fix: improve error handling in verification endpoints by adding NextFunction support

Whatsapp

.github/instructions/instructions.md

@@ -0,0 +1,17 @@
+---
+applyTo: '**'
+---
+
+# Building and Compiling
+
+If you would like to compile or build any project. Please cd into the directory and run the following command:
+
+```
+npm run compile
+```
+
+Ths will make sure there are no type / syntax errors. 
+
+# Typescript Types.
+
+Please do not use "any" types. Please create proper types where required. 

.github/workflows/build.yml

@@ -19,11 +19,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Accounts/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Accounts/Dockerfile .
 
   docker-build-isolated-vm:
     runs-on: ubuntu-latest
@@ -34,11 +42,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./IsolatedVM/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./IsolatedVM/Dockerfile .
 
   docker-build-home:
     runs-on: ubuntu-latest
@@ -49,11 +65,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Home/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Home/Dockerfile .
 
   docker-build-worker:
     runs-on: ubuntu-latest
@@ -64,11 +88,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Worker/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Worker/Dockerfile .
 
   docker-build-workflow:
     runs-on: ubuntu-latest
@@ -79,11 +111,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Workflow/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Workflow/Dockerfile .
 
   docker-build-api-reference:
     runs-on: ubuntu-latest
@@ -94,11 +134,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./APIReference/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./APIReference/Dockerfile .
 
   docker-build-docs:
     runs-on: ubuntu-latest
@@ -109,11 +157,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Docs/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Docs/Dockerfile .
 
 
   docker-build-otel-collector:
@@ -125,11 +181,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
       
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./OTelCollector/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./OTelCollector/Dockerfile .
 
   docker-build-app:
     runs-on: ubuntu-latest
@@ -140,12 +204,20 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./App/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./App/Dockerfile .
 
 
   docker-build-copilot:
@@ -157,11 +229,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./Copilot/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Copilot/Dockerfile .
 
   docker-build-e2e:
     runs-on: ubuntu-latest
@@ -172,12 +252,20 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
         
       # build image for accounts service
       - name: build docker image
-        run: sudo docker build -f ./E2E/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./E2E/Dockerfile .
 
   docker-build-admin-dashboard:
     runs-on: ubuntu-latest
@@ -188,11 +276,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./AdminDashboard/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./AdminDashboard/Dockerfile .
 
   docker-build-dashboard:
     runs-on: ubuntu-latest
@@ -203,11 +299,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./Dashboard/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Dashboard/Dockerfile .
 
   docker-build-probe:
     runs-on: ubuntu-latest
@@ -218,11 +322,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./Probe/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./Probe/Dockerfile .
 
   docker-build-probe-ingest:
     runs-on: ubuntu-latest
@@ -233,11 +345,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./ProbeIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./ProbeIngest/Dockerfile .
 
   docker-build-server-monitor-ingest:
     runs-on: ubuntu-latest
@@ -248,11 +368,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./ServerMonitorIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./ServerMonitorIngest/Dockerfile .
 
   docker-build-open-telemetry-ingest:
     runs-on: ubuntu-latest
@@ -263,11 +391,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./OpenTelemetryIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./OpenTelemetryIngest/Dockerfile .
 
   docker-build-incoming-request-ingest:
     runs-on: ubuntu-latest
@@ -278,11 +414,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./IncomingRequestIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./IncomingRequestIngest/Dockerfile .
 
   docker-build-fluent-ingest:
     runs-on: ubuntu-latest
@@ -293,11 +437,19 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image probe api
       - name: build docker image
-        run: sudo docker build -f ./FluentIngest/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./FluentIngest/Dockerfile .
 
   docker-build-status-page:
     runs-on: ubuntu-latest
@@ -308,11 +460,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
         
       # build image for home
       - name: build docker image
-        run: sudo docker build -f ./StatusPage/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./StatusPage/Dockerfile .
 
   docker-build-test-server:
     runs-on: ubuntu-latest
@@ -323,8 +483,16 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Preinstall 
-        run: npm run prerun
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 10
+          max_attempts: 3
+          command: npm run prerun
 
       # build image for mail service
       - name: build docker image
-        run: sudo docker build -f ./TestServer/Dockerfile .
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 45
+          max_attempts: 3
+          command: sudo docker build -f ./TestServer/Dockerfile .

.github/workflows/compile.yml

@@ -20,7 +20,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Accounts && npm install && npm run compile && npm run dep-check
+      - name: Compile Accounts
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Accounts && npm install && npm run compile && npm run dep-check
 
   compile-isolated-vm:
     runs-on: ubuntu-latest
@@ -32,7 +37,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd IsolatedVM && npm install && npm run compile && npm run dep-check
+      - name: Compile IsolatedVM
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd IsolatedVM && npm install && npm run compile && npm run dep-check
 
   compile-common:
     runs-on: ubuntu-latest
@@ -43,7 +53,12 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: latest
-      - run: cd Common && npm install && npm run compile && npm run dep-check
+      - name: Compile Common
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Common && npm install && npm run compile && npm run dep-check
 
   compile-app:
     runs-on: ubuntu-latest
@@ -55,7 +70,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd App && npm install && npm run compile && npm run dep-check
+      - name: Compile App
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd App && npm install && npm run compile && npm run dep-check
 
   compile-home:
     runs-on: ubuntu-latest
@@ -67,7 +87,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Home && npm install && npm run compile && npm run dep-check
+      - name: Compile Home
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Home && npm install && npm run compile && npm run dep-check
 
   compile-worker:
     runs-on: ubuntu-latest
@@ -79,7 +104,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Worker && npm install && npm run compile && npm run dep-check
+      - name: Compile Worker
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Worker && npm install && npm run compile && npm run dep-check
 
   compile-workflow:
     runs-on: ubuntu-latest
@@ -91,7 +121,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Workflow && npm install && npm run compile && npm run dep-check
+      - name: Compile Workflow
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Workflow && npm install && npm run compile && npm run dep-check
 
   compile-api-reference:
     runs-on: ubuntu-latest
@@ -103,7 +138,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd APIReference && npm install && npm run compile && npm run dep-check
+      - name: Compile API Reference
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd APIReference && npm install && npm run compile && npm run dep-check
 
   compile-docs-reference:
     runs-on: ubuntu-latest
@@ -115,7 +155,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Docs && npm install && npm run compile && npm run dep-check
+      - name: Compile Docs Reference
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Docs && npm install && npm run compile && npm run dep-check
 
   compile-copilot:
     runs-on: ubuntu-latest
@@ -127,7 +172,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Copilot && npm install && npm run compile && npm run dep-check
+      - name: Compile Copilot
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Copilot && npm install && npm run compile && npm run dep-check
 
   compile-nginx:
     runs-on: ubuntu-latest
@@ -140,7 +190,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd Nginx && npm install && npm run compile && npm run dep-check
+      - name: Compile Nginx
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Nginx && npm install && npm run compile && npm run dep-check
 
   compile-infrastructure-agent:
     runs-on: ubuntu-latest
@@ -150,7 +205,12 @@ jobs:
       - uses: actions/checkout@v4
       # Setup Go
       - uses: actions/setup-go@v5
-      - run: cd InfrastructureAgent && go build .
+      - name: Compile Infrastructure Agent
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd InfrastructureAgent && go build .
   
 
   compile-admin-dashboard:
@@ -164,7 +224,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd AdminDashboard && npm install && npm run compile && npm run dep-check
+      - name: Compile Admin Dashboard
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd AdminDashboard && npm install && npm run compile && npm run dep-check
 
   compile-dashboard:
     runs-on: ubuntu-latest
@@ -177,7 +242,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd Dashboard && npm install && npm run compile && npm run dep-check
+      - name: Compile Dashboard
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Dashboard && npm install && npm run compile && npm run dep-check
 
 
   compile-e2e:
@@ -191,7 +261,12 @@ jobs:
           node-version: latest
       - run: sudo apt-get update
       - run: cd Common && npm install
-      - run: cd E2E && npm install && npm run compile && npm run dep-check
+      - name: Compile E2E
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd E2E && npm install && npm run compile && npm run dep-check
 
   compile-probe:
     runs-on: ubuntu-latest
@@ -203,7 +278,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd Probe && npm install && npm run compile && npm run dep-check
+      - name: Compile Probe
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd Probe && npm install && npm run compile && npm run dep-check
 
   compile-probe-ingest:
     runs-on: ubuntu-latest
@@ -215,7 +295,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd ProbeIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Probe Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd ProbeIngest && npm install && npm run compile && npm run dep-check
 
   compile-server-monitor-ingest:
     runs-on: ubuntu-latest
@@ -227,7 +312,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd ServerMonitorIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Server Monitor Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd ServerMonitorIngest && npm install && npm run compile && npm run dep-check
 
   compile-open-telemetry-ingest:
     runs-on: ubuntu-latest
@@ -239,7 +329,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd OpenTelemetryIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Open Telemetry Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd OpenTelemetryIngest && npm install && npm run compile && npm run dep-check
 
 
   compile-incoming-request-ingest: 
@@ -252,7 +347,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd IncomingRequestIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Incoming Request Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd IncomingRequestIngest && npm install && npm run compile && npm run dep-check
 
   compile-fluent-ingest:
     runs-on: ubuntu-latest
@@ -264,7 +364,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd FluentIngest && npm install && npm run compile && npm run dep-check
+      - name: Compile Fluent Ingest
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd FluentIngest && npm install && npm run compile && npm run dep-check
   
 
   compile-status-page:
@@ -278,7 +383,12 @@ jobs:
           node-version: latest
       - run: cd Common && npm install
       
-      - run: cd StatusPage && npm install && npm run compile && npm run dep-check
+      - name: Compile Status Page
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd StatusPage && npm install && npm run compile && npm run dep-check
 
   compile-test-server:
     runs-on: ubuntu-latest
@@ -290,7 +400,12 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd TestServer && npm install && npm run compile && npm run dep-check
+      - name: Compile Test Server
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd TestServer && npm install && npm run compile && npm run dep-check
 
   compile-mcp:
     runs-on: ubuntu-latest
@@ -302,4 +417,9 @@ jobs:
         with:
           node-version: latest
       - run: cd Common && npm install
-      - run: cd MCP && npm install && npm run compile && npm run dep-check
+      - name: Compile MCP
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: cd MCP && npm update @oneuptime/common && npm install && npm run compile && npm run dep-check

.github/workflows/terraform-provider-generation.yml

@@ -77,17 +77,21 @@ jobs:
           ls -la "$PROVIDER_DIR" || true
 
       - name: Test Go build
-        run: |
-          PROVIDER_DIR="./Terraform"
-          if [ -d "$PROVIDER_DIR" ] && [ -f "$PROVIDER_DIR/go.mod" ]; then
-            cd "$PROVIDER_DIR"
-            echo "🔨 Testing Go build..."
-            go mod tidy
-            go build -v ./...
-            echo "✅ Go build successful"
-          else
-            echo "⚠️ Cannot test build - missing go.mod or provider directory"
-          fi
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 30
+          max_attempts: 3
+          command: |
+            PROVIDER_DIR="./Terraform"
+            if [ -d "$PROVIDER_DIR" ] && [ -f "$PROVIDER_DIR/go.mod" ]; then
+              cd "$PROVIDER_DIR"
+              echo "🔨 Testing Go build..."
+              go mod tidy
+              go build -v ./...
+              echo "✅ Go build successful"
+            else
+              echo "⚠️ Cannot test build - missing go.mod or provider directory"
+            fi
 
       - name: Upload Terraform provider as artifact
         uses: actions/upload-artifact@v4

.gitignore

@@ -127,3 +127,4 @@ MCP/build/
 MCP/.env
 MCP/node_modules 
 Dashboard/public/sw.js
+.claude/settings.local.json

APIReference/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

APIReference/Service/Authentication.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Retrieve resources documentation
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -16,7 +17,7 @@ export default class ServiceHandler {
 
     // Extract page parameter from request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set default page title and description for the authentication page
     pageTitle = "Authentication";

APIReference/Service/DataType.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -12,9 +13,9 @@ export default class ServiceHandler {
     _req: ExpressRequest,
     res: ExpressResponse,
   ): Promise<void> {
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
-    pageData.selectCode = await LocalCache.getOrSetString(
+    pageData["selectCode"] = await LocalCache.getOrSetString(
       "data-type",
       "select",
       async () => {
@@ -22,7 +23,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.sortCode = await LocalCache.getOrSetString(
+    pageData["sortCode"] = await LocalCache.getOrSetString(
       "data-type",
       "sort",
       async () => {
@@ -30,7 +31,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToCode = await LocalCache.getOrSetString(
+    pageData["equalToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to",
       async () => {
@@ -38,7 +39,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.equalToOrNullCode = await LocalCache.getOrSetString(
+    pageData["equalToOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "equal-to-or-null",
       async () => {
@@ -48,7 +49,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanCode = await LocalCache.getOrSetString(
+    pageData["greaterThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than",
       async () => {
@@ -58,7 +59,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "greater-than-or-equal",
       async () => {
@@ -68,7 +69,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanCode = await LocalCache.getOrSetString(
+    pageData["lessThanCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than",
       async () => {
@@ -78,7 +79,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrEqualCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrEqualCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -88,7 +89,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.includesCode = await LocalCache.getOrSetString(
+    pageData["includesCode"] = await LocalCache.getOrSetString(
       "data-type",
       "includes",
       async () => {
@@ -98,7 +99,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.lessThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["lessThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -108,7 +109,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.greaterThanOrNullCode = await LocalCache.getOrSetString(
+    pageData["greaterThanOrNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "less-than-or-equal",
       async () => {
@@ -118,7 +119,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.isNullCode = await LocalCache.getOrSetString(
+    pageData["isNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "is-null",
       async () => {
@@ -126,7 +127,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notNullCode = await LocalCache.getOrSetString(
+    pageData["notNullCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-null",
       async () => {
@@ -134,7 +135,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.notEqualToCode = await LocalCache.getOrSetString(
+    pageData["notEqualToCode"] = await LocalCache.getOrSetString(
       "data-type",
       "not-equals",
       async () => {

APIReference/Service/Errors.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -17,7 +18,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set the default page title and description
     pageTitle = "Errors";

APIReference/Service/Introduction.ts

@@ -2,6 +2,7 @@ import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
 import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
+import Dictionary from "Common/Types/Dictionary";
 
 // Get all resources and featured resources from ResourceUtil
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -20,10 +21,10 @@ export default class ServiceHandler {
 
     // Get the requested page from the URL parameters
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set featured resources for the page
-    pageData.featuredResources = FeaturedResources;
+    pageData["featuredResources"] = FeaturedResources;
 
     // Set page title and description
     pageTitle = "Introduction";

APIReference/Service/Model.ts

@@ -3,7 +3,10 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import PageNotFoundServiceHandler from "./PageNotFound";
 import { AppApiRoute } from "Common/ServiceRoute";
 import { ColumnAccessControl } from "Common/Types/BaseDatabase/AccessControl";
-import { getTableColumns } from "Common/Types/Database/TableColumn";
+import {
+  getTableColumns,
+  TableColumnMetadata,
+} from "Common/Types/Database/TableColumn";
 import Dictionary from "Common/Types/Dictionary";
 import ObjectID from "Common/Types/ObjectID";
 import Permission, {
@@ -33,7 +36,7 @@ export default class ServiceHandler {
     let pageTitle: string = "";
     let pageDescription: string = "";
     let page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Check if page is provided
     if (!page) {
@@ -56,7 +59,9 @@ export default class ServiceHandler {
     page = "model";
 
     // Get table columns for current resource
-    const tableColumns: any = getTableColumns(currentResource.model);
+    const tableColumns: Dictionary<TableColumnMetadata> = getTableColumns(
+      currentResource.model,
+    );
 
     // Filter out columns with no access
     for (const key in tableColumns) {
@@ -77,12 +82,14 @@ export default class ServiceHandler {
         continue;
       }
 
-      if (tableColumns[key].hideColumnInDocumentation) {
+      if (tableColumns[key] && tableColumns[key]!.hideColumnInDocumentation) {
         delete tableColumns[key];
         continue;
       }
 
-      tableColumns[key].permissions = accessControl;
+      if (tableColumns[key]) {
+        (tableColumns[key] as any).permissions = accessControl;
+      }
     }
 
     // Remove unnecessary columns
@@ -92,11 +99,11 @@ export default class ServiceHandler {
     delete tableColumns["version"];
 
     // Set page data
-    pageData.title = currentResource.model.singularName;
-    pageData.description = currentResource.model.tableDescription;
-    pageData.columns = tableColumns;
+    pageData["title"] = currentResource.model.singularName;
+    pageData["description"] = currentResource.model.tableDescription;
+    pageData["columns"] = tableColumns;
 
-    pageData.tablePermissions = {
+    pageData["tablePermissions"] = {
       read: currentResource.model.readRecordPermissions.map(
         (permission: Permission) => {
           return PermissionDictionary[permission];
@@ -120,7 +127,7 @@ export default class ServiceHandler {
     };
 
     // Cache the list request data
-    pageData.listRequest = await LocalCache.getOrSetString(
+    pageData["listRequest"] = await LocalCache.getOrSetString(
       "model",
       "list-request",
       async () => {
@@ -130,7 +137,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item request data
-    pageData.itemRequest = await LocalCache.getOrSetString(
+    pageData["itemRequest"] = await LocalCache.getOrSetString(
       "model",
       "item-request",
       async () => {
@@ -140,7 +147,7 @@ export default class ServiceHandler {
     );
 
     // Cache the item response data
-    pageData.itemResponse = await LocalCache.getOrSetString(
+    pageData["itemResponse"] = await LocalCache.getOrSetString(
       "model",
       "item-response",
       async () => {
@@ -152,7 +159,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count request data
-    pageData.countRequest = await LocalCache.getOrSetString(
+    pageData["countRequest"] = await LocalCache.getOrSetString(
       "model",
       "count-request",
       async () => {
@@ -164,7 +171,7 @@ export default class ServiceHandler {
     );
 
     // Cache the count response data
-    pageData.countResponse = await LocalCache.getOrSetString(
+    pageData["countResponse"] = await LocalCache.getOrSetString(
       "model",
       "count-response",
       async () => {
@@ -175,7 +182,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateRequest = await LocalCache.getOrSetString(
+    pageData["updateRequest"] = await LocalCache.getOrSetString(
       "model",
       "update-request",
       async () => {
@@ -186,7 +193,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.updateResponse = await LocalCache.getOrSetString(
+    pageData["updateResponse"] = await LocalCache.getOrSetString(
       "model",
       "update-response",
       async () => {
@@ -197,7 +204,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createRequest = await LocalCache.getOrSetString(
+    pageData["createRequest"] = await LocalCache.getOrSetString(
       "model",
       "create-request",
       async () => {
@@ -208,7 +215,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.createResponse = await LocalCache.getOrSetString(
+    pageData["createResponse"] = await LocalCache.getOrSetString(
       "model",
       "create-response",
       async () => {
@@ -219,7 +226,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteRequest = await LocalCache.getOrSetString(
+    pageData["deleteRequest"] = await LocalCache.getOrSetString(
       "model",
       "delete-request",
       async () => {
@@ -230,7 +237,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.deleteResponse = await LocalCache.getOrSetString(
+    pageData["deleteResponse"] = await LocalCache.getOrSetString(
       "model",
       "delete-response",
       async () => {
@@ -242,7 +249,7 @@ export default class ServiceHandler {
     );
 
     // Get list response from cache or set it if it's not available
-    pageData.listResponse = await LocalCache.getOrSetString(
+    pageData["listResponse"] = await LocalCache.getOrSetString(
       "model",
       "list-response",
       async () => {
@@ -254,14 +261,15 @@ export default class ServiceHandler {
     );
 
     // Generate a unique ID for the example object
-    pageData.exampleObjectID = ObjectID.generate();
+    pageData["exampleObjectID"] = ObjectID.generate();
 
     // Construct the API path for the current resource
-    pageData.apiPath =
+    pageData["apiPath"] =
       AppApiRoute.toString() + currentResource.model.crudApiPath?.toString();
 
     // Check if the current resource is a master admin API
-    pageData.isMasterAdminApiDocs = currentResource.model.isMasterAdminApiDocs;
+    pageData["isMasterAdminApiDocs"] =
+      currentResource.model.isMasterAdminApiDocs;
 
     // Render the index page with the required data
     return res.render(`${ViewsPath}/pages/index`, {

APIReference/Service/OpenAPI.ts

@@ -7,6 +7,7 @@ import { ViewsPath } from "../Utils/Config";
 import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import URL from "Common/Types/API/URL";
+import Dictionary from "Common/Types/Dictionary";
 
 // Fetch a list of resources used in the application
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
@@ -22,7 +23,7 @@ export default class ServiceHandler {
 
     // Get the 'page' parameter from the request
     const page: string | undefined = req.params["page"];
-    const pageData: any = {
+    const pageData: Dictionary<unknown> = {
       hostUrl: new URL(HttpProtocol, Host).toString(),
     };
 

APIReference/Service/Pagination.ts

@@ -4,6 +4,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import LocalCache from "Common/Server/Infrastructure/LocalCache";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import LocalFile from "Common/Server/Utils/LocalFile";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources(); // Get all resources from ResourceUtil
 
@@ -15,14 +16,14 @@ export default class ServiceHandler {
     let pageTitle: string = ""; // Initialize page title
     let pageDescription: string = ""; // Initialize page description
     const page: string | undefined = req.params["page"]; // Get the page parameter from the request
-    const pageData: any = {}; // Initialize page data object
+    const pageData: Dictionary<unknown> = {}; // Initialize page data object
 
     // Set page title and description
     pageTitle = "Pagination";
     pageDescription = "Learn how to paginate requests with OneUptime API";
 
     // Get response and request code from LocalCache or LocalFile
-    pageData.responseCode = await LocalCache.getOrSetString(
+    pageData["responseCode"] = await LocalCache.getOrSetString(
       "pagination",
       "response",
       async () => {
@@ -33,7 +34,7 @@ export default class ServiceHandler {
       },
     );
 
-    pageData.requestCode = await LocalCache.getOrSetString(
+    pageData["requestCode"] = await LocalCache.getOrSetString(
       "pagination",
       "request",
       async () => {

APIReference/Service/Permissions.ts

@@ -3,6 +3,7 @@ import ResourceUtil, { ModelDocumentation } from "../Utils/Resources";
 import { PermissionHelper, PermissionProps } from "Common/Types/Permission";
 import { ExpressRequest, ExpressResponse } from "Common/Server/Utils/Express";
 import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
+import Dictionary from "Common/Types/Dictionary";
 
 const Resources: Array<ModelDocumentation> = ResourceUtil.getResources();
 
@@ -17,14 +18,14 @@ export default class ServiceHandler {
 
     // Get the requested page
     const page: string | undefined = req.params["page"];
-    const pageData: any = {};
+    const pageData: Dictionary<unknown> = {};
 
     // Set page title and description
     pageTitle = "Permissions";
     pageDescription = "Learn how permissions work with OneUptime";
 
     // Filter permissions to only include those assignable to tenants
-    pageData.permissions = PermissionHelper.getAllPermissionProps().filter(
+    pageData["permissions"] = PermissionHelper.getAllPermissionProps().filter(
       (i: PermissionProps) => {
         return i.isAssignableToTenant;
       },

APIReference/nodemon.json

@@ -1,8 +1,14 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
-    "exec": "node --inspect=0.0.0.0:9229 --require ts-node/register Index.ts"
+    "watchOptions": {"useFsEvents": false, "interval": 500},
+    "env": {"TS_NODE_TRANSPILE_ONLY": "1", "TS_NODE_FILES": "false"},
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

APIReference/package-lock.json

@@ -66,6 +66,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",

APIReference/views/partials/head.ejs

@@ -135,7 +135,6 @@
    <link rel="apple-touch-icon-precomposed" href="/img/ou-wb.svg">
    <link rel="icon" href="/img/ou-wb.svg">
    <link rel="image_src" type="image/png" href="/img/hou-wb.svg">
-   <link rel="canonical" href="/">
    <link rel="manifest" href="/manifest.json">
    <meta property="og:title" content="OneUptime - One Complete Observability platform.">
    <meta property="og:url" content="https://oneuptime.com">

Accounts/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

Accounts/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

Accounts/package-lock.json

@@ -70,6 +70,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",

Accounts/src/Pages/Login.tsx

@@ -1,6 +1,8 @@
 import {
   LOGIN_API_URL,
-  VERIFY_TWO_FACTOR_AUTH_API_URL,
+  VERIFY_TOTP_AUTH_API_URL,
+  GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+  VERIFY_WEBAUTHN_AUTH_API_URL,
 } from "../Utils/ApiPaths";
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
@@ -12,17 +14,20 @@ import { DASHBOARD_URL } from "Common/UI/Config";
 import OneUptimeLogo from "Common/UI/Images/logos/OneUptimeSVG/3-transparent.svg";
 import UiAnalytics from "Common/UI/Utils/Analytics";
 import LoginUtil from "Common/UI/Utils/Login";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
 import Navigation from "Common/UI/Utils/Navigation";
 import UserUtil from "Common/UI/Utils/User";
 import User from "Common/Models/DatabaseModels/User";
 import React from "react";
 import useAsyncEffect from "use-async-effect";
-import StaticModelList from "Common/UI/Components/ModelList/StaticModelList";
 import BasicForm from "Common/UI/Components/Forms/BasicForm";
 import API from "Common/UI/Utils/API/API";
 import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
 import HTTPResponse from "Common/Types/API/HTTPResponse";
+import Base64 from "Common/Utils/Base64";
+import ErrorMessage from "Common/UI/Components/ErrorMessage/ErrorMessage";
+import ComponentLoader from "Common/UI/Components/ComponentLoader/ComponentLoader";
 
 const LoginPage: () => JSX.Element = () => {
   const apiUrl: URL = LOGIN_API_URL;
@@ -36,14 +41,32 @@ const LoginPage: () => JSX.Element = () => {
   const [showTwoFactorAuth, setShowTwoFactorAuth] =
     React.useState<boolean>(false);
 
-  const [twoFactorAuthList, setTwoFactorAuthList] = React.useState<
-    UserTwoFactorAuth[]
-  >([]);
+  const [totpAuthList, setTotpAuthList] = React.useState<UserTotpAuth[]>([]);
 
-  const [selectedTwoFactorAuth, setSelectedTwoFactorAuth] = React.useState<
-    UserTwoFactorAuth | undefined
+  const [webAuthnList, setWebAuthnList] = React.useState<UserWebAuthn[]>([]);
+
+  const [selectedTotpAuth, setSelectedTotpAuth] = React.useState<
+    UserTotpAuth | undefined
   >(undefined);
 
+  const [selectedWebAuthn, setSelectedWebAuthn] = React.useState<
+    UserWebAuthn | undefined
+  >(undefined);
+
+  type TwoFactorMethod = {
+    type: "totp" | "webauthn";
+    item: UserTotpAuth | UserWebAuthn;
+  };
+
+  const twoFactorMethods: TwoFactorMethod[] = [
+    ...totpAuthList.map((item: UserTotpAuth) => {
+      return { type: "totp" as const, item };
+    }),
+    ...webAuthnList.map((item: UserWebAuthn) => {
+      return { type: "webauthn" as const, item };
+    }),
+  ];
+
   const [isTwoFactorAuthLoading, setIsTwoFactorAuthLoading] =
     React.useState<boolean>(false);
   const [twofactorAuthError, setTwoFactorAuthError] =
@@ -57,6 +80,96 @@ const LoginPage: () => JSX.Element = () => {
     }
   }, []);
 
+  useAsyncEffect(async () => {
+    if (selectedWebAuthn) {
+      setIsTwoFactorAuthLoading(true);
+      try {
+        const result: HTTPResponse<JSONObject> = await API.post({
+          url: GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL,
+          data: {
+            data: {
+              email: initialValues["email"],
+            },
+          },
+        });
+
+        if (result instanceof HTTPErrorResponse) {
+          throw result;
+        }
+
+        const data: any = result.data as any;
+
+        // Convert base64url strings back to Uint8Array
+        data.options.challenge = Base64.base64UrlToUint8Array(
+          data.options.challenge,
+        );
+        if (data.options.allowCredentials) {
+          data.options.allowCredentials.forEach((cred: any) => {
+            cred.id = Base64.base64UrlToUint8Array(cred.id);
+          });
+        }
+
+        // Use WebAuthn API
+        const credential: PublicKeyCredential =
+          (await navigator.credentials.get({
+            publicKey: data.options,
+          })) as PublicKeyCredential;
+
+        const assertionResponse: AuthenticatorAssertionResponse =
+          credential.response as AuthenticatorAssertionResponse;
+
+        // Verify
+        const verifyResult: HTTPResponse<JSONObject> = await API.post({
+          url: VERIFY_WEBAUTHN_AUTH_API_URL,
+          data: {
+            data: {
+              ...initialValues,
+              challenge: data.challenge,
+              credential: {
+                id: credential.id,
+                rawId: Base64.uint8ArrayToBase64Url(
+                  new Uint8Array(credential.rawId),
+                ),
+                response: {
+                  authenticatorData: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.authenticatorData),
+                  ),
+                  clientDataJSON: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.clientDataJSON),
+                  ),
+                  signature: Base64.uint8ArrayToBase64Url(
+                    new Uint8Array(assertionResponse.signature),
+                  ),
+                  userHandle: assertionResponse.userHandle
+                    ? Base64.uint8ArrayToBase64Url(
+                        new Uint8Array(assertionResponse.userHandle),
+                      )
+                    : null,
+                },
+                type: credential.type,
+              },
+            },
+          },
+        });
+
+        if (verifyResult instanceof HTTPErrorResponse) {
+          throw verifyResult;
+        }
+
+        const user: User = User.fromJSON(
+          verifyResult.data as JSONObject,
+          User,
+        ) as User;
+        const miscData: JSONObject = {};
+
+        login(user as User, miscData);
+      } catch (error) {
+        setTwoFactorAuthError(API.getFriendlyErrorMessage(error as Error));
+      }
+      setIsTwoFactorAuthLoading(false);
+    }
+  }, [selectedWebAuthn]);
+
   type LoginFunction = (user: User, miscData: JSONObject) => void;
 
   const login: LoginFunction = (user: User, miscData: JSONObject): void => {
@@ -156,16 +269,23 @@ const LoginPage: () => JSX.Element = () => {
               ) => {
                 if (
                   miscData &&
-                  (miscData as JSONObject)["twoFactorAuth"] === true
+                  ((((miscData as JSONObject)["totpAuthList"] as JSONArray)
+                    ?.length || 0) > 0 ||
+                    (((miscData as JSONObject)["webAuthnList"] as JSONArray)
+                      ?.length || 0) > 0)
                 ) {
-                  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-                    UserTwoFactorAuth.fromJSONArray(
-                      (miscData as JSONObject)[
-                        "twoFactorAuthList"
-                      ] as JSONArray,
-                      UserTwoFactorAuth,
+                  const totpAuthList: Array<UserTotpAuth> =
+                    UserTotpAuth.fromJSONArray(
+                      (miscData as JSONObject)["totpAuthList"] as JSONArray,
+                      UserTotpAuth,
                     );
-                  setTwoFactorAuthList(twoFactorAuthList);
+                  const webAuthnList: Array<UserWebAuthn> =
+                    UserWebAuthn.fromJSONArray(
+                      (miscData as JSONObject)["webAuthnList"] as JSONArray,
+                      UserWebAuthn,
+                    );
+                  setTotpAuthList(totpAuthList);
+                  setWebAuthnList(webAuthnList);
                   setShowTwoFactorAuth(true);
                   return;
                 }
@@ -187,19 +307,53 @@ const LoginPage: () => JSX.Element = () => {
             />
           )}
 
-          {showTwoFactorAuth && !selectedTwoFactorAuth && (
-            <StaticModelList<UserTwoFactorAuth>
-              titleField="name"
-              descriptionField=""
-              selectedItems={[]}
-              list={twoFactorAuthList}
-              onClick={(item: UserTwoFactorAuth) => {
-                setSelectedTwoFactorAuth(item);
-              }}
-            />
+          {showTwoFactorAuth && !selectedTotpAuth && !selectedWebAuthn && (
+            <div className="space-y-4">
+              {twoFactorMethods.map(
+                (method: TwoFactorMethod, index: number) => {
+                  return (
+                    <div
+                      key={index}
+                      className="cursor-pointer p-4 border border-gray-300 rounded-lg hover:bg-gray-50"
+                      onClick={() => {
+                        if (method.type === "totp") {
+                          setSelectedTotpAuth(method.item as UserTotpAuth);
+                        } else {
+                          setSelectedWebAuthn(method.item as UserWebAuthn);
+                        }
+                      }}
+                    >
+                      <div className="font-medium">
+                        {(method.item as any).name}
+                      </div>
+                      <div className="text-sm text-gray-500">
+                        {method.type === "totp"
+                          ? "Authenticator App"
+                          : "Security Key"}
+                      </div>
+                    </div>
+                  );
+                },
+              )}
+            </div>
           )}
 
-          {showTwoFactorAuth && selectedTwoFactorAuth && (
+          {showTwoFactorAuth && selectedWebAuthn && (
+            <div className="text-center">
+              <div className="text-lg font-medium mb-4">
+                Authenticating with Security Key
+              </div>
+              <div className="text-sm text-gray-500 mb-4">
+                Please follow the instructions on your security key device.
+              </div>
+              {isTwoFactorAuthLoading && <ComponentLoader />}
+              {twofactorAuthError && (
+                <ErrorMessage message={twofactorAuthError} />
+              )}
+            </div>
+          )}
+
+          {showTwoFactorAuth && selectedTotpAuth && (
             <BasicForm
               id="two-factor-auth-form"
               name="Two Factor Auth"
@@ -225,14 +379,17 @@ const LoginPage: () => JSX.Element = () => {
                 try {
                   const code: string = data["code"] as string;
                   const twoFactorAuthId: string =
-                    selectedTwoFactorAuth.id?.toString() as string;
+                    selectedTotpAuth!.id?.toString() as string;
 
                   const result: HTTPErrorResponse | HTTPResponse<JSONObject> =
-                    await API.post(VERIFY_TWO_FACTOR_AUTH_API_URL, {
+                    await API.post({
+                      url: VERIFY_TOTP_AUTH_API_URL,
                       data: {
-                        ...initialValues,
-                        code: code,
-                        twoFactorAuthId: twoFactorAuthId,
+                        data: {
+                          ...initialValues,
+                          code: code,
+                          twoFactorAuthId: twoFactorAuthId,
+                        },
                       },
                     });
 
@@ -261,7 +418,7 @@ const LoginPage: () => JSX.Element = () => {
           )}
         </div>
         <div className="mt-10 text-center">
-          {!selectedTwoFactorAuth && (
+          {!selectedTotpAuth && !selectedWebAuthn && (
             <div className="text-muted mb-0 text-gray-500">
               Don&apos;t have an account?{" "}
               <Link
@@ -272,11 +429,12 @@ const LoginPage: () => JSX.Element = () => {
               </Link>
             </div>
           )}
-          {selectedTwoFactorAuth ? (
+          {selectedTotpAuth || selectedWebAuthn ? (
             <div className="text-muted mb-0 text-gray-500">
               <Link
                 onClick={() => {
-                  setSelectedTwoFactorAuth(undefined);
+                  setSelectedTotpAuth(undefined);
+                  setSelectedWebAuthn(undefined);
                 }}
                 className="text-indigo-500 hover:text-indigo-900 cursor-pointer"
               >

Accounts/src/Pages/LoginWithSSO.tsx

@@ -42,12 +42,12 @@ const LoginPage: () => JSX.Element = () => {
       try {
         // get sso config by email.
         const listResult: HTTPErrorResponse | HTTPResponse<JSONArray> =
-          await API.get(
-            URL.fromString(apiUrl.toString()).addQueryParam(
+          await API.get({
+            url: URL.fromString(apiUrl.toString()).addQueryParam(
               "email",
               email.toString(),
             ),
-          );
+          });
 
         if (listResult instanceof HTTPErrorResponse) {
           throw listResult;

Accounts/src/Utils/ApiPaths.ts

@@ -1,6 +1,6 @@
 import Route from "Common/Types/API/Route";
 import URL from "Common/Types/API/URL";
-import { IDENTITY_URL } from "Common/UI/Config";
+import { IDENTITY_URL, APP_API_URL } from "Common/UI/Config";
 
 export const SIGNUP_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/signup"),
@@ -9,9 +9,17 @@ export const LOGIN_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
   new Route("/login"),
 );
 
-export const VERIFY_TWO_FACTOR_AUTH_API_URL: URL = URL.fromURL(
+export const VERIFY_TOTP_AUTH_API_URL: URL = URL.fromURL(IDENTITY_URL).addRoute(
+  new Route("/verify-totp-auth"),
+);
+
+export const GENERATE_WEBAUTHN_AUTH_OPTIONS_API_URL: URL = URL.fromURL(
+  APP_API_URL,
+).addRoute(new Route("/user-webauthn/generate-authentication-options"));
+
+export const VERIFY_WEBAUTHN_AUTH_API_URL: URL = URL.fromURL(
   IDENTITY_URL,
-).addRoute(new Route("/verify-two-factor-auth"));
+).addRoute(new Route("/verify-webauthn-auth"));
 
 export const SERVICE_PROVIDER_LOGIN_URL: URL = URL.fromURL(
   IDENTITY_URL,

AdminDashboard/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

AdminDashboard/nodemon.json

@@ -1,7 +1,10 @@
 {
     "watch": ["./","../Common/UI", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
         "./public/**",
         "./public/dist/**",
         "./build/*",

AdminDashboard/package-lock.json

@@ -69,6 +69,7 @@
                 "crypto-js": "^4.2.0",
                 "dotenv": "^16.4.4",
                 "ejs": "^3.1.10",
+                "elkjs": "^0.10.0",
                 "esbuild": "^0.25.5",
                 "express": "^4.21.1",
                 "formik": "^2.4.6",

AdminDashboard/src/App.tsx

@@ -5,6 +5,7 @@ import Projects from "./Pages/Projects/Index";
 import SettingsAPIKey from "./Pages/Settings/APIKey/Index";
 import SettingsAuthentication from "./Pages/Settings/Authentication/Index";
 import SettingsCallSMS from "./Pages/Settings/CallSMS/Index";
+import SettingsWhatsApp from "./Pages/Settings/WhatsApp/Index";
 // Settings Pages.
 import SettingsEmail from "./Pages/Settings/Email/Index";
 import SettingsProbes from "./Pages/Settings/Probes/Index";
@@ -105,6 +106,11 @@ const App: () => JSX.Element = () => {
           element={<SettingsCallSMS />}
         />
 
+        <PageRoute
+          path={RouteMap[PageMap.SETTINGS_WHATSAPP]?.toString() || ""}
+          element={<SettingsWhatsApp />}
+        />
+
         <PageRoute
           path={RouteMap[PageMap.SETTINGS_PROBES]?.toString() || ""}
           element={<SettingsProbes />}

AdminDashboard/src/Components/Footer/Footer.tsx

@@ -54,9 +54,9 @@ const DashboardFooter: () => JSX.Element = () => {
   const fetchAppVersion: (appName: string) => Promise<JSONObject> = async (
     appName: string,
   ): Promise<JSONObject> => {
-    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>(
-      URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
-    );
+    const response: HTTPResponse<JSONObject> = await API.get<JSONObject>({
+      url: URL.fromString(`${HTTP_PROTOCOL}/${HOST}${appName}/version`),
+    });
 
     if (response.data) {
       return response.data as JSONObject;

AdminDashboard/src/Pages/Settings/SideMenu.tsx

@@ -50,6 +50,15 @@ const DashboardSideMenu: () => JSX.Element = (): ReactElement => {
           }}
           icon={IconProp.Call}
         />
+        <SideMenuItem
+          link={{
+            title: "WhatsApp",
+            to: RouteUtil.populateRouteParams(
+              RouteMap[PageMap.SETTINGS_WHATSAPP] as Route,
+            ),
+          }}
+          icon={IconProp.WhatsApp}
+        />
       </SideMenuSection>
 
       <SideMenuSection title="Monitoring">

AdminDashboard/src/Pages/Settings/WhatsApp/Index.tsx

@@ -0,0 +1,454 @@
+import PageMap from "../../../Utils/PageMap";
+import RouteMap, { RouteUtil } from "../../../Utils/RouteMap";
+import DashboardSideMenu from "../SideMenu";
+import Route from "Common/Types/API/Route";
+import ObjectID from "Common/Types/ObjectID";
+import FormFieldSchemaType from "Common/UI/Components/Forms/Types/FormFieldSchemaType";
+import CardModelDetail from "Common/UI/Components/ModelDetail/CardModelDetail";
+import Page from "Common/UI/Components/Page/Page";
+import FieldType from "Common/UI/Components/Types/FieldType";
+import GlobalConfig from "Common/Models/DatabaseModels/GlobalConfig";
+import React, { FunctionComponent, ReactElement, useState } from "react";
+import Card from "Common/UI/Components/Card/Card";
+import MarkdownViewer from "Common/UI/Components/Markdown.tsx/MarkdownViewer";
+import BasicForm from "Common/UI/Components/Forms/BasicForm";
+import Alert, { AlertType } from "Common/UI/Components/Alerts/Alert";
+import { JSONObject } from "Common/Types/JSON";
+import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
+import HTTPResponse from "Common/Types/API/HTTPResponse";
+import URL from "Common/Types/API/URL";
+import API from "Common/UI/Utils/API/API";
+import { APP_API_URL } from "Common/UI/Config";
+import WhatsAppTemplateMessages, {
+  WhatsAppTemplateId,
+  WhatsAppTemplateIds,
+  WhatsAppTemplateLanguage,
+} from "Common/Types/WhatsApp/WhatsAppTemplates";
+
+type ToFriendlyName = (value: string) => string;
+
+const toFriendlyName: ToFriendlyName = (value: string): string => {
+  return value
+    .replace(/([a-z0-9])([A-Z])/g, "$1 $2")
+    .replace(/_/g, " ")
+    .replace(/\s+/g, " ")
+    .trim();
+};
+
+type ExtractTemplateVariables = (template: string) => Array<string>;
+
+const extractTemplateVariables: ExtractTemplateVariables = (
+  template: string,
+): Array<string> => {
+  const matches: RegExpMatchArray | null = template.match(/\{\{(.*?)\}\}/g);
+
+  if (!matches) {
+    return [];
+  }
+
+  const uniqueVariables: Set<string> = new Set<string>();
+
+  for (const match of matches) {
+    const variable: string = match.replace("{{", "").replace("}}", "").trim();
+
+    if (variable) {
+      uniqueVariables.add(variable);
+    }
+  }
+
+  return Array.from(uniqueVariables).sort((a: string, b: string) => {
+    return a.localeCompare(b);
+  });
+};
+
+type BuildWhatsAppSetupMarkdown = () => string;
+
+const buildWhatsAppSetupMarkdown: BuildWhatsAppSetupMarkdown = (): string => {
+  const templateKeys: Array<keyof typeof WhatsAppTemplateIds> = Object.keys(
+    WhatsAppTemplateIds,
+  ) as Array<keyof typeof WhatsAppTemplateIds>;
+
+  const description: string =
+    "Follow these steps to connect Meta WhatsApp with OneUptime so notifications can be delivered via WhatsApp.";
+
+  const prerequisitesList: Array<string> = [
+    "Meta Business Manager admin access for the WhatsApp Business Account.",
+    "A WhatsApp Business phone number approved for API messaging.",
+    "Admin access to OneUptime with permission to edit global notification settings.",
+  ];
+
+  const setupStepsList: Array<string> = [
+    "Sign in to the [Meta Business Manager](https://business.facebook.com/) with admin access to your WhatsApp Business Account.",
+    "From **Business Settings → Accounts → WhatsApp Accounts**, create or select the account that owns your sender phone number.",
+    "In Buisness Portfolio, create a system user and assign it to the WhatsApp Business Account with the role of **Admin**.",
+    "Under **WhatsApp Manager → API Setup**, generate a long-lived access token and copy the phone number ID.",
+    "Paste the access token and phone number ID into the **Meta WhatsApp Settings** card above, then save.",
+    "For the **Business Account ID**, go to **Business Settings → Business Info** (or **Business Settings → WhatsApp Accounts → Settings**) and copy the **WhatsApp Business Account ID** value.",
+    "To locate the **App ID** and **App Secret**, open [Meta for Developers](https://developers.facebook.com/apps/), select your WhatsApp app, then navigate to **Settings → Basic**. The App ID is shown at the top; click **Show** next to **App Secret** to reveal and copy it.",
+    "Create each template listed below in the Meta WhatsApp Manager. Make sure the template name, language, and variables match exactly. Please make sure it's approved by Meta.",
+    "Send a test notification from OneUptime to confirm that WhatsApp delivery succeeds.",
+  ];
+
+  const prerequisitesMarkdown: string = prerequisitesList
+    .map((item: string) => {
+      return `- ${item}`;
+    })
+    .join("\n");
+
+  const setupStepsMarkdown: string = setupStepsList
+    .map((item: string, index: number) => {
+      return `${index + 1}. ${item}`;
+    })
+    .join("\n");
+
+  const tableRows: string = templateKeys
+    .map((enumKey: keyof typeof WhatsAppTemplateIds) => {
+      const templateId: WhatsAppTemplateId = WhatsAppTemplateIds[enumKey];
+      const friendlyName: string = toFriendlyName(enumKey.toString());
+      const templateMessage: string = WhatsAppTemplateMessages[templateId];
+      const language: string = WhatsAppTemplateLanguage[templateId] || "en";
+      const variables: Array<string> =
+        extractTemplateVariables(templateMessage);
+      const variableList: string =
+        variables.length > 0
+          ? variables
+              .map((variable: string) => {
+                return `\`${variable}\``;
+              })
+              .join(", ")
+          : "_None_";
+
+      return `| ${friendlyName} | \`${templateId}\` | ${language} | ${variableList} |`;
+    })
+    .join("\n");
+
+  const templateBodies: string = templateKeys
+    .map((enumKey: keyof typeof WhatsAppTemplateIds) => {
+      const templateId: WhatsAppTemplateId = WhatsAppTemplateIds[enumKey];
+      const friendlyName: string = toFriendlyName(enumKey.toString());
+      const templateMessage: string = WhatsAppTemplateMessages[templateId];
+      const language: string = WhatsAppTemplateLanguage[templateId] || "en";
+      const variables: Array<string> =
+        extractTemplateVariables(templateMessage);
+      const variableMarkdown: string =
+        variables.length > 0
+          ? variables
+              .map((variable: string) => {
+                return `- \`${variable}\``;
+              })
+              .join("\n")
+          : "_None_";
+      const variablesHeading: string = variables.length
+        ? `**Variables (${variables.length})**`
+        : "**Variables**";
+
+      return [
+        `#### ${friendlyName}`,
+        "",
+        `**Template Name:** \`${templateId}\``,
+        `**Language:** ${language}`,
+        "",
+        variablesHeading,
+        variableMarkdown,
+        "",
+        "**Body**",
+        "```plaintext",
+        templateMessage,
+        "```",
+        "",
+        "---",
+      ].join("\n");
+    })
+    .join("\n\n");
+
+  const templateSummaryTable: string = [
+    "| Friendly Name | Template Name | Language | Variables |",
+    "| --- | --- | --- | --- |",
+    tableRows,
+  ]
+    .filter(Boolean)
+    .join("\n");
+
+  return [
+    description,
+    "### Prerequisites",
+    prerequisitesMarkdown,
+    "### Setup Steps",
+    setupStepsMarkdown,
+    "### Required WhatsApp Templates",
+    templateSummaryTable,
+    "### Template Bodies",
+    "> Copy the exact template body below—including punctuation and spacing—when creating each template inside Meta. The variables list shows every placeholder that must be configured in WhatsApp Manager.",
+    templateBodies,
+  ]
+    .filter(Boolean)
+    .join("\n\n");
+};
+
+const whatsappSetupMarkdown: string = buildWhatsAppSetupMarkdown();
+
+const SettingsWhatsApp: FunctionComponent = (): ReactElement => {
+  const [isSendingTest, setIsSendingTest] = useState<boolean>(false);
+  const [testError, setTestError] = useState<string>("");
+  const [testSuccess, setTestSuccess] = useState<string>("");
+
+  return (
+    <Page
+      title={"Admin Settings"}
+      breadcrumbLinks={[
+        {
+          title: "Admin Dashboard",
+          to: RouteUtil.populateRouteParams(RouteMap[PageMap.HOME] as Route),
+        },
+        {
+          title: "Settings",
+          to: RouteUtil.populateRouteParams(
+            RouteMap[PageMap.SETTINGS] as Route,
+          ),
+        },
+        {
+          title: "WhatsApp",
+          to: RouteUtil.populateRouteParams(
+            RouteMap[PageMap.SETTINGS_WHATSAPP] as Route,
+          ),
+        },
+      ]}
+      sideMenu={<DashboardSideMenu />}
+    >
+      <CardModelDetail
+        name="Meta WhatsApp Settings"
+        cardProps={{
+          title: "Meta WhatsApp Settings",
+          description:
+            "Configure Meta WhatsApp credentials. These values are used to send WhatsApp notifications from OneUptime.",
+        }}
+        isEditable={true}
+        editButtonText="Edit Meta WhatsApp Config"
+        formSteps={[
+          {
+            title: "Credentials",
+            id: "meta-credentials",
+          },
+          {
+            title: "Meta App",
+            id: "meta-app",
+          },
+        ]}
+        formFields={[
+          {
+            field: {
+              metaWhatsAppAccessToken: true,
+            },
+            title: "Access Token",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.EncryptedText,
+            required: true,
+            description:
+              "Long-lived access token generated in the Meta WhatsApp Business Platform.",
+            placeholder: "EAAG...",
+          },
+          {
+            field: {
+              metaWhatsAppPhoneNumberId: true,
+            },
+            title: "Phone Number ID",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.Text,
+            required: true,
+            description:
+              "The WhatsApp Business phone number ID associated with your sending number.",
+            placeholder: "123456789012345",
+          },
+          {
+            field: {
+              metaWhatsAppBusinessAccountId: true,
+            },
+            title: "Business Account ID",
+            stepId: "meta-credentials",
+            fieldType: FormFieldSchemaType.Text,
+            required: false,
+            description:
+              "Optional Business Account ID that owns the WhatsApp templates.",
+            placeholder: "123456789012345",
+          },
+          {
+            field: {
+              metaWhatsAppAppId: true,
+            },
+            title: "App ID",
+            stepId: "meta-app",
+            fieldType: FormFieldSchemaType.Text,
+            required: false,
+            description:
+              "Optional Facebook App ID tied to your WhatsApp integration.",
+            placeholder: "987654321098765",
+          },
+          {
+            field: {
+              metaWhatsAppAppSecret: true,
+            },
+            title: "App Secret",
+            stepId: "meta-app",
+            fieldType: FormFieldSchemaType.EncryptedText,
+            required: false,
+            description:
+              "Optional Facebook App Secret used for webhook signature verification.",
+            placeholder: "Facebook App Secret",
+          },
+        ]}
+        modelDetailProps={{
+          modelType: GlobalConfig,
+          id: "model-detail-global-config-meta-whatsapp",
+          fields: [
+            {
+              field: {
+                metaWhatsAppAccessToken: true,
+              },
+              title: "Access Token",
+              fieldType: FieldType.HiddenText,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppPhoneNumberId: true,
+              },
+              title: "Phone Number ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppBusinessAccountId: true,
+              },
+              title: "Business Account ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppAppId: true,
+              },
+              title: "App ID",
+              fieldType: FieldType.Text,
+              placeholder: "Not Configured",
+            },
+            {
+              field: {
+                metaWhatsAppAppSecret: true,
+              },
+              title: "App Secret",
+              fieldType: FieldType.HiddenText,
+              placeholder: "Not Configured",
+            },
+          ],
+          modelId: ObjectID.getZeroObjectID(),
+        }}
+      />
+
+      <Card
+        title="Send Test WhatsApp Message"
+        description="Send a test WhatsApp template message to confirm your Meta configuration."
+      >
+        {testSuccess ? (
+          <Alert
+            type={AlertType.SUCCESS}
+            title={testSuccess}
+            className="mb-4"
+          />
+        ) : (
+          <></>
+        )}
+
+        <BasicForm
+          id="send-test-whatsapp-form"
+          name="Send Test WhatsApp Message"
+          isLoading={isSendingTest}
+          error={testError || ""}
+          submitButtonText="Send Test Message"
+          maxPrimaryButtonWidth={true}
+          initialValues={{
+            phoneNumber: "",
+          }}
+          fields={[
+            {
+              field: {
+                phoneNumber: true,
+              },
+              title: "Recipient WhatsApp Number",
+              description:
+                "Enter the full international phone number (including country code) that should receive the test message.",
+              placeholder: "+11234567890",
+              required: true,
+              fieldType: FormFieldSchemaType.Phone,
+              disableSpellCheck: true,
+            },
+          ]}
+          onSubmit={async (
+            values: JSONObject,
+            onSubmitSuccessful?: () => void,
+          ) => {
+            const toPhone: string = String(values["phoneNumber"] || "").trim();
+
+            if (!toPhone) {
+              setTestSuccess("");
+              setTestError(
+                "Please enter a WhatsApp number before sending a test message.",
+              );
+              return;
+            }
+
+            setIsSendingTest(true);
+            setTestError("");
+            setTestSuccess("");
+
+            try {
+              const response: HTTPResponse<JSONObject> | HTTPErrorResponse =
+                await API.post({
+                  url: URL.fromString(APP_API_URL.toString()).addRoute(
+                    "/notification/whatsapp/test",
+                  ),
+                  data: {
+                    toPhone,
+                    templateKey: WhatsAppTemplateIds.TestNotification,
+                    templateLanguageCode:
+                      WhatsAppTemplateLanguage[
+                        WhatsAppTemplateIds.TestNotification
+                      ],
+                  },
+                });
+
+              if (response instanceof HTTPErrorResponse) {
+                throw response;
+              }
+
+              if (response.isFailure()) {
+                throw new Error("Failed to send test WhatsApp message.");
+              }
+
+              setTestSuccess(
+                "Test WhatsApp message sent successfully. Check the recipient device to confirm delivery.",
+              );
+
+              if (onSubmitSuccessful) {
+                onSubmitSuccessful();
+              }
+            } catch (err) {
+              setTestError(API.getFriendlyMessage(err));
+            } finally {
+              setIsSendingTest(false);
+            }
+          }}
+        />
+      </Card>
+
+      <Card
+        title="Meta WhatsApp Setup Guide"
+        description="Steps to connect Meta WhatsApp and the templates you must provision."
+      >
+        <MarkdownViewer text={whatsappSetupMarkdown} />
+      </Card>
+    </Page>
+  );
+};
+
+export default SettingsWhatsApp;

AdminDashboard/src/Utils/PageMap.ts

@@ -15,6 +15,7 @@ enum PageMap {
   SETTINGS_HOST = "SETTINGS_HOST",
   SETTINGS_SMTP = "SETTINGS_SMTP",
   SETTINGS_CALL_AND_SMS = "SETTINGS_CALL_AND_SMS",
+  SETTINGS_WHATSAPP = "SETTINGS_WHATSAPP",
   SETTINGS_PROBES = "SETTINGS_PROBES",
   SETTINGS_AUTHENTICATION = "SETTINGS_AUTHENTICATION",
   SETTINGS_API_KEY = "SETTINGS_API_KEY",

AdminDashboard/src/Utils/RouteMap.ts

@@ -25,6 +25,7 @@ const RouteMap: Dictionary<Route> = {
   [PageMap.SETTINGS_HOST]: new Route(`/admin/settings/host`),
   [PageMap.SETTINGS_SMTP]: new Route(`/admin/settings/smtp`),
   [PageMap.SETTINGS_CALL_AND_SMS]: new Route(`/admin/settings/call-and-sms`),
+  [PageMap.SETTINGS_WHATSAPP]: new Route(`/admin/settings/whatsapp`),
   [PageMap.SETTINGS_PROBES]: new Route(`/admin/settings/probes`),
   [PageMap.SETTINGS_AUTHENTICATION]: new Route(
     `/admin/settings/authentication`,

App/Dockerfile.tpl

@@ -3,7 +3,7 @@
 #
 
 # Pull base image nodejs image.
-FROM public.ecr.aws/docker/library/node:23.8-alpine3.21
+FROM public.ecr.aws/docker/library/node:24.9-alpine3.21
 RUN mkdir /tmp/npm &&  chmod 2777 /tmp/npm && chown 1000:1000 /tmp/npm && npm config set cache /tmp/npm --global
 
 RUN npm config set fetch-retries 5
@@ -17,6 +17,7 @@ ARG APP_VERSION
 
 ENV GIT_SHA=${GIT_SHA}
 ENV APP_VERSION=${APP_VERSION}
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
 
 
 # IF APP_VERSION is not set, set it to 1.0.0

App/FeatureSet/BaseAPI/Index.ts

@@ -1,5 +1,6 @@
 import BaseAPI from "Common/Server/API/BaseAPI";
 import BaseAnalyticsAPI from "Common/Server/API/BaseAnalyticsAPI";
+import BillingAPI from "Common/Server/API/BillingAPI";
 import BillingInvoiceAPI from "Common/Server/API/BillingInvoiceAPI";
 import BillingPaymentMethodAPI from "Common/Server/API/BillingPaymentMethodAPI";
 import CopilotCodeRepositoryAPI from "Common/Server/API/CopilotCodeRepositoryAPI";
@@ -23,12 +24,14 @@ import WorkspaceNotificationRuleAPI from "Common/Server/API/WorkspaceNotificatio
 import StatusPageDomainAPI from "Common/Server/API/StatusPageDomainAPI";
 import StatusPageSubscriberAPI from "Common/Server/API/StatusPageSubscriberAPI";
 import UserCallAPI from "Common/Server/API/UserCallAPI";
-import UserTwoFactorAuthAPI from "Common/Server/API/UserTwoFactorAuthAPI";
+import UserTotpAuthAPI from "Common/Server/API/UserTotpAuthAPI";
+import UserWebAuthnAPI from "Common/Server/API/UserWebAuthnAPI";
 import MonitorTest from "Common/Models/DatabaseModels/MonitorTest";
 // User Notification methods.
 import UserEmailAPI from "Common/Server/API/UserEmailAPI";
 import UserNotificationLogTimelineAPI from "Common/Server/API/UserOnCallLogTimelineAPI";
 import UserSMSAPI from "Common/Server/API/UserSmsAPI";
+import UserWhatsAppAPI from "Common/Server/API/UserWhatsAppAPI";
 import UserPushAPI from "Common/Server/API/UserPushAPI";
 import ApiKeyPermissionService, {
   Service as ApiKeyPermissionServiceType,
@@ -282,6 +285,12 @@ import ShortLinkService, {
 import SmsLogService, {
   Service as SmsLogServiceType,
 } from "Common/Server/Services/SmsLogService";
+import WhatsAppLogService, {
+  Service as WhatsAppLogServiceType,
+} from "Common/Server/Services/WhatsAppLogService";
+import PushNotificationLogService, {
+  Service as PushNotificationLogServiceType,
+} from "Common/Server/Services/PushNotificationLogService";
 import SpanService, {
   SpanService as SpanServiceType,
 } from "Common/Server/Services/SpanService";
@@ -324,6 +333,9 @@ import TeamMemberService, {
 import TeamPermissionService, {
   Service as TeamPermissionServiceType,
 } from "Common/Server/Services/TeamPermissionService";
+import TeamComplianceSettingService, {
+  TeamComplianceSettingService as TeamComplianceSettingServiceType,
+} from "Common/Server/Services/TeamComplianceSettingService";
 import TeamService, {
   Service as TeamServiceType,
 } from "Common/Server/Services/TeamService";
@@ -379,6 +391,8 @@ import Span from "Common/Models/AnalyticsModels/Span";
 import ApiKey from "Common/Models/DatabaseModels/ApiKey";
 import ApiKeyPermission from "Common/Models/DatabaseModels/ApiKeyPermission";
 import CallLog from "Common/Models/DatabaseModels/CallLog";
+import PushNotificationLog from "Common/Models/DatabaseModels/PushNotificationLog";
+import WorkspaceNotificationLog from "Common/Models/DatabaseModels/WorkspaceNotificationLog";
 import Domain from "Common/Models/DatabaseModels/Domain";
 import EmailLog from "Common/Models/DatabaseModels/EmailLog";
 import EmailVerificationToken from "Common/Models/DatabaseModels/EmailVerificationToken";
@@ -448,6 +462,7 @@ import ServiceCatalogOwnerUser from "Common/Models/DatabaseModels/ServiceCatalog
 import ServiceCopilotCodeRepository from "Common/Models/DatabaseModels/ServiceCopilotCodeRepository";
 import ShortLink from "Common/Models/DatabaseModels/ShortLink";
 import SmsLog from "Common/Models/DatabaseModels/SmsLog";
+import WhatsAppLog from "Common/Models/DatabaseModels/WhatsAppLog";
 import StatusPageAnnouncement from "Common/Models/DatabaseModels/StatusPageAnnouncement";
 // Custom Fields API
 import StatusPageCustomField from "Common/Models/DatabaseModels/StatusPageCustomField";
@@ -464,6 +479,7 @@ import StatusPageSSO from "Common/Models/DatabaseModels/StatusPageSso";
 import Team from "Common/Models/DatabaseModels/Team";
 import TeamMember from "Common/Models/DatabaseModels/TeamMember";
 import TeamPermission from "Common/Models/DatabaseModels/TeamPermission";
+import TeamComplianceSetting from "Common/Models/DatabaseModels/TeamComplianceSetting";
 import TelemetryService from "Common/Models/DatabaseModels/TelemetryService";
 import TelemetryUsageBilling from "Common/Models/DatabaseModels/TelemetryUsageBilling";
 import User from "Common/Models/DatabaseModels/User";
@@ -480,6 +496,9 @@ import TelemetryAttribute from "Common/Models/AnalyticsModels/TelemetryAttribute
 import ExceptionInstance from "Common/Models/AnalyticsModels/ExceptionInstance";
 import TelemetyException from "Common/Models/DatabaseModels/TelemetryException";
 import CopilotActionTypePriority from "Common/Models/DatabaseModels/CopilotActionTypePriority";
+import WorkspaceNotificationLogService, {
+  Service as WorkspaceNotificationLogServiceType,
+} from "Common/Server/Services/WorkspaceNotificationLogService";
 
 // scheduled maintenance template
 import ScheduledMaintenanceTemplate from "Common/Models/DatabaseModels/ScheduledMaintenanceTemplate";
@@ -513,6 +532,7 @@ import ScheduledMaintenanceFeedService, {
 } from "Common/Server/Services/ScheduledMaintenanceFeedService";
 
 import SlackAPI from "Common/Server/API/SlackAPI";
+import MicrosoftTeamsAPI from "Common/Server/API/MicrosoftTeamsAPI";
 
 import WorkspaceProjectAuthToken from "Common/Models/DatabaseModels/WorkspaceProjectAuthToken";
 import WorkspaceProjectAuthTokenService, {
@@ -530,11 +550,6 @@ import WorkspaceSettingService, {
   Service as WorkspaceSettingServiceType,
 } from "Common/Server/Services/WorkspaceSettingService";
 
-import ProjectUser from "Common/Models/DatabaseModels/ProjectUser";
-import ProjectUserService, {
-  Service as ProjectUserServiceType,
-} from "Common/Server/Services/ProjectUserService";
-
 import MonitorFeed from "Common/Models/DatabaseModels/MonitorFeed";
 import MonitorFeedService, {
   Service as MonitorFeedServiceType,
@@ -547,10 +562,7 @@ import MetricTypeService, {
 import MetricType from "Common/Models/DatabaseModels/MetricType";
 
 import OnCallDutyPolicyAPI from "Common/Server/API/OnCallDutyPolicyAPI";
-
-// OnCallDutyPolicyOwnerTeam
-// OnCallDutyPolicyOwnerUser
-// OnCallDutyPolicyFeed
+import TeamComplianceAPI from "Common/Server/API/TeamComplianceAPI";
 
 import OnCallDutyPolicyFeed from "Common/Models/DatabaseModels/OnCallDutyPolicyFeed";
 import OnCallDutyPolicyFeedService, {
@@ -583,6 +595,18 @@ import StatusPageAnnouncementTemplateService, {
   Service as StatusPageAnnouncementTemplateServiceType,
 } from "Common/Server/Services/StatusPageAnnouncementTemplateService";
 
+// ProjectSCIM
+import ProjectSCIM from "Common/Models/DatabaseModels/ProjectSCIM";
+import ProjectSCIMService, {
+  Service as ProjectSCIMServiceType,
+} from "Common/Server/Services/ProjectSCIMService";
+
+// StatusPageSCIM
+import StatusPageSCIM from "Common/Models/DatabaseModels/StatusPageSCIM";
+import StatusPageSCIMService, {
+  Service as StatusPageSCIMServiceType,
+} from "Common/Server/Services/StatusPageSCIMService";
+
 // Open API Spec
 import OpenAPI from "Common/Server/API/OpenAPI";
 
@@ -618,6 +642,24 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
+    // Project SCIM
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<ProjectSCIM, ProjectSCIMServiceType>(
+        ProjectSCIM,
+        ProjectSCIMService,
+      ).getRouter(),
+    );
+
+    // Status Page SCIM
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<StatusPageSCIM, StatusPageSCIMServiceType>(
+        StatusPageSCIM,
+        StatusPageSCIMService,
+      ).getRouter(),
+    );
+
     // status page announcement templates
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
@@ -698,14 +740,6 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
-    app.use(
-      `/${APP_NAME.toLocaleLowerCase()}`,
-      new BaseAPI<ProjectUser, ProjectUserServiceType>(
-        ProjectUser,
-        ProjectUserService,
-      ).getRouter(),
-    );
-
     //service provider setting
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
@@ -1142,6 +1176,14 @@ const BaseAPIFeatureSet: FeatureSet = {
       ).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<TeamComplianceSetting, TeamComplianceSettingServiceType>(
+        TeamComplianceSetting,
+        TeamComplianceSettingService,
+      ).getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<MonitorStatus, MonitorStatusServiceType>(
@@ -1501,6 +1543,30 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BaseAPI<SmsLog, SmsLogServiceType>(SmsLog, SmsLogService).getRouter(),
     );
 
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<WhatsAppLog, WhatsAppLogServiceType>(
+        WhatsAppLog,
+        WhatsAppLogService,
+      ).getRouter(),
+    );
+
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<PushNotificationLog, PushNotificationLogServiceType>(
+        PushNotificationLog,
+        PushNotificationLogService,
+      ).getRouter(),
+    );
+
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new BaseAPI<
+        WorkspaceNotificationLog,
+        WorkspaceNotificationLogServiceType
+      >(WorkspaceNotificationLog, WorkspaceNotificationLogService).getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<EmailLog, EmailLogServiceType>(
@@ -1540,7 +1606,6 @@ const BaseAPIFeatureSet: FeatureSet = {
         MonitorTimelineStatusService,
       ).getRouter(),
     );
-
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new ShortLinkAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new MonitorAPI().getRouter());
     app.use(
@@ -1554,6 +1619,12 @@ const BaseAPIFeatureSet: FeatureSet = {
       new OnCallDutyPolicyAPI().getRouter(),
     );
 
+    // TeamComplianceAPI
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new TeamComplianceAPI().getRouter(),
+    );
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new WorkspaceNotificationRuleAPI().getRouter(),
@@ -1578,6 +1649,10 @@ const BaseAPIFeatureSet: FeatureSet = {
       new ResellerPlanAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new SlackAPI().getRouter());
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new MicrosoftTeamsAPI().getRouter(),
+    );
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new GlobalConfigAPI().getRouter(),
@@ -1605,10 +1680,18 @@ const BaseAPIFeatureSet: FeatureSet = {
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserCallAPI().getRouter());
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
-      new UserTwoFactorAuthAPI().getRouter(),
+      new UserTotpAuthAPI().getRouter(),
+    );
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new UserWebAuthnAPI().getRouter(),
     );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserEmailAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserSMSAPI().getRouter());
+    app.use(
+      `/${APP_NAME.toLocaleLowerCase()}`,
+      new UserWhatsAppAPI().getRouter(),
+    );
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new UserPushAPI().getRouter());
     app.use(`/${APP_NAME.toLocaleLowerCase()}`, new ProbeAPI().getRouter());
 
@@ -1629,6 +1712,8 @@ const BaseAPIFeatureSet: FeatureSet = {
       new BillingInvoiceAPI().getRouter(),
     );
 
+    app.use(`/${APP_NAME.toLocaleLowerCase()}`, new BillingAPI().getRouter());
+
     app.use(
       `/${APP_NAME.toLocaleLowerCase()}`,
       new BaseAPI<

App/FeatureSet/Identity/API/Authentication.ts

@@ -24,7 +24,7 @@ import AccessTokenService from "Common/Server/Services/AccessTokenService";
 import EmailVerificationTokenService from "Common/Server/Services/EmailVerificationTokenService";
 import MailService from "Common/Server/Services/MailService";
 import UserService from "Common/Server/Services/UserService";
-import UserTwoFactorAuthService from "Common/Server/Services/UserTwoFactorAuthService";
+import UserTotpAuthService from "Common/Server/Services/UserTotpAuthService";
 import CookieUtil from "Common/Server/Utils/Cookie";
 import Express, {
   ExpressRequest,
@@ -34,10 +34,12 @@ import Express, {
 } from "Common/Server/Utils/Express";
 import logger from "Common/Server/Utils/Logger";
 import Response from "Common/Server/Utils/Response";
-import TwoFactorAuth from "Common/Server/Utils/TwoFactorAuth";
+import TotpAuth from "Common/Server/Utils/TotpAuth";
 import EmailVerificationToken from "Common/Models/DatabaseModels/EmailVerificationToken";
 import User from "Common/Models/DatabaseModels/User";
-import UserTwoFactorAuth from "Common/Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "Common/Models/DatabaseModels/UserTotpAuth";
+import UserWebAuthn from "Common/Models/DatabaseModels/UserWebAuthn";
+import UserWebAuthnService from "Common/Server/Services/UserWebAuthnService";
 
 const router: ExpressRouter = Express.getRouter();
 
@@ -503,7 +505,7 @@ router.post(
 );
 
 router.post(
-  "/verify-two-factor-auth",
+  "/verify-totp-auth",
   async (
     req: ExpressRequest,
     res: ExpressResponse,
@@ -513,7 +515,25 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: true,
+      verifyTotpAuth: true,
+      verifyWebAuthn: false,
+    });
+  },
+);
+
+router.post(
+  "/verify-webauthn-auth",
+  async (
+    req: ExpressRequest,
+    res: ExpressResponse,
+    next: NextFunction,
+  ): Promise<void> => {
+    return login({
+      req: req,
+      res: res,
+      next: next,
+      verifyTotpAuth: false,
+      verifyWebAuthn: true,
     });
   },
 );
@@ -529,62 +549,99 @@ router.post(
       req: req,
       res: res,
       next: next,
-      verifyTwoFactorAuth: false,
+      verifyTotpAuth: false,
+      verifyWebAuthn: false,
     });
   },
 );
 
-type FetchTwoFactorAuthListFunction = (
-  userId: ObjectID,
-) => Promise<Array<UserTwoFactorAuth>>;
+type FetchTotpAuthListFunction = (userId: ObjectID) => Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}>;
 
-const fetchTwoFactorAuthList: FetchTwoFactorAuthListFunction = async (
+const fetchTotpAuthList: FetchTotpAuthListFunction = async (
   userId: ObjectID,
-): Promise<Array<UserTwoFactorAuth>> => {
-  const twoFactorAuthList: Array<UserTwoFactorAuth> =
-    await UserTwoFactorAuthService.findBy({
-      query: {
-        userId: userId,
-        isVerified: true,
-      },
-      select: {
-        _id: true,
-        userId: true,
-        name: true,
-      },
-      limit: LIMIT_PER_PROJECT,
-      skip: 0,
-      props: {
-        isRoot: true,
-      },
-    });
+): Promise<{
+  totpAuthList: Array<UserTotpAuth>;
+  webAuthnList: Array<UserWebAuthn>;
+}> => {
+  const totpAuthList: Array<UserTotpAuth> = await UserTotpAuthService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
 
-  return twoFactorAuthList;
+  const webAuthnList: Array<UserWebAuthn> = await UserWebAuthnService.findBy({
+    query: {
+      userId: userId,
+      isVerified: true,
+    },
+    select: {
+      _id: true,
+      userId: true,
+      name: true,
+    },
+    limit: LIMIT_PER_PROJECT,
+    skip: 0,
+    props: {
+      isRoot: true,
+    },
+  });
+
+  return {
+    totpAuthList: totpAuthList || [],
+    webAuthnList: webAuthnList || [],
+  };
 };
 
 type LoginFunction = (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }) => Promise<void>;
 
 const login: LoginFunction = async (options: {
   req: ExpressRequest;
   res: ExpressResponse;
   next: NextFunction;
-  verifyTwoFactorAuth: boolean;
+  verifyTotpAuth: boolean;
+  verifyWebAuthn: boolean;
 }): Promise<void> => {
   const req: ExpressRequest = options.req;
   const res: ExpressResponse = options.res;
   const next: NextFunction = options.next;
-  const verifyTwoFactorAuth: boolean = options.verifyTwoFactorAuth;
+  const verifyTotpAuth: boolean = options.verifyTotpAuth;
+  const verifyWebAuthn: boolean = options.verifyWebAuthn;
 
   try {
     const data: JSONObject = req.body["data"];
 
+    logger.debug("Login request data: " + JSON.stringify(req.body, null, 2));
+
     const user: User = BaseModel.fromJSON(data as JSONObject, User) as User;
 
+    if (!user.email || !user.password) {
+      return Response.sendErrorResponse(
+        req,
+        res,
+        new BadDataException("Email and password are required."),
+      );
+    }
+
     await user.password?.hashValue(EncryptionSecret);
 
     const alreadySavedUser: User | null = await UserService.findOneBy({
@@ -638,13 +695,21 @@ const login: LoginFunction = async (options: {
         );
       }
 
-      if (alreadySavedUser.enableTwoFactorAuth && !verifyTwoFactorAuth) {
+      if (
+        alreadySavedUser.enableTwoFactorAuth &&
+        !verifyTotpAuth &&
+        !verifyWebAuthn
+      ) {
         // If two factor auth is enabled then we will send the user to the two factor auth page.
 
-        const twoFactorAuthList: Array<UserTwoFactorAuth> =
-          await fetchTwoFactorAuthList(alreadySavedUser.id!);
+        const { totpAuthList, webAuthnList } = await fetchTotpAuthList(
+          alreadySavedUser.id!,
+        );
 
-        if (!twoFactorAuthList || twoFactorAuthList.length === 0) {
+        if (
+          (!totpAuthList || totpAuthList.length === 0) &&
+          (!webAuthnList || webAuthnList.length === 0)
+        ) {
           const errorMessage: string = IsBillingEnabled
             ? "Two Factor Authentication is enabled but no two factor auth is setup. Please contact OneUptime support for help."
             : "Two Factor Authentication is enabled but no two factor auth is setup. Please contact your server admin to disable two factor auth for this account.";
@@ -656,62 +721,68 @@ const login: LoginFunction = async (options: {
           );
         }
 
-        return Response.sendEntityResponse(req, res, user, User, {
+        return Response.sendEntityResponse(req, res, alreadySavedUser, User, {
           miscData: {
-            twoFactorAuthList: UserTwoFactorAuth.toJSONArray(
-              twoFactorAuthList,
-              UserTwoFactorAuth,
-            ),
-            twoFactorAuth: true,
+            totpAuthList: UserTotpAuth.toJSONArray(totpAuthList, UserTotpAuth),
+            webAuthnList: UserWebAuthn.toJSONArray(webAuthnList, UserWebAuthn),
           },
         });
       }
 
-      if (verifyTwoFactorAuth) {
-        // code from req
-        const code: string = data["code"] as string;
-        const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
+      if (verifyTotpAuth || verifyWebAuthn) {
+        if (verifyTotpAuth) {
+          // code from req
+          const code: string = data["code"] as string;
+          const twoFactorAuthId: string = data["twoFactorAuthId"] as string;
 
-        const twoFactorAuth: UserTwoFactorAuth | null =
-          await UserTwoFactorAuthService.findOneBy({
-            query: {
-              _id: twoFactorAuthId,
-              userId: alreadySavedUser.id!,
-              isVerified: true,
-            },
-            select: {
-              _id: true,
-              twoFactorSecret: true,
-            },
-            props: {
-              isRoot: true,
-            },
+          const totpAuth: UserTotpAuth | null =
+            await UserTotpAuthService.findOneBy({
+              query: {
+                _id: twoFactorAuthId,
+                userId: alreadySavedUser.id!,
+                isVerified: true,
+              },
+              select: {
+                _id: true,
+                twoFactorSecret: true,
+              },
+              props: {
+                isRoot: true,
+              },
+            });
+
+          if (!totpAuth) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid two factor auth id."),
+            );
+          }
+
+          const isVerified: boolean = TotpAuth.verifyToken({
+            token: code,
+            secret: totpAuth.twoFactorSecret!,
+            email: alreadySavedUser.email!,
           });
 
-        if (!twoFactorAuth) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid two factor auth id."),
-          );
+          if (!isVerified) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid code."),
+            );
+          }
+        } else if (verifyWebAuthn) {
+          const expectedChallenge: string = data["challenge"] as string;
+          const credential: any = data["credential"];
+
+          await UserWebAuthnService.verifyAuthentication({
+            userId: alreadySavedUser.id!.toString(),
+            challenge: expectedChallenge,
+            credential: credential,
+          });
         }
-
-        const isVerified: boolean = TwoFactorAuth.verifyToken({
-          token: code,
-          secret: twoFactorAuth.twoFactorSecret!,
-          email: alreadySavedUser.email!,
-        });
-
-        if (!isVerified) {
-          return Response.sendErrorResponse(
-            req,
-            res,
-            new BadDataException("Invalid code."),
-          );
-        }
-      }
-
-      // Refresh Permissions for this user here.
+      } // Refresh Permissions for this user here.
       await AccessTokenService.refreshUserAllPermissions(alreadySavedUser.id!);
 
       if (alreadySavedUser.password.toString() === user.password!.toString()) {

App/FeatureSet/Identity/API/SSO.ts

@@ -40,8 +40,10 @@ import Name from "Common/Types/Name";
 
 const router: ExpressRouter = Express.getRouter();
 
-// This route is used to get the SSO config for the user.
-// when the user logs in from OneUptime and not from the IDP.
+/*
+ * This route is used to get the SSO config for the user.
+ * when the user logs in from OneUptime and not from the IDP.
+ */
 
 router.get(
   "/service-provider-login",
@@ -434,8 +436,10 @@ const loginUserWithSso: LoginUserWithSsoFunction = async (
       isNewUser = true;
     }
 
-    // If he does not then add him to teams that he should belong and log in.
-    // This should never happen because email is verified before he logs in with SSO.
+    /*
+     * If he does not then add him to teams that he should belong and log in.
+     * This should never happen because email is verified before he logs in with SSO.
+     */
     if (!alreadySavedUser.isEmailVerified && !isNewUser) {
       await AuthenticationEmail.sendVerificationEmail(alreadySavedUser!);
 

App/FeatureSet/Identity/API/StatusPageAuthentication.ts

@@ -168,6 +168,7 @@ router.post(
           },
           {
             projectId: statusPage.projectId!,
+            statusPageId: statusPage.id!,
           },
         ).catch((err: Error) => {
           logger.error(err);
@@ -306,6 +307,7 @@ router.post(
         },
         {
           projectId: statusPage.projectId!,
+          statusPageId: statusPage.id!,
         },
       ).catch((err: Error) => {
         logger.error(err);

App/FeatureSet/Identity/API/StatusPageSCIM.ts

@@ -0,0 +1,570 @@
+import SCIMMiddleware from "Common/Server/Middleware/SCIMAuthorization";
+import StatusPagePrivateUserService from "Common/Server/Services/StatusPagePrivateUserService";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+  OneUptimeRequest,
+} from "Common/Server/Utils/Express";
+import Response from "Common/Server/Utils/Response";
+import logger from "Common/Server/Utils/Logger";
+import ObjectID from "Common/Types/ObjectID";
+import Email from "Common/Types/Email";
+import { JSONObject } from "Common/Types/JSON";
+import StatusPagePrivateUser from "Common/Models/DatabaseModels/StatusPagePrivateUser";
+import StatusPageSCIM from "Common/Models/DatabaseModels/StatusPageSCIM";
+import BadRequestException from "Common/Types/Exception/BadRequestException";
+import NotFoundException from "Common/Types/Exception/NotFoundException";
+import LIMIT_MAX, { LIMIT_PER_PROJECT } from "Common/Types/Database/LimitMax";
+import {
+  formatUserForSCIM,
+  generateServiceProviderConfig,
+} from "../Utils/SCIMUtils";
+import Text from "Common/Types/Text";
+import HashedString from "Common/Types/HashedString";
+
+const router: ExpressRouter = Express.getRouter();
+
+// SCIM Service Provider Configuration - GET /status-page-scim/v2/ServiceProviderConfig
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/ServiceProviderConfig",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM ServiceProviderConfig - scimId: ${req.params["statusPageScimId"]!}`,
+      );
+
+      const serviceProviderConfig: JSONObject = generateServiceProviderConfig(
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      return Response.sendJsonObjectResponse(req, res, serviceProviderConfig);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Status Page Users endpoint - GET /status-page-scim/v2/Users
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/Users",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Users list request for statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+
+      // Parse query parameters
+      const startIndex: number =
+        parseInt(req.query["startIndex"] as string) || 1;
+      const count: number = Math.min(
+        parseInt(req.query["count"] as string) || 100,
+        LIMIT_PER_PROJECT,
+      );
+      const filter: string = req.query["filter"] as string;
+
+      logger.debug(
+        `Status Page SCIM Users - statusPageId: ${statusPageId}, startIndex: ${startIndex}, count: ${count}, filter: ${filter || "none"}`,
+      );
+
+      // Build query for status page users
+      const query: any = {
+        statusPageId: statusPageId,
+      };
+
+      // Handle SCIM filter for userName
+      if (filter) {
+        const emailMatch: RegExpMatchArray | null = filter.match(
+          /userName eq "([^"]+)"/i,
+        );
+        if (emailMatch) {
+          const email: string = emailMatch[1]!;
+          logger.debug(
+            `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filter by email: ${email}`,
+          );
+
+          if (email) {
+            if (Email.isValid(email)) {
+              query.email = new Email(email);
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, filtering by email: ${email}`,
+              );
+            } else {
+              logger.debug(
+                `Status Page SCIM Users list - statusPageScimId: ${req.params["statusPageScimId"]!}, invalid email format in filter: ${email}`,
+              );
+              return Response.sendJsonObjectResponse(req, res, {
+                schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+                totalResults: 0,
+                startIndex: startIndex,
+                itemsPerPage: 0,
+                Resources: [],
+              });
+            }
+          }
+        }
+      }
+
+      // Get all private users for this status page
+      const statusPageUsers: Array<StatusPagePrivateUser> =
+        await StatusPagePrivateUserService.findBy({
+          query: query,
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          skip: 0,
+          limit: LIMIT_MAX,
+          props: { isRoot: true },
+        });
+
+      logger.debug(
+        `Status Page SCIM Users - found ${statusPageUsers.length} users`,
+      );
+
+      // Format users for SCIM
+      const users: Array<JSONObject> = statusPageUsers.map(
+        (user: StatusPagePrivateUser) => {
+          return formatUserForSCIM(
+            user,
+            req,
+            req.params["statusPageScimId"]!,
+            "status-page",
+          );
+        },
+      );
+
+      // Paginate the results
+      const paginatedUsers: Array<JSONObject> = users.slice(
+        (startIndex - 1) * count,
+        startIndex * count,
+      );
+
+      logger.debug(
+        `Status Page SCIM Users response prepared with ${users.length} users`,
+      );
+
+      return Response.sendJsonObjectResponse(req, res, {
+        schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+        totalResults: users.length,
+        startIndex: startIndex,
+        itemsPerPage: paginatedUsers.length,
+        Resources: paginatedUsers,
+      });
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Get Individual Status Page User - GET /status-page-scim/v2/Users/{id}
+router.get(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Get individual user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const userId: string = req.params["userId"]!;
+
+      logger.debug(
+        `Status Page SCIM Get user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Get user - user not found for userId: ${userId}`,
+        );
+        throw new NotFoundException(
+          "User not found or not part of this status page",
+        );
+      }
+
+      const user: JSONObject = formatUserForSCIM(
+        statusPageUser,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      logger.debug(
+        `Status Page SCIM Get user - returning user with id: ${statusPageUser.id}`,
+      );
+
+      return Response.sendJsonObjectResponse(req, res, user);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Create Status Page User - POST /status-page-scim/v2/Users
+router.post(
+  "/status-page-scim/v2/:statusPageScimId/Users",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Create user request for statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const scimConfig: StatusPageSCIM = bearerData[
+        "scimConfig"
+      ] as StatusPageSCIM;
+
+      if (!scimConfig.autoProvisionUsers) {
+        throw new BadRequestException(
+          "Auto-provisioning is disabled for this status page",
+        );
+      }
+
+      const scimUser: JSONObject = req.body;
+
+      logger.debug(
+        `Status Page SCIM Create user - statusPageId: ${statusPageId}`,
+      );
+
+      logger.debug(
+        `Request body for Status Page SCIM Create user: ${JSON.stringify(scimUser, null, 2)}`,
+      );
+
+      // Extract user data from SCIM payload
+      const email: string =
+        (scimUser["userName"] as string) ||
+        ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string);
+
+      if (!email) {
+        throw new BadRequestException("Email is required for user creation");
+      }
+
+      logger.debug(`Status Page SCIM Create user - email: ${email}`);
+
+      // Check if user already exists for this status page
+      let user: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            email: new Email(email),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!user) {
+        logger.debug(
+          `Status Page SCIM Create user - creating new user with email: ${email}`,
+        );
+
+        const privateUser: StatusPagePrivateUser = new StatusPagePrivateUser();
+        privateUser.statusPageId = statusPageId;
+        privateUser.email = new Email(email);
+        privateUser.password = new HashedString(Text.generateRandomText(32));
+        privateUser.projectId = bearerData["projectId"] as ObjectID;
+
+        // Create new status page private user
+        user = await StatusPagePrivateUserService.create({
+          data: privateUser as any,
+          props: { isRoot: true },
+        });
+      } else {
+        logger.debug(
+          `Status Page SCIM Create user - user already exists with id: ${user.id}`,
+        );
+      }
+
+      const createdUser: JSONObject = formatUserForSCIM(
+        user,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      logger.debug(
+        `Status Page SCIM Create user - returning created user with id: ${user.id}`,
+      );
+
+      res.status(201);
+      return Response.sendJsonObjectResponse(req, res, createdUser);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Update Status Page User - PUT /status-page-scim/v2/Users/{id}
+router.put(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Update user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const userId: string = req.params["userId"]!;
+      const scimUser: JSONObject = req.body;
+
+      logger.debug(
+        `Status Page SCIM Update user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      logger.debug(
+        `Request body for Status Page SCIM Update user: ${JSON.stringify(scimUser, null, 2)}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+            email: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Update user - user not found for userId: ${userId}`,
+        );
+        throw new NotFoundException(
+          "User not found or not part of this status page",
+        );
+      }
+
+      // Update user information
+      const email: string =
+        (scimUser["userName"] as string) ||
+        ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string);
+      const active: boolean = scimUser["active"] as boolean;
+
+      logger.debug(
+        `Status Page SCIM Update user - email: ${email}, active: ${active}`,
+      );
+
+      // Handle user deactivation by deleting from status page
+      if (active === false) {
+        logger.debug(
+          `Status Page SCIM Update user - user marked as inactive, removing from status page`,
+        );
+
+        const scimConfig: StatusPageSCIM = bearerData[
+          "scimConfig"
+        ] as StatusPageSCIM;
+        if (scimConfig.autoDeprovisionUsers) {
+          await StatusPagePrivateUserService.deleteOneById({
+            id: new ObjectID(userId),
+            props: { isRoot: true },
+          });
+
+          logger.debug(
+            `Status Page SCIM Update user - user removed from status page`,
+          );
+
+          // Return empty response for deleted user
+          return Response.sendJsonObjectResponse(req, res, {});
+        }
+      }
+
+      // Prepare update data
+      const updateData: {
+        email?: Email;
+      } = {};
+
+      if (email && email !== statusPageUser.email?.toString()) {
+        updateData.email = new Email(email);
+      }
+
+      // Only update if there are changes
+      if (Object.keys(updateData).length > 0) {
+        logger.debug(
+          `Status Page SCIM Update user - updating user with data: ${JSON.stringify(updateData)}`,
+        );
+
+        await StatusPagePrivateUserService.updateOneById({
+          id: new ObjectID(userId),
+          data: updateData,
+          props: { isRoot: true },
+        });
+
+        logger.debug(
+          `Status Page SCIM Update user - user updated successfully`,
+        );
+
+        // Fetch updated user
+        const updatedUser: StatusPagePrivateUser | null =
+          await StatusPagePrivateUserService.findOneById({
+            id: new ObjectID(userId),
+            select: {
+              _id: true,
+              email: true,
+              createdAt: true,
+              updatedAt: true,
+            },
+            props: { isRoot: true },
+          });
+
+        if (updatedUser) {
+          const user: JSONObject = formatUserForSCIM(
+            updatedUser,
+            req,
+            req.params["statusPageScimId"]!,
+            "status-page",
+          );
+          return Response.sendJsonObjectResponse(req, res, user);
+        }
+      }
+
+      logger.debug(
+        `Status Page SCIM Update user - no updates made, returning existing user`,
+      );
+
+      // If no updates were made, return the existing user
+      const user: JSONObject = formatUserForSCIM(
+        statusPageUser,
+        req,
+        req.params["statusPageScimId"]!,
+        "status-page",
+      );
+
+      return Response.sendJsonObjectResponse(req, res, user);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+// Delete Status Page User - DELETE /status-page-scim/v2/Users/{id}
+router.delete(
+  "/status-page-scim/v2/:statusPageScimId/Users/:userId",
+  SCIMMiddleware.isAuthorizedSCIMRequest,
+  async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
+    try {
+      logger.debug(
+        `Status Page SCIM Delete user request for userId: ${req.params["userId"]}, statusPageScimId: ${req.params["statusPageScimId"]}`,
+      );
+      const oneuptimeRequest: OneUptimeRequest = req as OneUptimeRequest;
+      const bearerData: JSONObject =
+        oneuptimeRequest.bearerTokenData as JSONObject;
+      const statusPageId: ObjectID = bearerData["statusPageId"] as ObjectID;
+      const scimConfig: StatusPageSCIM = bearerData[
+        "scimConfig"
+      ] as StatusPageSCIM;
+      const userId: string = req.params["userId"]!;
+
+      if (!scimConfig.autoDeprovisionUsers) {
+        throw new BadRequestException(
+          "Auto-deprovisioning is disabled for this status page",
+        );
+      }
+
+      logger.debug(
+        `Status Page SCIM Delete user - statusPageId: ${statusPageId}, userId: ${userId}`,
+      );
+
+      if (!userId) {
+        throw new BadRequestException("User ID is required");
+      }
+
+      // Check if user exists and belongs to this status page
+      const statusPageUser: StatusPagePrivateUser | null =
+        await StatusPagePrivateUserService.findOneBy({
+          query: {
+            statusPageId: statusPageId,
+            _id: new ObjectID(userId),
+          },
+          select: {
+            _id: true,
+          },
+          props: { isRoot: true },
+        });
+
+      if (!statusPageUser) {
+        logger.debug(
+          `Status Page SCIM Delete user - user not found for userId: ${userId}`,
+        );
+        // SCIM spec says to return 404 for non-existent resources
+        throw new NotFoundException("User not found");
+      }
+
+      // Delete the user from status page
+      await StatusPagePrivateUserService.deleteOneById({
+        id: new ObjectID(userId),
+        props: { isRoot: true },
+      });
+
+      logger.debug(
+        `Status Page SCIM Delete user - user deleted successfully for userId: ${userId}`,
+      );
+
+      // Return 204 No Content for successful deletion
+      res.status(204);
+      return Response.sendEmptySuccessResponse(req, res);
+    } catch (err) {
+      logger.error(err);
+      return Response.sendErrorResponse(req, res, err as BadRequestException);
+    }
+  },
+);
+
+export default router;

App/FeatureSet/Identity/Index.ts

@@ -1,8 +1,10 @@
 import AuthenticationAPI from "./API/Authentication";
 import ResellerAPI from "./API/Reseller";
 import SsoAPI from "./API/SSO";
+import SCIMAPI from "./API/SCIM";
 import StatusPageAuthenticationAPI from "./API/StatusPageAuthentication";
 import StatusPageSsoAPI from "./API/StatusPageSSO";
+import StatusPageSCIMAPI from "./API/StatusPageSCIM";
 import FeatureSet from "Common/Server/Types/FeatureSet";
 import Express, { ExpressApplication } from "Common/Server/Utils/Express";
 import "ejs";
@@ -19,6 +21,10 @@ const IdentityFeatureSet: FeatureSet = {
 
     app.use([`/${APP_NAME}`, "/"], SsoAPI);
 
+    app.use([`/${APP_NAME}`, "/"], SCIMAPI);
+
+    app.use([`/${APP_NAME}`, "/"], StatusPageSCIMAPI);
+
     app.use([`/${APP_NAME}`, "/"], StatusPageSsoAPI);
 
     app.use(

App/FeatureSet/Identity/Utils/AuthenticationEmail.ts

@@ -35,6 +35,8 @@ export default class AuthenticationEmail {
     const host: Hostname = await DatabaseConfig.getHost();
     const httpProtocol: Protocol = await DatabaseConfig.getHttpProtocol();
 
+    logger.debug("Sending verification email");
+
     MailService.sendMail({
       toEmail: user.email!,
       subject: "Please verify email.",
@@ -50,8 +52,13 @@ export default class AuthenticationEmail {
         ).toString(),
         homeUrl: new URL(httpProtocol, host).toString(),
       },
-    }).catch((err: Error) => {
-      logger.error(err);
-    });
+    })
+      .then(() => {
+        logger.debug("Verification email sent");
+      })
+      .catch((err: Error) => {
+        logger.debug("Error sending verification email");
+        logger.error(err);
+      });
   }
 }

App/FeatureSet/Identity/Utils/SCIMUtils.ts

@@ -0,0 +1,265 @@
+import { ExpressRequest } from "Common/Server/Utils/Express";
+import logger from "Common/Server/Utils/Logger";
+import { JSONObject } from "Common/Types/JSON";
+import Email from "Common/Types/Email";
+import Name from "Common/Types/Name";
+import ObjectID from "Common/Types/ObjectID";
+
+/**
+ * Shared SCIM utility functions for both Project SCIM and Status Page SCIM
+ */
+
+// Base interface for SCIM user-like objects - compatible with User model
+export interface SCIMUser {
+  id?: ObjectID | null;
+  email?: Email;
+  name?: Name | string;
+  createdAt?: Date;
+  updatedAt?: Date;
+}
+
+/**
+ * Parse name information from SCIM user payload
+ */
+export const parseNameFromSCIM: (scimUser: JSONObject) => string = (
+  scimUser: JSONObject,
+): string => {
+  logger.debug(
+    `SCIM - Parsing name from SCIM user: ${JSON.stringify(scimUser, null, 2)}`,
+  );
+
+  const givenName: string =
+    ((scimUser["name"] as JSONObject)?.["givenName"] as string) || "";
+  const familyName: string =
+    ((scimUser["name"] as JSONObject)?.["familyName"] as string) || "";
+  const formattedName: string = (scimUser["name"] as JSONObject)?.[
+    "formatted"
+  ] as string;
+
+  // Construct full name: prefer formatted, then combine given+family, then fallback to displayName
+  if (formattedName) {
+    return formattedName;
+  } else if (givenName || familyName) {
+    return `${givenName} ${familyName}`.trim();
+  } else if (scimUser["displayName"]) {
+    return scimUser["displayName"] as string;
+  }
+  return "";
+};
+
+/**
+ * Parse full name into SCIM name format
+ */
+export const parseNameToSCIMFormat: (fullName: string) => {
+  givenName: string;
+  familyName: string;
+  formatted: string;
+} = (
+  fullName: string,
+): { givenName: string; familyName: string; formatted: string } => {
+  const nameParts: string[] = fullName.trim().split(/\s+/);
+  const givenName: string = nameParts[0] || "";
+  const familyName: string = nameParts.slice(1).join(" ") || "";
+
+  return {
+    givenName,
+    familyName,
+    formatted: fullName,
+  };
+};
+
+/**
+ * Format user object for SCIM response
+ */
+export const formatUserForSCIM: (
+  user: SCIMUser,
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+) => JSONObject = (
+  user: SCIMUser,
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+): JSONObject => {
+  const baseUrl: string = `${req.protocol}://${req.get("host")}`;
+  const userName: string = user.email?.toString() || "";
+  const fullName: string =
+    user.name?.toString() || userName.split("@")[0] || "Unknown User";
+
+  const nameData: { givenName: string; familyName: string; formatted: string } =
+    parseNameToSCIMFormat(fullName);
+
+  // Determine the correct endpoint path based on SCIM type
+  const endpointPath: string =
+    scimType === "project"
+      ? `/scim/v2/${scimId}/Users/${user.id?.toString()}`
+      : `/status-page-scim/v2/${scimId}/Users/${user.id?.toString()}`;
+
+  return {
+    schemas: ["urn:ietf:params:scim:schemas:core:2.0:User"],
+    id: user.id?.toString(),
+    userName: userName,
+    displayName: nameData.formatted,
+    name: {
+      formatted: nameData.formatted,
+      familyName: nameData.familyName,
+      givenName: nameData.givenName,
+    },
+    emails: [
+      {
+        value: userName,
+        type: "work",
+        primary: true,
+      },
+    ],
+    active: true,
+    meta: {
+      resourceType: "User",
+      created: user.createdAt?.toISOString(),
+      lastModified: user.updatedAt?.toISOString(),
+      location: `${baseUrl}${endpointPath}`,
+    },
+  };
+};
+
+/**
+ * Extract email from SCIM user payload
+ */
+export const extractEmailFromSCIM: (scimUser: JSONObject) => string = (
+  scimUser: JSONObject,
+): string => {
+  return (
+    (scimUser["userName"] as string) ||
+    ((scimUser["emails"] as JSONObject[])?.[0]?.["value"] as string) ||
+    ""
+  );
+};
+
+/**
+ * Extract active status from SCIM user payload
+ */
+export const extractActiveFromSCIM: (scimUser: JSONObject) => boolean = (
+  scimUser: JSONObject,
+): boolean => {
+  return scimUser["active"] !== false; // Default to true if not specified
+};
+
+/**
+ * Generate SCIM ServiceProviderConfig response
+ */
+export const generateServiceProviderConfig: (
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+  documentationUrl?: string,
+) => JSONObject = (
+  req: ExpressRequest,
+  scimId: string,
+  scimType: "project" | "status-page",
+  documentationUrl: string = "https://oneuptime.com/docs/identity/scim",
+): JSONObject => {
+  const baseUrl: string = `${req.protocol}://${req.get("host")}`;
+  const endpointPath: string =
+    scimType === "project"
+      ? `/scim/v2/${scimId}`
+      : `/status-page-scim/v2/${scimId}`;
+
+  return {
+    schemas: ["urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"],
+    documentationUri: documentationUrl,
+    patch: {
+      supported: true,
+    },
+    bulk: {
+      supported: true,
+      maxOperations: 1000,
+      maxPayloadSize: 1048576,
+    },
+    filter: {
+      supported: true,
+      maxResults: 200,
+    },
+    changePassword: {
+      supported: false,
+    },
+    sort: {
+      supported: true,
+    },
+    etag: {
+      supported: false,
+    },
+    authenticationSchemes: [
+      {
+        type: "httpbearer",
+        name: "HTTP Bearer",
+        description: "Authentication scheme using HTTP Bearer Token",
+        primary: true,
+      },
+    ],
+    meta: {
+      location: `${baseUrl}${endpointPath}/ServiceProviderConfig`,
+      resourceType: "ServiceProviderConfig",
+      created: "2023-01-01T00:00:00Z",
+      lastModified: "2023-01-01T00:00:00Z",
+    },
+  };
+};
+
+/**
+ * Generate SCIM ListResponse for users
+ */
+export const generateUsersListResponse: (
+  users: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+) => JSONObject = (
+  users: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+): JSONObject => {
+  return {
+    schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+    totalResults: totalResults,
+    startIndex: startIndex,
+    itemsPerPage: users.length,
+    Resources: users,
+  };
+};
+
+/**
+ * Generate SCIM ListResponse for groups
+ */
+export const generateGroupsListResponse: (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+) => JSONObject = (
+  groups: JSONObject[],
+  startIndex: number,
+  totalResults: number,
+): JSONObject => {
+  return {
+    schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
+    totalResults: totalResults,
+    startIndex: startIndex,
+    itemsPerPage: groups.length,
+    Resources: groups,
+  };
+};
+
+/**
+ * Parse query parameters for SCIM list requests
+ */
+export const parseSCIMQueryParams: (req: ExpressRequest) => {
+  startIndex: number;
+  count: number;
+} = (req: ExpressRequest): { startIndex: number; count: number } => {
+  const startIndex: number = parseInt(req.query["startIndex"] as string) || 1;
+  const count: number = Math.min(
+    parseInt(req.query["count"] as string) || 100,
+    200, // SCIM recommended max
+  );
+
+  return { startIndex, count };
+};

App/FeatureSet/Identity/Utils/SSO.ts

@@ -184,15 +184,17 @@ export default class SSOUtil {
       return null;
     }
 
-    // get displayName attribute.
-    //   {
-    //     "$": {
-    //         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
-    //     },
-    //     "AttributeValue": [
-    //         "Nawaz Dhandala"
-    //     ]
-    // },
+    /*
+     * get displayName attribute.
+     *   {
+     *     "$": {
+     *         "Name": "http://schemas.microsoft.com/identity/claims/displayname"
+     *     },
+     *     "AttributeValue": [
+     *         "Nawaz Dhandala"
+     *     ]
+     * },
+     */
 
     for (let i: number = 0; i < samlAttribute.length; i++) {
       const attribute: JSONObject = samlAttribute[i] as JSONObject;

App/FeatureSet/Identity/Views/Partials/Head.ejs

@@ -67,7 +67,6 @@
 <link rel="apple-touch-icon-precomposed" href="/img/ou-wb.svg">
 <link rel="icon" href="/img/ou-wb.svg">
 <link rel="image_src" type="image/png" href="/img/hou-wb.svg">
-<link rel="canonical" href="/">
 <link rel="manifest" href="/manifest.json">
 <meta property="og:title" content="OneUptime - One Complete Observability platform.">
 <meta property="og:url" content="https://oneuptime.com">

App/FeatureSet/Notification/API/Call.ts

@@ -31,6 +31,22 @@ router.post(
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
       customTwilioConfig: body["customTwilioConfig"] as any,
+      incidentId: (body["incidentId"] as ObjectID) || undefined,
+      alertId: (body["alertId"] as ObjectID) || undefined,
+      scheduledMaintenanceId:
+        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+      statusPageAnnouncementId:
+        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+      userId: (body["userId"] as ObjectID) || undefined,
+      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+      onCallPolicyEscalationRuleId:
+        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+      onCallDutyPolicyExecutionLogTimelineId:
+        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+        undefined,
+      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+      teamId: (body["teamId"] as ObjectID) || undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/API/Mail.ts

@@ -43,6 +43,43 @@ router.post(
       emailServer: mailServer,
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+      incidentId: body["incidentId"]
+        ? new ObjectID(body["incidentId"].toString())
+        : undefined,
+      alertId: body["alertId"]
+        ? new ObjectID(body["alertId"].toString())
+        : undefined,
+      scheduledMaintenanceId: body["scheduledMaintenanceId"]
+        ? new ObjectID(body["scheduledMaintenanceId"].toString())
+        : undefined,
+      statusPageId: body["statusPageId"]
+        ? new ObjectID(body["statusPageId"].toString())
+        : undefined,
+      statusPageAnnouncementId: body["statusPageAnnouncementId"]
+        ? new ObjectID(body["statusPageAnnouncementId"].toString())
+        : undefined,
+      userId: body["userId"]
+        ? new ObjectID(body["userId"].toString())
+        : undefined,
+      onCallPolicyId: body["onCallPolicyId"]
+        ? new ObjectID(body["onCallPolicyId"].toString())
+        : undefined,
+      onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
+        ? new ObjectID(body["onCallPolicyEscalationRuleId"].toString())
+        : undefined,
+      onCallDutyPolicyExecutionLogTimelineId: body[
+        "onCallDutyPolicyExecutionLogTimelineId"
+      ]
+        ? new ObjectID(
+            body["onCallDutyPolicyExecutionLogTimelineId"].toString(),
+          )
+        : undefined,
+      onCallScheduleId: body["onCallScheduleId"]
+        ? new ObjectID(body["onCallScheduleId"].toString())
+        : undefined,
+      teamId: body["teamId"]
+        ? new ObjectID(body["teamId"].toString())
+        : undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/API/PushNotification.ts

@@ -0,0 +1,65 @@
+import PushService from "../Services/PushNotificationService";
+import ClusterKeyAuthorization from "Common/Server/Middleware/ClusterKeyAuthorization";
+import ObjectID from "Common/Types/ObjectID";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+} from "Common/Server/Utils/Express";
+import Response from "Common/Server/Utils/Response";
+import { JSONObject } from "Common/Types/JSON";
+import JSONFunctions from "Common/Types/JSONFunctions";
+
+const router: ExpressRouter = Express.getRouter();
+
+router.post(
+  "/send",
+  ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
+  async (req: ExpressRequest, res: ExpressResponse) => {
+    const body: JSONObject = JSONFunctions.deserialize(req.body);
+
+    // Support both new devices format and legacy deviceTokens/deviceNames format
+    let devices: Array<{ token: string; name?: string }> = [];
+
+    if (body["devices"]) {
+      // New format: devices as array of objects
+      devices = body["devices"] as Array<{ token: string; name?: string }>;
+    } else {
+      throw new Error("Invalid request format: 'devices' array is required.");
+    }
+
+    await PushService.send(
+      {
+        devices,
+        deviceType: (body["deviceType"] as any) || "web",
+        message: body["message"] as any,
+      },
+      {
+        projectId: (body["projectId"] as ObjectID) || undefined,
+        isSensitive: (body["isSensitive"] as boolean) || false,
+        userOnCallLogTimelineId:
+          (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
+        incidentId: (body["incidentId"] as ObjectID) || undefined,
+        alertId: (body["alertId"] as ObjectID) || undefined,
+        scheduledMaintenanceId:
+          (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+        statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+        statusPageAnnouncementId:
+          (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+        userId: (body["userId"] as ObjectID) || undefined,
+        onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+        onCallPolicyEscalationRuleId:
+          (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+        onCallDutyPolicyExecutionLogTimelineId:
+          (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+          undefined,
+        onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+        teamId: (body["teamId"] as ObjectID) || undefined,
+      },
+    );
+
+    return Response.sendEmptySuccessResponse(req, res);
+  },
+);
+
+export default router;

App/FeatureSet/Notification/API/SMS.ts

@@ -30,6 +30,22 @@ router.post(
       userOnCallLogTimelineId:
         (body["userOnCallLogTimelineId"] as ObjectID) || undefined,
       customTwilioConfig: body["customTwilioConfig"] as any,
+      incidentId: (body["incidentId"] as ObjectID) || undefined,
+      alertId: (body["alertId"] as ObjectID) || undefined,
+      scheduledMaintenanceId:
+        (body["scheduledMaintenanceId"] as ObjectID) || undefined,
+      statusPageId: (body["statusPageId"] as ObjectID) || undefined,
+      statusPageAnnouncementId:
+        (body["statusPageAnnouncementId"] as ObjectID) || undefined,
+      userId: (body["userId"] as ObjectID) || undefined,
+      onCallPolicyId: (body["onCallPolicyId"] as ObjectID) || undefined,
+      onCallPolicyEscalationRuleId:
+        (body["onCallPolicyEscalationRuleId"] as ObjectID) || undefined,
+      onCallDutyPolicyExecutionLogTimelineId:
+        (body["onCallDutyPolicyExecutionLogTimelineId"] as ObjectID) ||
+        undefined,
+      onCallScheduleId: (body["onCallScheduleId"] as ObjectID) || undefined,
+      teamId: (body["teamId"] as ObjectID) || undefined,
     });
 
     return Response.sendEmptySuccessResponse(req, res);

App/FeatureSet/Notification/API/WhatsApp.ts

@@ -0,0 +1,156 @@
+import WhatsAppService from "../Services/WhatsAppService";
+import BadDataException from "Common/Types/Exception/BadDataException";
+import { JSONObject } from "Common/Types/JSON";
+import ObjectID from "Common/Types/ObjectID";
+import Phone from "Common/Types/Phone";
+import WhatsAppMessage from "Common/Types/WhatsApp/WhatsAppMessage";
+import {
+  WhatsAppTemplateId,
+  WhatsAppTemplateIds,
+  WhatsAppTemplateLanguage,
+} from "Common/Types/WhatsApp/WhatsAppTemplates";
+import ClusterKeyAuthorization from "Common/Server/Middleware/ClusterKeyAuthorization";
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+} from "Common/Server/Utils/Express";
+import Response from "Common/Server/Utils/Response";
+
+const router: ExpressRouter = Express.getRouter();
+
+const toTemplateVariables: (
+  rawVariables: JSONObject | undefined,
+) => Record<string, string> | undefined = (
+  rawVariables: JSONObject | undefined,
+): Record<string, string> | undefined => {
+  if (!rawVariables) {
+    return undefined;
+  }
+
+  const result: Record<string, string> = {};
+
+  for (const key of Object.keys(rawVariables)) {
+    const value: unknown = rawVariables[key];
+    if (value !== null && value !== undefined) {
+      result[key] = String(value);
+    }
+  }
+
+  return Object.keys(result).length > 0 ? result : undefined;
+};
+
+router.post(
+  "/send",
+  ClusterKeyAuthorization.isAuthorizedServiceMiddleware,
+  async (req: ExpressRequest, res: ExpressResponse) => {
+    const body: JSONObject = req.body as JSONObject;
+
+    if (!body["to"]) {
+      throw new BadDataException("`to` phone number is required");
+    }
+
+    const toPhone: Phone = new Phone(body["to"] as string);
+
+    const message: WhatsAppMessage = {
+      to: toPhone,
+      body: (body["body"] as string) || "",
+      templateKey: (body["templateKey"] as string) || undefined,
+      templateVariables: toTemplateVariables(
+        body["templateVariables"] as JSONObject | undefined,
+      ),
+      templateLanguageCode:
+        (body["templateLanguageCode"] as string) || undefined,
+    };
+
+    await WhatsAppService.sendWhatsApp(message, {
+      projectId: body["projectId"]
+        ? new ObjectID(body["projectId"] as string)
+        : undefined,
+      isSensitive: (body["isSensitive"] as boolean) || false,
+      userOnCallLogTimelineId: body["userOnCallLogTimelineId"]
+        ? new ObjectID(body["userOnCallLogTimelineId"] as string)
+        : undefined,
+      incidentId: body["incidentId"]
+        ? new ObjectID(body["incidentId"] as string)
+        : undefined,
+      alertId: body["alertId"]
+        ? new ObjectID(body["alertId"] as string)
+        : undefined,
+      scheduledMaintenanceId: body["scheduledMaintenanceId"]
+        ? new ObjectID(body["scheduledMaintenanceId"] as string)
+        : undefined,
+      statusPageId: body["statusPageId"]
+        ? new ObjectID(body["statusPageId"] as string)
+        : undefined,
+      statusPageAnnouncementId: body["statusPageAnnouncementId"]
+        ? new ObjectID(body["statusPageAnnouncementId"] as string)
+        : undefined,
+      userId: body["userId"]
+        ? new ObjectID(body["userId"] as string)
+        : undefined,
+      onCallPolicyId: body["onCallPolicyId"]
+        ? new ObjectID(body["onCallPolicyId"] as string)
+        : undefined,
+      onCallPolicyEscalationRuleId: body["onCallPolicyEscalationRuleId"]
+        ? new ObjectID(body["onCallPolicyEscalationRuleId"] as string)
+        : undefined,
+      onCallDutyPolicyExecutionLogTimelineId: body[
+        "onCallDutyPolicyExecutionLogTimelineId"
+      ]
+        ? new ObjectID(body["onCallDutyPolicyExecutionLogTimelineId"] as string)
+        : undefined,
+      onCallScheduleId: body["onCallScheduleId"]
+        ? new ObjectID(body["onCallScheduleId"] as string)
+        : undefined,
+      teamId: body["teamId"]
+        ? new ObjectID(body["teamId"] as string)
+        : undefined,
+    });
+
+    return Response.sendEmptySuccessResponse(req, res);
+  },
+);
+
+router.post("/test", async (req: ExpressRequest, res: ExpressResponse) => {
+  const body: JSONObject = req.body as JSONObject;
+
+  if (!body["toPhone"]) {
+    throw new BadDataException("toPhone is required");
+  }
+
+  const toPhone: Phone = new Phone(body["toPhone"] as string);
+
+  const templateKey: WhatsAppTemplateId = WhatsAppTemplateIds.TestNotification;
+
+  const templateLanguageCode: string =
+    WhatsAppTemplateLanguage[templateKey] || "en";
+
+  const message: WhatsAppMessage = {
+    to: toPhone,
+    body: "",
+    templateKey,
+    templateVariables: undefined,
+    templateLanguageCode,
+  };
+
+  try {
+    await WhatsAppService.sendWhatsApp(message, {
+      projectId: body["projectId"]
+        ? new ObjectID(body["projectId"] as string)
+        : undefined,
+      isSensitive: false,
+    });
+  } catch (err) {
+    const errorMsg: string =
+      err instanceof Error && err.message
+        ? err.message
+        : "Failed to send test WhatsApp message.";
+
+    return Response.sendErrorResponse(req, res, new BadDataException(errorMsg));
+  }
+
+  return Response.sendEmptySuccessResponse(req, res);
+});
+
+export default router;

App/FeatureSet/Notification/Config.ts

@@ -12,6 +12,8 @@ import Phone from "Common/Types/Phone";
 
 type GetGlobalSMTPConfig = () => Promise<EmailServer | null>;
 
+export const DEFAULT_META_WHATSAPP_API_VERSION: string = "v23.0";
+
 export const getGlobalSMTPConfig: GetGlobalSMTPConfig =
   async (): Promise<EmailServer | null> => {
     const globalConfig: GlobalConfig | null =
@@ -222,6 +224,83 @@ export const SMSHighRiskCostInCents: number = process.env[
   ? parseInt(process.env["SMS_HIGH_RISK_COST_IN_CENTS"])
   : 0;
 
+export interface MetaWhatsAppConfig {
+  accessToken: string;
+  phoneNumberId: string;
+  businessAccountId?: string | undefined;
+  appId?: string | undefined;
+  appSecret?: string | undefined;
+  apiVersion?: string | undefined;
+}
+
+type GetMetaWhatsAppConfigFunction = () => Promise<MetaWhatsAppConfig>;
+
+export const getMetaWhatsAppConfig: GetMetaWhatsAppConfigFunction =
+  async (): Promise<MetaWhatsAppConfig> => {
+    const globalConfig: GlobalConfig | null =
+      await GlobalConfigService.findOneBy({
+        query: {
+          _id: ObjectID.getZeroObjectID().toString(),
+        },
+        props: {
+          isRoot: true,
+        },
+        select: {
+          metaWhatsAppAccessToken: true,
+          metaWhatsAppPhoneNumberId: true,
+          metaWhatsAppBusinessAccountId: true,
+          metaWhatsAppAppId: true,
+          metaWhatsAppAppSecret: true,
+        },
+      });
+
+    if (!globalConfig) {
+      throw new BadDataException("Global Config not found");
+    }
+
+    const accessToken: string | undefined =
+      globalConfig.metaWhatsAppAccessToken?.trim();
+    const phoneNumberId: string | undefined =
+      globalConfig.metaWhatsAppPhoneNumberId?.trim();
+
+    if (!accessToken) {
+      throw new BadDataException(
+        "Meta WhatsApp access token not configured. Please set it in the Admin Dashboard: " +
+          AdminDashboardClientURL.toString(),
+      );
+    }
+
+    if (!phoneNumberId) {
+      throw new BadDataException(
+        "Meta WhatsApp phone number ID not configured. Please set it in the Admin Dashboard: " +
+          AdminDashboardClientURL.toString(),
+      );
+    }
+
+    const businessAccountId: string | undefined =
+      globalConfig.metaWhatsAppBusinessAccountId?.trim() || undefined;
+    const appId: string | undefined =
+      globalConfig.metaWhatsAppAppId?.trim() || undefined;
+    const appSecret: string | undefined =
+      globalConfig.metaWhatsAppAppSecret?.trim() || undefined;
+    const apiVersion: string = DEFAULT_META_WHATSAPP_API_VERSION;
+
+    return {
+      accessToken,
+      phoneNumberId,
+      businessAccountId,
+      appId,
+      appSecret,
+      apiVersion,
+    };
+  };
+
+export const WhatsAppTextDefaultCostInCents: number = process.env[
+  "WHATSAPP_TEXT_DEFAULT_COST_IN_CENTS"
+]
+  ? parseInt(process.env["WHATSAPP_TEXT_DEFAULT_COST_IN_CENTS"])
+  : 0;
+
 export const CallHighRiskCostInCentsPerMinute: number = process.env[
   "CALL_HIGH_RISK_COST_IN_CENTS_PER_MINUTE"
 ]

App/FeatureSet/Notification/Index.ts

@@ -2,6 +2,8 @@ import CallAPI from "./API/Call";
 // API
 import MailAPI from "./API/Mail";
 import SmsAPI from "./API/SMS";
+import WhatsAppAPI from "./API/WhatsApp";
+import PushNotificationAPI from "./API/PushNotification";
 import SMTPConfigAPI from "./API/SMTPConfig";
 import "./Utils/Handlebars";
 import FeatureSet from "Common/Server/Types/FeatureSet";
@@ -15,6 +17,8 @@ const NotificationFeatureSet: FeatureSet = {
 
     app.use([`/${APP_NAME}/email`, "/email"], MailAPI);
     app.use([`/${APP_NAME}/sms`, "/sms"], SmsAPI);
+    app.use([`/${APP_NAME}/whatsapp`, "/whatsapp"], WhatsAppAPI);
+    app.use([`/${APP_NAME}/push`, "/push"], PushNotificationAPI);
     app.use([`/${APP_NAME}/call`, "/call"], CallAPI);
     app.use([`/${APP_NAME}/smtp-config`, "/smtp-config"], SMTPConfigAPI);
   },

App/FeatureSet/Notification/Services/CallService.ts

@@ -28,6 +28,38 @@ import Twilio from "twilio";
 import { CallInstance } from "twilio/lib/rest/api/v2010/account/call";
 import Phone from "Common/Types/Phone";
 
+/**
+ * Extracts the main sayMessage values from a CallRequest's data array for call summary.
+ * Excludes acknowledgment responses, error messages, and other system messages.
+ * @param callRequest The call request containing data array with various objects
+ * @returns A string containing main call content messages separated by newlines
+ */
+function extractSayMessagesFromCallRequest(callRequest: CallRequest): string {
+  const sayMessages: string[] = [];
+
+  if (callRequest.data && Array.isArray(callRequest.data)) {
+    for (const item of callRequest.data) {
+      // Check if the item is a Say object with sayMessage
+      if ((item as Say).sayMessage) {
+        sayMessages.push((item as Say).sayMessage);
+      }
+      // Check if the item is a GatherInput with introMessage
+      if ((item as GatherInput).introMessage) {
+        sayMessages.push((item as GatherInput).introMessage);
+      }
+      /*
+       * NOTE: Excluding noInputMessage and onInputCallRequest messages from summary
+       * as they contain system responses like "Good bye", "Invalid input", "You have acknowledged"
+       * which should not be included in the call summary according to user requirements
+       */
+    }
+  }
+
+  return sayMessages.length > 0
+    ? sayMessages.join(" ")
+    : "No message content found";
+}
+
 export default class CallService {
   public static async makeCall(
     callRequest: CallRequest,
@@ -36,6 +68,18 @@ export default class CallService {
       isSensitive?: boolean; // if true, message will not be logged
       userOnCallLogTimelineId?: ObjectID | undefined; // user notification log timeline id
       customTwilioConfig?: TwilioConfig | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      // On-call policy related fields
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
     },
   ): Promise<void> {
     let callError: Error | null = null;
@@ -82,14 +126,58 @@ export default class CallService {
       callLog.fromNumber = fromNumber;
       callLog.callData =
         options && options.isSensitive
-          ? { message: "This call is sensitive and is not logged" }
-          : JSON.parse(JSON.stringify(callRequest));
+          ? ({ message: "This call is sensitive and is not logged" } as any)
+          : ({
+              message: extractSayMessagesFromCallRequest(callRequest),
+            } as any);
       callLog.callCostInUSDCents = 0;
 
       if (options.projectId) {
         callLog.projectId = options.projectId;
       }
 
+      if (options.incidentId) {
+        callLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        callLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        callLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        callLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        callLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        callLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        callLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        callLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        callLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        callLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
       let project: Project | null = null;
 
       // make sure project has enough balance.

App/FeatureSet/Notification/Services/MailService.ts

@@ -37,11 +37,49 @@ class TransporterPool {
   private static semaphore: Map<string, number> = new Map();
   private static readonly MAX_CONCURRENT_CONNECTIONS = 100;
 
+  private static resolveConnectionSettings(emailServer: EmailServer): {
+    portNumber: number;
+    wantsSecureConnection: boolean;
+    secureConnection: boolean;
+    requireTLS: boolean;
+    mode: "implicit-tls" | "starttls" | "plain";
+  } {
+    const portNumber: number = emailServer.port.toNumber();
+    const wantsSecureConnection: boolean = emailServer.secure;
+    const isImplicitTLSPort: boolean = portNumber === 465;
+
+    const secureConnection: boolean = isImplicitTLSPort;
+    const requireTLS: boolean = wantsSecureConnection && !isImplicitTLSPort;
+
+    let mode: "implicit-tls" | "starttls" | "plain" = "plain";
+
+    if (secureConnection) {
+      mode = "implicit-tls";
+    } else if (requireTLS) {
+      mode = "starttls";
+    }
+
+    return {
+      portNumber,
+      wantsSecureConnection,
+      secureConnection,
+      requireTLS,
+      mode,
+    };
+  }
+
+  private static getPoolKey(emailServer: EmailServer): string {
+    const { portNumber, mode } = this.resolveConnectionSettings(emailServer);
+    const username: string = emailServer.username || "noauth";
+
+    return `${emailServer.host.toString()}:${portNumber}:${username}:${mode}`;
+  }
+
   public static getTransporter(
     emailServer: EmailServer,
     options: { timeout?: number | undefined },
   ): Transporter {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
 
     if (!this.pools.has(key)) {
       const transporter: Transporter = this.createTransporter(
@@ -59,9 +97,12 @@ class TransporterPool {
     emailServer: EmailServer,
     options: { timeout?: number | undefined },
   ): Transporter {
+    const { portNumber, wantsSecureConnection, secureConnection, requireTLS } =
+      this.resolveConnectionSettings(emailServer);
+
     let tlsOptions: tls.ConnectionOptions | undefined = undefined;
 
-    if (!emailServer.secure) {
+    if (!wantsSecureConnection) {
       tlsOptions = {
         rejectUnauthorized: false,
       };
@@ -69,8 +110,9 @@ class TransporterPool {
 
     return nodemailer.createTransport({
       host: emailServer.host.toString(),
-      port: emailServer.port.toNumber(),
-      secure: emailServer.secure,
+      port: portNumber,
+      secure: secureConnection,
+      requireTLS,
       tls: tlsOptions,
       auth:
         emailServer.username && emailServer.password
@@ -88,7 +130,7 @@ class TransporterPool {
   public static async acquireConnection(
     emailServer: EmailServer,
   ): Promise<void> {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
 
     while ((this.semaphore.get(key) || 0) >= this.MAX_CONCURRENT_CONNECTIONS) {
       await new Promise<void>((resolve: () => void) => {
@@ -100,7 +142,7 @@ class TransporterPool {
   }
 
   public static releaseConnection(emailServer: EmailServer): void {
-    const key: string = `${emailServer.host.toString()}:${emailServer.port.toNumber()}:${emailServer.username || "noauth"}`;
+    const key: string = this.getPoolKey(emailServer);
     const current: number = this.semaphore.get(key) || 0;
     this.semaphore.set(key, Math.max(0, current - 1));
   }
@@ -345,6 +387,18 @@ export default class MailService {
           emailServer?: EmailServer | undefined;
           userOnCallLogTimelineId?: ObjectID | undefined;
           timeout?: number | undefined;
+          incidentId?: ObjectID | undefined;
+          alertId?: ObjectID | undefined;
+          scheduledMaintenanceId?: ObjectID | undefined;
+          statusPageId?: ObjectID | undefined;
+          statusPageAnnouncementId?: ObjectID | undefined;
+          userId?: ObjectID | undefined;
+          // On-call policy related fields
+          onCallPolicyId?: ObjectID | undefined;
+          onCallPolicyEscalationRuleId?: ObjectID | undefined;
+          onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+          onCallScheduleId?: ObjectID | undefined;
+          teamId?: ObjectID | undefined;
         }
       | undefined,
   ): Promise<void> {
@@ -359,6 +413,48 @@ export default class MailService {
       if (options.emailServer?.id) {
         emailLog.projectSmtpConfigId = options.emailServer?.id;
       }
+
+      if (options.incidentId) {
+        emailLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        emailLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        emailLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        emailLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        emailLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        emailLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        emailLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        emailLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        emailLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        emailLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
     }
 
     // default vars.

App/FeatureSet/Notification/Services/PushNotificationService.ts

@@ -0,0 +1,44 @@
+import PushNotificationRequest from "Common/Types/PushNotification/PushNotificationRequest";
+import ObjectID from "Common/Types/ObjectID";
+import PushNotificationServiceCommon from "Common/Server/Services/PushNotificationService";
+
+export default class PushNotificationService {
+  public static async send(
+    request: PushNotificationRequest,
+    options: {
+      projectId?: ObjectID | undefined;
+      isSensitive?: boolean;
+      userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
+    } = {},
+  ): Promise<void> {
+    // Delegate to Common service which now handles logging and timeline updates
+    await PushNotificationServiceCommon.sendPushNotification(request, {
+      projectId: options.projectId,
+      isSensitive: Boolean(options.isSensitive),
+      userOnCallLogTimelineId: options.userOnCallLogTimelineId,
+      incidentId: options.incidentId,
+      alertId: options.alertId,
+      scheduledMaintenanceId: options.scheduledMaintenanceId,
+      statusPageId: options.statusPageId,
+      statusPageAnnouncementId: options.statusPageAnnouncementId,
+      userId: options.userId,
+      onCallPolicyId: options.onCallPolicyId,
+      onCallPolicyEscalationRuleId: options.onCallPolicyEscalationRuleId,
+      onCallDutyPolicyExecutionLogTimelineId:
+        options.onCallDutyPolicyExecutionLogTimelineId,
+      onCallScheduleId: options.onCallScheduleId,
+      teamId: options.teamId,
+    });
+  }
+}

App/FeatureSet/Notification/Services/SmsService.ts

@@ -31,6 +31,18 @@ export default class SmsService {
       customTwilioConfig?: TwilioConfig | undefined;
       isSensitive?: boolean; // if true, message will not be logged
       userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      // On-call policy related fields
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
     },
   ): Promise<void> {
     let smsError: Error | null = null;
@@ -71,6 +83,48 @@ export default class SmsService {
         smsLog.projectId = options.projectId;
       }
 
+      if (options.incidentId) {
+        smsLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        smsLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        smsLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        smsLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        smsLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        smsLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        smsLog.teamId = options.teamId;
+      }
+
+      // Set OnCall-related fields
+      if (options.onCallPolicyId) {
+        smsLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        smsLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        smsLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
       const twilioConfig: TwilioConfig | null =
         options.customTwilioConfig || (await getTwilioConfig());
 

App/FeatureSet/Notification/Services/WhatsAppService.ts

@@ -0,0 +1,424 @@
+import {
+  WhatsAppTextDefaultCostInCents,
+  getMetaWhatsAppConfig,
+  MetaWhatsAppConfig,
+  DEFAULT_META_WHATSAPP_API_VERSION,
+} from "../Config";
+import BadDataException from "Common/Types/Exception/BadDataException";
+import ObjectID from "Common/Types/ObjectID";
+import UserNotificationStatus from "Common/Types/UserNotification/UserNotificationStatus";
+import WhatsAppMessage from "Common/Types/WhatsApp/WhatsAppMessage";
+import WhatsAppStatus from "Common/Types/WhatsAppStatus";
+import { JSONArray, JSONObject } from "Common/Types/JSON";
+import { IsBillingEnabled } from "Common/Server/EnvironmentConfig";
+import NotificationService from "Common/Server/Services/NotificationService";
+import ProjectService from "Common/Server/Services/ProjectService";
+import UserOnCallLogTimelineService from "Common/Server/Services/UserOnCallLogTimelineService";
+import WhatsAppLogService from "Common/Server/Services/WhatsAppLogService";
+import logger from "Common/Server/Utils/Logger";
+import Project from "Common/Models/DatabaseModels/Project";
+import WhatsAppLog from "Common/Models/DatabaseModels/WhatsAppLog";
+import API from "Common/Utils/API";
+import HTTPErrorResponse from "Common/Types/API/HTTPErrorResponse";
+import HTTPResponse from "Common/Types/API/HTTPResponse";
+import Protocol from "Common/Types/API/Protocol";
+import Route from "Common/Types/API/Route";
+import URL from "Common/Types/API/URL";
+
+const SENSITIVE_MESSAGE_PLACEHOLDER: string =
+  "This message is sensitive and is not logged";
+
+export default class WhatsAppService {
+  public static async sendWhatsApp(
+    message: WhatsAppMessage,
+    options: {
+      projectId?: ObjectID | undefined;
+      isSensitive?: boolean | undefined;
+      userOnCallLogTimelineId?: ObjectID | undefined;
+      incidentId?: ObjectID | undefined;
+      alertId?: ObjectID | undefined;
+      scheduledMaintenanceId?: ObjectID | undefined;
+      statusPageId?: ObjectID | undefined;
+      statusPageAnnouncementId?: ObjectID | undefined;
+      userId?: ObjectID | undefined;
+      onCallPolicyId?: ObjectID | undefined;
+      onCallPolicyEscalationRuleId?: ObjectID | undefined;
+      onCallDutyPolicyExecutionLogTimelineId?: ObjectID | undefined;
+      onCallScheduleId?: ObjectID | undefined;
+      teamId?: ObjectID | undefined;
+    } = {},
+  ): Promise<void> {
+    let sendError: Error | null = null;
+    const whatsAppLog: WhatsAppLog = new WhatsAppLog();
+
+    try {
+      if (!message.to) {
+        throw new BadDataException(
+          "WhatsApp recipient phone number is required",
+        );
+      }
+
+      if (!message.body && !message.templateKey) {
+        throw new BadDataException(
+          "Either WhatsApp message body or template key must be provided",
+        );
+      }
+
+      const config: MetaWhatsAppConfig = await getMetaWhatsAppConfig();
+
+      const isSensitiveMessage: boolean = Boolean(options.isSensitive);
+      const messageSummary: string = isSensitiveMessage
+        ? SENSITIVE_MESSAGE_PLACEHOLDER
+        : message.body ||
+          (message.templateKey
+            ? `Template: ${message.templateKey}${
+                message.templateVariables
+                  ? " Variables: " + JSON.stringify(message.templateVariables)
+                  : ""
+              }`
+            : "");
+
+      whatsAppLog.toNumber = message.to;
+      whatsAppLog.messageText = messageSummary;
+      whatsAppLog.whatsAppCostInUSDCents = 0;
+
+      if (options.projectId) {
+        whatsAppLog.projectId = options.projectId;
+      }
+
+      if (options.incidentId) {
+        whatsAppLog.incidentId = options.incidentId;
+      }
+
+      if (options.alertId) {
+        whatsAppLog.alertId = options.alertId;
+      }
+
+      if (options.scheduledMaintenanceId) {
+        whatsAppLog.scheduledMaintenanceId = options.scheduledMaintenanceId;
+      }
+
+      if (options.statusPageId) {
+        whatsAppLog.statusPageId = options.statusPageId;
+      }
+
+      if (options.statusPageAnnouncementId) {
+        whatsAppLog.statusPageAnnouncementId = options.statusPageAnnouncementId;
+      }
+
+      if (options.userId) {
+        whatsAppLog.userId = options.userId;
+      }
+
+      if (options.teamId) {
+        whatsAppLog.teamId = options.teamId;
+      }
+
+      if (options.onCallPolicyId) {
+        whatsAppLog.onCallDutyPolicyId = options.onCallPolicyId;
+      }
+
+      if (options.onCallPolicyEscalationRuleId) {
+        whatsAppLog.onCallDutyPolicyEscalationRuleId =
+          options.onCallPolicyEscalationRuleId;
+      }
+
+      if (options.onCallScheduleId) {
+        whatsAppLog.onCallDutyPolicyScheduleId = options.onCallScheduleId;
+      }
+
+      let messageCost: number = 0;
+      const shouldChargeForMessage: boolean = IsBillingEnabled;
+
+      if (shouldChargeForMessage) {
+        messageCost = WhatsAppTextDefaultCostInCents / 100;
+      }
+
+      let project: Project | null = null;
+
+      if (options.projectId) {
+        project = await ProjectService.findOneById({
+          id: options.projectId,
+          select: {
+            smsOrCallCurrentBalanceInUSDCents: true,
+            lowCallAndSMSBalanceNotificationSentToOwners: true,
+            name: true,
+            notEnabledSmsOrCallNotificationSentToOwners: true,
+          },
+          props: {
+            isRoot: true,
+          },
+        });
+
+        if (!project) {
+          whatsAppLog.status = WhatsAppStatus.Error;
+          whatsAppLog.statusMessage = `Project ${options.projectId.toString()} not found.`;
+          logger.error(whatsAppLog.statusMessage);
+          await WhatsAppLogService.create({
+            data: whatsAppLog,
+            props: {
+              isRoot: true,
+            },
+          });
+          return;
+        }
+
+        if (shouldChargeForMessage) {
+          let updatedBalance: number =
+            project.smsOrCallCurrentBalanceInUSDCents || 0;
+
+          try {
+            updatedBalance = await NotificationService.rechargeIfBalanceIsLow(
+              project.id!,
+            );
+          } catch (err) {
+            logger.error(err);
+          }
+
+          project.smsOrCallCurrentBalanceInUSDCents = updatedBalance;
+
+          if (!project.smsOrCallCurrentBalanceInUSDCents) {
+            whatsAppLog.status = WhatsAppStatus.LowBalance;
+            whatsAppLog.statusMessage = `Project ${options.projectId.toString()} does not have enough balance for WhatsApp messages.`;
+            logger.error(whatsAppLog.statusMessage);
+
+            await WhatsAppLogService.create({
+              data: whatsAppLog,
+              props: {
+                isRoot: true,
+              },
+            });
+
+            if (!project.lowCallAndSMSBalanceNotificationSentToOwners) {
+              await ProjectService.updateOneById({
+                id: project.id!,
+                data: {
+                  lowCallAndSMSBalanceNotificationSentToOwners: true,
+                },
+                props: {
+                  isRoot: true,
+                },
+              });
+
+              await ProjectService.sendEmailToProjectOwners(
+                project.id!,
+                `Low WhatsApp message balance for ${project.name || ""}`,
+                `We tried to send a WhatsApp message to ${message.to.toString()} with message:<br/><br/>${messageSummary}<br/><br/>The message was not sent because your project does not have enough balance for WhatsApp messages. Current balance is ${
+                  (project.smsOrCallCurrentBalanceInUSDCents || 0) / 100
+                } USD. Required balance for this message is ${messageCost} USD. Please enable auto recharge or recharge manually.`,
+              );
+            }
+            return;
+          }
+
+          if (project.smsOrCallCurrentBalanceInUSDCents < messageCost * 100) {
+            whatsAppLog.status = WhatsAppStatus.LowBalance;
+            whatsAppLog.statusMessage = `Project does not have enough balance to send WhatsApp message. Current balance is ${
+              project.smsOrCallCurrentBalanceInUSDCents / 100
+            } USD. Required balance is ${messageCost} USD.`;
+            logger.error(whatsAppLog.statusMessage);
+
+            await WhatsAppLogService.create({
+              data: whatsAppLog,
+              props: {
+                isRoot: true,
+              },
+            });
+
+            if (!project.lowCallAndSMSBalanceNotificationSentToOwners) {
+              await ProjectService.updateOneById({
+                id: project.id!,
+                data: {
+                  lowCallAndSMSBalanceNotificationSentToOwners: true,
+                },
+                props: {
+                  isRoot: true,
+                },
+              });
+
+              await ProjectService.sendEmailToProjectOwners(
+                project.id!,
+                `Low WhatsApp message balance for ${project.name || ""}`,
+                `We tried to send a WhatsApp message to ${message.to.toString()} with message:<br/><br/>${messageSummary}<br/><br/>The message was not sent because your project does not have enough balance for WhatsApp messages. Current balance is ${
+                  project.smsOrCallCurrentBalanceInUSDCents / 100
+                } USD. Required balance is ${messageCost} USD. Please enable auto recharge or recharge manually.`,
+              );
+            }
+            return;
+          }
+        }
+      }
+
+      const payload: JSONObject = {
+        messaging_product: "whatsapp",
+        to: message.to.toString(),
+      } as JSONObject;
+
+      if(!message.templateKey){
+        throw new BadDataException("WhatsApp message template key is required");
+      }
+
+      if (message.templateKey) {
+        const template: JSONObject = {
+          name: message.templateKey,
+          language: {
+            code: message.templateLanguageCode || "en",
+          },
+        } as JSONObject;
+
+        if (
+          message.templateVariables &&
+          Object.keys(message.templateVariables).length > 0
+        ) {
+          const parameters: JSONArray = [];
+
+          for (const value of Object.values(message.templateVariables)) {
+            parameters.push({
+              type: "text",
+              text: value,
+            } as JSONObject);
+          }
+
+          if (parameters.length > 0) {
+            template["components"] = [
+              {
+                type: "body",
+                parameters,
+              },
+            ] as JSONArray;
+          }
+        }
+
+        payload["type"] = "template";
+        payload["template"] = template;
+      } else {
+        payload["type"] = "text";
+        payload["text"] = {
+          body: message.body || "",
+        } as JSONObject;
+      }
+
+      const apiVersion: string =
+        config.apiVersion?.trim() || DEFAULT_META_WHATSAPP_API_VERSION;
+
+      const url: URL = new URL(
+        Protocol.HTTPS,
+        "graph.facebook.com",
+        new Route(`${apiVersion}/${config.phoneNumberId}/messages`),
+      );
+
+      logger.debug(`WhatsApp API request: ${JSON.stringify(payload)}`);
+
+      const response: HTTPResponse<JSONObject> | HTTPErrorResponse =
+        await API.post<JSONObject>({
+          url,
+          data: payload,
+          headers: {
+            Authorization: `Bearer ${config.accessToken}`,
+            "Content-Type": "application/json",
+          },
+        });
+
+      if (response instanceof HTTPErrorResponse) {
+        logger.error("Failed to send WhatsApp message.");
+        logger.error(response);
+        const responseDataAsJSONObject: JSONObject = response.data;
+        const responseJsonAsJSONObject: JSONObject | undefined =
+          (response.jsonData as JSONObject | undefined) || undefined;
+
+        const detailedErrorMessage: string | undefined =
+          ((responseDataAsJSONObject["error"] as JSONObject | undefined)?.[
+            "message"
+          ] as string | undefined) ||
+          ((responseJsonAsJSONObject?.["error"] as JSONObject | undefined)?.[
+            "message"
+          ] as string | undefined);
+
+        throw new BadDataException(
+          detailedErrorMessage || "Failed to send WhatsApp message.",
+        );
+      }
+
+      const responseData: JSONObject = (response.jsonData || {}) as JSONObject;
+
+      let messageId: string | undefined = undefined;
+      const messagesArray: JSONArray | undefined =
+        (responseData["messages"] as JSONArray) || undefined;
+
+      if (Array.isArray(messagesArray) && messagesArray.length > 0) {
+        const firstMessage: JSONObject = messagesArray[0] as JSONObject;
+        if (firstMessage["id"]) {
+          messageId = firstMessage["id"] as string;
+        }
+      }
+
+      whatsAppLog.status = WhatsAppStatus.Success;
+      whatsAppLog.statusMessage = messageId
+        ? `Message ID: ${messageId}`
+        : "WhatsApp message sent successfully";
+
+      if (shouldChargeForMessage && project) {
+        const deduction: number = Math.floor(messageCost * 100);
+        whatsAppLog.whatsAppCostInUSDCents = deduction;
+
+        project.smsOrCallCurrentBalanceInUSDCents = Math.max(
+          0,
+          Math.floor(
+            (project.smsOrCallCurrentBalanceInUSDCents || 0) - deduction,
+          ),
+        );
+
+        await ProjectService.updateOneById({
+          id: project.id!,
+          data: {
+            smsOrCallCurrentBalanceInUSDCents:
+              project.smsOrCallCurrentBalanceInUSDCents,
+            notEnabledSmsOrCallNotificationSentToOwners: false,
+          },
+          props: {
+            isRoot: true,
+          },
+        });
+      }
+    } catch (error: any) {
+      logger.error("Failed to send WhatsApp message.");
+      logger.error(error);
+      whatsAppLog.whatsAppCostInUSDCents = 0;
+      whatsAppLog.status = WhatsAppStatus.Error;
+      const errorMessage: string =
+        error && error.message ? error.message.toString() : `${error}`;
+      whatsAppLog.statusMessage = errorMessage;
+      
+      sendError = error;
+    }
+
+    if (options.projectId) {
+      await WhatsAppLogService.create({
+        data: whatsAppLog,
+        props: {
+          isRoot: true,
+        },
+      });
+    }
+
+    if (options.userOnCallLogTimelineId) {
+      await UserOnCallLogTimelineService.updateOneById({
+        id: options.userOnCallLogTimelineId,
+        data: {
+          status:
+            whatsAppLog.status === WhatsAppStatus.Success
+              ? UserNotificationStatus.Sent
+              : UserNotificationStatus.Error,
+          statusMessage: whatsAppLog.statusMessage,
+        },
+        props: {
+          isRoot: true,
+        },
+      });
+    }
+
+    if (sendError) {
+      throw sendError;
+    }
+  }
+}

App/FeatureSet/Notification/Utils/Handlebars.ts

@@ -42,10 +42,10 @@ loadPartials().catch((err: Error) => {
 
 Handlebars.registerHelper("ifCond", function (v1, v2, options) {
   if (v1 === v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });
 
@@ -56,9 +56,9 @@ Handlebars.registerHelper("concat", (v1: any, v2: any) => {
 
 Handlebars.registerHelper("ifNotCond", function (v1, v2, options) {
   if (v1 !== v2) {
-    //@ts-ignore
+    //@ts-expect-error - Handlebars uses dynamic this context for template helpers
     return options.fn(this);
   }
-  //@ts-ignore
+  //@ts-expect-error - Handlebars uses dynamic this context for template helpers
   return options.inverse(this);
 });

App/nodemon.json

@@ -1,8 +1,20 @@
 {
     "watch": ["./","../Common/Server", "../Common/Types", "../Common/Utils", "../Common/Models"],
-    "ext": "ts,json,tsx,env,js,jsx,hbs",
+    "ext": "ts,tsx",
     "ignore": [
+        "./node_modules/**",
+        "./public/**",
+        "./bin/**",
+        "./build/**",
         "greenlock.d/*"
     ],
-    "exec": "node --inspect=0.0.0.0:9229 --require ts-node/register Index.ts"
+    "watchOptions": {
+        "useFsEvents": false,
+        "interval": 500
+    },
+    "env": {
+        "TS_NODE_TRANSPILE_ONLY": "1",
+        "TS_NODE_FILES": "false"
+    },
+    "exec": "node  -r ts-node/register/transpile-only Index.ts"
 }

App/package-lock.json

@@ -76,6 +76,7 @@
         "crypto-js": "^4.2.0",
         "dotenv": "^16.4.4",
         "ejs": "^3.1.10",
+        "elkjs": "^0.10.0",
         "esbuild": "^0.25.5",
         "express": "^4.21.1",
         "formik": "^2.4.6",

Common/Models/DatabaseModels/CallLog.ts

@@ -1,5 +1,14 @@
 import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
 import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import CallStatus from "../../Types/Call/CallStatus";
@@ -256,6 +265,575 @@ export default class CallLog extends BaseModel {
   })
   public callCostInUSDCents?: number = undefined;
 
+  // Relations to resources that triggered this Call (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description: "ID of On-Call Duty Policy associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this Call (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadCallLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this Call (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/CopilotAction.ts

@@ -729,6 +729,7 @@ export default class CopilotAction extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Is Priority",
     description: "Is Priority",
+    defaultValue: false,
   })
   @Column({
     nullable: false,

Common/Models/DatabaseModels/EmailLog.ts

@@ -1,6 +1,15 @@
 import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
 import ProjectSmtpConfig from "./ProjectSmtpConfig";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
 import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
@@ -289,6 +298,576 @@ export default class EmailLog extends BaseModel {
   })
   public projectSmtpConfigId?: ObjectID = undefined;
 
+  // Relations to resources that triggered this email (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description:
+      "ID of On-Call Duty Policy associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this email (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadEmailLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this email (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/GlobalConfig.ts

@@ -48,6 +48,7 @@ export default class GlobalConfig extends GlobalConfigModel {
     type: TableColumnType.Boolean,
     title: "Disable Signup",
     description: "Should we disable new user sign up to this server?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -261,6 +262,96 @@ export default class GlobalConfig extends GlobalConfigModel {
   })
   public twilioSecondaryPhoneNumbers?: string = undefined; // phone numbers separated by comma
 
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Meta WhatsApp Access Token",
+    description:
+      "Access token generated from Meta for sending WhatsApp messages.",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAccessToken?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp Phone Number ID",
+    description: "The WhatsApp Business phone number ID from Meta.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppPhoneNumberId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp Business Account ID",
+    description: "Business account ID associated with your WhatsApp setup.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppBusinessAccountId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Meta WhatsApp App ID",
+    description:
+      "Facebook App ID used for the WhatsApp Business Platform integration.",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAppId?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Meta WhatsApp App Secret",
+    description: "Facebook App Secret for the WhatsApp Business Platform.",
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+    unique: true,
+  })
+  public metaWhatsAppAppSecret?: string = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],
@@ -338,6 +429,7 @@ export default class GlobalConfig extends GlobalConfigModel {
     type: TableColumnType.Boolean,
     title: "Is Master API Key Enabled",
     description: "Is Master API Key Enabled?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/Incident.ts

@@ -27,6 +27,7 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import {
   Column,
   Entity,
@@ -733,29 +734,74 @@ export default class Incident extends BaseModel {
   public changeMonitorStatusToId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectIncident,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadProjectIncident,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectIncident,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this incident?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description:
+      "Status of notification sent to subscribers about this incident",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnIncidentCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnIncidentCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectIncident,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectIncident,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectIncident,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentPublicNote.ts

@@ -17,6 +17,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -341,29 +342,73 @@ export default class IncidentPublicNote extends BaseModel {
   public note?: string = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadIncidentPublicNote,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentPublicNote,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this note?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description: "Status of notification sent to subscribers about this note",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnNoteCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnNoteCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentPublicNote,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentPublicNote,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/IncidentStateTimeline.ts

@@ -19,6 +19,7 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -391,29 +392,74 @@ export default class IncidentStateTimeline extends BaseModel {
   public incidentStateId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentStateTimeline,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadIncidentStateTimeline,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentStateTimeline,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this incident state change?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description:
+      "Status of notification sent to subscribers about this incident state change",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotified?: boolean = undefined;
+  public subscriberNotificationStatus?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentStateTimeline,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentStateTimeline,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentStateTimeline,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [
@@ -435,6 +481,7 @@ export default class IncidentStateTimeline extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Should subscribers be notified?",
     description: "Should subscribers be notified about this state change?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -461,6 +508,7 @@ export default class IncidentStateTimeline extends BaseModel {
     isDefaultValueColumn: true,
     title: "Are Owners Notified",
     description: "Are owners notified of state change?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/IncidentTemplate.ts

@@ -716,6 +716,77 @@ export default class IncidentTemplate extends BaseModel {
   })
   public changeMonitorStatusToId?: ObjectID = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "initialIncidentStateId",
+    type: TableColumnType.Entity,
+    modelType: IncidentState,
+    title: "Initial Incident State",
+    description:
+      "Relation to Incident State Object. Incidents created from this template will start in this state.",
+  })
+  @ManyToOne(
+    () => {
+      return IncidentState;
+    },
+    {
+      eager: false,
+      nullable: true,
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "initialIncidentStateId" })
+  public initialIncidentState?: IncidentState = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadIncidentTemplate,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditIncidentTemplate,
+    ],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    title: "Initial Incident State ID",
+    description:
+      "Relation to Incident State Object ID. Incidents created from this template will start in this state.",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public initialIncidentStateId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/Index.ts

@@ -100,6 +100,9 @@ import ServiceCopilotCodeRepository from "./ServiceCopilotCodeRepository";
 import ShortLink from "./ShortLink";
 // SMS
 import SmsLog from "./SmsLog";
+import WhatsAppLog from "./WhatsAppLog";
+import PushNotificationLog from "./PushNotificationLog";
+import WorkspaceNotificationLog from "./WorkspaceNotificationLog";
 // Status Page
 import StatusPage from "./StatusPage";
 import StatusPageAnnouncement from "./StatusPageAnnouncement";
@@ -114,12 +117,14 @@ import StatusPageOwnerTeam from "./StatusPageOwnerTeam";
 import StatusPageOwnerUser from "./StatusPageOwnerUser";
 import StatusPagePrivateUser from "./StatusPagePrivateUser";
 import StatusPageResource from "./StatusPageResource";
+import StatusPageSCIM from "./StatusPageSCIM";
 import StatusPageSSO from "./StatusPageSso";
 import StatusPageSubscriber from "./StatusPageSubscriber";
 // Team
 import Team from "./Team";
 import TeamMember from "./TeamMember";
 import TeamPermission from "./TeamPermission";
+import TeamComplianceSetting from "./TeamComplianceSetting";
 import TelemetryService from "./TelemetryService";
 import UsageBilling from "./TelemetryUsageBilling";
 import User from "./User";
@@ -127,6 +132,7 @@ import UserCall from "./UserCall";
 // Notification Methods
 import UserEmail from "./UserEmail";
 import UserPush from "./UserPush";
+import UserWhatsApp from "./UserWhatsApp";
 // User Notification Rules
 import UserNotificationRule from "./UserNotificationRule";
 import UserNotificationSetting from "./UserNotificationSetting";
@@ -142,7 +148,8 @@ import ServiceCatalogDependency from "./ServiceCatalogDependency";
 import ServiceCatalogMonitor from "./ServiceCatalogMonitor";
 import ServiceCatalogTelemetryService from "./ServiceCatalogTelemetryService";
 
-import UserTwoFactorAuth from "./UserTwoFactorAuth";
+import UserTotpAuth from "./UserTotpAuth";
+import UserWebAuthn from "./UserWebAuthn";
 
 import TelemetryIngestionKey from "./TelemetryIngestionKey";
 
@@ -175,10 +182,11 @@ import WorkspaceUserAuthToken from "./WorkspaceUserAuthToken";
 import WorkspaceProjectAuthToken from "./WorkspaceProjectAuthToken";
 import WorkspaceSetting from "./WorkspaceSetting";
 import WorkspaceNotificationRule from "./WorkspaceNotificationRule";
-import ProjectUser from "./ProjectUser";
+
 import OnCallDutyPolicyUserOverride from "./OnCallDutyPolicyUserOverride";
 import MonitorFeed from "./MonitorFeed";
 import MetricType from "./MetricType";
+import ProjectSCIM from "./ProjectSCIM";
 
 const AllModelTypes: Array<{
   new (): BaseModel;
@@ -192,6 +200,7 @@ const AllModelTypes: Array<{
   Team,
   TeamMember,
   TeamPermission,
+  TeamComplianceSetting,
   ApiKey,
   Label,
   ApiKeyPermission,
@@ -276,6 +285,7 @@ const AllModelTypes: Array<{
 
   ProjectSSO,
   StatusPageSSO,
+  StatusPageSCIM,
 
   MonitorProbe,
 
@@ -289,6 +299,9 @@ const AllModelTypes: Array<{
   StatusPageOwnerUser,
 
   SmsLog,
+  WhatsAppLog,
+  PushNotificationLog,
+  WorkspaceNotificationLog,
   CallLog,
   EmailLog,
 
@@ -296,6 +309,7 @@ const AllModelTypes: Array<{
   UserSms,
   UserCall,
   UserPush,
+  UserWhatsApp,
 
   UserNotificationRule,
   UserOnCallLog,
@@ -357,7 +371,8 @@ const AllModelTypes: Array<{
   ProbeOwnerTeam,
   ProbeOwnerUser,
 
-  UserTwoFactorAuth,
+  UserTotpAuth,
+  UserWebAuthn,
 
   TelemetryIngestionKey,
 
@@ -373,13 +388,13 @@ const AllModelTypes: Array<{
   WorkspaceSetting,
   WorkspaceNotificationRule,
 
-  ProjectUser,
-
   MonitorFeed,
 
   MetricType,
 
   OnCallDutyPolicyTimeLog,
+
+  ProjectSCIM,
 ];
 
 const modelTypeMap: { [key: string]: { new (): BaseModel } } = {};

Common/Models/DatabaseModels/MonitorStatus.ts

@@ -456,6 +456,7 @@ export default class MonitorStatus extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Is Offline State",
     description: "Is this monitor in offline state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/OnCallDutyPolicy.ts

@@ -29,10 +29,17 @@ import {
   ManyToOne,
 } from "typeorm";
 import NotificationRuleWorkspaceChannel from "../../Types/Workspace/NotificationRules/NotificationRuleWorkspaceChannel";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,
@@ -455,7 +462,7 @@ export default class OnCallDutyPolicy extends BaseModel {
   @TableColumn({
     required: true,
     isDefaultValueColumn: true,
-    type: TableColumnType.Boolean,
+    type: TableColumnType.Number,
     canReadOnRelationQuery: true,
     title: "Repeat Policy Times If No One Acknowledges",
     description:

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRule.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleSchedule.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleSchedule,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-schedule"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-schedule"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleSchedule",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleTeam.ts

@@ -47,7 +47,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleTeam,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-team"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-team"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleTeam",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyEscalationRuleUser.ts

@@ -46,7 +46,7 @@ import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
     Permission.EditProjectOnCallDutyPolicyEscalationRuleUser,
   ],
 })
-@CrudApiEndpoint(new Route("/on-call-duty-policy-esclation-rule-user"))
+@CrudApiEndpoint(new Route("/on-call-duty-policy-escalation-rule-user"))
 @Entity({
   name: "OnCallDutyPolicyEscalationRuleUser",
 })

Common/Models/DatabaseModels/OnCallDutyPolicyExecutionLog.ts

@@ -25,6 +25,7 @@ import Permission from "../../Types/Permission";
 import UserNotificationEventType from "../../Types/UserNotification/UserNotificationEventType";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import Alert from "./Alert";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @TableBillingAccessControl({
   create: PlanType.Growth,
@@ -32,6 +33,12 @@ import Alert from "./Alert";
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @EnableDocumentation()
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicySchedule.ts

@@ -29,6 +29,7 @@ import {
   ManyToMany,
   ManyToOne,
 } from "typeorm";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -37,6 +38,12 @@ import {
   update: PlanType.Growth,
   delete: PlanType.Growth,
 })
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @AccessControlColumn("labels")
 @TenantColumn("projectId")
 @TableAccessControl({

Common/Models/DatabaseModels/OnCallDutyPolicyTimeLog.ts

@@ -17,6 +17,7 @@ import Permission from "../../Types/Permission";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
 import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
 
 @EnableDocumentation()
 @TableBillingAccessControl({
@@ -26,6 +27,12 @@ import { PlanType } from "../../Types/Billing/SubscriptionPlan";
   delete: PlanType.Growth,
 })
 @TenantColumn("projectId")
+@EnableWorkflow({
+  create: true,
+  delete: true,
+  update: true,
+  read: true,
+})
 @TableAccessControl({
   create: [
     Permission.ProjectOwner,

Common/Models/DatabaseModels/OnCallDutyPolicyUserOverride.ts

@@ -132,9 +132,11 @@ export default class OnCallDutyPolicyUserOverride extends BaseModel {
   })
   public projectId?: ObjectID = undefined;
 
-  // If this is null then it's a global override
-  // If this is set then it's a policy specific override
-  // Policy specifc override will take precedence over global override
+  /*
+   * If this is null then it's a global override
+   * If this is set then it's a policy specific override
+   * Policy specifc override will take precedence over global override
+   */
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/Project.ts

@@ -248,6 +248,84 @@ export default class Project extends TenantModel {
   })
   public paymentProviderCustomerId?: string = undefined;
 
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.LongText,
+    title: "Business Details / Billing Address",
+    description:
+      "Business legal name, address and any tax information to appear on invoices.",
+  })
+  @Column({
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+    nullable: true,
+    unique: false,
+  })
+  public businessDetails?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.ShortText,
+    title: "Business Country (ISO Alpha-2)",
+    description:
+      "Two-letter ISO country code for billing address (e.g., US, GB, DE).",
+  })
+  @Column({
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+    nullable: true,
+    unique: false,
+  })
+  public businessDetailsCountry?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    type: TableColumnType.Email,
+    title: "Finance / Accounting Email",
+    description:
+      "Invoices, receipts and billing related notifications will be sent to this email in addition to project owner.",
+  })
+  @Column({
+    type: ColumnType.Email,
+    length: ColumnLength.Email,
+    nullable: true,
+    unique: false,
+  })
+  public financeAccountingEmail?: string = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [
@@ -720,6 +798,33 @@ export default class Project extends TenantModel {
   })
   public enableSmsNotifications?: boolean = undefined;
 
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [Permission.ProjectOwner, Permission.ManageProjectBilling],
+  })
+  @TableColumn({
+    required: true,
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable WhatsApp Notifications",
+    description: "Enable WhatsApp notifications for this project.",
+    defaultValue: false,
+  })
+  @Column({
+    nullable: false,
+    default: false,
+    type: ColumnType.Boolean,
+  })
+  public enableWhatsAppNotifications?: boolean = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [
@@ -1213,4 +1318,63 @@ export default class Project extends TenantModel {
     type: ColumnType.Boolean,
   })
   public letCustomerSupportAccessProject?: boolean = undefined;
+
+  /*
+   * This is an internal field. This is used for internal analytics for example: Metabase.
+   * Values can be between 0 and 100.
+   */
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.Number,
+    isDefaultValueColumn: true,
+    hideColumnInDocumentation: true,
+    title: "Discount Percent",
+    description: "Discount percentage applied to the project billing",
+    defaultValue: 0,
+  })
+  @Column({
+    type: ColumnType.Number,
+    nullable: false,
+    unique: false,
+    default: 0,
+  })
+  public discountPercent?: number = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProject,
+      Permission.UnAuthorizedSsoUser,
+      Permission.ProjectUser,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProject,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.Boolean,
+    isDefaultValueColumn: false,
+    title: "Do NOT auto-add Global Probes to new monitors",
+    description:
+      "If enabled, global probes will NOT be automatically added to new monitors. Enable this only if you are using ONLY custom probes to monitor your resources.",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    nullable: false,
+    unique: false,
+    default: false,
+  })
+  public doNotAddGlobalProbesByDefaultOnNewMonitors?: boolean = undefined;
 }

Common/Models/DatabaseModels/ProjectSCIM.ts

@@ -0,0 +1,482 @@
+import Project from "./Project";
+import Team from "./Team";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import UniqueColumnBy from "../../Types/Database/UniqueColumnBy";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import {
+  Column,
+  Entity,
+  Index,
+  JoinColumn,
+  JoinTable,
+  ManyToMany,
+  ManyToOne,
+} from "typeorm";
+
+@TableBillingAccessControl({
+  create: PlanType.Scale,
+  read: PlanType.Scale,
+  update: PlanType.Scale,
+  delete: PlanType.Scale,
+})
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.CreateProjectSSO,
+  ],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadProjectSSO,
+  ],
+  delete: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.DeleteProjectSSO,
+  ],
+  update: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectSSO,
+  ],
+})
+@CrudApiEndpoint(new Route("/project-scim"))
+@TableMetadata({
+  tableName: "ProjectSCIM",
+  singularName: "SCIM",
+  pluralName: "SCIM",
+  icon: IconProp.Lock,
+  tableDescription: "Manage SCIM auto-provisioning for your project",
+})
+@Entity({
+  name: "ProjectSCIM",
+})
+export default class ProjectSCIM extends BaseModel {
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    canReadOnRelationQuery: true,
+    title: "Name",
+    description: "Any friendly name for this SCIM configuration",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  @UniqueColumnBy("projectId")
+  public name?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Description",
+    description: "Friendly description to help you remember",
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public description?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Bearer Token",
+    description: "Bearer token for SCIM authentication. Keep this secure.",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public bearerToken?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Team,
+    title: "Default Teams",
+    description: "Default teams that new users will be added to via SCIM",
+  })
+  @ManyToMany(
+    () => {
+      return Team;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "ProjectScimTeam",
+    inverseJoinColumn: {
+      name: "teamId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "projectScimId",
+      referencedColumnName: "_id",
+    },
+  })
+  public teams?: Array<Team> = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Provision Users",
+    description: "Automatically create users when they are added via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoProvisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Deprovision Users",
+    description: "Automatically remove users when they are removed via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoDeprovisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable Push Groups",
+    description: "Enable push groups provisioning instead of default teams",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public enablePushGroups?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateProjectSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Deleted by User",
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/ProjectSmtpConfig.ts

@@ -336,8 +336,10 @@ export default class ProjectSmtpConfig extends BaseModel {
   })
   public deletedByUserId?: ObjectID = undefined;
 
-  // This is not required because some SMTP servers do not require authentication.
-  // eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+  /*
+   * This is not required because some SMTP servers do not require authentication.
+   * eg: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send
+   */
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/ProjectSso.ts

@@ -578,7 +578,11 @@ export default class ProjectSSO extends BaseModel {
     ],
     update: [],
   })
-  @TableColumn({ isDefaultValueColumn: true, type: TableColumnType.Boolean })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    defaultValue: false,
+  })
   @Column({
     type: ColumnType.Boolean,
     default: false,

Common/Models/DatabaseModels/PushNotificationLog.ts

@@ -0,0 +1,877 @@
+import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
+import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import PushStatus from "../../Types/PushNotification/PushStatus";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@EnableDocumentation()
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadPushLog,
+  ],
+  delete: [],
+  update: [],
+})
+@CrudApiEndpoint(new Route("/push-notification-log"))
+@Entity({
+  name: "PushNotificationLog",
+})
+@EnableWorkflow({
+  create: true,
+  delete: false,
+  update: false,
+})
+@TableMetadata({
+  tableName: "PushNotificationLog",
+  singularName: "Push Notification Log",
+  pluralName: "Push Notification Logs",
+  icon: IconProp.Bell,
+  tableDescription:
+    "Logs of all the Push Notifications sent out to all users and subscribers for this project.",
+})
+export default class PushNotificationLog extends BaseModel {
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Title",
+    description: "Title of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public title?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.VeryLongText,
+    title: "Body",
+    description: "Body of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.VeryLongText,
+  })
+  public body?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.ShortText,
+    title: "Device Type",
+    description: "Type of device this was sent to (e.g., web)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public deviceType?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.ShortText,
+    title: "Device Name",
+    description: "Name of the device this was sent to",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public deviceName?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Status Message",
+    description: "Status Message (if any)",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public statusMessage?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    title: "Status",
+    description: "Status of the push notification",
+    canReadOnRelationQuery: false,
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  public status?: PushStatus = undefined;
+
+  // Relations to resources that triggered this push notification (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this Push notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this Push notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this Push (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this Push (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description:
+      "On-Call Duty Policy associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description:
+      "ID of On-Call Duty Policy associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this Push Notification (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadPushLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this Push Notification (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/Reseller.ts

@@ -269,6 +269,7 @@ export default class Reseller extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Enable Telemetry Features",
     description: "Should we enable telemetry features for this reseller?",
+    defaultValue: false,
   })
   @Column({
     nullable: true,

Common/Models/DatabaseModels/ScheduledMaintenance.ts

@@ -25,6 +25,7 @@ import IconProp from "../../Types/Icon/IconProp";
 import { JSONObject } from "../../Types/JSON";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import {
   Column,
   Entity,
@@ -715,29 +716,74 @@ export default class ScheduledMaintenance extends BaseModel {
   public endsAt?: Date = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectScheduledMaintenance,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadProjectScheduledMaintenance,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectScheduledMaintenance,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Status Page Subscribers Notified On Event Scheduled",
-    description: "Status Page Subscribers Notified On Event Scheduled",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status On Event Scheduled",
+    description:
+      "Status of notification sent to subscribers when event was scheduled",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnEventScheduled?: boolean = undefined;
+  public subscriberNotificationStatusOnEventScheduled?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateIncidentPublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectScheduledMaintenance,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectScheduledMaintenance,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message On Event Scheduled",
+    description:
+      "Status message for subscriber notifications when event is scheduled - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/ScheduledMaintenancePublicNote.ts

@@ -17,6 +17,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -342,29 +343,73 @@ export default class ScheduledMaintenancePublicNote extends BaseModel {
   public note?: string = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenancePublicNote,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadScheduledMaintenancePublicNote,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenancePublicNote,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this note?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description: "Status of notification sent to subscribers about this note",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotifiedOnNoteCreated?: boolean = undefined;
+  public subscriberNotificationStatusOnNoteCreated?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenancePublicNote,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadScheduledMaintenancePublicNote,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenancePublicNote,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/ScheduledMaintenanceState.ts

@@ -423,6 +423,7 @@ export default class ScheduledMaintenanceState extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Scheduled State",
     description: "Is this state a scheduled state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -456,6 +457,7 @@ export default class ScheduledMaintenanceState extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Ongoing State",
     description: "Is this state a ongoing state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -489,6 +491,7 @@ export default class ScheduledMaintenanceState extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Ended State",
     description: "Is this state a ended state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -522,6 +525,7 @@ export default class ScheduledMaintenanceState extends BaseModel {
     canReadOnRelationQuery: true,
     title: "Resolved State",
     description: "Is this state a resolved state?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/ScheduledMaintenanceStateTimeline.ts

@@ -18,6 +18,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
 
 @EnableDocumentation()
@@ -388,29 +389,74 @@ export default class ScheduledMaintenanceStateTimeline extends BaseModel {
   public scheduledMaintenanceStateId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenanceStateTimeline,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadScheduledMaintenanceStateTimeline,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenanceStateTimeline,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    title: "Are subscribers notified?",
-    description: "Are subscribers notified about this incident state change?",
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    title: "Subscriber Notification Status",
+    description:
+      "Status of notification sent to subscribers about this scheduled maintenance state change",
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotified?: boolean = undefined;
+  public subscriberNotificationStatus?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateScheduledMaintenanceStateTimeline,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadScheduledMaintenanceStateTimeline,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditScheduledMaintenanceStateTimeline,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [

Common/Models/DatabaseModels/SmsLog.ts

@@ -1,5 +1,14 @@
 import Project from "./Project";
+import Incident from "./Incident";
+import Alert from "./Alert";
+import ScheduledMaintenance from "./ScheduledMaintenance";
+import StatusPage from "./StatusPage";
+import StatusPageAnnouncement from "./StatusPageAnnouncement";
 import User from "./User";
+import OnCallDutyPolicy from "./OnCallDutyPolicy";
+import OnCallDutyPolicyEscalationRule from "./OnCallDutyPolicyEscalationRule";
+import OnCallDutyPolicySchedule from "./OnCallDutyPolicySchedule";
+import Team from "./Team";
 import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
 import Route from "../../Types/API/Route";
 import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
@@ -256,6 +265,575 @@ export default class SmsLog extends BaseModel {
   })
   public smsCostInUSDCents?: number = undefined;
 
+  // Relations to resources that triggered this SMS (nullable)
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "incidentId",
+    type: TableColumnType.Entity,
+    modelType: Incident,
+    title: "Incident",
+    description: "Incident associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Incident;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "incidentId" })
+  public incident?: Incident = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Incident ID",
+    description: "ID of Incident associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public incidentId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "userId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "User",
+    description: "User who initiated this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "userId" })
+  public user?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "User ID",
+    description: "ID of User who initiated this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public userId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "alertId",
+    type: TableColumnType.Entity,
+    modelType: Alert,
+    title: "Alert",
+    description: "Alert associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Alert;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "alertId" })
+  public alert?: Alert = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Alert ID",
+    description: "ID of Alert associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public alertId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "scheduledMaintenanceId",
+    type: TableColumnType.Entity,
+    modelType: ScheduledMaintenance,
+    title: "Scheduled Maintenance",
+    description: "Scheduled Maintenance associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return ScheduledMaintenance;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "scheduledMaintenanceId" })
+  public scheduledMaintenance?: ScheduledMaintenance = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Scheduled Maintenance ID",
+    description:
+      "ID of Scheduled Maintenance associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public scheduledMaintenanceId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description: "Status Page associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page ID",
+    description: "ID of Status Page associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageAnnouncementId",
+    type: TableColumnType.Entity,
+    modelType: StatusPageAnnouncement,
+    title: "Status Page Announcement",
+    description: "Status Page Announcement associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPageAnnouncement;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageAnnouncementId" })
+  public statusPageAnnouncement?: StatusPageAnnouncement = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Status Page Announcement ID",
+    description:
+      "ID of Status Page Announcement associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageAnnouncementId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicy,
+    title: "On-Call Duty Policy",
+    description: "On-Call Duty Policy associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicy;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyId" })
+  public onCallDutyPolicy?: OnCallDutyPolicy = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy ID",
+    description: "ID of On-Call Duty Policy associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyEscalationRuleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicyEscalationRule,
+    title: "On-Call Duty Policy Escalation Rule",
+    description:
+      "On-Call Duty Policy Escalation Rule associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicyEscalationRule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyEscalationRuleId" })
+  public onCallDutyPolicyEscalationRule?: OnCallDutyPolicyEscalationRule =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Escalation Rule ID",
+    description:
+      "ID of On-Call Duty Policy Escalation Rule associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyEscalationRuleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "onCallDutyPolicyScheduleId",
+    type: TableColumnType.Entity,
+    modelType: OnCallDutyPolicySchedule,
+    title: "On-Call Duty Policy Schedule",
+    description:
+      "On-Call Duty Policy Schedule associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return OnCallDutyPolicySchedule;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "onCallDutyPolicyScheduleId" })
+  public onCallDutyPolicySchedule?: OnCallDutyPolicySchedule = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "On-Call Duty Policy Schedule ID",
+    description:
+      "ID of On-Call Duty Policy Schedule associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public onCallDutyPolicyScheduleId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team associated with this SMS (if any)",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadSmsLog,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: false,
+    canReadOnRelationQuery: true,
+    title: "Team ID",
+    description: "ID of Team associated with this SMS (if any)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
   @ColumnAccessControl({
     create: [],
     read: [],

Common/Models/DatabaseModels/StatusPage.ts

@@ -1179,6 +1179,45 @@ export default class StatusPage extends BaseModel {
   })
   public enableSlackSubscribers?: boolean = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectStatusPage,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectStatusPage,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditProjectStatusPage,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enable Microsoft Teams Subscribers",
+    description:
+      "Can Microsoft Teams subscribers subscribe to this Status Page?",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  @ColumnBillingAccessControl({
+    read: PlanType.Free,
+    update: PlanType.Scale,
+    create: PlanType.Free,
+  })
+  public enableMicrosoftTeamsSubscribers?: boolean = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,
@@ -1438,7 +1477,12 @@ export default class StatusPage extends BaseModel {
   public callSmsConfigId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateProjectStatusPage,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
@@ -1490,6 +1534,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Number,
     required: true,
     isDefaultValueColumn: true,
+    defaultValue: 14,
     title: "Show incident history in days",
     description:
       "How many days of incident history should be shown on the status page (in days)?",
@@ -1526,6 +1571,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Number,
     required: true,
     isDefaultValueColumn: true,
+    defaultValue: 14,
     title: "Show announcement history in days",
     description:
       "How many days of announcement history should be shown on the status page (in days)?",
@@ -1562,6 +1608,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Number,
     required: true,
     isDefaultValueColumn: true,
+    defaultValue: 14,
     title: "Show scheduled event history in days",
     description:
       "How many days of scheduled event history should be shown on the status page (in days)?",
@@ -1633,6 +1680,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Hide Powered By OneUptime Branding",
     description: "Hide Powered By OneUptime Branding?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -1706,6 +1754,7 @@ export default class StatusPage extends BaseModel {
     required: false,
     type: TableColumnType.EntityArray,
     modelType: MonitorStatus,
+    isDefaultValueColumn: true,
     title: "Downtime Monitor Statuses",
     description:
       'List of monitors statuses that are considered as "down" for this status page.',
@@ -1788,6 +1837,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Is Report Enabled",
     description: "Is Report Enabled for this Status Page?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -1931,6 +1981,7 @@ export default class StatusPage extends BaseModel {
   })
   @TableColumn({
     type: TableColumnType.Number,
+    defaultValue: 30,
     title: "Report data for the last N days",
     description: "How many days of data should be included in the report?",
   })
@@ -1971,6 +2022,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Show Overall Uptime Percent on Status Page",
     description: "Show Overall Uptime Percent on Status Page?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -2007,6 +2059,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.ShortText,
     title: "Overall Uptime Percent Precision",
     required: false,
+    defaultValue: UptimePrecision.TWO_DECIMAL,
     description: "Overall Precision of uptime percent for this status page.",
   })
   @Column({
@@ -2109,6 +2162,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Show Incidents on Status Page",
     description: "Show Incidents on Status Page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -2147,6 +2201,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Show Announcements on Status Page",
     description: "Show Announcements on Status Page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -2185,6 +2240,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Show Scheduled Maintenance Events on Status Page",
     description: "Show Scheduled Maintenance Events on Status Page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -2223,6 +2279,7 @@ export default class StatusPage extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Show Subscriber Page on Status Page",
     description: "Show Subscriber Page on Status Page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/StatusPageAnnouncement.ts

@@ -1,3 +1,4 @@
+import Monitor from "./Monitor";
 import Project from "./Project";
 import StatusPage from "./StatusPage";
 import User from "./User";
@@ -21,6 +22,7 @@ import TenantColumn from "../../Types/Database/TenantColumn";
 import IconProp from "../../Types/Icon/IconProp";
 import ObjectID from "../../Types/ObjectID";
 import Permission from "../../Types/Permission";
+import StatusPageSubscriberNotificationStatus from "../../Types/StatusPage/StatusPageSubscriberNotificationStatus";
 import {
   Column,
   Entity,
@@ -197,6 +199,53 @@ export default class StatusPageAnnouncement extends BaseModel {
   })
   public statusPages?: Array<StatusPage> = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncement,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageAnnouncement,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncement,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Monitor,
+    title: "Monitors",
+    description:
+      "List of monitors affected by this announcement. If none are selected, all subscribers will be notified.",
+  })
+  @ManyToMany(
+    () => {
+      return Monitor;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "AnnouncementMonitor",
+    inverseJoinColumn: {
+      name: "monitorId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "announcementId",
+      referencedColumnName: "_id",
+    },
+  })
+  public monitors?: Array<Monitor> = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,
@@ -443,27 +492,71 @@ export default class StatusPageAnnouncement extends BaseModel {
   public deletedByUserId?: ObjectID = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncement,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
       Permission.ProjectMember,
       Permission.ReadStatusPageAnnouncement,
     ],
-    update: [],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncement,
+    ],
   })
   @TableColumn({
     isDefaultValueColumn: true,
     computed: true,
     hideColumnInDocumentation: true,
-    type: TableColumnType.Boolean,
-    defaultValue: false,
+    type: TableColumnType.ShortText,
+    defaultValue: StatusPageSubscriberNotificationStatus.Pending,
   })
   @Column({
-    type: ColumnType.Boolean,
-    default: false,
+    type: ColumnType.ShortText,
+    default: StatusPageSubscriberNotificationStatus.Pending,
   })
-  public isStatusPageSubscribersNotified?: boolean = undefined;
+  public subscriberNotificationStatus?: StatusPageSubscriberNotificationStatus =
+    undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncement,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageAnnouncement,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncement,
+    ],
+  })
+  @TableColumn({
+    type: TableColumnType.VeryLongText,
+    title: "Notification Status Message",
+    description:
+      "Status message for subscriber notifications - includes success messages, failure reasons, or skip reasons",
+    required: false,
+  })
+  @Column({
+    type: ColumnType.VeryLongText,
+    nullable: true,
+  })
+  public subscriberNotificationStatusMessage?: string = undefined;
 
   @ColumnAccessControl({
     create: [
@@ -485,6 +578,7 @@ export default class StatusPageAnnouncement extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Should subscribers be notified?",
     description: "Should subscribers be notified about this announcement?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -493,7 +587,12 @@ export default class StatusPageAnnouncement extends BaseModel {
   public shouldStatusPageSubscribersBeNotified?: boolean = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncement,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
@@ -511,6 +610,7 @@ export default class StatusPageAnnouncement extends BaseModel {
     isDefaultValueColumn: true,
     title: "Are Owners Notified",
     description: "Are owners notified of this announcement?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/StatusPageAnnouncementTemplate.ts

@@ -1,3 +1,4 @@
+import Monitor from "./Monitor";
 import Project from "./Project";
 import StatusPage from "./StatusPage";
 import User from "./User";
@@ -328,6 +329,53 @@ export default class StatusPageAnnouncementTemplate extends BaseModel {
   })
   public statusPages?: Array<StatusPage> = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageAnnouncementTemplate,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageAnnouncementTemplate,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageAnnouncementTemplate,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.EntityArray,
+    modelType: Monitor,
+    title: "Monitors",
+    description:
+      "List of monitors affected by this announcement template. If none are selected, all subscribers will be notified.",
+  })
+  @ManyToMany(
+    () => {
+      return Monitor;
+    },
+    { eager: false },
+  )
+  @JoinTable({
+    name: "AnnouncementTemplateMonitor",
+    inverseJoinColumn: {
+      name: "monitorId",
+      referencedColumnName: "_id",
+    },
+    joinColumn: {
+      name: "announcementTemplateId",
+      referencedColumnName: "_id",
+    },
+  })
+  public monitors?: Array<Monitor> = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,

Common/Models/DatabaseModels/StatusPageDomain.ts

@@ -420,10 +420,12 @@ export default class StatusPageDomain extends BaseModel {
   @JoinColumn({ name: "deletedByUserId" })
   public deletedByUser?: User = undefined;
 
-  // This token is used by the Worker.
-  // worker pings the status page of customers - eg: status.company.com/verify-token/:id
-  // and the end  point on Status Page project returns 200.
-  // when that happens the isCnameVerified is set to True and the certificate is added to Greenlock.
+  /*
+   * This token is used by the Worker.
+   * worker pings the status page of customers - eg: status.company.com/verify-token/:id
+   * and the end  point on Status Page project returns 200.
+   * when that happens the isCnameVerified is set to True and the certificate is added to Greenlock.
+   */
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,
@@ -474,7 +476,12 @@ export default class StatusPageDomain extends BaseModel {
   public isCnameVerified?: boolean = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageDomain,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
@@ -489,6 +496,7 @@ export default class StatusPageDomain extends BaseModel {
     type: TableColumnType.Boolean,
     title: "SSL Ordered",
     description: "Is SSL ordered?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -499,7 +507,12 @@ export default class StatusPageDomain extends BaseModel {
   public isSslOrdered?: boolean = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageDomain,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
@@ -514,6 +527,7 @@ export default class StatusPageDomain extends BaseModel {
     type: TableColumnType.Boolean,
     title: "SSL Provisioned",
     description: "Is SSL provisioned?",
+    defaultValue: false,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/StatusPageSCIM.ts

@@ -0,0 +1,469 @@
+import Project from "./Project";
+import StatusPage from "./StatusPage";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
+import CanAccessIfCanReadOn from "../../Types/Database/CanAccessIfCanReadOn";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import UniqueColumnBy from "../../Types/Database/UniqueColumnBy";
+import IconProp from "../../Types/Icon/IconProp";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@EnableDocumentation()
+@TableBillingAccessControl({
+  create: PlanType.Scale,
+  read: PlanType.Scale,
+  update: PlanType.Scale,
+  delete: PlanType.Scale,
+})
+@CanAccessIfCanReadOn("statusPage")
+@TenantColumn("projectId")
+@TableAccessControl({
+  create: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.CreateStatusPageSSO,
+  ],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadStatusPageSSO,
+  ],
+  delete: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.DeleteStatusPageSSO,
+  ],
+  update: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditStatusPageSSO,
+  ],
+})
+@CrudApiEndpoint(new Route("/status-page-scim"))
+@TableMetadata({
+  tableName: "StatusPageSCIM",
+  singularName: "Status Page SCIM",
+  pluralName: "Status Page SCIM",
+  icon: IconProp.Lock,
+  tableDescription: "Manage SCIM auto-provisioning for your status page",
+})
+@Entity({
+  name: "StatusPageSCIM",
+})
+export default class StatusPageSCIM extends BaseModel {
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "statusPageId",
+    type: TableColumnType.Entity,
+    modelType: StatusPage,
+    title: "Status Page",
+    description:
+      "Relation to Status Page Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return StatusPage;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "statusPageId" })
+  public statusPage?: StatusPage = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    title: "Status Page ID",
+    description: "ID of your Status Page resource where this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public statusPageId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditStatusPageSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.ShortText,
+    canReadOnRelationQuery: true,
+    title: "Name",
+    description: "Any friendly name for this SCIM configuration",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.ShortText,
+    length: ColumnLength.ShortText,
+  })
+  @UniqueColumnBy("statusPageId")
+  public name?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditStatusPageSSO,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongText,
+    title: "Description",
+    description: "Friendly description to help you remember",
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public description?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditStatusPageSSO,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Bearer Token",
+    description: "Bearer token for SCIM authentication. Keep this secure.",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public bearerToken?: string = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditStatusPageSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Provision Users",
+    description:
+      "Automatically create status page users when they are added via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoProvisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditStatusPageSSO,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Auto Deprovision Users",
+    description:
+      "Automatically remove status page users when they are removed via SCIM",
+    defaultValue: true,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: true,
+  })
+  public autoDeprovisionUsers?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.CreateStatusPageSSO,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Deleted by User",
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSSO,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+}

Common/Models/DatabaseModels/StatusPageSubscriber.ts

@@ -379,6 +379,65 @@ export default class StatusPageSubscriber extends BaseModel {
   })
   public slackWorkspaceName?: string = undefined;
 
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageSubscriber,
+      Permission.Public,
+    ],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.LongURL,
+    title: "Microsoft Teams Incoming Webhook URL",
+    description:
+      "Microsoft Teams incoming webhook URL to send notifications to Teams channel",
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.LongURL,
+    transformer: URL.getDatabaseTransformer(),
+  })
+  public microsoftTeamsIncomingWebhookUrl?: URL = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.CreateStatusPageSubscriber,
+      Permission.Public,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadStatusPageSubscriber,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.EditStatusPageSubscriber,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.VeryLongText,
+    title: "Microsoft Teams Workspace Name",
+    description:
+      "Name of the Microsoft Teams workspace for validation and identification",
+  })
+  @Column({
+    nullable: true,
+    type: ColumnType.VeryLongText,
+  })
+  public microsoftTeamsWorkspaceName?: string = undefined;
+
   @ColumnAccessControl({
     create: [
       Permission.ProjectOwner,
@@ -608,6 +667,7 @@ export default class StatusPageSubscriber extends BaseModel {
     type: TableColumnType.Boolean,
     title: "Send You Have Subscribed Message",
     description: "Send You Have Subscribed Message when subscriber is created?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -642,6 +702,7 @@ export default class StatusPageSubscriber extends BaseModel {
     title: "Is Subscribed to All Resources",
     description:
       "Is Subscriber Subscribed to All Resources on this status page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,
@@ -676,6 +737,7 @@ export default class StatusPageSubscriber extends BaseModel {
     title: "Is Subscribed to All Event Types",
     description:
       "Is Subscriber Subscribed to All Event Types (like Incidents, Scheduled Events, Announcements) on this status page?",
+    defaultValue: true,
   })
   @Column({
     type: ColumnType.Boolean,

Common/Models/DatabaseModels/TableView.ts

@@ -442,6 +442,7 @@ export default class TableView extends BaseModel {
     type: TableColumnType.Number,
     canReadOnRelationQuery: true,
     description: "Items on page",
+    defaultValue: 10,
   })
   @Column({
     type: ColumnType.Number,

Common/Models/DatabaseModels/TeamComplianceSetting.ts

@@ -0,0 +1,403 @@
+import Project from "./Project";
+import Team from "./Team";
+import User from "./User";
+import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
+import Route from "../../Types/API/Route";
+import { PlanType } from "../../Types/Billing/SubscriptionPlan";
+import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
+import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
+import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
+import ColumnLength from "../../Types/Database/ColumnLength";
+import ColumnType from "../../Types/Database/ColumnType";
+import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
+import EnableWorkflow from "../../Types/Database/EnableWorkflow";
+import TableColumn from "../../Types/Database/TableColumn";
+import TableColumnType from "../../Types/Database/TableColumnType";
+import TableMetadata from "../../Types/Database/TableMetadata";
+import TenantColumn from "../../Types/Database/TenantColumn";
+import IconProp from "../../Types/Icon/IconProp";
+import { JSONObject } from "../../Types/JSON";
+import ObjectID from "../../Types/ObjectID";
+import Permission from "../../Types/Permission";
+import ComplianceRuleType from "../../Types/Team/ComplianceRuleType";
+import { Column, Entity, Index, JoinColumn, ManyToOne } from "typeorm";
+
+@TableBillingAccessControl({
+  create: PlanType.Scale,
+  read: PlanType.Free,
+  update: PlanType.Scale,
+  delete: PlanType.Free,
+})
+@EnableDocumentation()
+@TableAccessControl({
+  create: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+  read: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.ProjectMember,
+    Permission.ReadProjectTeam,
+  ],
+  delete: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+  update: [
+    Permission.ProjectOwner,
+    Permission.ProjectAdmin,
+    Permission.EditProjectTeam,
+  ],
+})
+@TenantColumn("projectId")
+@CrudApiEndpoint(new Route("/team-compliance-setting"))
+@Index(["teamId", "ruleType"], { unique: true })
+@Entity({
+  name: "TeamComplianceSetting",
+})
+@EnableWorkflow({
+  create: false,
+  delete: false,
+  update: false,
+  read: false,
+})
+@TableMetadata({
+  tableName: "TeamComplianceSetting",
+  singularName: "Team Compliance Setting",
+  pluralName: "Team Compliance Settings",
+  icon: IconProp.CheckCircle,
+  tableDescription: "Compliance settings for your OneUptime team",
+})
+export default class TeamComplianceSetting extends BaseModel {
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "projectId",
+    type: TableColumnType.Entity,
+    modelType: Project,
+    title: "Project",
+    description: "Relation to Project Resource in which this object belongs",
+  })
+  @ManyToOne(
+    () => {
+      return Project;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "projectId" })
+  public project?: Project = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    canReadOnRelationQuery: true,
+    title: "Project ID",
+    description: "ID of your OneUptime Project in which this object belongs",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public projectId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "teamId",
+    type: TableColumnType.Entity,
+    modelType: Team,
+    title: "Team",
+    description: "Team this compliance setting belongs to.",
+  })
+  @ManyToOne(
+    () => {
+      return Team;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "CASCADE",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "teamId" })
+  public team?: Team = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @Index()
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    required: true,
+    title: "Team ID",
+    description: "ID of Team this compliance setting belongs to.",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: false,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public teamId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "createdByUserId",
+    type: TableColumnType.Entity,
+    modelType: User,
+    title: "Created by User",
+    description:
+      "Relation to User who created this object (if this object was created by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "createdByUserId" })
+  public createdByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Created by User ID",
+    description:
+      "User ID who created this object (if this object was created by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public createdByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    manyToOneRelationColumn: "deletedByUserId",
+    type: TableColumnType.Entity,
+    title: "Deleted by User",
+    modelType: User,
+    description:
+      "Relation to User who deleted this object (if this object was deleted by a User)",
+  })
+  @ManyToOne(
+    () => {
+      return User;
+    },
+    {
+      cascade: false,
+      eager: false,
+      nullable: true,
+      onDelete: "SET NULL",
+      orphanedRowAction: "nullify",
+    },
+  )
+  @JoinColumn({ name: "deletedByUserId" })
+  public deletedByUser?: User = undefined;
+
+  @ColumnAccessControl({
+    create: [],
+    read: [],
+    update: [],
+  })
+  @TableColumn({
+    type: TableColumnType.ObjectID,
+    title: "Deleted by User ID",
+    description:
+      "User ID who deleted this object (if this object was deleted by a User)",
+  })
+  @Column({
+    type: ColumnType.ObjectID,
+    nullable: true,
+    transformer: ObjectID.getDatabaseTransformer(),
+  })
+  public deletedByUserId?: ObjectID = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    required: true,
+    type: TableColumnType.LongText,
+    title: "Rule Type",
+    description: "Type of compliance rule.",
+  })
+  @Column({
+    nullable: false,
+    type: ColumnType.LongText,
+    length: ColumnLength.LongText,
+  })
+  public ruleType?: ComplianceRuleType = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    isDefaultValueColumn: true,
+    type: TableColumnType.Boolean,
+    title: "Enabled",
+    description: "Whether this compliance rule is enabled.",
+    defaultValue: false,
+  })
+  @Column({
+    type: ColumnType.Boolean,
+    default: false,
+  })
+  public enabled?: boolean = undefined;
+
+  @ColumnAccessControl({
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+    read: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ProjectMember,
+      Permission.ReadProjectTeam,
+    ],
+    update: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.EditProjectTeam,
+    ],
+  })
+  @TableColumn({
+    required: false,
+    type: TableColumnType.JSON,
+    title: "Options",
+    description: "Additional options for this compliance rule.",
+  })
+  @Column({
+    type: ColumnType.JSON,
+    nullable: true,
+  })
+  public options?: JSONObject = undefined;
+}

Common/Models/DatabaseModels/TelemetryUsageBilling.ts

@@ -146,7 +146,11 @@ export default class TelemetryUsageBilling extends BaseModel {
   public productType?: ProductType = undefined;
 
   @ColumnAccessControl({
-    create: [],
+    create: [
+      Permission.ProjectOwner,
+      Permission.ProjectAdmin,
+      Permission.ManageProjectBilling,
+    ],
     read: [
       Permission.ProjectOwner,
       Permission.ProjectAdmin,
@@ -158,6 +162,7 @@ export default class TelemetryUsageBilling extends BaseModel {
     type: TableColumnType.Number,
     title: "Retain Telemetry Data For Days",
     description: "Number of days to retain telemetry data for this service.",
+    defaultValue: DEFAULT_RETENTION_IN_DAYS,
   })
   @Column({
     type: ColumnType.Number,