation to Incident State Object ID. Incidents created from this template will start in this state.",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public initialIncidentStateId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/Index.ts

@@ -100,6 +100,8 @@ import ServiceCopilotCodeRepository from "./ServiceCopilotCodeRepository";
 import ShortLink from "./ShortLink";
 // SMS
 import SmsLog from "./SmsLog";
+import PushNotificationLog from "./PushNotificationLog";
+import WorkspaceNotificationLog from "./WorkspaceNotificationLog";
 // Status Page
 import StatusPage from "./StatusPage";
 import StatusPageAnnouncement from "./StatusPageAnnouncement";
@@ -114,12 +116,14 @@ import StatusPageOwnerTeam from "./StatusPageOwnerTeam";
 import StatusPageOwnerUser from "./StatusPageOwnerUser";
 import StatusPagePrivateUser from "./StatusPagePrivateUser";
 import StatusPageResource from "./StatusPageResource";
+import StatusPageSCIM from "./StatusPageSCIM";
 import StatusPageSSO from "./StatusPageSso";
 import StatusPageSubscriber from "./StatusPageSubscriber";
 // Team
 import Team from "./Team";
 import TeamMember from "./TeamMember";
 import TeamPermission from "./TeamPermission";
+import TeamComplianceSetting from "./TeamComplianceSetting";
 import TelemetryService from "./TelemetryService";
 import UsageBilling from "./TelemetryUsageBilling";
 import User from "./User";
@@ -142,7 +146,8 @@ import ServiceCatalogDependency from "./ServiceCatalogDependency";
 import ServiceCatalogMonitor from "./ServiceCatalogMonitor";
 import ServiceCatalogTelemetryService from "./ServiceCatalogTelemetryService";
 
-import UserTwoFactorAuth from "./UserTwoFactorAuth";
+import UserTotpAuth from "./UserTotpAuth";
+import UserWebAuthn from "./UserWebAuthn";
 
 import TelemetryIngestionKey from "./TelemetryIngestionKey";
 
@@ -175,10 +180,11 @@ import WorkspaceUserAuthToken from "./WorkspaceUserAuthToken";
 import WorkspaceProjectAuthToken from "./WorkspaceProjectAuthToken";
 import WorkspaceSetting from "./WorkspaceSetting";
 import WorkspaceNotificationRule from "./WorkspaceNotificationRule";
-import ProjectUser from "./ProjectUser";
+
 import OnCallDutyPolicyUserOverride from "./OnCallDutyPolicyUserOverride";
 import MonitorFeed from "./MonitorFeed";
 import MetricType from "./MetricType";
+import ProjectSCIM from "./ProjectSCIM";
 
 const AllModelTypes: Array<{
   new (): BaseModel;
@@ -192,6 +198,7 @@ const AllModelTypes: Array<{
   Team,
   TeamMember,
   TeamPermission,
+  TeamComplianceSetting,
   ApiKey,
   Label,
   ApiKeyPermission,
@@ -276,6 +283,7 @@ const AllModelTypes: Array<{
 
   ProjectSSO,
   StatusPageSSO,
+  StatusPageSCIM,
 
   MonitorProbe,
 
@@ -289,6 +297,8 @@ const AllModelTypes: Array<{
   StatusPageOwnerUser,
 
   SmsLog,
+  PushNotificationLog,
+  WorkspaceNotificationLog,
   CallLog,
   EmailLog,
 
@@ -357,7 +367,8 @@ const AllModelTypes: Array<{
   ProbeOwnerTeam,
   ProbeOwnerUser,
 
-  UserTwoFactorAuth,
+  UserTotpAuth,
+  UserWebAuthn,
 
   TelemetryIngestionKey,
 
@@ -373,13 +384,13 @@ const AllModelTypes: Array<{
   WorkspaceSetting,
   WorkspaceNotificationRule,
 
-  ProjectUser,
-
   MonitorFeed,
 
   MetricType,
 
   OnCallDutyPolicyTimeLog,
+
+  ProjectSCIM,
 ];
 
 const modelTypeMap: { [key: string]: { new (): BaseModel } } = {};

Common/Models/DatabaseModels/MonitorOwnerTeam.ts

@@ -72,6 +72,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "MonitorOwnerTeam",
 })
+@Index(["monitorId", "teamId", "projectId"])
 export default class MonitorOwnerTeam extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/MonitorOwnerUser.ts

@@ -71,6 +71,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "MonitorOwnerUser",
 })
+@Index(["monitorId", "userId", "projectId"])
 export default class MonitorOwnerUser extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/MonitorProbe.ts

@@ -24,6 +24,8 @@ export type MonitorStepProbeResponse = Dictionary<ProbeMonitorResponse>;
 
 @EnableDocumentation()
 @TenantColumn("projectId")
+@Index(["monitorId", "probeId"]) // Composite index for efficient monitor-probe relationship queries
+@Index(["monitorId", "projectId"]) // Alternative index for monitor queries within project
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,

Common/Models/DatabaseModels/MonitorStatus.ts

@@ -76,6 +76,8 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "MonitorStatus",
 })
+@Index(["projectId", "isOperationalState"])
+@Index(["projectId", "isOfflineState"])
 export default class MonitorStatus extends BaseModel {
   @ColumnAccessControl({
     create: [
@@ -454,6 +456,7 @@ export default class MonitorStatus extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Is Offline State",
     description: "Is this monitor in offline state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/MonitorStatusTimeline.ts

@@ -25,6 +25,8 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @EnableDocumentation()
 @CanAccessIfCanReadOn("monitor")
 @TenantColumn("projectId")
+@Index(["monitorId", "projectId", "startsAt"]) // Composite index for efficient timeline queries
+@Index(["monitorId", "startsAt"]) // Alternative index for monitor-specific timeline queries
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,
@@ -62,6 +64,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "MonitorStatusTimeline",
 })
+@Index(["monitorId", "startsAt"])
 @TableMetadata({
   tableName: "MonitorStatusTimeline",
   singularName: "Monitor Status Event",

Common/Models/DatabaseModels/OnCallDutyPolicy.ts

@@ -29,10 +29,17 @@ import {
   ManyToOne,
 } from "typeorm";
 import NotificationRuleWorkspaceChannel from "../../Types/Workspace/NotificationRules/NotificationRuleWorkspaceChannel";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,
@@ -455,7 +462,7 @@ export default class OnCallDutyPolicy extends BaseModel {
   @TableColumn({
     required: true,
     isDefaultValueColumn: true,
-    type: TableColumnType.Boolean,
+    type: TableColumnType.Number,
     canReadOnRelationQuery: true,
     title: "Repeat Policy Times If No One Acknowledges",
     description:

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRule.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleSchedule.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleSchedule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-schedule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-schedule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleSchedule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleTeam.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleTeam,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-team"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-team"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleTeam",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleUser.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleUser,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-user"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-user"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleUser",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyExecutionLog.ts

@@ -25,6 +25,7 @@ import Permission from "../../Types/Permission";
 import UserNotificationEventType from "../../Types/UserNotification/UserNotificationEventType";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import Alert from "./Alert";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @TableBillingAccessControl({
   create: PlanType.Growth,
@@ -32,6 +33,12 @@ import Alert from "./Alert";
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @EnableDocumentation()
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicyExecutionLogTimeline.ts

@@ -51,6 +51,9 @@ import Alert from "./Alert";
 @Entity({
   name: "OnCallDutyPolicyExecutionLogTimeline",
 })
+@Index(["onCallDutyPolicyExecutionLogId", "createdAt"])
+@Index(["projectId", "createdAt"])
+@Index(["alertSentToUserId", "projectId"])
 @TableMetadata({
   tableName: "OnCallDutyPolicyExecutionLogTimeline",
   singularName: "On-Call Duty Execution Log Timeline",

Common/Models/DatabaseModels/OnCallDutyPolicyOwnerTeam.ts

@@ -72,6 +72,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "OnCallDutyPolicyOwnerTeam",
 })
+@Index(["onCallDutyPolicyId", "teamId", "projectId"])
 export default class OnCallDutyPolicyOwnerTeam extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/OnCallDutyPolicyOwnerUser.ts

@@ -71,6 +71,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "OnCallDutyPolicyOwnerUser",
 })
+@Index(["onCallDutyPolicyId", "userId", "projectId"])
 export default class OnCallDutyPolicyOwnerUser extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/OnCallDutyPolicySchedule.ts

@@ -29,6 +29,7 @@ import {
   ManyToMany,
   ManyToOne,
 } from "typeorm";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -37,6 +38,12 @@ import {
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicyTimeLog.ts

@@ -17,6 +17,7 @@ import Permission from "../../Types/Permission";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
 import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -26,6 +27,12 @@ import { PlanType } from "../../Types/Billing/SubscriptionPlan";
   delete: PlanType.Growth,
 })
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,

Common/Models/DatabaseModels/OnCallDutyPolicyUserOverride.ts

@@ -132,9 +132,11 @@ export default class OnCallDutyPolicyUserOverride extends BaseModel {
   })
   public projectId?: ObjectID = undefined;
 
-  // If this is null then it's a global override
-  // If this is set then it's a policy specific override
-  // Policy specifc override will take precedence over global override
+  /*
+   * If this is null then it's a global override
+   * If this is set then it's a policy specific override
+   * Policy specifc override will take precedence over global override
+   */
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/Project.ts

@@ -248,6 +248,84 @@ export default class Project extends TenantModel {
   })
   public paymentProviderCustomerId?: string = undefined;
 
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.LongText,
+    title: "Business Details / Billing Address",
+    description:
+      "Business legal name, address and any tax information to appear on invoices.",
+  })
+  @Column({
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+    nullable: true,
+    unique: false,
+  })
+  public businessDetails?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Business Country (ISO Alpha-2)",
+    description:
+      "Two-letter ISO country code for billing address (e.g., US, GB, DE).",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: false,
+  })
+  public businessDetailsCountry?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.Email,
+    title: "Finance / Accounting Email",
+    description:
+      "Invoices, receipts and billing related notifications will be sent to this email in addition to project owner.",
+  })
+  @Column({
+    type: ColumnType.Email,
+    length: ColumnLength.Email,
+    nullable: true,
+    unique: false,
+  })
+  public financeAccountingEmail?: string = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [
@@ -1213,4 +1291,63 @@ export default class Project extends TenantModel {
     type: ColumnType.Boolean,
   })
   public letCustomerSupportAccessProject?: boolean = undefined;
+
+  /*
+   * This is an internal field. This is used for internal analytics for example: Metabase.
+   * Values can be between 0 and 100.
+   */
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.Number,
+    isDefaultValueColumn: true,
+    hideColumnInDocumentation: true,
+    title: "Discount Percent",
+    description: "Discount percentage applied to the project billing",
+    defaultValue: 0,
+  })
+  @Column({
+    type: ColumnType.Number,
+    nullable: false,
+    unique: false,
+    default: 0,
+  })
+  public discountPercent?: number = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProject,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.Boolean,
+    isDefaultValueColumn: false,
+    title: "Do NOT auto-add Global Probes to new monitors",
+    description:
+      "If enabled, global probes will NOT be automatically added to new monitors. Enable this only if you are using ONLY custom probes to monitor your resources.",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    nullable: false,
+    unique: false,
+    default: false,
+  })
+  public doNotAddGlobalProbesByDefaultOnNewMonitors?: boolean = undefined;
 }

Common/Models/DatabaseModels/ProjectSCIM.ts

@@ -0,0 +1,482 @@
+import Project from "./Project";
+import Team from "./Team";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import UniqueColumnBy from "../../Types/Database/UniqueColumnBy";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import {
+  Column,
+  Entity,
+  Index,
+  JoinColumn,
+  JoinTable,
+  ManyToMany,
+  ManyToOne,
+} from "typeorm";
+
+@TableBillingAccessControl({
+  create: PlanType.Scale,
+  read: PlanType.Scale,
+  update: PlanType.Scale,
+  delete: PlanType.Scale,
+})
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.CreateProjectSSO,
+  ],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadProjectSSO,
+  ],
+  delete: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.DeleteProjectSSO,
+  ],
+  update: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectSSO,
+  ],
+})
+@CrudApiEndpoint(new Route("/project-scim"))
+@TableMetadata({
+  tableName: "ProjectSCIM",
+  singularName: "SCIM",
+  pluralName: "SCIM",
+  icon: IconProp.Lock,
+  tableDescription: "Manage SCIM auto-provisioning for your project",
+})
+@Entity({
+  name: "ProjectSCIM",
+})
+export default class ProjectSCIM extends BaseModel {
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    canReadOnRelationQuery: true,
+    title: "Name",
+    description: "Any friendly name for this SCIM configuration",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  @UniqueColumnBy("projectId")
+  public name?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Description",
+    description: "Friendly description to help you remember",
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public description?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Bearer Token",
+    description: "Bearer token for SCIM authentication. Keep this secure.",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public bearerToken?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Team,
+    title: "Default Teams",
+    description: "Default teams that new users will be added to via SCIM",
+  })
+  @ManyToMany(
+    () => {
+      return Team;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "ProjectScimTeam",
+    inverseJoinColumn: {
+      name: "teamId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "projectScimId",
+      referencedColumnName: "_id",
+    },
+  })
+  public teams?: Array<Team> = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Provision Users",
+    description: "Automatically create users when they are added via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoProvisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Deprovision Users",
+    description: "Automatically remove users when they are removed via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoDeprovisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable Push Groups",
+    description: "Enable push groups provisioning instead of default teams",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public enablePushGroups?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Deleted by User",
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/ProjectSmtpConfig.ts

@@ -336,8 +336,10 @@ export default class ProjectSmtpConfig extends BaseModel {
   })
   public deletedByUserId?: ObjectID = undefined;
 
-  // This is not required because some SMTP servers do not require authentication.
-  // eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+  /*
+   * This is not required because some SMTP servers do not require authentication.
+   * eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+   */
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/ProjectSso.ts

@@ -578,7 +578,11 @@ export default class ProjectSSO extends BaseModel {
     ],
     update: [],
   })
-  @TableColumn({ isDefaultValueColumn: true, type: TableColumnType.Boolean })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    defaultValue: false,
+  })
   @Column({
     type: ColumnType.Boolean,
     default: false,

Common/Models/DatabaseModels/PushNotificationLog.ts

@@ -0,0 +1,877 @@
+import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
+import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import PushStatus from "../../Types/PushNotification/PushStatus";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@EnableDocumentation()
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadPushLog,
+  ],
+  delete: [],
+  update: [],
+})
+@CrudApiEndpoint(new Route("/push-notification-log"))
+@Entity({
+  name: "PushNotificationLog",
+})
+@EnableWorkflow({
+  create: true,
+  delete: false,
+  update: false,
+})
+@TableMetadata({
+  tableName: "PushNotificationLog",
+  singularName: "Push Notification Log",
+  pluralName: "Push Notification Logs",
+  icon: IconProp.Bell,
+  tableDescription:
+    "Logs of all the Push Notifications sent out to all users and subscribers for this project.",
+})
+export default class PushNotificationLog extends BaseModel {
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Title",
+    description: "Title of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public title?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.VeryLongText,
+    title: "Body",
+    description: "Body of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.VeryLongText,
+  })
+  public body?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.ShortText,
+    title: "Device Type",
+    description: "Type of device this was sent to (e.g., web)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public deviceType?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.ShortText,
+    title: "Device Name",
+    description: "Name of the device this was sent to",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public deviceName?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Status Message",
+    description: "Status Message (if any)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public statusMessage?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    title: "Status",
+    description: "Status of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public status?: PushStatus = undefined;
+
+  // Relations to resources that triggered this push notification (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this Push notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this Push notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description:
+      "On-Call Duty Policy associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description:
+      "ID of On-Call Duty Policy associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/Reseller.ts

@@ -269,6 +269,7 @@ export default class Reseller extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Enable Telemetry Features",
     description: "Should we enable telemetry features for this reseller?",
+    defaultValue: false,
   })
   @Column({
     nullable: true,

Common/Models/DatabaseModels/ScheduledMaintenance.ts

@@ -25,6 +25,7 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import {
   Column,
   Entity,
@@ -715,29 +716,74 @@ export default class ScheduledMaintenance extends BaseModel {
   public endsAt?: Date = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectScheduledMaintenance,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadProjectScheduledMaintenance,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectScheduledMaintenance,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Status Page Subscribers Notified On Event Scheduled",
-    description: "Status Page Subscribers Notified On Event Scheduled",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status On Event Scheduled",
+    description:
+      "Status of notification sent to subscribers when event was scheduled",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnEventScheduled?: boolean = undefined;
+  public subscriberNotificationStatusOnEventScheduled?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectScheduledMaintenance,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectScheduledMaintenance,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message On Event Scheduled",
+    description:
+      "Status message for subscriber notifications when event is scheduled - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/ScheduledMaintenanceOwnerTeam.ts

@@ -64,6 +64,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "ScheduledMaintenanceOwnerTeam",
 })
+@Index(["scheduledMaintenanceId", "teamId", "projectId"])
 export default class ScheduledMaintenanceOwnerTeam extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/ScheduledMaintenanceOwnerUser.ts

@@ -63,6 +63,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 @Entity({
   name: "ScheduledMaintenanceOwnerUser",
 })
+@Index(["scheduledMaintenanceId", "userId", "projectId"])
 export default class ScheduledMaintenanceOwnerUser extends BaseModel {
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/ScheduledMaintenancePublicNote.ts

@@ -17,6 +17,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -342,29 +343,73 @@ export default class ScheduledMaintenancePublicNote extends BaseModel {
   public note?: string = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenancePublicNote,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadScheduledMaintenancePublicNote,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenancePublicNote,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this note?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description: "Status of notification sent to subscribers about this note",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnNoteCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnNoteCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenancePublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadScheduledMaintenancePublicNote,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenancePublicNote,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [