feat: add advanced filters toggle functionality across various components

- Added OtelIngestBaseService as a base class for common functionality.
- Implemented OtelLogsIngestService to handle log ingestion, including processing and flushing logs to the database.
- Implemented OtelMetricsIngestService to handle metric ingestion, including processing and flushing metrics to the database.
- Implemented OtelTracesIngestService to handle trace ingestion, including processing spans and exceptions, and flushing them to the database.
- Introduced error handling and logging throughout the ingestion process to ensure robustness.
- Utilized CaptureSpan decorator for telemetry tracking in key methods.
- Enhanced service name extraction from request attributes for better traceability.

.github/instructions/instructions.md

@@ -0,0 +1,17 @@
+---
+applyTo: '**'
+---
+
+# Building and Compiling
+
+If you would like to compile or build any project. Please cd into the directory and run the following command:
+
+```
+npm run compile
+```
+
+Ths will make sure there are no type / syntax errors. 
+
+# Typescript Types.
+
+Please do not use "any" types. Please create proper types where required. 

.github/workflows/build.yml

@@ -19,7 +19,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -38,7 +42,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -57,7 +65,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -76,7 +88,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -95,7 +111,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -114,7 +134,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -133,7 +157,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -153,7 +181,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
@@ -172,7 +204,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
@@ -193,7 +229,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for accounts service
       - name: build docker image
@@ -212,7 +252,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
@@ -232,7 +276,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
@@ -251,7 +299,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
@@ -270,7 +322,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -289,7 +345,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -308,7 +368,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -327,7 +391,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -346,7 +414,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -365,7 +437,11 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
@@ -384,7 +460,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image for home
       - name: build docker image
@@ -403,7 +483,11 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for mail service
       - name: build docker image

.github/workflows/compile.yml

@@ -422,4 +422,4 @@ jobs:
         with:
           timeout_minutes: 30
           max_attempts: 3
-          command: cd MCP && npm install && npm run compile && npm run dep-check
+          command: cd MCP && npm update @oneuptime/common && npm install && npm run compile && npm run dep-check

APIReference/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

APIReference/Service/Authentication.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Retrieve resources documentation
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -16,7 +17,7 @@ export default class ServiceHandler {
 
     // Extract page parameter from request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set default page title and description for the authentication page
     pageTitle = "Authentication";

APIReference/Service/DataType.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -12,9 +13,9 @@ export default class ServiceHandler {
     _req: ExpressRequest,
     res: ExpressResponse,
   ): Promise<void> {
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
-    pageData.selectCode = await LocalCache.getOrSetString(
+    pageData["selectCode"] = await LocalCache.getOrSetString(
       "data-type",
       "select",
       async () => {
@@ -22,7 +23,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.sortCode = await LocalCache.getOrSetString(
+    pageData["sortCode"] = await LocalCache.getOrSetString(
       "data-type",
       "sort",
       async () => {
@@ -30,7 +31,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToCode = await LocalCache.getOrSetString(
+    pageData["equalToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to",
       async () => {
@@ -38,7 +39,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToOrNullCode = await LocalCache.getOrSetString(
+    pageData["equalToOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to-or-null",
       async () => {
@@ -48,7 +49,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanCode = await LocalCache.getOrSetString(
+    pageData["greaterThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than",
       async () => {
@@ -58,7 +59,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than-or-equal",
       async () => {
@@ -68,7 +69,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanCode = await LocalCache.getOrSetString(
+    pageData["lessThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than",
       async () => {
@@ -78,7 +79,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -88,7 +89,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.includesCode = await LocalCache.getOrSetString(
+    pageData["includesCode"] = await LocalCache.getOrSetString(
       "data-type",
       "includes",
       async () => {
@@ -98,7 +99,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -108,7 +109,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -118,7 +119,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.isNullCode = await LocalCache.getOrSetString(
+    pageData["isNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "is-null",
       async () => {
@@ -126,7 +127,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notNullCode = await LocalCache.getOrSetString(
+    pageData["notNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-null",
       async () => {
@@ -134,7 +135,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notEqualToCode = await LocalCache.getOrSetString(
+    pageData["notEqualToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-equals",
       async () => {

APIReference/Service/Errors.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -17,7 +18,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set the default page title and description
     pageTitle = "Errors";

APIReference/Service/Introduction.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Get all resources and featured resources from ResourceUtil
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -20,10 +21,10 @@ export default class ServiceHandler {
 
     // Get the requested page from the URL parameters
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set featured resources for the page
-    pageData.featuredResources = FeaturedResources;
+    pageData["featuredResources"] = FeaturedResources;
 
     // Set page title and description
     pageTitle = "Introduction";

APIReference/Service/Model.ts

@@ -3,7 +3,10 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import PageNotFoundServiceHandler from "./PageNotFound";
 import { AppApiRoute } from "Common/ServiceRoute";
 import { ColumnAccessControl } from "Common/Types/BaseDatabase/AccessControl";
-import { getTableColumns } from "Common/Types/Database/TableColumn";
+import {
+  getTableColumns,
+  TableColumnMetadata,
+} from "Common/Types/Database/TableColumn";
 import Dictionary from "Common/Types/Dictionary";
 import ObjectID from "Common/Types/ObjectID";
 import Permission, {
@@ -33,7 +36,7 @@ export default class ServiceHandler {
     let pageTitle: string = "";
     let pageDescription: string = "";
     let page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Check if page is provided
     if (!page) {
@@ -56,7 +59,9 @@ export default class ServiceHandler {
     page = "model";
 
     // Get table columns for current resource
-    const tableColumns: any = getTableColumns(currentResource.model);
+    const tableColumns: Dictionary<TableColumnMetadata> = getTableColumns(
+      currentResource.model,
+    );
 
     // Filter out columns with no access
     for (const key in tableColumns) {
@@ -77,12 +82,14 @@ export default class ServiceHandler {
         continue;
       }
 
-      if (tableColumns[key].hideColumnInDocumentation) {
+      if (tableColumns[key] && tableColumns[key]!.hideColumnInDocumentation) {
         delete tableColumns[key];
         continue;
       }
 
-      tableColumns[key].permissions = accessControl;
+      if (tableColumns[key]) {
+        (tableColumns[key] as any).permissions = accessControl;
+      }
     }
 
     // Remove unnecessary columns
@@ -92,11 +99,11 @@ export default class ServiceHandler {
     delete tableColumns["version"];
 
     // Set page data
-    pageData.title = currentResource.model.singularName;
-    pageData.description = currentResource.model.tableDescription;
-    pageData.columns = tableColumns;
+    pageData["title"] = currentResource.model.singularName;
+    pageData["description"] = currentResource.model.tableDescription;
+    pageData["columns"] = tableColumns;
 
-    pageData.tablePermissions = {
+    pageData["tablePermissions"] = {
       read: currentResource.model.readRecordPermissions.map(
         (permission: Permission) => {
           return PermissionDictionary[permission];
@@ -120,7 +127,7 @@ export default class ServiceHandler {
     };
 
     // Cache the list request data
-    pageData.listRequest = await LocalCache.getOrSetString(
+    pageData["listRequest"] = await LocalCache.getOrSetString(
       "model",
       "list-request",
       async () => {
@@ -130,7 +137,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item request data
-    pageData.itemRequest = await LocalCache.getOrSetString(
+    pageData["itemRequest"] = await LocalCache.getOrSetString(
       "model",
       "item-request",
       async () => {
@@ -140,7 +147,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item response data
-    pageData.itemResponse = await LocalCache.getOrSetString(
+    pageData["itemResponse"] = await LocalCache.getOrSetString(
       "model",
       "item-response",
       async () => {
@@ -152,7 +159,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count request data
-    pageData.countRequest = await LocalCache.getOrSetString(
+    pageData["countRequest"] = await LocalCache.getOrSetString(
       "model",
       "count-request",
       async () => {
@@ -164,7 +171,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count response data
-    pageData.countResponse = await LocalCache.getOrSetString(
+    pageData["countResponse"] = await LocalCache.getOrSetString(
       "model",
       "count-response",
       async () => {
@@ -175,7 +182,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateRequest = await LocalCache.getOrSetString(
+    pageData["updateRequest"] = await LocalCache.getOrSetString(
       "model",
       "update-request",
       async () => {
@@ -186,7 +193,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateResponse = await LocalCache.getOrSetString(
+    pageData["updateResponse"] = await LocalCache.getOrSetString(
       "model",
       "update-response",
       async () => {
@@ -197,7 +204,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createRequest = await LocalCache.getOrSetString(
+    pageData["createRequest"] = await LocalCache.getOrSetString(
       "model",
       "create-request",
       async () => {
@@ -208,7 +215,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createResponse = await LocalCache.getOrSetString(
+    pageData["createResponse"] = await LocalCache.getOrSetString(
       "model",
       "create-response",
       async () => {
@@ -219,7 +226,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteRequest = await LocalCache.getOrSetString(
+    pageData["deleteRequest"] = await LocalCache.getOrSetString(
       "model",
       "delete-request",
       async () => {
@@ -230,7 +237,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteResponse = await LocalCache.getOrSetString(
+    pageData["deleteResponse"] = await LocalCache.getOrSetString(
       "model",
       "delete-response",
       async () => {
@@ -242,7 +249,7 @@ export default class ServiceHandler {
     );
 
     // Get list response from cache or set it if it's not available
-    pageData.listResponse = await LocalCache.getOrSetString(
+    pageData["listResponse"] = await LocalCache.getOrSetString(
       "model",
       "list-response",
       async () => {
@@ -254,14 +261,15 @@ export default class ServiceHandler {
     );
 
     // Generate a unique ID for the example object
-    pageData.exampleObjectID = ObjectID.generate();
+    pageData["exampleObjectID"] = ObjectID.generate();
 
     // Construct the API path for the current resource
-    pageData.apiPath =
+    pageData["apiPath"] =
       AppApiRoute.toString() + currentResource.model.crudApiPath?.toString();
 
     // Check if the current resource is a master admin API
-    pageData.isMasterAdminApiDocs = currentResource.model.isMasterAdminApiDocs;
+    pageData["isMasterAdminApiDocs"] =
+      currentResource.model.isMasterAdminApiDocs;
 
     // Render the index page with the required data
     return res.render(`${ViewsPath}/pages/index`, {

APIReference/Service/OpenAPI.ts

@@ -7,6 +7,7 @@ import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import URL from "Common/Types/API/URL";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -22,7 +23,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {
+    const pageData: Dictionary<unknown> = {
       hostUrl: new URL(HttpProtocol, Host).toString(),
     };
 

APIReference/Service/Pagination.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources(); // Get all resources from ResourceUtil
 
@@ -15,14 +16,14 @@ export default class ServiceHandler {
     let pageTitle: string = ""; // Initialize page title
     let pageDescription: string = ""; // Initialize page description
     const page: string | undefined = req.params["page"]; // Get the page parameter from the request
-    const pageData: any = {}; // Initialize page data object
+    const pageData: Dictionary<unknown> = {}; // Initialize page data object
 
     // Set page title and description
     pageTitle = "Pagination";
     pageDescription = "Learn how to paginate requests with OneUptime API";
 
     // Get response and request code from LocalCache or LocalFile
-    pageData.responseCode = await LocalCache.getOrSetString(
+    pageData["responseCode"] = await LocalCache.getOrSetString(
       "pagination",
       "response",
       async () => {
@@ -33,7 +34,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.requestCode = await LocalCache.getOrSetString(
+    pageData["requestCode"] = await LocalCache.getOrSetString(
       "pagination",
       "request",
       async () => {

APIReference/Service/Permissions.ts

@@ -3,6 +3,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { PermissionHelper, PermissionProps } from "Common/Types/Permission";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -17,14 +18,14 @@ export default class ServiceHandler {
 
     // Get the requested page
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set page title and description
     pageTitle = "Permissions";
     pageDescription = "Learn how permissions work with OneUptime";
 
     // Filter permissions to only include those assignable to tenants
-    pageData.permissions = PermissionHelper.getAllPermissionProps().filter(
+    pageData["permissions"] = PermissionHelper.getAllPermissionProps().filter(
       (i: PermissionProps) => {
         return i.isAssignableToTenant;
       },

APIReference/nodemon.json

@@ -1,10 +1,14 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
     "watchOptions": {"useFsEvents": false, "interval": 500},
     "env": {"TS_NODE_TRANSPILE_ONLY": "1", "TS_NODE_FILES": "false"},
-    "exec": "node --inspect=0.0.0.0:9229 -r ts-node/register/transpile-only Index.ts"
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

APIReference/package-lock.json

@@ -66,6 +66,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",

Accounts/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

Accounts/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

Accounts/package-lock.json

@@ -70,6 +70,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",

Accounts/src/Pages/Login.tsx

@@ -1,6 +1,8 @@
 import {
   LOGIN_API_URL,
-  VERIFY_TWO_FACTOR_AUTH_API_URL,
+  VERIFY_TOTP_AUTH_API_URL,
+  GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+  VERIFY_WEBAUTHN_AUTH_API_URL,
 } from "../Utils/ApiPaths";
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
@@ -12,17 +14,20 @@ import { DASHBOARD_URL } from "Common/UI/Config";
 import OneUptimeLogo from "Common/UI/Images/logos/OneUptimeSVG/3-transparent.svg";
 import UiAnalytics from "Common/UI/Utils/Analytics";
 import LoginUtil from "Common/UI/Utils/Login";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
 import Navigation from "Common/UI/Utils/Navigation";
 import UserUtil from "Common/UI/Utils/User";
 import User from "Common/Models/DatabaseModels/User";
 import React from "react";
 import useAsyncEffect from "use-async-effect";
-import StaticModelList from "Common/UI/Components/ModelList/StaticModelList";
 import BasicForm from "Common/UI/Components/Forms/BasicForm";
 import API from "Common/UI/Utils/API/API";
 import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
 import HTTPResponse from "Common/Types/API/HTTPResponse";
+import Base64 from "Common/Utils/Base64";
+import ErrorMessage from "Common/UI/Components/ErrorMessage/ErrorMessage";
+import ComponentLoader from "Common/UI/Components/ComponentLoader/ComponentLoader";
 
 const LoginPage: () => JSX.Element = () => {
   const apiUrl: URL = LOGIN_API_URL;
@@ -36,14 +41,32 @@ const LoginPage: () => JSX.Element = () => {
   const [showTwoFactorAuth, setShowTwoFactorAuth] =
     React.useState<boolean>(false);
 
-  const [twoFactorAuthList, setTwoFactorAuthList] = React.useState<
-    UserTwoFactorAuth[]
-  >([]);
+  const [totpAuthList, setTotpAuthList] = React.useState<UserTotpAuth[]>([]);
 
-  const [selectedTwoFactorAuth, setSelectedTwoFactorAuth] = React.useState<
-    UserTwoFactorAuth | undefined
+  const [webAuthnList, setWebAuthnList] = React.useState<UserWebAuthn[]>([]);
+
+  const [selectedTotpAuth, setSelectedTotpAuth] = React.useState<
+    UserTotpAuth | undefined
   >(undefined);
 
+  const [selectedWebAuthn, setSelectedWebAuthn] = React.useState<
+    UserWebAuthn | undefined
+  >(undefined);
+
+  type TwoFactorMethod = {
+    type: "totp" | "webauthn";
+    item: UserTotpAuth | UserWebAuthn;
+  };
+
+  const twoFactorMethods: TwoFactorMethod[] = [
+    ...totpAuthList.map((item: UserTotpAuth) => {
+      return { type: "totp" as const, item };
+    }),
+    ...webAuthnList.map((item: UserWebAuthn) => {
+      return { type: "webauthn" as const, item };
+    }),
+  ];
+
   const [isTwoFactorAuthLoading, setIsTwoFactorAuthLoading] =
     React.useState<boolean>(false);
   const [twofactorAuthError, setTwoFactorAuthError] =
@@ -57,6 +80,96 @@ const LoginPage: () => JSX.Element = () => {
     }
   }, []);
 
+  useAsyncEffect(async () => {
+    if (selectedWebAuthn) {
+      setIsTwoFactorAuthLoading(true);
+      try {
+        const result: HTTPResponse<JSONObject> = await API.post({
+          url: GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+          data: {
+            data: {
+              email: initialValues["email"],
+            },
+          },
+        });
+
+        if (result instanceof HTTPErrorResponse) {
+          throw result;
+        }
+
+        const data: any = result.data as any;
+
+        // Convert base64url strings back to Uint8Array
+        data.options.challenge = Base64.base64UrlToUint8Array(
+          data.options.challenge,
+        );
+        if (data.options.allowCredentials) {
+          data.options.allowCredentials.forEach((cred: any) => {
+            cred.id = Base64.base64UrlToUint8Array(cred.id);
+          });
+        }
+
+        // Use WebAuthn API
+        const credential: PublicKeyCredential =
+          (await navigator.credentials.get({
+            publicKey: data.options,
+          })) as PublicKeyCredential;
+
+        const assertionResponse: AuthenticatorAssertionResponse =
+          credential.response as AuthenticatorAssertionResponse;
+
+        // Verify
+        const verifyResult: HTTPResponse<JSONObject> = await API.post({
+          url: VERIFY_WEBAUTHN_AUTH_API_URL,
+          data: {
+            data: {
+              ...initialValues,
+              challenge: data.challenge,
+              credential: {
+                id: credential.id,
+                rawId: Base64.uint8ArrayToBase64Url(
+                  new Uint8Array(credential.rawId),
+                ),
+                response: {
+                  authenticatorData: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.authenticatorData),
+                  ),
+                  clientDataJSON: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.clientDataJSON),
+                  ),
+                  signature: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.signature),
+                  ),
+                  userHandle: assertionResponse.userHandle
+                    ? Base64.uint8ArrayToBase64Url(
+                        new Uint8Array(assertionResponse.userHandle),
+                      )
+                    : null,
+                },
+                type: credential.type,
+              },
+            },
+          },
+        });
+
+        if (verifyResult instanceof HTTPErrorResponse) {
+          throw verifyResult;
+        }
+
+        const user: User = User.fromJSON(
+          verifyResult.data as JSONObject,
+          User,
+        ) as User;
+        const miscData: JSONObject = {};
+
+        login(user as User, miscData);
+      } catch (error) {
+        setTwoFactorAuthError(API.getFriendlyErrorMessage(error as Error));
+      }
+      setIsTwoFactorAuthLoading(false);
+    }
+  }, [selectedWebAuthn]);
+
   type LoginFunction = (user: User, miscData: JSONObject) => void;
 
   const login: LoginFunction = (user: User, miscData: JSONObject): void => {
@@ -156,16 +269,23 @@ const LoginPage: () => JSX.Element = () => {
               ) => {
                 if (
                   miscData &&
-                  (miscData as JSONObject)["twoFactorAuth"] === true
+                  ((((miscData as JSONObject)["totpAuthList"] as JSONArray)
+                    ?.length || 0) > 0 ||
+                    (((miscData as JSONObject)["webAuthnList"] as JSONArray)
+                      ?.length || 0) > 0)
                 ) {
-                  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-                    UserTwoFactorAuth.fromJSONArray(
-                      (miscData as JSONObject)[
-                        "twoFactorAuthList"
-                      ] as JSONArray,
-                      UserTwoFactorAuth,
+                  const totpAuthList: Array<UserTotpAuth> =
+                    UserTotpAuth.fromJSONArray(
+                      (miscData as JSONObject)["totpAuthList"] as JSONArray,
+                      UserTotpAuth,
                     );
-                  setTwoFactorAuthList(twoFactorAuthList);
+                  const webAuthnList: Array<UserWebAuthn> =
+                    UserWebAuthn.fromJSONArray(
+                      (miscData as JSONObject)["webAuthnList"] as JSONArray,
+                      UserWebAuthn,
+                    );
+                  setTotpAuthList(totpAuthList);
+                  setWebAuthnList(webAuthnList);
                   setShowTwoFactorAuth(true);
                   return;
                 }
@@ -187,19 +307,53 @@ const LoginPage: () => JSX.Element = () => {
             />
           )}
 
-          {showTwoFactorAuth && !selectedTwoFactorAuth && (
-            <StaticModelList<UserTwoFactorAuth>
-              titleField="name"
-              descriptionField=""
-              selectedItems={[]}
-              list={twoFactorAuthList}
-              onClick={(item: UserTwoFactorAuth) => {
-                setSelectedTwoFactorAuth(item);
-              }}
-            />
+          {showTwoFactorAuth && !selectedTotpAuth && !selectedWebAuthn && (
+            <div className="space-y-4">
+              {twoFactorMethods.map(
+                (method: TwoFactorMethod, index: number) => {
+                  return (
+                    <div
+                      key={index}
+                      className="cursor-pointer p-4 border border-gray-300 rounded-lg hover:bg-gray-50"
+                      onClick={() => {
+                        if (method.type === "totp") {
+                          setSelectedTotpAuth(method.item as UserTotpAuth);
+                        } else {
+                          setSelectedWebAuthn(method.item as UserWebAuthn);
+                        }
+                      }}
+                    >
+                      <div className="font-medium">
+                        {(method.item as any).name}
+                      </div>
+                      <div className="text-sm text-gray-500">
+                        {method.type === "totp"
+                          ? "Authenticator App"
+                          : "Security Key"}
+                      </div>
+                    </div>
+                  );
+                },
+              )}
+            </div>
           )}
 
-          {showTwoFactorAuth && selectedTwoFactorAuth && (
+          {showTwoFactorAuth && selectedWebAuthn && (
+            <div className="text-center">
+              <div className="text-lg font-medium mb-4">
+                Authenticating with Security Key
+              </div>
+              <div className="text-sm text-gray-500 mb-4">
+                Please follow the instructions on your security key device.
+              </div>
+              {isTwoFactorAuthLoading && <ComponentLoader />}
+              {twofactorAuthError && (
+                <ErrorMessage message={twofactorAuthError} />
+              )}
+            </div>
+          )}
+
+          {showTwoFactorAuth && selectedTotpAuth && (
             <BasicForm
               id="two-factor-auth-form"
               name="Two Factor Auth"
@@ -225,14 +379,17 @@ const LoginPage: () => JSX.Element = () => {
                 try {
                   const code: string = data["code"] as string;
                   const twoFactorAuthId: string =
-                    selectedTwoFactorAuth.id?.toString() as string;
+                    selectedTotpAuth!.id?.toString() as string;
 
                   const result: HTTPErrorResponse | HTTPResponse<JSONObject> =
-                    await API.post(VERIFY_TWO_FACTOR_AUTH_API_URL, {
+                    await API.post({
+                      url: VERIFY_TOTP_AUTH_API_URL,
                       data: {
-                        ...initialValues,
-                        code: code,
-                        twoFactorAuthId: twoFactorAuthId,
+                        data: {
+                          ...initialValues,
+                          code: code,
+                          twoFactorAuthId: twoFactorAuthId,
+                        },
                       },
                     });
 
@@ -261,7 +418,7 @@ const LoginPage: () => JSX.Element = () => {
           )}
         </div>
         <div className="mt-10 text-center">
-          {!selectedTwoFactorAuth && (
+          {!selectedTotpAuth && !selectedWebAuthn && (
             <div className="text-muted mb-0 text-gray-500">
               Don&apos;t have an account?{" "}
               <Link
@@ -272,11 +429,12 @@ const LoginPage: () => JSX.Element = () => {
               </Link>
             </div>
           )}
-          {selectedTwoFactorAuth ? (
+          {selectedTotpAuth || selectedWebAuthn ? (
             <div className="text-muted mb-0 text-gray-500">
               <Link
                 onClick={() => {
-                  setSelectedTwoFactorAuth(undefined);
+                  setSelectedTotpAuth(undefined);
+                  setSelectedWebAuthn(undefined);
                 }}
                 className="text-indigo-500 hover:text-indigo-900 cursor-pointer"
               >

Accounts/src/Pages/LoginWithSSO.tsx

@@ -42,12 +42,12 @@ const LoginPage: () => JSX.Element = () => {
       try {
         // get sso config by email.
         const listResult: HTTPErrorResponse | HTTPResponse<JSONArray> =
-          await API.get(
-            URL.fromString(apiUrl.toString()).addQueryParam(
+          await API.get({
+            url: URL.fromString(apiUrl.toString()).addQueryParam(
               "email",
               email.toString(),
             ),
-          );
+          });
 
         if (listResult instanceof HTTPErrorResponse) {
           throw listResult;

Accounts/src/Utils/ApiPaths.ts

@@ -1,6 +1,6 @@
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
-import { IDENTITY_URL } from "Common/UI/Config";
+import { IDENTITY_URL, APP_API_URL } from "Common/UI/Config";
 
 export const SIGNUP_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/signup"),
@@ -9,9 +9,17 @@ export const LOGIN_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/login"),
 );
 
-export const VERIFY_TWO_FACTOR_AUTH_API_URL: URL = URL.fromURL(
+export const VERIFY_TOTP_AUTH_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
+  new Route("/verify-totp-auth"),
+);
+
+export const GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL: URL = URL.fromURL(
+  APP_API_URL,
+).addRoute(new Route("/user-webauthn/generate-authentication-options"));
+
+export const VERIFY_WEBAUTHN_AUTH_API_URL: URL = URL.fromURL(
   IDENTITY_URL,
-).addRoute(new Route("/verify-two-factor-auth"));
+).addRoute(new Route("/verify-webauthn-auth"));
 
 export const SERVICE_PROVIDER_LOGIN_URL: URL = URL.fromURL(
   IDENTITY_URL,

AdminDashboard/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

AdminDashboard/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

AdminDashboard/package-lock.json

@@ -69,6 +69,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",

AdminDashboard/src/App.tsx

@@ -5,6 +5,7 @@ import Projects from "./Pages/Projects/Index";
 import SettingsAPIKey from "./Pages/Settings/APIKey/Index";
 import SettingsAuthentication from "./Pages/Settings/Authentication/Index";
 import SettingsCallSMS from "./Pages/Settings/CallSMS/Index";
+import SettingsWhatsApp from "./Pages/Settings/WhatsApp/Index";
 // Settings Pages.
 import SettingsEmail from "./Pages/Settings/Email/Index";
 import SettingsProbes from "./Pages/Settings/Probes/Index";
@@ -105,6 +106,11 @@ const App: () => JSX.Element = () => {
           element={<SettingsCallSMS />}
         />
 
+        <PageRoute
+          path={RouteMap[PageMap.SETTINGS_WHATSAPP]?.toString() || ""}
+          element={<SettingsWhatsApp />}
+        />
+
         <PageRoute
           path={RouteMap[PageMap.SETTINGS_PROBES]?.toString() || ""}
           element={<SettingsProbes />}

AdminDashboard/src/Components/Footer/Footer.tsx

@@ -54,9 +54,9 @@ const DashboardFooter: () => JSX.Element = () => {
   const fetchAppVersion: (appName: string) => Promise<JSONObject> = async (
     appName: string,
   ): Promise<JSONObject> => {
-    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>(
-      URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
-    );
+    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>({
+      url: URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
+    });
 
     if (response.data) {
       return response.data as JSONObject;

AdminDashboard/src/Pages/Settings/SideMenu.tsx

@@ -50,6 +50,15 @@ const DashboardSideMenu: () => JSX.Element = (): ReactElement => {
           }}
           icon={IconProp.Call}
         />
+        <SideMenuItem
+          link={{
+            title: "WhatsApp",
+            to: RouteUtil.populateRouteParams(
+              RouteMap[PageMap.SETTINGS_WHATSAPP] as Route,
+            ),
+          }}
+          icon={IconProp.WhatsApp}
+        />
       </SideMenuSection>
 
       <SideMenuSection title="Monitoring">

AdminDashboard/src/Pages/Settings/WhatsApp/Index.tsx

@@ -0,0 +1,491 @@
+import PageMap from "../../../Utils/PageMap";
+import RouteMap, { RouteUtil } from "../../../Utils/RouteMap";
+import DashboardSideMenu from "../SideMenu";
+import Route from "Common/Types/API/Route";
+import ObjectID from "Common/Types/ObjectID";
+import FormFieldSchemaType from "Common/UI/Components/Forms/Types/FormFieldSchemaType";
+import CardModelDetail from "Common/UI/Components/ModelDetail/CardModelDetail";
+import Page from "Common/UI/Components/Page/Page";
+import FieldType from "Common/UI/Components/Types/FieldType";
+import GlobalConfig from "Common/Models/DatabaseModels/GlobalConfig";
+import React, { FunctionComponent, ReactElement, useState } from "react";
+import Card from "Common/UI/Components/Card/Card";
+import MarkdownViewer from "Common/UI/Components/Markdown.tsx/MarkdownViewer";
+import BasicForm from "Common/UI/Components/Forms/BasicForm";
+import Alert, { AlertType } from "Common/UI/Components/Alerts/Alert";
+import { JSONObject } from "Common/Types/JSON";
+import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
+import HTTPResponse from "Common/Types/API/HTTPResponse";
+import URL from "Common/Types/API/URL";
+import API from "Common/UI/Utils/API/API";
+import { APP_API_URL } from "Common/UI/Config";
+import WhatsAppTemplateMessages, {
+  WhatsAppTemplateId,
+  WhatsAppTemplateIds,
+  WhatsAppTemplateLanguage,
+} from "Common/Types/WhatsApp/WhatsAppTemplates";
+
+type ToFriendlyName = (value: string) => string;
+
+const toFriendlyName: ToFriendlyName = (value: string): string => {
+  return value
+    .replace(/([a-z0-9])([A-Z])/g, "$1 $2")
+    .replace(/_/g, " ")
+    .replace(/\s+/g, " ")
+    .trim();
+};
+
+type ExtractTemplateVariables = (template: string) => Array<string>;
+
+const extractTemplateVariables: ExtractTemplateVariables = (
+  template: string,
+): Array<string> => {
+  const matches: RegExpMatchArray | null = template.match(/\{\{(.*?)\}\}/g);
+
+  if (!matches) {
+    return [];
+  }
+
+  const uniqueVariables: Set<string> = new Set<string>();
+
+  for (const match of matches) {
+    const variable: string = match.replace("{{", "").replace("}}", "").trim();
+
+    if (variable) {
+      uniqueVariables.add(variable);
+    }
+  }
+
+  return Array.from(uniqueVariables).sort((a: string, b: string) => {
+    return a.localeCompare(b);
+  });
+};
+
+type BuildWhatsAppSetupMarkdown = () => string;
+
+const buildWhatsAppSetupMarkdown: BuildWhatsAppSetupMarkdown = (): string => {
+  const templateKeys: Array<keyof typeof WhatsAppTemplateIds> = Object.keys(
+    WhatsAppTemplateIds,
+  ) as Array<keyof typeof WhatsAppTemplateIds>;
+
+  const appApiBaseUrl: string = APP_API_URL.toString().replace(/\/$/, "");
+  const primaryWebhookUrl: string = `${appApiBaseUrl}/notification/whatsapp/webhook`;
+
+  const description: string =
+    "Follow these steps to connect Meta WhatsApp with OneUptime so notifications can be delivered via WhatsApp.";
+
+  const prerequisitesList: Array<string> = [
+    "Meta Business Manager admin access for the WhatsApp Business Account.",
+    "A WhatsApp Business phone number approved for API messaging.",
+    "Admin access to OneUptime with permission to edit global notification settings.",
+    "A webhook verify token string that you'll configure identically in Meta and OneUptime.",
+  ];
+
+  const setupStepsList: Array<string> = [
+    "Sign in to the [Meta Business Manager](https://business.facebook.com/) with admin access to your WhatsApp Business Account.",
+    "From **Business Settings → Accounts → WhatsApp Accounts**, create or select the account that owns your sender phone number.",
+    "In Buisness Portfolio, create a system user and assign it to the WhatsApp Business Account with the role of **Admin**.",
+    "Generate a token for this system user and this will be your long-lived access token. Make sure to select the **whatsapp_business_management** and **whatsapp_business_messaging** permissions when generating the token.",
+    "Paste the access token, phone number ID, and webhook verify token into the **Meta WhatsApp Settings** card above, then save.",
+    "For the **Business Account ID**, go to **Business Settings → Business Info** (or **Business Settings → WhatsApp Accounts → Settings**) and copy the **WhatsApp Business Account ID** value.",
+    "To locate the **App ID** and **App Secret**, open [Meta for Developers](https://developers.facebook.com/apps/), select your WhatsApp app, then navigate to **Settings → Basic**. The App ID is shown at the top; click **Show** next to **App Secret** to reveal and copy it.",
+    "Create each template listed below in the Meta WhatsApp Manager. Make sure the template name, language, and variables match exactly. You can however change the content to your preference. Please make sure it's approved by Meta.",
+    "Send a test notification from OneUptime to confirm that WhatsApp delivery succeeds.",
+  ];
+
+  const prerequisitesMarkdown: string = prerequisitesList
+    .map((item: string) => {
+      return `- ${item}`;
+    })
+    .join("\n");
+
+  const setupStepsMarkdown: string = setupStepsList
+    .map((item: string, index: number) => {
+      return `${index + 1}. ${item}`;
+    })
+    .join("\n");
+
+  const tableRows: string = templateKeys
+    .map((enumKey: keyof typeof WhatsAppTemplateIds) => {
+      const templateId: WhatsAppTemplateId = WhatsAppTemplateIds[enumKey];
+      const friendlyName: string = toFriendlyName(enumKey.toString());
+      const templateMessage: string = WhatsAppTemplateMessages[templateId];
+      const language: string = WhatsAppTemplateLanguage[templateId] || "en";
+      const variables: Array<string> =
+        extractTemplateVariables(templateMessage);
+      const variableList: string =
+        variables.length > 0
+          ? variables
+              .map((variable: string) => {
+                return `\`${variable}\``;
+              })
+              .join(", ")
+          : "_None_";
+
+      return `| ${friendlyName} | \`${templateId}\` | ${language} | ${variableList} |`;
+    })
+    .join("\n");
+
+  const templateBodies: string = templateKeys
+    .map((enumKey: keyof typeof WhatsAppTemplateIds) => {
+      const templateId: WhatsAppTemplateId = WhatsAppTemplateIds[enumKey];
+      const friendlyName: string = toFriendlyName(enumKey.toString());
+      const templateMessage: string = WhatsAppTemplateMessages[templateId];
+      const language: string = WhatsAppTemplateLanguage[templateId] || "en";
+      const variables: Array<string> =
+        extractTemplateVariables(templateMessage);
+      const variableMarkdown: string =
+        variables.length > 0
+          ? variables
+              .map((variable: string) => {
+                return `- \`${variable}\``;
+              })
+              .join("\n")
+          : "_None_";
+      const variablesHeading: string = variables.length
+        ? `**Variables (${variables.length})**`
+        : "**Variables**";
+
+      return [
+        `#### ${friendlyName}`,
+        "",
+        `**Template Name:** \`${templateId}\``,
+        `**Language:** ${language}`,
+        "",
+        variablesHeading,
+        variableMarkdown,
+        "",
+        "**Body**",
+        "```plaintext",
+        templateMessage,
+        "```",
+        "",
+        "---",
+      ].join("\n");
+    })
+    .join("\n\n");
+
+  const templateSummaryTable: string = [
+    "| Friendly Name | Template Name | Language | Variables |",
+    "| --- | --- | --- | --- |",
+    tableRows,
+  ]
+    .filter(Boolean)
+    .join("\n");
+
+  const webhookSection: string = [
+    "### Configure Meta Webhook Subscription",
+    "1. In the OneUptime Admin Dashboard, open **Settings → WhatsApp → Meta WhatsApp Settings** and enter a strong value in **Webhook Verify Token**. Save the form so the encrypted token is stored in Global Config.",
+    "2. Keep that verify token handy—Meta does not generate one for you. You'll paste the exact same value when configuring the callback.",
+    "3. In [Meta for Developers](https://developers.facebook.com/apps/), select your WhatsApp app and navigate to **WhatsApp → Configuration → Webhooks**.",
+    `4. Click **Configure**, then supply one of the following callback URLs when Meta asks for your endpoint:\n   - \`${primaryWebhookUrl}\`\n `,
+    "5. Paste the verify token from step 1 into Meta's **Verify Token** field and submit. Meta will call the callback URL and expect that value to match before it approves the subscription.",
+    "6. After verification succeeds, subscribe to the **messages** field (and any other WhatsApp webhook categories you need) so delivery status updates are forwarded to OneUptime.",
+  ]
+    .filter(Boolean)
+    .join("\n\n");
+
+  return [
+    description,
+    "### Prerequisites",
+    prerequisitesMarkdown,
+    "### Setup Steps",
+    setupStepsMarkdown,
+    webhookSection,
+    "### Required WhatsApp Templates",
+    templateSummaryTable,
+    "### Template Bodies",
+    "> Copy the exact template body below—including punctuation and spacing—when creating each template inside Meta. The variables list shows every placeholder that must be configured in WhatsApp Manager.",
+    templateBodies,
+  ]
+    .filter(Boolean)
+    .join("\n\n");
+};
+
+const whatsappSetupMarkdown: string = buildWhatsAppSetupMarkdown();
+
+const SettingsWhatsApp: FunctionComponent = (): ReactElement => {
+  const [isSendingTest, setIsSendingTest] = useState<boolean>(false);
+  const [testError, setTestError] = useState<string>("");
+  const [testSuccess, setTestSuccess] = useState<string>("");
+
+  return (
+    <Page
+      title={"Admin Settings"}
+      breadcrumbLinks={[
+        {
+          title: "Admin Dashboard",
+          to: RouteUtil.populateRouteParams(RouteMap[PageMap.HOME] as Route),
+        },
+        {
+          title: "Settings",
+          to: RouteUtil.populateRouteParams(
+            RouteMap[PageMap.SETTINGS] as Route,
+          ),
+        },
+        {
+          title: "WhatsApp",
+          to: RouteUtil.populateRouteParams(
+            RouteMap[PageMap.SETTINGS_WHATSAPP] as Route,
+          ),
+        },
+      ]}
+      sideMenu={<DashboardSideMenu />}
+    >
+      <CardModelDetail
+        name="Meta WhatsApp Settings"
+        cardProps={{
+          title: "Meta WhatsApp Settings",
+          description:
+            "Configure Meta WhatsApp credentials. These values are used to send WhatsApp notifications from OneUptime.",
+        }}
+        isEditable={true}
+        editButtonText="Edit Meta WhatsApp Config"
+        formSteps={[
+          {
+            title: "Credentials",
+            id: "meta-credentials",
+          },
+          {
+            title: "Meta App",
+            id: "meta-app",
+          },
+        ]}
+        formFields={[
+          {
+            field: {
+              metaWhatsAppAccessToken: true,
+            },
+            title: "Access Token",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.EncryptedText,
+            required: true,
+            description:
+              "Long-lived access token generated in the Meta WhatsApp Business Platform.",
+            placeholder: "EAAG...",
+          },
+          {
+            field: {
+              metaWhatsAppPhoneNumberId: true,
+            },
+            title: "Phone Number ID",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.Text,
+            required: true,
+            description:
+              "The WhatsApp Business phone number ID associated with your sending number.",
+            placeholder: "123456789012345",
+          },
+          {
+            field: {
+              metaWhatsAppBusinessAccountId: true,
+            },
+            title: "Business Account ID",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.Text,
+            required: false,
+            description:
+              "Optional Business Account ID that owns the WhatsApp templates.",
+            placeholder: "123456789012345",
+          },
+          {
+            field: {
+              metaWhatsAppWebhookVerifyToken: true,
+            },
+            title: "Webhook Verify Token",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.EncryptedText,
+            required: false,
+            description:
+              "Secret token configured in Meta to validate webhook subscription requests.",
+            placeholder: "Webhook verify token",
+          },
+          {
+            field: {
+              metaWhatsAppAppId: true,
+            },
+            title: "App ID",
+            stepId: "meta-app",
+            fieldType: FormFieldSchemaType.Text,
+            required: false,
+            description:
+              "Optional Facebook App ID tied to your WhatsApp integration.",
+            placeholder: "987654321098765",
+          },
+          {
+            field: {
+              metaWhatsAppAppSecret: true,
+            },
+            title: "App Secret",
+            stepId: "meta-app",
+            fieldType: FormFieldSchemaType.EncryptedText,
+            required: false,
+            description:
+              "Optional Facebook App Secret used for webhook signature verification.",
+            placeholder: "Facebook App Secret",
+          },
+        ]}
+        modelDetailProps={{
+          modelType: GlobalConfig,
+          id: "model-detail-global-config-meta-whatsapp",
+          fields: [
+            {
+              field: {
+                metaWhatsAppAccessToken: true,
+              },
+              title: "Access Token",
+              fieldType: FieldType.HiddenText,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppPhoneNumberId: true,
+              },
+              title: "Phone Number ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppBusinessAccountId: true,
+              },
+              title: "Business Account ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppWebhookVerifyToken: true,
+              },
+              title: "Webhook Verify Token",
+              fieldType: FieldType.HiddenText,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppAppId: true,
+              },
+              title: "App ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppAppSecret: true,
+              },
+              title: "App Secret",
+              fieldType: FieldType.HiddenText,
+              placeholder: "Not Configured",
+            },
+          ],
+          modelId: ObjectID.getZeroObjectID(),
+        }}
+      />
+
+      <Card
+        title="Send Test WhatsApp Message"
+        description="Send a test WhatsApp template message to confirm your Meta configuration."
+      >
+        {testSuccess ? (
+          <Alert
+            type={AlertType.SUCCESS}
+            title={testSuccess}
+            className="mb-4"
+          />
+        ) : (
+          <></>
+        )}
+
+        <BasicForm
+          id="send-test-whatsapp-form"
+          name="Send Test WhatsApp Message"
+          isLoading={isSendingTest}
+          error={testError || ""}
+          submitButtonText="Send Test Message"
+          maxPrimaryButtonWidth={true}
+          initialValues={{
+            phoneNumber: "",
+          }}
+          fields={[
+            {
+              field: {
+                phoneNumber: true,
+              },
+              title: "Recipient WhatsApp Number",
+              description:
+                "Enter the full international phone number (including country code) that should receive the test message.",
+              placeholder: "+11234567890",
+              required: true,
+              fieldType: FormFieldSchemaType.Phone,
+              disableSpellCheck: true,
+            },
+          ]}
+          onSubmit={async (
+            values: JSONObject,
+            onSubmitSuccessful?: () => void,
+          ) => {
+            const toPhone: string = String(values["phoneNumber"] || "").trim();
+
+            if (!toPhone) {
+              setTestSuccess("");
+              setTestError(
+                "Please enter a WhatsApp number before sending a test message.",
+              );
+              return;
+            }
+
+            setIsSendingTest(true);
+            setTestError("");
+            setTestSuccess("");
+
+            try {
+              const response: HTTPResponse<JSONObject> | HTTPErrorResponse =
+                await API.post({
+                  url: URL.fromString(APP_API_URL.toString()).addRoute(
+                    "/notification/whatsapp/test",
+                  ),
+                  data: {
+                    toPhone,
+                    templateKey: WhatsAppTemplateIds.TestNotification,
+                    templateLanguageCode:
+                      WhatsAppTemplateLanguage[
+                        WhatsAppTemplateIds.TestNotification
+                      ],
+                  },
+                });
+
+              if (response instanceof HTTPErrorResponse) {
+                throw response;
+              }
+
+              if (response.isFailure()) {
+                throw new Error("Failed to send test WhatsApp message.");
+              }
+
+              setTestSuccess(
+                "Test WhatsApp message sent successfully. Check the recipient device to confirm delivery.",
+              );
+
+              if (onSubmitSuccessful) {
+                onSubmitSuccessful();
+              }
+            } catch (err) {
+              setTestError(API.getFriendlyMessage(err));
+            } finally {
+              setIsSendingTest(false);
+            }
+          }}
+        />
+      </Card>
+
+      <Card
+        title="Meta WhatsApp Setup Guide"
+        description="Steps to connect Meta WhatsApp and the templates you must provision."
+      >
+        <MarkdownViewer text={whatsappSetupMarkdown} />
+      </Card>
+    </Page>
+  );
+};
+
+export default SettingsWhatsApp;

AdminDashboard/src/Utils/PageMap.ts

@@ -15,6 +15,7 @@ enum PageMap {
   SETTINGS_HOST = "SETTINGS_HOST",
   SETTINGS_SMTP = "SETTINGS_SMTP",
   SETTINGS_CALL_AND_SMS = "SETTINGS_CALL_AND_SMS",
+  SETTINGS_WHATSAPP = "SETTINGS_WHATSAPP",
   SETTINGS_PROBES = "SETTINGS_PROBES",
   SETTINGS_AUTHENTICATION = "SETTINGS_AUTHENTICATION",
   SETTINGS_API_KEY = "SETTINGS_API_KEY",

AdminDashboard/src/Utils/RouteMap.ts

@@ -25,6 +25,7 @@ const RouteMap: Dictionary<Route> = {
   [PageMap.SETTINGS_HOST]: new Route(`/admin/settings/host`),
   [PageMap.SETTINGS_SMTP]: new Route(`/admin/settings/smtp`),
   [PageMap.SETTINGS_CALL_AND_SMS]: new Route(`/admin/settings/call-and-sms`),
+  [PageMap.SETTINGS_WHATSAPP]: new Route(`/admin/settings/whatsapp`),
   [PageMap.SETTINGS_PROBES]: new Route(`/admin/settings/probes`),
   [PageMap.SETTINGS_AUTHENTICATION]: new Route(
     `/admin/settings/authentication`,

App/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

App/FeatureSet/BaseAPI/Index.ts

@@ -1,5 +1,6 @@
 import BaseAPI from "Common/Server/API/BaseAPI";
 import BaseAnalyticsAPI from "Common/Server/API/BaseAnalyticsAPI";
+import BillingAPI from "Common/Server/API/BillingAPI";
 import BillingInvoiceAPI from "Common/Server/API/BillingInvoiceAPI";
 import BillingPaymentMethodAPI from "Common/Server/API/BillingPaymentMethodAPI";
 import CopilotCodeRepositoryAPI from "Common/Server/API/CopilotCodeRepositoryAPI";
@@ -13,6 +14,7 @@ import TelemetryAPI from "Common/Server/API/TelemetryAPI";
 import ProbeAPI from "Common/Server/API/ProbeAPI";
 import ProjectAPI from "Common/Server/API/ProjectAPI";
 import ProjectSsoAPI from "Common/Server/API/ProjectSSO";
+import WhatsAppLogAPI from "./WhatsAppLogAPI";
 
 // Import API
 import ResellerPlanAPI from "Common/Server/API/ResellerPlanAPI";
@@ -23,12 +25,14 @@ import WorkspaceNotificationRuleAPI from "Common/Server/API/WorkspaceNotificatio
 import StatusPageDomainAPI from "Common/Server/API/StatusPageDomainAPI";
 import StatusPageSubscriberAPI from "Common/Server/API/StatusPageSubscriberAPI";
 import UserCallAPI from "Common/Server/API/UserCallAPI";
-import UserTwoFactorAuthAPI from "Common/Server/API/UserTwoFactorAuthAPI";
+import UserTotpAuthAPI from "Common/Server/API/UserTotpAuthAPI";
+import UserWebAuthnAPI from "Common/Server/API/UserWebAuthnAPI";
 import MonitorTest from "Common/Models/DatabaseModels/MonitorTest";
 // User Notification methods.
 import UserEmailAPI from "Common/Server/API/UserEmailAPI";
 import UserNotificationLogTimelineAPI from "Common/Server/API/UserOnCallLogTimelineAPI";
 import UserSMSAPI from "Common/Server/API/UserSmsAPI";
+import UserWhatsAppAPI from "Common/Server/API/UserWhatsAppAPI";
 import UserPushAPI from "Common/Server/API/UserPushAPI";
 import ApiKeyPermissionService, {
   Service as ApiKeyPermissionServiceType,
@@ -137,9 +141,6 @@ import LogService, {
   LogService as LogServiceType,
 } from "Common/Server/Services/LogService";
 
-import TelemetryAttributeService, {
-  TelemetryAttributeService as TelemetryAttributeServiceType,
-} from "Common/Server/Services/TelemetryAttributeService";
 import CopilotActionTypePriorityService, {
   Service as CopilotActionTypePriorityServiceType,
 } from "Common/Server/Services/CopilotActionTypePriorityService";
@@ -327,6 +328,9 @@ import TeamMemberService, {
 import TeamPermissionService, {
   Service as TeamPermissionServiceType,
 } from "Common/Server/Services/TeamPermissionService";
+import TeamComplianceSettingService, {
+  TeamComplianceSettingService as TeamComplianceSettingServiceType,
+} from "Common/Server/Services/TeamComplianceSettingService";
 import TeamService, {
   Service as TeamServiceType,
 } from "Common/Server/Services/TeamService";
@@ -469,6 +473,7 @@ import StatusPageSSO from "Common/Models/DatabaseModels/StatusPageSso";
 import Team from "Common/Models/DatabaseModels/Team";
 import TeamMember from "Common/Models/DatabaseModels/TeamMember";
 import TeamPermission from "Common/Models/DatabaseModels/TeamPermission";
+import TeamComplianceSetting from "Common/Models/DatabaseModels/TeamComplianceSetting";
 import TelemetryService from "Common/Models/DatabaseModels/TelemetryService";
 import TelemetryUsageBilling from "Common/Models/DatabaseModels/TelemetryUsageBilling";
 import User from "Common/Models/DatabaseModels/User";
@@ -481,7 +486,6 @@ import WorkflowVariable from "Common/Models/DatabaseModels/WorkflowVariable";
 import ProbeOwnerTeam from "Common/Models/DatabaseModels/ProbeOwnerTeam";
 import ProbeOwnerUser from "Common/Models/DatabaseModels/ProbeOwnerUser";
 import ServiceCatalogDependency from "Common/Models/DatabaseModels/ServiceCatalogDependency";
-import TelemetryAttribute from "Common/Models/AnalyticsModels/TelemetryAttribute";
 import ExceptionInstance from "Common/Models/AnalyticsModels/ExceptionInstance";
 import TelemetyException from "Common/Models/DatabaseModels/TelemetryException";
 import CopilotActionTypePriority from "Common/Models/DatabaseModels/CopilotActionTypePriority";
@@ -521,6 +525,7 @@ import ScheduledMaintenanceFeedService, {
 } from "Common/Server/Services/ScheduledMaintenanceFeedService";
 
 import SlackAPI from "Common/Server/API/SlackAPI";
+import MicrosoftTeamsAPI from "Common/Server/API/MicrosoftTeamsAPI";
 
 import WorkspaceProjectAuthToken from "Common/Models/DatabaseModels/WorkspaceProjectAuthToken";
 import WorkspaceProjectAuthTokenService, {
@@ -550,10 +555,7 @@ import MetricTypeService, {
 import MetricType from "Common/Models/DatabaseModels/MetricType";
 
 import OnCallDutyPolicyAPI from "Common/Server/API/OnCallDutyPolicyAPI";
-
-// OnCallDutyPolicyOwnerTeam
-// OnCallDutyPolicyOwnerUser
-// OnCallDutyPolicyFeed
+import TeamComplianceAPI from "Common/Server/API/TeamComplianceAPI";
 
 import OnCallDutyPolicyFeed from "Common/Models/DatabaseModels/OnCallDutyPolicyFeed";
 import OnCallDutyPolicyFeedService, {
@@ -607,14 +609,6 @@ const BaseAPIFeatureSet: FeatureSet = {
 
     const APP_NAME: string = "api";
 
-    app.use(
-      `/${APP_NAME.toLocaleLowerCase()}`,
-      new BaseAnalyticsAPI<TelemetryAttribute, TelemetryAttributeServiceType>(
-        TelemetryAttribute,
-        TelemetryAttributeService,
-      ).getRouter(),
-    );
-
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, OpenAPI.getRouter());
 
     app.use(
@@ -1167,6 +1161,14 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<TeamComplianceSetting, TeamComplianceSettingServiceType>(
+        TeamComplianceSetting,
+        TeamComplianceSettingService,
+      ).getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<MonitorStatus, MonitorStatusServiceType>(
@@ -1526,6 +1528,11 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BaseAPI<SmsLog, SmsLogServiceType>(SmsLog, SmsLogService).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new WhatsAppLogAPI().getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<PushNotificationLog, PushNotificationLogServiceType>(
@@ -1581,7 +1588,6 @@ const BaseAPIFeatureSet: FeatureSet = {
         MonitorTimelineStatusService,
       ).getRouter(),
     );
-
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new ShortLinkAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new MonitorAPI().getRouter());
     app.use(
@@ -1595,6 +1601,12 @@ const BaseAPIFeatureSet: FeatureSet = {
       new OnCallDutyPolicyAPI().getRouter(),
     );
 
+    // TeamComplianceAPI
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new TeamComplianceAPI().getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new WorkspaceNotificationRuleAPI().getRouter(),
@@ -1619,6 +1631,10 @@ const BaseAPIFeatureSet: FeatureSet = {
       new ResellerPlanAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new SlackAPI().getRouter());
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new MicrosoftTeamsAPI().getRouter(),
+    );
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new GlobalConfigAPI().getRouter(),
@@ -1646,10 +1662,18 @@ const BaseAPIFeatureSet: FeatureSet = {
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserCallAPI().getRouter());
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
-      new UserTwoFactorAuthAPI().getRouter(),
+      new UserTotpAuthAPI().getRouter(),
+    );
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new UserWebAuthnAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserEmailAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserSMSAPI().getRouter());
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new UserWhatsAppAPI().getRouter(),
+    );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserPushAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new ProbeAPI().getRouter());
 
@@ -1670,6 +1694,8 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BillingInvoiceAPI().getRouter(),
     );
 
+    app.use(`/${APP_NAME.toLocaleLowerCase()}`, new BillingAPI().getRouter());
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<

App/FeatureSet/BaseAPI/WhatsAppLogAPI.ts

@@ -0,0 +1,14 @@
+import BaseAPI from "Common/Server/API/BaseAPI";
+import WhatsAppLog from "Common/Models/DatabaseModels/WhatsAppLog";
+import WhatsAppLogService, {
+  Service as WhatsAppLogServiceType,
+} from "Common/Server/Services/WhatsAppLogService";
+
+export default class WhatsAppLogAPI extends BaseAPI<
+  WhatsAppLog,
+  WhatsAppLogServiceType
+> {
+  public constructor() {
+    super(WhatsAppLog, WhatsAppLogService);
+  }
+}

App/FeatureSet/Identity/API/Authentication.ts

@@ -24,7 +24,7 @@ import AccessTokenService from "Common/Server/Services/AccessTokenService";
 import EmailVerificationTokenService from "Common/Server/Services/EmailVerificationTokenService";
 import MailService from "Common/Server/Services/MailService";
 import UserService from "Common/Server/Services/UserService";
-import UserTwoFactorAuthService from "Common/Server/Services/UserTwoFactorAuthService";
+import UserTotpAuthService from "Common/Server/Services/UserTotpAuthService";
 import CookieUtil from "Common/Server/Utils/Cookie";
 import Express, {
   ExpressRequest,
@@ -34,10 +34,12 @@ import Express, {
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
-import TwoFactorAuth from "Common/Server/Utils/TwoFactorAuth";
+import TotpAuth from "Common/Server/Utils/TotpAuth";
 import EmailVerificationToken from "Common/Models/DatabaseModels/EmailVerificationToken";
 import User from "Common/Models/DatabaseModels/User";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
+import UserWebAuthnService from "Common/Server/Services/UserWebAuthnService";
 
 const router: ExpressRouter = Express.getRouter();
 
@@ -503,7 +505,7 @@ router.post(
 );
 
 router.post(
-  "/verify-two-factor-auth",
+  "/verify-totp-auth",
   async (
     req: ExpressRequest,
     res: ExpressResponse,
@@ -513,7 +515,25 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: true,
+      verifyTotpAuth: true,
+      verifyWebAuthn: false,
+    });
+  },
+);
+
+router.post(
+  "/verify-webauthn-auth",
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
+    return login({
+      req: req,
+      res: res,
+      next: next,
+      verifyTotpAuth: false,
+      verifyWebAuthn: true,
     });
   },
 );
@@ -529,62 +549,99 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: false,
+      verifyTotpAuth: false,
+      verifyWebAuthn: false,
     });
   },
 );
 
-type FetchTwoFactorAuthListFunction = (
-  userId: ObjectID,
-) => Promise<Array<UserTwoFactorAuth>>;
+type FetchTotpAuthListFunction = (userId: ObjectID) => Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}>;
 
-const fetchTwoFactorAuthList: FetchTwoFactorAuthListFunction = async (
+const fetchTotpAuthList: FetchTotpAuthListFunction = async (
   userId: ObjectID,
-): Promise<Array<UserTwoFactorAuth>> => {
-  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-    await UserTwoFactorAuthService.findBy({
-      query: {
-        userId: userId,
-        isVerified: true,
-      },
-      select: {
-        _id: true,
-        userId: true,
-        name: true,
-      },
-      limit: LIMIT_PER_PROJECT,
-      skip: 0,
-      props: {
-        isRoot: true,
-      },
-    });
+): Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}> => {
+  const totpAuthList: Array<UserTotpAuth> = await UserTotpAuthService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
 
-  return twoFactorAuthList;
+  const webAuthnList: Array<UserWebAuthn> = await UserWebAuthnService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
+
+  return {
+    totpAuthList: totpAuthList || [],
+    webAuthnList: webAuthnList || [],
+  };
 };
 
 type LoginFunction = (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }) => Promise<void>;
 
 const login: LoginFunction = async (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }): Promise<void> => {
   const req: ExpressRequest = options.req;
   const res: ExpressResponse = options.res;
   const next: NextFunction = options.next;
-  const verifyTwoFactorAuth: boolean = options.verifyTwoFactorAuth;
+  const verifyTotpAuth: boolean = options.verifyTotpAuth;
+  const verifyWebAuthn: boolean = options.verifyWebAuthn;
 
   try {
     const data: JSONObject = req.body["data"];
 
+    logger.debug("Login request data: " + JSON.stringify(req.body, null, 2));
+
     const user: User = BaseModel.fromJSON(data as JSONObject, User) as User;
 
+    if (!user.email || !user.password) {
+      return Response.sendErrorResponse(
+        req,
+        res,
+        new BadDataException("Email and password are required."),
+      );
+    }
+
     await user.password?.hashValue(EncryptionSecret);
 
     const alreadySavedUser: User | null = await UserService.findOneBy({
@@ -638,13 +695,21 @@ const login: LoginFunction = async (options: {
         );
       }
 
-      if (alreadySavedUser.enableTwoFactorAuth && !verifyTwoFactorAuth) {
+      if (
+        alreadySavedUser.enableTwoFactorAuth &&
+        !verifyTotpAuth &&
+        !verifyWebAuthn
+      ) {
         // If two factor auth is enabled then we will send the user to the two factor auth page.
 
-        const twoFactorAuthList: Array<UserTwoFactorAuth> =
-          await fetchTwoFactorAuthList(alreadySavedUser.id!);
+        const { totpAuthList, webAuthnList } = await fetchTotpAuthList(
+          alreadySavedUser.id!,
+        );
 
-        if (!twoFactorAuthList || twoFactorAuthList.length === 0) {
+        if (
+          (!totpAuthList || totpAuthList.length === 0) &&
+          (!webAuthnList || webAuthnList.length === 0)
+        ) {
           const errorMessage: string = IsBillingEnabled
             ? "Two Factor Authentication is enabled but no two factor auth is setup. Please contact OneUptime support for help."
             : "Two Factor Authentication is enabled but no two factor auth is setup. Please contact your server admin to disable two factor auth for this account.";
@@ -656,62 +721,68 @@ const login: LoginFunction = async (options: {
           );
         }
 
-        return Response.sendEntityResponse(req, res, user, User, {
+        return Response.sendEntityResponse(req, res, alreadySavedUser, User, {
           miscData: {
-            twoFactorAuthList: UserTwoFactorAuth.toJSONArray(
-              twoFactorAuthList,
-              UserTwoFactorAuth,
-            ),
-            twoFactorAuth: true,
+            totpAuthList: UserTotpAuth.toJSONArray(totpAuthList, UserTotpAuth),
+            webAuthnList: UserWebAuthn.toJSONArray(webAuthnList, UserWebAuthn),
           },
         });
       }
 
-      if (verifyTwoFactorAuth) {
-        // code from req
-        const code: string = data["code"] as string;
-        const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
+      if (verifyTotpAuth || verifyWebAuthn) {
+        if (verifyTotpAuth) {
+          // code from req
+          const code: string = data["code"] as string;
+          const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
 
-        const twoFactorAuth: UserTwoFactorAuth | null =
-          await UserTwoFactorAuthService.findOneBy({
-            query: {
-              _id: twoFactorAuthId,
-              userId: alreadySavedUser.id!,
-              isVerified: true,
-            },
-            select: {
-              _id: true,
-              twoFactorSecret: true,
-            },
-            props: {
-              isRoot: true,
-            },
+          const totpAuth: UserTotpAuth | null =
+            await UserTotpAuthService.findOneBy({
+              query: {
+                _id: twoFactorAuthId,
+                userId: alreadySavedUser.id!,
+                isVerified: true,
+              },
+              select: {
+                _id: true,
+                twoFactorSecret: true,
+              },
+              props: {
+                isRoot: true,
+              },
+            });
+
+          if (!totpAuth) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid two factor auth id."),
+            );
+          }
+
+          const isVerified: boolean = TotpAuth.verifyToken({
+            token: code,
+            secret: totpAuth.twoFactorSecret!,
+            email: alreadySavedUser.email!,
           });
 
-        if (!twoFactorAuth) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid two factor auth id."),
-          );
+          if (!isVerified) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid code."),
+            );
+          }
+        } else if (verifyWebAuthn) {
+          const expectedChallenge: string = data["challenge"] as string;
+          const credential: any = data["credential"];
+
+          await UserWebAuthnService.verifyAuthentication({
+            userId: alreadySavedUser.id!.toString(),
+            challenge: expectedChallenge,
+            credential: credential,
+          });
         }
-
-        const isVerified: boolean = TwoFactorAuth.verifyToken({
-          token: code,
-          secret: twoFactorAuth.twoFactorSecret!,
-          email: alreadySavedUser.email!,
-        });
-
-        if (!isVerified) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid code."),
-          );
-        }
-      }
-
-      // Refresh Permissions for this user here.
+      } // Refresh Permissions for this user here.
       await AccessTokenService.refreshUserAllPermissions(alreadySavedUser.id!);
 
       if (alreadySavedUser.password.toString() === user.password!.toString()) {

App/FeatureSet/Identity/API/SSO.ts

@@ -40,12 +40,18 @@ import Name from "Common/Types/Name";
 
 const router: ExpressRouter = Express.getRouter();
 
-// This route is used to get the SSO config for the user.
-// when the user logs in from OneUptime and not from the IDP.
+/*
+ * This route is used to get the SSO config for the user.
+ * when the user logs in from OneUptime and not from the IDP.
+ */
 
 router.get(
   "/service-provider-login",
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       if (!req.query["email"]) {
         return Response.sendErrorResponse(
@@ -150,7 +156,11 @@ router.get(
     } catch (err) {
       logger.error(err);
 
-      Response.sendErrorResponse(req, res, err as Exception);
+      if (err instanceof Exception) {
+        return next(err);
+      }
+
+      return next(new ServerException());
     }
   },
 );
@@ -160,7 +170,7 @@ router.get(
   async (
     req: ExpressRequest,
     res: ExpressResponse,
-    _next: NextFunction,
+    next: NextFunction,
   ): Promise<void> => {
     try {
       if (!req.params["projectId"]) {
@@ -236,22 +246,42 @@ router.get(
     } catch (err) {
       logger.error(err);
 
-      Response.sendErrorResponse(req, res, err as Exception);
+      if (err instanceof Exception) {
+        return next(err);
+      }
+
+      return next(new ServerException());
     }
   },
 );
 
 router.get(
   "/idp-login/:projectId/:projectSsoId",
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
-    return await loginUserWithSso(req, res);
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
+    try {
+      await loginUserWithSso(req, res);
+    } catch (err) {
+      return next(err);
+    }
   },
 );
 
 router.post(
   "/idp-login/:projectId/:projectSsoId",
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
-    return await loginUserWithSso(req, res);
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
+    try {
+      await loginUserWithSso(req, res);
+    } catch (err) {
+      return next(err);
+    }
   },
 );
 
@@ -434,8 +464,10 @@ const loginUserWithSso: LoginUserWithSsoFunction = async (
       isNewUser = true;
     }
 
-    // If he does not then add him to teams that he should belong and log in.
-    // This should never happen because email is verified before he logs in with SSO.
+    /*
+     * If he does not then add him to teams that he should belong and log in.
+     * This should never happen because email is verified before he logs in with SSO.
+     */
     if (!alreadySavedUser.isEmailVerified && !isNewUser) {
       await AuthenticationEmail.sendVerificationEmail(alreadySavedUser!);
 

App/FeatureSet/Identity/API/StatusPageSCIM.ts

@@ -4,6 +4,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
   OneUptimeRequest,
 } from "Common/Server/Utils/Express";
 import Response from "Common/Server/Utils/Response";
@@ -19,7 +20,6 @@ import LIMIT_MAX, { LIMIT_PER_PROJECT } from "Common/Types/Database/LimitMax";
 import {
   formatUserForSCIM,
   generateServiceProviderConfig,
-  logSCIMOperation,
 } from "../Utils/SCIMUtils";
 import Text from "Common/Types/Text";
 import HashedString from "Common/Types/HashedString";
@@ -30,12 +30,14 @@ const router: ExpressRouter = Express.getRouter();
 router.get(
   "/status-page-scim/v2/:statusPageScimId/ServiceProviderConfig",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
-      logSCIMOperation(
-        "ServiceProviderConfig",
-        "status-page",
-        req.params["statusPageScimId"]!,
+      logger.debug(
+        `Status Page SCIM ServiceProviderConfig - scimId: ${req.params["statusPageScimId"]!}`,
       );
 
       const serviceProviderConfig: JSONObject = generateServiceProviderConfig(
@@ -47,7 +49,7 @@ router.get(
       return Response.sendJsonObjectResponse(req, res, serviceProviderConfig);
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );
@@ -56,7 +58,11 @@ router.get(
 router.get(
   "/status-page-scim/v2/:statusPageScimId/Users",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       logger.debug(
         `Status Page SCIM Users list request for statusPageScimId: ${req.params["statusPageScimId"]}`,
@@ -73,17 +79,54 @@ router.get(
         parseInt(req.query["count"] as string) || 100,
         LIMIT_PER_PROJECT,
       );
+      const filter: string = req.query["filter"] as string;
 
       logger.debug(
-        `Status Page SCIM Users - statusPageId: ${statusPageId}, startIndex: ${startIndex}, count: ${count}`,
+        `Status Page SCIM Users - statusPageId: ${statusPageId}, startIndex: ${startIndex}, count: ${count}, filter: ${filter || "none"}`,
       );
 
+      // Build query for status page users
+      const query: any = {
+        statusPageId: statusPageId,
+      };
+
+      // Handle SCIM filter for userName
+      if (filter) {
+        const emailMatch: RegExpMatchArray | null = filter.match(
+          /userName eq "([^"]+)"/i,
+        );
+        if (emailMatch) {
+          const email: string = emailMatch[1]!;
+          logger.debug(
+            `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filter by email: ${email}`,
+          );
+
+          if (email) {
+            if (Email.isValid(email)) {
+              query.email = new Email(email);
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filtering by email: ${email}`,
+              );
+            } else {
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, invalid email format in filter: ${email}`,
+              );
+              return Response.sendJsonObjectResponse(req, res, {
+                schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+                totalResults: 0,
+                startIndex: startIndex,
+                itemsPerPage: 0,
+                Resources: [],
+              });
+            }
+          }
+        }
+      }
+
       // Get all private users for this status page
       const statusPageUsers: Array<StatusPagePrivateUser> =
         await StatusPagePrivateUserService.findBy({
-          query: {
-            statusPageId: statusPageId,
-          },
+          query: query,
           select: {
             _id: true,
             email: true,
@@ -130,7 +173,7 @@ router.get(
       });
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );
@@ -139,7 +182,11 @@ router.get(
 router.get(
   "/status-page-scim/v2/:statusPageScimId/Users/:userId",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       logger.debug(
         `Status Page SCIM Get individual user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
@@ -197,7 +244,7 @@ router.get(
       return Response.sendJsonObjectResponse(req, res, user);
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );
@@ -206,7 +253,11 @@ router.get(
 router.post(
   "/status-page-scim/v2/:statusPageScimId/Users",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       logger.debug(
         `Status Page SCIM Create user request for statusPageScimId: ${req.params["statusPageScimId"]}`,
@@ -299,7 +350,7 @@ router.post(
       return Response.sendJsonObjectResponse(req, res, createdUser);
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );
@@ -308,7 +359,11 @@ router.post(
 router.put(
   "/status-page-scim/v2/:statusPageScimId/Users/:userId",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       logger.debug(
         `Status Page SCIM Update user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
@@ -455,7 +510,7 @@ router.put(
       return Response.sendJsonObjectResponse(req, res, user);
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );
@@ -464,7 +519,11 @@ router.put(
 router.delete(
   "/status-page-scim/v2/:statusPageScimId/Users/:userId",
   SCIMMiddleware.isAuthorizedSCIMRequest,
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       logger.debug(
         `Status Page SCIM Delete user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
@@ -528,7 +587,7 @@ router.delete(
       return Response.sendEmptySuccessResponse(req, res);
     } catch (err) {
       logger.error(err);
-      return Response.sendErrorResponse(req, res, err as BadRequestException);
+      return next(err);
     }
   },
 );

App/FeatureSet/Identity/API/StatusPageSSO.ts

@@ -115,7 +115,11 @@ router.get(
 
 router.post(
   "/status-page-idp-login/:statusPageId/:statusPageSsoId",
-  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
     try {
       const samlResponseBase64: string = req.body.SAMLResponse;
 
@@ -312,7 +316,11 @@ router.post(
       );
     } catch (err) {
       logger.error(err);
-      Response.sendErrorResponse(req, res, new ServerException());
+      if (err instanceof Exception) {
+        return next(err);
+      }
+
+      return next(new ServerException());
     }
   },
 );

App/FeatureSet/Identity/Utils/AuthenticationEmail.ts

@@ -35,6 +35,8 @@ export default class AuthenticationEmail {
     const host: Hostname = await DatabaseConfig.getHost();
     const httpProtocol: Protocol = await DatabaseConfig.getHttpProtocol();
 
+    logger.debug("Sending verification email");
+
     MailService.sendMail({
       toEmail: user.email!,
       subject: "Please verify email.",
@@ -50,8 +52,13 @@ export default class AuthenticationEmail {
         ).toString(),
         homeUrl: new URL(httpProtocol, host).toString(),
       },
-    }).catch((err: Error) => {
-      logger.error(err);
-    });
+    })
+      .then(() => {
+        logger.debug("Verification email sent");
+      })
+      .catch((err: Error) => {
+        logger.debug("Error sending verification email");
+        logger.error(err);
+      });
   }
 }

App/FeatureSet/Identity/Utils/SCIMUtils.ts

@@ -227,6 +227,27 @@ export const generateUsersListResponse: (
   };
 };
 
+/**
+ * Generate SCIM ListResponse for groups
+ */
+export const generateGroupsListResponse: (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+) => JSONObject = (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+): JSONObject => {
+  return {
+    schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+    totalResults: totalResults,
+    startIndex: startIndex,
+    itemsPerPage: groups.length,
+    Resources: groups,
+  };
+};
+
 /**
  * Parse query parameters for SCIM list requests
  */
@@ -242,23 +263,3 @@ export const parseSCIMQueryParams: (req: ExpressRequest) => {
 
   return { startIndex, count };
 };
-
-/**
- * Log SCIM operation with consistent format
- */
-export const logSCIMOperation: (
-  operation: string,
-  scimType: "project" | "status-page",
-  scimId: string,
-  details?: string,
-) => void = (
-  operation: string,
-  scimType: "project" | "status-page",
-  scimId: string,
-  details?: string,
-): void => {
-  const logPrefix: string =
-    scimType === "project" ? "Project SCIM" : "Status Page SCIM";
-  const message: string = `${logPrefix} ${operation} - scimId: ${scimId}${details ? `, ${details}` : ""}`;
-  logger.debug(message);
-};

App/FeatureSet/Identity/Utils/SSO.ts

@@ -184,15 +184,17 @@ export default class SSOUtil {
       return null;
     }
 
-    // get displayName attribute.
-    //   {
-    //     "$": {
-    //         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
-    //     },
-    //     "AttributeValue": [
-    //         "Nawaz Dhandala"
-    //     ]
-    // },
+    /*
+     * get displayName attribute.
+     *   {
+     *     "$": {
+     *         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
+     *     },
+     *     "AttributeValue": [
+     *         "Nawaz Dhandala"
+     *     ]
+     * },
+     */
 
     for (let i: number = 0; i < samlAttribute.length; i++) {
       const attribute: JSONObject = samlAttribute[i] as JSONObject;

App/FeatureSet/Notification/API/Call.ts

@@ -12,6 +12,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
@@ -22,139 +23,146 @@ const router: ExpressRouter = Express.getRouter();
 router.post(
   "/make-call",
   ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
-  async (req: ExpressRequest, res: ExpressResponse) => {
-    const body: JSONObject = JSONFunctions.deserialize(req.body);
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = JSONFunctions.deserialize(req.body);
 
-    await CallService.makeCall(body["callRequest"] as CallRequest, {
-      projectId: body["projectId"] as ObjectID,
-      isSensitive: (body["isSensitive"] as boolean) || false,
-      userOnCallLogTimelineId:
-        (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
-      customTwilioConfig: body["customTwilioConfig"] as any,
-      incidentId: (body["incidentId"] as ObjectID) || undefined,
-      alertId: (body["alertId"] as ObjectID) || undefined,
-      scheduledMaintenanceId:
-        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
-      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
-      statusPageAnnouncementId:
-        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
-      userId: (body["userId"] as ObjectID) || undefined,
-      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
-      onCallPolicyEscalationRuleId:
-        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
-      onCallDutyPolicyExecutionLogTimelineId:
-        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
-        undefined,
-      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
-      teamId: (body["teamId"] as ObjectID) || undefined,
-    });
+      await CallService.makeCall(body["callRequest"] as CallRequest, {
+        projectId: body["projectId"] as ObjectID,
+        isSensitive: (body["isSensitive"] as boolean) || false,
+        userOnCallLogTimelineId:
+          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+        customTwilioConfig: body["customTwilioConfig"] as any,
+        incidentId: (body["incidentId"] as ObjectID) || undefined,
+        alertId: (body["alertId"] as ObjectID) || undefined,
+        scheduledMaintenanceId:
+          (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+        statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+        statusPageAnnouncementId:
+          (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+        userId: (body["userId"] as ObjectID) || undefined,
+        onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+        onCallPolicyEscalationRuleId:
+          (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+        onCallDutyPolicyExecutionLogTimelineId:
+          (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+          undefined,
+        onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+        teamId: (body["teamId"] as ObjectID) || undefined,
+      });
 
-    return Response.sendEmptySuccessResponse(req, res);
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
   },
 );
 
-router.post("/test", async (req: ExpressRequest, res: ExpressResponse) => {
-  const body: JSONObject = req.body;
+router.post(
+  "/test",
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body;
 
-  const callSMSConfigId: ObjectID = new ObjectID(
-    body["callSMSConfigId"] as string,
-  );
+      const callSMSConfigId: ObjectID = new ObjectID(
+        body["callSMSConfigId"] as string,
+      );
 
-  const config: ProjectCallSMSConfig | null =
-    await ProjectCallSMSConfigService.findOneById({
-      id: callSMSConfigId,
-      props: {
-        isRoot: true,
-      },
-      select: {
-        _id: true,
-        twilioAccountSID: true,
-        twilioAuthToken: true,
-        twilioPrimaryPhoneNumber: true,
-        twilioSecondaryPhoneNumbers: true,
-        projectId: true,
-      },
-    });
+      const config: ProjectCallSMSConfig | null =
+        await ProjectCallSMSConfigService.findOneById({
+          id: callSMSConfigId,
+          props: {
+            isRoot: true,
+          },
+          select: {
+            _id: true,
+            twilioAccountSID: true,
+            twilioAuthToken: true,
+            twilioPrimaryPhoneNumber: true,
+            twilioSecondaryPhoneNumbers: true,
+            projectId: true,
+          },
+        });
 
-  if (!config) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "call and sms config not found for id" + callSMSConfigId.toString(),
-      ),
-    );
-  }
+      if (!config) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException(
+            "call and sms config not found for id" + callSMSConfigId.toString(),
+          ),
+        );
+      }
 
-  const toPhone: Phone = new Phone(body["toPhone"] as string);
+      const toPhone: Phone = new Phone(body["toPhone"] as string);
 
-  if (!toPhone) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("toPhone is required"),
-    );
-  }
+      if (!toPhone) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("toPhone is required"),
+        );
+      }
 
-  // if any of the twilio config is missing, we will not send make the call
+      // if any of the twilio config is missing, we will not send make the call
 
-  if (!config.twilioAccountSID) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioAccountSID is required"),
-    );
-  }
+      if (!config.twilioAccountSID) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioAccountSID is required"),
+        );
+      }
 
-  if (!config.twilioAuthToken) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioAuthToken is required"),
-    );
-  }
+      if (!config.twilioAuthToken) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioAuthToken is required"),
+        );
+      }
 
-  if (!config.twilioPrimaryPhoneNumber) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioPrimaryPhoneNumber is required"),
-    );
-  }
+      if (!config.twilioPrimaryPhoneNumber) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioPrimaryPhoneNumber is required"),
+        );
+      }
 
-  const twilioConfig: TwilioConfig | undefined =
-    ProjectCallSMSConfigService.toTwilioConfig(config);
+      const twilioConfig: TwilioConfig | undefined =
+        ProjectCallSMSConfigService.toTwilioConfig(config);
 
-  try {
-    if (!twilioConfig) {
-      throw new BadDataException("twilioConfig is undefined");
+      try {
+        if (!twilioConfig) {
+          throw new BadDataException("twilioConfig is undefined");
+        }
+
+        const testCallRequest: CallRequest = {
+          data: [
+            {
+              sayMessage: "This is a test call from OneUptime.",
+            },
+          ],
+          to: toPhone,
+        };
+
+        await CallService.makeCall(testCallRequest, {
+          projectId: config.projectId,
+          customTwilioConfig: twilioConfig,
+        });
+      } catch (err) {
+        logger.error(err);
+        throw new BadDataException(
+          "Error making test call. Please check the twilio logs for more details",
+        );
+      }
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
     }
-
-    const testCallRequest: CallRequest = {
-      data: [
-        {
-          sayMessage: "This is a test call from OneUptime.",
-        },
-      ],
-      to: toPhone,
-    };
-
-    await CallService.makeCall(testCallRequest, {
-      projectId: config.projectId,
-      customTwilioConfig: twilioConfig,
-    });
-  } catch (err) {
-    logger.error(err);
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "Error making test call. Please check the twilio logs for more details",
-      ),
-    );
-  }
-
-  return Response.sendEmptySuccessResponse(req, res);
-});
+  },
+);
 
 export default router;

App/FeatureSet/Notification/API/Mail.ts

@@ -11,6 +11,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
 } from "Common/Server/Utils/Express";
 import Response from "Common/Server/Utils/Response";
 
@@ -19,70 +20,74 @@ const router: ExpressRouter = Express.getRouter();
 router.post(
   "/send",
   ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
-  async (req: ExpressRequest, res: ExpressResponse) => {
-    const body: JSONObject = req.body;
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body;
 
-    const mail: EmailMessage = {
-      templateType: body["templateType"] as EmailTemplateType,
-      toEmail: new Email(body["toEmail"] as string),
-      subject: body["subject"] as string,
-      vars: body["vars"] as Dictionary<string>,
-      body: (body["body"] as string) || "",
-    };
+      const mail: EmailMessage = {
+        templateType: body["templateType"] as EmailTemplateType,
+        toEmail: new Email(body["toEmail"] as string),
+        subject: body["subject"] as string,
+        vars: body["vars"] as Dictionary<string>,
+        body: (body["body"] as string) || "",
+      };
 
-    let mailServer: EmailServer | undefined = undefined;
+      let mailServer: EmailServer | undefined = undefined;
 
-    if (hasMailServerSettingsInBody(body)) {
-      mailServer = MailService.getEmailServer(req.body);
+      if (hasMailServerSettingsInBody(body)) {
+        mailServer = MailService.getEmailServer(req.body);
+      }
+
+      await MailService.send(mail, {
+        projectId: body["projectId"]
+          ? new ObjectID(body["projectId"] as string)
+          : undefined,
+        emailServer: mailServer,
+        userOnCallLogTimelineId:
+          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+        incidentId: body["incidentId"]
+          ? new ObjectID(body["incidentId"].toString())
+          : undefined,
+        alertId: body["alertId"]
+          ? new ObjectID(body["alertId"].toString())
+          : undefined,
+        scheduledMaintenanceId: body["scheduledMaintenanceId"]
+          ? new ObjectID(body["scheduledMaintenanceId"].toString())
+          : undefined,
+        statusPageId: body["statusPageId"]
+          ? new ObjectID(body["statusPageId"].toString())
+          : undefined,
+        statusPageAnnouncementId: body["statusPageAnnouncementId"]
+          ? new ObjectID(body["statusPageAnnouncementId"].toString())
+          : undefined,
+        userId: body["userId"]
+          ? new ObjectID(body["userId"].toString())
+          : undefined,
+        onCallPolicyId: body["onCallPolicyId"]
+          ? new ObjectID(body["onCallPolicyId"].toString())
+          : undefined,
+        onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
+          ? new ObjectID(body["onCallPolicyEscalationRuleId"].toString())
+          : undefined,
+        onCallDutyPolicyExecutionLogTimelineId: body[
+          "onCallDutyPolicyExecutionLogTimelineId"
+        ]
+          ? new ObjectID(
+              body["onCallDutyPolicyExecutionLogTimelineId"].toString(),
+            )
+          : undefined,
+        onCallScheduleId: body["onCallScheduleId"]
+          ? new ObjectID(body["onCallScheduleId"].toString())
+          : undefined,
+        teamId: body["teamId"]
+          ? new ObjectID(body["teamId"].toString())
+          : undefined,
+      });
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
     }
-
-    await MailService.send(mail, {
-      projectId: body["projectId"]
-        ? new ObjectID(body["projectId"] as string)
-        : undefined,
-      emailServer: mailServer,
-      userOnCallLogTimelineId:
-        (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
-      incidentId: body["incidentId"]
-        ? new ObjectID(body["incidentId"].toString())
-        : undefined,
-      alertId: body["alertId"]
-        ? new ObjectID(body["alertId"].toString())
-        : undefined,
-      scheduledMaintenanceId: body["scheduledMaintenanceId"]
-        ? new ObjectID(body["scheduledMaintenanceId"].toString())
-        : undefined,
-      statusPageId: body["statusPageId"]
-        ? new ObjectID(body["statusPageId"].toString())
-        : undefined,
-      statusPageAnnouncementId: body["statusPageAnnouncementId"]
-        ? new ObjectID(body["statusPageAnnouncementId"].toString())
-        : undefined,
-      userId: body["userId"]
-        ? new ObjectID(body["userId"].toString())
-        : undefined,
-      onCallPolicyId: body["onCallPolicyId"]
-        ? new ObjectID(body["onCallPolicyId"].toString())
-        : undefined,
-      onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
-        ? new ObjectID(body["onCallPolicyEscalationRuleId"].toString())
-        : undefined,
-      onCallDutyPolicyExecutionLogTimelineId: body[
-        "onCallDutyPolicyExecutionLogTimelineId"
-      ]
-        ? new ObjectID(
-            body["onCallDutyPolicyExecutionLogTimelineId"].toString(),
-          )
-        : undefined,
-      onCallScheduleId: body["onCallScheduleId"]
-        ? new ObjectID(body["onCallScheduleId"].toString())
-        : undefined,
-      teamId: body["teamId"]
-        ? new ObjectID(body["teamId"].toString())
-        : undefined,
-    });
-
-    return Response.sendEmptySuccessResponse(req, res);
   },
 );
 

App/FeatureSet/Notification/API/PushNotification.ts

@@ -5,6 +5,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
 } from "Common/Server/Utils/Express";
 import Response from "Common/Server/Utils/Response";
 import { JSONObject } from "Common/Types/JSON";
@@ -15,50 +16,54 @@ const router: ExpressRouter = Express.getRouter();
 router.post(
   "/send",
   ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
-  async (req: ExpressRequest, res: ExpressResponse) => {
-    const body: JSONObject = JSONFunctions.deserialize(req.body);
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = JSONFunctions.deserialize(req.body);
 
-    // Support both new devices format and legacy deviceTokens/deviceNames format
-    let devices: Array<{ token: string; name?: string }> = [];
+      // Support both new devices format and legacy deviceTokens/deviceNames format
+      let devices: Array<{ token: string; name?: string }> = [];
 
-    if (body["devices"]) {
-      // New format: devices as array of objects
-      devices = body["devices"] as Array<{ token: string; name?: string }>;
-    } else {
-      throw new Error("Invalid request format: 'devices' array is required.");
+      if (body["devices"]) {
+        // New format: devices as array of objects
+        devices = body["devices"] as Array<{ token: string; name?: string }>;
+      } else {
+        throw new Error("Invalid request format: 'devices' array is required.");
+      }
+
+      await PushService.send(
+        {
+          devices,
+          deviceType: (body["deviceType"] as any) || "web",
+          message: body["message"] as any,
+        },
+        {
+          projectId: (body["projectId"] as ObjectID) || undefined,
+          isSensitive: (body["isSensitive"] as boolean) || false,
+          userOnCallLogTimelineId:
+            (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+          incidentId: (body["incidentId"] as ObjectID) || undefined,
+          alertId: (body["alertId"] as ObjectID) || undefined,
+          scheduledMaintenanceId:
+            (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+          statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+          statusPageAnnouncementId:
+            (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+          userId: (body["userId"] as ObjectID) || undefined,
+          onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+          onCallPolicyEscalationRuleId:
+            (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+          onCallDutyPolicyExecutionLogTimelineId:
+            (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+            undefined,
+          onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+          teamId: (body["teamId"] as ObjectID) || undefined,
+        },
+      );
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
     }
-
-    await PushService.send(
-      {
-        devices,
-        deviceType: (body["deviceType"] as any) || "web",
-        message: body["message"] as any,
-      },
-      {
-        projectId: (body["projectId"] as ObjectID) || undefined,
-        isSensitive: (body["isSensitive"] as boolean) || false,
-        userOnCallLogTimelineId:
-          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
-        incidentId: (body["incidentId"] as ObjectID) || undefined,
-        alertId: (body["alertId"] as ObjectID) || undefined,
-        scheduledMaintenanceId:
-          (body["scheduledMaintenanceId"] as ObjectID) || undefined,
-        statusPageId: (body["statusPageId"] as ObjectID) || undefined,
-        statusPageAnnouncementId:
-          (body["statusPageAnnouncementId"] as ObjectID) || undefined,
-        userId: (body["userId"] as ObjectID) || undefined,
-        onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
-        onCallPolicyEscalationRuleId:
-          (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
-        onCallDutyPolicyExecutionLogTimelineId:
-          (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
-          undefined,
-        onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
-        teamId: (body["teamId"] as ObjectID) || undefined,
-      },
-    );
-
-    return Response.sendEmptySuccessResponse(req, res);
   },
 );
 

App/FeatureSet/Notification/API/SMS.ts

@@ -11,6 +11,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
@@ -21,130 +22,141 @@ const router: ExpressRouter = Express.getRouter();
 router.post(
   "/send",
   ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
-  async (req: ExpressRequest, res: ExpressResponse) => {
-    const body: JSONObject = JSONFunctions.deserialize(req.body);
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = JSONFunctions.deserialize(req.body);
 
-    await SmsService.sendSms(body["to"] as Phone, body["message"] as string, {
-      projectId: body["projectId"] as ObjectID,
-      isSensitive: (body["isSensitive"] as boolean) || false,
-      userOnCallLogTimelineId:
-        (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
-      customTwilioConfig: body["customTwilioConfig"] as any,
-      incidentId: (body["incidentId"] as ObjectID) || undefined,
-      alertId: (body["alertId"] as ObjectID) || undefined,
-      scheduledMaintenanceId:
-        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
-      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
-      statusPageAnnouncementId:
-        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
-      userId: (body["userId"] as ObjectID) || undefined,
-      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
-      onCallPolicyEscalationRuleId:
-        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
-      onCallDutyPolicyExecutionLogTimelineId:
-        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
-        undefined,
-      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
-      teamId: (body["teamId"] as ObjectID) || undefined,
-    });
+      await SmsService.sendSms(body["to"] as Phone, body["message"] as string, {
+        projectId: body["projectId"] as ObjectID,
+        isSensitive: (body["isSensitive"] as boolean) || false,
+        userOnCallLogTimelineId:
+          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+        customTwilioConfig: body["customTwilioConfig"] as any,
+        incidentId: (body["incidentId"] as ObjectID) || undefined,
+        alertId: (body["alertId"] as ObjectID) || undefined,
+        scheduledMaintenanceId:
+          (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+        statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+        statusPageAnnouncementId:
+          (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+        userId: (body["userId"] as ObjectID) || undefined,
+        onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+        onCallPolicyEscalationRuleId:
+          (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+        onCallDutyPolicyExecutionLogTimelineId:
+          (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+          undefined,
+        onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+        teamId: (body["teamId"] as ObjectID) || undefined,
+      });
 
-    return Response.sendEmptySuccessResponse(req, res);
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
   },
 );
 
-router.post("/test", async (req: ExpressRequest, res: ExpressResponse) => {
-  const body: JSONObject = req.body;
+router.post(
+  "/test",
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body;
 
-  const callSMSConfigId: ObjectID = new ObjectID(
-    body["callSMSConfigId"] as string,
-  );
+      const callSMSConfigId: ObjectID = new ObjectID(
+        body["callSMSConfigId"] as string,
+      );
 
-  const config: ProjectCallSMSConfig | null =
-    await ProjectCallSMSConfigService.findOneById({
-      id: callSMSConfigId,
-      props: {
-        isRoot: true,
-      },
-      select: {
-        _id: true,
-        twilioAccountSID: true,
-        twilioAuthToken: true,
-        twilioPrimaryPhoneNumber: true,
-        twilioSecondaryPhoneNumbers: true,
-        projectId: true,
-      },
-    });
+      const config: ProjectCallSMSConfig | null =
+        await ProjectCallSMSConfigService.findOneById({
+          id: callSMSConfigId,
+          props: {
+            isRoot: true,
+          },
+          select: {
+            _id: true,
+            twilioAccountSID: true,
+            twilioAuthToken: true,
+            twilioPrimaryPhoneNumber: true,
+            twilioSecondaryPhoneNumbers: true,
+            projectId: true,
+          },
+        });
 
-  if (!config) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "call and sms config not found for id" + callSMSConfigId.toString(),
-      ),
-    );
-  }
+      if (!config) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException(
+            "call and sms config not found for id" + callSMSConfigId.toString(),
+          ),
+        );
+      }
 
-  const toPhone: Phone = new Phone(body["toPhone"] as string);
+      const toPhone: Phone = new Phone(body["toPhone"] as string);
 
-  if (!toPhone) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("toPhone is required"),
-    );
-  }
+      if (!toPhone) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("toPhone is required"),
+        );
+      }
 
-  // if any of the twilio config is missing, we will not send make the call
+      // if any of the twilio config is missing, we will not send make the call
 
-  if (!config.twilioAccountSID) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioAccountSID is required"),
-    );
-  }
+      if (!config.twilioAccountSID) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioAccountSID is required"),
+        );
+      }
 
-  if (!config.twilioAuthToken) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioAuthToken is required"),
-    );
-  }
+      if (!config.twilioAuthToken) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioAuthToken is required"),
+        );
+      }
 
-  if (!config.twilioPrimaryPhoneNumber) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("twilioPrimaryPhoneNumber is required"),
-    );
-  }
+      if (!config.twilioPrimaryPhoneNumber) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("twilioPrimaryPhoneNumber is required"),
+        );
+      }
 
-  const twilioConfig: TwilioConfig | undefined =
-    ProjectCallSMSConfigService.toTwilioConfig(config);
+      const twilioConfig: TwilioConfig | undefined =
+        ProjectCallSMSConfigService.toTwilioConfig(config);
 
-  try {
-    if (!twilioConfig) {
-      throw new BadDataException("twilioConfig is undefined");
+      try {
+        if (!twilioConfig) {
+          throw new BadDataException("twilioConfig is undefined");
+        }
+
+        await SmsService.sendSms(
+          toPhone,
+          "This is a test SMS from OneUptime.",
+          {
+            projectId: config.projectId,
+            customTwilioConfig: twilioConfig,
+          },
+        );
+      } catch (err) {
+        logger.error(err);
+        throw new BadDataException(
+          "Failed to send test SMS. Please check the twilio logs for more details.",
+        );
+      }
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
     }
-
-    await SmsService.sendSms(toPhone, "This is a test SMS from OneUptime.", {
-      projectId: config.projectId,
-      customTwilioConfig: twilioConfig,
-    });
-  } catch (err) {
-    logger.error(err);
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "Failed to send test SMS. Please check the twilio logs for more details.",
-      ),
-    );
-  }
-
-  return Response.sendEmptySuccessResponse(req, res);
-});
+  },
+);
 
 export default router;

App/FeatureSet/Notification/API/SMTPConfig.ts

@@ -11,6 +11,7 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
@@ -18,87 +19,92 @@ import ProjectSmtpConfig from "Common/Models/DatabaseModels/ProjectSmtpConfig";
 
 const router: ExpressRouter = Express.getRouter();
 
-router.post("/test", async (req: ExpressRequest, res: ExpressResponse) => {
-  const body: JSONObject = req.body;
+router.post(
+  "/test",
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body;
 
-  const smtpConfigId: ObjectID = new ObjectID(body["smtpConfigId"] as string);
+      const smtpConfigId: ObjectID = new ObjectID(
+        body["smtpConfigId"] as string,
+      );
 
-  const config: ProjectSmtpConfig | null =
-    await ProjectSMTPConfigService.findOneById({
-      id: smtpConfigId,
-      props: {
-        isRoot: true,
-      },
-      select: {
-        _id: true,
-        hostname: true,
-        port: true,
-        username: true,
-        password: true,
-        fromEmail: true,
-        fromName: true,
-        secure: true,
-        projectId: true,
-      },
-    });
+      const config: ProjectSmtpConfig | null =
+        await ProjectSMTPConfigService.findOneById({
+          id: smtpConfigId,
+          props: {
+            isRoot: true,
+          },
+          select: {
+            _id: true,
+            hostname: true,
+            port: true,
+            username: true,
+            password: true,
+            fromEmail: true,
+            fromName: true,
+            secure: true,
+            projectId: true,
+          },
+        });
 
-  if (!config) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "smtp-config not found for id" + smtpConfigId.toString(),
-      ),
-    );
-  }
+      if (!config) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException(
+            "smtp-config not found for id" + smtpConfigId.toString(),
+          ),
+        );
+      }
 
-  const toEmail: Email = new Email(body["toEmail"] as string);
+      const toEmail: Email = new Email(body["toEmail"] as string);
 
-  if (!toEmail) {
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException("toEmail is required"),
-    );
-  }
+      if (!toEmail) {
+        return Response.sendErrorResponse(
+          req,
+          res,
+          new BadDataException("toEmail is required"),
+        );
+      }
 
-  const mail: EmailMessage = {
-    templateType: EmailTemplateType.SMTPTest,
-    toEmail: new Email(body["toEmail"] as string),
-    subject: "Test Email from OneUptime",
-    vars: {},
-    body: "",
-  };
+      const mail: EmailMessage = {
+        templateType: EmailTemplateType.SMTPTest,
+        toEmail: new Email(body["toEmail"] as string),
+        subject: "Test Email from OneUptime",
+        vars: {},
+        body: "",
+      };
 
-  const mailServer: EmailServer = {
-    id: config.id!,
-    host: config.hostname!,
-    port: config.port!,
-    username: config.username!,
-    password: config.password!,
-    fromEmail: config.fromEmail!,
-    fromName: config.fromName!,
-    secure: Boolean(config.secure),
-  };
+      const mailServer: EmailServer = {
+        id: config.id!,
+        host: config.hostname!,
+        port: config.port!,
+        username: config.username!,
+        password: config.password!,
+        fromEmail: config.fromEmail!,
+        fromName: config.fromName!,
+        secure: Boolean(config.secure),
+      };
 
-  try {
-    await MailService.send(mail, {
-      emailServer: mailServer,
-      projectId: config.projectId!,
-      timeout: 4000,
-    });
-  } catch (err) {
-    logger.error(err);
-    return Response.sendErrorResponse(
-      req,
-      res,
-      new BadDataException(
-        "Cannot send email. Please check your SMTP config. If you are using Google or Gmail, please dont since it does not support machine access to their mail servers. If you are still having issues, please uncheck SSL/TLS toggle and try again. We recommend using SendGrid or Mailgun or any large volume mail provider for SMTP.",
-      ),
-    );
-  }
+      try {
+        await MailService.send(mail, {
+          emailServer: mailServer,
+          projectId: config.projectId!,
+          timeout: 4000,
+        });
+      } catch (err) {
+        logger.error(err);
+        throw new BadDataException(
+          "Cannot send email. Please check your SMTP config. If you are using Google or Gmail, please dont since it does not support machine access to their mail servers. If you are still having issues, please uncheck SSL/TLS toggle and try again. We recommend using SendGrid or Mailgun or any large volume mail provider for SMTP.",
+        );
+      }
 
-  return Response.sendEmptySuccessResponse(req, res);
-});
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
+  },
+);
 
 export default router;

App/FeatureSet/Notification/API/WhatsApp.ts

@@ -0,0 +1,491 @@
+import WhatsAppService from "../Services/WhatsAppService";
+import BadDataException from "Common/Types/Exception/BadDataException";
+import GlobalConfig from "Common/Models/DatabaseModels/GlobalConfig";
+import { JSONArray, JSONObject } from "Common/Types/JSON";
+import ObjectID from "Common/Types/ObjectID";
+import Phone from "Common/Types/Phone";
+import WhatsAppMessage from "Common/Types/WhatsApp/WhatsAppMessage";
+import {
+  WhatsAppTemplateId,
+  WhatsAppTemplateIds,
+  WhatsAppTemplateLanguage,
+} from "Common/Types/WhatsApp/WhatsAppTemplates";
+import WhatsAppStatus from "Common/Types/WhatsAppStatus";
+import ClusterKeyAuthorization from "Common/Server/Middleware/ClusterKeyAuthorization";
+import WhatsAppLogService from "Common/Server/Services/WhatsAppLogService";
+import GlobalConfigService from "Common/Server/Services/GlobalConfigService";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+  NextFunction,
+} from "Common/Server/Utils/Express";
+import logger from "Common/Server/Utils/Logger";
+import Response from "Common/Server/Utils/Response";
+
+const router: ExpressRouter = Express.getRouter();
+
+const MAX_STATUS_MESSAGE_LENGTH: number = 500;
+
+export const mapWebhookStatusToWhatsAppStatus: (
+  status?: string,
+) => WhatsAppStatus = (status?: string): WhatsAppStatus => {
+  switch ((status || "").toLowerCase()) {
+    case "sent":
+      return WhatsAppStatus.Sent;
+    case "delivered":
+      return WhatsAppStatus.Delivered;
+    case "read":
+      return WhatsAppStatus.Read;
+    case "failed":
+      return WhatsAppStatus.Failed;
+    case "deleted":
+    case "removed":
+      return WhatsAppStatus.Deleted;
+    case "warning":
+      return WhatsAppStatus.Warning;
+    case "queued":
+    case "pending":
+      return WhatsAppStatus.Queued;
+    case "error":
+      return WhatsAppStatus.Error;
+    case "success":
+      return WhatsAppStatus.Success;
+    default:
+      return WhatsAppStatus.Unknown;
+  }
+};
+
+export const buildStatusMessage: (payload: JSONObject) => string | undefined = (
+  payload: JSONObject,
+): string | undefined => {
+  const messageParts: Array<string> = [];
+  const rawStatus: string | undefined = payload["status"]
+    ? String(payload["status"])
+    : undefined;
+
+  if (rawStatus) {
+    messageParts.push(`Status: ${rawStatus}`);
+  }
+
+  const timestamp: string | undefined = payload["timestamp"]
+    ? String(payload["timestamp"])
+    : undefined;
+
+  if (timestamp) {
+    const numericTimestamp: number = Number(timestamp);
+    if (!isNaN(numericTimestamp)) {
+      messageParts.push(
+        `Timestamp: ${new Date(numericTimestamp * 1000).toISOString()}`,
+      );
+    } else {
+      messageParts.push(`Timestamp: ${timestamp}`);
+    }
+  }
+
+  const conversation: JSONObject | undefined =
+    (payload["conversation"] as JSONObject | undefined) || undefined;
+
+  if (conversation) {
+    if (conversation["id"]) {
+      messageParts.push(`Conversation: ${conversation["id"]}`);
+    }
+
+    const origin: JSONObject | undefined =
+      (conversation["origin"] as JSONObject | undefined) || undefined;
+
+    if (origin?.["type"]) {
+      messageParts.push(`Origin: ${origin["type"]}`);
+    }
+
+    if (conversation["expiration_timestamp"]) {
+      const expirationTimestamp: number = Number(
+        conversation["expiration_timestamp"],
+      );
+
+      if (!isNaN(expirationTimestamp)) {
+        messageParts.push(
+          `Conversation expires: ${new Date(expirationTimestamp * 1000).toISOString()}`,
+        );
+      }
+    }
+  }
+
+  const pricing: JSONObject | undefined =
+    (payload["pricing"] as JSONObject | undefined) || undefined;
+
+  if (pricing) {
+    const pricingParts: Array<string> = [];
+
+    if (pricing["billable"] !== undefined) {
+      pricingParts.push(`billable=${pricing["billable"]}`);
+    }
+
+    if (pricing["category"]) {
+      pricingParts.push(`category=${pricing["category"]}`);
+    }
+
+    if (pricing["pricing_model"]) {
+      pricingParts.push(`model=${pricing["pricing_model"]}`);
+    }
+
+    if (pricingParts.length > 0) {
+      messageParts.push(`Pricing: ${pricingParts.join(", ")}`);
+    }
+  }
+
+  const errors: JSONArray | undefined =
+    (payload["errors"] as JSONArray | undefined) || undefined;
+
+  if (Array.isArray(errors) && errors.length > 0) {
+    const firstError: JSONObject = errors[0] as JSONObject;
+    const errorParts: Array<string> = [];
+
+    if (firstError["title"]) {
+      errorParts.push(String(firstError["title"]));
+    }
+
+    if (firstError["code"]) {
+      errorParts.push(`code=${firstError["code"]}`);
+    }
+
+    if (firstError["detail"]) {
+      errorParts.push(String(firstError["detail"]));
+    }
+
+    if (errorParts.length > 0) {
+      messageParts.push(`Error: ${errorParts.join(" - ")}`);
+    }
+  }
+
+  if (messageParts.length === 0) {
+    return undefined;
+  }
+
+  const statusMessage: string = messageParts.join(" | ");
+
+  if (statusMessage.length <= MAX_STATUS_MESSAGE_LENGTH) {
+    return statusMessage;
+  }
+
+  return `${statusMessage.substring(0, MAX_STATUS_MESSAGE_LENGTH - 3)}...`;
+};
+
+const updateWhatsAppLogStatus: (
+  statusPayload: JSONObject,
+) => Promise<void> = async (statusPayload: JSONObject): Promise<void> => {
+  const messageId: string | undefined = statusPayload["id"]
+    ? String(statusPayload["id"])
+    : undefined;
+
+  if (!messageId) {
+    logger.warn(
+      `[Meta WhatsApp Webhook] Received status payload without message id. Payload: ${JSON.stringify(statusPayload)}`,
+    );
+    return;
+  }
+
+  const rawStatus: string | undefined = statusPayload["status"]
+    ? String(statusPayload["status"])
+    : undefined;
+
+  const derivedStatus: WhatsAppStatus =
+    mapWebhookStatusToWhatsAppStatus(rawStatus);
+
+  const statusMessage: string | undefined = buildStatusMessage(statusPayload);
+
+  const updateResult: number = await WhatsAppLogService.updateOneBy({
+    query: {
+      whatsAppMessageId: messageId,
+    },
+    data: {
+      status: derivedStatus,
+      ...(statusMessage ? { statusMessage } : {}),
+    },
+    props: {
+      isRoot: true,
+    },
+  });
+
+  if (updateResult === 0) {
+    logger.warn(
+      `[Meta WhatsApp Webhook] No WhatsApp log found for message id ${messageId}. Payload: ${JSON.stringify(statusPayload)}`,
+    );
+  } else {
+    logger.debug(
+      `[Meta WhatsApp Webhook] Updated WhatsApp log for message id ${messageId} with status ${derivedStatus}.`,
+    );
+  }
+};
+
+const toTemplateVariables: (
+  rawVariables: JSONObject | undefined,
+) => Record<string, string> | undefined = (
+  rawVariables: JSONObject | undefined,
+): Record<string, string> | undefined => {
+  if (!rawVariables) {
+    return undefined;
+  }
+
+  const result: Record<string, string> = {};
+
+  for (const key of Object.keys(rawVariables)) {
+    const value: unknown = rawVariables[key];
+    if (value !== null && value !== undefined) {
+      result[key] = String(value);
+    }
+  }
+
+  return Object.keys(result).length > 0 ? result : undefined;
+};
+
+router.post(
+  "/send",
+  ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    const body: JSONObject = req.body as JSONObject;
+
+    if (!body["to"]) {
+      throw new BadDataException("`to` phone number is required");
+    }
+
+    const toPhone: Phone = new Phone(body["to"] as string);
+
+    const message: WhatsAppMessage = {
+      to: toPhone,
+      body: (body["body"] as string) || "",
+      templateKey: (body["templateKey"] as string) || undefined,
+      templateVariables: toTemplateVariables(
+        body["templateVariables"] as JSONObject | undefined,
+      ),
+      templateLanguageCode:
+        (body["templateLanguageCode"] as string) || undefined,
+    };
+
+    try {
+      await WhatsAppService.sendWhatsApp(message, {
+        projectId: body["projectId"]
+          ? new ObjectID(body["projectId"] as string)
+          : undefined,
+        isSensitive: (body["isSensitive"] as boolean) || false,
+        userOnCallLogTimelineId: body["userOnCallLogTimelineId"]
+          ? new ObjectID(body["userOnCallLogTimelineId"] as string)
+          : undefined,
+        incidentId: body["incidentId"]
+          ? new ObjectID(body["incidentId"] as string)
+          : undefined,
+        alertId: body["alertId"]
+          ? new ObjectID(body["alertId"] as string)
+          : undefined,
+        scheduledMaintenanceId: body["scheduledMaintenanceId"]
+          ? new ObjectID(body["scheduledMaintenanceId"] as string)
+          : undefined,
+        statusPageId: body["statusPageId"]
+          ? new ObjectID(body["statusPageId"] as string)
+          : undefined,
+        statusPageAnnouncementId: body["statusPageAnnouncementId"]
+          ? new ObjectID(body["statusPageAnnouncementId"] as string)
+          : undefined,
+        userId: body["userId"]
+          ? new ObjectID(body["userId"] as string)
+          : undefined,
+        onCallPolicyId: body["onCallPolicyId"]
+          ? new ObjectID(body["onCallPolicyId"] as string)
+          : undefined,
+        onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
+          ? new ObjectID(body["onCallPolicyEscalationRuleId"] as string)
+          : undefined,
+        onCallDutyPolicyExecutionLogTimelineId: body[
+          "onCallDutyPolicyExecutionLogTimelineId"
+        ]
+          ? new ObjectID(
+              body["onCallDutyPolicyExecutionLogTimelineId"] as string,
+            )
+          : undefined,
+        onCallScheduleId: body["onCallScheduleId"]
+          ? new ObjectID(body["onCallScheduleId"] as string)
+          : undefined,
+        teamId: body["teamId"]
+          ? new ObjectID(body["teamId"] as string)
+          : undefined,
+      });
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
+  },
+);
+
+router.get("/webhook", async (req: ExpressRequest, res: ExpressResponse) => {
+  const mode: string | undefined = req.query["hub.mode"]
+    ? String(req.query["hub.mode"])
+    : undefined;
+  const verifyToken: string | undefined = req.query["hub.verify_token"]
+    ? String(req.query["hub.verify_token"])
+    : undefined;
+  const challenge: string | undefined = req.query["hub.challenge"]
+    ? String(req.query["hub.challenge"])
+    : undefined;
+
+  if (mode === "subscribe" && challenge) {
+    const globalConfigTokenResponse: GlobalConfig | null =
+      await GlobalConfigService.findOneBy({
+        query: {
+          _id: ObjectID.getZeroObjectID().toString(),
+        },
+        props: {
+          isRoot: true,
+        },
+        select: {
+          metaWhatsAppWebhookVerifyToken: true,
+        },
+      });
+
+    const configuredVerifyToken: string | undefined =
+      globalConfigTokenResponse?.metaWhatsAppWebhookVerifyToken?.trim() ||
+      undefined;
+
+    if (!configuredVerifyToken) {
+      logger.error(
+        "Meta WhatsApp webhook verify token is not configured. Rejecting verification request.",
+      );
+      res.sendStatus(403);
+      return;
+    }
+
+    if (verifyToken === configuredVerifyToken) {
+      res.status(200).send(challenge);
+      return;
+    }
+
+    logger.warn(
+      "Meta WhatsApp webhook verification failed due to token mismatch.",
+    );
+    res.sendStatus(403);
+    return;
+  }
+
+  res.sendStatus(400);
+});
+
+router.post(
+  "/webhook",
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body as JSONObject;
+
+      if (
+        (body["object"] as string | undefined) !== "whatsapp_business_account"
+      ) {
+        logger.debug(
+          `[Meta WhatsApp Webhook] Received event for unsupported object: ${JSON.stringify(body)}`,
+        );
+        return Response.sendEmptySuccessResponse(req, res);
+      }
+
+      const entries: JSONArray | undefined = body["entry"] as
+        | JSONArray
+        | undefined;
+
+      if (!Array.isArray(entries)) {
+        logger.warn(
+          `[Meta WhatsApp Webhook] Payload did not include entries array. Payload: ${JSON.stringify(body)}`,
+        );
+        return Response.sendEmptySuccessResponse(req, res);
+      }
+
+      const statusUpdatePromises: Array<Promise<void>> = [];
+
+      for (const entry of entries) {
+        const entryObject: JSONObject = entry as JSONObject;
+        const changes: JSONArray | undefined =
+          (entryObject["changes"] as JSONArray | undefined) || undefined;
+
+        if (!Array.isArray(changes)) {
+          continue;
+        }
+
+        for (const change of changes) {
+          const changeObject: JSONObject = change as JSONObject;
+          const value: JSONObject | undefined =
+            (changeObject["value"] as JSONObject | undefined) || undefined;
+
+          if (!value) {
+            continue;
+          }
+
+          const statuses: JSONArray | undefined =
+            (value["statuses"] as JSONArray | undefined) || undefined;
+
+          if (Array.isArray(statuses)) {
+            for (const statusItem of statuses) {
+              statusUpdatePromises.push(
+                updateWhatsAppLogStatus(statusItem as JSONObject),
+              );
+            }
+          }
+        }
+      }
+
+      if (statusUpdatePromises.length > 0) {
+        await Promise.allSettled(statusUpdatePromises);
+      }
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
+  },
+);
+
+router.post(
+  "/test",
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+    try {
+      const body: JSONObject = req.body as JSONObject;
+
+      if (!body["toPhone"]) {
+        throw new BadDataException("toPhone is required");
+      }
+
+      const toPhone: Phone = new Phone(body["toPhone"] as string);
+
+      const templateKey: WhatsAppTemplateId =
+        WhatsAppTemplateIds.TestNotification;
+
+      const templateLanguageCode: string =
+        WhatsAppTemplateLanguage[templateKey] || "en";
+
+      const message: WhatsAppMessage = {
+        to: toPhone,
+        body: "",
+        templateKey,
+        templateVariables: undefined,
+        templateLanguageCode,
+      };
+
+      try {
+        await WhatsAppService.sendWhatsApp(message, {
+          projectId: body["projectId"]
+            ? new ObjectID(body["projectId"] as string)
+            : undefined,
+          isSensitive: false,
+        });
+      } catch (err) {
+        const errorMsg: string =
+          err instanceof Error && err.message
+            ? err.message
+            : "Failed to send test WhatsApp message.";
+
+        throw new BadDataException(errorMsg);
+      }
+
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      return next(err);
+    }
+  },
+);
+
+export default router;

App/FeatureSet/Notification/Config.ts

@@ -12,6 +12,8 @@ import Phone from "Common/Types/Phone";
 
 type GetGlobalSMTPConfig = () => Promise<EmailServer | null>;
 
+export const DEFAULT_META_WHATSAPP_API_VERSION: string = "v23.0";
+
 export const getGlobalSMTPConfig: GetGlobalSMTPConfig =
   async (): Promise<EmailServer | null> => {
     const globalConfig: GlobalConfig | null =
@@ -222,6 +224,83 @@ export const SMSHighRiskCostInCents: number = process.env[
   ? parseInt(process.env["SMS_HIGH_RISK_COST_IN_CENTS"])
   : 0;
 
+export interface MetaWhatsAppConfig {
+  accessToken: string;
+  phoneNumberId: string;
+  businessAccountId?: string | undefined;
+  appId?: string | undefined;
+  appSecret?: string | undefined;
+  apiVersion?: string | undefined;
+}
+
+type GetMetaWhatsAppConfigFunction = () => Promise<MetaWhatsAppConfig>;
+
+export const getMetaWhatsAppConfig: GetMetaWhatsAppConfigFunction =
+  async (): Promise<MetaWhatsAppConfig> => {
+    const globalConfig: GlobalConfig | null =
+      await GlobalConfigService.findOneBy({
+        query: {
+          _id: ObjectID.getZeroObjectID().toString(),
+        },
+        props: {
+          isRoot: true,
+        },
+        select: {
+          metaWhatsAppAccessToken: true,
+          metaWhatsAppPhoneNumberId: true,
+          metaWhatsAppBusinessAccountId: true,
+          metaWhatsAppAppId: true,
+          metaWhatsAppAppSecret: true,
+        },
+      });
+
+    if (!globalConfig) {
+      throw new BadDataException("Global Config not found");
+    }
+
+    const accessToken: string | undefined =
+      globalConfig.metaWhatsAppAccessToken?.trim();
+    const phoneNumberId: string | undefined =
+      globalConfig.metaWhatsAppPhoneNumberId?.trim();
+
+    if (!accessToken) {
+      throw new BadDataException(
+        "Meta WhatsApp access token not configured. Please set it in the Admin Dashboard: " +
+          AdminDashboardClientURL.toString(),
+      );
+    }
+
+    if (!phoneNumberId) {
+      throw new BadDataException(
+        "Meta WhatsApp phone number ID not configured. Please set it in the Admin Dashboard: " +
+          AdminDashboardClientURL.toString(),
+      );
+    }
+
+    const businessAccountId: string | undefined =
+      globalConfig.metaWhatsAppBusinessAccountId?.trim() || undefined;
+    const appId: string | undefined =
+      globalConfig.metaWhatsAppAppId?.trim() || undefined;
+    const appSecret: string | undefined =
+      globalConfig.metaWhatsAppAppSecret?.trim() || undefined;
+    const apiVersion: string = DEFAULT_META_WHATSAPP_API_VERSION;
+
+    return {
+      accessToken,
+      phoneNumberId,
+      businessAccountId,
+      appId,
+      appSecret,
+      apiVersion,
+    };
+  };
+
+export const WhatsAppTextDefaultCostInCents: number = process.env[
+  "WHATSAPP_TEXT_DEFAULT_COST_IN_CENTS"
+]
+  ? parseInt(process.env["WHATSAPP_TEXT_DEFAULT_COST_IN_CENTS"])
+  : 0;
+
 export const CallHighRiskCostInCentsPerMinute: number = process.env[
   "CALL_HIGH_RISK_COST_IN_CENTS_PER_MINUTE"
 ]

App/FeatureSet/Notification/Index.ts

@@ -2,6 +2,7 @@ import CallAPI from "./API/Call";
 // API
 import MailAPI from "./API/Mail";
 import SmsAPI from "./API/SMS";
+import WhatsAppAPI from "./API/WhatsApp";
 import PushNotificationAPI from "./API/PushNotification";
 import SMTPConfigAPI from "./API/SMTPConfig";
 import "./Utils/Handlebars";
@@ -16,6 +17,7 @@ const NotificationFeatureSet: FeatureSet = {
 
     app.use([`/${APP_NAME}/email`, "/email"], MailAPI);
     app.use([`/${APP_NAME}/sms`, "/sms"], SmsAPI);
+    app.use([`/${APP_NAME}/whatsapp`, "/whatsapp"], WhatsAppAPI);
     app.use([`/${APP_NAME}/push`, "/push"], PushNotificationAPI);
     app.use([`/${APP_NAME}/call`, "/call"], CallAPI);
     app.use([`/${APP_NAME}/smtp-config`, "/smtp-config"], SMTPConfigAPI);

App/FeatureSet/Notification/Services/CallService.ts

@@ -47,9 +47,11 @@ function extractSayMessagesFromCallRequest(callRequest: CallRequest): string {
       if ((item as GatherInput).introMessage) {
         sayMessages.push((item as GatherInput).introMessage);
       }
-      // NOTE: Excluding noInputMessage and onInputCallRequest messages from summary
-      // as they contain system responses like "Good bye", "Invalid input", "You have acknowledged"
-      // which should not be included in the call summary according to user requirements
+      /*
+       * NOTE: Excluding noInputMessage and onInputCallRequest messages from summary
+       * as they contain system responses like "Good bye", "Invalid input", "You have acknowledged"
+       * which should not be included in the call summary according to user requirements
+       */
     }
   }
 

App/FeatureSet/Notification/Services/MailService.ts

@@ -37,11 +37,49 @@ class TransporterPool {
   private static semaphore: Map<string, number> = new Map();
   private static readonly MAX_CONCURRENT_CONNECTIONS = 100;
 
+  private static resolveConnectionSettings(emailServer: EmailServer): {
+    portNumber: number;
+    wantsSecureConnection: boolean;
+    secureConnection: boolean;
+    requireTLS: boolean;
+    mode: "implicit-tls" | "starttls" | "plain";
+  } {
+    const portNumber: number = emailServer.port.toNumber();
+    const wantsSecureConnection: boolean = emailServer.secure;
+    const isImplicitTLSPort: boolean = portNumber === 465;
+
+    const secureConnection: boolean = isImplicitTLSPort;
+    const requireTLS: boolean = wantsSecureConnection && !isImplicitTLSPort;
+
+    let mode: "implicit-tls" | "starttls" | "plain" = "plain";
+
+    if (secureConnection) {
+      mode = "implicit-tls";
+    } else if (requireTLS) {
+      mode = "starttls";
+    }
+
+    return {
+      portNumber,
+      wantsSecureConnection,
+      secureConnection,
+      requireTLS,
+      mode,
+    };
+  }
+
+  private static getPoolKey(emailServer: EmailServer): string {
+    const { portNumber, mode } = this.resolveConnectionSettings(emailServer);
+    const username: string = emailServer.username || "noauth";
+
+    return `${emailServer.host.toString()}:${portNumber}:${username}:${mode}`;
+  }
+
   public static getTransporter(
     emailServer: EmailServer,
     options: { timeout?: number | undefined },
   ): Transporter {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
 
     if (!this.pools.has(key)) {
       const transporter: Transporter = this.createTransporter(
@@ -59,9 +97,12 @@ class TransporterPool {
     emailServer: EmailServer,
     options: { timeout?: number | undefined },
   ): Transporter {
+    const { portNumber, wantsSecureConnection, secureConnection, requireTLS } =
+      this.resolveConnectionSettings(emailServer);
+
     let tlsOptions: tls.ConnectionOptions | undefined = undefined;
 
-    if (!emailServer.secure) {
+    if (!wantsSecureConnection) {
       tlsOptions = {
         rejectUnauthorized: false,
       };
@@ -69,8 +110,9 @@ class TransporterPool {
 
     return nodemailer.createTransport({
       host: emailServer.host.toString(),
-      port: emailServer.port.toNumber(),
-      secure: emailServer.secure,
+      port: portNumber,
+      secure: secureConnection,
+      requireTLS,
       tls: tlsOptions,
       auth:
         emailServer.username && emailServer.password
@@ -88,7 +130,7 @@ class TransporterPool {
   public static async acquireConnection(
     emailServer: EmailServer,
   ): Promise<void> {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
 
     while ((this.semaphore.get(key) || 0) >= this.MAX_CONCURRENT_CONNECTIONS) {
       await new Promise<void>((resolve: () => void) => {
@@ -100,7 +142,7 @@ class TransporterPool {
   }
 
   public static releaseConnection(emailServer: EmailServer): void {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
     const current: number = this.semaphore.get(key) || 0;
     this.semaphore.set(key, Math.max(0, current - 1));
   }

App/FeatureSet/Notification/Services/WhatsAppService.ts

@@ -0,0 +1,497 @@
+import {
+  WhatsAppTextDefaultCostInCents,
+  getMetaWhatsAppConfig,
+  MetaWhatsAppConfig,
+  DEFAULT_META_WHATSAPP_API_VERSION,
+} from "../Config";
+import BadDataException from "Common/Types/Exception/BadDataException";
+import ObjectID from "Common/Types/ObjectID";
+import UserNotificationStatus from "Common/Types/UserNotification/UserNotificationStatus";
+import WhatsAppMessage from "Common/Types/WhatsApp/WhatsAppMessage";
+import WhatsAppStatus from "Common/Types/WhatsAppStatus";
+import {
+  AuthenticationTemplates,
+  WhatsAppTemplateId,
+} from "Common/Types/WhatsApp/WhatsAppTemplates";
+import { JSONArray, JSONObject } from "Common/Types/JSON";
+import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
+import NotificationService from "Common/Server/Services/NotificationService";
+import ProjectService from "Common/Server/Services/ProjectService";
+import UserOnCallLogTimelineService from "Common/Server/Services/UserOnCallLogTimelineService";
+import WhatsAppLogService from "Common/Server/Services/WhatsAppLogService";
+import logger from "Common/Server/Utils/Logger";
+import Project from "Common/Models/DatabaseModels/Project";
+import WhatsAppLog from "Common/Models/DatabaseModels/WhatsAppLog";
+import API from "Common/Utils/API";
+import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
+import HTTPResponse from "Common/Types/API/HTTPResponse";
+import Protocol from "Common/Types/API/Protocol";
+import Route from "Common/Types/API/Route";
+import URL from "Common/Types/API/URL";
+
+const SENSITIVE_MESSAGE_PLACEHOLDER: string =
+  "This message is sensitive and is not logged";
+
+export default class WhatsAppService {
+  public static async sendWhatsApp(
+    message: WhatsAppMessage,
+    options: {
+      projectId?: ObjectID | undefined;
+      isSensitive?: boolean | undefined;
+      userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
+    } = {},
+  ): Promise<void> {
+    let sendError: Error | null = null;
+    const whatsAppLog: WhatsAppLog = new WhatsAppLog();
+
+    try {
+      if (!message.to) {
+        throw new BadDataException(
+          "WhatsApp recipient phone number is required",
+        );
+      }
+
+      if (!message.body && !message.templateKey) {
+        throw new BadDataException(
+          "Either WhatsApp message body or template key must be provided",
+        );
+      }
+
+      const isSensitiveMessage: boolean = Boolean(options.isSensitive);
+      const messageSummary: string = isSensitiveMessage
+        ? SENSITIVE_MESSAGE_PLACEHOLDER
+        : message.body ||
+          (message.templateKey
+            ? `Template: ${message.templateKey}${
+                message.templateVariables
+                  ? " Variables: " + JSON.stringify(message.templateVariables)
+                  : ""
+              }`
+            : "");
+
+      whatsAppLog.toNumber = message.to;
+      whatsAppLog.messageText = messageSummary;
+      whatsAppLog.whatsAppCostInUSDCents = 0;
+
+      if (options.projectId) {
+        whatsAppLog.projectId = options.projectId;
+      }
+
+      if (options.incidentId) {
+        whatsAppLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        whatsAppLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        whatsAppLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        whatsAppLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        whatsAppLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        whatsAppLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        whatsAppLog.teamId = options.teamId;
+      }
+
+      if (options.onCallPolicyId) {
+        whatsAppLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        whatsAppLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        whatsAppLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
+      const config: MetaWhatsAppConfig = await getMetaWhatsAppConfig();
+
+      let messageCost: number = 0;
+      const shouldChargeForMessage: boolean = IsBillingEnabled;
+
+      if (shouldChargeForMessage) {
+        messageCost = WhatsAppTextDefaultCostInCents / 100;
+      }
+
+      let project: Project | null = null;
+
+      if (options.projectId) {
+        project = await ProjectService.findOneById({
+          id: options.projectId,
+          select: {
+            smsOrCallCurrentBalanceInUSDCents: true,
+            lowCallAndSMSBalanceNotificationSentToOwners: true,
+            name: true,
+            notEnabledSmsOrCallNotificationSentToOwners: true,
+          },
+          props: {
+            isRoot: true,
+          },
+        });
+
+        if (!project) {
+          whatsAppLog.status = WhatsAppStatus.Error;
+          whatsAppLog.statusMessage = `Project ${options.projectId.toString()} not found.`;
+          logger.error(whatsAppLog.statusMessage);
+          await WhatsAppLogService.create({
+            data: whatsAppLog,
+            props: {
+              isRoot: true,
+            },
+          });
+          return;
+        }
+
+        if (shouldChargeForMessage) {
+          let updatedBalance: number =
+            project.smsOrCallCurrentBalanceInUSDCents || 0;
+
+          try {
+            updatedBalance = await NotificationService.rechargeIfBalanceIsLow(
+              project.id!,
+            );
+          } catch (err) {
+            logger.error(err);
+          }
+
+          project.smsOrCallCurrentBalanceInUSDCents = updatedBalance;
+
+          if (!project.smsOrCallCurrentBalanceInUSDCents) {
+            whatsAppLog.status = WhatsAppStatus.LowBalance;
+            whatsAppLog.statusMessage = `Project ${options.projectId.toString()} does not have enough balance for WhatsApp messages.`;
+            logger.error(whatsAppLog.statusMessage);
+
+            await WhatsAppLogService.create({
+              data: whatsAppLog,
+              props: {
+                isRoot: true,
+              },
+            });
+
+            if (!project.lowCallAndSMSBalanceNotificationSentToOwners) {
+              await ProjectService.updateOneById({
+                id: project.id!,
+                data: {
+                  lowCallAndSMSBalanceNotificationSentToOwners: true,
+                },
+                props: {
+                  isRoot: true,
+                },
+              });
+
+              await ProjectService.sendEmailToProjectOwners(
+                project.id!,
+                `Low WhatsApp message balance for ${project.name || ""}`,
+                `We tried to send a WhatsApp message to ${message.to.toString()} with message:<br/><br/>${messageSummary}<br/><br/>The message was not sent because your project does not have enough balance for WhatsApp messages. Current balance is ${
+                  (project.smsOrCallCurrentBalanceInUSDCents || 0) / 100
+                } USD. Required balance for this message is ${messageCost} USD. Please enable auto recharge or recharge manually.`,
+              );
+            }
+            return;
+          }
+
+          if (project.smsOrCallCurrentBalanceInUSDCents < messageCost * 100) {
+            whatsAppLog.status = WhatsAppStatus.LowBalance;
+            whatsAppLog.statusMessage = `Project does not have enough balance to send WhatsApp message. Current balance is ${
+              project.smsOrCallCurrentBalanceInUSDCents / 100
+            } USD. Required balance is ${messageCost} USD.`;
+            logger.error(whatsAppLog.statusMessage);
+
+            await WhatsAppLogService.create({
+              data: whatsAppLog,
+              props: {
+                isRoot: true,
+              },
+            });
+
+            if (!project.lowCallAndSMSBalanceNotificationSentToOwners) {
+              await ProjectService.updateOneById({
+                id: project.id!,
+                data: {
+                  lowCallAndSMSBalanceNotificationSentToOwners: true,
+                },
+                props: {
+                  isRoot: true,
+                },
+              });
+
+              await ProjectService.sendEmailToProjectOwners(
+                project.id!,
+                `Low WhatsApp message balance for ${project.name || ""}`,
+                `We tried to send a WhatsApp message to ${message.to.toString()} with message:<br/><br/>${messageSummary}<br/><br/>The message was not sent because your project does not have enough balance for WhatsApp messages. Current balance is ${
+                  project.smsOrCallCurrentBalanceInUSDCents / 100
+                } USD. Required balance is ${messageCost} USD. Please enable auto recharge or recharge manually.`,
+              );
+            }
+            return;
+          }
+        }
+      }
+
+      const payload: JSONObject = {
+        messaging_product: "whatsapp",
+        recipient_type: "individual",
+        to: message.to.toString(),
+      } as JSONObject;
+
+      if (!message.templateKey) {
+        throw new BadDataException("WhatsApp message template key is required");
+      }
+
+      if (message.templateKey) {
+        const template: JSONObject = {
+          name: message.templateKey,
+          language: {
+            code: message.templateLanguageCode || "en",
+          },
+        } as JSONObject;
+
+        const components: JSONArray = [];
+
+        if (
+          message.templateVariables &&
+          Object.keys(message.templateVariables).length > 0
+        ) {
+          const parameters: JSONArray = [];
+
+          for (const [key, value] of Object.entries(
+            message.templateVariables,
+          )) {
+            parameters.push({
+              type: "text",
+              parameter_name: key,
+              text: value,
+            } as JSONObject);
+          }
+
+          if (parameters.length > 0) {
+            components.push({
+              type: "body",
+              parameters,
+            } as JSONObject);
+          }
+        }
+
+        /*
+         * Check if this is an authentication template
+         * Authentication templates may have special requirements including button components
+         */
+        const isAuthTemplate: boolean = AuthenticationTemplates.has(
+          message.templateKey as WhatsAppTemplateId,
+        );
+
+        if (isAuthTemplate) {
+          logger.info(
+            `Sending authentication template: ${message.templateKey}`,
+          );
+
+          /*
+           * Authentication templates in WhatsApp may have a button component for "Copy Code"
+           * If the template was created with a button, we need to provide button parameters
+           */
+          if (message.templateVariables) {
+            const otpCode: string | undefined =
+              message.templateVariables["1"] ||
+              message.templateVariables["otp"] ||
+              message.templateVariables["code"];
+
+            if (otpCode) {
+              /*
+               * Add button component - the index should match the button position in the template
+               * Usually authentication templates have the button as the first (and only) button
+               */
+              components.push({
+                type: "button",
+                sub_type: "url",
+                index: 0,
+                parameters: [
+                  {
+                    type: "text",
+                    text: otpCode,
+                  },
+                ],
+              } as JSONObject);
+            }
+          }
+        }
+
+        if (components.length > 0) {
+          template["components"] = components;
+        }
+
+        payload["type"] = "template";
+        payload["template"] = template;
+      } else {
+        payload["type"] = "text";
+        payload["text"] = {
+          body: message.body || "",
+        } as JSONObject;
+      }
+
+      const apiVersion: string =
+        config.apiVersion?.trim() || DEFAULT_META_WHATSAPP_API_VERSION;
+
+      const url: URL = new URL(
+        Protocol.HTTPS,
+        "graph.facebook.com",
+        new Route(`${apiVersion}/${config.phoneNumberId}/messages`),
+      );
+
+      logger.debug(`WhatsApp API request: ${JSON.stringify(payload)}`);
+
+      const response: HTTPResponse<JSONObject> | HTTPErrorResponse =
+        await API.post<JSONObject>({
+          url,
+          data: payload,
+          headers: {
+            Authorization: `Bearer ${config.accessToken}`,
+            "Content-Type": "application/json",
+          },
+        });
+
+      if (response instanceof HTTPErrorResponse) {
+        logger.error("Failed to send WhatsApp message.");
+        logger.error(response);
+        const responseDataAsJSONObject: JSONObject = response.data;
+        const responseJsonAsJSONObject: JSONObject | undefined =
+          (response.jsonData as JSONObject | undefined) || undefined;
+
+        // Log full error details for debugging
+        const errorObject: JSONObject | undefined =
+          (responseDataAsJSONObject["error"] as JSONObject | undefined) ||
+          (responseJsonAsJSONObject?.["error"] as JSONObject | undefined);
+
+        if (errorObject) {
+          logger.error("WhatsApp API Error Details:");
+          logger.error(JSON.stringify(errorObject, null, 2));
+        }
+
+        const detailedErrorMessage: string | undefined =
+          ((responseDataAsJSONObject["error"] as JSONObject | undefined)?.[
+            "message"
+          ] as string | undefined) ||
+          ((responseJsonAsJSONObject?.["error"] as JSONObject | undefined)?.[
+            "message"
+          ] as string | undefined);
+
+        throw new BadDataException(
+          detailedErrorMessage || "Failed to send WhatsApp message.",
+        );
+      }
+
+      const responseData: JSONObject = (response.jsonData || {}) as JSONObject;
+
+      let messageId: string | undefined = undefined;
+      const messagesArray: JSONArray | undefined =
+        (responseData["messages"] as JSONArray) || undefined;
+
+      if (Array.isArray(messagesArray) && messagesArray.length > 0) {
+        const firstMessage: JSONObject = messagesArray[0] as JSONObject;
+        if (firstMessage["id"]) {
+          messageId = firstMessage["id"] as string;
+        }
+      }
+
+      if (messageId) {
+        whatsAppLog.whatsAppMessageId = messageId;
+      }
+
+      whatsAppLog.status = WhatsAppStatus.Sent;
+      whatsAppLog.statusMessage = messageId
+        ? `Message ID: ${messageId}`
+        : "WhatsApp message sent successfully";
+
+      if (shouldChargeForMessage && project) {
+        const deduction: number = Math.floor(messageCost * 100);
+        whatsAppLog.whatsAppCostInUSDCents = deduction;
+
+        project.smsOrCallCurrentBalanceInUSDCents = Math.max(
+          0,
+          Math.floor(
+            (project.smsOrCallCurrentBalanceInUSDCents || 0) - deduction,
+          ),
+        );
+
+        await ProjectService.updateOneById({
+          id: project.id!,
+          data: {
+            smsOrCallCurrentBalanceInUSDCents:
+              project.smsOrCallCurrentBalanceInUSDCents,
+            notEnabledSmsOrCallNotificationSentToOwners: false,
+          },
+          props: {
+            isRoot: true,
+          },
+        });
+      }
+    } catch (error: any) {
+      logger.error("Failed to send WhatsApp message.");
+      logger.error(error);
+      whatsAppLog.whatsAppCostInUSDCents = 0;
+      whatsAppLog.status = WhatsAppStatus.Error;
+      const errorMessage: string =
+        error && error.message ? error.message.toString() : `${error}`;
+      whatsAppLog.statusMessage = errorMessage;
+
+      sendError = error;
+    }
+
+    if (options.projectId) {
+      await WhatsAppLogService.create({
+        data: whatsAppLog,
+        props: {
+          isRoot: true,
+        },
+      });
+    }
+
+    if (options.userOnCallLogTimelineId) {
+      await UserOnCallLogTimelineService.updateOneById({
+        id: options.userOnCallLogTimelineId,
+        data: {
+          status: [
+            WhatsAppStatus.Success,
+            WhatsAppStatus.Sent,
+            WhatsAppStatus.Delivered,
+            WhatsAppStatus.Read,
+          ].includes(whatsAppLog.status || WhatsAppStatus.Error)
+            ? UserNotificationStatus.Sent
+            : UserNotificationStatus.Error,
+          statusMessage: whatsAppLog.statusMessage,
+        },
+        props: {
+          isRoot: true,
+        },
+      });
+    }
+
+    if (sendError) {
+      throw sendError;
+    }
+  }
+}

App/FeatureSet/Notification/Utils/Handlebars.ts

@@ -42,10 +42,10 @@ loadPartials().catch((err: Error) => {
 
 Handlebars.registerHelper("ifCond", function (v1, v2, options) {
   if (v1 === v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });
 
@@ -56,9 +56,9 @@ Handlebars.registerHelper("concat", (v1: any, v2: any) => {
 
 Handlebars.registerHelper("ifNotCond", function (v1, v2, options) {
   if (v1 !== v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });

App/nodemon.json

@@ -1,7 +1,11 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
     "watchOptions": {
@@ -12,5 +16,5 @@
         "TS_NODE_TRANSPILE_ONLY": "1",
         "TS_NODE_FILES": "false"
     },
-    "exec": "node --inspect=0.0.0.0:9229 -r ts-node/register/transpile-only Index.ts"
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

App/package-lock.json

@@ -59,7 +59,9 @@
         "@opentelemetry/sdk-trace-web": "^1.25.1",
         "@opentelemetry/semantic-conventions": "^1.26.0",
         "@remixicon/react": "^4.2.0",
+        "@simplewebauthn/server": "^13.2.2",
         "@tippyjs/react": "^4.2.6",
+        "@types/archiver": "^6.0.3",
         "@types/crypto-js": "^4.2.2",
         "@types/qrcode": "^1.5.5",
         "@types/react-highlight": "^0.12.8",
@@ -68,7 +70,9 @@
         "@types/web-push": "^3.6.4",
         "acme-client": "^5.3.0",
         "airtable": "^0.12.2",
-        "axios": "^1.7.2",
+        "archiver": "^7.0.1",
+        "axios": "^1.12.0",
+        "botbuilder": "^4.23.3",
         "bullmq": "^5.3.3",
         "cookie-parser": "^1.4.7",
         "cors": "^2.8.5",
@@ -76,6 +80,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",

App/package.json

@@ -18,8 +18,6 @@
   "dependencies": {
     "@sendgrid/mail": "^8.1.0",
     "Common": "file:../Common",
-    
-
     "ejs": "^3.1.9",
     "handlebars": "^4.7.8",
     "nodemailer": "^6.9.7",

Common/Models/AnalyticsModels/Index.ts

@@ -2,7 +2,6 @@ import AnalyticsBaseModel from "./AnalyticsBaseModel/AnalyticsBaseModel";
 import Log from "./Log";
 import Metric from "./Metric";
 import Span from "./Span";
-import TelemetryAttribute from "./TelemetryAttribute";
 import ExceptionInstance from "./ExceptionInstance";
 import MonitorLog from "./MonitorLog";
 
@@ -10,7 +9,6 @@ const AnalyticsModels: Array<{ new (): AnalyticsBaseModel }> = [
   Log,
   Span,
   Metric,
-  TelemetryAttribute,
   ExceptionInstance,
   MonitorLog,
 ];

Common/Models/AnalyticsModels/TelemetryAttribute.ts

@@ -1,164 +0,0 @@
-import AnalyticsBaseModel from "./AnalyticsBaseModel/AnalyticsBaseModel";
-import Route from "../../Types/API/Route";
-import AnalyticsTableEngine from "../../Types/AnalyticsDatabase/AnalyticsTableEngine";
-import AnalyticsTableColumn from "../../Types/AnalyticsDatabase/TableColumn";
-import TableColumnType from "../../Types/AnalyticsDatabase/TableColumnType";
-import TelemetryType from "../../Types/Telemetry/TelemetryType";
-import ObjectID from "../../Types/ObjectID";
-import Permission from "../../Types/Permission";
-
-export default class TelemetryAttribute extends AnalyticsBaseModel {
-  public constructor() {
-    super({
-      tableName: "TelemetryAttribute",
-      tableEngine: AnalyticsTableEngine.MergeTree,
-      singularName: "Telemetry Attribute",
-      pluralName: "Telemetry Attributes",
-      crudApiPath: new Route("/telemetry-attributes"),
-      accessControl: {
-        read: [
-          Permission.ProjectOwner,
-          Permission.ProjectAdmin,
-          Permission.ProjectMember,
-          Permission.ReadTelemetryServiceTraces,
-          Permission.ReadTelemetryServiceLog,
-          Permission.ReadTelemetryServiceMetrics,
-        ],
-        create: [
-          Permission.ProjectOwner,
-          Permission.ProjectAdmin,
-          Permission.ProjectMember,
-          Permission.CreateTelemetryServiceTraces,
-          Permission.CreateTelemetryServiceLog,
-          Permission.CreateTelemetryServiceMetrics,
-        ],
-        update: [
-          Permission.ProjectOwner,
-          Permission.ProjectAdmin,
-          Permission.ProjectMember,
-          Permission.EditTelemetryServiceTraces,
-          Permission.EditTelemetryServiceLog,
-          Permission.EditTelemetryServiceMetrics,
-        ],
-        delete: [
-          Permission.ProjectOwner,
-          Permission.ProjectAdmin,
-          Permission.ProjectMember,
-          Permission.DeleteTelemetryServiceTraces,
-          Permission.DeleteTelemetryServiceLog,
-          Permission.DeleteTelemetryServiceMetrics,
-        ],
-      },
-      tableColumns: [
-        new AnalyticsTableColumn({
-          key: "projectId",
-          title: "Project ID",
-          description: "ID of project",
-          required: true,
-          type: TableColumnType.ObjectID,
-          isTenantId: true,
-          accessControl: {
-            read: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.ReadTelemetryServiceTraces,
-              Permission.ReadTelemetryServiceLog,
-              Permission.ReadTelemetryServiceMetrics,
-            ],
-            create: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.EditTelemetryServiceTraces,
-              Permission.EditTelemetryServiceLog,
-              Permission.EditTelemetryServiceMetrics,
-            ],
-            update: [],
-          },
-        }),
-
-        new AnalyticsTableColumn({
-          key: "telemetryType",
-          title: "Telemetry Type",
-          description: "Type of telemetry",
-          required: true,
-          type: TableColumnType.Text,
-          accessControl: {
-            read: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.ReadTelemetryServiceTraces,
-              Permission.ReadTelemetryServiceLog,
-              Permission.ReadTelemetryServiceMetrics,
-            ],
-            create: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.EditTelemetryServiceTraces,
-              Permission.EditTelemetryServiceLog,
-              Permission.EditTelemetryServiceMetrics,
-            ],
-            update: [],
-          },
-        }),
-
-        new AnalyticsTableColumn({
-          key: "attributes",
-          title: "Attributes",
-          description: "Attributes",
-          required: true,
-          type: TableColumnType.JSONArray,
-          accessControl: {
-            read: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.ReadTelemetryServiceTraces,
-              Permission.ReadTelemetryServiceLog,
-              Permission.ReadTelemetryServiceMetrics,
-            ],
-            create: [
-              Permission.ProjectOwner,
-              Permission.ProjectAdmin,
-              Permission.ProjectMember,
-              Permission.EditTelemetryServiceTraces,
-              Permission.EditTelemetryServiceLog,
-              Permission.EditTelemetryServiceMetrics,
-            ],
-            update: [],
-          },
-        }),
-      ],
-      sortKeys: ["projectId", "telemetryType"],
-      primaryKeys: ["projectId", "telemetryType"],
-      partitionKey: "sipHash64(projectId) % 16",
-    });
-  }
-
-  public get projectId(): ObjectID | undefined {
-    return this.getColumnValue("projectId") as ObjectID | undefined;
-  }
-
-  public set projectId(v: ObjectID | undefined) {
-    this.setColumnValue("projectId", v);
-  }
-
-  public get telemetryType(): TelemetryType | undefined {
-    return this.getColumnValue("telemetryType") as TelemetryType | undefined;
-  }
-
-  public set telemetryType(v: TelemetryType | undefined) {
-    this.setColumnValue("telemetryType", v);
-  }
-
-  public get attributes(): Array<string> | undefined {
-    return this.getColumnValue("attributes") as Array<string> | undefined;
-  }
-
-  public set attributes(v: Array<string> | undefined) {
-    this.setColumnValue("attributes", v);
-  }
-}

Common/Models/DatabaseModels/GlobalConfig.ts

@@ -262,6 +262,115 @@ export default class GlobalConfig extends GlobalConfigModel {
   })
   public twilioSecondaryPhoneNumbers?: string = undefined; // phone numbers separated by comma
 
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Meta WhatsApp Access Token",
+    description:
+      "Access token generated from Meta for sending WhatsApp messages.",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAccessToken?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp Phone Number ID",
+    description: "The WhatsApp Business phone number ID from Meta.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppPhoneNumberId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp Business Account ID",
+    description: "Business account ID associated with your WhatsApp setup.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppBusinessAccountId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp App ID",
+    description:
+      "Facebook App ID used for the WhatsApp Business Platform integration.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAppId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Meta WhatsApp App Secret",
+    description: "Facebook App Secret for the WhatsApp Business Platform.",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAppSecret?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp Webhook Verify Token",
+    description:
+      "Verify token configured in Meta to validate webhook subscriptions.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppWebhookVerifyToken?: string = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/IncidentTemplate.ts

@@ -716,6 +716,77 @@ export default class IncidentTemplate extends BaseModel {
   })
   public changeMonitorStatusToId?: ObjectID = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "initialIncidentStateId",
+    type: TableColumnType.Entity,
+    modelType: IncidentState,
+    title: "Initial Incident State",
+    description:
+      "Relation to Incident State Object. Incidents created from this template will start in this state.",
+  })
+  @ManyToOne(
+    () => {
+      return IncidentState;
+    },
+    {
+      eager: false,
+      nullable: true,
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "initialIncidentStateId" })
+  public initialIncidentState?: IncidentState = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentTemplate,
+    ],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    title: "Initial Incident State ID",
+    description:
+      "Relation to Incident State Object ID. Incidents created from this template will start in this state.",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public initialIncidentStateId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/Index.ts

@@ -100,6 +100,7 @@ import ServiceCopilotCodeRepository from "./ServiceCopilotCodeRepository";
 import ShortLink from "./ShortLink";
 // SMS
 import SmsLog from "./SmsLog";
+import WhatsAppLog from "./WhatsAppLog";
 import PushNotificationLog from "./PushNotificationLog";
 import WorkspaceNotificationLog from "./WorkspaceNotificationLog";
 // Status Page
@@ -123,6 +124,7 @@ import StatusPageSubscriber from "./StatusPageSubscriber";
 import Team from "./Team";
 import TeamMember from "./TeamMember";
 import TeamPermission from "./TeamPermission";
+import TeamComplianceSetting from "./TeamComplianceSetting";
 import TelemetryService from "./TelemetryService";
 import UsageBilling from "./TelemetryUsageBilling";
 import User from "./User";
@@ -130,6 +132,7 @@ import UserCall from "./UserCall";
 // Notification Methods
 import UserEmail from "./UserEmail";
 import UserPush from "./UserPush";
+import UserWhatsApp from "./UserWhatsApp";
 // User Notification Rules
 import UserNotificationRule from "./UserNotificationRule";
 import UserNotificationSetting from "./UserNotificationSetting";
@@ -145,7 +148,8 @@ import ServiceCatalogDependency from "./ServiceCatalogDependency";
 import ServiceCatalogMonitor from "./ServiceCatalogMonitor";
 import ServiceCatalogTelemetryService from "./ServiceCatalogTelemetryService";
 
-import UserTwoFactorAuth from "./UserTwoFactorAuth";
+import UserTotpAuth from "./UserTotpAuth";
+import UserWebAuthn from "./UserWebAuthn";
 
 import TelemetryIngestionKey from "./TelemetryIngestionKey";
 
@@ -196,6 +200,7 @@ const AllModelTypes: Array<{
   Team,
   TeamMember,
   TeamPermission,
+  TeamComplianceSetting,
   ApiKey,
   Label,
   ApiKeyPermission,
@@ -294,6 +299,7 @@ const AllModelTypes: Array<{
   StatusPageOwnerUser,
 
   SmsLog,
+  WhatsAppLog,
   PushNotificationLog,
   WorkspaceNotificationLog,
   CallLog,
@@ -303,6 +309,7 @@ const AllModelTypes: Array<{
   UserSms,
   UserCall,
   UserPush,
+  UserWhatsApp,
 
   UserNotificationRule,
   UserOnCallLog,
@@ -364,7 +371,8 @@ const AllModelTypes: Array<{
   ProbeOwnerTeam,
   ProbeOwnerUser,
 
-  UserTwoFactorAuth,
+  UserTotpAuth,
+  UserWebAuthn,
 
   TelemetryIngestionKey,
 

Common/Models/DatabaseModels/OnCallDutyPolicy.ts

@@ -29,10 +29,17 @@ import {
   ManyToOne,
 } from "typeorm";
 import NotificationRuleWorkspaceChannel from "../../Types/Workspace/NotificationRules/NotificationRuleWorkspaceChannel";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRule.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleSchedule.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleSchedule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-schedule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-schedule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleSchedule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleTeam.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleTeam,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-team"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-team"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleTeam",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleUser.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleUser,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-user"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-user"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleUser",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyExecutionLog.ts

@@ -25,6 +25,7 @@ import Permission from "../../Types/Permission";
 import UserNotificationEventType from "../../Types/UserNotification/UserNotificationEventType";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import Alert from "./Alert";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @TableBillingAccessControl({
   create: PlanType.Growth,
@@ -32,6 +33,12 @@ import Alert from "./Alert";
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @EnableDocumentation()
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicySchedule.ts

@@ -29,6 +29,7 @@ import {
   ManyToMany,
   ManyToOne,
 } from "typeorm";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -37,6 +38,12 @@ import {
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicyTimeLog.ts

@@ -17,6 +17,7 @@ import Permission from "../../Types/Permission";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
 import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -26,6 +27,12 @@ import { PlanType } from "../../Types/Billing/SubscriptionPlan";
   delete: PlanType.Growth,
 })
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,

Common/Models/DatabaseModels/OnCallDutyPolicyUserOverride.ts

@@ -132,9 +132,11 @@ export default class OnCallDutyPolicyUserOverride extends BaseModel {
   })
   public projectId?: ObjectID = undefined;
 
-  // If this is null then it's a global override
-  // If this is set then it's a policy specific override
-  // Policy specifc override will take precedence over global override
+  /*
+   * If this is null then it's a global override
+   * If this is set then it's a policy specific override
+   * Policy specifc override will take precedence over global override
+   */
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/Project.ts

@@ -134,7 +134,7 @@ export default class Project extends TenantModel {
       Permission.UnAuthorizedSsoUser,
       Permission.ProjectUser,
     ],
-    update: [Permission.ProjectOwner],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
   })
   @TableColumn({ type: TableColumnType.ShortText })
   @Column({
@@ -798,6 +798,33 @@ export default class Project extends TenantModel {
   })
   public enableSmsNotifications?: boolean = undefined;
 
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    required: true,
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable WhatsApp Notifications",
+    description: "Enable WhatsApp notifications for this project.",
+    defaultValue: false,
+  })
+  @Column({
+    nullable: false,
+    default: false,
+    type: ColumnType.Boolean,
+  })
+  public enableWhatsAppNotifications?: boolean = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [
@@ -1291,4 +1318,63 @@ export default class Project extends TenantModel {
     type: ColumnType.Boolean,
   })
   public letCustomerSupportAccessProject?: boolean = undefined;
+
+  /*
+   * This is an internal field. This is used for internal analytics for example: Metabase.
+   * Values can be between 0 and 100.
+   */
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.Number,
+    isDefaultValueColumn: true,
+    hideColumnInDocumentation: true,
+    title: "Discount Percent",
+    description: "Discount percentage applied to the project billing",
+    defaultValue: 0,
+  })
+  @Column({
+    type: ColumnType.Number,
+    nullable: false,
+    unique: false,
+    default: 0,
+  })
+  public discountPercent?: number = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProject,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.Boolean,
+    isDefaultValueColumn: false,
+    title: "Do NOT auto-add Global Probes to new monitors",
+    description:
+      "If enabled, global probes will NOT be automatically added to new monitors. Enable this only if you are using ONLY custom probes to monitor your resources.",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    nullable: false,
+    unique: false,
+    default: false,
+  })
+  public doNotAddGlobalProbesByDefaultOnNewMonitors?: boolean = undefined;
 }

Common/Models/DatabaseModels/ProjectSCIM.ts

@@ -334,6 +334,37 @@ export default class ProjectSCIM extends BaseModel {
   })
   public autoDeprovisionUsers?: boolean = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable Push Groups",
+    description: "Enable push groups provisioning instead of default teams",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public enablePushGroups?: boolean = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [

Common/Models/DatabaseModels/ProjectSmtpConfig.ts

@@ -336,8 +336,10 @@ export default class ProjectSmtpConfig extends BaseModel {
   })
   public deletedByUserId?: ObjectID = undefined;
 
-  // This is not required because some SMTP servers do not require authentication.
-  // eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+  /*
+   * This is not required because some SMTP servers do not require authentication.
+   * eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+   */
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/StatusPageAnnouncement.ts

@@ -1,3 +1,4 @@
+import Monitor from "./Monitor";
 import Project from "./Project";
 import StatusPage from "./StatusPage";
 import User from "./User";
@@ -198,6 +199,53 @@ export default class StatusPageAnnouncement extends BaseModel {
   })
   public statusPages?: Array<StatusPage> = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncement,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageAnnouncement,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncement,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Monitor,
+    title: "Monitors",
+    description:
+      "List of monitors affected by this announcement. If none are selected, all subscribers will be notified.",
+  })
+  @ManyToMany(
+    () => {
+      return Monitor;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "AnnouncementMonitor",
+    inverseJoinColumn: {
+      name: "monitorId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "announcementId",
+      referencedColumnName: "_id",
+    },
+  })
+  public monitors?: Array<Monitor> = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/StatusPageAnnouncementTemplate.ts

@@ -1,3 +1,4 @@
+import Monitor from "./Monitor";
 import Project from "./Project";
 import StatusPage from "./StatusPage";
 import User from "./User";
@@ -328,6 +329,53 @@ export default class StatusPageAnnouncementTemplate extends BaseModel {
   })
   public statusPages?: Array<StatusPage> = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncementTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageAnnouncementTemplate,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncementTemplate,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Monitor,
+    title: "Monitors",
+    description:
+      "List of monitors affected by this announcement template. If none are selected, all subscribers will be notified.",
+  })
+  @ManyToMany(
+    () => {
+      return Monitor;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "AnnouncementTemplateMonitor",
+    inverseJoinColumn: {
+      name: "monitorId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "announcementTemplateId",
+      referencedColumnName: "_id",
+    },
+  })
+  public monitors?: Array<Monitor> = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/StatusPageDomain.ts

@@ -420,10 +420,12 @@ export default class StatusPageDomain extends BaseModel {
   @JoinColumn({ name: "deletedByUserId" })
   public deletedByUser?: User = undefined;
 
-  // This token is used by the Worker.
-  // worker pings the status page of customers - eg: status.company.com/verify-token/:id
-  // and the end  point on Status Page project returns 200.
-  // when that happens the isCnameVerified is set to True and the certificate is added to Greenlock.
+  /*
+   * This token is used by the Worker.
+   * worker pings the status page of customers - eg: status.company.com/verify-token/:id
+   * and the end  point on Status Page project returns 200.
+   * when that happens the isCnameVerified is set to True and the certificate is added to Greenlock.
+   */
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/TeamComplianceSetting.ts

@@ -0,0 +1,403 @@
+import Project from "./Project";
+import Team from "./Team";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import { JSONObject } from "../../Types/JSON";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import ComplianceRuleType from "../../Types/Team/ComplianceRuleType";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@TableBillingAccessControl({
+  create: PlanType.Scale,
+  read: PlanType.Free,
+  update: PlanType.Scale,
+  delete: PlanType.Free,
+})
+@EnableDocumentation()
+@TableAccessControl({
+  create: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadProjectTeam,
+  ],
+  delete: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+  update: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+})
+@TenantColumn("projectId")
+@CrudApiEndpoint(new Route("/team-compliance-setting"))
+@Index(["teamId", "ruleType"], { unique: true })
+@Entity({
+  name: "TeamComplianceSetting",
+})
+@EnableWorkflow({
+  create: false,
+  delete: false,
+  update: false,
+  read: false,
+})
+@TableMetadata({
+  tableName: "TeamComplianceSetting",
+  singularName: "Team Compliance Setting",
+  pluralName: "Team Compliance Settings",
+  icon: IconProp.CheckCircle,
+  tableDescription: "Compliance settings for your OneUptime team",
+})
+export default class TeamComplianceSetting extends BaseModel {
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team this compliance setting belongs to.",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    title: "Team ID",
+    description: "ID of Team this compliance setting belongs to.",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Rule Type",
+    description: "Type of compliance rule.",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public ruleType?: ComplianceRuleType = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enabled",
+    description: "Whether this compliance rule is enabled.",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public enabled?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.JSON,
+    title: "Options",
+    description: "Additional options for this compliance rule.",
+  })
+  @Column({
+    type: ColumnType.JSON,
+    nullable: true,
+  })
+  public options?: JSONObject = undefined;
+}

Common/Models/DatabaseModels/TelemetryException.ts

@@ -8,7 +8,6 @@ import ColumnLength from "../../Types/Database/ColumnLength";
 import ColumnType from "../../Types/Database/ColumnType";
 import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
 import EnableDocumentation from "../../Types/Database/EnableDocumentation";
-import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 import TableColumn from "../../Types/Database/TableColumn";
 import TableColumnType from "../../Types/Database/TableColumnType";
 import TableMetadata from "../../Types/Database/TableMetadata";
@@ -45,12 +44,6 @@ import TelemetryService from "./TelemetryService";
     Permission.EditTelemetryException,
   ],
 })
-@EnableWorkflow({
-  create: true,
-  delete: true,
-  update: true,
-  read: true,
-})
 @CrudApiEndpoint(new Route("/telemetry-exception-status"))
 @TableMetadata({
   tableName: "TelemetryException",

Common/Models/DatabaseModels/User.ts

@@ -1,7 +1,6 @@
 import File from "./File";
 import UserModel from "../../Models/DatabaseModels/DatabaseBaseModel/UserModel";
 import Route from "../../Types/API/Route";
-import URL from "../../Types/API/URL";
 import CompanySize from "../../Types/Company/CompanySize";
 import JobRole from "../../Types/Company/JobRole";
 import AllowAccessIfSubscriptionIsUnpaid from "../../Types/Database/AccessControl/AllowAccessIfSubscriptionIsUnpaid";
@@ -301,51 +300,6 @@ class User extends UserModel {
   })
   public twoFactorAuthEnabled?: boolean = undefined;
 
-  @ColumnAccessControl({
-    create: [],
-    read: [],
-
-    update: [],
-  })
-  @TableColumn({ type: TableColumnType.ShortText })
-  @Column({
-    type: ColumnType.ShortText,
-    length: ColumnLength.ShortText,
-    nullable: true,
-    unique: false,
-  })
-  public twoFactorSecretCode?: string = undefined;
-
-  @ColumnAccessControl({
-    create: [],
-    read: [],
-
-    update: [],
-  })
-  @TableColumn({ type: TableColumnType.ShortURL })
-  @Column({
-    type: ColumnType.ShortURL,
-    length: ColumnLength.ShortURL,
-    nullable: true,
-    unique: false,
-    transformer: URL.getDatabaseTransformer(),
-  })
-  public twoFactorAuthUrl?: URL = undefined;
-
-  @ColumnAccessControl({
-    create: [],
-    read: [Permission.CurrentUser],
-
-    update: [],
-  })
-  @TableColumn({ type: TableColumnType.Array })
-  @Column({
-    type: ColumnType.Array,
-    nullable: true,
-    unique: false,
-  })
-  public backupCodes?: Array<string> = undefined;
-
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/UserNotificationRule.ts

@@ -6,6 +6,7 @@ import UserCall from "./UserCall";
 import UserEmail from "./UserEmail";
 import UserPush from "./UserPush";
 import UserSMS from "./UserSMS";
+import UserWhatsApp from "./UserWhatsApp";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
@@ -383,6 +384,53 @@ class UserNotificationRule extends BaseModel {
   })
   public userSmsId?: ObjectID = undefined;
 
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userWhatsAppId",
+    type: TableColumnType.Entity,
+    modelType: UserWhatsApp,
+    title: "User WhatsApp",
+    description:
+      "Relation to User WhatsApp Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return UserWhatsApp;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userWhatsAppId" })
+  public userWhatsApp?: UserWhatsApp = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User WhatsApp ID",
+    description: "ID of User WhatsApp in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userWhatsAppId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [Permission.CurrentUser],
     read: [Permission.CurrentUser],

Common/Models/DatabaseModels/UserNotificationSetting.ts

@@ -273,6 +273,22 @@ class UserNotificationSetting extends BaseModel {
   })
   public alertBySMS?: boolean = undefined;
 
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [Permission.CurrentUser],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public alertByWhatsApp?: boolean = undefined;
+
   @ColumnAccessControl({
     create: [Permission.CurrentUser],
     read: [Permission.CurrentUser],

Common/Models/DatabaseModels/UserOnCallLogTimeline.ts

@@ -13,6 +13,7 @@ import UserNotificationRule from "./UserNotificationRule";
 import UserPush from "./UserPush";
 import UserOnCallLog from "./UserOnCallLog";
 import UserSMS from "./UserSMS";
+import UserWhatsApp from "./UserWhatsApp";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import { PlanType } from "../../Types/Billing/SubscriptionPlan";
@@ -834,6 +835,53 @@ export default class UserOnCallLogTimeline extends BaseModel {
   })
   public userSmsId?: ObjectID = undefined;
 
+  @ColumnAccessControl({
+    create: [],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userWhatsAppId",
+    type: TableColumnType.Entity,
+    modelType: UserWhatsApp,
+    title: "User WhatsApp",
+    description:
+      "Relation to User WhatsApp Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return UserWhatsApp;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userWhatsAppId" })
+  public userWhatsApp?: UserWhatsApp = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User WhatsApp ID",
+    description: "ID of User WhatsApp in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userWhatsAppId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [Permission.CurrentUser],

Common/Models/DatabaseModels/UserTotpAuth.ts

@@ -27,19 +27,19 @@ import { Column, Entity, JoinColumn, ManyToOne } from "typeorm";
   delete: [Permission.CurrentUser],
   update: [Permission.CurrentUser],
 })
-@CrudApiEndpoint(new Route("/user-two-factor-auth"))
+@CrudApiEndpoint(new Route("/user-totp-auth"))
 @Entity({
-  name: "UserTwoFactorAuth",
+  name: "UserTotpAuth",
 })
 @TableMetadata({
-  tableName: "UserTwoFactorAuth",
-  singularName: "Two Factor Auth",
-  pluralName: "Two Factor Auth",
+  tableName: "UserTotpAuth",
+  singularName: "TOTP Auth",
+  pluralName: "TOTP Auth",
   icon: IconProp.ShieldCheck,
-  tableDescription: "Two Factor Authentication for users",
+  tableDescription: "TOTP Authentication for users",
 })
 @CurrentUserCanAccessRecordBy("userId")
-class UserTwoFactorAuth extends BaseModel {
+class UserTotpAuth extends BaseModel {
   @ColumnAccessControl({
     create: [Permission.CurrentUser],
     read: [Permission.CurrentUser],
@@ -48,8 +48,8 @@ class UserTwoFactorAuth extends BaseModel {
   @TableColumn({
     type: TableColumnType.ShortText,
     canReadOnRelationQuery: true,
-    title: "Two Factor Auth Name",
-    description: "Name of the two factor authentication",
+    title: "TOTP Auth Name",
+    description: "Name of the TOTP authentication",
   })
   @Column({
     type: ColumnType.ShortText,
@@ -67,8 +67,8 @@ class UserTwoFactorAuth extends BaseModel {
   @TableColumn({
     type: TableColumnType.VeryLongText,
     canReadOnRelationQuery: false,
-    title: "Two Factor Auth Secret",
-    description: "Secret of the two factor authentication",
+    title: "TOTP Auth Secret",
+    description: "Secret of the TOTP authentication",
   })
   @Column({
     type: ColumnType.VeryLongText,
@@ -85,8 +85,8 @@ class UserTwoFactorAuth extends BaseModel {
   @TableColumn({
     type: TableColumnType.VeryLongText,
     canReadOnRelationQuery: false,
-    title: "Two Factor Auth OTP URL",
-    description: "OTP URL of the two factor authentication",
+    title: "TOTP Auth OTP URL",
+    description: "OTP URL of the TOTP authentication",
   })
   @Column({
     type: ColumnType.VeryLongText,
@@ -106,7 +106,7 @@ class UserTwoFactorAuth extends BaseModel {
     title: "Is Verified",
     isDefaultValueColumn: true,
     description:
-      "Is this two factor authentication verified and validated (has user entered the tokent to verify it)",
+      "Is this TOTP authentication verified and validated (has user entered the token to verify it)",
     defaultValue: false,
   })
   @Column({
@@ -171,7 +171,7 @@ class UserTwoFactorAuth extends BaseModel {
     manyToOneRelationColumn: "userId",
     type: TableColumnType.Entity,
     title: "User",
-    description: "Relation to User who owns this two factor authentication",
+    description: "Relation to User who owns this TOTP authentication",
   })
   @ManyToOne(
     () => {
@@ -207,4 +207,4 @@ class UserTwoFactorAuth extends BaseModel {
   public userId?: ObjectID = undefined;
 }
 
-export default UserTwoFactorAuth;
+export default UserTotpAuth;

Common/Models/DatabaseModels/UserWebAuthn.ts

@@ -0,0 +1,244 @@
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import User from "./User";
+import Route from "../../Types/API/Route";
+import AllowAccessIfSubscriptionIsUnpaid from "../../Types/Database/AccessControl/AllowAccessIfSubscriptionIsUnpaid";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import CurrentUserCanAccessRecordBy from "../../Types/Database/CurrentUserCanAccessRecordBy";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import { Column, Entity, JoinColumn, ManyToOne } from "typeorm";
+
+@EnableDocumentation({
+  isMasterAdminApiDocs: true,
+})
+@AllowAccessIfSubscriptionIsUnpaid()
+@TableAccessControl({
+  create: [Permission.CurrentUser],
+  read: [Permission.CurrentUser],
+  delete: [Permission.CurrentUser],
+  update: [Permission.CurrentUser],
+})
+@CrudApiEndpoint(new Route("/user-webauthn"))
+@Entity({
+  name: "UserWebAuthn",
+})
+@TableMetadata({
+  tableName: "UserWebAuthn",
+  singularName: "WebAuthn Credential",
+  pluralName: "WebAuthn Credentials",
+  icon: IconProp.ShieldCheck,
+  tableDescription: "WebAuthn credentials for users (security keys)",
+})
+@CurrentUserCanAccessRecordBy("userId")
+class UserWebAuthn extends BaseModel {
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [Permission.CurrentUser],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    canReadOnRelationQuery: true,
+    title: "Credential Name",
+    description: "Name of the WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: false,
+    unique: false,
+  })
+  public name?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    canReadOnRelationQuery: false,
+    title: "Credential ID",
+    description: "Unique identifier for the WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: false,
+    unique: true,
+  })
+  public credentialId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    canReadOnRelationQuery: false,
+    title: "Public Key",
+    description: "Public key of the WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: false,
+    unique: false,
+  })
+  public publicKey?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    canReadOnRelationQuery: false,
+    title: "Counter",
+    description: "Counter for the WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: false,
+    unique: false,
+  })
+  public counter?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    canReadOnRelationQuery: false,
+    title: "Transports",
+    description: "Transports supported by the WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+    unique: false,
+  })
+  public transports?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.Boolean,
+    canReadOnRelationQuery: true,
+    title: "Is Verified",
+    isDefaultValueColumn: true,
+    description: "Is this WebAuthn credential verified and validated",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    nullable: false,
+    default: false,
+  })
+  public isVerified?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [Permission.CurrentUser],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    title: "User",
+    description: "Relation to User who owns this WebAuthn credential",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [Permission.CurrentUser],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "User ID",
+    description: "User ID who owns this WebAuthn credential",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+}
+
+export default UserWebAuthn;

Common/Models/DatabaseModels/UserWhatsApp.ts

@@ -0,0 +1,288 @@
+import Project from "./Project";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import AllowAccessIfSubscriptionIsUnpaid from "../../Types/Database/AccessControl/AllowAccessIfSubscriptionIsUnpaid";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import CurrentUserCanAccessRecordBy from "../../Types/Database/CurrentUserCanAccessRecordBy";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import Phone from "../../Types/Phone";
+import Text from "../../Types/Text";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@TenantColumn("projectId")
+@AllowAccessIfSubscriptionIsUnpaid()
+@TableAccessControl({
+  create: [Permission.CurrentUser],
+  read: [Permission.CurrentUser],
+  delete: [Permission.CurrentUser],
+  update: [Permission.CurrentUser],
+})
+@CrudApiEndpoint(new Route("/user-whatsapp"))
+@Entity({
+  name: "UserWhatsApp",
+})
+@TableMetadata({
+  tableName: "UserWhatsApp",
+  singularName: "WhatsApp Number",
+  pluralName: "WhatsApp Numbers",
+  icon: IconProp.WhatsApp,
+  tableDescription: "WhatsApp numbers used for WhatsApp notifications.",
+})
+@CurrentUserCanAccessRecordBy("userId")
+class UserWhatsApp extends BaseModel {
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    title: "WhatsApp Number",
+    required: true,
+    unique: false,
+    type: TableColumnType.Phone,
+    canReadOnRelationQuery: true,
+  })
+  @Column({
+    type: ColumnType.Phone,
+    length: ColumnLength.Phone,
+    unique: false,
+    nullable: false,
+    transformer: Phone.getDatabaseTransformer(),
+  })
+  public phone?: Phone = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "user",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "Relation to User who this WhatsApp number belongs to",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "User ID",
+    description: "User ID who this WhatsApp number belongs to",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  @Index()
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.CurrentUser],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [Permission.CurrentUser],
+    update: [],
+  })
+  @TableColumn({
+    title: "Is Verified",
+    description: "Is this WhatsApp number verified?",
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public isVerified?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    title: "Verification Code",
+    description: "Temporary Verification Code",
+    isDefaultValueColumn: true,
+    computed: true,
+    required: true,
+    type: TableColumnType.ShortText,
+    forceGetDefaultValueOnCreate: () => {
+      return Text.generateRandomNumber(6);
+    },
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    nullable: false,
+    length: ColumnLength.ShortText,
+  })
+  public verificationCode?: string = undefined;
+}
+
+export default UserWhatsApp;

Common/Models/DatabaseModels/WhatsAppLog.ts

@@ -0,0 +1,909 @@
+import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
+import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import Phone from "../../Types/Phone";
+import WhatsAppStatus from "../../Types/WhatsAppStatus";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@EnableDocumentation()
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadWhatsAppLog,
+  ],
+  delete: [],
+  update: [],
+})
+@CrudApiEndpoint(new Route("/whatsapp-log"))
+@Entity({
+  name: "WhatsAppLog",
+})
+@EnableWorkflow({
+  create: true,
+  delete: false,
+  update: false,
+})
+@TableMetadata({
+  tableName: "WhatsAppLog",
+  singularName: "WhatsApp Log",
+  pluralName: "WhatsApp Logs",
+  icon: IconProp.WhatsApp,
+  tableDescription:
+    "Logs of all the WhatsApp messages sent out to all users and subscribers for this project.",
+})
+export default class WhatsAppLog extends BaseModel {
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    required: true,
+    type: TableColumnType.Phone,
+    title: "To Number",
+    description: "Phone Number WhatsApp message was sent to",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.Phone,
+    length: ColumnLength.Phone,
+    transformer: Phone.getDatabaseTransformer(),
+  })
+  public toNumber?: Phone = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    required: false,
+    type: TableColumnType.Phone,
+    title: "From Number",
+    description:
+      "Phone Number WhatsApp message was sent from (Business Number ID)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.Phone,
+    length: ColumnLength.Phone,
+    transformer: Phone.getDatabaseTransformer(),
+  })
+  public fromNumber?: Phone = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.VeryLongText,
+    title: "Message Text",
+    description: "Text content of the WhatsApp message",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.VeryLongText,
+  })
+  public messageText?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Status Message",
+    description: "Status Message (if any)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public statusMessage?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    required: false,
+    type: TableColumnType.ShortText,
+    title: "WhatsApp Message ID",
+    description: "Message ID returned by Meta's API",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public whatsAppMessageId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    title: "Status of the WhatsApp Message",
+    description: "Status of the WhatsApp message sent",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public status?: WhatsAppStatus = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    required: true,
+    type: TableColumnType.Number,
+    title: "WhatsApp Cost",
+    description: "WhatsApp Message Cost in USD Cents",
+    canReadOnRelationQuery: false,
+    isDefaultValueColumn: true,
+    defaultValue: 0,
+  })
+  @Column({
+    nullable: false,
+    default: 0,
+    type: ColumnType.Number,
+  })
+  public whatsAppCostInUSDCents?: number = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description:
+      "Status Page Announcement associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description:
+      "ID of On-Call Duty Policy associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this message (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadWhatsAppLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this message (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/WorkspaceProjectAuthToken.ts

@@ -18,15 +18,43 @@ import WorkspaceType from "../../Types/Workspace/WorkspaceType";
 import Permission from "../../Types/Permission";
 
 export interface MiscData {
-  [key: string]: string;
+  [key: string]: any;
+}
+
+export interface MicrosoftTeamsTeam {
+  id: string;
+  name: string;
 }
 
 export interface SlackMiscData extends MiscData {
   teamId: string;
   teamName: string;
   botUserId: string;
+  channelCache?: {
+    [channelName: string]: {
+      id: string;
+      name: string;
+      lastUpdated: string;
+    };
+  };
 }
 
+export interface MicrosoftTeamsMiscData extends MiscData {
+  tenantId: string;
+  teamId: string;
+  teamName: string;
+  botId: string;
+  appAccessToken?: string;
+  adminConsentGranted?: boolean;
+  lastAppTokenIssuedAt?: string;
+  adminConsentGrantedAt?: string;
+  adminConsentGrantedBy?: string;
+  availableTeams?: Record<string, MicrosoftTeamsTeam>;
+  appAccessTokenExpiresAt?: string;
+}
+
+export type WorkspaceMiscData = SlackMiscData | MicrosoftTeamsMiscData;
+
 @TenantColumn("projectId")
 @TableAccessControl({
   create: [

Common/Server/API/BaseAPI.ts

@@ -235,13 +235,27 @@ export default class BaseAPI<
   ): Promise<void> {
     await this.onBeforeList(req, res);
 
-    const skip: PositiveNumber = req.query["skip"]
-      ? new PositiveNumber(req.query["skip"] as string)
-      : new PositiveNumber(0);
+    /*
+     * Extract pagination parameters from query or body (for POST requests)
+     * Support both 'skip' and 'offset' parameters (offset is alias for skip)
+     */
+    let skipValue: number = 0;
+    let limitValue: number = DEFAULT_LIMIT;
 
-    const limit: PositiveNumber = req.query["limit"]
-      ? new PositiveNumber(req.query["limit"] as string)
-      : new PositiveNumber(DEFAULT_LIMIT);
+    if (req.query["skip"]) {
+      skipValue = parseInt(req.query["skip"] as string, 10) || 0;
+    } else if (req.body && req.body["skip"] !== undefined) {
+      skipValue = parseInt(req.body["skip"] as string, 10) || 0;
+    }
+
+    if (req.query["limit"]) {
+      limitValue = parseInt(req.query["limit"] as string, 10) || DEFAULT_LIMIT;
+    } else if (req.body && req.body["limit"] !== undefined) {
+      limitValue = parseInt(req.body["limit"] as string, 10) || DEFAULT_LIMIT;
+    }
+
+    const skip: PositiveNumber = new PositiveNumber(skipValue);
+    const limit: PositiveNumber = new PositiveNumber(limitValue);
 
     if (limit.toNumber() > LIMIT_PER_PROJECT) {
       throw new BadRequestException(

Common/Server/API/BillingAPI.ts

@@ -0,0 +1,123 @@
+import { IsBillingEnabled } from "../EnvironmentConfig";
+import UserMiddleware from "../Middleware/UserAuthorization";
+import BillingService from "../Services/BillingService";
+import ProjectService from "../Services/ProjectService";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+  NextFunction,
+  OneUptimeRequest,
+} from "../Utils/Express";
+import Response from "../Utils/Response";
+import BadDataException from "../../Types/Exception/BadDataException";
+import Permission, { UserPermission } from "../../Types/Permission";
+import Project from "../../Models/DatabaseModels/Project";
+import CommonAPI from "./CommonAPI";
+import ObjectID from "../../Types/ObjectID";
+import DatabaseCommonInteractionProps from "../../Types/BaseDatabase/DatabaseCommonInteractionProps";
+
+export default class BillingAPI {
+  public router: ExpressRouter;
+
+  public constructor() {
+    this.router = Express.getRouter();
+
+    this.router.get(
+      `/billing/customer-balance`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          if (!IsBillingEnabled) {
+            throw new BadDataException(
+              "Billing is not enabled for this server",
+            );
+          }
+
+          const userPermissions: Array<UserPermission> = (
+            await this.getPermissionsForTenant(req)
+          ).filter((permission: UserPermission) => {
+            return (
+              permission.permission.toString() ===
+                Permission.ProjectOwner.toString() ||
+              permission.permission.toString() ===
+                Permission.ManageProjectBilling.toString()
+            );
+          });
+
+          if (
+            userPermissions.length === 0 &&
+            !(req as OneUptimeRequest).userAuthorization?.isMasterAdmin
+          ) {
+            throw new BadDataException(
+              `You need ${Permission.ProjectOwner} or ${Permission.ManageProjectBilling} permission to view billing balance.`,
+            );
+          }
+
+          const project: Project | null = await ProjectService.findOneById({
+            id: this.getTenantId(req)!,
+            props: {
+              isRoot: true,
+            },
+            select: {
+              _id: true,
+              paymentProviderCustomerId: true,
+            },
+          });
+
+          if (!project) {
+            throw new BadDataException("Project not found");
+          }
+
+          if (!project.paymentProviderCustomerId) {
+            throw new BadDataException("Payment Provider customer not found");
+          }
+
+          const balance: number = await BillingService.getCustomerBalance(
+            project.paymentProviderCustomerId,
+          );
+
+          return Response.sendJsonObjectResponse(req, res, {
+            balance: balance,
+          });
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
+  }
+
+  public async getPermissionsForTenant(
+    req: ExpressRequest,
+  ): Promise<Array<UserPermission>> {
+    const permissions: Array<UserPermission> = [];
+
+    const props: DatabaseCommonInteractionProps =
+      await CommonAPI.getDatabaseCommonInteractionProps(req);
+
+    if (
+      props &&
+      props.userTenantAccessPermission &&
+      props.userTenantAccessPermission[props.tenantId?.toString() || ""]
+    ) {
+      return (
+        props.userTenantAccessPermission[props.tenantId?.toString() || ""]
+          ?.permissions || []
+      );
+    }
+
+    return permissions;
+  }
+
+  public getTenantId(req: ExpressRequest): ObjectID | null {
+    if ((req as OneUptimeRequest).tenantId) {
+      return (req as OneUptimeRequest).tenantId as ObjectID;
+    }
+
+    return null;
+  }
+
+  public getRouter(): ExpressRouter {
+    return this.router;
+  }
+}

Common/Server/API/GlobalConfigAPI.ts

@@ -21,20 +21,24 @@ export default class GlobalConfigAPI extends BaseAPI<
       `${new this.entityType().getCrudApiPath()?.toString()}/vars`,
       async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
         try {
-          // const globalConfig: GlobalConfig | null =
-          //     await GlobalConfigService.findOneById({
-          //         id: ObjectID.getZeroObjectID(),
-          //         select: {
-          //             useHttps: true,
-          //         },
-          //         props: {
-          //             isRoot: true,
-          //         },
-          //     });
+          /*
+           * const globalConfig: GlobalConfig | null =
+           *     await GlobalConfigService.findOneById({
+           *         id: ObjectID.getZeroObjectID(),
+           *         select: {
+           *             useHttps: true,
+           *         },
+           *         props: {
+           *             isRoot: true,
+           *         },
+           *     });
+           */
 
           return Response.sendJsonObjectResponse(req, res, {
-            // USE_HTTPS:
-            //     globalConfig?.useHttps?.toString() || 'false',
+            /*
+             * USE_HTTPS:
+             *     globalConfig?.useHttps?.toString() || 'false',
+             */
           });
         } catch (err) {
           next(err);

Common/Server/API/NotificationAPI.ts

@@ -4,11 +4,11 @@ import Express, {
   ExpressRequest,
   ExpressResponse,
   ExpressRouter,
+  NextFunction,
   OneUptimeRequest,
 } from "../Utils/Express";
 import Response from "../Utils/Response";
 import BadDataException from "../../Types/Exception/BadDataException";
-import Exception from "../../Types/Exception/Exception";
 import JSONFunctions from "../../Types/JSONFunctions";
 import ObjectID from "../../Types/ObjectID";
 import Permission, { UserPermission } from "../../Types/Permission";
@@ -19,7 +19,7 @@ const router: ExpressRouter = Express.getRouter();
 router.post(
   "/notification/recharge",
   UserMiddleware.getUserMiddleware,
-  async (req: ExpressRequest, res: ExpressResponse) => {
+  async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
     try {
       let amount: number | PositiveNumber = JSONFunctions.deserializeValue(
         req.body.amount,
@@ -106,8 +106,8 @@ router.post(
           ),
         );
       }
-    } catch (err: any) {
-      return Response.sendErrorResponse(req, res, err as Exception);
+    } catch (err) {
+      return next(err);
     }
 
     return Response.sendEmptySuccessResponse(req, res);

Common/Server/API/ProjectAPI.ts

@@ -20,13 +20,76 @@ import PositiveNumber from "../../Types/PositiveNumber";
 import Project from "../../Models/DatabaseModels/Project";
 import Reseller from "../../Models/DatabaseModels/Reseller";
 import TeamMember from "../../Models/DatabaseModels/TeamMember";
+import BadDataException from "../../Types/Exception/BadDataException";
+import Permission, { UserPermission } from "../../Types/Permission";
+import ObjectID from "../../Types/ObjectID";
+import { JSONObject } from "../../Types/JSON";
 
 export default class ProjectAPI extends BaseAPI<Project, ProjectServiceType> {
   public constructor() {
     super(Project, ProjectService);
 
-    /// This API lists all the projects where user is its team member.
-    /// This API is usually used to show project selector dropdown in the UI
+    this.router.put(
+      `${new this.entityType().getCrudApiPath()?.toString()}/:id/change-plan`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          if (!IsBillingEnabled) {
+            throw new BadDataException(
+              "Billing is not enabled for this server",
+            );
+          }
+
+          const projectId: ObjectID = new ObjectID(req.params["id"] as string);
+
+          const body: JSONObject = (req.body as JSONObject) || {};
+          const data: JSONObject = (body["data"] as JSONObject) || {};
+          const paymentProviderPlanId: string | undefined = data[
+            "paymentProviderPlanId"
+          ] as string | undefined;
+
+          if (!paymentProviderPlanId) {
+            throw new BadDataException("Plan ID is required to change plan");
+          }
+
+          const permissions: Array<UserPermission> =
+            await this.getPermissionsForTenant(req);
+
+          const hasBillingPermission: boolean =
+            permissions.filter((permission: UserPermission) => {
+              return (
+                permission.permission.toString() ===
+                  Permission.ProjectOwner.toString() ||
+                permission.permission.toString() ===
+                  Permission.ManageProjectBilling.toString()
+              );
+            }).length > 0;
+
+          if (
+            !hasBillingPermission &&
+            !(req as OneUptimeRequest).userAuthorization?.isMasterAdmin
+          ) {
+            throw new BadDataException(
+              `You need ${Permission.ProjectOwner} or ${Permission.ManageProjectBilling} permission to change project plan`,
+            );
+          }
+
+          await ProjectService.changePlan({
+            projectId: projectId,
+            paymentProviderPlanId: paymentProviderPlanId,
+          });
+
+          return Response.sendEmptySuccessResponse(req, res);
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
+
+    /*
+     * This API lists all the projects where user is its team member.
+     * This API is usually used to show project selector dropdown in the UI
+     */
     this.router.post(
       `${new this.entityType()
         .getCrudApiPath()

Common/Server/API/ProjectSSO.ts

@@ -1,7 +1,11 @@
 import ProjectSsoService, {
   Service as ProjectSsoServiceType,
 } from "../Services/ProjectSsoService";
-import { ExpressRequest, ExpressResponse } from "../Utils/Express";
+import {
+  ExpressRequest,
+  ExpressResponse,
+  NextFunction,
+} from "../Utils/Express";
 import Response from "../Utils/Response";
 import BaseAPI from "./BaseAPI";
 import { LIMIT_PER_PROJECT } from "../../Types/Database/LimitMax";
@@ -22,43 +26,47 @@ export default class ProjectSsoAPI extends BaseAPI<
       `${new this.entityType()
         .getCrudApiPath()
         ?.toString()}/:projectId/sso-list`,
-      async (req: ExpressRequest, res: ExpressResponse) => {
-        const projectId: ObjectID = new ObjectID(
-          req.params["projectId"] as string,
-        );
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          const projectId: ObjectID = new ObjectID(
+            req.params["projectId"] as string,
+          );
 
-        if (!projectId) {
-          return Response.sendErrorResponse(
+          if (!projectId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid project id."),
+            );
+          }
+
+          const sso: Array<ProjectSSO> = await this.service.findBy({
+            query: {
+              projectId: projectId,
+              isEnabled: true,
+            },
+            limit: LIMIT_PER_PROJECT,
+            skip: 0,
+            select: {
+              name: true,
+              description: true,
+              _id: true,
+            },
+            props: {
+              isRoot: true,
+            },
+          });
+
+          return Response.sendEntityArrayResponse(
             req,
             res,
-            new BadDataException("Invalid project id."),
+            sso,
+            new PositiveNumber(sso.length),
+            ProjectSSO,
           );
+        } catch (err) {
+          return next(err);
         }
-
-        const sso: Array<ProjectSSO> = await this.service.findBy({
-          query: {
-            projectId: projectId,
-            isEnabled: true,
-          },
-          limit: LIMIT_PER_PROJECT,
-          skip: 0,
-          select: {
-            name: true,
-            description: true,
-            _id: true,
-          },
-          props: {
-            isRoot: true,
-          },
-        });
-
-        return Response.sendEntityArrayResponse(
-          req,
-          res,
-          sso,
-          new PositiveNumber(sso.length),
-          ProjectSSO,
-        );
       },
     );
   }

Common/Server/API/ResellerPlanAPI.ts

@@ -30,8 +30,10 @@ export default class ResellerPlanAPI extends BaseAPI<
   public constructor() {
     super(ResellerPlan, ResellerPlanService);
 
-    // Reseller Plan Action API
-    // TODO: Refactor this API and make it partner specific.
+    /*
+     * Reseller Plan Action API
+     * TODO: Refactor this API and make it partner specific.
+     */
     this.router.post(
       `${new this.entityType()
         .getCrudApiPath()

Common/Server/API/ShortLinkAPI.ts

@@ -1,7 +1,11 @@
 import ShortLinkService, {
   Service as ShortLinkServiceType,
 } from "../Services/ShortLinkService";
-import { ExpressRequest, ExpressResponse } from "../Utils/Express";
+import {
+  ExpressRequest,
+  ExpressResponse,
+  NextFunction,
+} from "../Utils/Express";
 import Response from "../Utils/Response";
 import BaseAPI from "./BaseAPI";
 import BadDataException from "../../Types/Exception/BadDataException";
@@ -18,34 +22,38 @@ export default class ShortLinkAPI extends BaseAPI<
       `${new this.entityType()
         .getCrudApiPath()
         ?.toString()}/redirect-to-shortlink/:id`,
-      async (req: ExpressRequest, res: ExpressResponse) => {
-        if (!req.params["id"]) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("id is required"),
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          if (!req.params["id"]) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("id is required"),
+            );
+          }
+
+          if (req.params["id"] === "status") {
+            return Response.sendJsonObjectResponse(req, res, {
+              status: "ok",
+            });
+          }
+
+          const link: ShortLink | null = await ShortLinkService.getShortLinkFor(
+            req.params["id"],
           );
+
+          if (!link || !link.link) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("This URL is invalid or expired"),
+            );
+          }
+
+          return Response.redirect(req, res, link.link);
+        } catch (err) {
+          return next(err);
         }
-
-        if (req.params["id"] === "status") {
-          return Response.sendJsonObjectResponse(req, res, {
-            status: "ok",
-          });
-        }
-
-        const link: ShortLink | null = await ShortLinkService.getShortLinkFor(
-          req.params["id"],
-        );
-
-        if (!link || !link.link) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("This URL is invalid or expired"),
-          );
-        }
-
-        return Response.redirect(req, res, link.link);
       },
     );
   }

Common/Server/API/SlackAPI.ts

@@ -38,6 +38,10 @@ import SlackOnCallDutyActions from "../Utils/Workspace/Slack/Actions/OnCallDutyP
 import WorkspaceProjectAuthToken, {
   SlackMiscData,
 } from "../../Models/DatabaseModels/WorkspaceProjectAuthToken";
+import UserMiddleware from "../Middleware/UserAuthorization";
+import CommonAPI from "./CommonAPI";
+import SlackUtil from "../Utils/Workspace/Slack/Slack";
+import DatabaseCommonInteractionProps from "../../Types/BaseDatabase/DatabaseCommonInteractionProps";
 
 export default class SlackAPI {
   public getRouter(): ExpressRouter {
@@ -153,13 +157,13 @@ export default class SlackAPI {
         // send the request to slack api to get the access token https://slack.com/api/oauth.v2.access
 
         const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
-          await API.post(
-            URL.fromString("https://slack.com/api/oauth.v2.access"),
-            requestBody,
-            {
+          await API.post({
+            url: URL.fromString("https://slack.com/api/oauth.v2.access"),
+            data: requestBody,
+            headers: {
               "Content-Type": "application/x-www-form-urlencoded",
             },
-          );
+          });
 
         if (response instanceof HTTPErrorResponse) {
           throw response;
@@ -177,29 +181,31 @@ export default class SlackAPI {
         let botUserId: string | undefined = undefined;
         let slackUserAccessToken: string | undefined = undefined;
 
-        // ReponseBody is in this format.
-        //   {
-        //     "ok": true,
-        //     "access_token": "sample-token",
-        //     "token_type": "bot",
-        //     "scope": "commands,incoming-webhook",
-        //     "bot_user_id": "U0KRQLJ9H",
-        //     "app_id": "A0KRD7HC3",
-        //     "team": {
-        //         "name": "Slack Pickleball Team",
-        //         "id": "T9TK3CUKW"
-        //     },
-        //     "enterprise": {
-        //         "name": "slack-pickleball",
-        //         "id": "E12345678"
-        //     },
-        //     "authed_user": {
-        //         "id": "U1234",
-        //         "scope": "chat:write",
-        //         "access_token": "sample-token",
-        //         "token_type": "user"
-        //     }
-        // }
+        /*
+         * ReponseBody is in this format.
+         *   {
+         *     "ok": true,
+         *     "access_token": "sample-token",
+         *     "token_type": "bot",
+         *     "scope": "commands,incoming-webhook",
+         *     "bot_user_id": "U0KRQLJ9H",
+         *     "app_id": "A0KRD7HC3",
+         *     "team": {
+         *         "name": "Slack Pickleball Team",
+         *         "id": "T9TK3CUKW"
+         *     },
+         *     "enterprise": {
+         *         "name": "slack-pickleball",
+         *         "id": "E12345678"
+         *     },
+         *     "authed_user": {
+         *         "id": "U1234",
+         *         "scope": "chat:write",
+         *         "access_token": "sample-token",
+         *         "token_type": "user"
+         *     }
+         * }
+         */
 
         if (responseBody["ok"] !== true) {
           return Response.sendErrorResponse(
@@ -365,13 +371,13 @@ export default class SlackAPI {
         // send the request to slack api to get the access token https://slack.com/api/oauth.v2.access
 
         const response: HTTPErrorResponse | HTTPResponse<JSONObject> =
-          await API.post(
-            URL.fromString("https://slack.com/api/openid.connect.token"),
-            requestBody,
-            {
+          await API.post({
+            url: URL.fromString("https://slack.com/api/openid.connect.token"),
+            data: requestBody,
+            headers: {
               "Content-Type": "application/x-www-form-urlencoded",
             },
-          );
+          });
 
         if (response instanceof HTTPErrorResponse) {
           throw response;
@@ -403,31 +409,35 @@ export default class SlackAPI {
           "id_token"
         ] as JSONObject;
 
-        // Example of Response Body
-        // {
-        //   "iss": "https://slack.com",
-        //   "sub": "U123ABC456",
-        //   "aud": "25259531569.1115258246291",
-        //   "exp": 1626874955,
-        //   "iat": 1626874655,
-        //   "auth_time": 1626874655,
-        //   "nonce": "abcd",
-        //   "at_hash": "abc...123",
-        //   "https://slack.com/team_id": "T0123ABC456",
-        //   "https://slack.com/user_id": "U123ABC456",
-        //   "email": "alice@example.com",
-        //   "email_verified": true,
-        //   "date_email_verified": 1622128723,
-        //   "locale": "en-US",
-        //   "name": "Alice",
-        //   "given_name": "",
-        //   "family_name": "",
-        //   "https://slack.com/team_image_230": "https://secure.gravatar.com/avatar/bc.png",
-        //   "https://slack.com/team_image_default": true
-        // }
+        /*
+         * Example of Response Body
+         * {
+         *   "iss": "https://slack.com",
+         *   "sub": "U123ABC456",
+         *   "aud": "25259531569.1115258246291",
+         *   "exp": 1626874955,
+         *   "iat": 1626874655,
+         *   "auth_time": 1626874655,
+         *   "nonce": "abcd",
+         *   "at_hash": "abc...123",
+         *   "https://slack.com/team_id": "T0123ABC456",
+         *   "https://slack.com/user_id": "U123ABC456",
+         *   "email": "alice@example.com",
+         *   "email_verified": true,
+         *   "date_email_verified": 1622128723,
+         *   "locale": "en-US",
+         *   "name": "Alice",
+         *   "given_name": "",
+         *   "family_name": "",
+         *   "https://slack.com/team_image_230": "https://secure.gravatar.com/avatar/bc.png",
+         *   "https://slack.com/team_image_default": true
+         * }
+         */
 
-        // check if the team id matches the project id.
-        // get project auth.
+        /*
+         * check if the team id matches the project id.
+         * get project auth.
+         */
 
         const projectAuth: WorkspaceProjectAuthToken | null =
           await WorkspaceProjectAuthTokenService.findOneBy({
@@ -656,6 +666,71 @@ export default class SlackAPI {
       },
     );
 
+    // Fetch and cache all Slack channels for current tenant's project
+    router.get(
+      "/slack/get-all-channels",
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        const props: DatabaseCommonInteractionProps =
+          await CommonAPI.getDatabaseCommonInteractionProps(req);
+
+        if (!props.tenantId) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadRequestException("ProjectId (tenant) not found in request"),
+          );
+        }
+
+        // Get Slack project auth
+        const projectAuth: WorkspaceProjectAuthToken | null =
+          await WorkspaceProjectAuthTokenService.getProjectAuth({
+            projectId: props.tenantId,
+            workspaceType: WorkspaceType.Slack,
+          });
+
+        if (!projectAuth || !projectAuth.authToken) {
+          return Response.sendErrorResponse(
+            req,
+            res,
+            new BadRequestException(
+              "Slack is not connected for this project. Please connect Slack first.",
+            ),
+          );
+        }
+
+        // Fetch all channels (also updates cache under miscData.channelCache)
+
+        let updatedProjectAuth: WorkspaceProjectAuthToken | null = projectAuth;
+
+        if (!(projectAuth.miscData as SlackMiscData)?.channelCache) {
+          await SlackUtil.getAllWorkspaceChannels({
+            authToken: projectAuth.authToken,
+            projectId: props.tenantId,
+          });
+
+          // Re-fetch to return the latest cached object
+          updatedProjectAuth =
+            await WorkspaceProjectAuthTokenService.getProjectAuth({
+              projectId: props.tenantId,
+              workspaceType: WorkspaceType.Slack,
+            });
+        }
+
+        const channelCache: {
+          [channelName: string]: {
+            id: string;
+            name: string;
+            lastUpdated: string;
+          };
+        } =
+          ((updatedProjectAuth?.miscData as SlackMiscData | undefined) || {})
+            ?.channelCache || {};
+
+        return Response.sendJsonObjectResponse(req, res, channelCache as any);
+      },
+    );
+
     // options load endpoint.
 
     router.post(

Common/Server/API/StatusPageAPI.ts

@@ -181,6 +181,7 @@ export default class StatusPageAPI extends BaseAPI<
         return Response.sendJsonObjectResponse(req, res, {
           title: statusPage.pageTitle || statusPage.name,
           description: statusPage.pageDescription,
+          _id: statusPage._id?.toString(),
         });
       },
     );
@@ -734,9 +735,11 @@ export default class StatusPageAPI extends BaseAPI<
             req: req,
           });
 
-          // get start and end date from request body.
-          // if no end date is provided then it will be current date.
-          // if no start date is provided then it will be 14 days ago from end date.
+          /*
+           * get start and end date from request body.
+           * if no end date is provided then it will be current date.
+           * if no start date is provided then it will be 14 days ago from end date.
+           */
 
           let startDate: Date = OneUptimeDate.getSomeDaysAgo(14);
           let endDate: Date = OneUptimeDate.getCurrentDate();
@@ -1100,7 +1103,7 @@ export default class StatusPageAPI extends BaseAPI<
                 },
                 select: select,
                 sort: {
-                  createdAt: SortOrder.Ascending,
+                  createdAt: SortOrder.Descending,
                 },
 
                 skip: 0,
@@ -2076,6 +2079,10 @@ export default class StatusPageAPI extends BaseAPI<
           _id: true,
           showAnnouncementAt: true,
           endAnnouncementAt: true,
+          monitors: {
+            _id: true,
+            name: true,
+          },
         },
         skip: 0,
         limit: LIMIT_PER_PROJECT,
@@ -2096,6 +2103,7 @@ export default class StatusPageAPI extends BaseAPI<
           displayTooltip: true,
           displayDescription: true,
           displayName: true,
+          monitorGroupId: true,
           monitor: {
             _id: true,
             currentMonitorStatusId: true,
@@ -2109,6 +2117,65 @@ export default class StatusPageAPI extends BaseAPI<
         },
       });
 
+    const monitorGroupIds: Array<ObjectID> = statusPageResources
+      .map((resource: StatusPageResource) => {
+        return resource.monitorGroupId!;
+      })
+      .filter((id: ObjectID) => {
+        return Boolean(id); // remove nulls
+      });
+
+    // get monitors in the group.
+    const monitorsInGroup: Dictionary<Array<ObjectID>> = {};
+
+    // get monitor status charts.
+    const monitorsOnStatusPage: Array<ObjectID> = statusPageResources
+      .map((monitor: StatusPageResource) => {
+        return monitor.monitorId!;
+      })
+      .filter((id: ObjectID) => {
+        return Boolean(id); // remove nulls
+      });
+
+    for (const monitorGroupId of monitorGroupIds) {
+      // get monitors in the group.
+
+      const groupResources: Array<MonitorGroupResource> =
+        await MonitorGroupResourceService.findBy({
+          query: {
+            monitorGroupId: monitorGroupId,
+          },
+          select: {
+            monitorId: true,
+          },
+          props: {
+            isRoot: true,
+          },
+          limit: LIMIT_PER_PROJECT,
+          skip: 0,
+        });
+
+      const monitorsInGroupIds: Array<ObjectID> = groupResources
+        .map((resource: MonitorGroupResource) => {
+          return resource.monitorId!;
+        })
+        .filter((id: ObjectID) => {
+          return Boolean(id); // remove nulls
+        });
+
+      for (const monitorId of monitorsInGroupIds) {
+        if (
+          !monitorsOnStatusPage.find((item: ObjectID) => {
+            return item.toString() === monitorId.toString();
+          })
+        ) {
+          monitorsOnStatusPage.push(monitorId);
+        }
+      }
+
+      monitorsInGroup[monitorGroupId.toString()] = monitorsInGroupIds;
+    }
+
     const response: JSONObject = {
       announcements: BaseModel.toJSONArray(
         announcements,
@@ -2118,6 +2185,7 @@ export default class StatusPageAPI extends BaseAPI<
         statusPageResources,
         StatusPageResource,
       ),
+      monitorsInGroup: JSONFunctions.serialize(monitorsInGroup),
     };
 
     return response;

Common/Server/API/TeamComplianceAPI.ts

@@ -0,0 +1,106 @@
+import UserMiddleware from "../Middleware/UserAuthorization";
+import TeamComplianceService, {
+  TeamComplianceStatus,
+  UserComplianceStatus,
+} from "../Services/TeamComplianceService";
+import {
+  ExpressRequest,
+  ExpressResponse,
+  NextFunction,
+} from "../Utils/Express";
+import Response from "../Utils/Response";
+import BaseAPI from "./BaseAPI";
+import CommonAPI from "./CommonAPI";
+import DatabaseCommonInteractionProps from "../../Types/BaseDatabase/DatabaseCommonInteractionProps";
+import BadDataException from "../../Types/Exception/BadDataException";
+import ObjectID from "../../Types/ObjectID";
+import Team from "../../Models/DatabaseModels/Team";
+import TeamService, {
+  Service as TeamServiceType,
+} from "../Services/TeamService";
+import ComplianceRuleType from "../../Types/Team/ComplianceRuleType";
+
+export default class TeamComplianceAPI extends BaseAPI<Team, TeamServiceType> {
+  public constructor() {
+    super(Team, TeamService);
+
+    // Get team compliance status
+    this.router.get(
+      `${new this.entityType().getCrudApiPath()?.toString()}/compliance-status/:teamId`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          const databaseProps: DatabaseCommonInteractionProps =
+            await CommonAPI.getDatabaseCommonInteractionProps(req);
+
+          const projectId: ObjectID = databaseProps.tenantId as ObjectID;
+
+          const teamId: ObjectID = new ObjectID(req.params["teamId"] as string);
+
+          if (!projectId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid projectId."),
+            );
+          }
+
+          if (!teamId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid teamId."),
+            );
+          }
+
+          const complianceStatus: TeamComplianceStatus =
+            await TeamComplianceService.getTeamComplianceStatus(
+              teamId,
+              projectId,
+            );
+
+          // Convert ObjectIDs to strings for JSON response
+          const responseData: {
+            teamId: string;
+            teamName: string;
+            complianceSettings: Array<{
+              ruleType: ComplianceRuleType;
+              enabled: boolean;
+            }>;
+            userComplianceStatuses: Array<{
+              userId: string;
+              userName: string;
+              userEmail: string;
+              userProfilePictureId: string | undefined;
+              isCompliant: boolean;
+              nonCompliantRules: Array<{
+                ruleType: ComplianceRuleType;
+                reason: string;
+              }>;
+            }>;
+          } = {
+            teamId: complianceStatus.teamId.toString(),
+            teamName: complianceStatus.teamName,
+            complianceSettings: complianceStatus.complianceSettings,
+            userComplianceStatuses: complianceStatus.userComplianceStatuses.map(
+              (user: UserComplianceStatus) => {
+                return {
+                  userId: user.userId.toString(),
+                  userName: user.userName,
+                  userEmail: user.userEmail,
+                  userProfilePictureId: user.userProfilePictureId?.toString(),
+                  isCompliant: user.isCompliant,
+                  nonCompliantRules: user.nonCompliantRules,
+                };
+              },
+            ),
+          };
+
+          return Response.sendJsonObjectResponse(req, res, responseData);
+        } catch (e) {
+          next(e);
+        }
+      },
+    );
+  }
+}