fix logic

remove console
remove rate limits for self host
2025-04-17 19:37:38 +00:00 · 2025-04-09 20:55:41 -04:00 · 2025-04-09 20:47:16 -04:00 · 2025-04-09 20:45:51 -04:00 · 2025-04-09 12:24:37 -04:00 · 2025-04-09 21:11:39 +05:30
32 changed files with 1597 additions and 582 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,102 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL Advanced"
-
-on:
-  push:
-    branches: [ "main", "development" ]
-  pull_request:
-    branches: [ "main", "development" ]
-  schedule:
-    - cron: '33 7 * * 3'
-
-jobs:
-  analyze:
-    name: Analyze (${{ matrix.language }})
-    # Runner size impacts CodeQL analysis time. To learn more, please see:
-    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
-    #   - https://gh.io/supported-runners-and-hardware-resources
-    #   - https://gh.io/using-larger-runners (GitHub.com only)
-    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
-    permissions:
-      # required for all workflows
-      security-events: write
-
-      # required to fetch internal or private CodeQL packs
-      packages: read
-
-      # only required for workflows in private repositories
-      actions: read
-      contents: read
-
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-        - language: actions
-          build-mode: none
-        - language: go
-          build-mode: autobuild
-        - language: javascript-typescript
-          build-mode: none
-        # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
-        # Use `c-cpp` to analyze code written in C, C++ or both
-        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
-        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
-        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
-        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
-        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
-        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Add any setup steps before running the `github/codeql-action/init` action.
-    # This includes steps like installing compilers or runtimes (`actions/setup-node`
-    # or others). This is typically only required for manual builds.
-    # - name: Setup runtime (example)
-    #   uses: actions/setup-example@v1
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        build-mode: ${{ matrix.build-mode }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-
-    # If the analyze step fails for one of the languages you are analyzing with
-    # "We were unable to automatically build your code", modify the matrix above
-    # to set the build mode to "manual" for that language. Then modify this step
-    # to build your code.
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-    - if: matrix.build-mode == 'manual'
-      shell: bash
-      run: |
-        echo 'If you are using a "manual" build mode for one or more of the' \
-          'languages you are analyzing, replace this with the commands to build' \
-          'your code, for example:'
-        echo '  make bootstrap'
-        echo '  make release'
-        exit 1
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
-      with:
-        category: "/language:${{matrix.language}}"
--- a/.github/workflows/release_build_infisical_cli.yml
+++ b/.github/workflows/release_build_infisical_cli.yml
@ -12,75 +12,75 @@ permissions:
  contents: write

 jobs:
-  # cli-integration-tests:
-  #   name: Run tests before deployment
-  #   uses: ./.github/workflows/run-cli-tests.yml
-  #   secrets:
-  #     CLI_TESTS_UA_CLIENT_ID: ${{ secrets.CLI_TESTS_UA_CLIENT_ID }}
-  #     CLI_TESTS_UA_CLIENT_SECRET: ${{ secrets.CLI_TESTS_UA_CLIENT_SECRET }}
-  #     CLI_TESTS_SERVICE_TOKEN: ${{ secrets.CLI_TESTS_SERVICE_TOKEN }}
-  #     CLI_TESTS_PROJECT_ID: ${{ secrets.CLI_TESTS_PROJECT_ID }}
-  #     CLI_TESTS_ENV_SLUG: ${{ secrets.CLI_TESTS_ENV_SLUG }}
-  #     CLI_TESTS_USER_EMAIL: ${{ secrets.CLI_TESTS_USER_EMAIL }}
-  #     CLI_TESTS_USER_PASSWORD: ${{ secrets.CLI_TESTS_USER_PASSWORD }}
-  #     CLI_TESTS_INFISICAL_VAULT_FILE_PASSPHRASE: ${{ secrets.CLI_TESTS_INFISICAL_VAULT_FILE_PASSPHRASE }}
+  cli-integration-tests:
+    name: Run tests before deployment
+    uses: ./.github/workflows/run-cli-tests.yml
+    secrets:
+      CLI_TESTS_UA_CLIENT_ID: ${{ secrets.CLI_TESTS_UA_CLIENT_ID }}
+      CLI_TESTS_UA_CLIENT_SECRET: ${{ secrets.CLI_TESTS_UA_CLIENT_SECRET }}
+      CLI_TESTS_SERVICE_TOKEN: ${{ secrets.CLI_TESTS_SERVICE_TOKEN }}
+      CLI_TESTS_PROJECT_ID: ${{ secrets.CLI_TESTS_PROJECT_ID }}
+      CLI_TESTS_ENV_SLUG: ${{ secrets.CLI_TESTS_ENV_SLUG }}
+      CLI_TESTS_USER_EMAIL: ${{ secrets.CLI_TESTS_USER_EMAIL }}
+      CLI_TESTS_USER_PASSWORD: ${{ secrets.CLI_TESTS_USER_PASSWORD }}
+      CLI_TESTS_INFISICAL_VAULT_FILE_PASSPHRASE: ${{ secrets.CLI_TESTS_INFISICAL_VAULT_FILE_PASSPHRASE }}

-  # npm-release:
-  #   runs-on: ubuntu-latest
-  #   env:
-  #     working-directory: ./npm
-  #   needs:
-  #     - cli-integration-tests
-  #     - goreleaser
-  #   steps:
-  #     - uses: actions/checkout@v3
-  #       with:
-  #         fetch-depth: 0
+  npm-release:
+    runs-on: ubuntu-latest
+    env:
+      working-directory: ./npm
+    needs:
+      - cli-integration-tests
+      - goreleaser
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0

-  #     - name: Extract version
-  #       run: |
-  #         VERSION=$(echo ${{ github.ref_name }} | sed 's/infisical-cli\/v//')
-  #         echo "Version extracted: $VERSION"
-  #         echo "CLI_VERSION=$VERSION" >> $GITHUB_ENV
+      - name: Extract version
+        run: |
+          VERSION=$(echo ${{ github.ref_name }} | sed 's/infisical-cli\/v//')
+          echo "Version extracted: $VERSION"
+          echo "CLI_VERSION=$VERSION" >> $GITHUB_ENV

-  #     - name: Print version
-  #       run: echo ${{ env.CLI_VERSION }}
+      - name: Print version
+        run: echo ${{ env.CLI_VERSION }}

-  #     - name: Setup Node
-  #       uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
-  #       with:
-  #         node-version: 20
-  #         cache: "npm"
-  #         cache-dependency-path: ./npm/package-lock.json
-  #     - name: Install dependencies
-  #       working-directory: ${{ env.working-directory }}
-  #       run: npm install --ignore-scripts
+      - name: Setup Node
+        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        with:
+          node-version: 20
+          cache: "npm"
+          cache-dependency-path: ./npm/package-lock.json
+      - name: Install dependencies
+        working-directory: ${{ env.working-directory }}
+        run: npm install --ignore-scripts

-  #     - name: Set NPM version
-  #       working-directory: ${{ env.working-directory }}
-  #       run: npm version ${{ env.CLI_VERSION }} --allow-same-version --no-git-tag-version
+      - name: Set NPM version
+        working-directory: ${{ env.working-directory }}
+        run: npm version ${{ env.CLI_VERSION }} --allow-same-version --no-git-tag-version

-  #     - name: Setup NPM
-  #       working-directory: ${{ env.working-directory }}
-  #       run: |
-  #         echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
-  #         echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
+      - name: Setup NPM
+        working-directory: ${{ env.working-directory }}
+        run: |
+          echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
+          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc

-  #         echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
-  #         echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
-  #       env:
-  #         NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
+          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

-  #     - name: Pack NPM
-  #       working-directory: ${{ env.working-directory }}
-  #       run: npm pack
+      - name: Pack NPM
+        working-directory: ${{ env.working-directory }}
+        run: npm pack

-  #     - name: Publish NPM
-  #       working-directory: ${{ env.working-directory }}
-  #       run: npm publish --tarball=./infisical-sdk-${{github.ref_name}} --access public --registry=https://registry.npmjs.org/
-  #       env:
-  #         NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-  #         NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - name: Publish NPM
+        working-directory: ${{ env.working-directory }}
+        run: npm publish --tarball=./infisical-sdk-${{github.ref_name}} --access public --registry=https://registry.npmjs.org/
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

  goreleaser:
    runs-on: ubuntu-latest
@ -133,7 +133,7 @@ jobs:
      - name: Install deb-s3
        run: gem install deb-s3
      - name: Configure GPG Key
-        run: echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --batch --passphrase "$GPG_SIGNING_KEY_PASSPHRASE" --import
+        run: echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --batch --import
        env:
          GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
          GPG_SIGNING_KEY_PASSPHRASE: ${{ secrets.GPG_SIGNING_KEY_PASSPHRASE }}
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@ -16,23 +16,23 @@ monorepo:
  dir: cli

 builds:
-#   - id: darwin-build
-#     binary: infisical
-#     ldflags:
-#       - -X github.com/Infisical/infisical-merge/packages/util.CLI_VERSION={{ .Version }}
-#       - -X github.com/Infisical/infisical-merge/packages/telemetry.POSTHOG_API_KEY_FOR_CLI={{ .Env.POSTHOG_API_KEY_FOR_CLI }}
-#     flags:
-#       - -trimpath
-#     env:
-#       - CGO_ENABLED=1
-#       - CC=/home/runner/work/osxcross/target/bin/o64-clang
-#       - CXX=/home/runner/work/osxcross/target/bin/o64-clang++
-#     goos:
-#       - darwin
-#     ignore:
-#       - goos: darwin
-#         goarch: "386"
-#     dir: ./cli
+  - id: darwin-build
+    binary: infisical
+    ldflags:
+      - -X github.com/Infisical/infisical-merge/packages/util.CLI_VERSION={{ .Version }}
+      - -X github.com/Infisical/infisical-merge/packages/telemetry.POSTHOG_API_KEY_FOR_CLI={{ .Env.POSTHOG_API_KEY_FOR_CLI }}
+    flags:
+      - -trimpath
+    env:
+      - CGO_ENABLED=1
+      - CC=/home/runner/work/osxcross/target/bin/o64-clang
+      - CXX=/home/runner/work/osxcross/target/bin/o64-clang++
+    goos:
+      - darwin
+    ignore:
+      - goos: darwin
+        goarch: "386"
+    dir: ./cli

  - id: all-other-builds
    env:
@ -44,11 +44,11 @@ builds:
    flags:
      - -trimpath
    goos:
-      # - freebsd
+      - freebsd
      - linux
-      # - netbsd
-      # - openbsd
-      # - windows
+      - netbsd
+      - openbsd
+      - windows
    goarch:
      - "386"
      - amd64
@ -75,10 +75,8 @@ archives:
      - ../completions/*

 release:
-  # replace_existing_draft: true
-  # mode: "replace"
-  disable: true
-  skip_upload: true
+  replace_existing_draft: true
+  mode: "replace"

 checksum:
  name_template: "checksums.txt"
@ -93,39 +91,39 @@ snapshot:
 #     dir: "{{ dir .ArtifactPath }}"
 #     cmd: curl -F package=@{{ .ArtifactName }} https://{{ .Env.FURY_TOKEN }}@push.fury.io/infisical/

-# brews:
-#   - name: infisical
-#     tap:
-#       owner: Infisical
-#       name: homebrew-get-cli
-#     commit_author:
-#       name: "Infisical"
-#       email: ai@infisical.com
-#     folder: Formula
-#     homepage: "https://infisical.com"
-#     description: "The official Infisical CLI"
-#     install: |-
-#       bin.install "infisical"
-#       bash_completion.install "completions/infisical.bash" => "infisical"
-#       zsh_completion.install "completions/infisical.zsh" => "_infisical"
-#       fish_completion.install "completions/infisical.fish"
-#       man1.install "manpages/infisical.1.gz"
-#   - name: "infisical@{{.Version}}"
-#     tap:
-#       owner: Infisical
-#       name: homebrew-get-cli
-#     commit_author:
-#       name: "Infisical"
-#       email: ai@infisical.com
-#     folder: Formula
-#     homepage: "https://infisical.com"
-#     description: "The official Infisical CLI"
-#     install: |-
-#       bin.install "infisical"
-#       bash_completion.install "completions/infisical.bash" => "infisical"
-#       zsh_completion.install "completions/infisical.zsh" => "_infisical"
-#       fish_completion.install "completions/infisical.fish"
-#       man1.install "manpages/infisical.1.gz"
+brews:
+  - name: infisical
+    tap:
+      owner: Infisical
+      name: homebrew-get-cli
+    commit_author:
+      name: "Infisical"
+      email: ai@infisical.com
+    folder: Formula
+    homepage: "https://infisical.com"
+    description: "The official Infisical CLI"
+    install: |-
+      bin.install "infisical"
+      bash_completion.install "completions/infisical.bash" => "infisical"
+      zsh_completion.install "completions/infisical.zsh" => "_infisical"
+      fish_completion.install "completions/infisical.fish"
+      man1.install "manpages/infisical.1.gz"
+  - name: "infisical@{{.Version}}"
+    tap:
+      owner: Infisical
+      name: homebrew-get-cli
+    commit_author:
+      name: "Infisical"
+      email: ai@infisical.com
+    folder: Formula
+    homepage: "https://infisical.com"
+    description: "The official Infisical CLI"
+    install: |-
+      bin.install "infisical"
+      bash_completion.install "completions/infisical.bash" => "infisical"
+      zsh_completion.install "completions/infisical.zsh" => "_infisical"
+      fish_completion.install "completions/infisical.fish"
+      man1.install "manpages/infisical.1.gz"

 nfpms:
  - id: infisical
@ -138,10 +136,10 @@ nfpms:
    description: The offical Infisical CLI
    license: MIT
    formats:
-      # - rpm
+      - rpm
      - deb
-      # - apk
-      # - archlinux
+      - apk
+      - archlinux
    bindir: /usr/bin
    contents:
      - src: ./completions/infisical.bash
@ -153,73 +151,91 @@ nfpms:
      - src: ./manpages/infisical.1.gz
        dst: /usr/share/man/man1/infisical.1.gz

-# scoop:
-#   bucket:
-#     owner: Infisical
-#     name: scoop-infisical
-#   commit_author:
-#     name: "Infisical"
-#     email: ai@infisical.com
-#   homepage: "https://infisical.com"
-#   description: "The official Infisical CLI"
-#   license: MIT
+scoop:
+  bucket:
+    owner: Infisical
+    name: scoop-infisical
+  commit_author:
+    name: "Infisical"
+    email: ai@infisical.com
+  homepage: "https://infisical.com"
+  description: "The official Infisical CLI"
+  license: MIT

-# aurs:
-#   - name: infisical-bin
-#     homepage: "https://infisical.com"
-#     description: "The official Infisical CLI"
-#     maintainers:
-#       - Infisical, Inc <support@infisical.com>
-#     license: MIT
-#     private_key: "{{ .Env.AUR_KEY }}"
-#     git_url: "ssh://aur@aur.archlinux.org/infisical-bin.git"
-#     package: |-
-#       # bin
-#       install -Dm755 "./infisical" "${pkgdir}/usr/bin/infisical"
-#       # license
-#       install -Dm644 "./LICENSE" "${pkgdir}/usr/share/licenses/infisical/LICENSE"
-#       # completions
-#       mkdir -p "${pkgdir}/usr/share/bash-completion/completions/"
-#       mkdir -p "${pkgdir}/usr/share/zsh/site-functions/"
-#       mkdir -p "${pkgdir}/usr/share/fish/vendor_completions.d/"
-#       install -Dm644 "./completions/infisical.bash" "${pkgdir}/usr/share/bash-completion/completions/infisical"
-#       install -Dm644 "./completions/infisical.zsh" "${pkgdir}/usr/share/zsh/site-functions/_infisical"
-#       install -Dm644 "./completions/infisical.fish" "${pkgdir}/usr/share/fish/vendor_completions.d/infisical.fish"
-#       # man pages
-#       install -Dm644 "./manpages/infisical.1.gz" "${pkgdir}/usr/share/man/man1/infisical.1.gz"
+winget:
+  - name: infisical
+    publisher: infisical
+    license: MIT
+    homepage: https://infisical.com
+    short_description: "The official Infisical CLI"
+    repository:
+      owner: infisical
+      name: winget-pkgs
+      branch: "infisical-{{.Version}}"
+      pull_request:
+        enabled: true
+        draft: false
+        base:
+          owner: microsoft
+          name: winget-pkgs
+          branch: master

-# dockers:
-#   - dockerfile: docker/alpine
-#     goos: linux
-#     goarch: amd64
-#     use: buildx
-#     ids:
-#       - all-other-builds
-#     image_templates:
-#       - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-amd64"
-#       - "infisical/cli:latest-amd64"
-#     build_flag_templates:
-#       - "--pull"
-#       - "--platform=linux/amd64"
-#   - dockerfile: docker/alpine
-#     goos: linux
-#     goarch: amd64
-#     use: buildx
-#     ids:
-#       - all-other-builds
-#     image_templates:
-#       - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-arm64"
-#       - "infisical/cli:latest-arm64"
-#     build_flag_templates:
-#       - "--pull"
-#       - "--platform=linux/arm64"
+aurs:
+  - name: infisical-bin
+    homepage: "https://infisical.com"
+    description: "The official Infisical CLI"
+    maintainers:
+      - Infisical, Inc <support@infisical.com>
+    license: MIT
+    private_key: "{{ .Env.AUR_KEY }}"
+    git_url: "ssh://aur@aur.archlinux.org/infisical-bin.git"
+    package: |-
+      # bin
+      install -Dm755 "./infisical" "${pkgdir}/usr/bin/infisical"
+      # license
+      install -Dm644 "./LICENSE" "${pkgdir}/usr/share/licenses/infisical/LICENSE"
+      # completions
+      mkdir -p "${pkgdir}/usr/share/bash-completion/completions/"
+      mkdir -p "${pkgdir}/usr/share/zsh/site-functions/"
+      mkdir -p "${pkgdir}/usr/share/fish/vendor_completions.d/"
+      install -Dm644 "./completions/infisical.bash" "${pkgdir}/usr/share/bash-completion/completions/infisical"
+      install -Dm644 "./completions/infisical.zsh" "${pkgdir}/usr/share/zsh/site-functions/_infisical"
+      install -Dm644 "./completions/infisical.fish" "${pkgdir}/usr/share/fish/vendor_completions.d/infisical.fish"
+      # man pages
+      install -Dm644 "./manpages/infisical.1.gz" "${pkgdir}/usr/share/man/man1/infisical.1.gz"

-# docker_manifests:
-#   - name_template: "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}"
-#     image_templates:
-#       - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-amd64"
-#       - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-arm64"
-#   - name_template: "infisical/cli:latest"
-#     image_templates:
-#       - "infisical/cli:latest-amd64"
-#       - "infisical/cli:latest-arm64"
+dockers:
+  - dockerfile: docker/alpine
+    goos: linux
+    goarch: amd64
+    use: buildx
+    ids:
+      - all-other-builds
+    image_templates:
+      - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-amd64"
+      - "infisical/cli:latest-amd64"
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/amd64"
+  - dockerfile: docker/alpine
+    goos: linux
+    goarch: amd64
+    use: buildx
+    ids:
+      - all-other-builds
+    image_templates:
+      - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-arm64"
+      - "infisical/cli:latest-arm64"
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/arm64"
+
+docker_manifests:
+  - name_template: "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}"
+    image_templates:
+      - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-amd64"
+      - "infisical/cli:{{ .Major }}.{{ .Minor }}.{{ .Patch }}-arm64"
+  - name_template: "infisical/cli:latest"
+    image_templates:
+      - "infisical/cli:latest-amd64"
+      - "infisical/cli:latest-arm64"
--- a/backend/src/lib/api-docs/constants.ts
+++ b/backend/src/lib/api-docs/constants.ts
@ -66,6 +66,17 @@ export const IDENTITIES = {
  },
  LIST: {
    orgId: "The ID of the organization to list identities."
+  },
+  SEARCH: {
+    search: {
+      desc: "The filters to apply to the search.",
+      name: "The name of the identity to filter by.",
+      role: "The organizational role of the identity to filter by."
+    },
+    offset: "The offset to start from. If you enter 10, it will start from the 10th identity.",
+    limit: "The number of identities to return.",
+    orderBy: "The column to order identities by.",
+    orderDirection: "The direction to order identities in."
  }
 } as const;

--- a/backend/src/lib/search-resource/db.ts
+++ b/backend/src/lib/search-resource/db.ts
@ -0,0 +1,141 @@
+import { Knex } from "knex";
+
+import { SearchResourceOperators, TSearchResourceOperator } from "./search";
+
+const buildKnexQuery = (
+  query: Knex.QueryBuilder,
+  // when it's multiple table field means it's field1 or field2
+  fields: string | string[],
+  operator: SearchResourceOperators,
+  value: unknown
+) => {
+  switch (operator) {
+    case SearchResourceOperators.$eq: {
+      if (typeof value !== "string" && typeof value !== "number")
+        throw new Error("Invalid value type for $eq operator");
+
+      if (typeof fields === "string") {
+        return void query.where(fields, "=", value);
+      }
+
+      return void query.where((qb) => {
+        return fields.forEach((el, index) => {
+          if (index === 0) {
+            return void qb.where(el, "=", value);
+          }
+          return void qb.orWhere(el, "=", value);
+        });
+      });
+    }
+
+    case SearchResourceOperators.$neq: {
+      if (typeof value !== "string" && typeof value !== "number")
+        throw new Error("Invalid value type for $neq operator");
+
+      if (typeof fields === "string") {
+        return void query.where(fields, "<>", value);
+      }
+
+      return void query.where((qb) => {
+        return fields.forEach((el, index) => {
+          if (index === 0) {
+            return void qb.where(el, "<>", value);
+          }
+          return void qb.orWhere(el, "<>", value);
+        });
+      });
+    }
+    case SearchResourceOperators.$in: {
+      if (!Array.isArray(value)) throw new Error("Invalid value type for $in operator");
+
+      if (typeof fields === "string") {
+        return void query.whereIn(fields, value);
+      }
+
+      return void query.where((qb) => {
+        return fields.forEach((el, index) => {
+          if (index === 0) {
+            return void qb.whereIn(el, value);
+          }
+          return void qb.orWhereIn(el, value);
+        });
+      });
+    }
+    case SearchResourceOperators.$contains: {
+      if (typeof value !== "string") throw new Error("Invalid value type for $contains operator");
+
+      if (typeof fields === "string") {
+        return void query.whereILike(fields, `%${value}%`);
+      }
+
+      return void query.where((qb) => {
+        return fields.forEach((el, index) => {
+          if (index === 0) {
+            return void qb.whereILike(el, `%${value}%`);
+          }
+          return void qb.orWhereILike(el, `%${value}%`);
+        });
+      });
+    }
+    default:
+      throw new Error(`Unsupported operator: ${String(operator)}`);
+  }
+};
+
+export const buildKnexFilterForSearchResource = <T extends { [K: string]: TSearchResourceOperator }, K extends keyof T>(
+  rootQuery: Knex.QueryBuilder,
+  searchFilter: T & { $or?: T[] },
+  getAttributeField: (attr: K) => string | string[] | null
+) => {
+  const { $or: orFilters = [] } = searchFilter;
+  (Object.keys(searchFilter) as K[]).forEach((key) => {
+    // akhilmhdh: yes, we could have split in top. This is done to satisfy ts type error
+    if (key === "$or") return;
+
+    const dbField = getAttributeField(key);
+    if (!dbField) throw new Error(`DB field not found for ${String(key)}`);
+
+    const dbValue = searchFilter[key];
+    if (typeof dbValue === "string" || typeof dbValue === "number") {
+      buildKnexQuery(rootQuery, dbField, SearchResourceOperators.$eq, dbValue);
+      return;
+    }
+
+    Object.keys(dbValue as Record<string, unknown>).forEach((el) => {
+      buildKnexQuery(
+        rootQuery,
+        dbField,
+        el as SearchResourceOperators,
+        (dbValue as Record<SearchResourceOperators, unknown>)[el as SearchResourceOperators]
+      );
+    });
+  });
+
+  if (orFilters.length) {
+    void rootQuery.andWhere((andQb) => {
+      return orFilters.forEach((orFilter) => {
+        return void andQb.orWhere((qb) => {
+          (Object.keys(orFilter) as K[]).forEach((key) => {
+            const dbField = getAttributeField(key);
+            if (!dbField) throw new Error(`DB field not found for ${String(key)}`);
+
+            const dbValue = orFilter[key];
+            if (typeof dbValue === "string" || typeof dbValue === "number") {
+              buildKnexQuery(qb, dbField, SearchResourceOperators.$eq, dbValue);
+              return;
+            }
+
+            Object.keys(dbValue as Record<string, unknown>).forEach((el) => {
+              buildKnexQuery(
+                qb,
+                dbField,
+                el as SearchResourceOperators,
+                (dbValue as Record<SearchResourceOperators, unknown>)[el as SearchResourceOperators]
+              );
+            });
+          });
+        });
+      });
+    });
+  }
+};
--- a/backend/src/lib/search-resource/search.ts
+++ b/backend/src/lib/search-resource/search.ts
@ -0,0 +1,43 @@
+import { z } from "zod";
+
+export enum SearchResourceOperators {
+  $eq = "$eq",
+  $neq = "$neq",
+  $in = "$in",
+  $contains = "$contains"
+}
+
+export const SearchResourceOperatorSchema = z.union([
+  z.string(),
+  z.number(),
+  z
+    .object({
+      [SearchResourceOperators.$eq]: z.string().optional(),
+      [SearchResourceOperators.$neq]: z.string().optional(),
+      [SearchResourceOperators.$in]: z.string().array().optional(),
+      [SearchResourceOperators.$contains]: z.string().array().optional()
+    })
+    .partial()
+]);
+
+export type TSearchResourceOperator = z.infer<typeof SearchResourceOperatorSchema>;
+
+export type TSearchResource = {
+  [k: string]: z.ZodOptional<
+    z.ZodUnion<
+      [
+        z.ZodEffects<z.ZodString | z.ZodNumber>,
+        z.ZodObject<{
+          [SearchResourceOperators.$eq]?: z.ZodOptional<z.ZodEffects<z.ZodString | z.ZodNumber>>;
+          [SearchResourceOperators.$neq]?: z.ZodOptional<z.ZodEffects<z.ZodString | z.ZodNumber>>;
+          [SearchResourceOperators.$in]?: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString | z.ZodNumber>>>;
+          [SearchResourceOperators.$contains]?: z.ZodOptional<z.ZodEffects<z.ZodString>>;
+        }>
+      ]
+    >
+  >;
+};
+
+export const buildSearchZodSchema = <T extends TSearchResource>(schema: z.ZodObject<T>) => {
+  return schema.extend({ $or: schema.array().optional() }).optional();
+};
--- a/backend/src/lib/validator/validate-string.ts
+++ b/backend/src/lib/validator/validate-string.ts
@ -1,3 +1,5 @@
+import { z } from "zod";
+
 export enum CharacterType {
  Alphabets = "alphabets",
  Numbers = "numbers",
@ -101,3 +103,10 @@ export const characterValidator = (allowedCharacters: CharacterType[]) => {
    return regex.test(input);
  };
 };
+
+export const zodValidateCharacters = (allowedCharacters: CharacterType[]) => {
+  const validator = characterValidator(allowedCharacters);
+  return (schema: z.ZodString, fieldName: string) => {
+    return schema.refine(validator, { message: `${fieldName} can only contain ${allowedCharacters.join(",")}` });
+  };
+};
--- a/backend/src/server/app.ts
+++ b/backend/src/server/app.ts
@ -113,7 +113,7 @@ export const main = async ({ db, hsmModule, auditLogDb, smtp, logger, queue, key
    await server.register(fastifyErrHandler);

    // Rate limiters and security headers
-    if (appCfg.isProductionMode) {
+    if (appCfg.isProductionMode && appCfg.isCloud) {
      await server.register<FastifyRateLimitOptions>(ratelimiter, globalRateLimiterCfg());
    }

--- a/backend/src/server/routes/v1/identity-router.ts
+++ b/backend/src/server/routes/v1/identity-router.ts
@ -3,15 +3,26 @@ import { z } from "zod";
 import { IdentitiesSchema, IdentityOrgMembershipsSchema, OrgMembershipRole, OrgRolesSchema } from "@app/db/schemas";
 import { EventType } from "@app/ee/services/audit-log/audit-log-types";
 import { IDENTITIES } from "@app/lib/api-docs";
+import { buildSearchZodSchema, SearchResourceOperators } from "@app/lib/search-resource/search";
+import { OrderByDirection } from "@app/lib/types";
+import { CharacterType, zodValidateCharacters } from "@app/lib/validator/validate-string";
 import { readLimit, writeLimit } from "@app/server/config/rateLimiter";
 import { getTelemetryDistinctId } from "@app/server/lib/telemetry";
 import { verifyAuth } from "@app/server/plugins/auth/verify-auth";
 import { AuthMode } from "@app/services/auth/auth-type";
+import { OrgIdentityOrderBy } from "@app/services/identity/identity-types";
 import { isSuperAdmin } from "@app/services/super-admin/super-admin-fns";
 import { PostHogEventTypes } from "@app/services/telemetry/telemetry-types";

 import { SanitizedProjectSchema } from "../sanitizedSchemas";

+const searchResourceZodValidate = zodValidateCharacters([
+  CharacterType.AlphaNumeric,
+  CharacterType.Spaces,
+  CharacterType.Underscore,
+  CharacterType.Hyphen
+]);
+
 export const registerIdentityRouter = async (server: FastifyZodProvider) => {
  server.route({
    method: "POST",
@ -245,7 +256,7 @@ export const registerIdentityRouter = async (server: FastifyZodProvider) => {
    method: "GET",
    url: "/",
    config: {
-      rateLimit: writeLimit
+      rateLimit: readLimit
    },
    onRequest: verifyAuth([AuthMode.JWT, AuthMode.IDENTITY_ACCESS_TOKEN]),
    schema: {
@ -289,6 +300,103 @@ export const registerIdentityRouter = async (server: FastifyZodProvider) => {
    }
  });

+  server.route({
+    method: "POST",
+    url: "/search",
+    config: {
+      rateLimit: readLimit
+    },
+    onRequest: verifyAuth([AuthMode.JWT, AuthMode.IDENTITY_ACCESS_TOKEN]),
+    schema: {
+      description: "Search identities",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
+      body: z.object({
+        orderBy: z
+          .nativeEnum(OrgIdentityOrderBy)
+          .default(OrgIdentityOrderBy.Name)
+          .describe(IDENTITIES.SEARCH.orderBy)
+          .optional(),
+        orderDirection: z
+          .nativeEnum(OrderByDirection)
+          .default(OrderByDirection.ASC)
+          .describe(IDENTITIES.SEARCH.orderDirection)
+          .optional(),
+        limit: z.number().max(100).default(50).describe(IDENTITIES.SEARCH.limit),
+        offset: z.number().default(0).describe(IDENTITIES.SEARCH.offset),
+        search: buildSearchZodSchema(
+          z
+            .object({
+              name: z
+                .union([
+                  searchResourceZodValidate(z.string().max(255), "Name"),
+                  z
+                    .object({
+                      [SearchResourceOperators.$eq]: searchResourceZodValidate(z.string().max(255), "Name $eq"),
+                      [SearchResourceOperators.$contains]: searchResourceZodValidate(
+                        z.string().max(255),
+                        "Name $contains"
+                      ),
+                      [SearchResourceOperators.$in]: searchResourceZodValidate(z.string().max(255), "Name $in").array()
+                    })
+                    .partial()
+                ])
+                .describe(IDENTITIES.SEARCH.search.name),
+              role: z
+                .union([
+                  searchResourceZodValidate(z.string().max(255), "Role"),
+                  z
+                    .object({
+                      [SearchResourceOperators.$eq]: searchResourceZodValidate(z.string().max(255), "Role $eq"),
+                      [SearchResourceOperators.$in]: searchResourceZodValidate(z.string().max(255), "Role $in").array()
+                    })
+                    .partial()
+                ])
+                .describe(IDENTITIES.SEARCH.search.role)
+            })
+            .describe(IDENTITIES.SEARCH.search.desc)
+            .partial()
+        )
+      }),
+      response: {
+        200: z.object({
+          identities: IdentityOrgMembershipsSchema.extend({
+            customRole: OrgRolesSchema.pick({
+              id: true,
+              name: true,
+              slug: true,
+              permissions: true,
+              description: true
+            }).optional(),
+            identity: IdentitiesSchema.pick({ name: true, id: true }).extend({
+              authMethods: z.array(z.string())
+            })
+          }).array(),
+          totalCount: z.number()
+        })
+      }
+    },
+    handler: async (req) => {
+      const { identityMemberships, totalCount } = await server.services.identity.searchOrgIdentities({
+        actor: req.permission.type,
+        actorId: req.permission.id,
+        actorAuthMethod: req.permission.authMethod,
+        actorOrgId: req.permission.orgId,
+        searchFilter: req.body.search,
+        orgId: req.permission.orgId,
+        limit: req.body.limit,
+        offset: req.body.offset,
+        orderBy: req.body.orderBy,
+        orderDirection: req.body.orderDirection
+      });
+
+      return { identities: identityMemberships, totalCount };
+    }
+  });
+
  server.route({
    method: "GET",
    url: "/:identityId/identity-memberships",
--- a/backend/src/services/identity/identity-org-dal.ts
+++ b/backend/src/services/identity/identity-org-dal.ts
@ -14,10 +14,15 @@ import {
  TIdentityUniversalAuths,
  TOrgRoles
 } from "@app/db/schemas";
-import { DatabaseError } from "@app/lib/errors";
+import { BadRequestError, DatabaseError } from "@app/lib/errors";
 import { ormify, selectAllTableCols, sqlNestRelationships } from "@app/lib/knex";
+import { buildKnexFilterForSearchResource } from "@app/lib/search-resource/db";
 import { OrderByDirection } from "@app/lib/types";
-import { OrgIdentityOrderBy, TListOrgIdentitiesByOrgIdDTO } from "@app/services/identity/identity-types";
+import {
+  OrgIdentityOrderBy,
+  TListOrgIdentitiesByOrgIdDTO,
+  TSearchOrgIdentitiesByOrgIdDAL
+} from "@app/services/identity/identity-types";

 import { buildAuthMethods } from "./identity-fns";

@ -195,7 +200,6 @@ export const identityOrgDALFactory = (db: TDbClient) => {
          "paginatedIdentity.identityId",
          `${TableName.IdentityJwtAuth}.identityId`
        )
-
        .select(
          db.ref("id").withSchema("paginatedIdentity"),
          db.ref("role").withSchema("paginatedIdentity"),
@ -309,6 +313,214 @@ export const identityOrgDALFactory = (db: TDbClient) => {
    }
  };

+  const searchIdentities = async (
+    {
+      limit,
+      offset = 0,
+      orderBy = OrgIdentityOrderBy.Name,
+      orderDirection = OrderByDirection.ASC,
+      searchFilter,
+      orgId
+    }: TSearchOrgIdentitiesByOrgIdDAL,
+    tx?: Knex
+  ) => {
+    try {
+      const searchQuery = (tx || db.replicaNode())(TableName.IdentityOrgMembership)
+        .join(TableName.Identity, `${TableName.Identity}.id`, `${TableName.IdentityOrgMembership}.identityId`)
+        .where(`${TableName.IdentityOrgMembership}.orgId`, orgId)
+        .leftJoin(TableName.OrgRoles, `${TableName.IdentityOrgMembership}.roleId`, `${TableName.OrgRoles}.id`)
+        .orderBy(`${TableName.Identity}.${orderBy}`, orderDirection)
+        .select(`${TableName.IdentityOrgMembership}.id`)
+        .select<{ id: string; total_count: string }>(
+          db.raw(
+            `count(${TableName.IdentityOrgMembership}."identityId") OVER(PARTITION BY ${TableName.IdentityOrgMembership}."orgId") as total_count`
+          )
+        )
+        .as("searchedIdentities");
+
+      if (searchFilter) {
+        buildKnexFilterForSearchResource(searchQuery, searchFilter, (attr) => {
+          switch (attr) {
+            case "role":
+              return [`${TableName.OrgRoles}.slug`, `${TableName.IdentityOrgMembership}.role`];
+            case "name":
+              return `${TableName.Identity}.name`;
+            default:
+              throw new BadRequestError({ message: `Invalid ${String(attr)} provided` });
+          }
+        });
+      }
+
+      if (limit) {
+        void searchQuery.offset(offset).limit(limit);
+      }
+
+      type TSubquery = Awaited<typeof searchQuery>;
+      const query = (tx || db.replicaNode())(TableName.IdentityOrgMembership)
+        .where(`${TableName.IdentityOrgMembership}.orgId`, orgId)
+        .join<TSubquery>(searchQuery, `${TableName.IdentityOrgMembership}.id`, "searchedIdentities.id")
+        .join(TableName.Identity, `${TableName.IdentityOrgMembership}.identityId`, `${TableName.Identity}.id`)
+        .leftJoin(TableName.OrgRoles, `${TableName.IdentityOrgMembership}.roleId`, `${TableName.OrgRoles}.id`)
+        .leftJoin(TableName.IdentityMetadata, (queryBuilder) => {
+          void queryBuilder
+            .on(`${TableName.IdentityOrgMembership}.identityId`, `${TableName.IdentityMetadata}.identityId`)
+            .andOn(`${TableName.IdentityOrgMembership}.orgId`, `${TableName.IdentityMetadata}.orgId`);
+        })
+        .leftJoin(
+          TableName.IdentityUniversalAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityUniversalAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityGcpAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityGcpAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityAwsAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityAwsAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityKubernetesAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityKubernetesAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityOidcAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityOidcAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityAzureAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityAzureAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityTokenAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityTokenAuth}.identityId`
+        )
+        .leftJoin(
+          TableName.IdentityJwtAuth,
+          `${TableName.IdentityOrgMembership}.identityId`,
+          `${TableName.IdentityJwtAuth}.identityId`
+        )
+        .select(
+          db.ref("id").withSchema(TableName.IdentityOrgMembership),
+          db.ref("total_count").withSchema("searchedIdentities"),
+          db.ref("role").withSchema(TableName.IdentityOrgMembership),
+          db.ref("roleId").withSchema(TableName.IdentityOrgMembership),
+          db.ref("orgId").withSchema(TableName.IdentityOrgMembership),
+          db.ref("createdAt").withSchema(TableName.IdentityOrgMembership),
+          db.ref("updatedAt").withSchema(TableName.IdentityOrgMembership),
+          db.ref("identityId").withSchema(TableName.IdentityOrgMembership).as("identityId"),
+          db.ref("name").withSchema(TableName.Identity).as("identityName"),
+
+          db.ref("id").as("uaId").withSchema(TableName.IdentityUniversalAuth),
+          db.ref("id").as("gcpId").withSchema(TableName.IdentityGcpAuth),
+          db.ref("id").as("awsId").withSchema(TableName.IdentityAwsAuth),
+          db.ref("id").as("kubernetesId").withSchema(TableName.IdentityKubernetesAuth),
+          db.ref("id").as("oidcId").withSchema(TableName.IdentityOidcAuth),
+          db.ref("id").as("azureId").withSchema(TableName.IdentityAzureAuth),
+          db.ref("id").as("tokenId").withSchema(TableName.IdentityTokenAuth),
+          db.ref("id").as("jwtId").withSchema(TableName.IdentityJwtAuth)
+        )
+        // cr stands for custom role
+        .select(db.ref("id").as("crId").withSchema(TableName.OrgRoles))
+        .select(db.ref("name").as("crName").withSchema(TableName.OrgRoles))
+        .select(db.ref("slug").as("crSlug").withSchema(TableName.OrgRoles))
+        .select(db.ref("description").as("crDescription").withSchema(TableName.OrgRoles))
+        .select(db.ref("permissions").as("crPermission").withSchema(TableName.OrgRoles))
+        .select(db.ref("permissions").as("crPermission").withSchema(TableName.OrgRoles))
+        .select(
+          db.ref("id").withSchema(TableName.IdentityMetadata).as("metadataId"),
+          db.ref("key").withSchema(TableName.IdentityMetadata).as("metadataKey"),
+          db.ref("value").withSchema(TableName.IdentityMetadata).as("metadataValue")
+        );
+
+      if (orderBy === OrgIdentityOrderBy.Name) {
+        void query.orderBy("identityName", orderDirection);
+      }
+
+      const docs = await query;
+      const formattedDocs = sqlNestRelationships({
+        data: docs,
+        key: "id",
+        parentMapper: ({
+          crId,
+          crDescription,
+          crSlug,
+          crPermission,
+          crName,
+          identityId,
+          identityName,
+          role,
+          roleId,
+          total_count,
+          id,
+          uaId,
+          awsId,
+          gcpId,
+          jwtId,
+          kubernetesId,
+          oidcId,
+          azureId,
+          tokenId,
+          createdAt,
+          updatedAt
+        }) => ({
+          role,
+          roleId,
+          identityId,
+          id,
+          total_count: total_count as string,
+          orgId,
+          createdAt,
+          updatedAt,
+          customRole: roleId
+            ? {
+                id: crId,
+                name: crName,
+                slug: crSlug,
+                permissions: crPermission,
+                description: crDescription
+              }
+            : undefined,
+          identity: {
+            id: identityId,
+            name: identityName,
+            authMethods: buildAuthMethods({
+              uaId,
+              awsId,
+              gcpId,
+              kubernetesId,
+              oidcId,
+              azureId,
+              tokenId,
+              jwtId
+            })
+          }
+        }),
+        childrenMapper: [
+          {
+            key: "metadataId",
+            label: "metadata" as const,
+            mapper: ({ metadataKey, metadataValue, metadataId }) => ({
+              id: metadataId,
+              key: metadataKey,
+              value: metadataValue
+            })
+          }
+        ]
+      });
+
+      return { docs: formattedDocs, totalCount: Number(formattedDocs?.[0]?.total_count ?? 0) };
+    } catch (error) {
+      throw new DatabaseError({ error, name: "FindByOrgId" });
+    }
+  };
+
  const countAllOrgIdentities = async (
    { search, ...filter }: Partial<TIdentityOrgMemberships> & Pick<TListOrgIdentitiesByOrgIdDTO, "search">,
    tx?: Knex
@ -331,5 +543,5 @@ export const identityOrgDALFactory = (db: TDbClient) => {
    }
  };

-  return { ...identityOrgOrm, find, findOne, countAllOrgIdentities };
+  return { ...identityOrgOrm, find, findOne, countAllOrgIdentities, searchIdentities };
 };
--- a/backend/src/services/identity/identity-service.ts
+++ b/backend/src/services/identity/identity-service.ts
@ -21,6 +21,7 @@ import {
  TGetIdentityByIdDTO,
  TListOrgIdentitiesByOrgIdDTO,
  TListProjectIdentitiesByIdentityIdDTO,
+  TSearchOrgIdentitiesByOrgIdDTO,
  TUpdateIdentityDTO
 } from "./identity-types";

@ -288,6 +289,33 @@ export const identityServiceFactory = ({
    return { identityMemberships, totalCount };
  };

+  const searchOrgIdentities = async ({
+    orgId,
+    actor,
+    actorId,
+    actorAuthMethod,
+    actorOrgId,
+    limit,
+    offset,
+    orderBy,
+    orderDirection,
+    searchFilter = {}
+  }: TSearchOrgIdentitiesByOrgIdDTO) => {
+    const { permission } = await permissionService.getOrgPermission(actor, actorId, orgId, actorAuthMethod, actorOrgId);
+    ForbiddenError.from(permission).throwUnlessCan(OrgPermissionIdentityActions.Read, OrgPermissionSubjects.Identity);
+
+    const { totalCount, docs } = await identityOrgMembershipDAL.searchIdentities({
+      orgId,
+      limit,
+      offset,
+      orderBy,
+      orderDirection,
+      searchFilter
+    });
+
+    return { identityMemberships: docs, totalCount };
+  };
+
  const listProjectIdentitiesByIdentityId = async ({
    identityId,
    actor,
@ -317,6 +345,7 @@ export const identityServiceFactory = ({
    deleteIdentity,
    listOrgIdentities,
    getIdentityById,
+    searchOrgIdentities,
    listProjectIdentitiesByIdentityId
  };
 };
--- a/backend/src/services/identity/identity-types.ts
+++ b/backend/src/services/identity/identity-types.ts
@ -1,4 +1,5 @@
 import { IPType } from "@app/lib/ip";
+import { TSearchResourceOperator } from "@app/lib/search-resource/search";
 import { OrderByDirection, TOrgPermission } from "@app/lib/types";

 export type TCreateIdentityDTO = {
@ -46,3 +47,17 @@ export enum OrgIdentityOrderBy {
  Name = "name"
  // Role = "role"
 }
+
+export type TSearchOrgIdentitiesByOrgIdDAL = {
+  limit?: number;
+  offset?: number;
+  orderBy?: OrgIdentityOrderBy;
+  orderDirection?: OrderByDirection;
+  orgId: string;
+  searchFilter?: Partial<{
+    name: Omit<TSearchResourceOperator, "number">;
+    role: Omit<TSearchResourceOperator, "number">;
+  }>;
+};
+
+export type TSearchOrgIdentitiesByOrgIdDTO = TSearchOrgIdentitiesByOrgIdDAL & TOrgPermission;
--- a/cli/packages/cmd/root.go
+++ b/cli/packages/cmd/root.go
@ -50,7 +50,7 @@ func init() {

 		config.INFISICAL_URL = util.AppendAPIEndpoint(config.INFISICAL_URL)

-		util.DisplayAptInstallationChangeBanner(silent)
+		// util.DisplayAptInstallationChangeBanner(silent)
 		if !util.IsRunningInDocker() && !silent {
 			util.CheckForUpdate()
 		}
--- a/cli/scripts/install-cli-deb.sh
+++ b/cli/scripts/install-cli-deb.sh
--- a/cli/upload_to_cloudsmith.sh
+++ b/cli/upload_to_cloudsmith.sh
@ -1,8 +1,8 @@
 cd dist
-# for i in *.apk; do
-#     [ -f "$i" ] || break
-#     cloudsmith push alpine --republish infisical/infisical-cli/alpine/any-version $i
-# done
+for i in *.apk; do
+    [ -f "$i" ] || break
+    cloudsmith push alpine --republish infisical/infisical-cli/alpine/any-version $i
+done

 # for i in *.deb; do
 #     [ -f "$i" ] || break
@ -15,7 +15,7 @@ for i in *.deb; do
 done


-# for i in *.rpm; do
-#     [ -f "$i" ] || break
-#     cloudsmith push rpm --republish infisical/infisical-cli/any-distro/any-version $i
-# done
+for i in *.rpm; do
+    [ -f "$i" ] || break
+    cloudsmith push rpm --republish infisical/infisical-cli/any-distro/any-version $i
+done
--- a/docs/api-reference/endpoints/identities/search.mdx
+++ b/docs/api-reference/endpoints/identities/search.mdx
@ -0,0 +1,4 @@
+---
+title: "Search"
+openapi: "POST /api/v1/identities/search"
+---
--- a/docs/cli/overview.mdx
+++ b/docs/cli/overview.mdx
@ -8,6 +8,11 @@ You can use it across various environments, whether it's local development, CI/C

 ## Installation

+<Warning>
+	As of 04/08/25, all future releases for Debian/Ubuntu will be distributed via the official Infisical repository at https://artifacts-cli.infisical.com.
+	No new releases will be published for Debian/Ubuntu on Cloudsmith going forward.
+</Warning>
+
 <Tabs>
  <Tab title="MacOS">
  	Use [brew](https://brew.sh/) package manager
@ -93,11 +98,12 @@ You can use it across various environments, whether it's local development, CI/C
 		</Tip>
   </Tab>
 	 <Tab title="Debian/Ubuntu">
+
 	 	Add Infisical repository 
 			
 		```bash
 		curl -1sLf \
-		'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' \
+		'https://artifacts-cli.infisical.com/setup.deb.sh' \
 		| sudo -E bash
 		```

--- a/docs/mint.json
+++ b/docs/mint.json
@ -582,7 +582,8 @@
            "api-reference/endpoints/identities/update",
            "api-reference/endpoints/identities/delete",
            "api-reference/endpoints/identities/get-by-id",
-            "api-reference/endpoints/identities/list"
+            "api-reference/endpoints/identities/list",
+            "api-reference/endpoints/identities/search"
          ]
        },
        {
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@ -23,6 +23,7 @@
        "@hcaptcha/react-hcaptcha": "^1.11.0",
        "@headlessui/react": "^1.7.19",
        "@hookform/resolvers": "^3.9.1",
+        "@lexical/react": "^0.29.0",
        "@lottiefiles/dotlottie-react": "^0.12.0",
        "@octokit/rest": "^21.0.2",
        "@peculiar/x509": "^1.12.3",
@ -66,6 +67,7 @@
        "jspdf": "^2.5.2",
        "jsrp": "^0.2.4",
        "jwt-decode": "^4.0.0",
+        "lexical": "^0.29.0",
        "ms": "^2.1.3",
        "nprogress": "^0.2.0",
        "picomatch": "^4.0.2",
@ -1570,6 +1572,260 @@
        }
      }
    },
+    "node_modules/@lexical/clipboard": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/clipboard/-/clipboard-0.29.0.tgz",
+      "integrity": "sha512-llxZosYCwH13p2GfPfhAinukdvAZYxWuwf5md107X80hsE8TQJj25unjqTwRKQ+w/wD+hpmBMziU8+K/WTitWQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/html": "0.29.0",
+        "@lexical/list": "0.29.0",
+        "@lexical/selection": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/code": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/code/-/code-0.29.0.tgz",
+      "integrity": "sha512-yKGzoKpyIO39Xf7OKLPpoCE5V8mTDCM3l3CDHZR3X1gM/VZQzf4jAiO3b06y9YkQ2fM8kqwchYu87wGvs8/iIQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0",
+        "prismjs": "^1.30.0"
+      }
+    },
+    "node_modules/@lexical/devtools-core": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/devtools-core/-/devtools-core-0.29.0.tgz",
+      "integrity": "sha512-uUq0m9ql/7mthp7Ho1vnG7Id6imQ5kD5mxUhX2lmgHretS+yAHGsGsGiPIVHdPWeVmUb2n4IVDJ+cJbUsUjQJw==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/html": "0.29.0",
+        "@lexical/link": "0.29.0",
+        "@lexical/mark": "0.29.0",
+        "@lexical/table": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      },
+      "peerDependencies": {
+        "react": ">=17.x",
+        "react-dom": ">=17.x"
+      }
+    },
+    "node_modules/@lexical/dragon": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/dragon/-/dragon-0.29.0.tgz",
+      "integrity": "sha512-Zaky2jd/Pp1blAZqPeGNdyhxnVL4lwVjbWPxhfS1gbW4Q5CBQ3aD3B0T4ljiKfmRNJm004LJ9q7KjhlRbREvZA==",
+      "license": "MIT",
+      "dependencies": {
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/hashtag": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/hashtag/-/hashtag-0.29.0.tgz",
+      "integrity": "sha512-fa7s0Yi2RKz/GvgT5XU9fborx6VPU3VtvvEPaIXgyd6zXZRiOhD9rGypwB3oj4fMK1ndx2dX0m7SwhMJo48D8w==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/history": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/history/-/history-0.29.0.tgz",
+      "integrity": "sha512-OrCwZycp/yaq63mw511NutkwAB+W6WSchG1xTxlLh6nbc8jnbvKhCf4CGbnrvlhD7hTuzxJ8FI9/2M/2zv/mNQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/html": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/html/-/html-0.29.0.tgz",
+      "integrity": "sha512-+jV6ijppOpxpUGeXkGssXJbsAmFALfeLrgbM0xuZbxZ7RgYZ+5Atn00WjSno7+JV5EOuRkYmCNtS1tiHtXMY1g==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/selection": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/link": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/link/-/link-0.29.0.tgz",
+      "integrity": "sha512-wGbKRF0x/6ZQHuCfr8m8qD1J0R1kFmWINBG2A1hUXPDf7UY5qm/nS2oKNDGpjiDMGwkVZ7n7WfzeBGO+KRe/Lg==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/list": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/list/-/list-0.29.0.tgz",
+      "integrity": "sha512-sWiof+i2ff8rL7KxJ3dxHLwyJfX423e1EVLmAdQEOPhyZJiNbeLTSNhNGsZ8FjFoBwvTTEDwuQZm3iT3hliKOg==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/selection": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/mark": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/mark/-/mark-0.29.0.tgz",
+      "integrity": "sha512-UB3x6pyUdpZHRqF4tiajLnC1+Umvt7x8Rkkdi29aNNvzIWniVwGkBOlmvFus7x+4dOV1D1fydwiP4m38nGgLDw==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/markdown": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/markdown/-/markdown-0.29.0.tgz",
+      "integrity": "sha512-4Od8WoDoviv9DxJZVgrIORTIAzyoGOpztbGbIBXguGmwvy7NnHQDh9fZYIYRrdI1Awp1VVGdJ3ku/7KTgSOoRw==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/code": "0.29.0",
+        "@lexical/link": "0.29.0",
+        "@lexical/list": "0.29.0",
+        "@lexical/rich-text": "0.29.0",
+        "@lexical/text": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/offset": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/offset/-/offset-0.29.0.tgz",
+      "integrity": "sha512-VyD2Ff3rBJpo++Fxvi3MNYmDELa+9nA0EgXqGRNb3MvRehRjHbaDbymtLMMHIwvbkF5lnra+ubStcTRQmoQxXw==",
+      "license": "MIT",
+      "dependencies": {
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/overflow": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/overflow/-/overflow-0.29.0.tgz",
+      "integrity": "sha512-IzH3M652Ej2gB2sK65N3yTgyiQAa3I3tqKbSnBRiXu/+isxHoCy/qRr9/kL63uy7zhGvgV+EYsoffQCawIFt8Q==",
+      "license": "MIT",
+      "dependencies": {
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/plain-text": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/plain-text/-/plain-text-0.29.0.tgz",
+      "integrity": "sha512-F5C3meDb2HmO0NmKJBVRkjmX9PNln6O1jXU/APJuSFBdvfcIWSY58ncHR4zy2M5LF1Q5PQMWyIay9p+SqOtY5A==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/clipboard": "0.29.0",
+        "@lexical/selection": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/react": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/react/-/react-0.29.0.tgz",
+      "integrity": "sha512-YMlnljW/jxmwSzsRv5UPatfOoMZXqxFmRIEltTUIQfrOFdqn+ssUtCpjE6xRD1oxD6KpSIekakzLs+y/8+7CuQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/devtools-core": "0.29.0",
+        "@lexical/dragon": "0.29.0",
+        "@lexical/hashtag": "0.29.0",
+        "@lexical/history": "0.29.0",
+        "@lexical/link": "0.29.0",
+        "@lexical/list": "0.29.0",
+        "@lexical/mark": "0.29.0",
+        "@lexical/markdown": "0.29.0",
+        "@lexical/overflow": "0.29.0",
+        "@lexical/plain-text": "0.29.0",
+        "@lexical/rich-text": "0.29.0",
+        "@lexical/table": "0.29.0",
+        "@lexical/text": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "@lexical/yjs": "0.29.0",
+        "lexical": "0.29.0",
+        "react-error-boundary": "^3.1.4"
+      },
+      "peerDependencies": {
+        "react": ">=17.x",
+        "react-dom": ">=17.x"
+      }
+    },
+    "node_modules/@lexical/rich-text": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/rich-text/-/rich-text-0.29.0.tgz",
+      "integrity": "sha512-fSKgXGxJUOWo7dwSTUYFVBNNk4pPN8norsZfdmKM1kGDS1/GKuVzlzHLKZ7rQb8RLD5a43p4ifEL+28P+q0Qqg==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/clipboard": "0.29.0",
+        "@lexical/selection": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/selection": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/selection/-/selection-0.29.0.tgz",
+      "integrity": "sha512-lX9CRrXgKte65cozTHFXwUJ2fvZD92OEtos+YU+U40GJjf3NdheGeKDxDfOpF4AXrYRSszY7E0CzmIvuEs0p4A==",
+      "license": "MIT",
+      "dependencies": {
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/table": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/table/-/table-0.29.0.tgz",
+      "integrity": "sha512-Jdj32kBDeJh/0dGaZB14JggnEIS956/cN7grnLr7cmhhVzDicvLMBENSXQVEJAQVcSIU4G9EvxC7GJZ9VgqDnA==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/clipboard": "0.29.0",
+        "@lexical/utils": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/text": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/text/-/text-0.29.0.tgz",
+      "integrity": "sha512-QnNGr6ickTLk76o3PdxJjPwt//dpuh8idVfR73WdCIoAwkhiEPUxxTZERoMsudXj6O/lJ+/HhI61wVjLckYr3A==",
+      "license": "MIT",
+      "dependencies": {
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/utils": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/utils/-/utils-0.29.0.tgz",
+      "integrity": "sha512-y2hhWQDjcXdplsAaQMuZx6ht9u1I4BV5NynA+WKoQ3h8vKxzeDnpCxVOK/zxU1R5dhM/nilnFu7uhvrSeEn+TQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/list": "0.29.0",
+        "@lexical/selection": "0.29.0",
+        "@lexical/table": "0.29.0",
+        "lexical": "0.29.0"
+      }
+    },
+    "node_modules/@lexical/yjs": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/@lexical/yjs/-/yjs-0.29.0.tgz",
+      "integrity": "sha512-6IXWWlGkVJEzWP/+LcuKYJ9jmcFp8k7TT/jmz4V5gBD9Ut3swOGsIA/sQCtB9y7jad10csaDVmFdFzGNWKVH9A==",
+      "license": "MIT",
+      "dependencies": {
+        "@lexical/offset": "0.29.0",
+        "@lexical/selection": "0.29.0",
+        "lexical": "0.29.0"
+      },
+      "peerDependencies": {
+        "yjs": ">=13.5.22"
+      }
+    },
    "node_modules/@lottiefiles/dotlottie-react": {
      "version": "0.12.0",
      "resolved": "https://registry.npmjs.org/@lottiefiles/dotlottie-react/-/dotlottie-react-0.12.0.tgz",
@ -8871,6 +9127,17 @@
        "node": ">=10"
      }
    },
+    "node_modules/isomorphic.js": {
+      "version": "0.2.5",
+      "resolved": "https://registry.npmjs.org/isomorphic.js/-/isomorphic.js-0.2.5.tgz",
+      "integrity": "sha512-PIeMbHqMt4DnUP3MA/Flc0HElYjMXArsw1qwJZcm9sqR8mq3l8NYizFMty0pWwE/tzIGH3EKK5+jes5mAr85yw==",
+      "license": "MIT",
+      "peer": true,
+      "funding": {
+        "type": "GitHub Sponsors ❤",
+        "url": "https://github.com/sponsors/dmonad"
+      }
+    },
    "node_modules/iterator.prototype": {
      "version": "1.1.4",
      "resolved": "https://registry.npmjs.org/iterator.prototype/-/iterator.prototype-1.1.4.tgz",
@ -9100,6 +9367,34 @@
        "node": ">= 0.8.0"
      }
    },
+    "node_modules/lexical": {
+      "version": "0.29.0",
+      "resolved": "https://registry.npmjs.org/lexical/-/lexical-0.29.0.tgz",
+      "integrity": "sha512-eoBHUEn0LmExKeK6x2cFKU0FPaMk2Bc5HgiCzTiv5ymKtwWw7LeKcxaNPmLxRRdQpcWV1IMKjayAbw7Lt/Gu7w==",
+      "license": "MIT"
+    },
+    "node_modules/lib0": {
+      "version": "0.2.102",
+      "resolved": "https://registry.npmjs.org/lib0/-/lib0-0.2.102.tgz",
+      "integrity": "sha512-g70kydI0I1sZU0ChO8mBbhw0oUW/8U0GHzygpvEIx8k+jgOpqnTSb/E+70toYVqHxBhrERD21TwD5QcZJQ40ZQ==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "isomorphic.js": "^0.2.4"
+      },
+      "bin": {
+        "0ecdsa-generate-keypair": "bin/0ecdsa-generate-keypair.js",
+        "0gentesthtml": "bin/gentesthtml.js",
+        "0serve": "bin/0serve.js"
+      },
+      "engines": {
+        "node": ">=16"
+      },
+      "funding": {
+        "type": "GitHub Sponsors ❤",
+        "url": "https://github.com/sponsors/dmonad"
+      }
+    },
    "node_modules/lilconfig": {
      "version": "3.1.3",
      "resolved": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.3.tgz",
@ -10857,6 +11152,15 @@
        }
      }
    },
+    "node_modules/prismjs": {
+      "version": "1.30.0",
+      "resolved": "https://registry.npmjs.org/prismjs/-/prismjs-1.30.0.tgz",
+      "integrity": "sha512-DEvV2ZF2r2/63V+tK8hQvrR2ZGn10srHbXviTlcv7Kpzw8jWiNTqbVgjO3IY8RxrrOUF8VPMQQFysYYYv0YZxw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
    "node_modules/process": {
      "version": "0.11.10",
      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
@ -11142,6 +11446,22 @@
        "react": "^18.3.1"
      }
    },
+    "node_modules/react-error-boundary": {
+      "version": "3.1.4",
+      "resolved": "https://registry.npmjs.org/react-error-boundary/-/react-error-boundary-3.1.4.tgz",
+      "integrity": "sha512-uM9uPzZJTF6wRQORmSrvOIgt4lJ9MC1sNgEOj2XGsDTRE4kmpWxg7ENK9EWNKJRMAOY9z0MuF4yIfl6gp4sotA==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/runtime": "^7.12.5"
+      },
+      "engines": {
+        "node": ">=10",
+        "npm": ">=6"
+      },
+      "peerDependencies": {
+        "react": ">=16.13.1"
+      }
+    },
    "node_modules/react-fast-compare": {
      "version": "3.2.2",
      "resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.2.tgz",
@ -13587,9 +13907,9 @@
      }
    },
    "node_modules/vite": {
-      "version": "5.4.14",
-      "resolved": "https://registry.npmjs.org/vite/-/vite-5.4.14.tgz",
-      "integrity": "sha512-EK5cY7Q1D8JNhSaPKVK4pwBFvaTmZxEnoKXLG/U9gmdDcihQGNzFlgIvaxezFR4glP1LsuiedwMBqCXH3wZccA==",
+      "version": "5.4.16",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-5.4.16.tgz",
+      "integrity": "sha512-Y5gnfp4NemVfgOTDQAunSD4346fal44L9mszGGY/e+qxsRT5y1sMlS/8tiQ8AFAp+MFgYNSINdfEchJiPm41vQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
@ -14131,6 +14451,24 @@
        "node": ">=8"
      }
    },
+    "node_modules/yjs": {
+      "version": "13.6.24",
+      "resolved": "https://registry.npmjs.org/yjs/-/yjs-13.6.24.tgz",
+      "integrity": "sha512-xn/pYLTZa3uD1uDG8lpxfLRo5SR/rp0frdASOl2a71aYNvUXdWcLtVL91s2y7j+Q8ppmjZ9H3jsGVgoFMbT2VA==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "lib0": "^0.2.99"
+      },
+      "engines": {
+        "node": ">=16.0.0",
+        "npm": ">=8.0.0"
+      },
+      "funding": {
+        "type": "GitHub Sponsors ❤",
+        "url": "https://github.com/sponsors/dmonad"
+      }
+    },
    "node_modules/yocto-queue": {
      "version": "0.1.0",
      "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
--- a/frontend/package.json
+++ b/frontend/package.json
@ -27,6 +27,7 @@
    "@hcaptcha/react-hcaptcha": "^1.11.0",
    "@headlessui/react": "^1.7.19",
    "@hookform/resolvers": "^3.9.1",
+    "@lexical/react": "^0.29.0",
    "@lottiefiles/dotlottie-react": "^0.12.0",
    "@octokit/rest": "^21.0.2",
    "@peculiar/x509": "^1.12.3",
@ -70,6 +71,7 @@
    "jspdf": "^2.5.2",
    "jsrp": "^0.2.4",
    "jwt-decode": "^4.0.0",
+    "lexical": "^0.29.0",
    "ms": "^2.1.3",
    "nprogress": "^0.2.0",
    "picomatch": "^4.0.2",
--- a/frontend/src/components/v2/Editor/Editor.tsx
+++ b/frontend/src/components/v2/Editor/Editor.tsx
@ -0,0 +1,159 @@
+/* eslint-disable no-underscore-dangle */
+import { forwardRef, InputHTMLAttributes } from "react";
+import { InitialConfigType, LexicalComposer } from "@lexical/react/LexicalComposer";
+import { ContentEditable } from "@lexical/react/LexicalContentEditable";
+import { LexicalErrorBoundary } from "@lexical/react/LexicalErrorBoundary";
+import { OnChangePlugin } from "@lexical/react/LexicalOnChangePlugin";
+import { PlainTextPlugin } from "@lexical/react/LexicalPlainTextPlugin";
+import { ReactNode } from "@tanstack/react-router";
+import { cva, VariantProps } from "cva";
+import { EditorState, LexicalEditor } from "lexical";
+import { twMerge } from "tailwind-merge";
+
+import { HighlightNode } from "./EditorHighlight";
+import { EditorPlaceholderPlugin } from "./EditorPlaceholderPlugin";
+
+// Catch any errors that occur during Lexical updates and log them
+// or throw them as needed. If you don't throw them, Lexical will
+// try to recover gracefully without losing user data.
+function onError(error: Error) {
+  console.error(error);
+}
+
+const inputVariants = cva(
+  "input w-full py-[0.375rem] text-gray-400 placeholder:text-sm placeholder-gray-500 placeholder-opacity-50 outline-none focus:ring-2 hover:ring-bunker-400/60 duration-100",
+  {
+    variants: {
+      size: {
+        xs: ["text-xs"],
+        sm: ["text-sm"],
+        md: ["text-md"],
+        lg: ["text-lg"]
+      },
+      isRounded: {
+        true: ["rounded-md"],
+        false: ""
+      },
+      variant: {
+        filled: ["bg-mineshaft-900", "text-gray-400"],
+        outline: ["bg-transparent"],
+        plain: "bg-transparent outline-none"
+      },
+      isError: {
+        true: "focus:ring-red/50 placeholder-red-300",
+        false: "focus:ring-primary-400/50 focus:ring-1"
+      }
+    },
+    compoundVariants: []
+  }
+);
+
+const inputParentContainerVariants = cva("inline-flex font-inter items-center border relative", {
+  variants: {
+    isRounded: {
+      true: ["rounded-md"],
+      false: ""
+    },
+    isError: {
+      true: "border-red",
+      false: "border-mineshaft-500"
+    },
+    isFullWidth: {
+      true: "w-full",
+      false: ""
+    },
+    variant: {
+      filled: ["bg-bunker-800", "text-gray-400"],
+      outline: ["bg-transparent"],
+      plain: "border-none"
+    }
+  }
+});
+
+type Props = Omit<
+  InputHTMLAttributes<HTMLDivElement>,
+  "size" | "onChange" | "placeholder" | "aria-placeholder"
+> &
+  VariantProps<typeof inputVariants> & {
+    children?: ReactNode;
+    namespace?: string;
+    placeholder?: string;
+    isFullWidth?: boolean;
+    isRequired?: boolean;
+    leftIcon?: ReactNode;
+    rightIcon?: ReactNode;
+    isDisabled?: boolean;
+    isReadOnly?: boolean;
+    containerClassName?: string;
+    onChange: (editorState: EditorState, editor: LexicalEditor, tags: Set<string>) => void;
+    initialValue?: string;
+  };
+
+export const Editor = forwardRef<HTMLDivElement, Props>(
+  (
+    {
+      children,
+      namespace = "infisical-editor",
+      className,
+      containerClassName,
+      isRounded = true,
+      isFullWidth = true,
+      isDisabled,
+      isError = false,
+      isRequired,
+      leftIcon,
+      rightIcon,
+      variant = "filled",
+      size = "md",
+      isReadOnly,
+      placeholder,
+      onChange,
+      ...props
+    },
+    ref
+  ) => {
+    const initialConfig: InitialConfigType = {
+      namespace,
+      onError,
+      nodes: [HighlightNode]
+    };
+
+    return (
+      <div
+        className={inputParentContainerVariants({
+          isRounded,
+          isError,
+          isFullWidth,
+          variant,
+          className: containerClassName
+        })}
+      >
+        {leftIcon && <span className="absolute left-0 ml-3 text-sm">{leftIcon}</span>}
+        <LexicalComposer initialConfig={initialConfig}>
+          <PlainTextPlugin
+            contentEditable={
+              <ContentEditable
+                ref={ref}
+                aria-required={isRequired}
+                readOnly={isReadOnly}
+                disabled={isDisabled}
+                className={twMerge(
+                  leftIcon ? "pl-10" : "pl-2.5",
+                  rightIcon ? "pr-10" : "pr-2.5",
+                  inputVariants({ className, isError, size, isRounded, variant })
+                )}
+                {...props}
+                placeholder={null}
+              />
+            }
+            ErrorBoundary={LexicalErrorBoundary}
+          />
+          <OnChangePlugin onChange={onChange} />
+          <EditorPlaceholderPlugin placeholder={placeholder} />
+          {children}
+        </LexicalComposer>
+        {rightIcon && <span className="absolute right-0 mr-3">{rightIcon}</span>}
+      </div>
+    );
+  }
+);
--- a/frontend/src/components/v2/Editor/EditorHighlight.tsx
+++ b/frontend/src/components/v2/Editor/EditorHighlight.tsx
@ -0,0 +1,127 @@
+/* eslint-disable no-underscore-dangle,@typescript-eslint/class-methods-use-this */
+import { useCallback, useEffect } from "react";
+import { useLexicalComposerContext } from "@lexical/react/LexicalComposerContext";
+import { useLexicalTextEntity } from "@lexical/react/useLexicalTextEntity";
+import {
+  $applyNodeReplacement,
+  EditorConfig,
+  LexicalNode,
+  SerializedTextNode,
+  Spread,
+  TextNode
+} from "lexical";
+
+type HighlightTheme = { contentClassName: string };
+type Trigger = { startTrigger: string; endTrigger: string };
+
+export type SerializedHighlightNode = Spread<
+  {
+    __highlightTheme: HighlightTheme;
+    __trigger: Trigger;
+  },
+  SerializedTextNode
+>;
+
+export class HighlightNode extends TextNode {
+  __highlightTheme: HighlightTheme;
+  __trigger: Trigger;
+
+  constructor(
+    text: string,
+    highlightTheme: HighlightTheme = {
+      contentClassName: "ph-no-capture text-yellow-200/80"
+    },
+    trigger: Trigger = { startTrigger: "${", endTrigger: "}" },
+    key?: string
+  ) {
+    super(text, key);
+    this.__highlightTheme = highlightTheme;
+    this.__trigger = trigger;
+  }
+
+  static getType(): string {
+    return "highlight";
+  }
+
+  static clone(node: HighlightNode): HighlightNode {
+    return new HighlightNode(node.__text, node.__highlightTheme, node.__trigger, node.__key);
+  }
+
+  static importJSON(serializedNode: SerializedHighlightNode): HighlightNode {
+    return $applyNodeReplacement(new HighlightNode("")).updateFromJSON(serializedNode);
+  }
+
+  createDOM(config: EditorConfig): HTMLElement {
+    const dom = super.createDOM(config);
+    dom.style.cursor = "default";
+    dom.className = this.__highlightTheme.contentClassName;
+    return dom;
+  }
+
+  canInsertTextBefore(): boolean {
+    return false;
+  }
+
+  canInsertTextAfter(): boolean {
+    return false;
+  }
+
+  isTextEntity(): true {
+    return true;
+  }
+}
+
+export function $createKeywordNode(keyword: string = ""): HighlightNode {
+  return $applyNodeReplacement(new HighlightNode(keyword));
+}
+
+export function $isKeywordNode(node: LexicalNode | null | undefined): boolean {
+  return node instanceof HighlightNode;
+}
+
+type Props = {
+  contentClassName?: string;
+  startTrigger?: string;
+  endTrigger?: string;
+};
+
+export const EditorHighlightPlugin = ({
+  endTrigger = "}",
+  startTrigger = "${",
+  contentClassName = "ph-no-capture text-yellow-200/80"
+}: Props) => {
+  const [editor] = useLexicalComposerContext();
+
+  useEffect(() => {
+    if (!editor.hasNodes([HighlightNode])) {
+      throw new Error("HighlightsPlugin: HighlightsNode not registered on editor");
+    }
+  }, [editor]);
+
+  const createKeywordNode = useCallback((textNode: TextNode): HighlightNode => {
+    return $applyNodeReplacement(
+      new HighlightNode(
+        textNode.getTextContent(),
+        { contentClassName },
+        { startTrigger, endTrigger }
+      )
+    );
+  }, []);
+
+  const getKeywordMatch = useCallback((text: string) => {
+    for (let i = 0; i < text.length; i += 1) {
+      if (text.slice(i, i + 2) === startTrigger) {
+        const closingBracketIndex = text.indexOf(endTrigger, i + 2);
+        if (closingBracketIndex !== -1) {
+          return { start: i, end: closingBracketIndex + 1 };
+        }
+        return null;
+      }
+    }
+    return null;
+  }, []);
+
+  useLexicalTextEntity<HighlightNode>(getKeywordMatch, HighlightNode, createKeywordNode);
+
+  return null;
+};
--- a/frontend/src/components/v2/Editor/EditorPlaceholderPlugin.tsx
+++ b/frontend/src/components/v2/Editor/EditorPlaceholderPlugin.tsx
@ -0,0 +1,22 @@
+import { useEffect } from "react";
+import { useLexicalComposerContext } from "@lexical/react/LexicalComposerContext";
+import { useLexicalIsTextContentEmpty } from "@lexical/react/useLexicalIsTextContentEmpty";
+
+export const EditorPlaceholderPlugin = ({ placeholder }: { placeholder: string | undefined }) => {
+  const [editor] = useLexicalComposerContext();
+  const isEmpty = useLexicalIsTextContentEmpty(editor);
+
+  /* Set the placeholder on root. */
+  useEffect(() => {
+    const rootElement = editor.getRootElement() as HTMLElement;
+    if (rootElement) {
+      if (isEmpty && placeholder) {
+        rootElement.setAttribute("placeholder", placeholder);
+      } else {
+        rootElement.removeAttribute("placeholder");
+      }
+    }
+  }, [editor, isEmpty]); // eslint-disable-line
+
+  return null;
+};
--- a/frontend/src/components/v2/Editor/index.tsx
+++ b/frontend/src/components/v2/Editor/index.tsx
@ -0,0 +1,2 @@
+export { Editor } from "./Editor";
+export { EditorHighlightPlugin } from "./EditorHighlight";
--- a/frontend/src/components/v2/index.tsx
+++ b/frontend/src/components/v2/index.tsx
@ -11,6 +11,7 @@ export * from "./DatePicker";
 export * from "./DeleteActionModal";
 export * from "./Drawer";
 export * from "./Dropdown";
+export * from "./Editor";
 export * from "./EmailServiceSetupModal";
 export * from "./EmptyState";
 export * from "./FilterableSelect";
--- a/frontend/src/hooks/api/identities/index.tsx
+++ b/frontend/src/hooks/api/identities/index.tsx
@ -46,5 +46,6 @@ export {
  useGetIdentityTokenAuth,
  useGetIdentityTokensTokenAuth,
  useGetIdentityUniversalAuth,
-  useGetIdentityUniversalAuthClientSecrets
+  useGetIdentityUniversalAuthClientSecrets,
+  useSearchIdentities
 } from "./queries";
--- a/frontend/src/hooks/api/identities/queries.tsx
+++ b/frontend/src/hooks/api/identities/queries.tsx
@ -15,11 +15,13 @@ import {
  IdentityMembershipOrg,
  IdentityOidcAuth,
  IdentityTokenAuth,
-  IdentityUniversalAuth
+  IdentityUniversalAuth,
+  TSearchIdentitiesDTO
 } from "./types";

 export const identitiesKeys = {
  getIdentityById: (identityId: string) => [{ identityId }, "identity"] as const,
+  searchIdentities: (dto: TSearchIdentitiesDTO) => ["identity", "search", dto] as const,
  getIdentityUniversalAuth: (identityId: string) =>
    [{ identityId }, "identity-universal-auth"] as const,
  getIdentityUniversalAuthClientSecrets: (identityId: string) =>
@ -53,6 +55,26 @@ export const useGetIdentityById = (identityId: string) => {
  });
 };

+export const useSearchIdentities = (dto: TSearchIdentitiesDTO) => {
+  const { limit, search, offset, orderBy, orderDirection } = dto;
+  return useQuery({
+    queryKey: identitiesKeys.searchIdentities(dto),
+    queryFn: async () => {
+      const { data } = await apiRequest.post<{
+        identities: IdentityMembershipOrg[];
+        totalCount: number;
+      }>("/api/v1/identities/search", {
+        limit,
+        offset,
+        orderBy,
+        orderDirection,
+        search
+      });
+      return data;
+    }
+  });
+};
+
 export const useGetIdentityProjectMemberships = (identityId: string) => {
  return useQuery({
    enabled: Boolean(identityId),
--- a/frontend/src/hooks/api/identities/types.ts
+++ b/frontend/src/hooks/api/identities/types.ts
@ -1,3 +1,5 @@
+import { OrderByDirection } from "../generic/types";
+import { OrgIdentityOrderBy } from "../organization/types";
 import { TOrgRole } from "../roles/types";
 import { ProjectUserMembershipTemporaryMode, Workspace } from "../workspace/types";
 import { IdentityAuthMethod, IdentityJwtConfigurationType } from "./enums";
@ -540,3 +542,14 @@ export type TProjectIdentitiesList = {
  identityMemberships: IdentityMembership[];
  totalCount: number;
 };
+
+export type TSearchIdentitiesDTO = {
+  limit?: number;
+  offset?: number;
+  orderBy?: OrgIdentityOrderBy;
+  orderDirection?: OrderByDirection;
+  search: {
+    name?: { $contains: string };
+    role?: { $in: string[] };
+  };
+};
--- a/frontend/src/index.css
+++ b/frontend/src/index.css
@ -191,3 +191,10 @@ html {
 #nprogress .bar {
  @apply bg-primary-400;
 }
+
+[contentEditable="true"]:before {
+  content: attr(placeholder);
+  position: absolute;
+  top: 0.5rem;
+  @apply text-sm text-gray-500 opacity-50;
+}
--- a/frontend/src/pages/admin/OverviewPage/OverviewPage.tsx
+++ b/frontend/src/pages/admin/OverviewPage/OverviewPage.tsx
@ -33,14 +33,12 @@ import { IdentityPanel } from "@app/pages/admin/OverviewPage/components/Identity
 import { AuthPanel } from "./components/AuthPanel";
 import { EncryptionPanel } from "./components/EncryptionPanel";
 import { IntegrationPanel } from "./components/IntegrationPanel";
-import { RateLimitPanel } from "./components/RateLimitPanel";
 import { UserPanel } from "./components/UserPanel";

 enum TabSections {
  Settings = "settings",
  Encryption = "encryption",
  Auth = "auth",
-  RateLimit = "rate-limit",
  Integrations = "integrations",
  Users = "users",
  Identities = "identities",
@ -163,7 +161,6 @@ export const OverviewPage = () => {
                    <Tab value={TabSections.Settings}>General</Tab>
                    <Tab value={TabSections.Encryption}>Encryption</Tab>
                    <Tab value={TabSections.Auth}>Authentication</Tab>
-                    <Tab value={TabSections.RateLimit}>Rate Limit</Tab>
                    <Tab value={TabSections.Integrations}>Integrations</Tab>
                    <Tab value={TabSections.Users}>User Identities</Tab>
                    <Tab value={TabSections.Identities}>Machine Identities</Tab>
@ -262,7 +259,6 @@ export const OverviewPage = () => {
                              <SelectClear
                                selectValue={defaultAuthOrgId}
                                onClear={() => {
-                                  console.log("clearing");
                                  onChange("");
                                }}
                              >
@ -403,9 +399,6 @@ export const OverviewPage = () => {
                <TabPanel value={TabSections.Auth}>
                  <AuthPanel />
                </TabPanel>
-                <TabPanel value={TabSections.RateLimit}>
-                  <RateLimitPanel />
-                </TabPanel>
                <TabPanel value={TabSections.Integrations}>
                  <IntegrationPanel />
                </TabPanel>
--- a/frontend/src/pages/admin/OverviewPage/components/RateLimitPanel.tsx
+++ b/frontend/src/pages/admin/OverviewPage/components/RateLimitPanel.tsx
@ -1,240 +0,0 @@
-import { Controller, useForm } from "react-hook-form";
-import { zodResolver } from "@hookform/resolvers/zod";
-import { z } from "zod";
-
-import { UpgradePlanModal } from "@app/components/license/UpgradePlanModal";
-import { createNotification } from "@app/components/notifications";
-import { Button, ContentLoader, FormControl, Input } from "@app/components/v2";
-import { useSubscription } from "@app/context";
-import { usePopUp } from "@app/hooks";
-import { useGetRateLimit, useUpdateRateLimit } from "@app/hooks/api";
-
-const formSchema = z.object({
-  readRateLimit: z.number(),
-  writeRateLimit: z.number(),
-  secretsRateLimit: z.number(),
-  authRateLimit: z.number(),
-  inviteUserRateLimit: z.number(),
-  mfaRateLimit: z.number(),
-  publicEndpointLimit: z.number()
-});
-
-type TRateLimitForm = z.infer<typeof formSchema>;
-
-export const RateLimitPanel = () => {
-  const { data: rateLimit, isPending } = useGetRateLimit();
-  const { subscription } = useSubscription();
-  const { mutateAsync: updateRateLimit } = useUpdateRateLimit();
-  const { handlePopUpToggle, handlePopUpOpen, popUp } = usePopUp(["upgradePlan"] as const);
-
-  const {
-    control,
-    handleSubmit,
-    formState: { isSubmitting, isDirty }
-  } = useForm<TRateLimitForm>({
-    resolver: zodResolver(formSchema),
-    values: {
-      // eslint-disable-next-line
-      readRateLimit: rateLimit?.readRateLimit ?? 600,
-      writeRateLimit: rateLimit?.writeRateLimit ?? 200,
-      secretsRateLimit: rateLimit?.secretsRateLimit ?? 60,
-      authRateLimit: rateLimit?.authRateLimit ?? 60,
-      inviteUserRateLimit: rateLimit?.inviteUserRateLimit ?? 30,
-      mfaRateLimit: rateLimit?.mfaRateLimit ?? 20,
-      publicEndpointLimit: rateLimit?.publicEndpointLimit ?? 30
-    }
-  });
-
-  const onRateLimitFormSubmit = async (formData: TRateLimitForm) => {
-    try {
-      if (subscription && !subscription.customRateLimits) {
-        handlePopUpOpen("upgradePlan");
-        return;
-      }
-
-      const {
-        readRateLimit,
-        writeRateLimit,
-        secretsRateLimit,
-        authRateLimit,
-        inviteUserRateLimit,
-        mfaRateLimit,
-        publicEndpointLimit
-      } = formData;
-
-      await updateRateLimit({
-        readRateLimit,
-        writeRateLimit,
-        secretsRateLimit,
-        authRateLimit,
-        inviteUserRateLimit,
-        mfaRateLimit,
-        publicEndpointLimit
-      });
-      createNotification({
-        text: "Rate limits have been successfully updated. Please allow at least 10 minutes for the changes to take effect.",
-        type: "success"
-      });
-    } catch (e) {
-      console.error(e);
-      createNotification({
-        type: "error",
-        text: "Failed to update rate limiting setting."
-      });
-    }
-  };
-
-  return isPending ? (
-    <ContentLoader />
-  ) : (
-    <form
-      className="mb-6 rounded-lg border border-mineshaft-600 bg-mineshaft-900 p-4"
-      onSubmit={handleSubmit(onRateLimitFormSubmit)}
-    >
-      <div className="mb-8 flex flex-col justify-start">
-        <div className="mb-4 text-xl font-semibold text-mineshaft-100">Configure rate limits</div>
-        <Controller
-          control={control}
-          name="readRateLimit"
-          defaultValue={300}
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Global read requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="writeRateLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Global write requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="secretsRateLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Secret requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="authRateLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Auth requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="inviteUserRateLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="User invitation requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="mfaRateLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Multi factor auth requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-        <Controller
-          control={control}
-          defaultValue={300}
-          name="publicEndpointLimit"
-          render={({ field, fieldState: { error } }) => (
-            <FormControl
-              label="Secret sharing requests per minute"
-              className="w-72"
-              isError={Boolean(error)}
-              errorText={error?.message}
-            >
-              <Input
-                {...field}
-                value={field.value || ""}
-                onChange={(e) => field.onChange(Number(e.target.value))}
-              />
-            </FormControl>
-          )}
-        />
-      </div>
-      <Button type="submit" isLoading={isSubmitting} isDisabled={isSubmitting || !isDirty}>
-        Save
-      </Button>
-      <UpgradePlanModal
-        isOpen={popUp.upgradePlan.isOpen}
-        onOpenChange={(isOpen) => handlePopUpToggle("upgradePlan", isOpen)}
-        text="You can configure custom rate limits if you switch to Infisical's Enterprise plan."
-      />
-    </form>
-  );
-};
--- a/frontend/src/pages/organization/AccessManagementPage/components/OrgIdentityTab/components/IdentitySection/IdentityTable.tsx
+++ b/frontend/src/pages/organization/AccessManagementPage/components/OrgIdentityTab/components/IdentitySection/IdentityTable.tsx
@ -1,7 +1,10 @@
+import { useState } from "react";
+import { Controller, useForm } from "react-hook-form";
 import {
  faArrowDown,
  faArrowUp,
  faEllipsis,
+  faFilter,
  faMagnifyingGlass,
  faServer
 } from "@fortawesome/free-solid-svg-icons";
@ -12,14 +15,19 @@ import { twMerge } from "tailwind-merge";
 import { createNotification } from "@app/components/notifications";
 import { OrgPermissionCan } from "@app/components/permissions";
 import {
+  Button,
  DropdownMenu,
  DropdownMenuContent,
  DropdownMenuItem,
  DropdownMenuTrigger,
  EmptyState,
+  FormControl,
  IconButton,
  Input,
  Pagination,
+  Popover,
+  PopoverContent,
+  PopoverTrigger,
  Select,
  SelectItem,
  Spinner,
@ -30,11 +38,12 @@ import {
  Td,
  Th,
  THead,
+  Tooltip,
  Tr
 } from "@app/components/v2";
 import { OrgPermissionIdentityActions, OrgPermissionSubjects, useOrganization } from "@app/context";
 import { usePagination, useResetPageHelper } from "@app/hooks";
-import { useGetIdentityMembershipOrgs, useGetOrgRoles, useUpdateIdentity } from "@app/hooks/api";
+import { useGetOrgRoles, useSearchIdentities, useUpdateIdentity } from "@app/hooks/api";
 import { OrderByDirection } from "@app/hooks/api/generic/types";
 import { OrgIdentityOrderBy } from "@app/hooks/api/organization/types";
 import { UsePopUpState } from "@app/hooks/usePopUp";
@ -68,22 +77,22 @@ export const IdentityTable = ({ handlePopUpOpen }: Props) => {
    page,
    setPerPage
  } = usePagination<OrgIdentityOrderBy>(OrgIdentityOrderBy.Name);
+  const [filteredRoles, setFilteredRoles] = useState<string[]>([]);

  const organizationId = currentOrg?.id || "";

  const { mutateAsync: updateMutateAsync } = useUpdateIdentity();

-  const { data, isPending, isFetching } = useGetIdentityMembershipOrgs(
-    {
-      organizationId,
-      offset,
-      limit,
-      orderDirection,
-      orderBy,
-      search: debouncedSearch
-    },
-    { placeholderData: (prevData) => prevData }
-  );
+  const { data, isPending, isFetching } = useSearchIdentities({
+    offset,
+    limit,
+    orderDirection,
+    orderBy,
+    search: {
+      name: debouncedSearch ? { $contains: debouncedSearch } : undefined,
+      role: filteredRoles?.length ? { $in: filteredRoles } : undefined
+    }
+  });

  const { totalCount = 0 } = data ?? {};
  useResetPageHelper({
@ -91,6 +100,7 @@ export const IdentityTable = ({ handlePopUpOpen }: Props) => {
    offset,
    setPage
  });
+  const filterForm = useForm<{ roles: string }>();

  const { data: roles } = useGetOrgRoles(organizationId);

@ -132,13 +142,78 @@ export const IdentityTable = ({ handlePopUpOpen }: Props) => {

  return (
    <div>
-      <Input
-        containerClassName="mb-4"
-        value={search}
-        onChange={(e) => setSearch(e.target.value)}
-        leftIcon={<FontAwesomeIcon icon={faMagnifyingGlass} />}
-        placeholder="Search identities by name..."
-      />
+      <div className="mb-4 flex items-center space-x-2">
+        <Input
+          value={search}
+          onChange={(e) => setSearch(e.target.value)}
+          leftIcon={<FontAwesomeIcon icon={faMagnifyingGlass} />}
+          placeholder="Search identities by name..."
+        />
+        <div>
+          <Popover>
+            <PopoverTrigger>
+              <IconButton
+                ariaLabel="filter"
+                variant="outline_bg"
+                className={filteredRoles?.length ? "border-primary" : ""}
+              >
+                <Tooltip content="Advance Filter">
+                  <FontAwesomeIcon icon={faFilter} />
+                </Tooltip>
+              </IconButton>
+            </PopoverTrigger>
+            <PopoverContent className="w-auto border border-mineshaft-600 bg-mineshaft-800 p-2 drop-shadow-2xl">
+              <div className="mb-4 border-b border-b-gray-700 pb-2 text-sm text-mineshaft-300">
+                Advance Filter
+              </div>
+              <form
+                onSubmit={filterForm.handleSubmit((el) => {
+                  setFilteredRoles(el.roles?.split(",")?.filter(Boolean) || []);
+                })}
+              >
+                <Controller
+                  control={filterForm.control}
+                  name="roles"
+                  render={({ field, fieldState: { error } }) => (
+                    <FormControl
+                      label="Roles"
+                      helperText="Eg: admin,viewer"
+                      isError={Boolean(error?.message)}
+                      errorText={error?.message}
+                    >
+                      <Input {...field} />
+                    </FormControl>
+                  )}
+                />
+                <div className="flex items-center space-x-2">
+                  <Button
+                    type="submit"
+                    size="xs"
+                    colorSchema="primary"
+                    variant="outline_bg"
+                    className="mt-4"
+                  >
+                    Apply Filter
+                  </Button>
+                  {Boolean(filteredRoles.length) && (
+                    <Button
+                      size="xs"
+                      variant="link"
+                      className="ml-4 mt-4"
+                      onClick={() => {
+                        filterForm.reset({ roles: "" });
+                        setFilteredRoles([]);
+                      }}
+                    >
+                      Clear
+                    </Button>
+                  )}
+                </div>
+              </form>
+            </PopoverContent>
+          </Popover>
+        </div>
+      </div>
      <TableContainer>
        <Table>
          <THead>
@ -190,7 +265,7 @@ export const IdentityTable = ({ handlePopUpOpen }: Props) => {
          <TBody>
            {isPending && <TableSkeleton columns={3} innerKey="org-identities" />}
            {!isPending &&
-              data?.identityMemberships.map(({ identity: { id, name }, role, customRole }) => {
+              data?.identities?.map(({ identity: { id, name }, role, customRole }) => {
                return (
                  <Tr
                    className="h-10 cursor-pointer transition-colors duration-100 hover:bg-mineshaft-700"
@ -307,10 +382,10 @@ export const IdentityTable = ({ handlePopUpOpen }: Props) => {
            onChangePerPage={(newPerPage) => setPerPage(newPerPage)}
          />
        )}
-        {!isPending && data && data?.identityMemberships.length === 0 && (
+        {!isPending && data && data?.identities.length === 0 && (
          <EmptyState
            title={
-              debouncedSearch.trim().length > 0
+              debouncedSearch.trim().length > 0 || filteredRoles?.length > 0
                ? "No identities match search filter"
                : "No identities have been created in this organization"
            }
Author	SHA1	Message	Date
Maidul Islam	2084539f61	fix logic	2025-04-09 20:55:41 -04:00
Maidul Islam	34cf47a5eb	remove console	2025-04-09 20:47:16 -04:00
Maidul Islam	b90c6cf3fc	remove rate limits for self host	2025-04-09 20:45:51 -04:00
Maidul Islam	bbc94da522	Merge pull request #3384 from akhilmhdh/feat/win-get feat: added winget to build	2025-04-09 12:24:37 -04:00
=	8a241771ec	feat: added winget to build	2025-04-09 21:11:39 +05:30
Akhil Mohan	1f23515aac	Merge pull request #3367 from akhilmhdh/feat/syntax-highlight Add filter by role for org identity and search identity api	2025-04-09 20:02:52 +05:30
=	63dc9ec35d	feat: updated search message on empty result with role filter	2025-04-09 15:15:54 +05:30
=	1d083befe4	feat: added order by	2025-04-09 15:09:55 +05:30
=	c01e29b932	feat: rabbit review changes	2025-04-09 15:09:54 +05:30
=	3aed79071b	feat: added search endpoint to docs	2025-04-09 15:09:54 +05:30
=	140fa49871	feat: added advance filter for identities list table in org	2025-04-09 15:09:54 +05:30
=	03a3e80082	feat: completed api for new search identities	2025-04-09 15:09:54 +05:30
Maidul Islam	bfcfffbabf	update notice	2025-04-08 21:15:31 -04:00
Maidul Islam	210bd220e5	Delete .github/workflows/codeql.yml	2025-04-08 20:51:25 -04:00
Maidul Islam	7be2a10631	Merge pull request #3380 from Infisical/end-cloudsmith-publish update install scrip for deb	2025-04-08 20:49:52 -04:00
Maidul Islam	5753eb7d77	rename install file	2025-04-08 20:49:14 -04:00
Maidul Islam	cb86aa40fa	update install scrip for deb	2025-04-08 20:47:33 -04:00
Maidul Islam	1131143a71	remove gpg passphrase	2025-04-08 18:28:23 -04:00