Optimize Playwright install by removing redundant --with-deps flag

The --with-deps flag causes Playwright to install system dependencies via apt-get, but these dependencies are already being installed manually in the lines above. This removal avoids redundant package installation and significantly speeds up the Docker build process. Added libcups2t64/libcups2 to the manual dependency list as it's required by Playwright but wasn't previously included. Co-authored-by: openhands <openhands@all-hands.dev>
2026-04-29 03:00:45 -04:00 · 2026-03-03 06:30:47 +00:00 · 2026-03-03 06:11:04 +00:00 · 2026-03-02 22:37:37 -05:00 · 2026-03-03 00:37:22 +00:00 · 2026-03-03 00:30:22 +00:00
352 changed files with 25577 additions and 5220 deletions
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,2 @@
+# disable blank issue creation
+blank_issues_enabled: false
--- a/.github/workflows/enterprise-preview.yml
+++ b/.github/workflows/enterprise-preview.yml
@@ -1,29 +0,0 @@
-# Feature branch preview for enterprise code
-name: Enterprise Preview
-
-# Run on PRs labeled
-on:
-  pull_request:
-    types: [labeled]
-
-# Match ghcr-build.yml, but don't interrupt it.
-concurrency:
-  group: ${{ github.workflow }}-${{ (github.head_ref && github.ref) || github.run_id }}
-  cancel-in-progress: false
-
-jobs:
-  # This must happen for the PR Docker workflow when the label is present,
-  # and also if it's added after the fact. Thus, it exists in both places.
-  enterprise-preview:
-    name: Enterprise preview
-    if: github.event.label.name == 'deploy'
-    runs-on: blacksmith-4vcpu-ubuntu-2204
-    steps:
-      # This should match the version in ghcr-build.yml
-      - name: Trigger remote job
-        run: |
-          curl --fail-with-body -sS -X POST \
-            -H "Authorization: Bearer ${{ secrets.ALLHANDS_BOT_GITHUB_PAT }}" \
-            -H "Accept: application/vnd.github+json" \
-            -d "{\"ref\": \"main\", \"inputs\": {\"openhandsPrNumber\": \"${{ github.event.pull_request.number }}\", \"deployEnvironment\": \"feature\", \"enterpriseImageTag\": \"pr-${{ github.event.pull_request.number }}\" }}" \
-            https://api.github.com/repos/OpenHands/deploy/actions/workflows/deploy.yaml/dispatches
--- a/.github/workflows/ghcr-build.yml
+++ b/.github/workflows/ghcr-build.yml
@@ -240,21 +240,6 @@ jobs:
          # Add build attestations for better security
          sbom: true

-  enterprise-preview:
-    name: Enterprise preview
-    if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy')
-    runs-on: blacksmith-4vcpu-ubuntu-2204
-    needs: [ghcr_build_enterprise]
-    steps:
-      # This should match the version in enterprise-preview.yml
-      - name: Trigger remote job
-        run: |
-          curl --fail-with-body -sS -X POST \
-            -H "Authorization: Bearer ${{ secrets.ALLHANDS_BOT_GITHUB_PAT }}" \
-            -H "Accept: application/vnd.github+json" \
-            -d "{\"ref\": \"main\", \"inputs\": {\"openhandsPrNumber\": \"${{ github.event.pull_request.number }}\", \"deployEnvironment\": \"feature\", \"enterpriseImageTag\": \"pr-${{ github.event.pull_request.number }}\" }}" \
-            https://api.github.com/repos/OpenHands/deploy/actions/workflows/deploy.yaml/dispatches
-
  # "All Runtime Tests Passed" is a required job for PRs to merge
  # We can remove this once the config changes
  runtime_tests_check_success:
--- a/.github/workflows/pr-review-by-openhands.yml
+++ b/.github/workflows/pr-review-by-openhands.yml
@@ -2,16 +2,11 @@
 name: PR Review by OpenHands

 on:
-    # Use pull_request_target to allow fork PRs to access secrets when triggered by maintainers
-    # Security: This workflow runs when:
-    #   1. A new PR is opened (non-draft), OR
-    #   2. A draft PR is marked as ready for review, OR
-    #   3. A maintainer adds the 'review-this' label, OR
-    #   4. A maintainer requests openhands-agent or all-hands-bot as a reviewer
-    # Only users with write access can add labels or request reviews, ensuring security.
-    # The PR code is explicitly checked out for review, but secrets are only accessible
-    # because the workflow runs in the base repository context
-    pull_request_target:
+    # TEMPORARY MITIGATION (Clinejection hardening)
+    #
+    # We temporarily avoid `pull_request_target` here. We'll restore it after the PR review
+    # workflow is fully hardened for untrusted execution.
+    pull_request:
        types: [opened, ready_for_review, labeled, review_requested]

 permissions:
@@ -21,107 +16,33 @@ permissions:

 jobs:
    pr-review:
-        # Run when one of the following conditions is met:
-        #   1. A new non-draft PR is opened by a trusted contributor, OR
-        #   2. A draft PR is converted to ready for review by a trusted contributor, OR
-        #   3. 'review-this' label is added, OR
-        #   4. openhands-agent or all-hands-bot is requested as a reviewer
-        # Note: FIRST_TIME_CONTRIBUTOR PRs require manual trigger via label/reviewer request
+        # Note: fork PRs will not have access to repository secrets under `pull_request`.
+        # Skip forks to avoid noisy failures until we restore a hardened `pull_request_target` flow.
        if: |
-            (github.event.action == 'opened' && github.event.pull_request.draft == false && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR') ||
-            (github.event.action == 'ready_for_review' && github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR') ||
-            github.event.label.name == 'review-this' ||
-            github.event.requested_reviewer.login == 'openhands-agent' ||
-            github.event.requested_reviewer.login == 'all-hands-bot'
+            github.event.pull_request.head.repo.full_name == github.repository &&
+            (
+                (github.event.action == 'opened' && github.event.pull_request.draft == false) ||
+                github.event.action == 'ready_for_review' ||
+                (github.event.action == 'labeled' && github.event.label.name == 'review-this') ||
+                (
+                    github.event.action == 'review_requested' &&
+                    (
+                        github.event.requested_reviewer.login == 'openhands-agent' ||
+                        github.event.requested_reviewer.login == 'all-hands-bot'
+                    )
+                )
+            )
        concurrency:
            group: pr-review-${{ github.event.pull_request.number }}
            cancel-in-progress: true
-        runs-on: blacksmith-4vcpu-ubuntu-2404
-        env:
-            LLM_MODEL: litellm_proxy/claude-sonnet-4-5-20250929
-            LLM_BASE_URL: https://llm-proxy.app.all-hands.dev
-            # PR context will be automatically provided by the agent script
-            PR_NUMBER: ${{ github.event.pull_request.number }}
-            PR_TITLE: ${{ github.event.pull_request.title }}
-            PR_BODY: ${{ github.event.pull_request.body }}
-            PR_BASE_BRANCH: ${{ github.event.pull_request.base.ref }}
-            PR_HEAD_BRANCH: ${{ github.event.pull_request.head.ref }}
-            REPO_NAME: ${{ github.repository }}
+        runs-on: ubuntu-24.04
        steps:
-            - name: Checkout software-agent-sdk repository
-              uses: actions/checkout@v5
+            - name: Run PR Review
+              uses: OpenHands/extensions/plugins/pr-review@main
              with:
-                  repository: OpenHands/software-agent-sdk
-                  path: software-agent-sdk
-
-            - name: Checkout PR repository
-              uses: actions/checkout@v5
-              with:
-                  # When using pull_request_target, explicitly checkout the PR branch
-                  # This ensures we review the actual PR code (including fork PRs)
-                  repository: ${{ github.event.pull_request.head.repo.full_name }}
-                  ref: ${{ github.event.pull_request.head.ref }}
-                  fetch-depth: 0
-                  # Security: Don't persist credentials to prevent untrusted PR code from using them
-                  persist-credentials: false
-                  path: pr-repo
-
-            - name: Set up Python
-              uses: actions/setup-python@v6
-              with:
-                  python-version: '3.13'
-
-            - name: Install uv
-              uses: astral-sh/setup-uv@v7
-              with:
-                  enable-cache: true
-
-            - name: Install GitHub CLI
-              run: |
-                  # Install GitHub CLI for posting review comments
-                  sudo apt-get update
-                  sudo apt-get install -y gh
-
-            - name: Install OpenHands dependencies
-              run: |
-                  # Install OpenHands SDK and tools from local checkout
-                  uv pip install --system ./software-agent-sdk/openhands-sdk ./software-agent-sdk/openhands-tools
-
-            - name: Check required configuration
-              env:
-                  LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
-              run: |
-                  if [ -z "$LLM_API_KEY" ]; then
-                    echo "Error: LLM_API_KEY secret is not set."
-                    exit 1
-                  fi
-
-                  echo "PR Number: $PR_NUMBER"
-                  echo "PR Title: $PR_TITLE"
-                  echo "Repository: $REPO_NAME"
-                  echo "LLM model: $LLM_MODEL"
-                  if [ -n "$LLM_BASE_URL" ]; then
-                    echo "LLM base URL: $LLM_BASE_URL"
-                  fi
-
-            - name: Run PR review
-              env:
-                  LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
-                  GITHUB_TOKEN: ${{ secrets.ALLHANDS_BOT_GITHUB_PAT }}
-                  LMNR_PROJECT_API_KEY: ${{ secrets.LMNR_SKILLS_API_KEY }}
-              run: |
-                  # Change to the PR repository directory so agent can analyze the code
-                  cd pr-repo
-
-                  # Run the PR review script from the software-agent-sdk checkout
-                  uv run python ../software-agent-sdk/examples/03_github_workflows/02_pr_review/agent_script.py
-
-            - name: Upload logs as artifact
-              uses: actions/upload-artifact@v5
-              if: always()
-              with:
-                  name: openhands-pr-review-logs
-                  path: |
-                      *.log
-                      output/
-                  retention-days: 7
+                  llm-model: litellm_proxy/claude-sonnet-4-5-20250929
+                  llm-base-url: https://llm-proxy.app.all-hands.dev
+                  review-style: roasted
+                  llm-api-key: ${{ secrets.LLM_API_KEY }}
+                  github-token: ${{ secrets.ALLHANDS_BOT_GITHUB_PAT }}
+                  lmnr-api-key: ${{ secrets.LMNR_SKILLS_API_KEY }}
--- a/.github/workflows/pr-review-evaluation.yml
+++ b/.github/workflows/pr-review-evaluation.yml
@@ -0,0 +1,85 @@
+---
+name: PR Review Evaluation
+
+# This workflow evaluates how well PR review comments were addressed.
+# It runs when a PR is closed to assess review effectiveness.
+#
+# Security note: pull_request_target is safe here because:
+# 1. Only triggers on PR close (not on code changes)
+# 2. Does not checkout PR code - only downloads artifacts from trusted workflow runs
+# 3. Runs evaluation scripts from the extensions repo, not from the PR
+
+on:
+    pull_request_target:
+        types: [closed]
+
+permissions:
+    contents: read
+    pull-requests: read
+
+jobs:
+    evaluate:
+        runs-on: ubuntu-24.04
+        env:
+            PR_NUMBER: ${{ github.event.pull_request.number }}
+            REPO_NAME: ${{ github.repository }}
+            PR_MERGED: ${{ github.event.pull_request.merged }}
+
+        steps:
+            - name: Download review trace artifact
+              id: download-trace
+              uses: dawidd6/action-download-artifact@v6
+              continue-on-error: true
+              with:
+                  workflow: pr-review-by-openhands.yml
+                  name: pr-review-trace-${{ github.event.pull_request.number }}
+                  path: trace-info
+                  search_artifacts: true
+                  if_no_artifact_found: warn
+
+            - name: Check if trace file exists
+              id: check-trace
+              run: |
+                  if [ -f "trace-info/laminar_trace_info.json" ]; then
+                    echo "trace_exists=true" >> $GITHUB_OUTPUT
+                    echo "Found trace file for PR #$PR_NUMBER"
+                  else
+                    echo "trace_exists=false" >> $GITHUB_OUTPUT
+                    echo "No trace file found for PR #$PR_NUMBER - skipping evaluation"
+                  fi
+
+            # Always checkout main branch for security - cannot test script changes in PRs
+            - name: Checkout extensions repository
+              if: steps.check-trace.outputs.trace_exists == 'true'
+              uses: actions/checkout@v5
+              with:
+                  repository: OpenHands/extensions
+                  path: extensions
+
+            - name: Set up Python
+              if: steps.check-trace.outputs.trace_exists == 'true'
+              uses: actions/setup-python@v6
+              with:
+                  python-version: '3.12'
+
+            - name: Install dependencies
+              if: steps.check-trace.outputs.trace_exists == 'true'
+              run: pip install lmnr
+
+            - name: Run evaluation
+              if: steps.check-trace.outputs.trace_exists == 'true'
+              env:
+                  # Script expects LMNR_PROJECT_API_KEY; org secret is named LMNR_SKILLS_API_KEY
+                  LMNR_PROJECT_API_KEY: ${{ secrets.LMNR_SKILLS_API_KEY }}
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              run: |
+                  python extensions/plugins/pr-review/scripts/evaluate_review.py \
+                      --trace-file trace-info/laminar_trace_info.json
+
+            - name: Upload evaluation logs
+              uses: actions/upload-artifact@v5
+              if: always() && steps.check-trace.outputs.trace_exists == 'true'
+              with:
+                  name: pr-review-evaluation-${{ github.event.pull_request.number }}
+                  path: '*.log'
+                  retention-days: 30
--- a/README.md
+++ b/README.md
@@ -54,7 +54,7 @@ The experience will be familiar to anyone who has used Devin or Jules.
 ### OpenHands Cloud
 This is a deployment of OpenHands GUI, running on hosted infrastructure.

-You can try it with a free $10 credit by [signing in with your GitHub or GitLab account](https://app.all-hands.dev).
+You can try it for free using the Minimax model by [signing in with your GitHub or GitLab account](https://app.all-hands.dev).

 OpenHands Cloud comes with source-available features and integrations:
 - Integrations with Slack, Jira, and Linear
--- a/enterprise/doc/design-doc/plugin-launch-flow.md
+++ b/enterprise/doc/design-doc/plugin-launch-flow.md
@@ -0,0 +1,131 @@
+# Plugin Launch Flow
+
+This document describes how plugins are launched in OpenHands Saas / Enterprise, from the plugin directory through to agent execution.
+
+## Architecture Overview
+
+```
+Plugin Directory ──▶ Frontend /launch ──▶ App Server ──▶ Agent Server ──▶ SDK
+    (external)           (modal)           (API)        (in sandbox)    (plugin loading)
+```
+
+| Component | Responsibility |
+|-----------|---------------|
+| **Plugin Directory** | Index plugins, present to user, construct launch URLs |
+| **Frontend** | Display confirmation modal, collect parameters, call API |
+| **App Server** | Validate request, pass plugin specs to agent server |
+| **Agent Server** | Run inside sandbox, delegate plugin loading to SDK |
+| **SDK** | Fetch plugins, load contents, merge skills/hooks/MCP into agent |
+
+## User Experience
+
+### Plugin Directory
+
+The plugin directory presents users with a catalog of available plugins. For each plugin, users see:
+- Plugin name and description (from `plugin.json`)
+- Author and version information
+- A "Launch" button
+
+When a user clicks "Launch", the plugin directory:
+1. Reads the plugin's `entry_command` to know which slash command to invoke
+2. Determines what parameters the plugin accepts (if any)
+3. Redirects to OpenHands with this information encoded in the URL
+
+### Parameter Collection
+
+If a plugin requires user input (API keys, configuration values, etc.), the frontend displays a form modal before starting the conversation. Parameters are passed in the launch URL and rendered as form fields based on their type:
+
+- **String values** → Text input
+- **Number values** → Number input
+- **Boolean values** → Checkbox
+
+Only primitive types are supported. Complex types (arrays, objects) are not currently supported for parameter input.
+
+The user fills in required values, then clicks "Start Conversation" to proceed.
+
+## Launch Flow
+
+1. **Plugin Directory** (external) constructs a launch URL to the OpenHands app server when user clicks "Launch":
+   ```
+   /launch?plugins=BASE64_JSON&message=/city-weather:now%20Tokyo
+   ```
+
+   The `plugins` parameter includes any parameter definitions with default values:
+   ```json
+   [{
+     "source": "github:owner/repo",
+     "repo_path": "plugins/my-plugin",
+     "parameters": {"api_key": "", "timeout": 30, "debug": false}
+   }]
+   ```
+
+2. **OpenHands Frontend** (`/launch` route, [PR #12699](https://github.com/OpenHands/OpenHands/pull/12699)) displays modal with parameter form, collects user input
+
+3. **OpenHands App Server** ([PR #12338](https://github.com/OpenHands/OpenHands/pull/12338)) receives the API call:
+   ```
+   POST /api/v1/app-conversations
+   {
+     "plugins": [{"source": "github:owner/repo", "repo_path": "plugins/city-weather"}],
+     "initial_message": {"content": [{"type": "text", "text": "/city-weather:now Tokyo"}]}
+   }
+   ```
+
+   Call stack:
+   - `AppConversationRouter` receives request with `PluginSpec` list
+   - `LiveStatusAppConversationService._finalize_conversation_request()` converts `PluginSpec` → `PluginSource`
+   - Creates `StartConversationRequest(plugins=sdk_plugins, ...)` and sends to agent server
+
+4. **Agent Server** (inside sandbox, [SDK PR #1651](https://github.com/OpenHands/software-agent-sdk/pull/1651)) stores specs, defers loading:
+
+   Call stack:
+   - `ConversationService.start_conversation()` receives `StartConversationRequest`
+   - Creates `StoredConversation` with plugin specs
+   - Creates `LocalConversation(plugins=request.plugins, ...)`
+   - Plugin loading deferred until first `run()` or `send_message()`
+
+5. **SDK** fetches and loads plugins on first use:
+
+   Call stack:
+   - `LocalConversation._ensure_plugins_loaded()` triggered by first message
+   - For each plugin spec:
+     - `Plugin.fetch(source, ref, repo_path)` → clones/caches git repo
+     - `Plugin.load(path)` → parses `plugin.json`, loads commands/skills/hooks
+     - `plugin.add_skills_to(context)` → merges skills into agent
+     - `plugin.add_mcp_config_to(config)` → merges MCP servers
+
+6. **Agent** receives message, `/city-weather:now` triggers the skill
+
+## Key Design Decisions
+
+### Plugin Loading in Sandbox
+
+Plugins load **inside the sandbox** because:
+- Plugin hooks and scripts need isolated execution
+- MCP servers run inside the sandbox
+- Skills may reference sandbox filesystem
+
+### Entry Command Handling
+
+The `entry_command` field in `plugin.json` allows plugin authors to declare a default command:
+
+```json
+{
+  "name": "city-weather",
+  "entry_command": "now"
+}
+```
+
+This flows through the system:
+1. Plugin author declares `entry_command` in plugin.json
+2. Plugin directory reads it when indexing
+3. Plugin directory includes `/city-weather:now` in the launch URL's `message` parameter
+4. Message passes through to agent as `initial_message`
+
+The SDK exposes this field but does not auto-invoke it—callers control the initial message.
+
+## Related
+
+- [OpenHands PR #12338](https://github.com/OpenHands/OpenHands/pull/12338) - App server plugin support
+- [OpenHands PR #12699](https://github.com/OpenHands/OpenHands/pull/12699) - Frontend `/launch` route
+- [SDK PR #1651](https://github.com/OpenHands/software-agent-sdk/pull/1651) - Agent server plugin loading
+- [SDK PR #1647](https://github.com/OpenHands/software-agent-sdk/pull/1647) - Plugin.fetch() for remote plugin fetching
--- a/enterprise/experiments/experiment_manager.py
+++ b/enterprise/experiments/experiment_manager.py
@@ -28,9 +28,11 @@ class SaaSExperimentManager(ExperimentManager):
            return agent

        if EXPERIMENT_SYSTEM_PROMPT_EXPERIMENT:
-            agent = agent.model_copy(
-                update={'system_prompt_filename': 'system_prompt_long_horizon.j2'}
-            )
+            # Skip experiment for planning agents which require their specialized prompt
+            if agent.system_prompt_filename != 'system_prompt_planning.j2':
+                agent = agent.model_copy(
+                    update={'system_prompt_filename': 'system_prompt_long_horizon.j2'}
+                )

        return agent

--- a/enterprise/integrations/github/github_manager.py
+++ b/enterprise/integrations/github/github_manager.py
@@ -193,14 +193,20 @@ class GithubManager(Manager):
                github_view.installation_id
            )
            # Store the installation token
-            self.token_manager.store_org_token(
+            await self.token_manager.store_org_token(
                github_view.installation_id, installation_token
            )
            # Add eyes reaction to acknowledge we've read the request
            self._add_reaction(github_view, 'eyes', installation_token)
            await self.start_job(github_view)

-    async def send_message(self, message: Message, github_view: ResolverViewInterface):
+    async def send_message(self, message: str, github_view: ResolverViewInterface):
+        """Send a message to GitHub.
+
+        Args:
+            message: The message content to send (plain text string)
+            github_view: The GitHub view object containing issue/PR/comment info
+        """
        installation_token = self.token_manager.load_org_token(
            github_view.installation_id
        )
@@ -208,14 +214,12 @@ class GithubManager(Manager):
            logger.warning('Missing installation token')
            return

-        outgoing_message = message.message
-
        if isinstance(github_view, GithubInlinePRComment):
            with Github(auth=Auth.Token(installation_token)) as github_client:
                repo = github_client.get_repo(github_view.full_repo_name)
                pr = repo.get_pull(github_view.issue_number)
                pr.create_review_comment_reply(
-                    comment_id=github_view.comment_id, body=outgoing_message
+                    comment_id=github_view.comment_id, body=message
                )

        elif (
@@ -226,7 +230,7 @@ class GithubManager(Manager):
            with Github(auth=Auth.Token(installation_token)) as github_client:
                repo = github_client.get_repo(github_view.full_repo_name)
                issue = repo.get_issue(number=github_view.issue_number)
-                issue.create_comment(outgoing_message)
+                issue.create_comment(message)

        else:
            logger.warning('Unsupported location')
@@ -245,7 +249,7 @@ class GithubManager(Manager):
        )

        try:
-            msg_info = None
+            msg_info: str = ''

            try:
                user_info = github_view.user_info
@@ -361,15 +365,13 @@ class GithubManager(Manager):

                msg_info = get_session_expired_message(user_info.username)

-            msg = self.create_outgoing_message(msg_info)
-            await self.send_message(msg, github_view)
+            await self.send_message(msg_info, github_view)

        except Exception:
            logger.exception('[Github]: Error starting job')
-            msg = self.create_outgoing_message(
-                msg='Uh oh! There was an unexpected error starting the job :('
+            await self.send_message(
+                'Uh oh! There was an unexpected error starting the job :(', github_view
            )
-            await self.send_message(msg, github_view)

        try:
            await self.data_collector.save_data(github_view)
--- a/enterprise/integrations/github/github_solvability.py
+++ b/enterprise/integrations/github/github_solvability.py
@@ -14,7 +14,6 @@ from integrations.solvability.models.summary import SolvabilitySummary
 from integrations.utils import ENABLE_SOLVABILITY_ANALYSIS
 from pydantic import ValidationError
 from server.config import get_config
-from storage.database import session_maker
 from storage.saas_settings_store import SaasSettingsStore

 from openhands.core.config import LLMConfig
@@ -90,7 +89,6 @@ async def summarize_issue_solvability(
    # Grab the user's information so we can load their LLM configuration
    store = SaasSettingsStore(
        user_id=github_view.user_info.keycloak_user_id,
-        session_maker=session_maker,
        config=get_config(),
    )

--- a/enterprise/integrations/github/github_view.py
+++ b/enterprise/integrations/github/github_view.py
@@ -24,7 +24,6 @@ from jinja2 import Environment
 from server.auth.constants import GITHUB_APP_CLIENT_ID, GITHUB_APP_PRIVATE_KEY
 from server.auth.token_manager import TokenManager
 from server.config import get_config
-from storage.database import session_maker
 from storage.org_store import OrgStore
 from storage.proactive_conversation_store import ProactiveConversationStore
 from storage.saas_secrets_store import SaasSecretsStore
@@ -153,9 +152,7 @@ class GithubIssue(ResolverViewInterface):
        return user_instructions, conversation_instructions

    async def _get_user_secrets(self):
-        secrets_store = SaasSecretsStore(
-            self.user_info.keycloak_user_id, session_maker, get_config()
-        )
+        secrets_store = SaasSecretsStore(self.user_info.keycloak_user_id, get_config())
        user_secrets = await secrets_store.load()

        return user_secrets.custom_secrets if user_secrets else None
--- a/enterprise/integrations/gitlab/gitlab_manager.py
+++ b/enterprise/integrations/gitlab/gitlab_manager.py
@@ -121,12 +121,11 @@ class GitlabManager(Manager):
        # Check if the user has write access to the repository
        return has_write_access

-    async def send_message(self, message: Message, gitlab_view: ResolverViewInterface):
-        """
-        Send a message to GitLab based on the view type.
+    async def send_message(self, message: str, gitlab_view: ResolverViewInterface):
+        """Send a message to GitLab based on the view type.

        Args:
-            message: The message to send
+            message: The message content to send (plain text string)
            gitlab_view: The GitLab view object containing issue/PR/comment info
        """
        keycloak_user_id = gitlab_view.user_info.keycloak_user_id
@@ -138,8 +137,6 @@ class GitlabManager(Manager):
            external_auth_id=keycloak_user_id
        )

-        outgoing_message = message.message
-
        if isinstance(gitlab_view, GitlabInlineMRComment) or isinstance(
            gitlab_view, GitlabMRComment
        ):
@@ -147,7 +144,7 @@ class GitlabManager(Manager):
                gitlab_view.project_id,
                gitlab_view.issue_number,
                gitlab_view.discussion_id,
-                message.message,
+                message,
            )

        elif isinstance(gitlab_view, GitlabIssueComment):
@@ -155,14 +152,14 @@ class GitlabManager(Manager):
                gitlab_view.project_id,
                gitlab_view.issue_number,
                gitlab_view.discussion_id,
-                outgoing_message,
+                message,
            )
        elif isinstance(gitlab_view, GitlabIssue):
            await gitlab_service.reply_to_issue(
                gitlab_view.project_id,
                gitlab_view.issue_number,
                None,  # no discussion id, issue is tagged
-                outgoing_message,
+                message,
            )
        else:
            logger.warning(
@@ -262,12 +259,10 @@ class GitlabManager(Manager):
                msg_info = get_session_expired_message(user_info.username)

            # Send the acknowledgment message
-            msg = self.create_outgoing_message(msg_info)
-            await self.send_message(msg, gitlab_view)
+            await self.send_message(msg_info, gitlab_view)

        except Exception as e:
            logger.exception(f'[GitLab] Error starting job: {str(e)}')
-            msg = self.create_outgoing_message(
-                msg='Uh oh! There was an unexpected error starting the job :('
+            await self.send_message(
+                'Uh oh! There was an unexpected error starting the job :(', gitlab_view
            )
-            await self.send_message(msg, gitlab_view)
--- a/enterprise/integrations/gitlab/gitlab_view.py
+++ b/enterprise/integrations/gitlab/gitlab_view.py
@@ -6,7 +6,6 @@ from integrations.utils import HOST, get_oh_labels, has_exact_mention
 from jinja2 import Environment
 from server.auth.token_manager import TokenManager
 from server.config import get_config
-from storage.database import session_maker
 from storage.saas_secrets_store import SaasSecretsStore

 from openhands.core.logger import openhands_logger as logger
@@ -78,9 +77,7 @@ class GitlabIssue(ResolverViewInterface):
        return user_instructions, conversation_instructions

    async def _get_user_secrets(self):
-        secrets_store = SaasSecretsStore(
-            self.user_info.keycloak_user_id, session_maker, get_config()
-        )
+        secrets_store = SaasSecretsStore(self.user_info.keycloak_user_id, get_config())
        user_secrets = await secrets_store.load()

        return user_secrets.custom_secrets if user_secrets else None
@@ -449,3 +446,5 @@ class GitlabFactory:
                previous_comments=[],
                is_mr=True,
            )
+
+        raise ValueError(f'Unhandled GitLab webhook event: {message}')
--- a/enterprise/integrations/jira/jira_manager.py
+++ b/enterprise/integrations/jira/jira_manager.py
@@ -341,17 +341,25 @@ class JiraManager(Manager):

    async def send_message(
        self,
-        message: Message,
+        message: str,
        issue_key: str,
        jira_cloud_id: str,
        svc_acc_email: str,
        svc_acc_api_key: str,
    ):
-        """Send a comment to a Jira issue."""
+        """Send a comment to a Jira issue.
+
+        Args:
+            message: The message content to send (plain text string)
+            issue_key: The Jira issue key (e.g., 'PROJ-123')
+            jira_cloud_id: The Jira Cloud ID
+            svc_acc_email: Service account email for authentication
+            svc_acc_api_key: Service account API key for authentication
+        """
        url = (
            f'{JIRA_CLOUD_API_URL}/{jira_cloud_id}/rest/api/2/issue/{issue_key}/comment'
        )
-        data = {'body': message.message}
+        data = {'body': message}
        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
            response = await client.post(
                url, auth=(svc_acc_email, svc_acc_api_key), json=data
@@ -366,7 +374,7 @@ class JiraManager(Manager):
                view.jira_workspace.svc_acc_api_key
            )
            await self.send_message(
-                self.create_outgoing_message(msg=msg),
+                msg,
                issue_key=view.payload.issue_key,
                jira_cloud_id=view.jira_workspace.jira_cloud_id,
                svc_acc_email=view.jira_workspace.svc_acc_email,
@@ -388,7 +396,7 @@ class JiraManager(Manager):
        try:
            api_key = self.token_manager.decrypt_text(workspace.svc_acc_api_key)
            await self.send_message(
-                self.create_outgoing_message(msg=error_msg),
+                error_msg,
                issue_key=payload.issue_key,
                jira_cloud_id=workspace.jira_cloud_id,
                svc_acc_email=workspace.svc_acc_email,
--- a/enterprise/integrations/jira/jira_payload.py
+++ b/enterprise/integrations/jira/jira_payload.py
@@ -212,8 +212,6 @@ class JiraPayloadParser:
            missing.append('issue.id')
        if not issue_key:
            missing.append('issue.key')
-        if not user_email:
-            missing.append('user.emailAddress')
        if not display_name:
            missing.append('user.displayName')
        if not account_id:
--- a/enterprise/integrations/jira_dc/jira_dc_manager.py
+++ b/enterprise/integrations/jira_dc/jira_dc_manager.py
@@ -418,7 +418,7 @@ class JiraDcManager(Manager):
                jira_dc_view.jira_dc_workspace.svc_acc_api_key
            )
            await self.send_message(
-                self.create_outgoing_message(msg=msg_info),
+                msg_info,
                issue_key=jira_dc_view.job_context.issue_key,
                base_api_url=jira_dc_view.job_context.base_api_url,
                svc_acc_api_key=api_key,
@@ -456,12 +456,19 @@ class JiraDcManager(Manager):
        return title, description

    async def send_message(
-        self, message: Message, issue_key: str, base_api_url: str, svc_acc_api_key: str
+        self, message: str, issue_key: str, base_api_url: str, svc_acc_api_key: str
    ):
-        """Send message/comment to Jira DC issue."""
+        """Send message/comment to Jira DC issue.
+
+        Args:
+            message: The message content to send (plain text string)
+            issue_key: The Jira issue key (e.g., 'PROJ-123')
+            base_api_url: The base API URL for the Jira DC instance
+            svc_acc_api_key: Service account API key for authentication
+        """
        url = f'{base_api_url}/rest/api/2/issue/{issue_key}/comment'
        headers = {'Authorization': f'Bearer {svc_acc_api_key}'}
-        data = {'body': message.message}
+        data = {'body': message}
        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
            response = await client.post(url, headers=headers, json=data)
            response.raise_for_status()
@@ -481,7 +488,7 @@ class JiraDcManager(Manager):
        try:
            api_key = self.token_manager.decrypt_text(workspace.svc_acc_api_key)
            await self.send_message(
-                self.create_outgoing_message(msg=error_msg),
+                error_msg,
                issue_key=job_context.issue_key,
                base_api_url=job_context.base_api_url,
                svc_acc_api_key=api_key,
@@ -502,7 +509,7 @@ class JiraDcManager(Manager):
            )

            await self.send_message(
-                self.create_outgoing_message(msg=comment_msg),
+                comment_msg,
                issue_key=jira_dc_view.job_context.issue_key,
                base_api_url=jira_dc_view.job_context.base_api_url,
                svc_acc_api_key=api_key,
--- a/enterprise/integrations/jira_dc/jira_dc_types.py
+++ b/enterprise/integrations/jira_dc/jira_dc_types.py
@@ -19,7 +19,7 @@ class JiraDcViewInterface(ABC):
    conversation_id: str

    @abstractmethod
-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Get initial instructions for the conversation."""
        pass

--- a/enterprise/integrations/jira_dc/jira_dc_view.py
+++ b/enterprise/integrations/jira_dc/jira_dc_view.py
@@ -36,7 +36,7 @@ class JiraDcNewConversationView(JiraDcViewInterface):
    selected_repo: str | None
    conversation_id: str

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""

        instructions_template = jinja_env.get_template('jira_dc_instructions.j2')
@@ -61,7 +61,7 @@ class JiraDcNewConversationView(JiraDcViewInterface):

        provider_tokens = await self.saas_user_auth.get_provider_tokens()
        user_secrets = await self.saas_user_auth.get_secrets()
-        instructions, user_msg = self._get_instructions(jinja_env)
+        instructions, user_msg = await self._get_instructions(jinja_env)

        try:
            agent_loop_info = await create_new_conversation(
@@ -113,7 +113,7 @@ class JiraDcExistingConversationView(JiraDcViewInterface):
    selected_repo: str | None
    conversation_id: str

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""

        user_msg_template = jinja_env.get_template('jira_dc_existing_conversation.j2')
@@ -167,7 +167,7 @@ class JiraDcExistingConversationView(JiraDcViewInterface):
            if not agent_state or agent_state == AgentState.LOADING:
                raise StartingConvoException('Conversation is still starting')

-            _, user_msg = self._get_instructions(jinja_env)
+            _, user_msg = await self._get_instructions(jinja_env)
            user_message_event = MessageAction(content=user_msg)
            await conversation_manager.send_event_to_conversation(
                self.conversation_id, event_to_dict(user_message_event)
--- a/enterprise/integrations/linear/linear_manager.py
+++ b/enterprise/integrations/linear/linear_manager.py
@@ -408,7 +408,7 @@ class LinearManager(Manager):
                linear_view.linear_workspace.svc_acc_api_key
            )
            await self.send_message(
-                self.create_outgoing_message(msg=msg_info),
+                msg_info,
                linear_view.job_context.issue_id,
                api_key,
            )
@@ -473,8 +473,14 @@ class LinearManager(Manager):

        return title, description

-    async def send_message(self, message: Message, issue_id: str, api_key: str):
-        """Send message/comment to Linear issue."""
+    async def send_message(self, message: str, issue_id: str, api_key: str):
+        """Send message/comment to Linear issue.
+
+        Args:
+            message: The message content to send (plain text string)
+            issue_id: The Linear issue ID to comment on
+            api_key: The Linear API key for authentication
+        """
        query = """
            mutation CommentCreate($input: CommentCreateInput!) {
              commentCreate(input: $input) {
@@ -485,7 +491,7 @@ class LinearManager(Manager):
              }
            }
        """
-        variables = {'input': {'issueId': issue_id, 'body': message.message}}
+        variables = {'input': {'issueId': issue_id, 'body': message}}
        return await self._query_api(query, variables, api_key)

    async def _send_error_comment(
@@ -498,9 +504,7 @@ class LinearManager(Manager):

        try:
            api_key = self.token_manager.decrypt_text(workspace.svc_acc_api_key)
-            await self.send_message(
-                self.create_outgoing_message(msg=error_msg), issue_id, api_key
-            )
+            await self.send_message(error_msg, issue_id, api_key)
        except Exception as e:
            logger.error(f'[Linear] Failed to send error comment: {str(e)}')

@@ -517,7 +521,7 @@ class LinearManager(Manager):
            )

            await self.send_message(
-                self.create_outgoing_message(msg=comment_msg),
+                comment_msg,
                linear_view.job_context.issue_id,
                api_key,
            )
--- a/enterprise/integrations/linear/linear_types.py
+++ b/enterprise/integrations/linear/linear_types.py
@@ -19,7 +19,7 @@ class LinearViewInterface(ABC):
    conversation_id: str

    @abstractmethod
-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Get initial instructions for the conversation."""
        pass

--- a/enterprise/integrations/linear/linear_view.py
+++ b/enterprise/integrations/linear/linear_view.py
@@ -33,7 +33,7 @@ class LinearNewConversationView(LinearViewInterface):
    selected_repo: str | None
    conversation_id: str

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""

        instructions_template = jinja_env.get_template('linear_instructions.j2')
@@ -58,7 +58,7 @@ class LinearNewConversationView(LinearViewInterface):

        provider_tokens = await self.saas_user_auth.get_provider_tokens()
        user_secrets = await self.saas_user_auth.get_secrets()
-        instructions, user_msg = self._get_instructions(jinja_env)
+        instructions, user_msg = await self._get_instructions(jinja_env)

        try:
            agent_loop_info = await create_new_conversation(
@@ -110,7 +110,7 @@ class LinearExistingConversationView(LinearViewInterface):
    selected_repo: str | None
    conversation_id: str

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""

        user_msg_template = jinja_env.get_template('linear_existing_conversation.j2')
@@ -164,7 +164,7 @@ class LinearExistingConversationView(LinearViewInterface):
            if not agent_state or agent_state == AgentState.LOADING:
                raise StartingConvoException('Conversation is still starting')

-            _, user_msg = self._get_instructions(jinja_env)
+            _, user_msg = await self._get_instructions(jinja_env)
            user_message_event = MessageAction(content=user_msg)
            await conversation_manager.send_event_to_conversation(
                self.conversation_id, event_to_dict(user_message_event)
--- a/enterprise/integrations/manager.py
+++ b/enterprise/integrations/manager.py
@@ -1,4 +1,5 @@
 from abc import ABC, abstractmethod
+from typing import Any

 from integrations.models import Message, SourceType

@@ -12,14 +13,15 @@ class Manager(ABC):
        raise NotImplementedError

    @abstractmethod
-    def send_message(self, message: Message):
-        "Send message to integration from Openhands server"
+    def send_message(self, message: str, *args: Any, **kwargs: Any):
+        """Send message to integration from OpenHands server.
+
+        Args:
+            message: The message content to send (plain text string).
+        """
        raise NotImplementedError

    @abstractmethod
    def start_job(self):
        "Kick off a job with openhands agent"
        raise NotImplementedError
-
-    def create_outgoing_message(self, msg: str | dict, ephemeral: bool = False):
-        return Message(source=SourceType.OPENHANDS, message=msg, ephemeral=ephemeral)
--- a/enterprise/integrations/models.py
+++ b/enterprise/integrations/models.py
@@ -1,4 +1,5 @@
 from enum import Enum
+from typing import Any

 from pydantic import BaseModel

@@ -16,8 +17,16 @@ class SourceType(str, Enum):


 class Message(BaseModel):
+    """Message model for incoming webhook payloads from integrations.
+
+    Note: This model is intended for INCOMING messages only.
+    For outgoing messages (e.g., sending comments to GitHub/GitLab),
+    pass strings directly to the send_message methods instead of
+    wrapping them in a Message object.
+    """
+
    source: SourceType
-    message: str | dict
+    message: dict[str, Any]
    ephemeral: bool = False


--- a/enterprise/integrations/slack/slack_manager.py
+++ b/enterprise/integrations/slack/slack_manager.py
@@ -1,4 +1,5 @@
 import re
+from typing import Any

 import jwt
 from integrations.manager import Manager
@@ -22,7 +23,8 @@ from server.constants import SLACK_CLIENT_ID
 from server.utils.conversation_callback_utils import register_callback_processor
 from slack_sdk.oauth import AuthorizeUrlGenerator
 from slack_sdk.web.async_client import AsyncWebClient
-from storage.database import session_maker
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.slack_user import SlackUser

 from openhands.core.logger import openhands_logger as logger
@@ -63,12 +65,11 @@ class SlackManager(Manager):
    ) -> tuple[SlackUser | None, UserAuth | None]:
        # We get the user and correlate them back to a user in OpenHands - if we can
        slack_user = None
-        with session_maker() as session:
-            slack_user = (
-                session.query(SlackUser)
-                .filter(SlackUser.slack_user_id == slack_user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(SlackUser).where(SlackUser.slack_user_id == slack_user_id)
            )
+            slack_user = result.scalar_one_or_none()

            # slack_view.slack_to_openhands_user = slack_user # attach user auth info to view

@@ -202,9 +203,7 @@ class SlackManager(Manager):
            msg = self.login_link.format(link)

            logger.info('slack_not_yet_authenticated')
-            await self.send_message(
-                self.create_outgoing_message(msg, ephemeral=True), slack_view
-            )
+            await self.send_message(msg, slack_view, ephemeral=True)
            return

        if not await self.is_job_requested(message, slack_view):
@@ -212,27 +211,40 @@ class SlackManager(Manager):

        await self.start_job(slack_view)

-    async def send_message(self, message: Message, slack_view: SlackViewInterface):
+    async def send_message(
+        self,
+        message: str | dict[str, Any],
+        slack_view: SlackViewInterface,
+        ephemeral: bool = False,
+    ):
+        """Send a message to Slack.
+
+        Args:
+            message: The message content. Can be a string (for simple text) or
+                     a dict with 'text' and 'blocks' keys (for structured messages).
+            slack_view: The Slack view object containing channel/thread info.
+            ephemeral: If True, send as an ephemeral message visible only to the user.
+        """
        client = AsyncWebClient(token=slack_view.bot_access_token)
-        if message.ephemeral and isinstance(message.message, str):
+        if ephemeral and isinstance(message, str):
            await client.chat_postEphemeral(
                channel=slack_view.channel_id,
-                markdown_text=message.message,
+                markdown_text=message,
                user=slack_view.slack_user_id,
                thread_ts=slack_view.thread_ts,
            )
-        elif message.ephemeral and isinstance(message.message, dict):
+        elif ephemeral and isinstance(message, dict):
            await client.chat_postEphemeral(
                channel=slack_view.channel_id,
                user=slack_view.slack_user_id,
                thread_ts=slack_view.thread_ts,
-                text=message.message['text'],
-                blocks=message.message['blocks'],
+                text=message['text'],
+                blocks=message['blocks'],
            )
        else:
            await client.chat_postMessage(
                channel=slack_view.channel_id,
-                markdown_text=message.message,
+                markdown_text=message,
                thread_ts=slack_view.message_ts,
            )

@@ -279,10 +291,7 @@ class SlackManager(Manager):
                    repos, slack_view.message_ts, slack_view.thread_ts
                ),
            }
-            await self.send_message(
-                self.create_outgoing_message(repo_selection_msg, ephemeral=True),
-                slack_view,
-            )
+            await self.send_message(repo_selection_msg, slack_view, ephemeral=True)

            return False

@@ -368,9 +377,10 @@ class SlackManager(Manager):
            except StartingConvoException as e:
                msg_info = str(e)

-            await self.send_message(self.create_outgoing_message(msg_info), slack_view)
+            await self.send_message(msg_info, slack_view)

        except Exception:
            logger.exception('[Slack]: Error starting job')
-            msg = 'Uh oh! There was an unexpected error starting the job :('
-            await self.send_message(self.create_outgoing_message(msg), slack_view)
+            await self.send_message(
+                'Uh oh! There was an unexpected error starting the job :(', slack_view
+            )
--- a/enterprise/integrations/slack/slack_types.py
+++ b/enterprise/integrations/slack/slack_types.py
@@ -24,7 +24,7 @@ class SlackViewInterface(SummaryExtractionTracker, ABC):
    v1_enabled: bool

    @abstractmethod
-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""
        pass

--- a/enterprise/integrations/slack/slack_view.py
+++ b/enterprise/integrations/slack/slack_view.py
@@ -75,7 +75,7 @@ class SlackUnkownUserView(SlackViewInterface):
    team_id: str
    v1_enabled: bool

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        raise NotImplementedError

    async def create_or_update_conversation(self, jinja_env: Environment):
@@ -118,7 +118,7 @@ class SlackNewConversationView(SlackViewInterface):
                return block['user_id']
        return ''

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        """Instructions passed when conversation is first initialized"""
        user_info: SlackUser = self.slack_to_openhands_user

@@ -242,7 +242,9 @@ class SlackNewConversationView(SlackViewInterface):
        self, jinja: Environment, provider_tokens, user_secrets
    ) -> None:
        """Create conversation using the legacy V0 system."""
-        user_instructions, conversation_instructions = self._get_instructions(jinja)
+        user_instructions, conversation_instructions = await self._get_instructions(
+            jinja
+        )

        # Determine git provider from repository
        git_provider = None
@@ -273,7 +275,9 @@ class SlackNewConversationView(SlackViewInterface):

    async def _create_v1_conversation(self, jinja: Environment) -> None:
        """Create conversation using the new V1 app conversation system."""
-        user_instructions, conversation_instructions = self._get_instructions(jinja)
+        user_instructions, conversation_instructions = await self._get_instructions(
+            jinja
+        )

        # Create the initial message request
        initial_message = SendMessageRequest(
@@ -346,7 +350,7 @@ class SlackNewConversationFromRepoFormView(SlackNewConversationView):
 class SlackUpdateExistingConversationView(SlackNewConversationView):
    slack_conversation: SlackConversation

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        client = WebClient(token=self.bot_access_token)
        result = client.conversations_replies(
            channel=self.channel_id,
@@ -401,7 +405,7 @@ class SlackUpdateExistingConversationView(SlackNewConversationView):
        if not agent_state or agent_state == AgentState.LOADING:
            raise StartingConvoException('Conversation is still starting')

-        instructions, _ = self._get_instructions(jinja)
+        instructions, _ = await self._get_instructions(jinja)
        user_msg = MessageAction(content=instructions)
        await conversation_manager.send_event_to_conversation(
            self.conversation_id, event_to_dict(user_msg)
@@ -469,7 +473,7 @@ class SlackUpdateExistingConversationView(SlackNewConversationView):
            agent_server_url = get_agent_server_url_from_sandbox(running_sandbox)

            # 4. Prepare the message content
-            user_msg, _ = self._get_instructions(jinja)
+            user_msg, _ = await self._get_instructions(jinja)

            # 5. Create the message request
            send_message_request = SendMessageRequest(
--- a/enterprise/integrations/store_repo_utils.py
+++ b/enterprise/integrations/store_repo_utils.py
@@ -42,11 +42,11 @@ async def store_repositories_in_db(repos: list[Repository], user_id: str) -> Non
    try:
        # Store repositories in the repos table
        repo_store = RepositoryStore.get_instance(config)
-        repo_store.store_projects(stored_repos)
+        await repo_store.store_projects(stored_repos)

        # Store user-repository mappings in the user-repos table
        user_repo_store = UserRepositoryMapStore.get_instance(config)
-        user_repo_store.store_user_repo_mappings(user_repos)
+        await user_repo_store.store_user_repo_mappings(user_repos)

        logger.info(f'Saved repos for user {user_id}')
    except Exception:
--- a/enterprise/integrations/stripe_service.py
+++ b/enterprise/integrations/stripe_service.py
@@ -3,8 +3,8 @@ from uuid import UUID
 import stripe
 from server.constants import STRIPE_API_KEY
 from server.logger import logger
-from sqlalchemy.orm import Session
-from storage.database import session_maker
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.org import Org
 from storage.org_store import OrgStore
 from storage.stripe_customer import StripeCustomer
@@ -15,12 +15,10 @@ stripe.api_key = STRIPE_API_KEY


 async def find_customer_id_by_org_id(org_id: UUID) -> str | None:
-    with session_maker() as session:
-        stripe_customer = (
-            session.query(StripeCustomer)
-            .filter(StripeCustomer.org_id == org_id)
-            .first()
-        )
+    async with a_session_maker() as session:
+        stmt = select(StripeCustomer).where(StripeCustomer.org_id == org_id)
+        result = await session.execute(stmt)
+        stripe_customer = result.scalar_one_or_none()
        if stripe_customer:
            return stripe_customer.stripe_customer_id

@@ -74,7 +72,7 @@ async def find_or_create_customer_by_user_id(user_id: str) -> dict | None:
    )

    # Save the stripe customer in the local db
-    with session_maker() as session:
+    async with a_session_maker() as session:
        session.add(
            StripeCustomer(
                keycloak_user_id=user_id,
@@ -82,7 +80,7 @@ async def find_or_create_customer_by_user_id(user_id: str) -> dict | None:
                stripe_customer_id=customer.id,
            )
        )
-        session.commit()
+        await session.commit()

    logger.info(
        'created_customer',
@@ -108,26 +106,27 @@ async def has_payment_method_by_user_id(user_id: str) -> bool:
    return bool(payment_methods.data)


-async def migrate_customer(session: Session, user_id: str, org: Org):
-    stripe_customer = (
-        session.query(StripeCustomer)
-        .filter(StripeCustomer.keycloak_user_id == user_id)
-        .first()
-    )
-    if stripe_customer is None:
-        return
-    stripe_customer.org_id = org.id
-    customer = await stripe.Customer.modify_async(
-        id=stripe_customer.stripe_customer_id,
-        email=org.contact_email,
-        metadata={'user_id': '', 'org_id': str(org.id)},
-    )
+async def migrate_customer(user_id: str, org: Org):
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(StripeCustomer).where(StripeCustomer.keycloak_user_id == user_id)
+        )
+        stripe_customer = result.scalar_one_or_none()
+        if stripe_customer is None:
+            return
+        stripe_customer.org_id = org.id
+        customer = await stripe.Customer.modify_async(
+            id=stripe_customer.stripe_customer_id,
+            email=org.contact_email,
+            metadata={'user_id': '', 'org_id': str(org.id)},
+        )

-    logger.info(
-        'migrated_customer',
-        extra={
-            'user_id': user_id,
-            'org_id': str(org.id),
-            'stripe_customer_id': customer.id,
-        },
-    )
+        logger.info(
+            'migrated_customer',
+            extra={
+                'user_id': user_id,
+                'org_id': str(org.id),
+                'stripe_customer_id': customer.id,
+            },
+        )
+        await session.commit()
--- a/enterprise/integrations/types.py
+++ b/enterprise/integrations/types.py
@@ -38,7 +38,7 @@ class ResolverViewInterface(SummaryExtractionTracker):
    is_public_repo: bool
    raw_payload: dict

-    def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
+    async def _get_instructions(self, jinja_env: Environment) -> tuple[str, str]:
        "Instructions passed when conversation is first initialized"
        raise NotImplementedError()

--- a/enterprise/migrations/versions/093_add_pending_free_credits.py
+++ b/enterprise/migrations/versions/093_add_pending_free_credits.py
@@ -0,0 +1,37 @@
+"""Add pending_free_credits flag to org table.
+
+Revision ID: 093
+Revises: 092
+Create Date: 2025-02-17 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = '093'
+down_revision: Union[str, None] = '092'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Add pending_free_credits column to org table with default false.
+    # New orgs will have this set to TRUE at creation time.
+    # Existing orgs default to FALSE (not eligible - they already got $10 at signup).
+    op.add_column(
+        'org',
+        sa.Column(
+            'pending_free_credits',
+            sa.Boolean,
+            nullable=False,
+            server_default=sa.text('false'),
+        ),
+    )
+
+
+def downgrade() -> None:
+    op.drop_column('org', 'pending_free_credits')
--- a/enterprise/migrations/versions/094_create_org_invitation_table.py
+++ b/enterprise/migrations/versions/094_create_org_invitation_table.py
@@ -0,0 +1,110 @@
+"""create org_invitation table
+
+Revision ID: 094
+Revises: 093
+Create Date: 2026-02-18 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision: str = '094'
+down_revision: Union[str, None] = '093'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Create org_invitation table
+    op.create_table(
+        'org_invitation',
+        sa.Column('id', sa.Integer, sa.Identity(), primary_key=True),
+        sa.Column('token', sa.String(64), nullable=False),
+        sa.Column('org_id', postgresql.UUID(as_uuid=True), nullable=False),
+        sa.Column('email', sa.String(255), nullable=False),
+        sa.Column('role_id', sa.Integer, nullable=False),
+        sa.Column('inviter_id', postgresql.UUID(as_uuid=True), nullable=False),
+        sa.Column(
+            'status',
+            sa.String(20),
+            nullable=False,
+            server_default=sa.text("'pending'"),
+        ),
+        sa.Column(
+            'created_at',
+            sa.DateTime,
+            nullable=False,
+            server_default=sa.text('CURRENT_TIMESTAMP'),
+        ),
+        sa.Column('expires_at', sa.DateTime, nullable=False),
+        sa.Column('accepted_at', sa.DateTime, nullable=True),
+        sa.Column('accepted_by_user_id', postgresql.UUID(as_uuid=True), nullable=True),
+        # Foreign key constraints
+        sa.ForeignKeyConstraint(
+            ['org_id'],
+            ['org.id'],
+            name='org_invitation_org_fkey',
+            ondelete='CASCADE',
+        ),
+        sa.ForeignKeyConstraint(
+            ['role_id'],
+            ['role.id'],
+            name='org_invitation_role_fkey',
+        ),
+        sa.ForeignKeyConstraint(
+            ['inviter_id'],
+            ['user.id'],
+            name='org_invitation_inviter_fkey',
+        ),
+        sa.ForeignKeyConstraint(
+            ['accepted_by_user_id'],
+            ['user.id'],
+            name='org_invitation_accepter_fkey',
+        ),
+    )
+
+    # Create indexes
+    op.create_index(
+        'ix_org_invitation_token',
+        'org_invitation',
+        ['token'],
+        unique=True,
+    )
+    op.create_index(
+        'ix_org_invitation_org_id',
+        'org_invitation',
+        ['org_id'],
+    )
+    op.create_index(
+        'ix_org_invitation_email',
+        'org_invitation',
+        ['email'],
+    )
+    op.create_index(
+        'ix_org_invitation_status',
+        'org_invitation',
+        ['status'],
+    )
+    # Composite index for checking pending invitations
+    op.create_index(
+        'ix_org_invitation_org_email_status',
+        'org_invitation',
+        ['org_id', 'email', 'status'],
+    )
+
+
+def downgrade() -> None:
+    # Drop indexes
+    op.drop_index('ix_org_invitation_org_email_status', table_name='org_invitation')
+    op.drop_index('ix_org_invitation_status', table_name='org_invitation')
+    op.drop_index('ix_org_invitation_email', table_name='org_invitation')
+    op.drop_index('ix_org_invitation_org_id', table_name='org_invitation')
+    op.drop_index('ix_org_invitation_token', table_name='org_invitation')
+
+    # Drop table
+    op.drop_table('org_invitation')
--- a/enterprise/migrations/versions/095_drop_pending_free_credits.py
+++ b/enterprise/migrations/versions/095_drop_pending_free_credits.py
@@ -0,0 +1,37 @@
+"""Drop pending_free_credits column from org table.
+
+Revision ID: 095
+Revises: 094
+Create Date: 2025-02-18 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = '095'
+down_revision: Union[str, None] = '094'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Drop the pending_free_credits column from org table.
+    # This column was used for tracking free credit eligibility but is no longer needed.
+    op.drop_column('org', 'pending_free_credits')
+
+
+def downgrade() -> None:
+    # Re-add pending_free_credits column with default false.
+    op.add_column(
+        'org',
+        sa.Column(
+            'pending_free_credits',
+            sa.Boolean,
+            nullable=False,
+            server_default=sa.text('false'),
+        ),
+    )
--- a/enterprise/migrations/versions/096_create_resend_synced_users_table.py
+++ b/enterprise/migrations/versions/096_create_resend_synced_users_table.py
@@ -0,0 +1,67 @@
+"""Create resend_synced_users table.
+
+Revision ID: 096
+Revises: 095
+Create Date: 2025-02-17 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = '096'
+down_revision: Union[str, None] = '095'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Create resend_synced_users table for tracking users synced to Resend audiences."""
+    op.create_table(
+        'resend_synced_users',
+        sa.Column(
+            'id',
+            sa.UUID(as_uuid=True),
+            nullable=False,
+            primary_key=True,
+        ),
+        sa.Column('email', sa.String(), nullable=False),
+        sa.Column('audience_id', sa.String(), nullable=False),
+        sa.Column(
+            'synced_at',
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=sa.text('CURRENT_TIMESTAMP'),
+        ),
+        sa.Column('keycloak_user_id', sa.String(), nullable=True),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint(
+            'email', 'audience_id', name='uq_resend_synced_email_audience'
+        ),
+    )
+
+    # Create index on email for fast lookups
+    op.create_index(
+        'ix_resend_synced_users_email',
+        'resend_synced_users',
+        ['email'],
+    )
+
+    # Create index on audience_id for filtering by audience
+    op.create_index(
+        'ix_resend_synced_users_audience_id',
+        'resend_synced_users',
+        ['audience_id'],
+    )
+
+
+def downgrade() -> None:
+    """Drop resend_synced_users table."""
+    op.drop_index(
+        'ix_resend_synced_users_audience_id', table_name='resend_synced_users'
+    )
+    op.drop_index('ix_resend_synced_users_email', table_name='resend_synced_users')
+    op.drop_table('resend_synced_users')
--- a/enterprise/migrations/versions/097_add_session_api_key_hash_to_v1_remote_sandbox.py
+++ b/enterprise/migrations/versions/097_add_session_api_key_hash_to_v1_remote_sandbox.py
@@ -0,0 +1,41 @@
+"""Add session_api_key_hash to v1_remote_sandbox table
+
+Revision ID: 097
+Revises: 096
+Create Date: 2025-02-24 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = '097'
+down_revision: Union[str, None] = '096'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Add session_api_key_hash column to v1_remote_sandbox table."""
+    op.add_column(
+        'v1_remote_sandbox',
+        sa.Column('session_api_key_hash', sa.String(), nullable=True),
+    )
+    op.create_index(
+        op.f('ix_v1_remote_sandbox_session_api_key_hash'),
+        'v1_remote_sandbox',
+        ['session_api_key_hash'],
+        unique=False,
+    )
+
+
+def downgrade() -> None:
+    """Remove session_api_key_hash column from v1_remote_sandbox table."""
+    op.drop_index(
+        op.f('ix_v1_remote_sandbox_session_api_key_hash'),
+        table_name='v1_remote_sandbox',
+    )
+    op.drop_column('v1_remote_sandbox', 'session_api_key_hash')
--- a/enterprise/migrations/versions/098_create_verified_models_table.py
+++ b/enterprise/migrations/versions/098_create_verified_models_table.py
@@ -0,0 +1,92 @@
+"""Create verified_models table.
+
+Revision ID: 098
+Revises: 097
+Create Date: 2026-02-26 00:00:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = '098'
+down_revision: Union[str, None] = '097'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Create verified_models table and seed with current model list."""
+    op.create_table(
+        'verified_models',
+        sa.Column('id', sa.Integer, sa.Identity(), primary_key=True),
+        sa.Column('model_name', sa.String(255), nullable=False),
+        sa.Column('provider', sa.String(100), nullable=False),
+        sa.Column(
+            'is_enabled',
+            sa.Boolean(),
+            nullable=False,
+            server_default=sa.text('true'),
+        ),
+        sa.Column(
+            'created_at',
+            sa.DateTime(),
+            nullable=False,
+            server_default=sa.text('CURRENT_TIMESTAMP'),
+        ),
+        sa.Column(
+            'updated_at',
+            sa.DateTime(),
+            nullable=False,
+            server_default=sa.text('CURRENT_TIMESTAMP'),
+        ),
+        sa.UniqueConstraint(
+            'model_name', 'provider', name='uq_verified_model_provider'
+        ),
+    )
+
+    op.create_index(
+        'ix_verified_models_provider',
+        'verified_models',
+        ['provider'],
+    )
+    op.create_index(
+        'ix_verified_models_is_enabled',
+        'verified_models',
+        ['is_enabled'],
+    )
+
+    # Seed with current openhands provider models
+    models = [
+        ('claude-opus-4-5-20251101', 'openhands'),
+        ('claude-sonnet-4-5-20250929', 'openhands'),
+        ('gpt-5.2-codex', 'openhands'),
+        ('gpt-5.2', 'openhands'),
+        ('minimax-m2.5', 'openhands'),
+        ('gemini-3-pro-preview', 'openhands'),
+        ('gemini-3-flash-preview', 'openhands'),
+        ('deepseek-chat', 'openhands'),
+        ('devstral-medium-2512', 'openhands'),
+        ('kimi-k2-0711-preview', 'openhands'),
+        ('qwen3-coder-480b', 'openhands'),
+    ]
+
+    for model_name, provider in models:
+        op.execute(
+            sa.text(
+                """
+                INSERT INTO verified_models (model_name, provider)
+                VALUES (:model_name, :provider)
+                """
+            ).bindparams(model_name=model_name, provider=provider)
+        )
+
+
+def downgrade() -> None:
+    """Drop verified_models table."""
+    op.drop_index('ix_verified_models_is_enabled', table_name='verified_models')
+    op.drop_index('ix_verified_models_provider', table_name='verified_models')
+    op.drop_table('verified_models')
--- a/enterprise/poetry.lock
+++ b/enterprise/poetry.lock
@@ -1540,66 +1540,61 @@ files = [

 [[package]]
 name = "cryptography"
-version = "46.0.3"
+version = "46.0.5"
 description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
 optional = false
 python-versions = "!=3.9.0,!=3.9.1,>=3.8"
 groups = ["main"]
 files = [
-    {file = "cryptography-46.0.3-cp311-abi3-macosx_10_9_universal2.whl", hash = "sha256:109d4ddfadf17e8e7779c39f9b18111a09efb969a301a31e987416a0191ed93a"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:09859af8466b69bc3c27bdf4f5d84a665e0f7ab5088412e9e2ec49758eca5cbc"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:01ca9ff2885f3acc98c29f1860552e37f6d7c7d013d7334ff2a9de43a449315d"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:6eae65d4c3d33da080cff9c4ab1f711b15c1d9760809dad6ea763f3812d254cb"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_28_armv7l.manylinux_2_31_armv7l.whl", hash = "sha256:e5bf0ed4490068a2e72ac03d786693adeb909981cc596425d09032d372bcc849"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_28_ppc64le.whl", hash = "sha256:5ecfccd2329e37e9b7112a888e76d9feca2347f12f37918facbb893d7bb88ee8"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:a2c0cd47381a3229c403062f764160d57d4d175e022c1df84e168c6251a22eec"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:549e234ff32571b1f4076ac269fcce7a808d3bf98b76c8dd560e42dbc66d7d91"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_34_ppc64le.whl", hash = "sha256:c0a7bb1a68a5d3471880e264621346c48665b3bf1c3759d682fc0864c540bd9e"},
-    {file = "cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:10b01676fc208c3e6feeb25a8b83d81767e8059e1fe86e1dc62d10a3018fa926"},
-    {file = "cryptography-46.0.3-cp311-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:0abf1ffd6e57c67e92af68330d05760b7b7efb243aab8377e583284dbab72c71"},
-    {file = "cryptography-46.0.3-cp311-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:a04bee9ab6a4da801eb9b51f1b708a1b5b5c9eb48c03f74198464c66f0d344ac"},
-    {file = "cryptography-46.0.3-cp311-abi3-win32.whl", hash = "sha256:f260d0d41e9b4da1ed1e0f1ce571f97fe370b152ab18778e9e8f67d6af432018"},
-    {file = "cryptography-46.0.3-cp311-abi3-win_amd64.whl", hash = "sha256:a9a3008438615669153eb86b26b61e09993921ebdd75385ddd748702c5adfddb"},
-    {file = "cryptography-46.0.3-cp311-abi3-win_arm64.whl", hash = "sha256:5d7f93296ee28f68447397bf5198428c9aeeab45705a55d53a6343455dcb2c3c"},
-    {file = "cryptography-46.0.3-cp314-cp314t-macosx_10_9_universal2.whl", hash = "sha256:00a5e7e87938e5ff9ff5447ab086a5706a957137e6e433841e9d24f38a065217"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:c8daeb2d2174beb4575b77482320303f3d39b8e81153da4f0fb08eb5fe86a6c5"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:39b6755623145ad5eff1dab323f4eae2a32a77a7abef2c5089a04a3d04366715"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_28_aarch64.whl", hash = "sha256:db391fa7c66df6762ee3f00c95a89e6d428f4d60e7abc8328f4fe155b5ac6e54"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_28_armv7l.manylinux_2_31_armv7l.whl", hash = "sha256:78a97cf6a8839a48c49271cdcbd5cf37ca2c1d6b7fdd86cc864f302b5e9bf459"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_28_ppc64le.whl", hash = "sha256:dfb781ff7eaa91a6f7fd41776ec37c5853c795d3b358d4896fdbb5df168af422"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_28_x86_64.whl", hash = "sha256:6f61efb26e76c45c4a227835ddeae96d83624fb0d29eb5df5b96e14ed1a0afb7"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_34_aarch64.whl", hash = "sha256:23b1a8f26e43f47ceb6d6a43115f33a5a37d57df4ea0ca295b780ae8546e8044"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_34_ppc64le.whl", hash = "sha256:b419ae593c86b87014b9be7396b385491ad7f320bde96826d0dd174459e54665"},
-    {file = "cryptography-46.0.3-cp314-cp314t-manylinux_2_34_x86_64.whl", hash = "sha256:50fc3343ac490c6b08c0cf0d704e881d0d660be923fd3076db3e932007e726e3"},
-    {file = "cryptography-46.0.3-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:22d7e97932f511d6b0b04f2bfd818d73dcd5928db509460aaf48384778eb6d20"},
-    {file = "cryptography-46.0.3-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:d55f3dffadd674514ad19451161118fd010988540cee43d8bc20675e775925de"},
-    {file = "cryptography-46.0.3-cp314-cp314t-win32.whl", hash = "sha256:8a6e050cb6164d3f830453754094c086ff2d0b2f3a897a1d9820f6139a1f0914"},
-    {file = "cryptography-46.0.3-cp314-cp314t-win_amd64.whl", hash = "sha256:760f83faa07f8b64e9c33fc963d790a2edb24efb479e3520c14a45741cd9b2db"},
-    {file = "cryptography-46.0.3-cp314-cp314t-win_arm64.whl", hash = "sha256:516ea134e703e9fe26bcd1277a4b59ad30586ea90c365a87781d7887a646fe21"},
-    {file = "cryptography-46.0.3-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:cb3d760a6117f621261d662bccc8ef5bc32ca673e037c83fbe565324f5c46936"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:4b7387121ac7d15e550f5cb4a43aef2559ed759c35df7336c402bb8275ac9683"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:15ab9b093e8f09daab0f2159bb7e47532596075139dd74365da52ecc9cb46c5d"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:46acf53b40ea38f9c6c229599a4a13f0d46a6c3fa9ef19fc1a124d62e338dfa0"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_28_armv7l.manylinux_2_31_armv7l.whl", hash = "sha256:10ca84c4668d066a9878890047f03546f3ae0a6b8b39b697457b7757aaf18dbc"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_28_ppc64le.whl", hash = "sha256:36e627112085bb3b81b19fed209c05ce2a52ee8b15d161b7c643a7d5a88491f3"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:1000713389b75c449a6e979ffc7dcc8ac90b437048766cef052d4d30b8220971"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:b02cf04496f6576afffef5ddd04a0cb7d49cf6be16a9059d793a30b035f6b6ac"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_34_ppc64le.whl", hash = "sha256:71e842ec9bc7abf543b47cf86b9a743baa95f4677d22baa4c7d5c69e49e9bc04"},
-    {file = "cryptography-46.0.3-cp38-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:402b58fc32614f00980b66d6e56a5b4118e6cb362ae8f3fda141ba4689bd4506"},
-    {file = "cryptography-46.0.3-cp38-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:ef639cb3372f69ec44915fafcd6698b6cc78fbe0c2ea41be867f6ed612811963"},
-    {file = "cryptography-46.0.3-cp38-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:3b51b8ca4f1c6453d8829e1eb7299499ca7f313900dd4d89a24b8b87c0a780d4"},
-    {file = "cryptography-46.0.3-cp38-abi3-win32.whl", hash = "sha256:6276eb85ef938dc035d59b87c8a7dc559a232f954962520137529d77b18ff1df"},
-    {file = "cryptography-46.0.3-cp38-abi3-win_amd64.whl", hash = "sha256:416260257577718c05135c55958b674000baef9a1c7d9e8f306ec60d71db850f"},
-    {file = "cryptography-46.0.3-cp38-abi3-win_arm64.whl", hash = "sha256:d89c3468de4cdc4f08a57e214384d0471911a3830fcdaf7a8cc587e42a866372"},
-    {file = "cryptography-46.0.3-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:a23582810fedb8c0bc47524558fb6c56aac3fc252cb306072fd2815da2a47c32"},
-    {file = "cryptography-46.0.3-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:e7aec276d68421f9574040c26e2a7c3771060bc0cff408bae1dcb19d3ab1e63c"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-macosx_10_9_x86_64.whl", hash = "sha256:7ce938a99998ed3c8aa7e7272dca1a610401ede816d36d0693907d863b10d9ea"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:191bb60a7be5e6f54e30ba16fdfae78ad3a342a0599eb4193ba88e3f3d6e185b"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c70cc23f12726be8f8bc72e41d5065d77e4515efae3690326764ea1b07845cfb"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-manylinux_2_34_aarch64.whl", hash = "sha256:9394673a9f4de09e28b5356e7fff97d778f8abad85c9d5ac4a4b7e25a0de7717"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-manylinux_2_34_x86_64.whl", hash = "sha256:94cd0549accc38d1494e1f8de71eca837d0509d0d44bf11d158524b0e12cebf9"},
-    {file = "cryptography-46.0.3-pp311-pypy311_pp73-win_amd64.whl", hash = "sha256:6b5063083824e5509fdba180721d55909ffacccc8adbec85268b48439423d78c"},
-    {file = "cryptography-46.0.3.tar.gz", hash = "sha256:a8b17438104fed022ce745b362294d9ce35b4c2e45c1d958ad4a4b019285f4a1"},
+    {file = "cryptography-46.0.5-cp311-abi3-macosx_10_9_universal2.whl", hash = "sha256:351695ada9ea9618b3500b490ad54c739860883df6c1f555e088eaf25b1bbaad"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:c18ff11e86df2e28854939acde2d003f7984f721eba450b56a200ad90eeb0e6b"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:4d7e3d356b8cd4ea5aff04f129d5f66ebdc7b6f8eae802b93739ed520c47c79b"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:50bfb6925eff619c9c023b967d5b77a54e04256c4281b0e21336a130cd7fc263"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_28_ppc64le.whl", hash = "sha256:803812e111e75d1aa73690d2facc295eaefd4439be1023fefc4995eaea2af90d"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:3ee190460e2fbe447175cda91b88b84ae8322a104fc27766ad09428754a618ed"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_31_armv7l.whl", hash = "sha256:f145bba11b878005c496e93e257c1e88f154d278d2638e6450d17e0f31e558d2"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:e9251e3be159d1020c4030bd2e5f84d6a43fe54b6c19c12f51cde9542a2817b2"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_34_ppc64le.whl", hash = "sha256:47fb8a66058b80e509c47118ef8a75d14c455e81ac369050f20ba0d23e77fee0"},
+    {file = "cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:4c3341037c136030cb46e4b1e17b7418ea4cbd9dd207e4a6f3b2b24e0d4ac731"},
+    {file = "cryptography-46.0.5-cp311-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:890bcb4abd5a2d3f852196437129eb3667d62630333aacc13dfd470fad3aaa82"},
+    {file = "cryptography-46.0.5-cp311-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:80a8d7bfdf38f87ca30a5391c0c9ce4ed2926918e017c29ddf643d0ed2778ea1"},
+    {file = "cryptography-46.0.5-cp311-abi3-win32.whl", hash = "sha256:60ee7e19e95104d4c03871d7d7dfb3d22ef8a9b9c6778c94e1c8fcc8365afd48"},
+    {file = "cryptography-46.0.5-cp311-abi3-win_amd64.whl", hash = "sha256:38946c54b16c885c72c4f59846be9743d699eee2b69b6988e0a00a01f46a61a4"},
+    {file = "cryptography-46.0.5-cp314-cp314t-macosx_10_9_universal2.whl", hash = "sha256:94a76daa32eb78d61339aff7952ea819b1734b46f73646a07decb40e5b3448e2"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:5be7bf2fb40769e05739dd0046e7b26f9d4670badc7b032d6ce4db64dddc0678"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:fe346b143ff9685e40192a4960938545c699054ba11d4f9029f94751e3f71d87"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_28_aarch64.whl", hash = "sha256:c69fd885df7d089548a42d5ec05be26050ebcd2283d89b3d30676eb32ff87dee"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_28_ppc64le.whl", hash = "sha256:8293f3dea7fc929ef7240796ba231413afa7b68ce38fd21da2995549f5961981"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_28_x86_64.whl", hash = "sha256:1abfdb89b41c3be0365328a410baa9df3ff8a9110fb75e7b52e66803ddabc9a9"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_31_armv7l.whl", hash = "sha256:d66e421495fdb797610a08f43b05269e0a5ea7f5e652a89bfd5a7d3c1dee3648"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_34_aarch64.whl", hash = "sha256:4e817a8920bfbcff8940ecfd60f23d01836408242b30f1a708d93198393a80b4"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_34_ppc64le.whl", hash = "sha256:68f68d13f2e1cb95163fa3b4db4bf9a159a418f5f6e7242564fc75fcae667fd0"},
+    {file = "cryptography-46.0.5-cp314-cp314t-manylinux_2_34_x86_64.whl", hash = "sha256:a3d1fae9863299076f05cb8a778c467578262fae09f9dc0ee9b12eb4268ce663"},
+    {file = "cryptography-46.0.5-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:c4143987a42a2397f2fc3b4d7e3a7d313fbe684f67ff443999e803dd75a76826"},
+    {file = "cryptography-46.0.5-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:7d731d4b107030987fd61a7f8ab512b25b53cef8f233a97379ede116f30eb67d"},
+    {file = "cryptography-46.0.5-cp314-cp314t-win32.whl", hash = "sha256:c3bcce8521d785d510b2aad26ae2c966092b7daa8f45dd8f44734a104dc0bc1a"},
+    {file = "cryptography-46.0.5-cp314-cp314t-win_amd64.whl", hash = "sha256:4d8ae8659ab18c65ced284993c2265910f6c9e650189d4e3f68445ef82a810e4"},
+    {file = "cryptography-46.0.5-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:4108d4c09fbbf2789d0c926eb4152ae1760d5a2d97612b92d508d96c861e4d31"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:7d1f30a86d2757199cb2d56e48cce14deddf1f9c95f1ef1b64ee91ea43fe2e18"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:039917b0dc418bb9f6edce8a906572d69e74bd330b0b3fea4f79dab7f8ddd235"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ba2a27ff02f48193fc4daeadf8ad2590516fa3d0adeeb34336b96f7fa64c1e3a"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_28_ppc64le.whl", hash = "sha256:61aa400dce22cb001a98014f647dc21cda08f7915ceb95df0c9eaf84b4b6af76"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:3ce58ba46e1bc2aac4f7d9290223cead56743fa6ab94a5d53292ffaac6a91614"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_31_armv7l.whl", hash = "sha256:420d0e909050490d04359e7fdb5ed7e667ca5c3c402b809ae2563d7e66a92229"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:582f5fcd2afa31622f317f80426a027f30dc792e9c80ffee87b993200ea115f1"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_34_ppc64le.whl", hash = "sha256:bfd56bb4b37ed4f330b82402f6f435845a5f5648edf1ad497da51a8452d5d62d"},
+    {file = "cryptography-46.0.5-cp38-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:a3d507bb6a513ca96ba84443226af944b0f7f47dcc9a399d110cd6146481d24c"},
+    {file = "cryptography-46.0.5-cp38-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:9f16fbdf4da055efb21c22d81b89f155f02ba420558db21288b3d0035bafd5f4"},
+    {file = "cryptography-46.0.5-cp38-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:ced80795227d70549a411a4ab66e8ce307899fad2220ce5ab2f296e687eacde9"},
+    {file = "cryptography-46.0.5-cp38-abi3-win32.whl", hash = "sha256:02f547fce831f5096c9a567fd41bc12ca8f11df260959ecc7c3202555cc47a72"},
+    {file = "cryptography-46.0.5-cp38-abi3-win_amd64.whl", hash = "sha256:556e106ee01aa13484ce9b0239bca667be5004efb0aabbed28d353df86445595"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-macosx_11_0_arm64.whl", hash = "sha256:3b4995dc971c9fb83c25aa44cf45f02ba86f71ee600d81091c2f0cbae116b06c"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:bc84e875994c3b445871ea7181d424588171efec3e185dced958dad9e001950a"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:2ae6971afd6246710480e3f15824ed3029a60fc16991db250034efd0b9fb4356"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-manylinux_2_34_aarch64.whl", hash = "sha256:d861ee9e76ace6cf36a6a89b959ec08e7bc2493ee39d07ffe5acb23ef46d27da"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-manylinux_2_34_x86_64.whl", hash = "sha256:2b7a67c9cd56372f3249b39699f2ad479f6991e62ea15800973b956f4b73e257"},
+    {file = "cryptography-46.0.5-pp311-pypy311_pp73-win_amd64.whl", hash = "sha256:8456928655f856c6e1533ff59d5be76578a7157224dbd9ce6872f25055ab9ab7"},
+    {file = "cryptography-46.0.5.tar.gz", hash = "sha256:abace499247268e3757271b2f1e244b36b06f8515cf27c4d49468fc9eb16e93d"},
 ]

 [package.dependencies]
@@ -1612,7 +1607,7 @@ nox = ["nox[uv] (>=2024.4.15)"]
 pep8test = ["check-sdist", "click (>=8.0.1)", "mypy (>=1.14)", "ruff (>=0.11.11)"]
 sdist = ["build (>=1.0.0)"]
 ssh = ["bcrypt (>=3.1.5)"]
-test = ["certifi (>=2024)", "cryptography-vectors (==46.0.3)", "pretend (>=0.7)", "pytest (>=7.4.0)", "pytest-benchmark (>=4.0)", "pytest-cov (>=2.10.1)", "pytest-xdist (>=3.5.0)"]
+test = ["certifi (>=2024)", "cryptography-vectors (==46.0.5)", "pretend (>=0.7)", "pytest (>=7.4.0)", "pytest-benchmark (>=4.0)", "pytest-cov (>=2.10.1)", "pytest-xdist (>=3.5.0)"]
 test-randomorder = ["pytest-randomly"]

 [[package]]
@@ -5754,14 +5749,14 @@ test = ["flaky", "ipykernel (>=6.19.3)", "ipython", "ipywidgets", "nbconvert (>=

 [[package]]
 name = "nbconvert"
-version = "7.16.6"
-description = "Converting Jupyter Notebooks (.ipynb files) to other formats.  Output formats include asciidoc, html, latex, markdown, pdf, py, rst, script.  nbconvert can be used both as a Python library (`import nbconvert`) or as a command line tool (invoked as `jupyter nbconvert ...`)."
+version = "7.17.0"
+description = "Convert Jupyter Notebooks (.ipynb files) to other formats."
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.9"
 groups = ["main"]
 files = [
-    {file = "nbconvert-7.16.6-py3-none-any.whl", hash = "sha256:1375a7b67e0c2883678c48e506dc320febb57685e5ee67faa51b18a90f3a712b"},
-    {file = "nbconvert-7.16.6.tar.gz", hash = "sha256:576a7e37c6480da7b8465eefa66c17844243816ce1ccc372633c6b71c3c0f582"},
+    {file = "nbconvert-7.17.0-py3-none-any.whl", hash = "sha256:4f99a63b337b9a23504347afdab24a11faa7d86b405e5c8f9881cd313336d518"},
+    {file = "nbconvert-7.17.0.tar.gz", hash = "sha256:1b2696f1b5be12309f6c7d707c24af604b87dfaf6d950794c7b07acab96dda78"},
 ]

 [package.dependencies]
@@ -5781,8 +5776,8 @@ pygments = ">=2.4.1"
 traitlets = ">=5.1"

 [package.extras]
-all = ["flaky", "ipykernel", "ipython", "ipywidgets (>=7.5)", "myst-parser", "nbsphinx (>=0.2.12)", "playwright", "pydata-sphinx-theme", "pyqtwebengine (>=5.15)", "pytest (>=7)", "sphinx (==5.0.2)", "sphinxcontrib-spelling", "tornado (>=6.1)"]
-docs = ["ipykernel", "ipython", "myst-parser", "nbsphinx (>=0.2.12)", "pydata-sphinx-theme", "sphinx (==5.0.2)", "sphinxcontrib-spelling"]
+all = ["flaky", "intersphinx-registry", "ipykernel", "ipython", "ipywidgets (>=7.5)", "myst-parser", "nbsphinx (>=0.2.12)", "playwright", "pydata-sphinx-theme", "pyqtwebengine (>=5.15)", "pytest (>=7)", "sphinx (>=5.0.2)", "sphinxcontrib-spelling", "tornado (>=6.1)"]
+docs = ["intersphinx-registry", "ipykernel", "ipython", "myst-parser", "nbsphinx (>=0.2.12)", "pydata-sphinx-theme", "sphinx (>=5.0.2)", "sphinxcontrib-spelling"]
 qtpdf = ["pyqtwebengine (>=5.15)"]
 qtpng = ["pyqtwebengine (>=5.15)"]
 serve = ["tornado (>=6.1)"]
@@ -6102,14 +6097,14 @@ llama = ["llama-index (>=0.12.29,<0.13.0)", "llama-index-core (>=0.12.29,<0.13.0

 [[package]]
 name = "openhands-agent-server"
-version = "1.11.4"
+version = "1.11.5"
 description = "OpenHands Agent Server - REST/WebSocket interface for OpenHands AI Agent"
 optional = false
 python-versions = ">=3.12"
 groups = ["main"]
 files = [
-    {file = "openhands_agent_server-1.11.4-py3-none-any.whl", hash = "sha256:739bdb774dbfcd23d6e87ee6ee32bc0999f22300037506b6dd33e9ea67fa5c2a"},
-    {file = "openhands_agent_server-1.11.4.tar.gz", hash = "sha256:41247f7022a046eb50ca3b552bc6d12bfa9776e1bd27d0989da91b9f7ac77ca2"},
+    {file = "openhands_agent_server-1.11.5-py3-none-any.whl", hash = "sha256:8bae7063f232791d58a5c31919f58b557f7cce60e6295773985c7dadc556cb9e"},
+    {file = "openhands_agent_server-1.11.5.tar.gz", hash = "sha256:b61366d727c61ab9b7fcd66faab53f230f8ef0928c1177a388d2c5c4be6ebbd0"},
 ]

 [package.dependencies]
@@ -6126,7 +6121,7 @@ wsproto = ">=1.2.0"

 [[package]]
 name = "openhands-ai"
-version = "1.3.0"
+version = "1.4.0"
 description = "OpenHands: Code Less, Make More"
 optional = false
 python-versions = "^3.12,<3.14"
@@ -6168,33 +6163,33 @@ memory-profiler = ">=0.61"
 numpy = "*"
 openai = "2.8"
 openhands-aci = "0.3.2"
-openhands-agent-server = "1.11.4"
-openhands-sdk = "1.11.4"
-openhands-tools = "1.11.4"
+openhands-agent-server = "1.11.5"
+openhands-sdk = "1.11.5"
+openhands-tools = "1.11.5"
 opentelemetry-api = ">=1.33.1"
 opentelemetry-exporter-otlp-proto-grpc = ">=1.33.1"
 pathspec = ">=0.12.1"
 pexpect = "*"
 pg8000 = ">=1.31.5"
-pillow = ">=11.3"
+pillow = ">=12.1.1"
 playwright = ">=1.55"
 poetry = ">=2.1.2"
 prompt-toolkit = ">=3.0.50"
-protobuf = ">=5,<6"
+protobuf = ">=5.29.6,<6"
 psutil = "*"
 pybase62 = ">=1"
 pygithub = ">=2.5"
 pyjwt = ">=2.9"
 pylatexenc = "*"
-pypdf = ">=6"
+pypdf = ">=6.7.2"
 python-docx = "*"
 python-dotenv = "*"
 python-frontmatter = ">=1.1"
 python-jose = {version = ">=3.3", extras = ["cryptography"]}
 python-json-logger = ">=3.2.1"
-python-multipart = "*"
+python-multipart = ">=0.0.22"
 python-pptx = "*"
-python-socketio = "5.13"
+python-socketio = "5.14"
 pythonnet = "*"
 pyyaml = ">=6.0.2"
 qtconsole = ">=5.6.1"
@@ -6205,7 +6200,7 @@ setuptools = ">=78.1.1"
 shellingham = ">=1.5.4"
 sqlalchemy = {version = ">=2.0.40", extras = ["asyncio"]}
 sse-starlette = ">=3.0.2"
-starlette = ">=0.48"
+starlette = ">=0.49.1"
 tenacity = ">=8.5,<10"
 termcolor = "*"
 toml = "*"
@@ -6225,14 +6220,14 @@ url = ".."

 [[package]]
 name = "openhands-sdk"
-version = "1.11.4"
+version = "1.11.5"
 description = "OpenHands SDK - Core functionality for building AI agents"
 optional = false
 python-versions = ">=3.12"
 groups = ["main"]
 files = [
-    {file = "openhands_sdk-1.11.4-py3-none-any.whl", hash = "sha256:9f4607c5d94b56fbcd533207026ee892779dd50e29bce79277ff82454a4f76d5"},
-    {file = "openhands_sdk-1.11.4.tar.gz", hash = "sha256:4088744f6b8856eeab22d3bc17e47d1736ea7ced945c2fa126bd7d48c14bb313"},
+    {file = "openhands_sdk-1.11.5-py3-none-any.whl", hash = "sha256:f949cd540cbecc339d90fb0cca2a5f29e1b62566b82b5aee82ef40f259d14e60"},
+    {file = "openhands_sdk-1.11.5.tar.gz", hash = "sha256:dd6225876b7b8dbb6c608559f2718c3d0bf44d0bb741e990b185c6cdc5150c5a"},
 ]

 [package.dependencies]
@@ -6253,14 +6248,14 @@ boto3 = ["boto3 (>=1.35.0)"]

 [[package]]
 name = "openhands-tools"
-version = "1.11.4"
+version = "1.11.5"
 description = "OpenHands Tools - Runtime tools for AI agents"
 optional = false
 python-versions = ">=3.12"
 groups = ["main"]
 files = [
-    {file = "openhands_tools-1.11.4-py3-none-any.whl", hash = "sha256:efd721b73e87a0dac69171a76931363fa59fcde98107ca86081ee7bf0253673a"},
-    {file = "openhands_tools-1.11.4.tar.gz", hash = "sha256:80671b1ea8c85a5247a75ea2340ae31d76363e9c723b104699a9a77e66d2043c"},
+    {file = "openhands_tools-1.11.5-py3-none-any.whl", hash = "sha256:1e981e1e7f3544184fe946cee8eb6bd287010cdef77d83ebac945c9f42df3baf"},
+    {file = "openhands_tools-1.11.5.tar.gz", hash = "sha256:d7b1163f6505a51b07147e7d8972062c129ecc46571a71f28d5470355e06650e"},
 ]

 [package.dependencies]
@@ -7323,23 +7318,23 @@ testing = ["google-api-core (>=1.31.5)"]

 [[package]]
 name = "protobuf"
-version = "5.29.5"
+version = "5.29.6"
 description = ""
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "protobuf-5.29.5-cp310-abi3-win32.whl", hash = "sha256:3f1c6468a2cfd102ff4703976138844f78ebd1fb45f49011afc5139e9e283079"},
-    {file = "protobuf-5.29.5-cp310-abi3-win_amd64.whl", hash = "sha256:3f76e3a3675b4a4d867b52e4a5f5b78a2ef9565549d4037e06cf7b0942b1d3fc"},
-    {file = "protobuf-5.29.5-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:e38c5add5a311f2a6eb0340716ef9b039c1dfa428b28f25a7838ac329204a671"},
-    {file = "protobuf-5.29.5-cp38-abi3-manylinux2014_aarch64.whl", hash = "sha256:fa18533a299d7ab6c55a238bf8629311439995f2e7eca5caaff08663606e9015"},
-    {file = "protobuf-5.29.5-cp38-abi3-manylinux2014_x86_64.whl", hash = "sha256:63848923da3325e1bf7e9003d680ce6e14b07e55d0473253a690c3a8b8fd6e61"},
-    {file = "protobuf-5.29.5-cp38-cp38-win32.whl", hash = "sha256:ef91363ad4faba7b25d844ef1ada59ff1604184c0bcd8b39b8a6bef15e1af238"},
-    {file = "protobuf-5.29.5-cp38-cp38-win_amd64.whl", hash = "sha256:7318608d56b6402d2ea7704ff1e1e4597bee46d760e7e4dd42a3d45e24b87f2e"},
-    {file = "protobuf-5.29.5-cp39-cp39-win32.whl", hash = "sha256:6f642dc9a61782fa72b90878af134c5afe1917c89a568cd3476d758d3c3a0736"},
-    {file = "protobuf-5.29.5-cp39-cp39-win_amd64.whl", hash = "sha256:470f3af547ef17847a28e1f47200a1cbf0ba3ff57b7de50d22776607cd2ea353"},
-    {file = "protobuf-5.29.5-py3-none-any.whl", hash = "sha256:6cf42630262c59b2d8de33954443d94b746c952b01434fc58a417fdbd2e84bd5"},
-    {file = "protobuf-5.29.5.tar.gz", hash = "sha256:bc1463bafd4b0929216c35f437a8e28731a2b7fe3d98bb77a600efced5a15c84"},
+    {file = "protobuf-5.29.6-cp310-abi3-win32.whl", hash = "sha256:62e8a3114992c7c647bce37dcc93647575fc52d50e48de30c6fcb28a6a291eb1"},
+    {file = "protobuf-5.29.6-cp310-abi3-win_amd64.whl", hash = "sha256:7e6ad413275be172f67fdee0f43484b6de5a904cc1c3ea9804cb6fe2ff366eda"},
+    {file = "protobuf-5.29.6-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:b5a169e664b4057183a34bdc424540e86eea47560f3c123a0d64de4e137f9269"},
+    {file = "protobuf-5.29.6-cp38-abi3-manylinux2014_aarch64.whl", hash = "sha256:a8866b2cff111f0f863c1b3b9e7572dc7eaea23a7fae27f6fc613304046483e6"},
+    {file = "protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl", hash = "sha256:e3387f44798ac1106af0233c04fb8abf543772ff241169946f698b3a9a3d3ab9"},
+    {file = "protobuf-5.29.6-cp38-cp38-win32.whl", hash = "sha256:36ade6ff88212e91aef4e687a971a11d7d24d6948a66751abc1b3238648f5d05"},
+    {file = "protobuf-5.29.6-cp38-cp38-win_amd64.whl", hash = "sha256:831e2da16b6cc9d8f1654c041dd594eda43391affd3c03a91bea7f7f6da106d6"},
+    {file = "protobuf-5.29.6-cp39-cp39-win32.whl", hash = "sha256:cb4c86de9cd8a7f3a256b9744220d87b847371c6b2f10bde87768918ef33ba49"},
+    {file = "protobuf-5.29.6-cp39-cp39-win_amd64.whl", hash = "sha256:76e07e6567f8baf827137e8d5b8204b6c7b6488bbbff1bf0a72b383f77999c18"},
+    {file = "protobuf-5.29.6-py3-none-any.whl", hash = "sha256:6b9edb641441b2da9fa8f428760fc136a49cf97a52076010cf22a2ff73438a86"},
+    {file = "protobuf-5.29.6.tar.gz", hash = "sha256:da9ee6a5424b6b30fd5e45c5ea663aef540ca95f9ad99d1e887e819cdf9b8723"},
 ]

 [[package]]
@@ -7562,14 +7557,14 @@ typing-extensions = ">=4.15.0"

 [[package]]
 name = "pyasn1"
-version = "0.6.1"
+version = "0.6.2"
 description = "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "pyasn1-0.6.1-py3-none-any.whl", hash = "sha256:0d632f46f2ba09143da3a8afe9e33fb6f92fa2320ab7e886e2d0f7672af84629"},
-    {file = "pyasn1-0.6.1.tar.gz", hash = "sha256:6f580d2bdd84365380830acf45550f2511469f673cb4a5ae3857a3170128b034"},
+    {file = "pyasn1-0.6.2-py3-none-any.whl", hash = "sha256:1eb26d860996a18e9b6ed05e7aae0e9fc21619fcee6af91cca9bad4fbea224bf"},
+    {file = "pyasn1-0.6.2.tar.gz", hash = "sha256:9b59a2b25ba7e4f8197db7686c09fb33e658b98339fadb826e9512629017833b"},
 ]

 [[package]]
@@ -11578,20 +11573,20 @@ diagrams = ["jinja2", "railroad-diagrams"]

 [[package]]
 name = "pypdf"
-version = "6.6.0"
+version = "6.7.3"
 description = "A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files"
 optional = false
 python-versions = ">=3.9"
 groups = ["main"]
 files = [
-    {file = "pypdf-6.6.0-py3-none-any.whl", hash = "sha256:bca9091ef6de36c7b1a81e09327c554b7ce51e88dad68f5890c2b4a4417f1fd7"},
-    {file = "pypdf-6.6.0.tar.gz", hash = "sha256:4c887ef2ea38d86faded61141995a3c7d068c9d6ae8477be7ae5de8a8e16592f"},
+    {file = "pypdf-6.7.3-py3-none-any.whl", hash = "sha256:cd25ac508f20b554a9fafd825186e3ba29591a69b78c156783c5d8a2d63a1c0a"},
+    {file = "pypdf-6.7.3.tar.gz", hash = "sha256:eca55c78d0ec7baa06f9288e2be5c4e8242d5cbb62c7a4b94f2716f8e50076d2"},
 ]

 [package.extras]
 crypto = ["cryptography"]
 cryptodome = ["PyCryptodome"]
-dev = ["black", "flit", "pip-tools", "pre-commit", "pytest-cov", "pytest-socket", "pytest-timeout", "pytest-xdist", "wheel"]
+dev = ["flit", "pip-tools", "pre-commit", "pytest-cov", "pytest-socket", "pytest-timeout", "pytest-xdist", "wheel"]
 docs = ["myst_parser", "sphinx", "sphinx_rtd_theme"]
 full = ["Pillow (>=8.0.0)", "cryptography"]
 image = ["Pillow (>=8.0.0)"]
@@ -11886,14 +11881,14 @@ requests-toolbelt = ">=0.6.0"

 [[package]]
 name = "python-multipart"
-version = "0.0.21"
+version = "0.0.22"
 description = "A streaming multipart parser for Python"
 optional = false
 python-versions = ">=3.10"
 groups = ["main"]
 files = [
-    {file = "python_multipart-0.0.21-py3-none-any.whl", hash = "sha256:cf7a6713e01c87aa35387f4774e812c4361150938d20d232800f75ffcf266090"},
-    {file = "python_multipart-0.0.21.tar.gz", hash = "sha256:7137ebd4d3bbf70ea1622998f902b97a29434a9e8dc40eb203bbcf7c2a2cba92"},
+    {file = "python_multipart-0.0.22-py3-none-any.whl", hash = "sha256:2b2cd894c83d21bf49d702499531c7bafd057d730c201782048f7945d82de155"},
+    {file = "python_multipart-0.0.22.tar.gz", hash = "sha256:7340bef99a7e0032613f56dc36027b959fd3b30a787ed62d310e951f7c3a3a58"},
 ]

 [[package]]
@@ -11916,14 +11911,14 @@ XlsxWriter = ">=0.5.7"

 [[package]]
 name = "python-socketio"
-version = "5.13.0"
+version = "5.14.0"
 description = "Socket.IO server and client for Python"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "python_socketio-5.13.0-py3-none-any.whl", hash = "sha256:51f68d6499f2df8524668c24bcec13ba1414117cfb3a90115c559b601ab10caf"},
-    {file = "python_socketio-5.13.0.tar.gz", hash = "sha256:ac4e19a0302ae812e23b712ec8b6427ca0521f7c582d6abb096e36e24a263029"},
+    {file = "python_socketio-5.14.0-py3-none-any.whl", hash = "sha256:7de5ad8a55efc33e17897f6cf91d20168d3d259f98c38d38e2940af83136d6f8"},
+    {file = "python_socketio-5.14.0.tar.gz", hash = "sha256:d057737f658b3948392ff452a5c865c5ccc969859c37cf095a73393ce755f98e"},
 ]

 [package.dependencies]
@@ -14917,4 +14912,4 @@ cffi = ["cffi (>=1.17,<2.0) ; platform_python_implementation != \"PyPy\" and pyt
 [metadata]
 lock-version = "2.1"
 python-versions = "^3.12,<3.14"
-content-hash = "1cad6029269393af67155e930c72eae2c03da02e4b3a3699823f6168c14a4218"
+content-hash = "ef037f6d6085d26166d35c56ce266439f8f1a4fea90bc43ccf15cfeaf116cae5"
--- a/enterprise/pyproject.toml
+++ b/enterprise/pyproject.toml
@@ -49,7 +49,7 @@ prometheus-client = "^0.24.0"
 pandas = "^2.2.0"
 numpy = "^2.2.0"
 mcp = "^1.10.0"
-pillow = "^12.1.0"
+pillow = "^12.1.1"

 [tool.poetry.group.dev.dependencies]
 ruff = "0.8.3"
--- a/enterprise/saas_server.py
+++ b/enterprise/saas_server.py
@@ -38,15 +38,28 @@ from server.routes.integration.linear import linear_integration_router  # noqa:
 from server.routes.integration.slack import slack_router  # noqa: E402
 from server.routes.mcp_patch import patch_mcp_server  # noqa: E402
 from server.routes.oauth_device import oauth_device_router  # noqa: E402
+from server.routes.org_invitations import (  # noqa: E402
+    accept_router as invitation_accept_router,
+)
+from server.routes.org_invitations import (  # noqa: E402
+    invitation_router,
+)
 from server.routes.orgs import org_router  # noqa: E402
 from server.routes.readiness import readiness_router  # noqa: E402
 from server.routes.user import saas_user_router  # noqa: E402
+from server.routes.user_app_settings import user_app_settings_router  # noqa: E402
 from server.sharing.shared_conversation_router import (  # noqa: E402
    router as shared_conversation_router,
 )
 from server.sharing.shared_event_router import (  # noqa: E402
    router as shared_event_router,
 )
+from server.verified_models.verified_model_router import (  # noqa: E402
+    api_router as verified_models_router,
+)
+from server.verified_models.verified_model_router import (  # noqa: E402
+    override_llm_models_dependency,
+)

 from openhands.server.app import app as base_app  # noqa: E402
 from openhands.server.listen_socket import sio  # noqa: E402
@@ -70,6 +83,7 @@ base_app.include_router(api_router)  # Add additional route for github auth
 base_app.include_router(oauth_router)  # Add additional route for oauth callback
 base_app.include_router(oauth_device_router)  # Add OAuth 2.0 Device Flow routes
 base_app.include_router(saas_user_router)  # Add additional route SAAS user calls
+base_app.include_router(user_app_settings_router)  # Add routes for user app settings
 base_app.include_router(
    billing_router
 )  # Add routes for credit management and Stripe payment integration
@@ -99,6 +113,16 @@ if GITLAB_APP_CLIENT_ID:

 base_app.include_router(api_keys_router)  # Add routes for API key management
 base_app.include_router(org_router)  # Add routes for organization management
+base_app.include_router(
+    verified_models_router
+)  # Add routes for verified models management
+
+# Override the default LLM models implementation with SaaS version
+# This must happen after all routers are included
+override_llm_models_dependency(base_app)
+
+base_app.include_router(invitation_router)  # Add routes for org invitation management
+base_app.include_router(invitation_accept_router)  # Add route for accepting invitations
 add_github_proxy_routes(base_app)
 add_debugging_routes(
    base_app
--- a/enterprise/server/auth/auth_error.py
+++ b/enterprise/server/auth/auth_error.py
@@ -38,3 +38,9 @@ class ExpiredError(AuthError):
    """Error when a token has expired (Usually the refresh token)"""

    pass
+
+
+class TokenRefreshError(AuthError):
+    """Error when token refresh fails due to timeout or lock contention"""
+
+    pass
--- a/enterprise/server/auth/auth_utils.py
+++ b/enterprise/server/auth/auth_utils.py
@@ -1,7 +1,5 @@
 import os

-from server.auth.sheets_client import GoogleSheetsClient
-
 from openhands.core.logger import openhands_logger as logger


@@ -9,12 +7,9 @@ class UserVerifier:
    def __init__(self) -> None:
        logger.debug('Initializing UserVerifier')
        self.file_users: list[str] | None = None
-        self.sheets_client: GoogleSheetsClient | None = None
-        self.spreadsheet_id: str | None = None

        # Initialize from environment variables
        self._init_file_users()
-        self._init_sheets_client()

    def _init_file_users(self) -> None:
        """Load users from text file if configured."""
@@ -36,23 +31,11 @@ class UserVerifier:
        except Exception:
            logger.exception(f'Error reading user list file {waitlist}')

-    def _init_sheets_client(self) -> None:
-        """Initialize Google Sheets client if configured."""
-        sheet_id = os.getenv('GITHUB_USERS_SHEET_ID')
-
-        if not sheet_id:
-            logger.debug('GITHUB_USERS_SHEET_ID not configured')
-            return
-
-        logger.debug('Initializing Google Sheets integration')
-        self.sheets_client = GoogleSheetsClient()
-        self.spreadsheet_id = sheet_id
-
    def is_active(self) -> bool:
        if os.getenv('DISABLE_WAITLIST', '').lower() == 'true':
            logger.info('Waitlist disabled via DISABLE_WAITLIST env var')
            return False
-        return bool(self.file_users or (self.sheets_client and self.spreadsheet_id))
+        return bool(self.file_users)

    def is_user_allowed(self, username: str) -> bool:
        """Check if user is allowed based on file and/or sheet configuration."""
@@ -63,15 +46,6 @@ class UserVerifier:
                return True
            logger.debug(f'User {username} not found in text file allowlist')

-        if self.sheets_client and self.spreadsheet_id:
-            sheet_users = [
-                u.lower() for u in self.sheets_client.get_usernames(self.spreadsheet_id)
-            ]
-            if username.lower() in sheet_users:
-                logger.debug(f'User {username} found in Google Sheets allowlist')
-                return True
-            logger.debug(f'User {username} not found in Google Sheets allowlist')
-
        logger.debug(f'User {username} not found in any allowlist')
        return False

--- a/enterprise/server/auth/authorization.py
+++ b/enterprise/server/auth/authorization.py
@@ -1,21 +1,18 @@
 """
-Permission-based authorization dependencies for API endpoints (SAAS mode).
+Permission-based authorization dependencies for API endpoints.

 This module provides FastAPI dependencies for checking user permissions
 within organizations. It uses a permission-based authorization model where
 roles (owner, admin, member) are mapped to specific permissions.

-This is the SAAS/enterprise implementation that performs real authorization
-checks against the database.
+Permissions are defined in the Permission enum and mapped to roles via
+ROLE_PERMISSIONS. This allows fine-grained access control while maintaining
+the familiar role-based hierarchy.

 Usage:
    from server.auth.authorization import (
        Permission,
        require_permission,
-        require_org_role,
-        require_org_user,
-        require_org_admin,
-        require_org_owner,
    )

    @router.get('/{org_id}/settings')
@@ -25,6 +22,14 @@ Usage:
    ):
        # Only users with VIEW_LLM_SETTINGS permission can access
        ...
+
+    @router.patch('/{org_id}/settings')
+    async def update_settings(
+        org_id: UUID,
+        user_id: str = Depends(require_permission(Permission.EDIT_LLM_SETTINGS)),
+    ):
+        # Only users with EDIT_LLM_SETTINGS permission can access
+        ...
 """

 from enum import Enum
@@ -36,10 +41,50 @@ from storage.role import Role
 from storage.role_store import RoleStore

 from openhands.core.logger import openhands_logger as logger
-from openhands.server.auth import Permission
 from openhands.server.user_auth import get_user_id


+class Permission(str, Enum):
+    """Permissions that can be assigned to roles."""
+
+    # Secrets
+    MANAGE_SECRETS = 'manage_secrets'
+
+    # MCP
+    MANAGE_MCP = 'manage_mcp'
+
+    # Integrations
+    MANAGE_INTEGRATIONS = 'manage_integrations'
+
+    # Application Settings
+    MANAGE_APPLICATION_SETTINGS = 'manage_application_settings'
+
+    # API Keys
+    MANAGE_API_KEYS = 'manage_api_keys'
+
+    # LLM Settings
+    VIEW_LLM_SETTINGS = 'view_llm_settings'
+    EDIT_LLM_SETTINGS = 'edit_llm_settings'
+
+    # Billing
+    VIEW_BILLING = 'view_billing'
+    ADD_CREDITS = 'add_credits'
+
+    # Organization Members
+    INVITE_USER_TO_ORGANIZATION = 'invite_user_to_organization'
+    CHANGE_USER_ROLE_MEMBER = 'change_user_role:member'
+    CHANGE_USER_ROLE_ADMIN = 'change_user_role:admin'
+    CHANGE_USER_ROLE_OWNER = 'change_user_role:owner'
+
+    # Organization Management
+    VIEW_ORG_SETTINGS = 'view_org_settings'
+    CHANGE_ORGANIZATION_NAME = 'change_organization_name'
+    DELETE_ORGANIZATION = 'delete_organization'
+
+    # Temporary permissions until we finish the API updates.
+    EDIT_ORG_SETTINGS = 'edit_org_settings'
+
+
 class RoleName(str, Enum):
    """Role names used in the system."""

@@ -67,6 +112,9 @@ ROLE_PERMISSIONS: dict[RoleName, frozenset[Permission]] = {
            Permission.CHANGE_USER_ROLE_MEMBER,
            Permission.CHANGE_USER_ROLE_ADMIN,
            Permission.CHANGE_USER_ROLE_OWNER,
+            # Organization Management
+            Permission.VIEW_ORG_SETTINGS,
+            Permission.EDIT_ORG_SETTINGS,
            # Organization Management (Owner only)
            Permission.CHANGE_ORGANIZATION_NAME,
            Permission.DELETE_ORGANIZATION,
@@ -88,6 +136,9 @@ ROLE_PERMISSIONS: dict[RoleName, frozenset[Permission]] = {
            Permission.INVITE_USER_TO_ORGANIZATION,
            Permission.CHANGE_USER_ROLE_MEMBER,
            Permission.CHANGE_USER_ROLE_ADMIN,
+            # Organization Management
+            Permission.VIEW_ORG_SETTINGS,
+            Permission.EDIT_ORG_SETTINGS,
        ]
    ),
    RoleName.MEMBER: frozenset(
@@ -98,42 +149,81 @@ ROLE_PERMISSIONS: dict[RoleName, frozenset[Permission]] = {
            Permission.MANAGE_INTEGRATIONS,
            Permission.MANAGE_APPLICATION_SETTINGS,
            Permission.MANAGE_API_KEYS,
-            # LLM Settings (View only)
+            # Settings (View only)
+            Permission.VIEW_ORG_SETTINGS,
            Permission.VIEW_LLM_SETTINGS,
        ]
    ),
 }


-def get_role_permissions(role_name: str) -> frozenset[Permission]:
-    """Get the permissions for a role."""
-    try:
-        role_enum = RoleName(role_name)
-        return ROLE_PERMISSIONS.get(role_enum, frozenset())
-    except ValueError:
-        return frozenset()
-
-
-def get_user_org_role(user_id: str, org_id: UUID) -> Role | None:
+def get_user_org_role(user_id: str, org_id: UUID | None) -> Role | None:
    """
-    Get the user's role in an organization.
+    Get the user's role in an organization (synchronous version).

    Args:
        user_id: User ID (string that will be converted to UUID)
-        org_id: Organization ID
+        org_id: Organization ID, or None to use the user's current organization

    Returns:
        Role object if user is a member, None otherwise
    """
    from uuid import UUID as parse_uuid

-    org_member = OrgMemberStore.get_org_member(org_id, parse_uuid(user_id))
+    if org_id is None:
+        org_member = OrgMemberStore.get_org_member_for_current_org(parse_uuid(user_id))
+    else:
+        org_member = OrgMemberStore.get_org_member(org_id, parse_uuid(user_id))
    if not org_member:
        return None

    return RoleStore.get_role_by_id(org_member.role_id)


+async def get_user_org_role_async(user_id: str, org_id: UUID | None) -> Role | None:
+    """
+    Get the user's role in an organization (async version).
+
+    Args:
+        user_id: User ID (string that will be converted to UUID)
+        org_id: Organization ID, or None to use the user's current organization
+
+    Returns:
+        Role object if user is a member, None otherwise
+    """
+    from uuid import UUID as parse_uuid
+
+    if org_id is None:
+        org_member = await OrgMemberStore.get_org_member_for_current_org_async(
+            parse_uuid(user_id)
+        )
+    else:
+        org_member = await OrgMemberStore.get_org_member_async(
+            org_id, parse_uuid(user_id)
+        )
+    if not org_member:
+        return None
+
+    return await RoleStore.get_role_by_id_async(org_member.role_id)
+
+
+def get_role_permissions(role_name: str) -> frozenset[Permission]:
+    """
+    Get the permissions for a role.
+
+    Args:
+        role_name: Name of the role
+
+    Returns:
+        Set of permissions for the role
+    """
+    try:
+        role_enum = RoleName(role_name)
+        return ROLE_PERMISSIONS.get(role_enum, frozenset())
+    except ValueError:
+        return frozenset()
+
+
 def has_permission(user_role: Role, permission: Permission) -> bool:
    """
    Check if a role has a specific permission.
@@ -149,23 +239,6 @@ def has_permission(user_role: Role, permission: Permission) -> bool:
    return permission in permissions


-def has_required_role(user_role: Role, required_role: Role) -> bool:
-    """
-    Check if user's role meets or exceeds the required role.
-
-    Uses role hierarchy based on rank where lower rank = higher position
-    (e.g., rank 1 owner > rank 2 admin > rank 3 user).
-
-    Args:
-        user_role: User's actual Role object
-        required_role: Minimum required Role object
-
-    Returns:
-        True if user has sufficient permissions
-    """
-    return user_role.rank <= required_role.rank
-
-
 def require_permission(permission: Permission):
    """
    Factory function that creates a dependency to require a specific permission.
@@ -192,7 +265,7 @@ def require_permission(permission: Permission):
    """

    async def permission_checker(
-        org_id: UUID,
+        org_id: UUID | None = None,
        user_id: str | None = Depends(get_user_id),
    ) -> str:
        if not user_id:
@@ -201,7 +274,7 @@ def require_permission(permission: Permission):
                detail='User not authenticated',
            )

-        user_role = get_user_org_role(user_id, org_id)
+        user_role = await get_user_org_role_async(user_id, org_id)

        if not user_role:
            logger.warning(
@@ -231,90 +304,3 @@ def require_permission(permission: Permission):
        return user_id

    return permission_checker
-
-
-def require_org_role(required_role_name: str):
-    """
-    Factory function that creates a dependency to require a minimum org role.
-
-    This creates a FastAPI dependency that:
-    1. Extracts org_id from the path parameter
-    2. Gets the authenticated user_id
-    3. Checks if the user has the required role in the organization
-    4. Returns the user_id if authorized, raises HTTPException otherwise
-
-    Role hierarchy is based on rank from the Role class, where
-    lower rank = higher position (e.g., rank 1 > rank 2 > rank 3).
-
-    Usage:
-        @router.get('/{org_id}/resource')
-        async def get_resource(
-            org_id: UUID,
-            user_id: str = Depends(require_org_role('user')),
-        ):
-            ...
-
-    Args:
-        required_role_name: Name of the minimum required role to access the endpoint
-
-    Returns:
-        Dependency function that validates role and returns user_id
-    """
-
-    async def role_checker(
-        org_id: UUID,
-        user_id: str | None = Depends(get_user_id),
-    ) -> str:
-        if not user_id:
-            raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail='User not authenticated',
-            )
-
-        user_role = get_user_org_role(user_id, org_id)
-
-        if not user_role:
-            logger.warning(
-                'User not a member of organization',
-                extra={'user_id': user_id, 'org_id': str(org_id)},
-            )
-            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail='User is not a member of this organization',
-            )
-
-        required_role = RoleStore.get_role_by_name(required_role_name)
-        if not required_role:
-            logger.error(
-                'Required role not found in database',
-                extra={'required_role': required_role_name},
-            )
-            raise HTTPException(
-                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-                detail='Role configuration error',
-            )
-
-        if not has_required_role(user_role, required_role):
-            logger.warning(
-                'Insufficient role permissions',
-                extra={
-                    'user_id': user_id,
-                    'org_id': str(org_id),
-                    'user_role': user_role.name,
-                    'required_role': required_role_name,
-                },
-            )
-            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail=f'Requires {required_role_name} role or higher',
-            )
-
-        return user_id
-
-    return role_checker
-
-
-# Convenience dependencies for common role checks
-require_org_user = require_org_role('user')
-require_org_admin = require_org_role('admin')
-require_org_owner = require_org_role('owner')
--- a/enterprise/server/auth/domain_blocker.py
+++ b/enterprise/server/auth/domain_blocker.py
@@ -1,5 +1,4 @@
 from storage.blocked_email_domain_store import BlockedEmailDomainStore
-from storage.database import session_maker

 from openhands.core.logger import openhands_logger as logger

@@ -23,7 +22,7 @@ class DomainBlocker:
            logger.debug(f'Error extracting domain from email: {email}', exc_info=True)
            return None

-    def is_domain_blocked(self, email: str) -> bool:
+    async def is_domain_blocked(self, email: str) -> bool:
        """Check if email domain is blocked by querying the database directly via SQL.

        Supports blocking:
@@ -45,7 +44,7 @@ class DomainBlocker:

        try:
            # Query database directly via SQL to check if domain is blocked
-            is_blocked = self.store.is_domain_blocked(domain)
+            is_blocked = await self.store.is_domain_blocked(domain)

            if is_blocked:
                logger.warning(f'Email domain {domain} is blocked for email: {email}')
@@ -63,5 +62,5 @@ class DomainBlocker:


 # Initialize store and domain blocker
-_store = BlockedEmailDomainStore(session_maker=session_maker)
+_store = BlockedEmailDomainStore()
 domain_blocker = DomainBlocker(store=_store)
--- a/enterprise/server/auth/github_utils.py
+++ b/enterprise/server/auth/github_utils.py
@@ -1,87 +1,11 @@
-import os
-
 from integrations.github.github_service import SaaSGitHubService
 from pydantic import SecretStr
-from server.auth.sheets_client import GoogleSheetsClient
+from server.auth.auth_utils import user_verifier

 from openhands.core.logger import openhands_logger as logger
 from openhands.integrations.github.github_types import GitHubUser


-class UserVerifier:
-    def __init__(self) -> None:
-        logger.debug('Initializing UserVerifier')
-        self.file_users: list[str] | None = None
-        self.sheets_client: GoogleSheetsClient | None = None
-        self.spreadsheet_id: str | None = None
-
-        # Initialize from environment variables
-        self._init_file_users()
-        self._init_sheets_client()
-
-    def _init_file_users(self) -> None:
-        """Load users from text file if configured"""
-        waitlist = os.getenv('GITHUB_USER_LIST_FILE')
-        if not waitlist:
-            logger.debug('GITHUB_USER_LIST_FILE not configured')
-            return
-
-        if not os.path.exists(waitlist):
-            logger.error(f'User list file not found: {waitlist}')
-            raise FileNotFoundError(f'User list file not found: {waitlist}')
-
-        try:
-            with open(waitlist, 'r') as f:
-                self.file_users = [line.strip().lower() for line in f if line.strip()]
-            logger.info(
-                f'Successfully loaded {len(self.file_users)} users from {waitlist}'
-            )
-        except Exception:
-            logger.error(f'Error reading user list file {waitlist}', exc_info=True)
-
-    def _init_sheets_client(self) -> None:
-        """Initialize Google Sheets client if configured"""
-        sheet_id = os.getenv('GITHUB_USERS_SHEET_ID')
-
-        if not sheet_id:
-            logger.debug('GITHUB_USERS_SHEET_ID not configured')
-            return
-
-        logger.debug('Initializing Google Sheets integration')
-        self.sheets_client = GoogleSheetsClient()
-        self.spreadsheet_id = sheet_id
-
-    def is_active(self) -> bool:
-        if os.getenv('DISABLE_WAITLIST', '').lower() == 'true':
-            logger.info('Waitlist disabled via DISABLE_WAITLIST env var')
-            return False
-        return bool(self.file_users or (self.sheets_client and self.spreadsheet_id))
-
-    def is_user_allowed(self, username: str) -> bool:
-        """Check if user is allowed based on file and/or sheet configuration"""
-        logger.debug(f'Checking if GitHub user {username} is allowed')
-        if self.file_users:
-            if username.lower() in self.file_users:
-                logger.debug(f'User {username} found in text file allowlist')
-                return True
-            logger.debug(f'User {username} not found in text file allowlist')
-
-        if self.sheets_client and self.spreadsheet_id:
-            sheet_users = [
-                u.lower() for u in self.sheets_client.get_usernames(self.spreadsheet_id)
-            ]
-            if username.lower() in sheet_users:
-                logger.debug(f'User {username} found in Google Sheets allowlist')
-                return True
-            logger.debug(f'User {username} not found in Google Sheets allowlist')
-
-        logger.debug(f'User {username} not found in any allowlist')
-        return False
-
-
-user_verifier = UserVerifier()
-
-
 def is_user_allowed(user_login: str):
    if user_verifier.is_active() and not user_verifier.is_user_allowed(user_login):
        logger.warning(f'GitHub user {user_login} not in allow list')
--- a/enterprise/server/auth/saas_user_auth.py
+++ b/enterprise/server/auth/saas_user_auth.py
@@ -18,9 +18,10 @@ from server.auth.token_manager import TokenManager
 from server.config import get_config
 from server.logger import logger
 from server.rate_limit import RateLimiter, create_redis_rate_limiter
+from sqlalchemy import delete, select
 from storage.api_key_store import ApiKeyStore
 from storage.auth_tokens import AuthTokens
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.saas_secrets_store import SaasSecretsStore
 from storage.saas_settings_store import SaasSettingsStore
 from tenacity import retry, retry_if_exception_type, stop_after_attempt, wait_fixed
@@ -124,7 +125,7 @@ class SaasUserAuth(UserAuth):
        if secrets_store:
            return secrets_store
        user_id = await self.get_user_id()
-        secrets_store = SaasSecretsStore(user_id, session_maker, get_config())
+        secrets_store = SaasSecretsStore(user_id, get_config())
        self.secrets_store = secrets_store
        return secrets_store

@@ -161,12 +162,13 @@ class SaasUserAuth(UserAuth):

        try:
            # TODO: I think we can do this in a single request if we refactor
-            with session_maker() as session:
-                tokens = (
-                    session.query(AuthTokens)
-                    .where(AuthTokens.keycloak_user_id == self.user_id)
-                    .all()
+            async with a_session_maker() as session:
+                result = await session.execute(
+                    select(AuthTokens).where(
+                        AuthTokens.keycloak_user_id == self.user_id
+                    )
                )
+                tokens = result.scalars().all()

            for token in tokens:
                idp_type = ProviderType(token.identity_provider)
@@ -192,11 +194,11 @@ class SaasUserAuth(UserAuth):
                            'idp_type': token.identity_provider,
                        },
                    )
-                    with session_maker() as session:
-                        session.query(AuthTokens).filter(
-                            AuthTokens.id == token.id
-                        ).delete()
-                        session.commit()
+                    async with a_session_maker() as session:
+                        await session.execute(
+                            delete(AuthTokens).where(AuthTokens.id == token.id)
+                        )
+                        await session.commit()
                    raise

            self.provider_tokens = MappingProxyType(provider_tokens)
@@ -210,7 +212,7 @@ class SaasUserAuth(UserAuth):
        if settings_store:
            return settings_store
        user_id = await self.get_user_id()
-        settings_store = SaasSettingsStore(user_id, session_maker, get_config())
+        settings_store = SaasSettingsStore(user_id, get_config())
        self.settings_store = settings_store
        return settings_store

@@ -278,7 +280,7 @@ async def saas_user_auth_from_bearer(request: Request) -> SaasUserAuth | None:
            return None

        api_key_store = ApiKeyStore.get_instance()
-        user_id = api_key_store.validate_api_key(api_key)
+        user_id = await api_key_store.validate_api_key(api_key)
        if not user_id:
            return None
        offline_token = await token_manager.load_offline_token(user_id)
@@ -327,7 +329,7 @@ async def saas_user_auth_from_signed_token(signed_token: str) -> SaasUserAuth:
    email_verified = access_token_payload['email_verified']

    # Check if email domain is blocked
-    if email and domain_blocker.is_domain_blocked(email):
+    if email and await domain_blocker.is_domain_blocked(email):
        logger.warning(
            f'Blocked authentication attempt for existing user with email: {email}'
        )
--- a/enterprise/server/auth/token_manager.py
+++ b/enterprise/server/auth/token_manager.py
@@ -38,9 +38,9 @@ from server.auth.keycloak_manager import get_keycloak_admin, get_keycloak_openid
 from server.config import get_config
 from server.logger import logger
 from sqlalchemy import String as SQLString
-from sqlalchemy import type_coerce
+from sqlalchemy import select, type_coerce
 from storage.auth_token_store import AuthTokenStore
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.github_app_installation import GithubAppInstallation
 from storage.offline_token_store import OfflineTokenStore
 from tenacity import RetryCallState, retry, retry_if_exception_type, stop_after_attempt
@@ -49,6 +49,10 @@ from openhands.integrations.service_types import ProviderType
 from openhands.server.types import SessionExpiredError
 from openhands.utils.http_session import httpx_verify_option

+# HTTP timeout for external IDP calls (in seconds)
+# This prevents indefinite blocking if an IDP is slow or unresponsive
+IDP_HTTP_TIMEOUT = 15.0
+

 def _before_sleep_callback(retry_state: RetryCallState) -> None:
    logger.info(f'Retry attempt {retry_state.attempt_number} for Keycloak operation')
@@ -202,7 +206,9 @@ class TokenManager:
        access_token: str,
        idp: ProviderType,
    ) -> dict[str, str | int]:
-        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
+        async with httpx.AsyncClient(
+            verify=httpx_verify_option(), timeout=IDP_HTTP_TIMEOUT
+        ) as client:
            base_url = KEYCLOAK_SERVER_URL_EXT if self.external else KEYCLOAK_SERVER_URL
            url = f'{base_url}/realms/{KEYCLOAK_REALM_NAME}/broker/{idp.value}/token'
            headers = {
@@ -361,7 +367,9 @@ class TokenManager:
            'refresh_token': refresh_token,
            'grant_type': 'refresh_token',
        }
-        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
+        async with httpx.AsyncClient(
+            verify=httpx_verify_option(), timeout=IDP_HTTP_TIMEOUT
+        ) as client:
            response = await client.post(url, data=payload)
            response.raise_for_status()
            logger.info('Successfully refreshed GitHub token')
@@ -387,7 +395,9 @@ class TokenManager:
            'refresh_token': refresh_token,
            'grant_type': 'refresh_token',
        }
-        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
+        async with httpx.AsyncClient(
+            verify=httpx_verify_option(), timeout=IDP_HTTP_TIMEOUT
+        ) as client:
            response = await client.post(url, data=payload)
            response.raise_for_status()
            logger.info('Successfully refreshed GitLab token')
@@ -415,7 +425,9 @@ class TokenManager:
            'refresh_token': refresh_token,
        }

-        async with httpx.AsyncClient(verify=httpx_verify_option()) as client:
+        async with httpx.AsyncClient(
+            verify=httpx_verify_option(), timeout=IDP_HTTP_TIMEOUT
+        ) as client:
            response = await client.post(url, data=data, headers=headers)
            response.raise_for_status()
            logger.info('Successfully refreshed Bitbucket token')
@@ -771,25 +783,24 @@ class TokenManager:
                exc_info=True,
            )

-    def store_org_token(self, installation_id: int, installation_token: str):
+    async def store_org_token(self, installation_id: int, installation_token: str):
        """Store a GitHub App installation token.

        Args:
            installation_id: GitHub installation ID (integer or string)
            installation_token: The token to store
        """
-        with session_maker() as session:
+        async with a_session_maker() as session:
            # Ensure installation_id is a string
            str_installation_id = str(installation_id)
            # Use type_coerce to ensure SQLAlchemy treats the parameter as a string
-            installation = (
-                session.query(GithubAppInstallation)
-                .filter(
+            result = await session.execute(
+                select(GithubAppInstallation).filter(
                    GithubAppInstallation.installation_id
                    == type_coerce(str_installation_id, SQLString)
                )
-                .first()
            )
+            installation = result.scalars().first()
            if installation:
                installation.encrypted_token = self.encrypt_text(installation_token)
            else:
@@ -799,9 +810,9 @@ class TokenManager:
                        encrypted_token=self.encrypt_text(installation_token),
                    )
                )
-            session.commit()
+            await session.commit()

-    def load_org_token(self, installation_id: int) -> str | None:
+    async def load_org_token(self, installation_id: int) -> str | None:
        """Load a GitHub App installation token.

        Args:
@@ -810,17 +821,16 @@ class TokenManager:
        Returns:
            The decrypted token if found, None otherwise
        """
-        with session_maker() as session:
+        async with a_session_maker() as session:
            # Ensure installation_id is a string and use type_coerce
            str_installation_id = str(installation_id)
-            installation = (
-                session.query(GithubAppInstallation)
-                .filter(
+            result = await session.execute(
+                select(GithubAppInstallation).filter(
                    GithubAppInstallation.installation_id
                    == type_coerce(str_installation_id, SQLString)
                )
-                .first()
            )
+            installation = result.scalars().first()
            if not installation:
                return None
            token = self.decrypt_text(installation.encrypted_token)
--- a/enterprise/server/constants.py
+++ b/enterprise/server/constants.py
@@ -30,7 +30,9 @@ PERSONAL_WORKSPACE_VERSION_TO_MODEL = {
    2: 'claude-3-7-sonnet-20250219',
    3: 'claude-sonnet-4-20250514',
    4: 'claude-sonnet-4-20250514',
-    5: 'claude-opus-4-5-20251101',
+    # Minimax is now the default as it gives results close to claude in terms of quality
+    # but at a much lower price
+    5: 'minimax-m2.5',
 }

 LITELLM_DEFAULT_MODEL = os.getenv('LITELLM_DEFAULT_MODEL')
@@ -59,7 +61,6 @@ SUBSCRIPTION_PRICE_DATA = {
    },
 }

-DEFAULT_INITIAL_BUDGET = float(os.environ.get('DEFAULT_INITIAL_BUDGET', '10'))
 STRIPE_API_KEY = os.environ.get('STRIPE_API_KEY', None)
 REQUIRE_PAYMENT = os.environ.get('REQUIRE_PAYMENT', '0') in ('1', 'true')

--- a/enterprise/server/conversation_callback_processor/github_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/github_callback_processor.py
@@ -3,7 +3,6 @@ from datetime import datetime

 from integrations.github.github_manager import GithubManager
 from integrations.github.github_view import GithubViewType
-from integrations.models import Message, SourceType
 from integrations.utils import (
    extract_summary_from_conversation_manager,
    get_summary_instruction,
@@ -35,16 +34,12 @@ class GithubCallbackProcessor(ConversationCallbackProcessor):
    send_summary_instruction: bool = True

    async def _send_message_to_github(self, message: str) -> None:
-        """
-        Send a message to GitHub.
+        """Send a message to GitHub.

        Args:
            message: The message content to send to GitHub
        """
        try:
-            # Create a message object for GitHub
-            message_obj = Message(source=SourceType.OPENHANDS, message=message)
-
            # Get the token manager
            token_manager = TokenManager()

@@ -53,8 +48,8 @@ class GithubCallbackProcessor(ConversationCallbackProcessor):

            github_manager = GithubManager(token_manager, GitHubDataCollector())

-            # Send the message
-            await github_manager.send_message(message_obj, self.github_view)
+            # Send the message directly as a string
+            await github_manager.send_message(message, self.github_view)

            logger.info(
                f'[GitHub] Sent summary message to {self.github_view.full_repo_name}#{self.github_view.issue_number}'
--- a/enterprise/server/conversation_callback_processor/gitlab_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/gitlab_callback_processor.py
@@ -3,7 +3,6 @@ from datetime import datetime

 from integrations.gitlab.gitlab_manager import GitlabManager
 from integrations.gitlab.gitlab_view import GitlabViewType
-from integrations.models import Message, SourceType
 from integrations.utils import (
    extract_summary_from_conversation_manager,
    get_summary_instruction,
@@ -14,7 +13,7 @@ from storage.conversation_callback import (
    ConversationCallback,
    ConversationCallbackProcessor,
 )
-from storage.database import session_maker
+from storage.database import a_session_maker

 from openhands.core.logger import openhands_logger as logger
 from openhands.core.schema.agent import AgentState
@@ -28,8 +27,7 @@ gitlab_manager = GitlabManager(token_manager)


 class GitlabCallbackProcessor(ConversationCallbackProcessor):
-    """
-    Processor for sending conversation summaries to GitLab.
+    """Processor for sending conversation summaries to GitLab.

    This processor is used to send summaries of conversations to GitLab
    when agent state changes occur.
@@ -39,22 +37,18 @@ class GitlabCallbackProcessor(ConversationCallbackProcessor):
    send_summary_instruction: bool = True

    async def _send_message_to_gitlab(self, message: str) -> None:
-        """
-        Send a message to GitLab.
+        """Send a message to GitLab.

        Args:
            message: The message content to send to GitLab
        """
        try:
-            # Create a message object for GitHub
-            message_obj = Message(source=SourceType.OPENHANDS, message=message)
-
            # Get the token manager
            token_manager = TokenManager()
            gitlab_manager = GitlabManager(token_manager)

-            # Send the message
-            await gitlab_manager.send_message(message_obj, self.gitlab_view)
+            # Send the message directly as a string
+            await gitlab_manager.send_message(message, self.gitlab_view)

            logger.info(
                f'[GitLab] Sent summary message to {self.gitlab_view.full_repo_name}#{self.gitlab_view.issue_number}'
@@ -111,9 +105,9 @@ class GitlabCallbackProcessor(ConversationCallbackProcessor):
                self.send_summary_instruction = False
                callback.set_processor(self)
                callback.updated_at = datetime.now()
-                with session_maker() as session:
+                async with a_session_maker() as session:
                    session.merge(callback)
-                    session.commit()
+                    await session.commit()
                return

            # Extract the summary from the event store
@@ -132,9 +126,9 @@ class GitlabCallbackProcessor(ConversationCallbackProcessor):
            # Mark callback as completed status
            callback.status = CallbackStatus.COMPLETED
            callback.updated_at = datetime.now()
-            with session_maker() as session:
+            async with a_session_maker() as session:
                session.merge(callback)
-                session.commit()
+                await session.commit()

        except Exception as e:
            logger.exception(
--- a/enterprise/server/conversation_callback_processor/jira_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/jira_callback_processor.py
@@ -37,8 +37,7 @@ class JiraCallbackProcessor(ConversationCallbackProcessor):
    workspace_name: str

    async def _send_comment_to_jira(self, message: str) -> None:
-        """
-        Send a comment to Jira issue.
+        """Send a comment to Jira issue.

        Args:
            message: The message content to send to Jira
@@ -59,8 +58,9 @@ class JiraCallbackProcessor(ConversationCallbackProcessor):
            # Decrypt API key
            api_key = jira_manager.token_manager.decrypt_text(workspace.svc_acc_api_key)

+            # Send comment directly as a string
            await jira_manager.send_message(
-                jira_manager.create_outgoing_message(msg=message),
+                message,
                issue_key=self.issue_key,
                jira_cloud_id=workspace.jira_cloud_id,
                svc_acc_email=workspace.svc_acc_email,
--- a/enterprise/server/conversation_callback_processor/jira_dc_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/jira_dc_callback_processor.py
@@ -37,8 +37,7 @@ class JiraDcCallbackProcessor(ConversationCallbackProcessor):
    base_api_url: str

    async def _send_comment_to_jira_dc(self, message: str) -> None:
-        """
-        Send a comment to Jira DC issue.
+        """Send a comment to Jira DC issue.

        Args:
            message: The message content to send to Jira DC
@@ -61,8 +60,9 @@ class JiraDcCallbackProcessor(ConversationCallbackProcessor):
                workspace.svc_acc_api_key
            )

+            # Send comment directly as a string
            await jira_dc_manager.send_message(
-                jira_dc_manager.create_outgoing_message(msg=message),
+                message,
                issue_key=self.issue_key,
                base_api_url=self.base_api_url,
                svc_acc_api_key=api_key,
--- a/enterprise/server/conversation_callback_processor/linear_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/linear_callback_processor.py
@@ -36,8 +36,7 @@ class LinearCallbackProcessor(ConversationCallbackProcessor):
    workspace_name: str

    async def _send_comment_to_linear(self, message: str) -> None:
-        """
-        Send a comment to Linear issue.
+        """Send a comment to Linear issue.

        Args:
            message: The message content to send to Linear
@@ -60,9 +59,9 @@ class LinearCallbackProcessor(ConversationCallbackProcessor):
                workspace.svc_acc_api_key
            )

-            # Send comment
+            # Send comment directly as a string
            await linear_manager.send_message(
-                linear_manager.create_outgoing_message(msg=message),
+                message,
                self.issue_id,
                api_key,
            )
--- a/enterprise/server/conversation_callback_processor/slack_callback_processor.py
+++ b/enterprise/server/conversation_callback_processor/slack_callback_processor.py
@@ -26,8 +26,7 @@ slack_manager = SlackManager(token_manager)


 class SlackCallbackProcessor(ConversationCallbackProcessor):
-    """
-    Processor for sending conversation summaries to Slack.
+    """Processor for sending conversation summaries to Slack.

    This processor is used to send summaries of conversations to Slack channels
    when agent state changes occur.
@@ -41,14 +40,13 @@ class SlackCallbackProcessor(ConversationCallbackProcessor):
    last_user_msg_id: int | None = None

    async def _send_message_to_slack(self, message: str) -> None:
-        """
-        Send a message to Slack using the conversation_manager's send_to_event_stream method.
+        """Send a message to Slack.

        Args:
            message: The message content to send to Slack
        """
        try:
-            # Create a message object for Slack
+            # Create a message object for Slack view creation (incoming message format)
            message_obj = Message(
                source=SourceType.SLACK,
                message={
@@ -67,9 +65,8 @@ class SlackCallbackProcessor(ConversationCallbackProcessor):
            slack_view = SlackFactory.create_slack_view_from_payload(
                message_obj, slack_user, saas_user_auth
            )
-            await slack_manager.send_message(
-                slack_manager.create_outgoing_message(message), slack_view
-            )
+            # Send the message directly as a string
+            await slack_manager.send_message(message, slack_view)

            logger.info(
                f'[Slack] Sent summary message to channel {self.channel_id} '
--- a/enterprise/server/logger.py
+++ b/enterprise/server/logger.py
@@ -51,6 +51,14 @@ def custom_json_serializer(obj, **kwargs):
                obj['stack_info'] = format_stack(stack_info)

    result = json.dumps(obj, **kwargs)
+
+    # Swap out newlines to make things easier to read. This will produce
+    # invalid json but means we can have similar logs in local development
+    # to production, making things easier to correlate. Obviously,
+    # LOG_JSON_FOR_CONSOLE should not be used in production environments.
+    if LOG_JSON_FOR_CONSOLE:
+        result = result.replace('\\n', '\n')
+
    return result


--- a/enterprise/server/middleware.py
+++ b/enterprise/server/middleware.py
@@ -103,11 +103,13 @@ class SetAuthCookieMiddleware:
        keycloak_auth_cookie = request.cookies.get('keycloak_auth')
        auth_header = request.headers.get('Authorization')
        mcp_auth_header = request.headers.get('X-Session-API-Key')
+        api_auth_header = request.headers.get('X-Access-Token')
        accepted_tos: bool | None = False
        if (
            keycloak_auth_cookie is None
            and (auth_header is None or not auth_header.startswith('Bearer '))
            and mcp_auth_header is None
+            and api_auth_header is None
        ):
            raise NoCredentialsError

@@ -160,10 +162,10 @@ class SetAuthCookieMiddleware:
            '/api/billing/customer-setup-success',
            '/api/billing/stripe-webhook',
            '/api/email/resend',
+            '/api/organizations/members/invite/accept',
            '/oauth/device/authorize',
            '/oauth/device/token',
            '/api/v1/web-client/config',
-            '/api/v1/webhooks/secrets',
        )
        if path in ignore_paths:
            return False
@@ -174,6 +176,10 @@ class SetAuthCookieMiddleware:
        ):
            return False

+        # Webhooks access is controlled using separate API keys
+        if path.startswith('/api/v1/webhooks/'):
+            return False
+
        is_mcp = path.startswith('/mcp')
        is_api_route = path.startswith('/api')
        return is_api_route or is_mcp
--- a/enterprise/server/routes/api_keys.py
+++ b/enterprise/server/routes/api_keys.py
@@ -2,6 +2,7 @@ from datetime import UTC, datetime

 from fastapi import APIRouter, Depends, HTTPException, status
 from pydantic import BaseModel, field_validator
+from storage.api_key import ApiKey
 from storage.api_key_store import ApiKeyStore
 from storage.lite_llm_manager import LiteLlmManager
 from storage.org_member import OrgMember
@@ -135,9 +136,9 @@ class ApiKeyCreate(BaseModel):
 class ApiKeyResponse(BaseModel):
    id: int
    name: str | None = None
-    created_at: str
-    last_used_at: str | None = None
-    expires_at: str | None = None
+    created_at: datetime
+    last_used_at: datetime | None = None
+    expires_at: datetime | None = None


 class ApiKeyCreateResponse(ApiKeyResponse):
@@ -152,12 +153,29 @@ class ByorPermittedResponse(BaseModel):
    permitted: bool


-@api_router.get('/llm/byor/permitted', response_model=ByorPermittedResponse)
-async def check_byor_permitted(user_id: str = Depends(get_user_id)):
+class MessageResponse(BaseModel):
+    message: str
+
+
+def api_key_to_response(key: ApiKey) -> ApiKeyResponse:
+    """Convert an ApiKey model to an ApiKeyResponse."""
+    return ApiKeyResponse(
+        id=key.id,
+        name=key.name,
+        created_at=key.created_at,
+        last_used_at=key.last_used_at,
+        expires_at=key.expires_at,
+    )
+
+
+@api_router.get('/llm/byor/permitted', tags=['Keys'])
+async def check_byor_permitted(
+    user_id: str = Depends(get_user_id),
+) -> ByorPermittedResponse:
    """Check if BYOR key export is permitted for the user's current org."""
    try:
        permitted = await OrgService.check_byor_export_enabled(user_id)
-        return {'permitted': permitted}
+        return ByorPermittedResponse(permitted=permitted)
    except Exception as e:
        logger.exception(
            'Error checking BYOR export permission', extra={'error': str(e)}
@@ -168,8 +186,10 @@ async def check_byor_permitted(user_id: str = Depends(get_user_id)):
        )


-@api_router.post('', response_model=ApiKeyCreateResponse)
-async def create_api_key(key_data: ApiKeyCreate, user_id: str = Depends(get_user_id)):
+@api_router.post('', tags=['Keys'])
+async def create_api_key(
+    key_data: ApiKeyCreate, user_id: str = Depends(get_user_id)
+) -> ApiKeyCreateResponse:
    """Create a new API key for the authenticated user."""
    try:
        api_key = await api_key_store.create_api_key(
@@ -178,48 +198,29 @@ async def create_api_key(key_data: ApiKeyCreate, user_id: str = Depends(get_user
        # Get the created key details
        keys = await api_key_store.list_api_keys(user_id)
        for key in keys:
-            if key['name'] == key_data.name:
-                return {
-                    **key,
-                    'key': api_key,
-                    'created_at': (
-                        key['created_at'].isoformat() if key['created_at'] else None
-                    ),
-                    'last_used_at': (
-                        key['last_used_at'].isoformat() if key['last_used_at'] else None
-                    ),
-                    'expires_at': (
-                        key['expires_at'].isoformat() if key['expires_at'] else None
-                    ),
-                }
+            if key.name == key_data.name:
+                return ApiKeyCreateResponse(
+                    id=key.id,
+                    name=key.name,
+                    key=api_key,
+                    created_at=key.created_at,
+                    last_used_at=key.last_used_at,
+                    expires_at=key.expires_at,
+                )
    except Exception:
        logger.exception('Error creating API key')
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail='Failed to create API key',
-        )
+    raise HTTPException(
+        status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+        detail='Failed to create API key',
+    )


-@api_router.get('', response_model=list[ApiKeyResponse])
-async def list_api_keys(user_id: str = Depends(get_user_id)):
+@api_router.get('', tags=['Keys'])
+async def list_api_keys(user_id: str = Depends(get_user_id)) -> list[ApiKeyResponse]:
    """List all API keys for the authenticated user."""
    try:
        keys = await api_key_store.list_api_keys(user_id)
-        return [
-            {
-                **key,
-                'created_at': (
-                    key['created_at'].isoformat() if key['created_at'] else None
-                ),
-                'last_used_at': (
-                    key['last_used_at'].isoformat() if key['last_used_at'] else None
-                ),
-                'expires_at': (
-                    key['expires_at'].isoformat() if key['expires_at'] else None
-                ),
-            }
-            for key in keys
-        ]
+        return [api_key_to_response(key) for key in keys]
    except Exception:
        logger.exception('Error listing API keys')
        raise HTTPException(
@@ -228,8 +229,10 @@ async def list_api_keys(user_id: str = Depends(get_user_id)):
        )


-@api_router.delete('/{key_id}')
-async def delete_api_key(key_id: int, user_id: str = Depends(get_user_id)):
+@api_router.delete('/{key_id}', tags=['Keys'])
+async def delete_api_key(
+    key_id: int, user_id: str = Depends(get_user_id)
+) -> MessageResponse:
    """Delete an API key."""
    try:
        # First, verify the key belongs to the user
@@ -237,7 +240,7 @@ async def delete_api_key(key_id: int, user_id: str = Depends(get_user_id)):
        key_to_delete = None

        for key in keys:
-            if key['id'] == key_id:
+            if key.id == key_id:
                key_to_delete = key
                break

@@ -248,14 +251,14 @@ async def delete_api_key(key_id: int, user_id: str = Depends(get_user_id)):
            )

        # Delete the key
-        success = api_key_store.delete_api_key_by_id(key_id)
+        success = await api_key_store.delete_api_key_by_id(key_id)

        if not success:
            raise HTTPException(
                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
                detail='Failed to delete API key',
            )
-        return {'message': 'API key deleted successfully'}
+        return MessageResponse(message='API key deleted successfully')
    except HTTPException:
        raise
    except Exception:
@@ -266,8 +269,10 @@ async def delete_api_key(key_id: int, user_id: str = Depends(get_user_id)):
        )


-@api_router.get('/llm/byor', response_model=LlmApiKeyResponse)
-async def get_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
+@api_router.get('/llm/byor', tags=['Keys'])
+async def get_llm_api_key_for_byor(
+    user_id: str = Depends(get_user_id),
+) -> LlmApiKeyResponse:
    """Get the LLM API key for BYOR (Bring Your Own Runtime) for the authenticated user.

    This endpoint validates that the key exists in LiteLLM before returning it.
@@ -290,7 +295,7 @@ async def get_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
            # Validate that the key is actually registered in LiteLLM
            is_valid = await LiteLlmManager.verify_key(byor_key, user_id)
            if is_valid:
-                return {'key': byor_key}
+                return LlmApiKeyResponse(key=byor_key)
            else:
                # Key exists in DB but is invalid in LiteLLM - regenerate it
                logger.warning(
@@ -315,7 +320,7 @@ async def get_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
                'Successfully generated and stored new BYOR key',
                extra={'user_id': user_id},
            )
-            return {'key': key}
+            return LlmApiKeyResponse(key=key)
        else:
            logger.error(
                'Failed to generate new BYOR LLM API key',
@@ -337,8 +342,10 @@ async def get_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
        )


-@api_router.post('/llm/byor/refresh', response_model=LlmApiKeyResponse)
-async def refresh_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
+@api_router.post('/llm/byor/refresh', tags=['Keys'])
+async def refresh_llm_api_key_for_byor(
+    user_id: str = Depends(get_user_id),
+) -> LlmApiKeyResponse:
    """Refresh the LLM API key for BYOR (Bring Your Own Runtime) for the authenticated user.

    Returns 402 Payment Required if BYOR export is not enabled for the user's org.
@@ -391,7 +398,7 @@ async def refresh_llm_api_key_for_byor(user_id: str = Depends(get_user_id)):
            'BYOR LLM API key refresh completed successfully',
            extra={'user_id': user_id},
        )
-        return {'key': key}
+        return LlmApiKeyResponse(key=key)
    except HTTPException as he:
        logger.error(
            'HTTP exception during BYOR LLM API key refresh',
--- a/enterprise/server/routes/auth.py
+++ b/enterprise/server/routes/auth.py
@@ -5,6 +5,7 @@ import warnings
 from datetime import datetime, timezone
 from typing import Annotated, Literal, Optional
 from urllib.parse import quote
+from uuid import UUID as parse_uuid

 import posthog
 from fastapi import APIRouter, Header, HTTPException, Request, Response, status
@@ -26,7 +27,15 @@ from server.auth.token_manager import TokenManager
 from server.config import sign_token
 from server.constants import IS_FEATURE_ENV
 from server.routes.event_webhook import _get_session_api_key, _get_user_id
-from storage.database import session_maker
+from server.services.org_invitation_service import (
+    EmailMismatchError,
+    InvitationExpiredError,
+    InvitationInvalidError,
+    OrgInvitationService,
+    UserAlreadyMemberError,
+)
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.user import User
 from storage.user_store import UserStore

@@ -104,22 +113,40 @@ def get_cookie_samesite(request: Request) -> Literal['lax', 'strict']:
    )


+def _extract_oauth_state(state: str | None) -> tuple[str, str | None, str | None]:
+    """Extract redirect URL, reCAPTCHA token, and invitation token from OAuth state.
+
+    Returns:
+        Tuple of (redirect_url, recaptcha_token, invitation_token).
+        Tokens may be None.
+    """
+    if not state:
+        return '', None, None
+
+    try:
+        # Try to decode as JSON (new format with reCAPTCHA and/or invitation)
+        state_data = json.loads(base64.urlsafe_b64decode(state.encode()).decode())
+        return (
+            state_data.get('redirect_url', ''),
+            state_data.get('recaptcha_token'),
+            state_data.get('invitation_token'),
+        )
+    except Exception:
+        # Old format - state is just the redirect URL
+        return state, None, None
+
+
+# Keep alias for backward compatibility
 def _extract_recaptcha_state(state: str | None) -> tuple[str, str | None]:
    """Extract redirect URL and reCAPTCHA token from OAuth state.

+    Deprecated: Use _extract_oauth_state instead.
+
    Returns:
        Tuple of (redirect_url, recaptcha_token). Token may be None.
    """
-    if not state:
-        return '', None
-
-    try:
-        # Try to decode as JSON (new format with reCAPTCHA)
-        state_data = json.loads(base64.urlsafe_b64decode(state.encode()).decode())
-        return state_data.get('redirect_url', ''), state_data.get('recaptcha_token')
-    except Exception:
-        # Old format - state is just the redirect URL
-        return state, None
+    redirect_url, recaptcha_token, _ = _extract_oauth_state(state)
+    return redirect_url, recaptcha_token


@oauth_router.get('/keycloak/callback')
@@ -130,8 +157,8 @@ async def keycloak_callback(
    error: Optional[str] = None,
    error_description: Optional[str] = None,
 ):
-    # Extract redirect URL and reCAPTCHA token from state
-    redirect_url, recaptcha_token = _extract_recaptcha_state(state)
+    # Extract redirect URL, reCAPTCHA token, and invitation token from state
+    redirect_url, recaptcha_token, invitation_token = _extract_oauth_state(state)
    if not redirect_url:
        redirect_url = str(request.base_url)

@@ -182,6 +209,7 @@ async def keycloak_callback(
    else:
        # Existing user — gradually backfill contact_name if it still has a username-style value
        await UserStore.backfill_contact_name(user_id, user_info)
+        await UserStore.backfill_user_email(user_id, user_info)

    if not user:
        logger.error(f'Failed to authenticate user {user_info["preferred_username"]}')
@@ -243,7 +271,7 @@ async def keycloak_callback(
            # Fail open - continue with login if reCAPTCHA service unavailable

    # Check if email domain is blocked
-    if email and domain_blocker.is_domain_blocked(email):
+    if email and await domain_blocker.is_domain_blocked(email):
        logger.warning(
            f'Blocked authentication attempt for email: {email}, user_id: {user_id}'
        )
@@ -302,8 +330,13 @@ async def keycloak_callback(
        from server.routes.email import verify_email

        await verify_email(request=request, user_id=user_id, is_auth_flow=True)
-        redirect_url = f'{request.base_url}login?email_verification_required=true&user_id={user_id}'
-        response = RedirectResponse(redirect_url, status_code=302)
+        verification_redirect_url = f'{request.base_url}login?email_verification_required=true&user_id={user_id}'
+        # Preserve invitation token so it can be included in OAuth state after verification
+        if invitation_token:
+            verification_redirect_url = (
+                f'{verification_redirect_url}&invitation_token={invitation_token}'
+            )
+        response = RedirectResponse(verification_redirect_url, status_code=302)
        return response

    # default to github IDP for now.
@@ -381,14 +414,90 @@ async def keycloak_callback(
        )

    has_accepted_tos = user.accepted_tos is not None
+
+    # Process invitation token if present (after email verification but before TOS)
+    if invitation_token:
+        try:
+            logger.info(
+                'Processing invitation token during auth callback',
+                extra={
+                    'user_id': user_id,
+                    'invitation_token_prefix': invitation_token[:10] + '...',
+                },
+            )
+
+            await OrgInvitationService.accept_invitation(
+                invitation_token, parse_uuid(user_id)
+            )
+            logger.info(
+                'Invitation accepted during auth callback',
+                extra={'user_id': user_id},
+            )
+
+        except InvitationExpiredError:
+            logger.warning(
+                'Invitation expired during auth callback',
+                extra={'user_id': user_id},
+            )
+            # Add query param to redirect URL
+            if '?' in redirect_url:
+                redirect_url = f'{redirect_url}&invitation_expired=true'
+            else:
+                redirect_url = f'{redirect_url}?invitation_expired=true'
+
+        except InvitationInvalidError as e:
+            logger.warning(
+                'Invalid invitation during auth callback',
+                extra={'user_id': user_id, 'error': str(e)},
+            )
+            if '?' in redirect_url:
+                redirect_url = f'{redirect_url}&invitation_invalid=true'
+            else:
+                redirect_url = f'{redirect_url}?invitation_invalid=true'
+
+        except UserAlreadyMemberError:
+            logger.info(
+                'User already member during invitation acceptance',
+                extra={'user_id': user_id},
+            )
+            if '?' in redirect_url:
+                redirect_url = f'{redirect_url}&already_member=true'
+            else:
+                redirect_url = f'{redirect_url}?already_member=true'
+
+        except EmailMismatchError as e:
+            logger.warning(
+                'Email mismatch during auth callback invitation acceptance',
+                extra={'user_id': user_id, 'error': str(e)},
+            )
+            if '?' in redirect_url:
+                redirect_url = f'{redirect_url}&email_mismatch=true'
+            else:
+                redirect_url = f'{redirect_url}?email_mismatch=true'
+
+        except Exception as e:
+            logger.exception(
+                'Unexpected error processing invitation during auth callback',
+                extra={'user_id': user_id, 'error': str(e)},
+            )
+            # Don't fail the login if invitation processing fails
+            if '?' in redirect_url:
+                redirect_url = f'{redirect_url}&invitation_error=true'
+            else:
+                redirect_url = f'{redirect_url}?invitation_error=true'
+
    # If the user hasn't accepted the TOS, redirect to the TOS page
    if not has_accepted_tos:
        encoded_redirect_url = quote(redirect_url, safe='')
        tos_redirect_url = (
            f'{request.base_url}accept-tos?redirect_url={encoded_redirect_url}'
        )
+        if invitation_token:
+            tos_redirect_url = f'{tos_redirect_url}&invitation_success=true'
        response = RedirectResponse(tos_redirect_url, status_code=302)
    else:
+        if invitation_token:
+            redirect_url = f'{redirect_url}&invitation_success=true'
        response = RedirectResponse(redirect_url, status_code=302)

    set_response_cookie(
@@ -442,7 +551,10 @@ async def keycloak_offline_callback(code: str, state: str, request: Request):
        user_id=user_info['sub'], offline_token=keycloak_refresh_token
    )

-    return RedirectResponse(state if state else request.base_url, status_code=302)
+    redirect_url, _, _ = _extract_oauth_state(state)
+    return RedirectResponse(
+        redirect_url if redirect_url else request.base_url, status_code=302
+    )


@oauth_router.get('/github/callback')
@@ -499,17 +611,20 @@ async def accept_tos(request: Request):

    # Update user settings with TOS acceptance
    accepted_tos: datetime = datetime.now(timezone.utc)
-    with session_maker() as session:
-        user = session.query(User).filter(User.id == uuid.UUID(user_id)).first()
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(User).where(User.id == uuid.UUID(user_id))
+        )
+        user = result.scalar_one_or_none()
        if not user:
-            session.rollback()
+            await session.rollback()
            logger.error('User for {user_id} not found.')
            return JSONResponse(
                status_code=status.HTTP_401_UNAUTHORIZED,
                content={'error': 'User does not exist'},
            )
        user.accepted_tos = accepted_tos
-        session.commit()
+        await session.commit()

        logger.info(f'User {user_id} accepted TOS')

--- a/enterprise/server/routes/billing.py
+++ b/enterprise/server/routes/billing.py
@@ -9,13 +9,12 @@ from fastapi import APIRouter, Depends, HTTPException, Request, status
 from fastapi.responses import RedirectResponse
 from integrations import stripe_service
 from pydantic import BaseModel
-from server.constants import (
-    STRIPE_API_KEY,
-)
+from server.constants import STRIPE_API_KEY
 from server.logger import logger
+from sqlalchemy import select
 from starlette.datastructures import URL
 from storage.billing_session import BillingSession
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.lite_llm_manager import LiteLlmManager
 from storage.org import Org
 from storage.subscription_access import SubscriptionAccess
@@ -25,7 +24,7 @@ from openhands.app_server.config import get_global_config
 from openhands.server.user_auth import get_user_id

 stripe.api_key = STRIPE_API_KEY
-billing_router = APIRouter(prefix='/api/billing')
+billing_router = APIRouter(prefix='/api/billing', tags=['Billing'])


 async def validate_billing_enabled() -> None:
@@ -95,9 +94,9 @@ async def get_credits(user_id: str = Depends(get_user_id)) -> GetCreditsResponse
    user_team_info = await LiteLlmManager.get_user_team_info(
        user_id, str(user.current_org_id)
    )
-    # Update to use calculate_credits
-    spend = user_team_info.get('spend', 0)
-    max_budget = (user_team_info.get('litellm_budget_table') or {}).get('max_budget', 0)
+    max_budget, spend = LiteLlmManager.get_budget_from_team_info(
+        user_team_info, user_id, str(user.current_org_id)
+    )
    credits = max(max_budget - spend, 0)
    return GetCreditsResponse(credits=Decimal('{:.2f}'.format(credits)))

@@ -108,16 +107,17 @@ async def get_subscription_access(
    user_id: str = Depends(get_user_id),
 ) -> SubscriptionAccessResponse | None:
    """Get details of the currently valid subscription for the user."""
-    with session_maker() as session:
+    async with a_session_maker() as session:
        now = datetime.now(UTC)
-        subscription_access = (
-            session.query(SubscriptionAccess)
-            .filter(SubscriptionAccess.status == 'ACTIVE')
-            .filter(SubscriptionAccess.user_id == user_id)
-            .filter(SubscriptionAccess.start_at <= now)
-            .filter(SubscriptionAccess.end_at >= now)
-            .first()
+        result = await session.execute(
+            select(SubscriptionAccess).where(
+                SubscriptionAccess.status == 'ACTIVE',
+                SubscriptionAccess.user_id == user_id,
+                SubscriptionAccess.start_at <= now,
+                SubscriptionAccess.end_at >= now,
+            )
        )
+        subscription_access = result.scalar_one_or_none()
        if not subscription_access:
            return None
        return SubscriptionAccessResponse(
@@ -149,7 +149,7 @@ async def create_customer_setup_session(
        customer=customer_info['customer_id'],
        mode='setup',
        payment_method_types=['card'],
-        success_url=f'{base_url}?free_credits=success',
+        success_url=f'{base_url}?setup=success',
        cancel_url=f'{base_url}',
    )
    return CreateBillingSessionResponse(redirect_url=checkout_session.url)
@@ -199,7 +199,7 @@ async def create_checkout_session(
            'checkout_session_id': checkout_session.id,
        },
    )
-    with session_maker() as session:
+    async with a_session_maker() as session:
        billing_session = BillingSession(
            id=checkout_session.id,
            user_id=user_id,
@@ -208,7 +208,7 @@ async def create_checkout_session(
            price_code='NA',
        )
        session.add(billing_session)
-        session.commit()
+        await session.commit()

    return CreateBillingSessionResponse(redirect_url=checkout_session.url)

@@ -217,13 +217,14 @@ async def create_checkout_session(
@billing_router.get('/success')
 async def success_callback(session_id: str, request: Request):
    # We can't use the auth cookie because of SameSite=strict
-    with session_maker() as session:
-        billing_session = (
-            session.query(BillingSession)
-            .filter(BillingSession.id == session_id)
-            .filter(BillingSession.status == 'in_progress')
-            .first()
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(BillingSession).where(
+                BillingSession.id == session_id,
+                BillingSession.status == 'in_progress',
+            )
        )
+        billing_session = result.scalar_one_or_none()

        if billing_session is None:
            # Hopefully this never happens - we get a redirect from stripe where the session does not exist
@@ -251,9 +252,12 @@ async def success_callback(session_id: str, request: Request):
        )
        amount_subtotal = stripe_session.amount_subtotal or 0
        add_credits = amount_subtotal / 100
-        max_budget = (user_team_info.get('litellm_budget_table') or {}).get(
-            'max_budget', 0
+        max_budget, _ = LiteLlmManager.get_budget_from_team_info(
+            user_team_info, billing_session.user_id, str(user.current_org_id)
        )
+
+        result = await session.execute(select(Org).where(Org.id == user.current_org_id))
+        org = result.scalar_one_or_none()
        new_max_budget = max_budget + add_credits

        await LiteLlmManager.update_team_and_users_budget(
@@ -261,8 +265,6 @@ async def success_callback(session_id: str, request: Request):
        )

        # Enable BYOR export for the org now that they've purchased credits
-        # Update within the same session to avoid nested session issues
-        org = session.query(Org).filter(Org.id == user.current_org_id).first()
        if org:
            org.byor_export_enabled = True

@@ -281,7 +283,7 @@ async def success_callback(session_id: str, request: Request):
                'stripe_customer_id': stripe_session.customer,
            },
        )
-        session.commit()
+        await session.commit()

    return RedirectResponse(
        f'{_get_base_url(request)}settings/billing?checkout=success', status_code=302
@@ -291,13 +293,14 @@ async def success_callback(session_id: str, request: Request):
 # Callback endpoint for cancelled Stripe payments - updates billing session status
@billing_router.get('/cancel')
 async def cancel_callback(session_id: str, request: Request):
-    with session_maker() as session:
-        billing_session = (
-            session.query(BillingSession)
-            .filter(BillingSession.id == session_id)
-            .filter(BillingSession.status == 'in_progress')
-            .first()
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(BillingSession).where(
+                BillingSession.id == session_id,
+                BillingSession.status == 'in_progress',
+            )
        )
+        billing_session = result.scalar_one_or_none()
        if billing_session:
            logger.info(
                'stripe_checkout_cancel',
@@ -309,7 +312,7 @@ async def cancel_callback(session_id: str, request: Request):
            billing_session.status = 'cancelled'
            billing_session.updated_at = datetime.now(UTC)
            session.merge(billing_session)
-            session.commit()
+            await session.commit()

    return RedirectResponse(
        f'{_get_base_url(request)}settings/billing?checkout=cancel', status_code=302
--- a/enterprise/server/routes/email.py
+++ b/enterprise/server/routes/email.py
@@ -8,6 +8,7 @@ from server.auth.keycloak_manager import get_keycloak_admin
 from server.auth.saas_user_auth import SaasUserAuth
 from server.routes.auth import set_response_cookie
 from server.utils.rate_limit_utils import check_rate_limit_by_user_id
+from storage.user_store import UserStore

 from openhands.core.logger import openhands_logger as logger
 from openhands.server.user_auth import get_user_id
@@ -62,6 +63,10 @@ async def update_email(
            },
        )

+        await UserStore.update_user_email(
+            user_id=user_id, email=email, email_verified=False
+        )
+
        user_auth: SaasUserAuth = await get_user_auth(request)
        await user_auth.refresh()  # refresh so access token has updated email
        user_auth.email = email
@@ -144,6 +149,7 @@ async def verified_email(request: Request):
    user_auth: SaasUserAuth = await get_user_auth(request)
    await user_auth.refresh()  # refresh so access token has updated email
    user_auth.email_verified = True
+    await UserStore.update_user_email(user_id=user_auth.user_id, email_verified=True)
    scheme = 'http' if request.url.hostname == 'localhost' else 'https'
    redirect_uri = f'{scheme}://{request.url.netloc}/settings/user'
    response = RedirectResponse(redirect_uri, status_code=302)
--- a/enterprise/server/routes/feedback.py
+++ b/enterprise/server/routes/feedback.py
@@ -3,16 +3,22 @@ from typing import Any, Dict, List, Optional
 from fastapi import APIRouter, Depends, HTTPException, status
 from pydantic import BaseModel, Field
 from sqlalchemy.future import select
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.feedback import ConversationFeedback
 from storage.stored_conversation_metadata_saas import StoredConversationMetadataSaas

 from openhands.events.event_store import EventStore
+from openhands.server.dependencies import get_dependencies
 from openhands.server.shared import file_store
 from openhands.server.user_auth import get_user_id
-from openhands.utils.async_utils import call_sync_from_async

-router = APIRouter(prefix='/feedback', tags=['feedback'])
+# We use the get_dependencies method here to signal to the OpenAPI docs that this endpoint
+# is protected. The actual protection is provided by SetAuthCookieMiddleware
+# TODO: It may be an error by you can actually post feedback to a conversation you don't
+# own right now - maybe this is useful in the context of public shared conversations?
+router = APIRouter(
+    prefix='/feedback', tags=['feedback'], dependencies=get_dependencies()
+)


 async def get_event_ids(conversation_id: str, user_id: str) -> List[int]:
@@ -30,23 +36,19 @@ async def get_event_ids(conversation_id: str, user_id: str) -> List[int]:
    """

    # Verify the conversation belongs to the user
-    def _verify_conversation():
-        with session_maker() as session:
-            metadata = (
-                session.query(StoredConversationMetadataSaas)
-                .filter(
-                    StoredConversationMetadataSaas.conversation_id == conversation_id,
-                    StoredConversationMetadataSaas.user_id == user_id,
-                )
-                .first()
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(StoredConversationMetadataSaas).where(
+                StoredConversationMetadataSaas.conversation_id == conversation_id,
+                StoredConversationMetadataSaas.user_id == user_id,
+            )
+        )
+        metadata = result.scalars().first()
+        if not metadata:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=f'Conversation {conversation_id} not found',
            )
-            if not metadata:
-                raise HTTPException(
-                    status_code=status.HTTP_404_NOT_FOUND,
-                    detail=f'Conversation {conversation_id} not found',
-                )
-
-    await call_sync_from_async(_verify_conversation)

    # Create an event store to access the events directly
    # This works even when the conversation is not running
@@ -96,12 +98,9 @@ async def submit_conversation_feedback(feedback: FeedbackRequest):
    )

    # Add to database
-    def _save_feedback():
-        with session_maker() as session:
-            session.add(new_feedback)
-            session.commit()
-
-    await call_sync_from_async(_save_feedback)
+    async with a_session_maker() as session:
+        session.add(new_feedback)
+        await session.commit()

    return {'status': 'success', 'message': 'Feedback submitted successfully'}

@@ -120,30 +119,27 @@ async def get_batch_feedback(conversation_id: str, user_id: str = Depends(get_us
        return {}

    # Query for existing feedback for all events
-    def _check_feedback():
-        with session_maker() as session:
-            result = session.execute(
-                select(ConversationFeedback).where(
-                    ConversationFeedback.conversation_id == conversation_id,
-                    ConversationFeedback.event_id.in_(event_ids),
-                )
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(ConversationFeedback).where(
+                ConversationFeedback.conversation_id == conversation_id,
+                ConversationFeedback.event_id.in_(event_ids),
            )
+        )

-            # Create a mapping of event_id to feedback
-            feedback_map = {
-                feedback.event_id: {
-                    'exists': True,
-                    'rating': feedback.rating,
-                    'reason': feedback.reason,
-                }
-                for feedback in result.scalars()
+        # Create a mapping of event_id to feedback
+        feedback_map = {
+            feedback.event_id: {
+                'exists': True,
+                'rating': feedback.rating,
+                'reason': feedback.reason,
            }
+            for feedback in result.scalars()
+        }

-            # Build response including all events
-            response = {}
-            for event_id in event_ids:
-                response[str(event_id)] = feedback_map.get(event_id, {'exists': False})
+        # Build response including all events
+        response = {}
+        for event_id in event_ids:
+            response[str(event_id)] = feedback_map.get(event_id, {'exists': False})

-            return response
-
-    return await call_sync_from_async(_check_feedback)
+        return response
--- a/enterprise/server/routes/integration/jira.py
+++ b/enterprise/server/routes/integration/jira.py
@@ -4,7 +4,7 @@ import json
 import os
 import re
 import uuid
-from urllib.parse import urlparse
+from urllib.parse import urlencode, urlparse

 import requests
 from fastapi import APIRouter, BackgroundTasks, Header, HTTPException, Request, status
@@ -308,10 +308,11 @@ async def jira_events(
            logger.info(f'Processing new Jira webhook event: {signature}')
            redis_client.setex(key, 300, '1')

-        # Process the webhook
+        # Process the webhook in background after returning response.
+        # Note: For async functions, BackgroundTasks runs them in the same event loop
+        # (not a thread pool), so asyncpg connections work correctly.
        message_payload = {'payload': payload}
        message = Message(source=SourceType.JIRA, message=message_payload)
-
        background_tasks.add_task(jira_manager.receive_message, message)

        return JSONResponse({'success': True})
@@ -371,9 +372,7 @@ async def create_jira_workspace(request: Request, workspace_data: JiraWorkspaceC
            'prompt': 'consent',
        }

-        auth_url = (
-            f"{JIRA_AUTH_URL}?{'&'.join([f'{k}={v}' for k, v in auth_params.items()])}"
-        )
+        auth_url = f'{JIRA_AUTH_URL}?{urlencode(auth_params)}'

        return JSONResponse(
            content={
@@ -432,9 +431,7 @@ async def create_workspace_link(request: Request, link_data: JiraLinkCreate):
            'response_type': 'code',
            'prompt': 'consent',
        }
-        auth_url = (
-            f"{JIRA_AUTH_URL}?{'&'.join([f'{k}={v}' for k, v in auth_params.items()])}"
-        )
+        auth_url = f'{JIRA_AUTH_URL}?{urlencode(auth_params)}'

        return JSONResponse(
            content={
--- a/enterprise/server/routes/integration/jira_dc.py
+++ b/enterprise/server/routes/integration/jira_dc.py
@@ -2,7 +2,7 @@ import json
 import os
 import re
 import uuid
-from urllib.parse import urlparse
+from urllib.parse import urlencode, urlparse

 import requests
 from fastapi import (
@@ -316,7 +316,7 @@ async def create_jira_dc_workspace(
                'response_type': 'code',
            }

-            auth_url = f"{JIRA_DC_AUTH_URL}?{'&'.join([f'{k}={v}' for k, v in auth_params.items()])}"
+            auth_url = f'{JIRA_DC_AUTH_URL}?{urlencode(auth_params)}'

            return JSONResponse(
                content={
@@ -436,7 +436,7 @@ async def create_workspace_link(request: Request, link_data: JiraDcLinkCreate):
                'state': state,
                'response_type': 'code',
            }
-            auth_url = f"{JIRA_DC_AUTH_URL}?{'&'.join([f'{k}={v}' for k, v in auth_params.items()])}"
+            auth_url = f'{JIRA_DC_AUTH_URL}?{urlencode(auth_params)}'

            return JSONResponse(
                content={
--- a/enterprise/server/routes/oauth_device.py
+++ b/enterprise/server/routes/oauth_device.py
@@ -7,7 +7,6 @@ from fastapi import APIRouter, Depends, Form, HTTPException, Request, status
 from fastapi.responses import JSONResponse
 from pydantic import BaseModel
 from storage.api_key_store import ApiKeyStore
-from storage.database import session_maker
 from storage.device_code_store import DeviceCodeStore

 from openhands.core.logger import openhands_logger as logger
@@ -54,7 +53,7 @@ class DeviceTokenErrorResponse(BaseModel):
 # ---------------------------------------------------------------------------

 oauth_device_router = APIRouter(prefix='/oauth/device')
-device_code_store = DeviceCodeStore(session_maker)
+device_code_store = DeviceCodeStore()


 # ---------------------------------------------------------------------------
@@ -90,7 +89,7 @@ async def device_authorization(
 ) -> DeviceAuthorizationResponse:
    """Start device flow by generating device and user codes."""
    try:
-        device_code_entry = device_code_store.create_device_code(
+        device_code_entry = await device_code_store.create_device_code(
            expires_in=DEVICE_CODE_EXPIRES_IN,
        )

@@ -125,7 +124,7 @@ async def device_authorization(
 async def device_token(device_code: str = Form(...)):
    """Poll for a token until the user authorizes or the code expires."""
    try:
-        device_code_entry = device_code_store.get_by_device_code(device_code)
+        device_code_entry = await device_code_store.get_by_device_code(device_code)

        if not device_code_entry:
            return _oauth_error(
@@ -138,7 +137,9 @@ async def device_token(device_code: str = Form(...)):
        is_too_fast, current_interval = device_code_entry.check_rate_limit()
        if is_too_fast:
            # Update poll time and increase interval
-            device_code_store.update_poll_time(device_code, increase_interval=True)
+            await device_code_store.update_poll_time(
+                device_code, increase_interval=True
+            )
            logger.warning(
                'Client polling too fast, returning slow_down error',
                extra={
@@ -154,7 +155,7 @@ async def device_token(device_code: str = Form(...)):
            )

        # Update poll time for successful rate limit check
-        device_code_store.update_poll_time(device_code, increase_interval=False)
+        await device_code_store.update_poll_time(device_code, increase_interval=False)

        if device_code_entry.is_expired():
            return _oauth_error(
@@ -181,7 +182,7 @@ async def device_token(device_code: str = Form(...)):
            # Retrieve the specific API key for this device using the user_code
            api_key_store = ApiKeyStore.get_instance()
            device_key_name = f'{API_KEY_NAME} ({device_code_entry.user_code})'
-            device_api_key = api_key_store.retrieve_api_key_by_name(
+            device_api_key = await api_key_store.retrieve_api_key_by_name(
                device_code_entry.keycloak_user_id, device_key_name
            )

@@ -238,7 +239,7 @@ async def device_verification_authenticated(
            )

        # Validate device code
-        device_code_entry = device_code_store.get_by_user_code(user_code)
+        device_code_entry = await device_code_store.get_by_user_code(user_code)
        if not device_code_entry:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
@@ -252,7 +253,7 @@ async def device_verification_authenticated(
            )

        # First, authorize the device code
-        success = device_code_store.authorize_device_code(
+        success = await device_code_store.authorize_device_code(
            user_code=user_code,
            user_id=user_id,
        )
@@ -289,7 +290,7 @@ async def device_verification_authenticated(
            # Clean up: revert the device authorization since API key creation failed
            # This prevents the device from being in an authorized state without an API key
            try:
-                device_code_store.deny_device_code(user_code)
+                await device_code_store.deny_device_code(user_code)
                logger.info(
                    'Reverted device authorization due to API key creation failure',
                    extra={'user_code': user_code, 'user_id': user_id},
--- a/enterprise/server/routes/org_invitation_models.py
+++ b/enterprise/server/routes/org_invitation_models.py
@@ -0,0 +1,122 @@
+"""
+Pydantic models and custom exceptions for organization invitations.
+"""
+
+from pydantic import BaseModel, EmailStr
+from storage.org_invitation import OrgInvitation
+from storage.role_store import RoleStore
+
+
+class InvitationError(Exception):
+    """Base exception for invitation errors."""
+
+    pass
+
+
+class InvitationAlreadyExistsError(InvitationError):
+    """Raised when a pending invitation already exists for the email."""
+
+    def __init__(
+        self, message: str = 'A pending invitation already exists for this email'
+    ):
+        super().__init__(message)
+
+
+class UserAlreadyMemberError(InvitationError):
+    """Raised when the user is already a member of the organization."""
+
+    def __init__(self, message: str = 'User is already a member of this organization'):
+        super().__init__(message)
+
+
+class InvitationExpiredError(InvitationError):
+    """Raised when the invitation has expired."""
+
+    def __init__(self, message: str = 'Invitation has expired'):
+        super().__init__(message)
+
+
+class InvitationInvalidError(InvitationError):
+    """Raised when the invitation is invalid or revoked."""
+
+    def __init__(self, message: str = 'Invitation is no longer valid'):
+        super().__init__(message)
+
+
+class InsufficientPermissionError(InvitationError):
+    """Raised when the user lacks permission to perform the action."""
+
+    def __init__(self, message: str = 'Insufficient permission'):
+        super().__init__(message)
+
+
+class EmailMismatchError(InvitationError):
+    """Raised when the accepting user's email doesn't match the invitation email."""
+
+    def __init__(self, message: str = 'Your email does not match the invitation'):
+        super().__init__(message)
+
+
+class InvitationCreate(BaseModel):
+    """Request model for creating invitation(s)."""
+
+    emails: list[EmailStr]
+    role: str = 'member'  # Default to member role
+
+
+class InvitationResponse(BaseModel):
+    """Response model for invitation details."""
+
+    id: int
+    email: str
+    role: str
+    status: str
+    created_at: str
+    expires_at: str
+    inviter_email: str | None = None
+
+    @classmethod
+    def from_invitation(
+        cls,
+        invitation: OrgInvitation,
+        inviter_email: str | None = None,
+    ) -> 'InvitationResponse':
+        """Create an InvitationResponse from an OrgInvitation entity.
+
+        Args:
+            invitation: The invitation entity to convert
+            inviter_email: Optional email of the inviter
+
+        Returns:
+            InvitationResponse: The response model instance
+        """
+        role_name = ''
+        if invitation.role:
+            role_name = invitation.role.name
+        elif invitation.role_id:
+            role = RoleStore.get_role_by_id(invitation.role_id)
+            role_name = role.name if role else ''
+
+        return cls(
+            id=invitation.id,
+            email=invitation.email,
+            role=role_name,
+            status=invitation.status,
+            created_at=invitation.created_at.isoformat(),
+            expires_at=invitation.expires_at.isoformat(),
+            inviter_email=inviter_email,
+        )
+
+
+class InvitationFailure(BaseModel):
+    """Response model for a failed invitation."""
+
+    email: str
+    error: str
+
+
+class BatchInvitationResponse(BaseModel):
+    """Response model for batch invitation creation."""
+
+    successful: list[InvitationResponse]
+    failed: list[InvitationFailure]
--- a/enterprise/server/routes/org_invitations.py
+++ b/enterprise/server/routes/org_invitations.py
@@ -0,0 +1,226 @@
+"""API routes for organization invitations."""
+
+from uuid import UUID
+
+from fastapi import APIRouter, Depends, HTTPException, Request, status
+from fastapi.responses import RedirectResponse
+from server.routes.org_invitation_models import (
+    BatchInvitationResponse,
+    EmailMismatchError,
+    InsufficientPermissionError,
+    InvitationCreate,
+    InvitationExpiredError,
+    InvitationFailure,
+    InvitationInvalidError,
+    InvitationResponse,
+    UserAlreadyMemberError,
+)
+from server.services.org_invitation_service import OrgInvitationService
+from server.utils.rate_limit_utils import check_rate_limit_by_user_id
+
+from openhands.core.logger import openhands_logger as logger
+from openhands.server.user_auth import get_user_id
+from openhands.server.user_auth.user_auth import get_user_auth
+
+# Router for invitation operations on an organization (requires org_id)
+invitation_router = APIRouter(prefix='/api/organizations/{org_id}/members')
+
+# Router for accepting invitations (no org_id required)
+accept_router = APIRouter(prefix='/api/organizations/members/invite')
+
+
+@invitation_router.post(
+    '/invite',
+    response_model=BatchInvitationResponse,
+    status_code=status.HTTP_201_CREATED,
+)
+async def create_invitation(
+    org_id: UUID,
+    invitation_data: InvitationCreate,
+    request: Request,
+    user_id: str = Depends(get_user_id),
+):
+    """Create organization invitations for multiple email addresses.
+
+    Sends emails to invitees with secure links to join the organization.
+    Supports batch invitations - some may succeed while others fail.
+
+    Permission rules:
+    - Only owners and admins can create invitations
+    - Admins can only invite with 'member' or 'admin' role (not 'owner')
+    - Owners can invite with any role
+
+    Args:
+        org_id: Organization UUID
+        invitation_data: Invitation details (emails array, role)
+        request: FastAPI request
+        user_id: Authenticated user ID (from dependency)
+
+    Returns:
+        BatchInvitationResponse: Lists of successful and failed invitations
+
+    Raises:
+        HTTPException 400: Invalid role or organization not found
+        HTTPException 403: User lacks permission to invite
+        HTTPException 429: Rate limit exceeded
+    """
+    # Rate limit: 10 invitations per minute per user (6 seconds between requests)
+    await check_rate_limit_by_user_id(
+        request=request,
+        key_prefix='org_invitation_create',
+        user_id=user_id,
+        user_rate_limit_seconds=6,
+    )
+
+    try:
+        successful, failed = await OrgInvitationService.create_invitations_batch(
+            org_id=org_id,
+            emails=[str(email) for email in invitation_data.emails],
+            role_name=invitation_data.role,
+            inviter_id=UUID(user_id),
+        )
+
+        logger.info(
+            'Batch organization invitations created',
+            extra={
+                'org_id': str(org_id),
+                'total_emails': len(invitation_data.emails),
+                'successful': len(successful),
+                'failed': len(failed),
+                'inviter_id': user_id,
+            },
+        )
+
+        return BatchInvitationResponse(
+            successful=[InvitationResponse.from_invitation(inv) for inv in successful],
+            failed=[
+                InvitationFailure(email=email, error=error) for email, error in failed
+            ],
+        )
+
+    except InsufficientPermissionError as e:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail=str(e),
+        )
+    except ValueError as e:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=str(e),
+        )
+    except Exception as e:
+        logger.exception(
+            'Unexpected error creating batch invitations',
+            extra={'org_id': str(org_id), 'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='An unexpected error occurred',
+        )
+
+
+@accept_router.get('/accept')
+async def accept_invitation(
+    token: str,
+    request: Request,
+):
+    """Accept an organization invitation via token.
+
+    This endpoint is accessed via the link in the invitation email.
+
+    Flow:
+    1. If user is authenticated: Accept invitation directly and redirect to home
+    2. If user is not authenticated: Redirect to login page with invitation token
+       - Frontend stores token and includes it in OAuth state during login
+       - After authentication, keycloak_callback processes the invitation
+
+    Args:
+        token: The invitation token from the email link
+        request: FastAPI request
+
+    Returns:
+        RedirectResponse: Redirect to home page on success, or login page if not authenticated,
+                         or home page with error query params on failure
+    """
+    base_url = str(request.base_url).rstrip('/')
+
+    # Try to get user_id from auth (may not be authenticated)
+    user_id = None
+    try:
+        user_auth = await get_user_auth(request)
+        if user_auth:
+            user_id = await user_auth.get_user_id()
+    except Exception:
+        pass
+
+    if not user_id:
+        # User not authenticated - redirect to login page with invitation token
+        # Frontend will store the token and include it in OAuth state during login
+        logger.info(
+            'Invitation accept: redirecting unauthenticated user to login',
+            extra={'token_prefix': token[:10] + '...'},
+        )
+        login_url = f'{base_url}/login?invitation_token={token}'
+        return RedirectResponse(login_url, status_code=302)
+
+    # User is authenticated - process the invitation directly
+    try:
+        await OrgInvitationService.accept_invitation(token, UUID(user_id))
+
+        logger.info(
+            'Invitation accepted successfully',
+            extra={
+                'token_prefix': token[:10] + '...',
+                'user_id': user_id,
+            },
+        )
+
+        # Redirect to home page on success
+        return RedirectResponse(f'{base_url}/', status_code=302)
+
+    except InvitationExpiredError:
+        logger.warning(
+            'Invitation accept failed: expired',
+            extra={'token_prefix': token[:10] + '...', 'user_id': user_id},
+        )
+        return RedirectResponse(f'{base_url}/?invitation_expired=true', status_code=302)
+
+    except InvitationInvalidError as e:
+        logger.warning(
+            'Invitation accept failed: invalid',
+            extra={
+                'token_prefix': token[:10] + '...',
+                'user_id': user_id,
+                'error': str(e),
+            },
+        )
+        return RedirectResponse(f'{base_url}/?invitation_invalid=true', status_code=302)
+
+    except UserAlreadyMemberError:
+        logger.info(
+            'Invitation accept: user already member',
+            extra={'token_prefix': token[:10] + '...', 'user_id': user_id},
+        )
+        return RedirectResponse(f'{base_url}/?already_member=true', status_code=302)
+
+    except EmailMismatchError as e:
+        logger.warning(
+            'Invitation accept failed: email mismatch',
+            extra={
+                'token_prefix': token[:10] + '...',
+                'user_id': user_id,
+                'error': str(e),
+            },
+        )
+        return RedirectResponse(f'{base_url}/?email_mismatch=true', status_code=302)
+
+    except Exception as e:
+        logger.exception(
+            'Unexpected error accepting invitation',
+            extra={
+                'token_prefix': token[:10] + '...',
+                'user_id': user_id,
+                'error': str(e),
+            },
+        )
+        return RedirectResponse(f'{base_url}/?invitation_error=true', status_code=302)
--- a/enterprise/server/routes/org_models.py
+++ b/enterprise/server/routes/org_models.py
@@ -1,6 +1,13 @@
 from typing import Annotated

-from pydantic import BaseModel, EmailStr, Field, SecretStr, StringConstraints
+from pydantic import (
+    BaseModel,
+    EmailStr,
+    Field,
+    SecretStr,
+    StringConstraints,
+    field_validator,
+)
 from storage.org import Org
 from storage.org_member import OrgMember
 from storage.role import Role
@@ -214,6 +221,7 @@ class OrgPage(BaseModel):

    items: list[OrgResponse]
    next_page_id: str | None = None
+    current_org_id: str | None = None


 class OrgUpdate(BaseModel):
@@ -251,13 +259,122 @@ class OrgUpdate(BaseModel):
    condenser_max_size: int | None = Field(default=None, ge=20)


+class OrgLLMSettingsResponse(BaseModel):
+    """Response model for organization LLM settings."""
+
+    default_llm_model: str | None = None
+    default_llm_base_url: str | None = None
+    search_api_key: str | None = None  # Masked in response
+    agent: str | None = None
+    confirmation_mode: bool | None = None
+    security_analyzer: str | None = None
+    enable_default_condenser: bool = True
+    condenser_max_size: int | None = None
+    default_max_iterations: int | None = None
+
+    @staticmethod
+    def _mask_key(secret: SecretStr | None) -> str | None:
+        """Mask an API key, showing only last 4 characters."""
+        if secret is None:
+            return None
+        raw = secret.get_secret_value()
+        if not raw:
+            return None
+        if len(raw) <= 4:
+            return '****'
+        return '****' + raw[-4:]
+
+    @classmethod
+    def from_org(cls, org: Org) -> 'OrgLLMSettingsResponse':
+        """Create response from Org entity."""
+        return cls(
+            default_llm_model=org.default_llm_model,
+            default_llm_base_url=org.default_llm_base_url,
+            search_api_key=cls._mask_key(org.search_api_key),
+            agent=org.agent,
+            confirmation_mode=org.confirmation_mode,
+            security_analyzer=org.security_analyzer,
+            enable_default_condenser=org.enable_default_condenser
+            if org.enable_default_condenser is not None
+            else True,
+            condenser_max_size=org.condenser_max_size,
+            default_max_iterations=org.default_max_iterations,
+        )
+
+
+class OrgMemberLLMSettings(BaseModel):
+    """LLM settings to propagate to organization members.
+
+    Field names match OrgMember DB columns.
+    """
+
+    llm_model: str | None = None
+    llm_base_url: str | None = None
+    max_iterations: int | None = None
+    llm_api_key: str | None = None
+
+    def has_updates(self) -> bool:
+        """Check if any field is set (not None)."""
+        return any(getattr(self, field) is not None for field in self.model_fields)
+
+
+class OrgLLMSettingsUpdate(BaseModel):
+    """Request model for updating organization LLM settings.
+
+    Field names match Org DB columns exactly.
+    """
+
+    default_llm_model: str | None = None
+    default_llm_base_url: str | None = None
+    search_api_key: str | None = None
+    agent: str | None = None
+    confirmation_mode: bool | None = None
+    security_analyzer: str | None = None
+    enable_default_condenser: bool | None = None
+    condenser_max_size: int | None = Field(default=None, ge=20)
+    default_max_iterations: int | None = Field(default=None, gt=0)
+    llm_api_key: str | None = None
+
+    def has_updates(self) -> bool:
+        """Check if any field is set (not None)."""
+        return any(getattr(self, field) is not None for field in self.model_fields)
+
+    def apply_to_org(self, org: Org) -> None:
+        """Apply non-None settings to the organization model.
+
+        Args:
+            org: Organization entity to update in place
+        """
+        for field_name in self.model_fields:
+            value = getattr(self, field_name)
+            # Skip llm_api_key - it's only for member propagation, not org-level
+            if value is not None and field_name != 'llm_api_key':
+                setattr(org, field_name, value)
+
+    def get_member_updates(self) -> OrgMemberLLMSettings | None:
+        """Get updates that need to be propagated to org members.
+
+        Returns:
+            OrgMemberLLMSettings with mapped field values, or None if no member updates needed.
+            Maps: default_llm_model → llm_model, default_llm_base_url → llm_base_url,
+                  default_max_iterations → max_iterations, llm_api_key → llm_api_key
+        """
+        member_settings = OrgMemberLLMSettings(
+            llm_model=self.default_llm_model,
+            llm_base_url=self.default_llm_base_url,
+            max_iterations=self.default_max_iterations,
+            llm_api_key=self.llm_api_key,
+        )
+        return member_settings if member_settings.has_updates() else None
+
+
 class OrgMemberResponse(BaseModel):
    """Response model for a single organization member."""

    user_id: str
    email: str | None
    role_id: int
-    role_name: str
+    role: str
    role_rank: int
    status: str | None

@@ -266,7 +383,8 @@ class OrgMemberPage(BaseModel):
    """Paginated response for organization members."""

    items: list[OrgMemberResponse]
-    next_page_id: str | None = None
+    current_page: int = 1
+    per_page: int = 10


 class OrgMemberUpdate(BaseModel):
@@ -325,3 +443,44 @@ class MeResponse(BaseModel):
            llm_base_url=member.llm_base_url,
            status=member.status,
        )
+
+
+class OrgAppSettingsResponse(BaseModel):
+    """Response model for organization app settings."""
+
+    enable_proactive_conversation_starters: bool = True
+    enable_solvability_analysis: bool | None = None
+    max_budget_per_task: float | None = None
+
+    @classmethod
+    def from_org(cls, org: Org) -> 'OrgAppSettingsResponse':
+        """Create an OrgAppSettingsResponse from an Org entity.
+
+        Args:
+            org: The organization entity
+
+        Returns:
+            OrgAppSettingsResponse with app settings
+        """
+        return cls(
+            enable_proactive_conversation_starters=org.enable_proactive_conversation_starters
+            if org.enable_proactive_conversation_starters is not None
+            else True,
+            enable_solvability_analysis=org.enable_solvability_analysis,
+            max_budget_per_task=org.max_budget_per_task,
+        )
+
+
+class OrgAppSettingsUpdate(BaseModel):
+    """Request model for updating organization app settings."""
+
+    enable_proactive_conversation_starters: bool | None = None
+    enable_solvability_analysis: bool | None = None
+    max_budget_per_task: float | None = None
+
+    @field_validator('max_budget_per_task')
+    @classmethod
+    def validate_max_budget_per_task(cls, v: float | None) -> float | None:
+        if v is not None and v <= 0:
+            raise ValueError('max_budget_per_task must be greater than 0')
+        return v
--- a/enterprise/server/routes/orgs.py
+++ b/enterprise/server/routes/orgs.py
@@ -3,9 +3,8 @@ from uuid import UUID

 from fastapi import APIRouter, Depends, HTTPException, Query, status
 from server.auth.authorization import (
-    require_org_admin,
-    require_org_owner,
-    require_org_user,
+    Permission,
+    require_permission,
 )
 from server.email_validation import get_admin_user_id
 from server.routes.org_models import (
@@ -16,9 +15,13 @@ from server.routes.org_models import (
    LiteLLMIntegrationError,
    MemberUpdateError,
    MeResponse,
+    OrgAppSettingsResponse,
+    OrgAppSettingsUpdate,
    OrgAuthorizationError,
    OrgCreate,
    OrgDatabaseError,
+    OrgLLMSettingsResponse,
+    OrgLLMSettingsUpdate,
    OrgMemberNotFoundError,
    OrgMemberPage,
    OrgMemberResponse,
@@ -31,14 +34,30 @@ from server.routes.org_models import (
    OrphanedUserError,
    RoleNotFoundError,
 )
+from server.services.org_app_settings_service import (
+    OrgAppSettingsService,
+    OrgAppSettingsServiceInjector,
+)
+from server.services.org_llm_settings_service import (
+    OrgLLMSettingsService,
+    OrgLLMSettingsServiceInjector,
+)
 from server.services.org_member_service import OrgMemberService
 from storage.org_service import OrgService
+from storage.user_store import UserStore

 from openhands.core.logger import openhands_logger as logger
 from openhands.server.user_auth import get_user_id

 # Initialize API router
-org_router = APIRouter(prefix='/api/organizations')
+org_router = APIRouter(prefix='/api/organizations', tags=['Orgs'])
+
+# Create injector instance and dependency for LLM settings
+_org_llm_settings_injector = OrgLLMSettingsServiceInjector()
+org_llm_settings_service_dependency = Depends(_org_llm_settings_injector.depends)
+# Create injector instance and dependency at module level
+_org_app_settings_injector = OrgAppSettingsServiceInjector()
+org_app_settings_service_dependency = Depends(_org_app_settings_injector.depends)


@org_router.get('', response_model=OrgPage)
@@ -79,6 +98,12 @@ async def list_user_orgs(
    )

    try:
+        # Fetch user to get current_org_id
+        user = await UserStore.get_user_by_id_async(user_id)
+        current_org_id = (
+            str(user.current_org_id) if user and user.current_org_id else None
+        )
+
        # Fetch organizations from service layer
        orgs, next_page_id = OrgService.get_user_orgs_paginated(
            user_id=user_id,
@@ -100,7 +125,11 @@ async def list_user_orgs(
            },
        )

-        return OrgPage(items=org_responses, next_page_id=next_page_id)
+        return OrgPage(
+            items=org_responses,
+            next_page_id=next_page_id,
+            current_org_id=current_org_id,
+        )

    except Exception as e:
        logger.exception(
@@ -191,29 +220,218 @@ async def create_org(
        )


+@org_router.get(
+    '/llm',
+    response_model=OrgLLMSettingsResponse,
+    dependencies=[Depends(require_permission(Permission.VIEW_LLM_SETTINGS))],
+)
+async def get_org_llm_settings(
+    service: OrgLLMSettingsService = org_llm_settings_service_dependency,
+) -> OrgLLMSettingsResponse:
+    """Get LLM settings for the user's current organization.
+
+    This endpoint retrieves the LLM configuration settings for the
+    authenticated user's current organization. All organization members
+    can view these settings.
+
+    Args:
+        service: OrgLLMSettingsService (injected by dependency)
+
+    Returns:
+        OrgLLMSettingsResponse: The organization's LLM settings
+
+    Raises:
+        HTTPException: 401 if not authenticated
+        HTTPException: 403 if not a member of any organization
+        HTTPException: 404 if current organization not found
+        HTTPException: 500 if retrieval fails
+    """
+    try:
+        return await service.get_org_llm_settings()
+    except OrgNotFoundError as e:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(e),
+        )
+    except Exception as e:
+        logger.exception(
+            'Error getting organization LLM settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to retrieve LLM settings',
+        )
+
+
+@org_router.post(
+    '/llm',
+    response_model=OrgLLMSettingsResponse,
+    dependencies=[Depends(require_permission(Permission.EDIT_LLM_SETTINGS))],
+)
+async def update_org_llm_settings(
+    settings: OrgLLMSettingsUpdate,
+    service: OrgLLMSettingsService = org_llm_settings_service_dependency,
+) -> OrgLLMSettingsResponse:
+    """Update LLM settings for the user's current organization.
+
+    This endpoint updates the LLM configuration settings for the
+    authenticated user's current organization. Only admins and owners
+    can update these settings.
+
+    Args:
+        settings: The LLM settings to update (only non-None fields are updated)
+        service: OrgLLMSettingsService (injected by dependency)
+
+    Returns:
+        OrgLLMSettingsResponse: The updated organization's LLM settings
+
+    Raises:
+        HTTPException: 401 if not authenticated
+        HTTPException: 403 if user lacks EDIT_LLM_SETTINGS permission
+        HTTPException: 404 if current organization not found
+        HTTPException: 500 if update fails
+    """
+    try:
+        return await service.update_org_llm_settings(settings)
+    except OrgNotFoundError as e:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(e),
+        )
+    except OrgDatabaseError as e:
+        logger.error(
+            'Database error updating LLM settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to update LLM settings',
+        )
+    except Exception as e:
+        logger.exception(
+            'Error updating organization LLM settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to update LLM settings',
+        )
+
+
+@org_router.get(
+    '/app',
+    response_model=OrgAppSettingsResponse,
+    dependencies=[Depends(require_permission(Permission.MANAGE_APPLICATION_SETTINGS))],
+)
+async def get_org_app_settings(
+    service: OrgAppSettingsService = org_app_settings_service_dependency,
+) -> OrgAppSettingsResponse:
+    """Get organization app settings for the user's current organization.
+
+    This endpoint retrieves application settings for the authenticated user's
+    current organization. Access requires the MANAGE_APPLICATION_SETTINGS permission,
+    which is granted to all organization members (member, admin, and owner roles).
+
+    Args:
+        service: OrgAppSettingsService (injected by dependency)
+
+    Returns:
+        OrgAppSettingsResponse: The organization app settings
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 403 if user lacks MANAGE_APPLICATION_SETTINGS permission
+        HTTPException: 404 if current organization not found
+    """
+    try:
+        return await service.get_org_app_settings()
+    except OrgNotFoundError:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail='Current organization not found',
+        )
+    except Exception as e:
+        logger.exception(
+            'Unexpected error retrieving organization app settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='An unexpected error occurred',
+        )
+
+
+@org_router.post(
+    '/app',
+    response_model=OrgAppSettingsResponse,
+    dependencies=[Depends(require_permission(Permission.MANAGE_APPLICATION_SETTINGS))],
+)
+async def update_org_app_settings(
+    update_data: OrgAppSettingsUpdate,
+    service: OrgAppSettingsService = org_app_settings_service_dependency,
+) -> OrgAppSettingsResponse:
+    """Update organization app settings for the user's current organization.
+
+    This endpoint updates application settings for the authenticated user's
+    current organization. Access requires the MANAGE_APPLICATION_SETTINGS permission,
+    which is granted to all organization members (member, admin, and owner roles).
+
+    Args:
+        update_data: App settings update data
+        service: OrgAppSettingsService (injected by dependency)
+
+    Returns:
+        OrgAppSettingsResponse: The updated organization app settings
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 403 if user lacks MANAGE_APPLICATION_SETTINGS permission
+        HTTPException: 404 if current organization not found
+        HTTPException: 422 if validation errors occur (handled by FastAPI)
+        HTTPException: 500 if update fails
+    """
+    try:
+        return await service.update_org_app_settings(update_data)
+    except OrgNotFoundError:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail='Current organization not found',
+        )
+    except Exception as e:
+        logger.exception(
+            'Unexpected error updating organization app settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='An unexpected error occurred',
+        )
+
+
@org_router.get('/{org_id}', response_model=OrgResponse, status_code=status.HTTP_200_OK)
 async def get_org(
    org_id: UUID,
-    user_id: str = Depends(require_org_user),
+    user_id: str = Depends(require_permission(Permission.VIEW_ORG_SETTINGS)),
 ) -> OrgResponse:
    """Get organization details by ID.

-    This endpoint allows authenticated users who are members of an organization
-    to retrieve its details. Only members of the organization can access this endpoint.
-    Requires user, admin, or owner role.
+    This endpoint retrieves details for a specific organization. Access requires
+    the VIEW_ORG_SETTINGS permission, which is granted to all organization members
+    (member, admin, and owner roles).

    Args:
        org_id: Organization ID (UUID)
-        user_id: Authenticated user ID (injected by dependency, requires org membership)
+        user_id: Authenticated user ID (injected by require_permission dependency)

    Returns:
        OrgResponse: The organization details

    Raises:
        HTTPException: 401 if user is not authenticated
-        HTTPException: 403 if user is not a member of the organization
-        HTTPException: 422 if org_id is not a valid UUID (handled by FastAPI)
+        HTTPException: 403 if user lacks VIEW_ORG_SETTINGS permission
        HTTPException: 404 if organization not found
+        HTTPException: 422 if org_id is not a valid UUID (handled by FastAPI)
        HTTPException: 500 if retrieval fails
    """
    logger.info(
@@ -313,25 +531,24 @@ async def get_me(
@org_router.delete('/{org_id}', status_code=status.HTTP_200_OK)
 async def delete_org(
    org_id: UUID,
-    user_id: str = Depends(require_org_owner),
+    user_id: str = Depends(require_permission(Permission.DELETE_ORGANIZATION)),
 ) -> dict:
    """Delete an organization.

-    This endpoint allows authenticated organization owners to delete their organization.
-    All associated data including organization members, conversations, billing data,
-    and external LiteLLM team resources will be permanently removed.
-    Requires owner role.
+    This endpoint permanently deletes an organization and all associated data including
+    organization members, conversations, billing data, and external LiteLLM team resources.
+    Access requires the DELETE_ORGANIZATION permission, which is granted only to owners.

    Args:
-        org_id: Organization ID to delete
-        user_id: Authenticated user ID (injected by dependency, requires owner role)
+        org_id: Organization ID to delete (UUID)
+        user_id: Authenticated user ID (injected by require_permission dependency)

    Returns:
        dict: Confirmation message with deleted organization details

    Raises:
        HTTPException: 401 if user is not authenticated
-        HTTPException: 403 if user is not an owner of the organization
+        HTTPException: 403 if user lacks DELETE_ORGANIZATION permission
        HTTPException: 404 if organization not found
        HTTPException: 500 if deletion fails
    """
@@ -424,25 +641,26 @@ async def delete_org(
 async def update_org(
    org_id: UUID,
    update_data: OrgUpdate,
-    user_id: str = Depends(require_org_admin),
+    user_id: str = Depends(require_permission(Permission.EDIT_ORG_SETTINGS)),
 ) -> OrgResponse:
    """Update an existing organization.

-    This endpoint allows authenticated admins and owners to update organization settings.
-    Requires admin or owner role in the organization.
+    This endpoint updates organization settings. Access requires the EDIT_ORG_SETTINGS
+    permission, which is granted to admin and owner roles.

    Args:
-        org_id: Organization ID to update (UUID validated by FastAPI)
+        org_id: Organization ID to update (UUID)
        update_data: Organization update data
-        user_id: Authenticated user ID (injected by dependency, requires admin role)
+        user_id: Authenticated user ID (injected by require_permission dependency)

    Returns:
        OrgResponse: The updated organization details

    Raises:
        HTTPException: 401 if user is not authenticated
-        HTTPException: 403 if user is not an admin or owner of the organization
+        HTTPException: 403 if user lacks EDIT_ORG_SETTINGS permission
        HTTPException: 404 if organization not found
+        HTTPException: 409 if organization name already exists
        HTTPException: 422 if validation errors occur (handled by FastAPI)
        HTTPException: 500 if update fails
    """
@@ -506,10 +724,10 @@ async def update_org(

@org_router.get('/{org_id}/members')
 async def get_org_members(
-    org_id: str,
+    org_id: UUID,
    page_id: Annotated[
        str | None,
-        Query(title='Optional next_page_id from the previously returned page'),
+        Query(title='Optional page offset for pagination'),
    ] = None,
    limit: Annotated[
        int,
@@ -518,16 +736,48 @@ async def get_org_members(
            gt=0,
            lte=100,
        ),
-    ] = 100,
-    current_user_id: str = Depends(get_user_id),
+    ] = 10,
+    email: Annotated[
+        str | None,
+        Query(
+            title='Filter members by email (case-insensitive partial match)',
+            min_length=1,
+            max_length=255,
+        ),
+    ] = None,
+    user_id: str = Depends(require_permission(Permission.VIEW_ORG_SETTINGS)),
 ) -> OrgMemberPage:
-    """Get all members of an organization with cursor-based pagination."""
+    """Get all members of an organization with pagination and optional email filter.
+
+    This endpoint retrieves a paginated list of organization members. Access requires
+    the VIEW_ORG_SETTINGS permission, which is granted to all organization members
+    (member, admin, and owner roles).
+
+    Args:
+        org_id: Organization ID (UUID)
+        page_id: Optional page offset for pagination
+        limit: Maximum number of members to return (1-100, default 10)
+        email: Optional email filter (case-insensitive partial match)
+        user_id: Authenticated user ID (injected by require_permission dependency)
+
+    Returns:
+        OrgMemberPage: Paginated list of organization members with
+            current_page and per_page metadata. Use the /count endpoint
+            to get the total count separately.
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 403 if user lacks VIEW_ORG_SETTINGS permission
+        HTTPException: 400 if org_id or page_id format is invalid
+        HTTPException: 500 if retrieval fails
+    """
    try:
        success, error_code, data = await OrgMemberService.get_org_members(
-            org_id=UUID(org_id),
-            current_user_id=UUID(current_user_id),
+            org_id=org_id,
+            current_user_id=UUID(user_id),
            page_id=page_id,
            limit=limit,
+            email_filter=email,
        )

        if not success:
@@ -570,9 +820,67 @@ async def get_org_members(
        )


+@org_router.get('/{org_id}/members/count')
+async def get_org_members_count(
+    org_id: UUID,
+    email: Annotated[
+        str | None,
+        Query(
+            title='Filter members by email (case-insensitive partial match)',
+            min_length=1,
+            max_length=255,
+        ),
+    ] = None,
+    user_id: str = Depends(require_permission(Permission.VIEW_ORG_SETTINGS)),
+) -> int:
+    """Get count of organization members with optional email filter.
+
+    This endpoint returns the total count of organization members matching
+    the filter criteria. Access requires the VIEW_ORG_SETTINGS permission,
+    which is granted to all organization members (member, admin, and owner roles).
+
+    Args:
+        org_id: Organization ID (UUID)
+        email: Optional email filter (case-insensitive partial match)
+        user_id: Authenticated user ID (injected by require_permission dependency)
+
+    Returns:
+        int: Total count of organization members matching the filter
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 403 if user lacks VIEW_ORG_SETTINGS permission or is not a member
+        HTTPException: 400 if org_id format is invalid
+        HTTPException: 500 if retrieval fails
+    """
+    try:
+        return await OrgMemberService.get_org_members_count(
+            org_id=org_id,
+            current_user_id=UUID(user_id),
+            email_filter=email,
+        )
+    except OrgMemberNotFoundError:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail='You are not a member of this organization',
+        )
+    except ValueError:
+        logger.exception('Invalid UUID format')
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='Invalid organization ID format',
+        )
+    except Exception:
+        logger.exception('Error retrieving organization member count')
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to retrieve member count',
+        )
+
+
@org_router.delete('/{org_id}/members/{user_id}')
 async def remove_org_member(
-    org_id: str,
+    org_id: UUID,
    user_id: str,
    current_user_id: str = Depends(get_user_id),
 ):
@@ -586,7 +894,7 @@ async def remove_org_member(
    """
    try:
        success, error = await OrgMemberService.remove_org_member(
-            org_id=UUID(org_id),
+            org_id=org_id,
            target_user_id=UUID(user_id),
            current_user_id=UUID(current_user_id),
        )
@@ -718,7 +1026,7 @@ async def switch_org(

@org_router.patch('/{org_id}/members/{user_id}', response_model=OrgMemberResponse)
 async def update_org_member(
-    org_id: str,
+    org_id: UUID,
    user_id: str,
    update_data: OrgMemberUpdate,
    current_user_id: str = Depends(get_user_id),
@@ -735,7 +1043,7 @@ async def update_org_member(
    """
    try:
        return await OrgMemberService.update_org_member(
-            org_id=UUID(org_id),
+            org_id=org_id,
            target_user_id=UUID(user_id),
            current_user_id=UUID(current_user_id),
            update_data=update_data,
--- a/enterprise/server/routes/readiness.py
+++ b/enterprise/server/routes/readiness.py
@@ -1,6 +1,6 @@
 from fastapi import APIRouter, HTTPException, status
 from sqlalchemy.sql import text
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.redis import create_redis_client

 from openhands.core.logger import openhands_logger as logger
@@ -9,11 +9,11 @@ readiness_router = APIRouter()


@readiness_router.get('/ready')
-def is_ready():
+async def is_ready():
    # Check database connection
    try:
-        with session_maker() as session:
-            session.execute(text('SELECT 1'))
+        async with a_session_maker() as session:
+            await session.execute(text('SELECT 1'))
    except Exception as e:
        logger.error(f'Database check failed: {str(e)}')
        raise HTTPException(
--- a/enterprise/server/routes/user.py
+++ b/enterprise/server/routes/user.py
@@ -4,6 +4,7 @@ from fastapi import APIRouter, Depends, Query, status
 from fastapi.responses import JSONResponse
 from pydantic import SecretStr
 from server.auth.token_manager import TokenManager
+from storage.user_store import UserStore
 from utils.identity import resolve_display_name

 from openhands.integrations.provider import (
@@ -115,13 +116,21 @@ async def saas_get_user(
                content='Failed to retrieve user_info.',
                status_code=status.HTTP_401_UNAUTHORIZED,
            )
+        # Prefer email from DB; fall back to Keycloak if not yet persisted
+        email = user_info.get('email') if user_info else None
+        sub = user_info.get('sub') if user_info else ''
+        if sub:
+            db_user = await UserStore.get_user_by_id_async(sub)
+            if db_user and db_user.email is not None:
+                email = db_user.email
+
        retval = await _check_idp(
            access_token=access_token,
            default_value=User(
-                id=(user_info.get('sub') if user_info else '') or '',
+                id=sub,
                login=(user_info.get('preferred_username') if user_info else '') or '',
                avatar_url='',
-                email=user_info.get('email') if user_info else None,
+                email=email,
                name=resolve_display_name(user_info) if user_info else None,
                company=user_info.get('company') if user_info else None,
            ),
@@ -379,5 +388,4 @@ async def _check_idp(
        access_token.get_secret_value(), ProviderType(idp)
    ):
        return default_value
-
    return None
--- a/enterprise/server/routes/user_app_settings.py
+++ b/enterprise/server/routes/user_app_settings.py
@@ -0,0 +1,115 @@
+"""Routes for user app settings API.
+
+Provides endpoints for managing user-level app preferences:
+- GET /api/users/app - Retrieve current user's app settings
+- POST /api/users/app - Update current user's app settings
+"""
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from server.routes.user_app_settings_models import (
+    UserAppSettingsResponse,
+    UserAppSettingsUpdate,
+    UserNotFoundError,
+)
+from server.services.user_app_settings_service import (
+    UserAppSettingsService,
+    UserAppSettingsServiceInjector,
+)
+
+from openhands.core.logger import openhands_logger as logger
+
+user_app_settings_router = APIRouter(prefix='/api/users')
+
+# Create injector instance and dependency at module level
+_injector = UserAppSettingsServiceInjector()
+user_app_settings_service_dependency = Depends(_injector.depends)
+
+
+@user_app_settings_router.get('/app', response_model=UserAppSettingsResponse)
+async def get_user_app_settings(
+    service: UserAppSettingsService = user_app_settings_service_dependency,
+) -> UserAppSettingsResponse:
+    """Get the current user's app settings.
+
+    Returns language, analytics consent, sound notifications, and git config.
+
+    Args:
+        service: UserAppSettingsService (injected by dependency)
+
+    Returns:
+        UserAppSettingsResponse: The user's app settings
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 404 if user not found
+        HTTPException: 500 if retrieval fails
+    """
+    try:
+        return await service.get_user_app_settings()
+
+    except ValueError as e:
+        # User not authenticated
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=str(e),
+        )
+    except UserNotFoundError as e:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(e),
+        )
+    except Exception as e:
+        logger.exception(
+            'Unexpected error retrieving user app settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to retrieve user app settings',
+        )
+
+
+@user_app_settings_router.post('/app', response_model=UserAppSettingsResponse)
+async def update_user_app_settings(
+    update_data: UserAppSettingsUpdate,
+    service: UserAppSettingsService = user_app_settings_service_dependency,
+) -> UserAppSettingsResponse:
+    """Update the current user's app settings (partial update).
+
+    Only provided fields will be updated. Pass null to clear a field.
+
+    Args:
+        update_data: Fields to update
+        service: UserAppSettingsService (injected by dependency)
+
+    Returns:
+        UserAppSettingsResponse: The updated user's app settings
+
+    Raises:
+        HTTPException: 401 if user is not authenticated
+        HTTPException: 404 if user not found
+        HTTPException: 500 if update fails
+    """
+    try:
+        return await service.update_user_app_settings(update_data)
+
+    except ValueError as e:
+        # User not authenticated
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=str(e),
+        )
+    except UserNotFoundError as e:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(e),
+        )
+    except Exception as e:
+        logger.exception(
+            'Failed to update user app settings',
+            extra={'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to update user app settings',
+        )
--- a/enterprise/server/routes/user_app_settings_models.py
+++ b/enterprise/server/routes/user_app_settings_models.py
@@ -0,0 +1,57 @@
+"""
+Pydantic models for user app settings API.
+"""
+
+from pydantic import BaseModel, EmailStr
+from storage.user import User
+
+
+class UserAppSettingsError(Exception):
+    """Base exception for user app settings errors."""
+
+    pass
+
+
+class UserNotFoundError(UserAppSettingsError):
+    """Raised when user is not found."""
+
+    def __init__(self, user_id: str):
+        self.user_id = user_id
+        super().__init__(f'User with id "{user_id}" not found')
+
+
+class UserAppSettingsUpdateError(UserAppSettingsError):
+    """Raised when user app settings update fails."""
+
+    pass
+
+
+class UserAppSettingsResponse(BaseModel):
+    """Response model for user app settings."""
+
+    language: str | None = None
+    user_consents_to_analytics: bool | None = None
+    enable_sound_notifications: bool | None = None
+    git_user_name: str | None = None
+    git_user_email: EmailStr | None = None
+
+    @classmethod
+    def from_user(cls, user: User) -> 'UserAppSettingsResponse':
+        """Create response from User entity."""
+        return cls(
+            language=user.language,
+            user_consents_to_analytics=user.user_consents_to_analytics,
+            enable_sound_notifications=user.enable_sound_notifications,
+            git_user_name=user.git_user_name,
+            git_user_email=user.git_user_email,
+        )
+
+
+class UserAppSettingsUpdate(BaseModel):
+    """Request model for updating user app settings (partial update)."""
+
+    language: str | None = None
+    user_consents_to_analytics: bool | None = None
+    enable_sound_notifications: bool | None = None
+    git_user_name: str | None = None
+    git_user_email: EmailStr | None = None
--- a/enterprise/server/services/email_service.py
+++ b/enterprise/server/services/email_service.py
@@ -0,0 +1,131 @@
+"""Email service for sending transactional emails via Resend."""
+
+import os
+
+try:
+    import resend
+
+    RESEND_AVAILABLE = True
+except ImportError:
+    RESEND_AVAILABLE = False
+
+from openhands.core.logger import openhands_logger as logger
+
+DEFAULT_FROM_EMAIL = 'OpenHands <no-reply@openhands.dev>'
+DEFAULT_WEB_HOST = 'https://app.all-hands.dev'
+
+
+class EmailService:
+    """Service for sending transactional emails."""
+
+    @staticmethod
+    def _get_resend_client() -> bool:
+        """Initialize and return the Resend client.
+
+        Returns:
+            bool: True if client is ready, False otherwise
+        """
+        if not RESEND_AVAILABLE:
+            logger.warning('Resend library not installed, skipping email')
+            return False
+
+        resend_api_key = os.environ.get('RESEND_API_KEY')
+        if not resend_api_key:
+            logger.warning('RESEND_API_KEY not configured, skipping email')
+            return False
+
+        resend.api_key = resend_api_key
+        return True
+
+    @staticmethod
+    def send_invitation_email(
+        to_email: str,
+        org_name: str,
+        inviter_name: str,
+        role_name: str,
+        invitation_token: str,
+        invitation_id: int,
+    ) -> None:
+        """Send an organization invitation email.
+
+        Args:
+            to_email: Recipient's email address
+            org_name: Name of the organization
+            inviter_name: Display name of the person who sent the invite
+            role_name: Role being offered (e.g., 'member', 'admin')
+            invitation_token: The secure invitation token
+            invitation_id: The invitation ID for logging
+        """
+        if not EmailService._get_resend_client():
+            return
+
+        # Build invitation URL
+        web_host = os.environ.get('WEB_HOST', DEFAULT_WEB_HOST)
+        invitation_url = f'{web_host}/api/organizations/members/invite/accept?token={invitation_token}'
+
+        from_email = os.environ.get('RESEND_FROM_EMAIL', DEFAULT_FROM_EMAIL)
+
+        params = {
+            'from': from_email,
+            'to': [to_email],
+            'subject': f"You're invited to join {org_name} on OpenHands",
+            'html': f"""
+            <div style="font-family: Arial, sans-serif; max-width: 600px; margin: 0 auto;">
+                <p>Hi,</p>
+
+                <p><strong>{inviter_name}</strong> has invited you to join <strong>{org_name}</strong> on OpenHands as a <strong>{role_name}</strong>.</p>
+
+                <p>Click the button below to accept the invitation:</p>
+
+                <p style="margin: 30px 0;">
+                    <a href="{invitation_url}"
+                       style="background-color: #c9b974; color: #0D0F11; padding: 8px 16px;
+                              text-decoration: none; border-radius: 8px; display: inline-block;
+                              font-size: 14px; font-weight: 600;">
+                        Accept Invitation
+                    </a>
+                </p>
+
+                <p style="color: #666; font-size: 14px;">
+                    Or copy and paste this link into your browser:<br>
+                    <a href="{invitation_url}" style="color: #c9b974; font-weight: 600;">{invitation_url}</a>
+                </p>
+
+                <p style="color: #666; font-size: 14px;">
+                    This invitation will expire in 7 days.
+                </p>
+
+                <p style="color: #666; font-size: 14px;">
+                    If you weren't expecting this invitation, you can safely ignore this email.
+                </p>
+
+                <hr style="border: none; border-top: 1px solid #eee; margin: 30px 0;">
+
+                <p style="color: #999; font-size: 12px;">
+                    Best,<br>
+                    The OpenHands Team
+                </p>
+            </div>
+            """,
+        }
+
+        try:
+            response = resend.Emails.send(params)
+            logger.info(
+                'Invitation email sent',
+                extra={
+                    'invitation_id': invitation_id,
+                    'email': to_email,
+                    'response_id': response.get('id') if response else None,
+                },
+            )
+        except Exception as e:
+            logger.error(
+                'Failed to send invitation email',
+                extra={
+                    'invitation_id': invitation_id,
+                    'email': to_email,
+                    'error': str(e),
+                },
+            )
+            raise
--- a/enterprise/server/services/org_app_settings_service.py
+++ b/enterprise/server/services/org_app_settings_service.py
@@ -0,0 +1,130 @@
+"""Service class for managing organization app settings.
+
+Separates business logic from route handlers.
+Uses dependency injection for db_session and user_context.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import AsyncGenerator
+
+from fastapi import Request
+from server.routes.org_models import (
+    OrgAppSettingsResponse,
+    OrgAppSettingsUpdate,
+    OrgNotFoundError,
+)
+from storage.org_app_settings_store import OrgAppSettingsStore
+
+from openhands.app_server.services.injector import Injector, InjectorState
+from openhands.app_server.user.user_context import UserContext
+from openhands.core.logger import openhands_logger as logger
+
+
+@dataclass
+class OrgAppSettingsService:
+    """Service for organization app settings with injected dependencies."""
+
+    store: OrgAppSettingsStore
+    user_context: UserContext
+
+    async def get_org_app_settings(self) -> OrgAppSettingsResponse:
+        """Get organization app settings.
+
+        User ID is obtained from the injected user_context.
+
+        Returns:
+            OrgAppSettingsResponse: The organization's app settings
+
+        Raises:
+            OrgNotFoundError: If current organization is not found
+        """
+        user_id = await self.user_context.get_user_id()
+
+        logger.info(
+            'Getting organization app settings',
+            extra={'user_id': user_id},
+        )
+
+        org = await self.store.get_current_org_by_user_id(user_id)
+
+        if not org:
+            raise OrgNotFoundError('current')
+
+        return OrgAppSettingsResponse.from_org(org)
+
+    async def update_org_app_settings(
+        self,
+        update_data: OrgAppSettingsUpdate,
+    ) -> OrgAppSettingsResponse:
+        """Update organization app settings.
+
+        Only updates fields that are explicitly provided in update_data.
+        User ID is obtained from the injected user_context.
+        Session auto-commits at request end via DbSessionInjector.
+
+        Args:
+            update_data: The update data from the request
+
+        Returns:
+            OrgAppSettingsResponse: The updated organization's app settings
+
+        Raises:
+            OrgNotFoundError: If current organization is not found
+        """
+        user_id = await self.user_context.get_user_id()
+
+        logger.info(
+            'Updating organization app settings',
+            extra={'user_id': user_id},
+        )
+
+        # Get current org first
+        org = await self.store.get_current_org_by_user_id(user_id)
+
+        if not org:
+            raise OrgNotFoundError('current')
+
+        # Check if any fields are provided
+        update_dict = update_data.model_dump(exclude_unset=True)
+
+        if not update_dict:
+            # No fields to update, just return current settings
+            logger.info(
+                'No fields to update in app settings',
+                extra={'user_id': user_id, 'org_id': str(org.id)},
+            )
+            return OrgAppSettingsResponse.from_org(org)
+
+        updated_org = await self.store.update_org_app_settings(
+            org_id=org.id,
+            update_data=update_data,
+        )
+
+        if not updated_org:
+            raise OrgNotFoundError('current')
+
+        logger.info(
+            'Organization app settings updated successfully',
+            extra={'user_id': user_id, 'updated_fields': list(update_dict.keys())},
+        )
+
+        return OrgAppSettingsResponse.from_org(updated_org)
+
+
+class OrgAppSettingsServiceInjector(Injector[OrgAppSettingsService]):
+    """Injector that composes store and user_context for OrgAppSettingsService."""
+
+    async def inject(
+        self, state: InjectorState, request: Request | None = None
+    ) -> AsyncGenerator[OrgAppSettingsService, None]:
+        # Local imports to avoid circular dependencies
+        from openhands.app_server.config import get_db_session, get_user_context
+
+        async with (
+            get_user_context(state, request) as user_context,
+            get_db_session(state, request) as db_session,
+        ):
+            store = OrgAppSettingsStore(db_session=db_session)
+            yield OrgAppSettingsService(store=store, user_context=user_context)
--- a/enterprise/server/services/org_invitation_service.py
+++ b/enterprise/server/services/org_invitation_service.py
@@ -0,0 +1,397 @@
+"""Service for managing organization invitations."""
+
+import asyncio
+from uuid import UUID
+
+from server.auth.token_manager import TokenManager
+from server.constants import ROLE_ADMIN, ROLE_OWNER
+from server.routes.org_invitation_models import (
+    EmailMismatchError,
+    InsufficientPermissionError,
+    InvitationExpiredError,
+    InvitationInvalidError,
+    UserAlreadyMemberError,
+)
+from server.services.email_service import EmailService
+from storage.org_invitation import OrgInvitation
+from storage.org_invitation_store import OrgInvitationStore
+from storage.org_member_store import OrgMemberStore
+from storage.org_service import OrgService
+from storage.org_store import OrgStore
+from storage.role_store import RoleStore
+from storage.user_store import UserStore
+
+from openhands.core.logger import openhands_logger as logger
+
+
+class OrgInvitationService:
+    """Service for organization invitation operations."""
+
+    @staticmethod
+    async def create_invitation(
+        org_id: UUID,
+        email: str,
+        role_name: str,
+        inviter_id: UUID,
+    ) -> OrgInvitation:
+        """Create a new organization invitation.
+
+        This method:
+        1. Validates the organization exists
+        2. Validates this is not a personal workspace
+        3. Checks inviter has owner/admin role
+        4. Validates role assignment permissions
+        5. Checks if user is already a member
+        6. Creates the invitation
+        7. Sends the invitation email
+
+        Args:
+            org_id: Organization UUID
+            email: Invitee's email address
+            role_name: Role to assign on acceptance (owner, admin, member)
+            inviter_id: User ID of the person creating the invitation
+
+        Returns:
+            OrgInvitation: The created invitation
+
+        Raises:
+            ValueError: If organization or role not found
+            InsufficientPermissionError: If inviter lacks permission
+            UserAlreadyMemberError: If email is already a member
+            InvitationAlreadyExistsError: If pending invitation exists
+        """
+        email = email.lower().strip()
+
+        logger.info(
+            'Creating organization invitation',
+            extra={
+                'org_id': str(org_id),
+                'email': email,
+                'role_name': role_name,
+                'inviter_id': str(inviter_id),
+            },
+        )
+
+        # Step 1: Validate organization exists
+        org = OrgStore.get_org_by_id(org_id)
+        if not org:
+            raise ValueError(f'Organization {org_id} not found')
+
+        # Step 2: Check this is not a personal workspace
+        # A personal workspace has org_id matching the user's id
+        if str(org_id) == str(inviter_id):
+            raise InsufficientPermissionError(
+                'Cannot invite users to a personal workspace'
+            )
+
+        # Step 3: Check inviter is a member and has permission
+        inviter_member = OrgMemberStore.get_org_member(org_id, inviter_id)
+        if not inviter_member:
+            raise InsufficientPermissionError(
+                'You are not a member of this organization'
+            )
+
+        inviter_role = RoleStore.get_role_by_id(inviter_member.role_id)
+        if not inviter_role or inviter_role.name not in [ROLE_OWNER, ROLE_ADMIN]:
+            raise InsufficientPermissionError('Only owners and admins can invite users')
+
+        # Step 4: Validate role assignment permissions
+        role_name_lower = role_name.lower()
+        if role_name_lower == ROLE_OWNER and inviter_role.name != ROLE_OWNER:
+            raise InsufficientPermissionError('Only owners can invite with owner role')
+
+        # Get the target role
+        target_role = RoleStore.get_role_by_name(role_name_lower)
+        if not target_role:
+            raise ValueError(f'Invalid role: {role_name}')
+
+        # Step 5: Check if user is already a member (by email)
+        existing_user = await UserStore.get_user_by_email_async(email)
+        if existing_user:
+            existing_member = OrgMemberStore.get_org_member(org_id, existing_user.id)
+            if existing_member:
+                raise UserAlreadyMemberError(
+                    'User is already a member of this organization'
+                )
+
+        # Step 6: Create the invitation
+        invitation = await OrgInvitationStore.create_invitation(
+            org_id=org_id,
+            email=email,
+            role_id=target_role.id,
+            inviter_id=inviter_id,
+        )
+
+        # Step 7: Send invitation email
+        try:
+            # Get inviter info for the email
+            inviter_user = UserStore.get_user_by_id(str(inviter_member.user_id))
+            inviter_name = 'A team member'
+            if inviter_user and inviter_user.email:
+                inviter_name = inviter_user.email.split('@')[0]
+
+            EmailService.send_invitation_email(
+                to_email=email,
+                org_name=org.name,
+                inviter_name=inviter_name,
+                role_name=target_role.name,
+                invitation_token=invitation.token,
+                invitation_id=invitation.id,
+            )
+        except Exception as e:
+            logger.error(
+                'Failed to send invitation email',
+                extra={
+                    'invitation_id': invitation.id,
+                    'email': email,
+                    'error': str(e),
+                },
+            )
+            # Don't fail the invitation creation if email fails
+            # The user can still access via direct link
+
+        return invitation
+
+    @staticmethod
+    async def create_invitations_batch(
+        org_id: UUID,
+        emails: list[str],
+        role_name: str,
+        inviter_id: UUID,
+    ) -> tuple[list[OrgInvitation], list[tuple[str, str]]]:
+        """Create multiple organization invitations concurrently.
+
+        Validates permissions once upfront, then creates invitations in parallel.
+
+        Args:
+            org_id: Organization UUID
+            emails: List of invitee email addresses
+            role_name: Role to assign on acceptance (owner, admin, member)
+            inviter_id: User ID of the person creating the invitations
+
+        Returns:
+            Tuple of (successful_invitations, failed_emails_with_errors)
+
+        Raises:
+            ValueError: If organization or role not found
+            InsufficientPermissionError: If inviter lacks permission
+        """
+        logger.info(
+            'Creating batch organization invitations',
+            extra={
+                'org_id': str(org_id),
+                'email_count': len(emails),
+                'role_name': role_name,
+                'inviter_id': str(inviter_id),
+            },
+        )
+
+        # Step 1: Validate permissions upfront (shared for all emails)
+        org = OrgStore.get_org_by_id(org_id)
+        if not org:
+            raise ValueError(f'Organization {org_id} not found')
+
+        if str(org_id) == str(inviter_id):
+            raise InsufficientPermissionError(
+                'Cannot invite users to a personal workspace'
+            )
+
+        inviter_member = OrgMemberStore.get_org_member(org_id, inviter_id)
+        if not inviter_member:
+            raise InsufficientPermissionError(
+                'You are not a member of this organization'
+            )
+
+        inviter_role = RoleStore.get_role_by_id(inviter_member.role_id)
+        if not inviter_role or inviter_role.name not in [ROLE_OWNER, ROLE_ADMIN]:
+            raise InsufficientPermissionError('Only owners and admins can invite users')
+
+        role_name_lower = role_name.lower()
+        if role_name_lower == ROLE_OWNER and inviter_role.name != ROLE_OWNER:
+            raise InsufficientPermissionError('Only owners can invite with owner role')
+
+        target_role = RoleStore.get_role_by_name(role_name_lower)
+        if not target_role:
+            raise ValueError(f'Invalid role: {role_name}')
+
+        # Step 2: Create invitations concurrently
+        async def create_single(
+            email: str,
+        ) -> tuple[str, OrgInvitation | None, str | None]:
+            """Create single invitation, return (email, invitation, error)."""
+            try:
+                invitation = await OrgInvitationService.create_invitation(
+                    org_id=org_id,
+                    email=email,
+                    role_name=role_name,
+                    inviter_id=inviter_id,
+                )
+                return (email, invitation, None)
+            except (UserAlreadyMemberError, ValueError) as e:
+                return (email, None, str(e))
+
+        results = await asyncio.gather(*[create_single(email) for email in emails])
+
+        # Step 3: Separate successes and failures
+        successful: list[OrgInvitation] = []
+        failed: list[tuple[str, str]] = []
+        for email, invitation, error in results:
+            if invitation:
+                successful.append(invitation)
+            elif error:
+                failed.append((email, error))
+
+        logger.info(
+            'Batch invitation creation completed',
+            extra={
+                'org_id': str(org_id),
+                'successful': len(successful),
+                'failed': len(failed),
+            },
+        )
+
+        return successful, failed
+
+    @staticmethod
+    async def accept_invitation(token: str, user_id: UUID) -> OrgInvitation:
+        """Accept an organization invitation.
+
+        This method:
+        1. Validates the token and invitation status
+        2. Checks expiration
+        3. Verifies user is not already a member
+        4. Creates LiteLLM integration
+        5. Adds user to the organization
+        6. Marks invitation as accepted
+
+        Args:
+            token: The invitation token
+            user_id: The user accepting the invitation
+
+        Returns:
+            OrgInvitation: The accepted invitation
+
+        Raises:
+            InvitationInvalidError: If token is invalid or invitation not pending
+            InvitationExpiredError: If invitation has expired
+            UserAlreadyMemberError: If user is already a member
+        """
+        logger.info(
+            'Accepting organization invitation',
+            extra={
+                'token_prefix': token[:10] + '...' if len(token) > 10 else token,
+                'user_id': str(user_id),
+            },
+        )
+
+        # Step 1: Get and validate invitation
+        invitation = await OrgInvitationStore.get_invitation_by_token(token)
+
+        if not invitation:
+            raise InvitationInvalidError('Invalid invitation token')
+
+        if invitation.status != OrgInvitation.STATUS_PENDING:
+            if invitation.status == OrgInvitation.STATUS_ACCEPTED:
+                raise InvitationInvalidError('Invitation has already been accepted')
+            elif invitation.status == OrgInvitation.STATUS_REVOKED:
+                raise InvitationInvalidError('Invitation has been revoked')
+            else:
+                raise InvitationInvalidError('Invitation is no longer valid')
+
+        # Step 2: Check expiration
+        if OrgInvitationStore.is_token_expired(invitation):
+            await OrgInvitationStore.update_invitation_status(
+                invitation.id, OrgInvitation.STATUS_EXPIRED
+            )
+            raise InvitationExpiredError('Invitation has expired')
+
+        # Step 2.5: Verify user email matches invitation email
+        user = await UserStore.get_user_by_id_async(str(user_id))
+        if not user:
+            raise InvitationInvalidError('User not found')
+
+        user_email = user.email
+        # Fallback: fetch email from Keycloak if not in database (for existing users)
+        if not user_email:
+            token_manager = TokenManager()
+            user_info = await token_manager.get_user_info_from_user_id(str(user_id))
+            user_email = user_info.get('email') if user_info else None
+
+        if not user_email:
+            raise EmailMismatchError('Your account does not have an email address')
+
+        user_email = user_email.lower().strip()
+        invitation_email = invitation.email.lower().strip()
+
+        if user_email != invitation_email:
+            logger.warning(
+                'Email mismatch during invitation acceptance',
+                extra={
+                    'user_id': str(user_id),
+                    'user_email': user_email,
+                    'invitation_email': invitation_email,
+                    'invitation_id': invitation.id,
+                },
+            )
+            raise EmailMismatchError()
+
+        # Step 3: Check if user is already a member
+        existing_member = OrgMemberStore.get_org_member(invitation.org_id, user_id)
+        if existing_member:
+            raise UserAlreadyMemberError(
+                'You are already a member of this organization'
+            )
+
+        # Step 4: Create LiteLLM integration for the user in the new org
+        try:
+            settings = await OrgService.create_litellm_integration(
+                invitation.org_id, str(user_id)
+            )
+        except Exception as e:
+            logger.error(
+                'Failed to create LiteLLM integration for invitation acceptance',
+                extra={
+                    'invitation_id': invitation.id,
+                    'user_id': str(user_id),
+                    'org_id': str(invitation.org_id),
+                    'error': str(e),
+                },
+            )
+            raise InvitationInvalidError(
+                'Failed to set up organization access. Please try again.'
+            )
+
+        # Step 5: Add user to organization
+        from storage.org_member_store import OrgMemberStore as OMS
+
+        org_member_kwargs = OMS.get_kwargs_from_settings(settings)
+        # Don't override with org defaults - use invitation-specified role
+        org_member_kwargs.pop('llm_model', None)
+        org_member_kwargs.pop('llm_base_url', None)
+
+        OrgMemberStore.add_user_to_org(
+            org_id=invitation.org_id,
+            user_id=user_id,
+            role_id=invitation.role_id,
+            llm_api_key=settings.llm_api_key,
+            status='active',
+        )
+
+        # Step 6: Mark invitation as accepted
+        updated_invitation = await OrgInvitationStore.update_invitation_status(
+            invitation.id,
+            OrgInvitation.STATUS_ACCEPTED,
+            accepted_by_user_id=user_id,
+        )
+
+        logger.info(
+            'Organization invitation accepted',
+            extra={
+                'invitation_id': invitation.id,
+                'user_id': str(user_id),
+                'org_id': str(invitation.org_id),
+                'role_id': invitation.role_id,
+            },
+        )
+
+        return updated_invitation
--- a/enterprise/server/services/org_llm_settings_service.py
+++ b/enterprise/server/services/org_llm_settings_service.py
@@ -0,0 +1,130 @@
+"""Service class for managing organization LLM settings.
+
+Separates business logic from route handlers.
+Uses dependency injection for db_session and user_context.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import AsyncGenerator
+
+from fastapi import Request
+from server.routes.org_models import (
+    OrgLLMSettingsResponse,
+    OrgLLMSettingsUpdate,
+    OrgNotFoundError,
+)
+from storage.org_llm_settings_store import OrgLLMSettingsStore
+
+from openhands.app_server.services.injector import Injector, InjectorState
+from openhands.app_server.user.user_context import UserContext
+from openhands.core.logger import openhands_logger as logger
+
+
+@dataclass
+class OrgLLMSettingsService:
+    """Service for org LLM settings with injected dependencies."""
+
+    store: OrgLLMSettingsStore
+    user_context: UserContext
+
+    async def get_org_llm_settings(self) -> OrgLLMSettingsResponse:
+        """Get LLM settings for user's current organization.
+
+        User ID is obtained from the injected user_context.
+
+        Returns:
+            OrgLLMSettingsResponse: The organization's LLM settings
+
+        Raises:
+            ValueError: If user is not authenticated
+            OrgNotFoundError: If current organization not found
+        """
+        user_id = await self.user_context.get_user_id()
+        if not user_id:
+            raise ValueError('User is not authenticated')
+
+        logger.info(
+            'Getting organization LLM settings',
+            extra={'user_id': user_id},
+        )
+
+        org = await self.store.get_current_org_by_user_id(user_id)
+
+        if not org:
+            raise OrgNotFoundError('No current organization')
+
+        return OrgLLMSettingsResponse.from_org(org)
+
+    async def update_org_llm_settings(
+        self,
+        update_data: OrgLLMSettingsUpdate,
+    ) -> OrgLLMSettingsResponse:
+        """Update LLM settings for user's current organization.
+
+        Only updates fields that are explicitly provided in update_data.
+        User ID is obtained from the injected user_context.
+        Session auto-commits at request end via DbSessionInjector.
+
+        Args:
+            update_data: The update data from the request
+
+        Returns:
+            OrgLLMSettingsResponse: The updated organization's LLM settings
+
+        Raises:
+            ValueError: If user is not authenticated
+            OrgNotFoundError: If current organization not found
+        """
+        user_id = await self.user_context.get_user_id()
+        if not user_id:
+            raise ValueError('User is not authenticated')
+
+        logger.info(
+            'Updating organization LLM settings',
+            extra={'user_id': user_id},
+        )
+
+        # Check if any fields are provided
+        if not update_data.has_updates():
+            # No fields to update, just return current settings
+            return await self.get_org_llm_settings()
+
+        # Get user's current org first
+        org = await self.store.get_current_org_by_user_id(user_id)
+        if not org:
+            raise OrgNotFoundError('No current organization')
+
+        # Update the org LLM settings
+        updated_org = await self.store.update_org_llm_settings(
+            org_id=org.id,
+            update_data=update_data,
+        )
+
+        if not updated_org:
+            raise OrgNotFoundError(str(org.id))
+
+        logger.info(
+            'Organization LLM settings updated successfully',
+            extra={'user_id': user_id, 'org_id': str(org.id)},
+        )
+
+        return OrgLLMSettingsResponse.from_org(updated_org)
+
+
+class OrgLLMSettingsServiceInjector(Injector[OrgLLMSettingsService]):
+    """Injector that composes store and user_context for OrgLLMSettingsService."""
+
+    async def inject(
+        self, state: InjectorState, request: Request | None = None
+    ) -> AsyncGenerator[OrgLLMSettingsService, None]:
+        # Local imports to avoid circular dependencies
+        from openhands.app_server.config import get_db_session, get_user_context
+
+        async with (
+            get_user_context(state, request) as user_context,
+            get_db_session(state, request) as db_session,
+        ):
+            store = OrgLLMSettingsStore(db_session=db_session)
+            yield OrgLLMSettingsService(store=store, user_context=user_context)
--- a/enterprise/server/services/org_member_service.py
+++ b/enterprise/server/services/org_member_service.py
@@ -2,7 +2,7 @@

 from uuid import UUID

-from server.constants import ROLE_ADMIN, ROLE_MEMBER, ROLE_OWNER
+from server.constants import ROLE_ADMIN, ROLE_OWNER
 from server.routes.org_models import (
    CannotModifySelfError,
    InsufficientPermissionError,
@@ -16,10 +16,12 @@ from server.routes.org_models import (
    OrgMemberUpdate,
    RoleNotFoundError,
 )
+from storage.lite_llm_manager import LiteLlmManager
 from storage.org_member_store import OrgMemberStore
 from storage.role_store import RoleStore
 from storage.user_store import UserStore

+from openhands.core.logger import openhands_logger as logger
 from openhands.utils.async_utils import call_sync_from_async


@@ -65,10 +67,18 @@ class OrgMemberService:
        org_id: UUID,
        current_user_id: UUID,
        page_id: str | None = None,
-        limit: int = 100,
+        limit: int = 10,
+        email_filter: str | None = None,
    ) -> tuple[bool, str | None, OrgMemberPage | None]:
        """Get organization members with authorization check.

+        Args:
+            org_id: Organization UUID.
+            current_user_id: Requesting user's UUID.
+            page_id: Offset encoded as string (e.g., "0", "10", "20").
+            limit: Items per page (default 10).
+            email_filter: Optional case-insensitive partial email match.
+
        Returns:
            Tuple of (success, error_code, data). If success is True, error_code is None.
        """
@@ -88,8 +98,11 @@ class OrgMemberService:
                return False, 'invalid_page_id', None

        # Call store to get paginated members
-        members, has_more = await OrgMemberStore.get_org_members_paginated(
-            org_id=org_id, offset=offset, limit=limit
+        members, _ = await OrgMemberStore.get_org_members_paginated(
+            org_id=org_id,
+            offset=offset,
+            limit=limit,
+            email_filter=email_filter,
        )

        # Transform data to response format
@@ -104,18 +117,53 @@ class OrgMemberService:
                    user_id=str(member.user_id),
                    email=user.email if user else None,
                    role_id=member.role_id,
-                    role_name=role.name if role else '',
+                    role=role.name if role else '',
                    role_rank=role.rank if role else 0,
                    status=member.status,
                )
            )

-        # Calculate next_page_id
-        next_page_id = None
-        if has_more:
-            next_page_id = str(offset + limit)
+        # Calculate current page (1-indexed)
+        current_page = (offset // limit) + 1

-        return True, None, OrgMemberPage(items=items, next_page_id=next_page_id)
+        return (
+            True,
+            None,
+            OrgMemberPage(
+                items=items,
+                current_page=current_page,
+                per_page=limit,
+            ),
+        )
+
+    @staticmethod
+    async def get_org_members_count(
+        org_id: UUID,
+        current_user_id: UUID,
+        email_filter: str | None = None,
+    ) -> int:
+        """Get count of organization members with authorization check.
+
+        Args:
+            org_id: Organization UUID.
+            current_user_id: Requesting user's UUID.
+            email_filter: Optional case-insensitive partial email match.
+
+        Returns:
+            int: Count of organization members matching the filter.
+
+        Raises:
+            OrgMemberNotFoundError: If requesting user is not a member of the organization.
+        """
+        # Verify current user is a member of the organization
+        requester_membership = OrgMemberStore.get_org_member(org_id, current_user_id)
+        if not requester_membership:
+            raise OrgMemberNotFoundError(str(org_id), str(current_user_id))
+
+        return await OrgMemberStore.get_org_members_count(
+            org_id=org_id,
+            email_filter=email_filter,
+        )

    @staticmethod
    async def remove_org_member(
@@ -168,9 +216,42 @@ class OrgMemberService:
            if not success:
                return False, 'removal_failed'

+            # Update user's current_org_id if it points to the org they were removed from
+            user = UserStore.get_user_by_id(str(target_user_id))
+            if user and user.current_org_id == org_id:
+                # Set current_org_id to personal workspace (org.id == user.id)
+                UserStore.update_current_org(str(target_user_id), target_user_id)
+
            return True, None

-        return await call_sync_from_async(_remove_member)
+        success, error = await call_sync_from_async(_remove_member)
+
+        # If database removal succeeded, also remove from LiteLLM team
+        if success:
+            try:
+                await LiteLlmManager.remove_user_from_team(
+                    str(target_user_id), str(org_id)
+                )
+                logger.info(
+                    'Successfully removed user from LiteLLM team',
+                    extra={
+                        'user_id': str(target_user_id),
+                        'org_id': str(org_id),
+                    },
+                )
+            except Exception as e:
+                # Log but don't fail the operation - database removal already succeeded
+                # LiteLLM state will be eventually consistent
+                logger.warning(
+                    'Failed to remove user from LiteLLM team',
+                    extra={
+                        'user_id': str(target_user_id),
+                        'org_id': str(org_id),
+                        'error': str(e),
+                    },
+                )
+
+        return success, error

    @staticmethod
    async def update_org_member(
@@ -182,10 +263,9 @@ class OrgMemberService:
        """Update a member's role in an organization.

        Permission rules:
-        - Admins can change roles of users (rank > ADMIN_RANK) to Admin or User
-        - Admins cannot modify other Admins or Owners
-        - Owners can change roles of non-owners (rank > OWNER_RANK) to any role
-        - Owners cannot modify other Owners
+        - Owners can modify anyone (including other owners), can set any role
+        - Admins can modify other admins and users
+        - Admins can only set admin or user roles (not owner)

        Args:
            org_id: Organization ID
@@ -240,7 +320,7 @@ class OrgMemberService:
                    user_id=str(target_membership.user_id),
                    email=user.email if user else None,
                    role_id=target_membership.role_id,
-                    role_name=target_role.name,
+                    role=target_role.name,
                    role_rank=target_role.rank,
                    status=target_membership.status,
                )
@@ -280,7 +360,7 @@ class OrgMemberService:
                user_id=str(updated_member.user_id),
                email=user.email if user else None,
                role_id=updated_member.role_id,
-                role_name=new_role.name,
+                role=new_role.name,
                role_rank=new_role.rank,
                status=updated_member.status,
            )
@@ -294,26 +374,21 @@ class OrgMemberService:
        """Check if requester can change target's role to new_role.

        Permission rules:
-        - Owners can modify admins and users, can set any role
-        - Owners cannot modify other owners
-        - Admins can only modify users
+        - Owners can modify anyone (including other owners), can set any role
+        - Admins can modify other admins and users
        - Admins can only set admin or user roles (not owner)
        """
        is_requester_owner = requester_role_name == ROLE_OWNER
        is_requester_admin = requester_role_name == ROLE_ADMIN
        is_target_owner = target_role_name == ROLE_OWNER
-        is_target_admin = target_role_name == ROLE_ADMIN
        is_new_role_owner = new_role_name == ROLE_OWNER

        if is_requester_owner:
-            # Owners cannot modify other owners
-            if is_target_owner:
-                return False
-            # Owners can set any role (owner, admin, user)
+            # Owners can modify anyone (including other owners)
            return True
        elif is_requester_admin:
-            # Admins cannot modify owners or other admins
-            if is_target_owner or is_target_admin:
+            # Admins cannot modify owners
+            if is_target_owner:
                return False
            # Admins can only set admin or user roles (not owner)
            return not is_new_role_owner
@@ -325,8 +400,8 @@ class OrgMemberService:
        if requester_role_name == ROLE_OWNER:
            return True
        elif requester_role_name == ROLE_ADMIN:
-            # Admins can only remove members (not owners or other admins)
-            return target_role_name == ROLE_MEMBER
+            # Admins can remove admins and members (not owners)
+            return target_role_name != ROLE_OWNER
        return False

    @staticmethod
--- a/enterprise/server/services/user_app_settings_service.py
+++ b/enterprise/server/services/user_app_settings_service.py
@@ -0,0 +1,126 @@
+"""Service class for managing user app settings.
+
+Separates business logic from route handlers.
+Uses dependency injection for db_session and user_context.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import AsyncGenerator
+
+from fastapi import Request
+from server.routes.user_app_settings_models import (
+    UserAppSettingsResponse,
+    UserAppSettingsUpdate,
+    UserNotFoundError,
+)
+from storage.user_app_settings_store import UserAppSettingsStore
+
+from openhands.app_server.services.injector import Injector, InjectorState
+from openhands.app_server.user.user_context import UserContext
+from openhands.core.logger import openhands_logger as logger
+
+
+@dataclass
+class UserAppSettingsService:
+    """Service for user app settings with injected dependencies."""
+
+    store: UserAppSettingsStore
+    user_context: UserContext
+
+    async def get_user_app_settings(self) -> UserAppSettingsResponse:
+        """Get user app settings.
+
+        User ID is obtained from the injected user_context.
+
+        Returns:
+            UserAppSettingsResponse: The user's app settings
+
+        Raises:
+            ValueError: If user is not authenticated
+            UserNotFoundError: If user is not found
+        """
+        user_id = await self.user_context.get_user_id()
+        if not user_id:
+            raise ValueError('User is not authenticated')
+
+        logger.info(
+            'Getting user app settings',
+            extra={'user_id': user_id},
+        )
+
+        user = await self.store.get_user_by_id(user_id)
+
+        if not user:
+            raise UserNotFoundError(user_id)
+
+        return UserAppSettingsResponse.from_user(user)
+
+    async def update_user_app_settings(
+        self,
+        update_data: UserAppSettingsUpdate,
+    ) -> UserAppSettingsResponse:
+        """Update user app settings.
+
+        Only updates fields that are explicitly provided in update_data.
+        User ID is obtained from the injected user_context.
+        Session auto-commits at request end via DbSessionInjector.
+
+        Args:
+            update_data: The update data from the request
+
+        Returns:
+            UserAppSettingsResponse: The updated user's app settings
+
+        Raises:
+            ValueError: If user is not authenticated
+            UserNotFoundError: If user is not found
+        """
+        user_id = await self.user_context.get_user_id()
+        if not user_id:
+            raise ValueError('User is not authenticated')
+
+        logger.info(
+            'Updating user app settings',
+            extra={'user_id': user_id},
+        )
+
+        # Check if any fields are provided
+        update_dict = update_data.model_dump(exclude_unset=True)
+
+        if not update_dict:
+            # No fields to update, just return current settings
+            return await self.get_user_app_settings()
+
+        user = await self.store.update_user_app_settings(
+            user_id=user_id,
+            update_data=update_data,
+        )
+
+        if not user:
+            raise UserNotFoundError(user_id)
+
+        logger.info(
+            'User app settings updated successfully',
+            extra={'user_id': user_id, 'updated_fields': list(update_dict.keys())},
+        )
+
+        return UserAppSettingsResponse.from_user(user)
+
+
+class UserAppSettingsServiceInjector(Injector[UserAppSettingsService]):
+    """Injector that composes store and user_context for UserAppSettingsService."""
+
+    async def inject(
+        self, state: InjectorState, request: Request | None = None
+    ) -> AsyncGenerator[UserAppSettingsService, None]:
+        # Local imports to avoid circular dependencies
+        from openhands.app_server.config import get_db_session, get_user_context
+
+        async with (
+            get_user_context(state, request) as user_context,
+            get_db_session(state, request) as db_session,
+        ):
+            store = UserAppSettingsStore(db_session=db_session)
+            yield UserAppSettingsService(store=store, user_context=user_context)
--- a/enterprise/server/utils/conversation_callback_utils.py
+++ b/enterprise/server/utils/conversation_callback_utils.py
@@ -4,13 +4,14 @@ import pickle
 from datetime import datetime

 from server.logger import logger
+from sqlalchemy import and_, select
 from storage.conversation_callback import (
    CallbackStatus,
    ConversationCallback,
    ConversationCallbackProcessor,
 )
 from storage.conversation_work import ConversationWork
-from storage.database import session_maker
+from storage.database import a_session_maker, session_maker
 from storage.stored_conversation_metadata import StoredConversationMetadata

 from openhands.core.config import load_openhands_config
@@ -79,15 +80,16 @@ async def invoke_conversation_callbacks(
        conversation_id: The conversation ID to process callbacks for
        observation: The AgentStateChangedObservation that triggered the callback
    """
-    with session_maker() as session:
-        callbacks = (
-            session.query(ConversationCallback)
-            .filter(
-                ConversationCallback.conversation_id == conversation_id,
-                ConversationCallback.status == CallbackStatus.ACTIVE,
+    async with a_session_maker() as session:
+        result = await session.execute(
+            select(ConversationCallback).filter(
+                and_(
+                    ConversationCallback.conversation_id == conversation_id,
+                    ConversationCallback.status == CallbackStatus.ACTIVE,
+                )
            )
-            .all()
        )
+        callbacks = result.scalars().all()

        for callback in callbacks:
            try:
@@ -115,7 +117,7 @@ async def invoke_conversation_callbacks(
                callback.status = CallbackStatus.ERROR
                callback.updated_at = datetime.now()

-        session.commit()
+        await session.commit()


 def update_conversation_metadata(conversation_id: str, content: dict):
--- a/enterprise/server/utils/saas_app_conversation_info_injector.py
+++ b/enterprise/server/utils/saas_app_conversation_info_injector.py
@@ -22,11 +22,70 @@ from openhands.app_server.app_conversation.app_conversation_models import (
 from openhands.app_server.app_conversation.sql_app_conversation_info_service import (
    SQLAppConversationInfoService,
 )
+from openhands.app_server.errors import AuthError
 from openhands.app_server.services.injector import InjectorState
+from openhands.app_server.user.specifiy_user_context import ADMIN


 class SaasSQLAppConversationInfoService(SQLAppConversationInfoService):
-    """Extended SQLAppConversationInfoService with user-based filtering and SAAS metadata handling."""
+    """Extended SQLAppConversationInfoService with user and organization-based filtering and SAAS metadata handling."""
+
+    async def _get_current_user(self) -> User | None:
+        """Get the current user using the existing db_session.
+
+        Uses self.db_session to avoid opening a separate database session.
+
+        Returns:
+            User object or None if no user_id is available
+        """
+        user_id_str = await self.user_context.get_user_id()
+        if not user_id_str:
+            return None
+
+        user_id_uuid = UUID(user_id_str)
+        result = await self.db_session.execute(
+            select(User).where(User.id == user_id_uuid)
+        )
+        return result.scalars().first()
+
+    async def _apply_user_and_org_filter(self, query):
+        """Apply user_id and org_id filters to ensure conversation isolation.
+
+        Filters conversations by:
+        - user_id: Only show conversations belonging to the current user
+        - org_id: Only show conversations belonging to the user's current organization
+
+        Args:
+            query: SQLAlchemy query to apply filters to
+
+        Returns:
+            Query with user and organization filters applied
+
+        Raises:
+            AuthError: If no user_id is available (secure default: deny access)
+        """
+        # For internal operations such as getting a conversation by session_api_key
+        # we need a mode that does not have filtering. The dependency `as_admin()`
+        # is used to enable it
+        if self.user_context == ADMIN:
+            return query
+
+        user_id_str = await self.user_context.get_user_id()
+        if not user_id_str:
+            # Secure default: no user means no access, not "show everything"
+            raise AuthError('User authentication required')
+
+        user_id_uuid = UUID(user_id_str)
+        query = query.where(StoredConversationMetadataSaas.user_id == user_id_uuid)
+
+        # Filter by organization ID to ensure conversations are isolated per organization
+        user = await self._get_current_user()
+        if user and user.current_org_id is not None:
+            query = query.where(
+                StoredConversationMetadataSaas.org_id == user.current_org_id
+            )
+
+        return query

    async def _secure_select(self):
        query = (
@@ -38,13 +97,7 @@ class SaasSQLAppConversationInfoService(SQLAppConversationInfoService):
            )
            .where(StoredConversationMetadata.conversation_version == 'V1')
        )
-
-        user_id_str = await self.user_context.get_user_id()
-        if user_id_str:
-            user_id_uuid = UUID(user_id_str)
-            query = query.where(StoredConversationMetadataSaas.user_id == user_id_uuid)
-
-        return query
+        return await self._apply_user_and_org_filter(query)

    async def _secure_select_with_saas_metadata(self):
        """Select query that includes SAAS metadata for retrieving user_id."""
@@ -57,13 +110,7 @@ class SaasSQLAppConversationInfoService(SQLAppConversationInfoService):
            )
            .where(StoredConversationMetadata.conversation_version == 'V1')
        )
-
-        user_id_str = await self.user_context.get_user_id()
-        if user_id_str:
-            user_id_uuid = UUID(user_id_str)
-            query = query.where(StoredConversationMetadataSaas.user_id == user_id_uuid)
-
-        return query
+        return await self._apply_user_and_org_filter(query)

    async def search_app_conversation_info(
        self,
@@ -155,21 +202,16 @@ class SaasSQLAppConversationInfoService(SQLAppConversationInfoService):
        """Count conversations matching the given filters with SAAS metadata."""
        query = (
            select(func.count(StoredConversationMetadata.conversation_id))
-            .select_from(
-                StoredConversationMetadata.join(
-                    StoredConversationMetadataSaas,
-                    StoredConversationMetadata.conversation_id
-                    == StoredConversationMetadataSaas.conversation_id,
-                )
+            .join(
+                StoredConversationMetadataSaas,
+                StoredConversationMetadata.conversation_id
+                == StoredConversationMetadataSaas.conversation_id,
            )
            .where(StoredConversationMetadata.conversation_version == 'V1')
        )

-        # Apply user filtering
-        user_id_str = await self.user_context.get_user_id()
-        if user_id_str:
-            user_id_uuid = UUID(user_id_str)
-            query = query.where(StoredConversationMetadataSaas.user_id == user_id_uuid)
+        # Apply user and organization filtering
+        query = await self._apply_user_and_org_filter(query)

        query = self._apply_filters_with_saas_metadata(
            query=query,
--- a/enterprise/server/verified_models/verified_model_models.py
+++ b/enterprise/server/verified_models/verified_model_models.py
@@ -0,0 +1,33 @@
+from datetime import datetime
+from typing import Annotated
+
+from pydantic import BaseModel, StringConstraints
+
+
+class VerifiedModelCreate(BaseModel):
+    model_name: Annotated[
+        str,
+        StringConstraints(max_length=255),
+    ]
+    provider: Annotated[
+        str,
+        StringConstraints(max_length=100),
+    ]
+    is_enabled: bool = True
+
+
+class VerifiedModel(VerifiedModelCreate):
+    id: int
+    created_at: datetime
+    updated_at: datetime
+
+
+class VerifiedModelUpdate(BaseModel):
+    is_enabled: bool | None = None
+
+
+class VerifiedModelPage(BaseModel):
+    """Paginated response model for verified model list."""
+
+    items: list[VerifiedModel]
+    next_page_id: str | None = None
--- a/enterprise/server/verified_models/verified_model_router.py
+++ b/enterprise/server/verified_models/verified_model_router.py
@@ -0,0 +1,143 @@
+"""API routes for managing verified LLM models (admin only)."""
+
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, Query, Request, status
+from server.email_validation import get_admin_user_id
+from server.verified_models.verified_model_models import (
+    VerifiedModel,
+    VerifiedModelCreate,
+    VerifiedModelPage,
+    VerifiedModelUpdate,
+)
+from server.verified_models.verified_model_service import (
+    VerifiedModelService,
+    verified_model_store_dependency,
+)
+
+from openhands.app_server.config import get_db_session
+from openhands.server.routes import public
+from openhands.utils.llm import get_supported_llm_models
+
+api_router = APIRouter(prefix='/api/admin/verified-models', tags=['Verified Models'])
+
+
+@api_router.get('')
+async def search_verified_models(
+    provider: str | None = None,
+    page_id: Annotated[
+        str | None,
+        Query(title='Optional next_page_id from the previously returned page'),
+    ] = None,
+    limit: Annotated[
+        int, Query(title='The max number of results in the page', gt=0, le=100)
+    ] = 100,
+    user_id: str = Depends(get_admin_user_id),
+    verified_model_service: VerifiedModelService = Depends(
+        verified_model_store_dependency
+    ),
+) -> VerifiedModelPage:
+    """List all verified models, optionally filtered by provider."""
+    # Use SQL-level filtering and pagination
+    result = await verified_model_service.search_verified_models(
+        provider=provider,
+        enabled_only=False,  # Admin sees all models including disabled
+        page_id=page_id,
+        limit=limit,
+    )
+    return result
+
+
+@api_router.post('', status_code=201)
+async def create_verified_model(
+    data: VerifiedModelCreate,
+    user_id: str = Depends(get_admin_user_id),
+    verified_model_service: VerifiedModelService = Depends(
+        verified_model_store_dependency
+    ),
+) -> VerifiedModel:
+    """Create a new verified model."""
+    try:
+        model = await verified_model_service.create_verified_model(
+            model_name=data.model_name,
+            provider=data.provider,
+            is_enabled=data.is_enabled,
+        )
+        return model
+    except ValueError as ex:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=str(ex),
+        )
+
+
+@api_router.put('/{provider}/{model_name:path}')
+async def update_verified_model(
+    provider: str,
+    model_name: str,
+    data: VerifiedModelUpdate,
+    user_id: str = Depends(get_admin_user_id),
+    verified_model_service: VerifiedModelService = Depends(
+        verified_model_store_dependency
+    ),
+) -> VerifiedModel:
+    """Update a verified model by provider and model name."""
+    model = await verified_model_service.update_verified_model(
+        model_name=model_name,
+        provider=provider,
+        is_enabled=data.is_enabled,
+    )
+    if not model:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f'Model {provider}/{model_name} not found',
+        )
+    return model
+
+
+@api_router.delete('/{provider}/{model_name:path}')
+async def delete_verified_model(
+    provider: str,
+    model_name: str,
+    user_id: str = Depends(get_admin_user_id),
+    verified_model_service: VerifiedModelService = Depends(
+        verified_model_store_dependency
+    ),
+) -> bool:
+    """Delete a verified model by provider and model name."""
+    try:
+        await verified_model_service.delete_verified_model(
+            model_name=model_name, provider=provider
+        )
+        return True
+    except ValueError as ex:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(ex),
+        )
+
+
+async def get_saas_llm_models_dependency(request: Request) -> list[str]:
+    """SaaS implementation for the LLM models endpoint."""
+    async with get_db_session(request.state, request) as db_session:
+        # Prevent circular import
+        from openhands.server.shared import config
+
+        verified_model_service = VerifiedModelService(db_session)
+        page = await verified_model_service.search_verified_models(enabled_only=True)
+        if page.next_page_id:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail='Too many models defined in database',
+            )
+        verified_models = [f'{m.provider}/{m.model_name}' for m in page.items]
+        return get_supported_llm_models(config, verified_models)
+
+
+# Override the default implementation with SaaS implementation
+# This must be called after the app is created in saas_server.py
+def override_llm_models_dependency(app):
+    """Override the default LLM models implementation with SaaS version."""
+    app.dependency_overrides[public.get_llm_models_dependency] = (
+        get_saas_llm_models_dependency
+    )
--- a/enterprise/server/verified_models/verified_model_service.py
+++ b/enterprise/server/verified_models/verified_model_service.py
@@ -0,0 +1,242 @@
+"""Store for managing verified LLM models in the database."""
+
+from dataclasses import dataclass
+
+from server.verified_models.verified_model_models import (
+    VerifiedModel,
+    VerifiedModelPage,
+)
+from sqlalchemy import (
+    Boolean,
+    Column,
+    DateTime,
+    Identity,
+    Integer,
+    String,
+    UniqueConstraint,
+    and_,
+    func,
+    select,
+    text,
+)
+from sqlalchemy.ext.asyncio import AsyncSession
+from storage.base import Base
+
+from openhands.app_server.config import depends_db_session
+from openhands.core.logger import openhands_logger as logger
+
+
+class StoredVerifiedModel(Base):  # type: ignore
+    """A verified LLM model available in the model selector.
+
+    The composite unique constraint on (model_name, provider) allows the same
+    model name to exist under different providers (e.g. 'claude-sonnet' under
+    both 'openhands' and 'anthropic').
+    """
+
+    __tablename__ = 'verified_models'
+    __table_args__ = (
+        UniqueConstraint('model_name', 'provider', name='uq_verified_model_provider'),
+    )
+
+    id = Column(Integer, Identity(), primary_key=True)
+    model_name = Column(String(255), nullable=False)
+    provider = Column(String(100), nullable=False, index=True)
+    is_enabled = Column(
+        Boolean, nullable=False, default=True, server_default=text('true')
+    )
+    created_at = Column(DateTime, nullable=False, server_default=func.now())
+    updated_at = Column(
+        DateTime, nullable=False, server_default=func.now(), onupdate=func.now()
+    )
+
+
+def verified_model(result: StoredVerifiedModel) -> VerifiedModel:
+    return VerifiedModel(
+        id=result.id,
+        model_name=result.model_name,
+        provider=result.provider,
+        is_enabled=result.is_enabled,
+        created_at=result.created_at,
+        updated_at=result.updated_at,
+    )
+
+
+@dataclass
+class VerifiedModelService:
+    """Store for CRUD operations on verified models.
+
+    Follows the async pattern with db_session as an attribute.
+    """
+
+    db_session: AsyncSession
+
+    async def search_verified_models(
+        self,
+        provider: str | None = None,
+        enabled_only: bool = True,
+        page_id: str | None = None,
+        limit: int = 100,
+    ) -> VerifiedModelPage:
+        """Search for verified models with optional filtering and pagination.
+
+        Args:
+            provider: Optional provider name to filter by (e.g., 'openhands', 'anthropic')
+            enabled_only: If True, only return enabled models (default: True)
+            page_id: Page id for pagination
+            limit: Maximum number of records to return
+
+        Returns:
+            SearchModelsResult containing items list and has_more flag
+        """
+        query = select(StoredVerifiedModel)
+
+        # Build filters
+        filters = []
+        if provider:
+            filters.append(StoredVerifiedModel.provider == provider)
+        if enabled_only:
+            filters.append(StoredVerifiedModel.is_enabled.is_(True))
+
+        if filters:
+            query = query.where(and_(*filters))
+
+        # Order by provider, then model_name
+        query = query.order_by(
+            StoredVerifiedModel.provider, StoredVerifiedModel.model_name
+        )
+
+        # Fetch limit + 1 to check if there are more results
+        offset = int(page_id or '0')
+        query = query.offset(offset).limit(limit + 1)
+
+        result = await self.db_session.execute(query)
+        results = list(result.scalars().all())
+        has_more = len(results) > limit
+        next_page_id = None
+
+        # Return only the requested number of results
+        if has_more:
+            next_page_id = str(offset + limit)
+            results.pop()
+
+        items = [verified_model(result) for result in results]
+        return VerifiedModelPage(items=items, next_page_id=next_page_id)
+
+    async def get_model(self, model_name: str, provider: str) -> VerifiedModel | None:
+        """Get a model by its composite key (model_name, provider).
+
+        Args:
+            model_name: The model identifier
+            provider: The provider name
+        """
+        query = select(StoredVerifiedModel).where(
+            and_(
+                StoredVerifiedModel.model_name == model_name,
+                StoredVerifiedModel.provider == provider,
+            )
+        )
+        result = await self.db_session.execute(query)
+        return result.scalars().first()
+
+    async def create_verified_model(
+        self,
+        model_name: str,
+        provider: str,
+        is_enabled: bool = True,
+    ) -> VerifiedModel:
+        """Create a new verified model.
+
+        Args:
+            model_name: The model identifier
+            provider: The provider name
+            is_enabled: Whether the model is enabled (default True)
+
+        Raises:
+            ValueError: If a model with the same (model_name, provider) already exists
+        """
+        existing_query = select(StoredVerifiedModel).where(
+            and_(
+                StoredVerifiedModel.model_name == model_name,
+                StoredVerifiedModel.provider == provider,
+            )
+        )
+        result = await self.db_session.execute(existing_query)
+        existing = result.scalars().first()
+        if existing:
+            raise ValueError(f'Model {provider}/{model_name} already exists')
+
+        model = StoredVerifiedModel(
+            model_name=model_name,
+            provider=provider,
+            is_enabled=is_enabled,
+        )
+        self.db_session.add(model)
+        await self.db_session.commit()
+        await self.db_session.refresh(model)
+        logger.info(f'Created verified model: {provider}/{model_name}')
+        return verified_model(model)
+
+    async def update_verified_model(
+        self,
+        model_name: str,
+        provider: str,
+        is_enabled: bool | None = None,
+    ) -> VerifiedModel | None:
+        """Update an existing verified model.
+
+        Args:
+            model_name: The model name to update
+            provider: The provider name
+            is_enabled: New enabled state (optional)
+
+        Returns:
+            The updated model if found, None otherwise
+        """
+        query = select(StoredVerifiedModel).where(
+            and_(
+                StoredVerifiedModel.model_name == model_name,
+                StoredVerifiedModel.provider == provider,
+            )
+        )
+        result = await self.db_session.execute(query)
+        model = result.scalars().first()
+        if not model:
+            return None
+
+        if is_enabled is not None:
+            model.is_enabled = is_enabled
+
+        await self.db_session.commit()
+        await self.db_session.refresh(model)
+        logger.info(f'Updated verified model: {provider}/{model_name}')
+        return verified_model(model)
+
+    async def delete_verified_model(self, model_name: str, provider: str):
+        """Delete a verified model.
+
+        Args:
+            model_name: The model name to delete
+            provider: The provider name
+
+        Returns:
+            True if deleted, False if not found
+        """
+        query = select(StoredVerifiedModel).where(
+            and_(
+                StoredVerifiedModel.model_name == model_name,
+                StoredVerifiedModel.provider == provider,
+            )
+        )
+        result = await self.db_session.execute(query)
+        model = result.scalars().first()
+        if not model:
+            raise ValueError('Unknown model')
+
+        await self.db_session.delete(model)
+        await self.db_session.commit()
+        logger.info(f'Deleted verified model: {provider}/{model_name}')
+
+
+def verified_model_store_dependency(db_session: AsyncSession = depends_db_session()):
+    return VerifiedModelService(db_session)
--- a/enterprise/storage/init.py
+++ b/enterprise/storage/init.py
@@ -20,8 +20,10 @@ from storage.linear_workspace import LinearWorkspace
 from storage.maintenance_task import MaintenanceTask, MaintenanceTaskStatus
 from storage.openhands_pr import OpenhandsPR
 from storage.org import Org
+from storage.org_invitation import OrgInvitation
 from storage.org_member import OrgMember
 from storage.proactive_convos import ProactiveConversation
+from storage.resend_synced_user import ResendSyncedUser
 from storage.role import Role
 from storage.slack_conversation import SlackConversation
 from storage.slack_team import SlackTeam
@@ -65,8 +67,10 @@ __all__ = [
    'MaintenanceTaskStatus',
    'OpenhandsPR',
    'Org',
+    'OrgInvitation',
    'OrgMember',
    'ProactiveConversation',
+    'ResendSyncedUser',
    'Role',
    'SlackConversation',
    'SlackTeam',
--- a/enterprise/storage/api_key_store.py
+++ b/enterprise/storage/api_key_store.py
@@ -5,20 +5,16 @@ import string
 from dataclasses import dataclass
 from datetime import UTC, datetime

-from sqlalchemy import update
-from sqlalchemy.orm import sessionmaker
+from sqlalchemy import select, update
 from storage.api_key import ApiKey
-from storage.database import session_maker
+from storage.database import a_session_maker
 from storage.user_store import UserStore

 from openhands.core.logger import openhands_logger as logger
-from openhands.utils.async_utils import call_sync_from_async


@dataclass
 class ApiKeyStore:
-    session_maker: sessionmaker
-
    API_KEY_PREFIX = 'sk-oh-'

    def generate_api_key(self, length: int = 32) -> str:
@@ -43,22 +39,8 @@ class ApiKeyStore:
        api_key = self.generate_api_key()
        user = await UserStore.get_user_by_id_async(user_id)
        org_id = user.current_org_id
-        await call_sync_from_async(
-            self._store_api_key, user_id, org_id, api_key, name, expires_at
-        )

-        return api_key
-
-    def _store_api_key(
-        self,
-        user_id: str,
-        org_id: str,
-        api_key: str,
-        name: str | None,
-        expires_at: datetime | None = None,
-    ) -> None:
-        """Store an existing API key in the database."""
-        with self.session_maker() as session:
+        async with a_session_maker() as session:
            key_record = ApiKey(
                key=api_key,
                user_id=user_id,
@@ -67,14 +49,17 @@ class ApiKeyStore:
                expires_at=expires_at,
            )
            session.add(key_record)
-            session.commit()
+            await session.commit()

-    def validate_api_key(self, api_key: str) -> str | None:
+        return api_key
+
+    async def validate_api_key(self, api_key: str) -> str | None:
        """Validate an API key and return the associated user_id if valid."""
        now = datetime.now(UTC)

-        with self.session_maker() as session:
-            key_record = session.query(ApiKey).filter(ApiKey.key == api_key).first()
+        async with a_session_maker() as session:
+            result = await session.execute(select(ApiKey).filter(ApiKey.key == api_key))
+            key_record = result.scalars().first()

            if not key_record:
                return None
@@ -91,113 +76,96 @@ class ApiKeyStore:
                    return None

            # Update last_used_at timestamp
-            session.execute(
+            await session.execute(
                update(ApiKey)
                .where(ApiKey.id == key_record.id)
                .values(last_used_at=now)
            )
-            session.commit()
+            await session.commit()

            return key_record.user_id

-    def delete_api_key(self, api_key: str) -> bool:
+    async def delete_api_key(self, api_key: str) -> bool:
        """Delete an API key by the key value."""
-        with self.session_maker() as session:
-            key_record = session.query(ApiKey).filter(ApiKey.key == api_key).first()
+        async with a_session_maker() as session:
+            result = await session.execute(select(ApiKey).filter(ApiKey.key == api_key))
+            key_record = result.scalars().first()

            if not key_record:
                return False

-            session.delete(key_record)
-            session.commit()
+            await session.delete(key_record)
+            await session.commit()

            return True

-    def delete_api_key_by_id(self, key_id: int) -> bool:
+    async def delete_api_key_by_id(self, key_id: int) -> bool:
        """Delete an API key by its ID."""
-        with self.session_maker() as session:
-            key_record = session.query(ApiKey).filter(ApiKey.id == key_id).first()
+        async with a_session_maker() as session:
+            result = await session.execute(select(ApiKey).filter(ApiKey.id == key_id))
+            key_record = result.scalars().first()

            if not key_record:
                return False

-            session.delete(key_record)
-            session.commit()
+            await session.delete(key_record)
+            await session.commit()

            return True

-    async def list_api_keys(self, user_id: str) -> list[dict]:
+    async def list_api_keys(self, user_id: str) -> list[ApiKey]:
        """List all API keys for a user."""
        user = await UserStore.get_user_by_id_async(user_id)
        org_id = user.current_org_id
-        return await call_sync_from_async(self._list_api_keys_from_db, user_id, org_id)

-    def _list_api_keys_from_db(self, user_id: str, org_id: str) -> list[ApiKey]:
-        with self.session_maker() as session:
-            keys = (
-                session.query(ApiKey)
-                .filter(ApiKey.user_id == user_id)
-                .filter(ApiKey.org_id == org_id)
-                .all()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(ApiKey).filter(
+                    ApiKey.user_id == user_id, ApiKey.org_id == org_id
+                )
            )
-
-            return [
-                {
-                    'id': key.id,
-                    'name': key.name,
-                    'created_at': key.created_at,
-                    'last_used_at': key.last_used_at,
-                    'expires_at': key.expires_at,
-                }
-                for key in keys
-                if 'MCP_API_KEY' != key.name
-            ]
+            keys = result.scalars().all()
+            return [key for key in keys if key.name != 'MCP_API_KEY']

    async def retrieve_mcp_api_key(self, user_id: str) -> str | None:
        user = await UserStore.get_user_by_id_async(user_id)
        org_id = user.current_org_id
-        return await call_sync_from_async(
-            self._retrieve_mcp_api_key_from_db, user_id, org_id
-        )

-    def _retrieve_mcp_api_key_from_db(self, user_id: str, org_id: str) -> str | None:
-        with self.session_maker() as session:
-            keys: list[ApiKey] = (
-                session.query(ApiKey)
-                .filter(ApiKey.user_id == user_id)
-                .filter(ApiKey.org_id == org_id)
-                .all()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(ApiKey).filter(
+                    ApiKey.user_id == user_id, ApiKey.org_id == org_id
+                )
            )
+            keys = result.scalars().all()
            for key in keys:
                if key.name == 'MCP_API_KEY':
                    return key.key

        return None

-    def retrieve_api_key_by_name(self, user_id: str, name: str) -> str | None:
+    async def retrieve_api_key_by_name(self, user_id: str, name: str) -> str | None:
        """Retrieve an API key by name for a specific user."""
-        with self.session_maker() as session:
-            key_record = (
-                session.query(ApiKey)
-                .filter(ApiKey.user_id == user_id, ApiKey.name == name)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(ApiKey).filter(ApiKey.user_id == user_id, ApiKey.name == name)
            )
+            key_record = result.scalars().first()
            return key_record.key if key_record else None

-    def delete_api_key_by_name(self, user_id: str, name: str) -> bool:
+    async def delete_api_key_by_name(self, user_id: str, name: str) -> bool:
        """Delete an API key by name for a specific user."""
-        with self.session_maker() as session:
-            key_record = (
-                session.query(ApiKey)
-                .filter(ApiKey.user_id == user_id, ApiKey.name == name)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(ApiKey).filter(ApiKey.user_id == user_id, ApiKey.name == name)
            )
+            key_record = result.scalars().first()

            if not key_record:
                return False

-            session.delete(key_record)
-            session.commit()
+            await session.delete(key_record)
+            await session.commit()

            return True

@@ -205,4 +173,4 @@ class ApiKeyStore:
    def get_instance(cls) -> ApiKeyStore:
        """Get an instance of the ApiKeyStore."""
        logger.debug('api_key_store.get_instance')
-        return ApiKeyStore(session_maker)
+        return ApiKeyStore()
--- a/enterprise/storage/auth_token_store.py
+++ b/enterprise/storage/auth_token_store.py
@@ -4,25 +4,58 @@ import time
 from dataclasses import dataclass
 from typing import Awaitable, Callable, Dict

-from sqlalchemy import select, update
-from sqlalchemy.orm import sessionmaker
+from server.auth.auth_error import TokenRefreshError
+from sqlalchemy import select, text, update
+from sqlalchemy.exc import OperationalError
 from storage.auth_tokens import AuthTokens
 from storage.database import a_session_maker

 from openhands.core.logger import openhands_logger as logger
 from openhands.integrations.service_types import ProviderType

+# Time buffer (in seconds) before actual expiration to consider token expired
+# This ensures tokens are refreshed before they actually expire. The
+# github default is 8 hours, so 15 minutes leeway is ~3% of this.
+ACCESS_TOKEN_EXPIRY_BUFFER = 900  # 15 minutes
+
+# Database lock timeout to prevent indefinite blocking
+LOCK_TIMEOUT_SECONDS = 5
+

@dataclass
 class AuthTokenStore:
    keycloak_user_id: str
    idp: ProviderType
-    a_session_maker: sessionmaker

    @property
    def identity_provider_value(self) -> str:
        return self.idp.value

+    def _is_token_expired(
+        self, access_token_expires_at: int, refresh_token_expires_at: int
+    ) -> tuple[bool, bool]:
+        """Check if access and refresh tokens are expired.
+
+        Args:
+            access_token_expires_at: Expiration time for access token (seconds since epoch)
+            refresh_token_expires_at: Expiration time for refresh token (seconds since epoch)
+
+        Returns:
+            Tuple of (access_expired, refresh_expired)
+        """
+        current_time = int(time.time())
+        access_expired = (
+            False
+            if access_token_expires_at == 0
+            else access_token_expires_at < current_time + ACCESS_TOKEN_EXPIRY_BUFFER
+        )
+        refresh_expired = (
+            False
+            if refresh_token_expires_at == 0
+            else refresh_token_expires_at < current_time
+        )
+        return access_expired, refresh_expired
+
    async def store_tokens(
        self,
        access_token: str,
@@ -38,7 +71,7 @@ class AuthTokenStore:
            access_token_expires_at: Expiration time for access token (seconds since epoch)
            refresh_token_expires_at: Expiration time for refresh token (seconds since epoch)
        """
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            async with session.begin():  # Explicitly start a transaction
                result = await session.execute(
                    select(AuthTokens).where(
@@ -73,87 +106,149 @@ class AuthTokenStore:
        ]
        | None = None,
    ) -> Dict[str, str | int] | None:
-        """
-        Load authentication tokens from the database and refresh them if necessary.
+        """Load authentication tokens from the database and refresh them if necessary.

-        This method retrieves the current authentication tokens for the user and checks if they have expired.
-        It uses the provided `check_expiration_and_refresh` function to determine if the tokens need
-        to be refreshed and to refresh the tokens if needed.
+        This method uses a double-checked locking pattern to minimize lock contention:
+        1. First, check if the token is valid WITHOUT acquiring a lock (fast path)
+        2. If refresh is needed, acquire a lock with a timeout
+        3. Double-check if refresh is still needed (another request may have refreshed)
+        4. Perform the refresh if still needed

-        The method ensures that only one refresh operation is performed per refresh token by using a
-        row-level lock on the token record.
-
-        The method is designed to handle race conditions where multiple requests might attempt to refresh
-        the same token simultaneously, ensuring that only one refresh call occurs per refresh token.
+        The row-level lock ensures that only one refresh operation is performed per
+        refresh token, which is important because most IDPs invalidate the old refresh
+        token after it's used once.

        Args:
-            check_expiration_and_refresh (Callable, optional): A function that checks if the tokens have expired
-                and attempts to refresh them. It should return a dictionary containing the new access_token, refresh_token,
-                and their respective expiration timestamps. If no refresh is needed, it should return `None`.
+            check_expiration_and_refresh: A function that checks if the tokens have
+                expired and attempts to refresh them. It should return a dictionary
+                containing the new access_token, refresh_token, and their respective
+                expiration timestamps. If no refresh is needed, it should return None.

        Returns:
-            Dict[str, str | int] | None:
-                A dictionary containing the access_token, refresh_token, access_token_expires_at,
-                and refresh_token_expires_at. If no token record is found, returns `None`.
+            A dictionary containing the access_token, refresh_token,
+            access_token_expires_at, and refresh_token_expires_at.
+            If no token record is found, returns None.
+
+        Raises:
+            TokenRefreshError: If the lock cannot be acquired within the timeout
+                period. This typically means another request is holding the lock
+                for an extended period. Callers should handle this by returning
+                a 401 response to prompt the user to re-authenticate.
        """
-        async with self.a_session_maker() as session:
-            async with session.begin():  # Ensures transaction management
-                # Lock the row while we check if we need to refresh the tokens.
-                # There is a race condition where 2 or more calls can load tokens simultaneously.
-                # If it turns out the loaded tokens are expired, then there will be multiple
-                # refresh token calls with the same refresh token. Most IDPs only allow one refresh
-                # per refresh token. This lock ensure that only one refresh call occurs per refresh token
-                result = await session.execute(
-                    select(AuthTokens)
-                    .filter(
-                        AuthTokens.keycloak_user_id == self.keycloak_user_id,
-                        AuthTokens.identity_provider == self.identity_provider_value,
-                    )
-                    .with_for_update()
+        # FAST PATH: Check without lock first to avoid unnecessary lock contention
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(AuthTokens).filter(
+                    AuthTokens.keycloak_user_id == self.keycloak_user_id,
+                    AuthTokens.identity_provider == self.identity_provider_value,
                )
-                token_record = result.scalars().one_or_none()
+            )
+            token_record = result.scalars().one_or_none()

-                if not token_record:
-                    return None
+            if not token_record:
+                return None

-                token_refresh = (
-                    await check_expiration_and_refresh(
+            # Check if token needs refresh
+            access_expired, _ = self._is_token_expired(
+                token_record.access_token_expires_at,
+                token_record.refresh_token_expires_at,
+            )
+
+            # If token is still valid, return it without acquiring a lock
+            if not access_expired or check_expiration_and_refresh is None:
+                return {
+                    'access_token': token_record.access_token,
+                    'refresh_token': token_record.refresh_token,
+                    'access_token_expires_at': token_record.access_token_expires_at,
+                    'refresh_token_expires_at': token_record.refresh_token_expires_at,
+                }
+
+        # SLOW PATH: Token needs refresh, acquire lock
+        try:
+            async with a_session_maker() as session:
+                async with session.begin():
+                    # Set a lock timeout to prevent indefinite blocking
+                    # This ensures we don't hold connections forever if something goes wrong
+                    await session.execute(
+                        text(f"SET LOCAL lock_timeout = '{LOCK_TIMEOUT_SECONDS}s'")
+                    )
+
+                    # Acquire row-level lock to prevent concurrent refresh attempts
+                    result = await session.execute(
+                        select(AuthTokens)
+                        .filter(
+                            AuthTokens.keycloak_user_id == self.keycloak_user_id,
+                            AuthTokens.identity_provider
+                            == self.identity_provider_value,
+                        )
+                        .with_for_update()
+                    )
+                    token_record = result.scalars().one_or_none()
+
+                    if not token_record:
+                        return None
+
+                    # Double-check: another request may have refreshed while we waited for the lock
+                    access_expired, _ = self._is_token_expired(
+                        token_record.access_token_expires_at,
+                        token_record.refresh_token_expires_at,
+                    )
+
+                    if not access_expired:
+                        # Token was refreshed by another request while we waited
+                        logger.debug(
+                            'Token was refreshed by another request while waiting for lock'
+                        )
+                        return {
+                            'access_token': token_record.access_token,
+                            'refresh_token': token_record.refresh_token,
+                            'access_token_expires_at': token_record.access_token_expires_at,
+                            'refresh_token_expires_at': token_record.refresh_token_expires_at,
+                        }
+
+                    # We're the one doing the refresh
+                    token_refresh = await check_expiration_and_refresh(
                        self.idp,
                        token_record.refresh_token,
                        token_record.access_token_expires_at,
                        token_record.refresh_token_expires_at,
                    )
-                    if check_expiration_and_refresh
-                    else None
-                )

-                if token_refresh:
-                    await session.execute(
-                        update(AuthTokens)
-                        .where(AuthTokens.id == token_record.id)
-                        .values(
-                            access_token=token_refresh['access_token'],
-                            refresh_token=token_refresh['refresh_token'],
-                            access_token_expires_at=token_refresh[
-                                'access_token_expires_at'
-                            ],
-                            refresh_token_expires_at=token_refresh[
-                                'refresh_token_expires_at'
-                            ],
+                    if token_refresh:
+                        await session.execute(
+                            update(AuthTokens)
+                            .where(AuthTokens.id == token_record.id)
+                            .values(
+                                access_token=token_refresh['access_token'],
+                                refresh_token=token_refresh['refresh_token'],
+                                access_token_expires_at=token_refresh[
+                                    'access_token_expires_at'
+                                ],
+                                refresh_token_expires_at=token_refresh[
+                                    'refresh_token_expires_at'
+                                ],
+                            )
                        )
-                    )
-                    await session.commit()
+                        await session.commit()

-                return (
-                    token_refresh
-                    if token_refresh
-                    else {
-                        'access_token': token_record.access_token,
-                        'refresh_token': token_record.refresh_token,
-                        'access_token_expires_at': token_record.access_token_expires_at,
-                        'refresh_token_expires_at': token_record.refresh_token_expires_at,
-                    }
-                )
+                    return (
+                        token_refresh
+                        if token_refresh
+                        else {
+                            'access_token': token_record.access_token,
+                            'refresh_token': token_record.refresh_token,
+                            'access_token_expires_at': token_record.access_token_expires_at,
+                            'refresh_token_expires_at': token_record.refresh_token_expires_at,
+                        }
+                    )
+        except OperationalError as e:
+            # Lock timeout - another request is holding the lock for too long
+            logger.warning(
+                f'Token refresh lock timeout for user {self.keycloak_user_id}: {e}'
+            )
+            raise TokenRefreshError(
+                'Unable to refresh token due to lock timeout. Please try again.'
+            ) from e

    async def is_access_token_valid(self) -> bool:
        """Check if the access token is still valid.
@@ -194,8 +289,8 @@ class AuthTokenStore:
        """Get an instance of the AuthTokenStore.

        Args:
-            config: The application configuration
            keycloak_user_id: The Keycloak user ID
+            idp: The identity provider type

        Returns:
            An instance of AuthTokenStore
@@ -203,6 +298,4 @@ class AuthTokenStore:
        logger.debug(f'auth_token_store.get_instance::{keycloak_user_id}')
        if keycloak_user_id:
            keycloak_user_id = str(keycloak_user_id)
-        return AuthTokenStore(
-            keycloak_user_id=keycloak_user_id, idp=idp, a_session_maker=a_session_maker
-        )
+        return AuthTokenStore(keycloak_user_id=keycloak_user_id, idp=idp)
--- a/enterprise/storage/blocked_email_domain_store.py
+++ b/enterprise/storage/blocked_email_domain_store.py
@@ -1,14 +1,12 @@
 from dataclasses import dataclass

 from sqlalchemy import text
-from sqlalchemy.orm import sessionmaker
+from storage.database import a_session_maker


@dataclass
 class BlockedEmailDomainStore:
-    session_maker: sessionmaker
-
-    def is_domain_blocked(self, domain: str) -> bool:
+    async def is_domain_blocked(self, domain: str) -> bool:
        """Check if a domain is blocked by querying the database directly.

        This method uses SQL to efficiently check if the domain matches any blocked pattern:
@@ -21,9 +19,9 @@ class BlockedEmailDomainStore:
        Returns:
            True if the domain is blocked, False otherwise
        """
-        with self.session_maker() as session:
+        async with a_session_maker() as session:
            # SQL query that handles both TLD patterns and full domain patterns
-            # TLD patterns (starting with '.'): check if domain ends with the pattern
+            # TLD patterns (starting with '.'): check if domain ends with it (case-insensitive)
            # Full domain patterns: check for exact match or subdomain match
            # All comparisons are case-insensitive using LOWER() to ensure consistent matching
            query = text("""
@@ -41,5 +39,5 @@ class BlockedEmailDomainStore:
                        ))
                )
            """)
-            result = session.execute(query, {'domain': domain}).scalar()
-            return bool(result)
+            result = await session.execute(query, {'domain': domain})
+            return bool(result.scalar())
--- a/enterprise/storage/database.py
+++ b/enterprise/storage/database.py
@@ -18,17 +18,17 @@ def _get_db_session_injector():
    return _config.db_session


-def session_maker():
+def session_maker(**kwargs):
    db_session_injector = _get_db_session_injector()
-    session_maker = db_session_injector.get_session_maker()
-    return session_maker()
+    factory = db_session_injector.get_session_maker()
+    return factory(**kwargs)


@contextlib.asynccontextmanager
-async def a_session_maker():
+async def a_session_maker(**kwargs):
    db_session_injector = _get_db_session_injector()
-    a_session_maker = await db_session_injector.get_async_session_maker()
-    async with a_session_maker() as session:
+    factory = await db_session_injector.get_async_session_maker()
+    async with factory(**kwargs) as session:
        yield session


--- a/enterprise/storage/device_code.py
+++ b/enterprise/storage/device_code.py
@@ -47,7 +47,11 @@ class DeviceCode(Base):
    def is_expired(self) -> bool:
        """Check if the device code has expired."""
        now = datetime.now(timezone.utc)
-        return now > self.expires_at
+        # Handle timezone-naive datetime from database by assuming it's UTC
+        expires_at = self.expires_at
+        if expires_at.tzinfo is None:
+            expires_at = expires_at.replace(tzinfo=timezone.utc)
+        return now > expires_at

    def is_pending(self) -> bool:
        """Check if the device code is still pending authorization."""
@@ -85,8 +89,13 @@ class DeviceCode(Base):
        if self.last_poll_time is None:
            return False, self.current_interval

+        # Handle timezone-naive datetime from database by assuming it's UTC
+        last_poll_time = self.last_poll_time
+        if last_poll_time.tzinfo is None:
+            last_poll_time = last_poll_time.replace(tzinfo=timezone.utc)
+
        # Calculate time since last poll
-        time_since_last_poll = (now - self.last_poll_time).total_seconds()
+        time_since_last_poll = (now - last_poll_time).total_seconds()

        # Check if polling too fast
        if time_since_last_poll < self.current_interval:
--- a/enterprise/storage/device_code_store.py
+++ b/enterprise/storage/device_code_store.py
@@ -1,19 +1,20 @@
 """Device code store for OAuth 2.0 Device Flow."""

+from __future__ import annotations
+
 import secrets
 import string
 from datetime import datetime, timedelta, timezone

+from sqlalchemy import select
 from sqlalchemy.exc import IntegrityError
+from storage.database import a_session_maker
 from storage.device_code import DeviceCode


 class DeviceCodeStore:
    """Store for managing OAuth 2.0 device codes."""

-    def __init__(self, session_maker):
-        self.session_maker = session_maker
-
    def generate_user_code(self) -> str:
        """Generate a human-readable user code (8 characters, uppercase letters and digits)."""
        # Use a mix of uppercase letters and digits, avoiding confusing characters
@@ -25,7 +26,7 @@ class DeviceCodeStore:
        alphabet = string.ascii_letters + string.digits
        return ''.join(secrets.choice(alphabet) for _ in range(128))

-    def create_device_code(
+    async def create_device_code(
        self,
        expires_in: int = 600,  # 10 minutes default
        max_attempts: int = 10,
@@ -58,11 +59,10 @@ class DeviceCodeStore:
            )

            try:
-                with self.session_maker() as session:
+                async with a_session_maker() as session:
                    session.add(device_code_entry)
-                    session.commit()
-                    session.refresh(device_code_entry)
-                    session.expunge(device_code_entry)  # Detach from session cleanly
+                    await session.commit()
+                    await session.refresh(device_code_entry)
                    return device_code_entry
            except IntegrityError:
                # Constraint violation - codes already exist, retry with new codes
@@ -72,25 +72,23 @@ class DeviceCodeStore:
            f'Failed to generate unique device codes after {max_attempts} attempts'
        )

-    def get_by_device_code(self, device_code: str) -> DeviceCode | None:
+    async def get_by_device_code(self, device_code: str) -> DeviceCode | None:
        """Get device code entry by device code."""
-        with self.session_maker() as session:
-            result = (
-                session.query(DeviceCode).filter_by(device_code=device_code).first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(DeviceCode).filter_by(device_code=device_code)
            )
-            if result:
-                session.expunge(result)  # Detach from session cleanly
-            return result
+            return result.scalars().first()

-    def get_by_user_code(self, user_code: str) -> DeviceCode | None:
+    async def get_by_user_code(self, user_code: str) -> DeviceCode | None:
        """Get device code entry by user code."""
-        with self.session_maker() as session:
-            result = session.query(DeviceCode).filter_by(user_code=user_code).first()
-            if result:
-                session.expunge(result)  # Detach from session cleanly
-            return result
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(DeviceCode).filter_by(user_code=user_code)
+            )
+            return result.scalars().first()

-    def authorize_device_code(self, user_code: str, user_id: str) -> bool:
+    async def authorize_device_code(self, user_code: str, user_id: str) -> bool:
        """Authorize a device code.

        Args:
@@ -100,10 +98,11 @@ class DeviceCodeStore:
        Returns:
            True if authorization was successful, False otherwise
        """
-        with self.session_maker() as session:
-            device_code_entry = (
-                session.query(DeviceCode).filter_by(user_code=user_code).first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(DeviceCode).filter_by(user_code=user_code)
            )
+            device_code_entry = result.scalars().first()

            if not device_code_entry:
                return False
@@ -112,11 +111,11 @@ class DeviceCodeStore:
                return False

            device_code_entry.authorize(user_id)
-            session.commit()
+            await session.commit()

            return True

-    def deny_device_code(self, user_code: str) -> bool:
+    async def deny_device_code(self, user_code: str) -> bool:
        """Deny a device code authorization.

        Args:
@@ -125,10 +124,11 @@ class DeviceCodeStore:
        Returns:
            True if denial was successful, False otherwise
        """
-        with self.session_maker() as session:
-            device_code_entry = (
-                session.query(DeviceCode).filter_by(user_code=user_code).first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(DeviceCode).filter_by(user_code=user_code)
            )
+            device_code_entry = result.scalars().first()

            if not device_code_entry:
                return False
@@ -137,11 +137,11 @@ class DeviceCodeStore:
                return False

            device_code_entry.deny()
-            session.commit()
+            await session.commit()

            return True

-    def update_poll_time(
+    async def update_poll_time(
        self, device_code: str, increase_interval: bool = False
    ) -> bool:
        """Update the poll time for a device code and optionally increase interval.
@@ -153,15 +153,16 @@ class DeviceCodeStore:
        Returns:
            True if update was successful, False otherwise
        """
-        with self.session_maker() as session:
-            device_code_entry = (
-                session.query(DeviceCode).filter_by(device_code=device_code).first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(DeviceCode).filter_by(device_code=device_code)
            )
+            device_code_entry = result.scalars().first()

            if not device_code_entry:
                return False

            device_code_entry.update_poll_time(increase_interval)
-            session.commit()
+            await session.commit()

            return True
--- a/enterprise/storage/gitlab_webhook_store.py
+++ b/enterprise/storage/gitlab_webhook_store.py
@@ -5,7 +5,6 @@ from dataclasses import dataclass
 from integrations.types import GitLabResourceType
 from sqlalchemy import and_, asc, select, text, update
 from sqlalchemy.dialects.postgresql import insert
-from sqlalchemy.orm import sessionmaker
 from storage.database import a_session_maker
 from storage.gitlab_webhook import GitlabWebhook

@@ -14,8 +13,6 @@ from openhands.core.logger import openhands_logger as logger

@dataclass
 class GitlabWebhookStore:
-    a_session_maker: sessionmaker = a_session_maker
-
    @staticmethod
    def determine_resource_type(
        webhook: GitlabWebhook,
@@ -44,7 +41,7 @@ class GitlabWebhookStore:
        if not project_details:
            return

-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            async with session.begin():
                # Convert GitlabWebhook objects to dictionaries for the insert
                # Using __dict__ and filtering out SQLAlchemy internal attributes and 'id'
@@ -88,7 +85,7 @@ class GitlabWebhookStore:
        """

        resource_type, resource_id = GitlabWebhookStore.determine_resource_type(webhook)
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            async with session.begin():
                stmt = (
                    update(GitlabWebhook).where(GitlabWebhook.project_id == resource_id)
@@ -122,7 +119,7 @@ class GitlabWebhookStore:
            },
        )

-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            async with session.begin():
                # Create query based on the identifier provided
                if resource_type == GitLabResourceType.PROJECT:
@@ -185,7 +182,7 @@ class GitlabWebhookStore:
            List of GitlabWebhook objects that need processing
        """

-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            query = (
                select(GitlabWebhook)
                .where(GitlabWebhook.webhook_exists.is_(False))
@@ -201,7 +198,7 @@ class GitlabWebhookStore:
        """
        Get's webhook secret given the webhook uuid and admin keycloak user id
        """
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            query = (
                select(GitlabWebhook)
                .where(
@@ -235,7 +232,7 @@ class GitlabWebhookStore:
        Returns:
            GitlabWebhook object if found, None otherwise
        """
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            if resource_type == GitLabResourceType.PROJECT:
                query = select(GitlabWebhook).where(
                    GitlabWebhook.project_id == resource_id
@@ -263,7 +260,7 @@ class GitlabWebhookStore:
        Returns:
            Tuple of (project_webhook_map, group_webhook_map)
        """
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            project_webhook_map = {}
            group_webhook_map = {}

@@ -303,7 +300,7 @@ class GitlabWebhookStore:
        Returns:
            True if webhook was reset, False if not found
        """
-        async with self.a_session_maker() as session:
+        async with a_session_maker() as session:
            async with session.begin():
                if resource_type == GitLabResourceType.PROJECT:
                    update_statement = (
@@ -348,4 +345,4 @@ class GitlabWebhookStore:
        Returns:
            An instance of GitlabWebhookStore
        """
-        return GitlabWebhookStore(a_session_maker)
+        return GitlabWebhookStore()
--- a/enterprise/storage/jira_dc_integration_store.py
+++ b/enterprise/storage/jira_dc_integration_store.py
@@ -3,7 +3,8 @@ from __future__ import annotations
 from dataclasses import dataclass
 from typing import Optional

-from storage.database import session_maker
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.jira_dc_conversation import JiraDcConversation
 from storage.jira_dc_user import JiraDcUser
 from storage.jira_dc_workspace import JiraDcWorkspace
@@ -24,7 +25,7 @@ class JiraDcIntegrationStore:
    ) -> JiraDcWorkspace:
        """Create a new Jira DC workspace with encrypted sensitive data."""

-        with session_maker() as session:
+        async with a_session_maker() as session:
            workspace = JiraDcWorkspace(
                name=name.lower(),
                admin_user_id=admin_user_id,
@@ -34,8 +35,8 @@ class JiraDcIntegrationStore:
                status=status,
            )
            session.add(workspace)
-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)
        logger.info(f'[Jira DC] Created workspace {workspace.name}')
        return workspace

@@ -48,11 +49,12 @@ class JiraDcIntegrationStore:
        status: Optional[str] = None,
    ) -> JiraDcWorkspace:
        """Update an existing Jira DC workspace with encrypted sensitive data."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            # Find existing workspace by ID
-            workspace = (
-                session.query(JiraDcWorkspace).filter(JiraDcWorkspace.id == id).first()
+            result = await session.execute(
+                select(JiraDcWorkspace).where(JiraDcWorkspace.id == id)
            )
+            workspace = result.scalar_one_or_none()

            if not workspace:
                raise ValueError(f'Workspace with ID "{id}" not found')
@@ -69,8 +71,8 @@ class JiraDcIntegrationStore:
            if status is not None:
                workspace.status = status

-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)

        logger.info(f'[Jira DC] Updated workspace {workspace.name}')
        return workspace
@@ -91,10 +93,10 @@ class JiraDcIntegrationStore:
            status=status,
        )

-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(jira_dc_user)
-            session.commit()
-            session.refresh(jira_dc_user)
+            await session.commit()
+            await session.refresh(jira_dc_user)

        logger.info(
            f'[Jira DC] Created user {jira_dc_user.id} for workspace {jira_dc_workspace_id}'
@@ -103,94 +105,91 @@ class JiraDcIntegrationStore:

    async def get_workspace_by_id(self, workspace_id: int) -> Optional[JiraDcWorkspace]:
        """Retrieve workspace by ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcWorkspace)
-                .filter(JiraDcWorkspace.id == workspace_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcWorkspace).where(JiraDcWorkspace.id == workspace_id)
            )
+            return result.scalar_one_or_none()

    async def get_workspace_by_name(
        self, workspace_name: str
    ) -> Optional[JiraDcWorkspace]:
        """Retrieve workspace by name."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcWorkspace)
-                .filter(JiraDcWorkspace.name == workspace_name.lower())
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcWorkspace).where(
+                    JiraDcWorkspace.name == workspace_name.lower()
+                )
            )
+            return result.scalar_one_or_none()

    async def get_user_by_active_workspace(
        self, keycloak_user_id: str
    ) -> Optional[JiraDcUser]:
        """Retrieve user by Keycloak user ID."""

-        with session_maker() as session:
-            return (
-                session.query(JiraDcUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
                    JiraDcUser.keycloak_user_id == keycloak_user_id,
                    JiraDcUser.status == 'active',
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def get_user_by_keycloak_id_and_workspace(
        self, keycloak_user_id: str, jira_dc_workspace_id: int
    ) -> Optional[JiraDcUser]:
        """Get Jira DC user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
                    JiraDcUser.keycloak_user_id == keycloak_user_id,
                    JiraDcUser.jira_dc_workspace_id == jira_dc_workspace_id,
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def get_active_user(
        self, jira_dc_user_id: str, jira_dc_workspace_id: int
    ) -> Optional[JiraDcUser]:
        """Get Jira DC user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
                    JiraDcUser.jira_dc_user_id == jira_dc_user_id,
                    JiraDcUser.jira_dc_workspace_id == jira_dc_workspace_id,
                    JiraDcUser.status == 'active',
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def get_active_user_by_keycloak_id_and_workspace(
        self, keycloak_user_id: str, jira_dc_workspace_id: int
    ) -> Optional[JiraDcUser]:
        """Get Jira DC user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
                    JiraDcUser.keycloak_user_id == keycloak_user_id,
                    JiraDcUser.jira_dc_workspace_id == jira_dc_workspace_id,
                    JiraDcUser.status == 'active',
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def update_user_integration_status(
        self, keycloak_user_id: str, status: str
    ) -> JiraDcUser:
        """Update the status of a Jira DC user mapping."""

-        with session_maker() as session:
-            user = (
-                session.query(JiraDcUser)
-                .filter(JiraDcUser.keycloak_user_id == keycloak_user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
+                    JiraDcUser.keycloak_user_id == keycloak_user_id
+                )
            )
+            user = result.scalar_one_or_none()

            if not user:
                raise ValueError(
@@ -198,37 +197,35 @@ class JiraDcIntegrationStore:
                )

            user.status = status
-            session.commit()
-            session.refresh(user)
+            await session.commit()
+            await session.refresh(user)
            logger.info(f'[Jira DC] Updated user {keycloak_user_id} status to {status}')
            return user

    async def deactivate_workspace(self, workspace_id: int):
        """Deactivate the workspace and all user links for a given workspace."""
-        with session_maker() as session:
-            users = (
-                session.query(JiraDcUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcUser).where(
                    JiraDcUser.jira_dc_workspace_id == workspace_id,
                    JiraDcUser.status == 'active',
                )
-                .all()
            )
+            users = result.scalars().all()

            for user in users:
                user.status = 'inactive'
                session.add(user)

-            workspace = (
-                session.query(JiraDcWorkspace)
-                .filter(JiraDcWorkspace.id == workspace_id)
-                .first()
+            result = await session.execute(
+                select(JiraDcWorkspace).where(JiraDcWorkspace.id == workspace_id)
            )
+            workspace = result.scalar_one_or_none()
            if workspace:
                workspace.status = 'inactive'
                session.add(workspace)

-            session.commit()
+            await session.commit()

        logger.info(
            f'[Jira DC] Deactivated all user links for workspace {workspace_id}'
@@ -238,23 +235,22 @@ class JiraDcIntegrationStore:
        self, jira_dc_conversation: JiraDcConversation
    ) -> None:
        """Create a new Jira DC conversation record."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(jira_dc_conversation)
-            session.commit()
+            await session.commit()

    async def get_user_conversations_by_issue_id(
        self, issue_id: str, jira_dc_user_id: int
    ) -> JiraDcConversation | None:
        """Get a Jira DC conversation by issue ID and jira dc user ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraDcConversation)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraDcConversation).where(
                    JiraDcConversation.issue_id == issue_id,
                    JiraDcConversation.jira_dc_user_id == jira_dc_user_id,
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    @classmethod
    def get_instance(cls) -> JiraDcIntegrationStore:
--- a/enterprise/storage/jira_integration_store.py
+++ b/enterprise/storage/jira_integration_store.py
@@ -3,7 +3,8 @@ from __future__ import annotations
 from dataclasses import dataclass
 from typing import Optional

-from storage.database import session_maker
+from sqlalchemy import and_, select
+from storage.database import a_session_maker
 from storage.jira_conversation import JiraConversation
 from storage.jira_user import JiraUser
 from storage.jira_workspace import JiraWorkspace
@@ -35,10 +36,10 @@ class JiraIntegrationStore:
            status=status,
        )

-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(workspace)
-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)

        logger.info(f'[Jira] Created workspace {workspace.name}')
        return workspace
@@ -53,11 +54,12 @@ class JiraIntegrationStore:
        status: Optional[str] = None,
    ) -> JiraWorkspace:
        """Update an existing Jira workspace with encrypted sensitive data."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            # Find existing workspace by ID
-            workspace = (
-                session.query(JiraWorkspace).filter(JiraWorkspace.id == id).first()
+            result = await session.execute(
+                select(JiraWorkspace).filter(JiraWorkspace.id == id)
            )
+            workspace = result.scalars().first()

            if not workspace:
                raise ValueError(f'Workspace with ID "{id}" not found')
@@ -77,11 +79,11 @@ class JiraIntegrationStore:
            if status is not None:
                workspace.status = status

-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)

-        logger.info(f'[Jira] Updated workspace {workspace.name}')
-        return workspace
+            logger.info(f'[Jira] Updated workspace {workspace.name}')
+            return workspace

    async def create_workspace_link(
        self,
@@ -99,10 +101,10 @@ class JiraIntegrationStore:
            status=status,
        )

-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(jira_user)
-            session.commit()
-            session.refresh(jira_user)
+            await session.commit()
+            await session.refresh(jira_user)

        logger.info(
            f'[Jira] Created user {jira_user.id} for workspace {jira_workspace_id}'
@@ -111,75 +113,77 @@ class JiraIntegrationStore:

    async def get_workspace_by_id(self, workspace_id: int) -> Optional[JiraWorkspace]:
        """Retrieve workspace by ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraWorkspace)
-                .filter(JiraWorkspace.id == workspace_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraWorkspace).filter(JiraWorkspace.id == workspace_id)
            )
+            return result.scalars().first()

    async def get_workspace_by_name(self, workspace_name: str) -> JiraWorkspace | None:
        """Retrieve workspace by name."""
-        with session_maker() as session:
-            return (
-                session.query(JiraWorkspace)
-                .filter(JiraWorkspace.name == workspace_name.lower())
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraWorkspace).filter(
+                    JiraWorkspace.name == workspace_name.lower()
+                )
            )
+            return result.scalars().first()

    async def get_user_by_active_workspace(
        self, keycloak_user_id: str
    ) -> Optional[JiraUser]:
        """Get Jira user by Keycloak user ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraUser)
-                .filter(
-                    JiraUser.keycloak_user_id == keycloak_user_id,
-                    JiraUser.status == 'active',
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraUser).filter(
+                    and_(
+                        JiraUser.keycloak_user_id == keycloak_user_id,
+                        JiraUser.status == 'active',
+                    )
                )
-                .first()
            )
+            return result.scalars().first()

    async def get_user_by_keycloak_id_and_workspace(
        self, keycloak_user_id: str, jira_workspace_id: int
    ) -> Optional[JiraUser]:
        """Get Jira user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraUser)
-                .filter(
-                    JiraUser.keycloak_user_id == keycloak_user_id,
-                    JiraUser.jira_workspace_id == jira_workspace_id,
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraUser).filter(
+                    and_(
+                        JiraUser.keycloak_user_id == keycloak_user_id,
+                        JiraUser.jira_workspace_id == jira_workspace_id,
+                    )
                )
-                .first()
            )
+            return result.scalars().first()

    async def get_active_user(
        self, jira_user_id: str, jira_workspace_id: int
    ) -> Optional[JiraUser]:
        """Get Jira user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraUser)
-                .filter(
-                    JiraUser.jira_user_id == jira_user_id,
-                    JiraUser.jira_workspace_id == jira_workspace_id,
-                    JiraUser.status == 'active',
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraUser).filter(
+                    and_(
+                        JiraUser.jira_user_id == jira_user_id,
+                        JiraUser.jira_workspace_id == jira_workspace_id,
+                        JiraUser.status == 'active',
+                    )
                )
-                .first()
            )
+            return result.scalars().first()

    async def update_user_integration_status(
        self, keycloak_user_id: str, status: str
    ) -> JiraUser:
        """Update Jira user integration status."""
-        with session_maker() as session:
-            jira_user = (
-                session.query(JiraUser)
-                .filter(JiraUser.keycloak_user_id == keycloak_user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraUser).filter(JiraUser.keycloak_user_id == keycloak_user_id)
            )
+            jira_user = result.scalars().first()

            if not jira_user:
                raise ValueError(
@@ -187,60 +191,61 @@ class JiraIntegrationStore:
                )

            jira_user.status = status
-            session.commit()
-            session.refresh(jira_user)
+            await session.commit()
+            await session.refresh(jira_user)

            logger.info(f'[Jira] Updated user {keycloak_user_id} status to {status}')
            return jira_user

    async def deactivate_workspace(self, workspace_id: int):
        """Deactivate the workspace and all user links for a given workspace."""
-        with session_maker() as session:
-            users = (
-                session.query(JiraUser)
-                .filter(
-                    JiraUser.jira_workspace_id == workspace_id,
-                    JiraUser.status == 'active',
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraUser).filter(
+                    and_(
+                        JiraUser.jira_workspace_id == workspace_id,
+                        JiraUser.status == 'active',
+                    )
                )
-                .all()
            )
+            users = result.scalars().all()

            for user in users:
                user.status = 'inactive'
                session.add(user)

-            workspace = (
-                session.query(JiraWorkspace)
-                .filter(JiraWorkspace.id == workspace_id)
-                .first()
+            result = await session.execute(
+                select(JiraWorkspace).filter(JiraWorkspace.id == workspace_id)
            )
+            workspace = result.scalars().first()
            if workspace:
                workspace.status = 'inactive'
                session.add(workspace)

-            session.commit()
+            await session.commit()

        logger.info(f'[Jira] Deactivated all user links for workspace {workspace_id}')

    async def create_conversation(self, jira_conversation: JiraConversation) -> None:
        """Create a new Jira conversation record."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(jira_conversation)
-            session.commit()
+            await session.commit()

    async def get_user_conversations_by_issue_id(
        self, issue_id: str, jira_user_id: int
    ) -> JiraConversation | None:
        """Get a Jira conversation by issue ID and jira user ID."""
-        with session_maker() as session:
-            return (
-                session.query(JiraConversation)
-                .filter(
-                    JiraConversation.issue_id == issue_id,
-                    JiraConversation.jira_user_id == jira_user_id,
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(JiraConversation).filter(
+                    and_(
+                        JiraConversation.issue_id == issue_id,
+                        JiraConversation.jira_user_id == jira_user_id,
+                    )
                )
-                .first()
            )
+            return result.scalars().first()

    @classmethod
    def get_instance(cls) -> JiraIntegrationStore:
--- a/enterprise/storage/linear_integration_store.py
+++ b/enterprise/storage/linear_integration_store.py
@@ -3,7 +3,8 @@ from __future__ import annotations
 from dataclasses import dataclass
 from typing import Optional

-from storage.database import session_maker
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.linear_conversation import LinearConversation
 from storage.linear_user import LinearUser
 from storage.linear_workspace import LinearWorkspace
@@ -35,10 +36,10 @@ class LinearIntegrationStore:
            status=status,
        )

-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(workspace)
-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)

        logger.info(f'[Linear] Created workspace {workspace.name}')
        return workspace
@@ -53,11 +54,12 @@ class LinearIntegrationStore:
        status: Optional[str] = None,
    ) -> LinearWorkspace:
        """Update an existing Linear workspace with encrypted sensitive data."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            # Find existing workspace by ID
-            workspace = (
-                session.query(LinearWorkspace).filter(LinearWorkspace.id == id).first()
+            result = await session.execute(
+                select(LinearWorkspace).where(LinearWorkspace.id == id)
            )
+            workspace = result.scalar_one_or_none()

            if not workspace:
                raise ValueError(f'Workspace with ID "{id}" not found')
@@ -77,8 +79,8 @@ class LinearIntegrationStore:
            if status is not None:
                workspace.status = status

-            session.commit()
-            session.refresh(workspace)
+            await session.commit()
+            await session.refresh(workspace)

        logger.info(f'[Linear] Updated workspace {workspace.name}')
        return workspace
@@ -98,10 +100,10 @@ class LinearIntegrationStore:
            status=status,
        )

-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(linear_user)
-            session.commit()
-            session.refresh(linear_user)
+            await session.commit()
+            await session.refresh(linear_user)

        logger.info(
            f'[Linear] Created user {linear_user.id} for workspace {linear_workspace_id}'
@@ -110,77 +112,75 @@ class LinearIntegrationStore:

    async def get_workspace_by_id(self, workspace_id: int) -> Optional[LinearWorkspace]:
        """Retrieve workspace by ID."""
-        with session_maker() as session:
-            return (
-                session.query(LinearWorkspace)
-                .filter(LinearWorkspace.id == workspace_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearWorkspace).where(LinearWorkspace.id == workspace_id)
            )
+            return result.scalar_one_or_none()

    async def get_workspace_by_name(
        self, workspace_name: str
    ) -> Optional[LinearWorkspace]:
        """Retrieve workspace by name."""
-        with session_maker() as session:
-            return (
-                session.query(LinearWorkspace)
-                .filter(LinearWorkspace.name == workspace_name.lower())
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearWorkspace).where(
+                    LinearWorkspace.name == workspace_name.lower()
+                )
            )
+            return result.scalar_one_or_none()

    async def get_user_by_active_workspace(
        self, keycloak_user_id: str
    ) -> LinearUser | None:
        """Get Linear user by Keycloak user ID."""
-        with session_maker() as session:
-            return (
-                session.query(LinearUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearUser).where(
                    LinearUser.keycloak_user_id == keycloak_user_id,
                    LinearUser.status == 'active',
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def get_user_by_keycloak_id_and_workspace(
        self, keycloak_user_id: str, linear_workspace_id: int
    ) -> Optional[LinearUser]:
        """Get Linear user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(LinearUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearUser).where(
                    LinearUser.keycloak_user_id == keycloak_user_id,
                    LinearUser.linear_workspace_id == linear_workspace_id,
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def get_active_user(
        self, linear_user_id: str, linear_workspace_id: int
    ) -> Optional[LinearUser]:
        """Get Linear user by Keycloak user ID and workspace ID."""
-        with session_maker() as session:
-            return (
-                session.query(LinearUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearUser).where(
                    LinearUser.linear_user_id == linear_user_id,
                    LinearUser.linear_workspace_id == linear_workspace_id,
                    LinearUser.status == 'active',
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    async def update_user_integration_status(
        self, keycloak_user_id: str, status: str
    ) -> LinearUser:
        """Update Linear user integration status."""
-        with session_maker() as session:
-            linear_user = (
-                session.query(LinearUser)
-                .filter(LinearUser.keycloak_user_id == keycloak_user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearUser).where(
+                    LinearUser.keycloak_user_id == keycloak_user_id
+                )
            )
+            linear_user = result.scalar_one_or_none()

            if not linear_user:
                raise ValueError(
@@ -188,38 +188,36 @@ class LinearIntegrationStore:
                )

            linear_user.status = status
-            session.commit()
-            session.refresh(linear_user)
+            await session.commit()
+            await session.refresh(linear_user)

            logger.info(f'[Linear] Updated user {keycloak_user_id} status to {status}')
            return linear_user

    async def deactivate_workspace(self, workspace_id: int):
        """Deactivate the workspace and all user links for a given workspace."""
-        with session_maker() as session:
-            users = (
-                session.query(LinearUser)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearUser).where(
                    LinearUser.linear_workspace_id == workspace_id,
                    LinearUser.status == 'active',
                )
-                .all()
            )
+            users = result.scalars().all()

            for user in users:
                user.status = 'inactive'
                session.add(user)

-            workspace = (
-                session.query(LinearWorkspace)
-                .filter(LinearWorkspace.id == workspace_id)
-                .first()
+            result = await session.execute(
+                select(LinearWorkspace).where(LinearWorkspace.id == workspace_id)
            )
+            workspace = result.scalar_one_or_none()
            if workspace:
                workspace.status = 'inactive'
                session.add(workspace)

-            session.commit()
+            await session.commit()

        logger.info(f'[Jira] Deactivated all user links for workspace {workspace_id}')

@@ -227,23 +225,22 @@ class LinearIntegrationStore:
        self, linear_conversation: LinearConversation
    ) -> None:
        """Create a new Linear conversation record."""
-        with session_maker() as session:
+        async with a_session_maker() as session:
            session.add(linear_conversation)
-            session.commit()
+            await session.commit()

    async def get_user_conversations_by_issue_id(
        self, issue_id: str, linear_user_id: int
    ) -> LinearConversation | None:
        """Get a Linear conversation by issue ID and linear user ID."""
-        with session_maker() as session:
-            return (
-                session.query(LinearConversation)
-                .filter(
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(LinearConversation).where(
                    LinearConversation.issue_id == issue_id,
                    LinearConversation.linear_user_id == linear_user_id,
                )
-                .first()
            )
+            return result.scalar_one_or_none()

    @classmethod
    def get_instance(cls) -> LinearIntegrationStore:
--- a/enterprise/storage/lite_llm_manager.py
+++ b/enterprise/storage/lite_llm_manager.py
@@ -10,7 +10,6 @@ import httpx
 from pydantic import SecretStr
 from server.auth.token_manager import TokenManager
 from server.constants import (
-    DEFAULT_INITIAL_BUDGET,
    LITE_LLM_API_KEY,
    LITE_LLM_API_URL,
    LITE_LLM_TEAM_ID,
@@ -44,6 +43,34 @@ def get_byor_key_alias(keycloak_user_id: str, org_id: str) -> str:
 class LiteLlmManager:
    """Manage LiteLLM interactions."""

+    @staticmethod
+    def get_budget_from_team_info(
+        user_team_info: dict | None, user_id: str, org_id: str
+    ) -> tuple[float, float]:
+        """Extract max_budget and spend from user team info.
+
+        For personal orgs (user_id == org_id), uses litellm_budget_table.max_budget.
+        For team orgs, uses max_budget_in_team (populated by get_user_team_info).
+
+        Args:
+            user_team_info: The response from get_user_team_info
+            user_id: The user's ID
+            org_id: The organization's ID
+
+        Returns:
+            Tuple of (max_budget, spend)
+        """
+        if not user_team_info:
+            return 0, 0
+        spend = user_team_info.get('spend', 0)
+        if user_id == org_id:
+            max_budget = (user_team_info.get('litellm_budget_table') or {}).get(
+                'max_budget', 0
+            )
+        else:
+            max_budget = user_team_info.get('max_budget_in_team') or 0
+        return max_budget, spend
+
    @staticmethod
    async def create_entries(
        org_id: str,
@@ -72,8 +99,33 @@ class LiteLlmManager:
                    'x-goog-api-key': LITE_LLM_API_KEY,
                }
            ) as client:
+                # Check if team already exists and get its budget
+                # New users joining existing orgs should inherit the team's budget
+                team_budget = 0.0
+                try:
+                    existing_team = await LiteLlmManager._get_team(client, org_id)
+                    if existing_team:
+                        team_info = existing_team.get('team_info', {})
+                        team_budget = team_info.get('max_budget', 0.0) or 0.0
+                        logger.info(
+                            'LiteLlmManager:create_entries:existing_team_budget',
+                            extra={
+                                'org_id': org_id,
+                                'user_id': keycloak_user_id,
+                                'team_budget': team_budget,
+                            },
+                        )
+                except httpx.HTTPStatusError as e:
+                    # Team doesn't exist yet (404) - this is expected for first user
+                    if e.response.status_code != 404:
+                        raise
+                    logger.info(
+                        'LiteLlmManager:create_entries:no_existing_team',
+                        extra={'org_id': org_id, 'user_id': keycloak_user_id},
+                    )
+
                await LiteLlmManager._create_team(
-                    client, keycloak_user_id, org_id, DEFAULT_INITIAL_BUDGET
+                    client, keycloak_user_id, org_id, team_budget
                )

                if create_user:
@@ -82,7 +134,7 @@ class LiteLlmManager:
                    )

                await LiteLlmManager._add_user_to_team(
-                    client, keycloak_user_id, org_id, DEFAULT_INITIAL_BUDGET
+                    client, keycloak_user_id, org_id, team_budget
                )

                key = await LiteLlmManager._generate_key(
@@ -894,21 +946,31 @@ class LiteLlmManager:
        if LITE_LLM_API_KEY is None or LITE_LLM_API_URL is None:
            logger.warning('LiteLLM API configuration not found')
            return None
-        team_info = await LiteLlmManager._get_team(client, team_id)
-        if not team_info:
+        team_response = await LiteLlmManager._get_team(client, team_id)
+        if not team_response:
            return None

        # Filter team_memberships based on team_id and keycloak_user_id
        user_membership = next(
            (
                membership
-                for membership in team_info.get('team_memberships', [])
+                for membership in team_response.get('team_memberships', [])
                if membership.get('user_id') == keycloak_user_id
                and membership.get('team_id') == team_id
            ),
            None,
        )

+        if not user_membership:
+            return None
+
+        # For team orgs (user_id != team_id), include team-level budget info
+        # The team's max_budget and spend are shared across all members
+        if keycloak_user_id != team_id:
+            team_info = team_response.get('team_info', {})
+            user_membership['max_budget_in_team'] = team_info.get('max_budget')
+            user_membership['spend'] = team_info.get('spend', 0)
+
        return user_membership

    @staticmethod
--- a/enterprise/storage/offline_token_store.py
+++ b/enterprise/storage/offline_token_store.py
@@ -2,8 +2,8 @@ from __future__ import annotations

 from dataclasses import dataclass

-from sqlalchemy.orm import sessionmaker
-from storage.database import session_maker
+from sqlalchemy import select
+from storage.database import a_session_maker
 from storage.stored_offline_token import StoredOfflineToken

 from openhands.core.config.openhands_config import OpenHandsConfig
@@ -13,17 +13,17 @@ from openhands.core.logger import openhands_logger as logger
@dataclass
 class OfflineTokenStore:
    user_id: str
-    session_maker: sessionmaker
    config: OpenHandsConfig

    async def store_token(self, offline_token: str) -> None:
        """Store an offline token in the database."""
-        with self.session_maker() as session:
-            token_record = (
-                session.query(StoredOfflineToken)
-                .filter(StoredOfflineToken.user_id == self.user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(StoredOfflineToken).where(
+                    StoredOfflineToken.user_id == self.user_id
+                )
            )
+            token_record = result.scalar_one_or_none()

            if token_record:
                token_record.offline_token = offline_token
@@ -32,16 +32,17 @@ class OfflineTokenStore:
                    user_id=self.user_id, offline_token=offline_token
                )
                session.add(token_record)
-            session.commit()
+            await session.commit()

    async def load_token(self) -> str | None:
        """Load an offline token from the database."""
-        with self.session_maker() as session:
-            token_record = (
-                session.query(StoredOfflineToken)
-                .filter(StoredOfflineToken.user_id == self.user_id)
-                .first()
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(StoredOfflineToken).where(
+                    StoredOfflineToken.user_id == self.user_id
+                )
            )
+            token_record = result.scalar_one_or_none()

            if not token_record:
                return None
@@ -56,4 +57,4 @@ class OfflineTokenStore:
        logger.debug(f'offline_token_store.get_instance::{user_id}')
        if user_id:
            user_id = str(user_id)
-        return OfflineTokenStore(user_id, session_maker, config)
+        return OfflineTokenStore(user_id, config)
--- a/enterprise/storage/org.py
+++ b/enterprise/storage/org.py
@@ -51,6 +51,9 @@ class Org(Base):  # type: ignore
    # Relationships
    org_members = relationship('OrgMember', back_populates='org')
    current_users = relationship('User', back_populates='current_org')
+    invitations = relationship(
+        'OrgInvitation', back_populates='org', passive_deletes=True
+    )
    billing_sessions = relationship('BillingSession', back_populates='org')
    stored_conversation_metadata_saas = relationship(
        'StoredConversationMetadataSaas', back_populates='org'
--- a/enterprise/storage/org_app_settings_store.py
+++ b/enterprise/storage/org_app_settings_store.py
@@ -0,0 +1,105 @@
+"""Store class for managing organization app settings."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from uuid import UUID
+
+from server.constants import (
+    LITE_LLM_API_URL,
+    ORG_SETTINGS_VERSION,
+    get_default_litellm_model,
+)
+from server.routes.org_models import OrgAppSettingsUpdate
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+from storage.org import Org
+from storage.user import User
+
+
+@dataclass
+class OrgAppSettingsStore:
+    """Store for organization app settings with injected db_session."""
+
+    db_session: AsyncSession
+
+    async def get_current_org_by_user_id(self, user_id: str) -> Org | None:
+        """Get the current organization for a user.
+
+        Args:
+            user_id: The user's ID (Keycloak user ID)
+
+        Returns:
+            Org: The organization object, or None if not found
+        """
+        # Get user with their current_org_id
+        result = await self.db_session.execute(
+            select(User).filter(User.id == UUID(user_id))
+        )
+        user = result.scalars().first()
+
+        if not user:
+            return None
+
+        org_id = user.current_org_id
+        if not org_id:
+            return None
+
+        # Get the organization
+        result = await self.db_session.execute(select(Org).filter(Org.id == org_id))
+        org = result.scalars().first()
+
+        if not org:
+            return None
+
+        return await self._validate_org_version(org)
+
+    async def _validate_org_version(self, org: Org) -> Org:
+        """Check if we need to update org version.
+
+        Args:
+            org: The organization to validate
+
+        Returns:
+            Org: The validated (and potentially updated) organization
+        """
+        if org.org_version < ORG_SETTINGS_VERSION:
+            org.org_version = ORG_SETTINGS_VERSION
+            org.default_llm_model = get_default_litellm_model()
+            org.llm_base_url = LITE_LLM_API_URL
+            await self.db_session.flush()
+            await self.db_session.refresh(org)
+
+        return org
+
+    async def update_org_app_settings(
+        self, org_id: UUID, update_data: OrgAppSettingsUpdate
+    ) -> Org | None:
+        """Update organization app settings.
+
+        Only updates fields that are explicitly provided in update_data.
+        Uses flush() - commit happens at request end via DbSessionInjector.
+
+        Args:
+            org_id: The organization's ID
+            update_data: Pydantic model with fields to update
+
+        Returns:
+            Org: The updated organization object, or None if not found
+        """
+        result = await self.db_session.execute(
+            select(Org).filter(Org.id == org_id).with_for_update()
+        )
+        org = result.scalars().first()
+
+        if not org:
+            return None
+
+        # Update only explicitly provided fields
+        for field, value in update_data.model_dump(exclude_unset=True).items():
+            setattr(org, field, value)
+
+        # flush instead of commit - DbSessionInjector auto-commits at request end
+        await self.db_session.flush()
+        await self.db_session.refresh(org)
+        return org
--- a/enterprise/storage/org_invitation.py
+++ b/enterprise/storage/org_invitation.py
@@ -0,0 +1,59 @@
+"""
+SQLAlchemy model for Organization Invitation.
+"""
+
+from sqlalchemy import UUID, Column, DateTime, ForeignKey, Integer, String, text
+from sqlalchemy.orm import relationship
+from storage.base import Base
+
+
+class OrgInvitation(Base):  # type: ignore
+    """Organization invitation model.
+
+    Represents an invitation for a user to join an organization.
+    Invitations are created by organization owners/admins and contain
+    a secure token that can be used to accept the invitation.
+    """
+
+    __tablename__ = 'org_invitation'
+
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    token = Column(String(64), nullable=False, unique=True, index=True)
+    org_id = Column(
+        UUID(as_uuid=True),
+        ForeignKey('org.id', ondelete='CASCADE'),
+        nullable=False,
+        index=True,
+    )
+    email = Column(String(255), nullable=False, index=True)
+    role_id = Column(Integer, ForeignKey('role.id'), nullable=False)
+    inviter_id = Column(UUID(as_uuid=True), ForeignKey('user.id'), nullable=False)
+    status = Column(
+        String(20),
+        nullable=False,
+        server_default=text("'pending'"),
+    )
+    created_at = Column(
+        DateTime,
+        nullable=False,
+        server_default=text('CURRENT_TIMESTAMP'),
+    )
+    expires_at = Column(DateTime, nullable=False)
+    accepted_at = Column(DateTime, nullable=True)
+    accepted_by_user_id = Column(
+        UUID(as_uuid=True),
+        ForeignKey('user.id'),
+        nullable=True,
+    )
+
+    # Relationships
+    org = relationship('Org', back_populates='invitations')
+    role = relationship('Role')
+    inviter = relationship('User', foreign_keys=[inviter_id])
+    accepted_by_user = relationship('User', foreign_keys=[accepted_by_user_id])
+
+    # Status constants
+    STATUS_PENDING = 'pending'
+    STATUS_ACCEPTED = 'accepted'
+    STATUS_REVOKED = 'revoked'
+    STATUS_EXPIRED = 'expired'
--- a/enterprise/storage/org_invitation_store.py
+++ b/enterprise/storage/org_invitation_store.py
@@ -0,0 +1,227 @@
+"""
+Store class for managing organization invitations.
+"""
+
+import secrets
+import string
+from datetime import datetime, timedelta
+from typing import Optional
+from uuid import UUID
+
+from sqlalchemy import and_, select
+from sqlalchemy.orm import joinedload
+from storage.database import a_session_maker
+from storage.org_invitation import OrgInvitation
+
+from openhands.core.logger import openhands_logger as logger
+
+# Invitation token configuration
+INVITATION_TOKEN_PREFIX = 'inv-'
+INVITATION_TOKEN_LENGTH = 48  # Total length will be 52 with prefix
+DEFAULT_EXPIRATION_DAYS = 7
+
+
+class OrgInvitationStore:
+    """Store for managing organization invitations."""
+
+    @staticmethod
+    def generate_token(length: int = INVITATION_TOKEN_LENGTH) -> str:
+        """Generate a secure invitation token.
+
+        Uses cryptographically secure random generation for tokens.
+        Pattern from api_key_store.py.
+
+        Args:
+            length: Length of the random part of the token
+
+        Returns:
+            str: Token with prefix (e.g., 'inv-aBcDeF123...')
+        """
+        alphabet = string.ascii_letters + string.digits
+        random_part = ''.join(secrets.choice(alphabet) for _ in range(length))
+        return f'{INVITATION_TOKEN_PREFIX}{random_part}'
+
+    @staticmethod
+    async def create_invitation(
+        org_id: UUID,
+        email: str,
+        role_id: int,
+        inviter_id: UUID,
+        expiration_days: int = DEFAULT_EXPIRATION_DAYS,
+    ) -> OrgInvitation:
+        """Create a new organization invitation.
+
+        Args:
+            org_id: Organization UUID
+            email: Invitee's email address
+            role_id: Role ID to assign on acceptance
+            inviter_id: User ID of the person creating the invitation
+            expiration_days: Days until the invitation expires
+
+        Returns:
+            OrgInvitation: The created invitation record
+        """
+        async with a_session_maker() as session:
+            token = OrgInvitationStore.generate_token()
+            # Use timezone-naive datetime for database compatibility
+            expires_at = datetime.utcnow() + timedelta(days=expiration_days)
+
+            invitation = OrgInvitation(
+                token=token,
+                org_id=org_id,
+                email=email.lower().strip(),
+                role_id=role_id,
+                inviter_id=inviter_id,
+                status=OrgInvitation.STATUS_PENDING,
+                expires_at=expires_at,
+            )
+            session.add(invitation)
+            await session.commit()
+
+            # Re-fetch with eagerly loaded relationships to avoid DetachedInstanceError
+            result = await session.execute(
+                select(OrgInvitation)
+                .options(joinedload(OrgInvitation.role))
+                .filter(OrgInvitation.id == invitation.id)
+            )
+            invitation = result.scalars().first()
+
+            logger.info(
+                'Created organization invitation',
+                extra={
+                    'invitation_id': invitation.id,
+                    'org_id': str(org_id),
+                    'email': email,
+                    'inviter_id': str(inviter_id),
+                    'expires_at': expires_at.isoformat(),
+                },
+            )
+
+            return invitation
+
+    @staticmethod
+    async def get_invitation_by_token(token: str) -> Optional[OrgInvitation]:
+        """Get an invitation by its token.
+
+        Args:
+            token: The invitation token
+
+        Returns:
+            OrgInvitation or None if not found
+        """
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(OrgInvitation)
+                .options(joinedload(OrgInvitation.org), joinedload(OrgInvitation.role))
+                .filter(OrgInvitation.token == token)
+            )
+            return result.scalars().first()
+
+    @staticmethod
+    async def get_pending_invitation(
+        org_id: UUID, email: str
+    ) -> Optional[OrgInvitation]:
+        """Get a pending invitation for an email in an organization.
+
+        Args:
+            org_id: Organization UUID
+            email: Email address to check
+
+        Returns:
+            OrgInvitation or None if no pending invitation exists
+        """
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(OrgInvitation).filter(
+                    and_(
+                        OrgInvitation.org_id == org_id,
+                        OrgInvitation.email == email.lower().strip(),
+                        OrgInvitation.status == OrgInvitation.STATUS_PENDING,
+                    )
+                )
+            )
+            return result.scalars().first()
+
+    @staticmethod
+    async def update_invitation_status(
+        invitation_id: int,
+        status: str,
+        accepted_by_user_id: Optional[UUID] = None,
+    ) -> Optional[OrgInvitation]:
+        """Update an invitation's status.
+
+        Args:
+            invitation_id: The invitation ID
+            status: New status (pending, accepted, revoked, expired)
+            accepted_by_user_id: User ID who accepted (only for 'accepted' status)
+
+        Returns:
+            Updated OrgInvitation or None if not found
+        """
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(OrgInvitation).filter(OrgInvitation.id == invitation_id)
+            )
+            invitation = result.scalars().first()
+
+            if not invitation:
+                return None
+
+            old_status = invitation.status
+            invitation.status = status
+
+            if status == OrgInvitation.STATUS_ACCEPTED and accepted_by_user_id:
+                # Use timezone-naive datetime for database compatibility
+                invitation.accepted_at = datetime.utcnow()
+                invitation.accepted_by_user_id = accepted_by_user_id
+
+            await session.commit()
+            await session.refresh(invitation)
+
+            logger.info(
+                'Updated invitation status',
+                extra={
+                    'invitation_id': invitation_id,
+                    'old_status': old_status,
+                    'new_status': status,
+                    'accepted_by_user_id': (
+                        str(accepted_by_user_id) if accepted_by_user_id else None
+                    ),
+                },
+            )
+
+            return invitation
+
+    @staticmethod
+    def is_token_expired(invitation: OrgInvitation) -> bool:
+        """Check if an invitation token has expired.
+
+        Args:
+            invitation: The invitation to check
+
+        Returns:
+            bool: True if expired, False otherwise
+        """
+        # Use timezone-naive datetime for comparison (database stores without timezone)
+        now = datetime.utcnow()
+        return invitation.expires_at < now
+
+    @staticmethod
+    async def mark_expired_if_needed(invitation: OrgInvitation) -> bool:
+        """Check if invitation is expired and update status if needed.
+
+        Args:
+            invitation: The invitation to check
+
+        Returns:
+            bool: True if invitation was marked as expired, False otherwise
+        """
+        if (
+            invitation.status == OrgInvitation.STATUS_PENDING
+            and OrgInvitationStore.is_token_expired(invitation)
+        ):
+            await OrgInvitationStore.update_invitation_status(
+                invitation.id, OrgInvitation.STATUS_EXPIRED
+            )
+            return True
+        return False
--- a/enterprise/storage/org_llm_settings_store.py
+++ b/enterprise/storage/org_llm_settings_store.py
@@ -0,0 +1,83 @@
+"""Store class for managing organization LLM settings."""
+
+from __future__ import annotations
+
+import uuid
+from dataclasses import dataclass
+from uuid import UUID
+
+from server.routes.org_models import OrgLLMSettingsUpdate
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+from storage.org import Org
+from storage.org_member_store import OrgMemberStore
+from storage.user import User
+
+
+@dataclass
+class OrgLLMSettingsStore:
+    """Store for org LLM settings with injected db_session."""
+
+    db_session: AsyncSession
+
+    async def get_current_org_by_user_id(self, user_id: str) -> Org | None:
+        """Get the user's current organization.
+
+        Args:
+            user_id: The user's ID (Keycloak user ID)
+
+        Returns:
+            Org: The user's current organization, or None if not found
+        """
+        # First get the user to find their current_org_id
+        result = await self.db_session.execute(
+            select(User).filter(User.id == uuid.UUID(user_id))
+        )
+        user = result.scalars().first()
+
+        if not user or not user.current_org_id:
+            return None
+
+        # Then get the org
+        result = await self.db_session.execute(
+            select(Org).filter(Org.id == user.current_org_id)
+        )
+        return result.scalars().first()
+
+    async def update_org_llm_settings(
+        self, org_id: UUID, update_data: OrgLLMSettingsUpdate
+    ) -> Org | None:
+        """Update organization LLM settings.
+
+        Also propagates relevant settings to all org members.
+        Uses flush() - commit happens at request end via DbSessionInjector.
+
+        Args:
+            org_id: The organization's ID
+            update_data: Pydantic model with fields to update
+
+        Returns:
+            Org: The updated organization, or None if org not found
+        """
+        result = await self.db_session.execute(
+            select(Org).filter(Org.id == org_id).with_for_update()
+        )
+        org = result.scalars().first()
+
+        if not org:
+            return None
+
+        # Apply updates to org (excludes llm_api_key which is member-only)
+        update_data.apply_to_org(org)
+
+        # Propagate relevant settings to all org members
+        member_updates = update_data.get_member_updates()
+        if member_updates:
+            await OrgMemberStore.update_all_members_llm_settings_async(
+                self.db_session, org_id, member_updates
+            )
+
+        # flush instead of commit - DbSessionInjector auto-commits at request end
+        await self.db_session.flush()
+        await self.db_session.refresh(org)
+        return org
--- a/enterprise/storage/org_member_store.py
+++ b/enterprise/storage/org_member_store.py
@@ -5,10 +5,14 @@ Store class for managing organization-member relationships.
 from typing import Optional
 from uuid import UUID

-from sqlalchemy import select
+from server.routes.org_models import OrgMemberLLMSettings
+from sqlalchemy import func, select, update
+from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import joinedload
 from storage.database import a_session_maker, session_maker
+from storage.encrypt_utils import encrypt_value
 from storage.org_member import OrgMember
+from storage.user import User
 from storage.user_settings import UserSettings

 from openhands.storage.data_models.settings import Settings
@@ -60,6 +64,51 @@ class OrgMemberStore:
            )
            return result.scalars().first()

+    @staticmethod
+    def get_org_member_for_current_org(user_id: UUID) -> Optional[OrgMember]:
+        """Get the org member for a user's current organization.
+
+        Args:
+            user_id: The user's UUID.
+
+        Returns:
+            The OrgMember for the user's current organization, or None if not found.
+        """
+        with session_maker() as session:
+            result = (
+                session.query(OrgMember)
+                .join(User, User.id == OrgMember.user_id)
+                .filter(
+                    User.id == user_id,
+                    OrgMember.org_id == User.current_org_id,
+                )
+                .first()
+            )
+            return result
+
+    @staticmethod
+    async def get_org_member_for_current_org_async(
+        user_id: UUID,
+    ) -> Optional[OrgMember]:
+        """Get the org member for a user's current organization (async version).
+
+        Args:
+            user_id: The user's UUID.
+
+        Returns:
+            The OrgMember for the user's current organization, or None if not found.
+        """
+        async with a_session_maker() as session:
+            result = await session.execute(
+                select(OrgMember)
+                .join(User, User.id == OrgMember.user_id)
+                .filter(
+                    User.id == user_id,
+                    OrgMember.org_id == User.current_org_id,
+                )
+            )
+            return result.scalars().first()
+
    @staticmethod
    def get_user_orgs(user_id: UUID) -> list[OrgMember]:
        """Get all organizations for a user."""
@@ -137,14 +186,48 @@ class OrgMemberStore:
        }
        return kwargs

+    @staticmethod
+    async def get_org_members_count(
+        org_id: UUID,
+        email_filter: str | None = None,
+    ) -> int:
+        """Get total count of organization members, optionally filtered by email.
+
+        Args:
+            org_id: Organization UUID.
+            email_filter: Optional case-insensitive partial email match.
+
+        Returns:
+            Total count of matching members.
+        """
+        async with a_session_maker() as session:
+            query = select(func.count(OrgMember.user_id)).filter(
+                OrgMember.org_id == org_id
+            )
+
+            if email_filter:
+                query = query.join(User, User.id == OrgMember.user_id).filter(
+                    User.email.ilike(f'%{email_filter}%')
+                )
+
+            result = await session.execute(query)
+            return result.scalar() or 0
+
    @staticmethod
    async def get_org_members_paginated(
        org_id: UUID,
        offset: int = 0,
        limit: int = 100,
+        email_filter: str | None = None,
    ) -> tuple[list[OrgMember], bool]:
        """Get paginated list of organization members with user and role info.

+        Args:
+            org_id: Organization UUID.
+            offset: Number of records to skip.
+            limit: Maximum number of records to return.
+            email_filter: Optional case-insensitive partial email match.
+
        Returns:
            Tuple of (members_list, has_more) where has_more indicates if there are more results.
        """
@@ -154,13 +237,18 @@ class OrgMemberStore:
            query = (
                select(OrgMember)
                .options(joinedload(OrgMember.user), joinedload(OrgMember.role))
+                .join(User, User.id == OrgMember.user_id)
                .filter(OrgMember.org_id == org_id)
-                .order_by(OrgMember.user_id)
-                .offset(offset)
-                .limit(limit + 1)
            )
+
+            # Apply email filter if provided
+            if email_filter:
+                query = query.filter(User.email.ilike(f'%{email_filter}%'))
+
+            query = query.order_by(OrgMember.user_id).offset(offset).limit(limit + 1)
+
            result = await session.execute(query)
-            members = list(result.scalars().all())
+            members = list(result.unique().scalars().all())

            # Check if there are more results
            has_more = len(members) > limit
@@ -169,3 +257,28 @@ class OrgMemberStore:
                members = members[:limit]

            return members, has_more
+
+    @staticmethod
+    async def update_all_members_llm_settings_async(
+        session: AsyncSession,
+        org_id: UUID,
+        member_settings: OrgMemberLLMSettings,
+    ) -> None:
+        """Update LLM settings for all members of an organization.
+
+        Args:
+            session: Database session (passed from caller for transaction)
+            org_id: Organization ID
+            member_settings: Typed LLM settings to apply to all members
+        """
+        # Build update values from non-None fields
+        values = member_settings.model_dump(exclude_none=True)
+
+        # Handle encrypted llm_api_key field - map to _llm_api_key column with encryption
+        if 'llm_api_key' in values:
+            raw_key = values.pop('llm_api_key')
+            values['_llm_api_key'] = encrypt_value(raw_key)
+
+        if values:
+            stmt = update(OrgMember).where(OrgMember.org_id == org_id).values(**values)
+            await session.execute(stmt)
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
openhands	9e9a0bbe87	Optimize Playwright install by removing redundant --with-deps flag The --with-deps flag causes Playwright to install system dependencies via apt-get, but these dependencies are already being installed manually in the lines above. This removal avoids redundant package installation and significantly speeds up the Docker build process. Added libcups2t64/libcups2 to the manual dependency list as it's required by Playwright but wasn't previously included. Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-03 06:30:47 +00:00
openhands	c9af5edad9	Optimize Playwright install by removing redundant --with-deps flag The --with-deps flag causes Playwright to install system dependencies via apt-get, but these dependencies (libnss3, libnspr4, libatk-bridge2.0-0, etc.) are already being installed manually in the lines above. This removal avoids redundant package installation and significantly speeds up the Docker build process. Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-03 06:11:04 +00:00
chuckbutkus	0c7ce4ad48	V1 Changes to Support Path Based Routing (#13120 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 22:37:37 -05:00
Rohit Malhotra	4dab34e7b0	fix(enterprise): fix type errors - missing returns and async interface (#13145 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-03 00:37:22 +00:00
Rohit Malhotra	f8bbd352a9	Fix typing: make `Message` a dict instead of `dict \| str` (#13144 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-03 00:30:22 +00:00
Tim O'Farrell	17347a95f8	Make load_org_token and store_org_token async in TokenManager (#13147 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 17:08:21 -07:00
Graham Neubig	01ef87aaaa	Add logging when sandbox is assigned to conversation (#13143 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 17:36:49 -05:00
Hiep Le	8059c18b57	fix(backend): update planning agent to direct users to the build button instead of asking ready to proceed (#13139 )	2026-03-03 03:31:29 +07:00
Tim O'Farrell	c82ee4c7db	refactor(enterprise): use async database sessions in feedback routes (#13137 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 13:17:44 -07:00
Tim O'Farrell	7fdb423f99	feat(enterprise): convert DeviceCodeStore to async (#13136 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 12:56:41 -07:00
dependabot[bot]	530065dfa7	chore(deps): bump pillow from 12.1.0 to 12.1.1 in uv lock and enterprise poetry lock (#13101 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 13:56:13 -06:00
Hiep Le	a4cd2d81a5	fix(backend): use run_coroutine_threadsafe for conversation update callbacks (#13134 )	2026-03-03 02:07:32 +07:00
Tim O'Farrell	003b430e96	Refactor: Migrate remaining enterprise modules to async database sessions (#13124 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 11:52:00 -07:00
Graham Neubig	d63565186e	Add Claude Opus 4.6 model support (#12767 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: neubig <neubig@users.noreply.github.com>	2026-03-02 13:12:48 -05:00
Hiep Le	5f42d03ec5	fix(backend): jira cloud integration does not work (#13123 )	2026-03-02 22:05:29 +07:00
Mohammed Abdulai	62241e2e00	Fix: OSS suggested tasks empty state (#12563 ) Co-authored-by: Mohammed Abdulai <nurud43@gmail.com> Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-03-02 18:45:29 +07:00
Neha Prasad	f5197bd76a	fix: prevent double scrollbar when profile avatar popover is shown (#13115 ) Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-03-02 18:14:04 +07:00
Tim O'Farrell	e1408f7b15	Add timeout to Keycloak operations and convert OfflineTokenStore to async (#13096 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-03-02 01:48:45 -07:00
Shruti1128	d6b8d80026	Remove unused subscription-related frontend code (#12557 )	2026-03-01 21:14:00 +01:00
Hiep Le	1e6a92b454	feat(backend): organizations llm settings api (org project) (#13108 )	2026-03-02 00:06:37 +07:00
Hiep Le	b4a3e5db2f	feat(backend): saas – organizations app settings api (#13022 )	2026-03-01 23:26:39 +07:00
Chris Bagwell	f9d553d0bb	Pass container port instead of host port to Docker (#12595 ) Co-authored-by: Engel Nyst <engel.nyst@gmail.com>	2026-02-28 17:45:16 +01:00
Tim O'Farrell	f6f6c1ab25	refactor: use SQL filtering and pagination in VerifiedModelStore (#13068 ) Co-authored-by: bittoby <brianwhitedev1996@gmail.com> Co-authored-by: statxc <statxc@user.noreply.github.com> Co-authored-by: bittoby <bittoby@users.noreply.github.com> Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-28 07:37:11 -07:00
Hiep Le	c511a89426	feat(frontend): display Bitbucket signup disabled message on login page (#13100 )	2026-02-28 19:26:16 +07:00
HeyItsChloe	1f82ff04d9	feat(frontend): SaaS NUE profile questions /Onboarding flow (#13029 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-02-28 13:27:22 +07:00
HeyItsChloe	eec17311c7	fix(frontend): bitbucket icon color (#13106 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-28 12:12:45 +07:00
Nelson Spence	c34fdf4b37	fix(security): extend action type coverage in security check (#12870 ) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Engel Nyst <engel.nyst@gmail.com>	2026-02-28 05:44:29 +01:00
Engel Nyst	25076ee44c	chore: mark security/ and resolver/ as Legacy V0 (#13062 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-28 04:22:47 +01:00
aivong-openhands	baaec8473a	Fix CVE-2024-23342: Replace python-jose with jwcrypto (#13012 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-27 22:15:23 +00:00
dependabot[bot]	402fa47422	chore(deps-dev): bump minimatch from 3.1.2 to 3.1.5 in /frontend in the security-all group across 1 directory (#13098 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-27 14:15:41 -06:00
dependabot[bot]	8dde385843	chore(deps): bump pypdf from 6.7.2 to 6.7.3 (#13099 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-27 13:32:02 -06:00
aivong-openhands	a905e35531	Fix CVE-2026-25990: Update pillow to 12.1.1 (#13024 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-27 12:37:25 -06:00
dependabot[bot]	1f185173b7	chore(deps): bump pypdf to 6.7.2 (#13072 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: aivong-openhands <ai.vong@openhands.dev>	2026-02-27 08:35:25 -06:00
dependabot[bot]	ddc7a78723	chore(deps): bump rollup from 4.57.0 to 4.59.0 in /frontend in the security-all group across 1 directory (#13078 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-27 08:29:19 -06:00
Dream	a29ed4d926	feat(frontend): display Agent Skills and Commands in slash menu (#12982 ) Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-02-27 20:46:38 +07:00
Hiep Le	b8ab4bb44e	feat(backend): allow owners to edit owners and admins to edit admins (org project) (#13095 )	2026-02-27 16:01:05 +07:00
Hiep Le	ddd544f8d6	feat(backend): saas users app settings api (#13021 )	2026-02-27 13:01:03 +07:00
mamoodi	3804b66e32	Remove blank issue creation (#13090 )	2026-02-26 16:56:13 -05:00
John-Mason P. Shackelford	b97adf392a	docs: Add plugin launch flow design document (#13084 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: Engel Nyst <engel.nyst@gmail.com>	2026-02-26 14:03:40 -05:00
Saurya Velagapudi	dcb584913a	Fix CVE-2026-26007: Update cryptography to 46.0.5 (#13059 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-26 09:45:54 -06:00
dependabot[bot]	d2fd54a083	chore(deps): bump the security-all group across 1 directory with 2 updates (#13069 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: aivong-openhands <ai.vong@openhands.dev>	2026-02-26 09:39:44 -06:00
Tim O'Farrell	112d863287	refactor: Remove unused Google Sheets integration from UserVerifier (#13076 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-26 08:07:38 -07:00
Hiep Le	c8680caec3	fix: db migration (#13074 )	2026-02-26 21:20:08 +07:00
sp.wack	d4b9fb1d03	fix(backend): user email capture (#12902 ) Co-authored-by: OpenHands Bot <contact@all-hands.dev> Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-26 17:29:30 +04:00
Tim O'Farrell	409df1287d	Fix api key access (#13064 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-26 06:22:23 -07:00
BitToby	a92bfe6cc0	feat: add database-backed verified models for dynamic model managemen… (#12833 ) Co-authored-by: statxc <statxc@user.noreply.github.com> Co-authored-by: bittoby <bittoby@users.noreply.github.com>	2026-02-26 06:17:18 -07:00
Hiep Le	f93e3254d3	refactor(frontend): remove feature flag (planning agent) (#12880 )	2026-02-26 18:44:26 +07:00
Tim O'Farrell	0476d57451	fix: properly extract redirect URL from OAuth state in keycloak_offline_callback (#13063 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-26 03:23:40 -07:00
Hiep Le	a4cd21e155	refactor(frontend): hide microagent management ui (#13060 )	2026-02-26 17:13:37 +07:00
aivong-openhands	7f3af371d1	protobuf pypdf uv lock updates (#13045 )	2026-02-25 14:19:16 -06:00
aivong-openhands	1421794c1b	Fix CVE-2026-26007: Update cryptography to 46.0.5 (#13009 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-25 14:18:16 -06:00
aivong-openhands	2fc689457c	Fix CVE-2026-24486: Update python-multipart to 0.0.22 (#13015 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-25 10:15:58 -06:00
Tim O'Farrell	3161b365a8	Add sandbox_id field to conversation endpoints (#13044 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-25 14:29:42 +00:00
aivong-openhands	18ab56ef4e	Fix CVE-2026-23490: Update pyasn1 to 0.6.2 (#13013 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-25 08:06:41 -06:00
Tim O'Farrell	a9c0df778c	Make logs quieter. (#13042 )	2026-02-25 05:11:13 -07:00
MkDev11	51b989b5f8	feat: Allow attaching/changing repository for existing conversations (#12671 ) Co-authored-by: mkdev11 <MkDev11@users.noreply.github.com> Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-02-25 18:09:12 +07:00
aivong-openhands	dc039d81d6	Fix CVE-2026-27199: Update werkzeug to 3.1.6 (#13028 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-24 18:26:28 -06:00
aivong-openhands	8e4559b14a	Fix CVE-2025-61765: Update python-socketio to 5.14.0 (#13027 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-24 18:15:04 -06:00
aivong-openhands	b84f352b63	Fix CVE-2026-0994: Update protobuf to 5.29.6 (#13011 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-24 17:25:40 -06:00
aivong-openhands	a0dba6124a	Fix CVE-2026-27026: Update pypdf to at least 6.7.1 (#13025 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-24 15:25:06 -06:00
aivong-openhands	951739f3eb	Fix CVE-2025-53000: Update nbconvert to 7.17.0 (#13010 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>	2026-02-24 14:46:31 -06:00
aivong-openhands	0f1ad46a47	Fix CVE-2025-62727: Update starlette to 0.49.1 (#13016 ) Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev> Co-authored-by: Ray Myers <ray.myers@gmail.com>	2026-02-24 10:55:32 -06:00
sp.wack	5367bef43a	fix: detect team/org-level budget errors in error banner (#13003 )	2026-02-24 20:55:11 +04:00
Tim O'Farrell	3afeccfe7f	fix: prevent token refresh deadlock with double-checked locking and timeouts (#13020 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-24 08:13:57 -07:00
Tim O'Farrell	0677c035ff	Optimize get_sandbox_by_session_api_key with hash lookup (#13019 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-24 13:55:21 +00:00
Hiep Le	68165b52d9	feat(backend): add pagination and email filtering for organization members (#12999 )	2026-02-24 16:02:24 +07:00
Dream	dcc8217317	feat(frontend): add mutateWithToast utility for standardized mutation toast handling (#12433 ) Co-authored-by: OpenHands Bot <contact@all-hands.dev> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: hieptl <hieptl.developer@gmail.com>	2026-02-24 15:06:44 +07:00
jpelletier1	d1410949ff	Experiment - Add 'Add Team Members' button to Avatar menu in SaaS mode (#12647 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-23 23:06:57 +04:00
Tim O'Farrell	a6c0d80fe1	Fix: Logout on 401 error in useGitUser; downgrade provider error to warning (#12935 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-23 10:15:54 -07:00
Tim O'Farrell	0efb1db85d	Bumped SDK to 1.11.5 (#13002 )	2026-02-23 09:31:31 -07:00
Hiep Le	8e0f74c92c	fix(backend): ensure members are removed from the corresponding litellm team when removed from an organization (#12996 )	2026-02-23 18:45:31 +07:00
Hiep Le	6e1ba3d836	fix(backend): update current_org_id when removing a member from an organization (#12995 )	2026-02-23 18:21:37 +07:00
Hiep Le	0ec97893d1	fix(backend): unable to delete an organization after inviting at least one member (#12993 )	2026-02-23 18:21:10 +07:00
Tim O'Farrell	ddb809bc43	Add webhook endpoint authentication bypass and admin context unfiltered data access (#12956 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-23 09:28:49 +00:00
Alona	872f2b87f2	fix: add retry logic with exponential backoff to send_welcome_email (#12450 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: Rohit Malhotra <rohitvinodmalhotra@gmail.com>	2026-02-20 20:42:00 +00:00
Graham Neubig	ee86005a3a	Align PR review workflow with software-agent-sdk (#12963 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-20 21:02:32 +01:00
Graham Neubig	d4aa30580b	Migrate PR review workflow to use extensions action (#12917 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-20 18:44:02 +00:00
Tim O'Farrell	2f0e879129	Fix session_maker to accept kwargs for backward compatibility (#12960 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-20 10:56:44 -07:00
sp.wack	3bc2ef954e	fix(backend): config values (#12944 )	2026-02-20 17:53:35 +04:00
Ray Myers	32ab2a24c6	Remove enterprise-preview job and workflow (#12350 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-20 03:36:14 +01:00
Engel Nyst	a6e148d1e6	refactor: use consolidated pr-review action (#12801 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-20 02:08:42 +01:00
Manrique Vargas	3fc977eddd	fix(mcp): skip conversation link when conversation_id is None (#12941 ) Signed-off-by: machov <mv1742@nyu.edu> Co-authored-by: Rohit Malhotra <rohitvinodmalhotra@gmail.com>	2026-02-19 21:41:26 +00:00
John-Mason P. Shackelford	89a6890269	Fix URL encoding in Jira OAuth authorization URLs (#12399 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: Rohit Malhotra <rohitvinodmalhotra@gmail.com>	2026-02-19 21:40:29 +00:00
Hiep Le	8927ac2230	fix(backend): organization members now see correct shared credit balance (#12942 )	2026-02-20 01:34:53 +07:00
Rohit Malhotra	f3429e33ca	Fix Resend sync to respect deleted users (#12904 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-19 17:43:15 +00:00
Tim O'Farrell	7cd219792b	Add type hints and use model objects in api_keys.py endpoints (#12939 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-19 08:40:46 -07:00
Hiep Le	2aabe2ed8c	fix(backend): add organization filtering to V1 conversation queries (#12923 )	2026-02-19 20:39:28 +07:00
Tim O'Farrell	731a9a813e	More readable logs for local debugging (#12926 )	2026-02-19 02:27:57 -07:00
Tim O'Farrell	123e556fed	Added endpoint for readiness probe (#12927 )	2026-02-19 02:27:35 -07:00
Chujiang	6676cae249	fix: add missing type hints and improve test logging (#12810 ) Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-19 00:58:39 +01:00
Clay Arnold	fede37b496	fix: add claude-opus-4-6 to temperature/top_p guard (#12874 ) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-19 00:33:17 +01:00
Hiep Le	3bcd6f18df	fix(backend): set user email fields from user_info during create_user (#12921 )	2026-02-19 02:06:20 +07:00
Rohit Malhotra	0da18440c2	Mention free MiniMax usage and drop free credits (#12918 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-18 13:54:05 -05:00
Hiep Le	ac76e10048	refactor(backend): include current_org_id in organization list response (#12915 )	2026-02-18 20:35:40 +07:00
Hiep Le	b98bae8b5f	refactor(backend): rename orgmemberresponse.role_name to role (#12914 )	2026-02-18 20:23:07 +07:00
Tim O'Farrell	516721d1ee	fix: add default uuid4 to event_callback_result primary key (#12908 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-18 05:57:13 -07:00
Hiep Le	4d6f66ca28	feat: add user invitation logic (#12883 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-18 13:24:19 +07:00
chuckbutkus	b18568da0b	Feature/permission based authorization (#12906 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-18 01:17:39 -05:00
mamoodi	83dd3c169c	Release 1.4.0 (#12897 )	2026-02-17 13:09:29 -05:00
Tim O'Farrell	35bddb14f1	fix: preserve import order in clean_proactive_convo_table.py (#12901 ) Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: OpenHands Bot <contact@all-hands.dev>	2026-02-17 17:52:54 +00:00
Tim O'Farrell	e8425218e2	Remove alembic errors dumped into logs by cron jobs (#12900 )	2026-02-17 17:22:54 +00:00
Rohit Malhotra	0a879fa781	Grant free credits after minimum purchase (#12899 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-17 11:00:42 -05:00
Hiep Le	41e142bbab	fix(backend): system prompt override (planning agent) (#12893 )	2026-02-17 16:15:26 +07:00
Engel Nyst	b06b9eedac	fix: wire suggested task prompts for V1 (#12787 ) Co-authored-by: openhands <openhands@all-hands.dev>	2026-02-16 23:57:32 +01:00
Tim O'Farrell	a9afafa991	Default model for new users is minimax (#12889 )	2026-02-16 12:24:30 -07:00