From e9363b655eb071d255f183c72d0bfecde4354855 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Sat, 25 Apr 2026 20:08:26 +0200
Subject: [PATCH 1/9] feat(budget): add user path budget management

---
 config/config.example.yaml                    |  12 +
 config/config.go                              | 192 ++++++++++
 config/config_test.go                         |  84 +++++
 .../admin/dashboard/static/css/dashboard.css  |  58 +++
 .../admin/dashboard/static/js/dashboard.js    |  10 +
 .../dashboard/static/js/modules/budgets.js    | 175 +++++++++
 .../static/js/modules/budgets.test.js         |  80 ++++
 .../dashboard/static/js/modules/workflows.js  |   1 +
 .../admin/dashboard/templates/layout.html     |   1 +
 .../dashboard/templates/page-settings.html    | 119 ++++++
 internal/admin/handler.go                     |  79 ++++
 internal/app/app.go                           |  66 +++-
 internal/budget/factory.go                    | 132 +++++++
 internal/budget/service.go                    | 185 +++++++++
 internal/budget/service_test.go               | 138 +++++++
 internal/budget/settings_helpers.go           |  83 ++++
 internal/budget/store.go                      |  78 ++++
 internal/budget/store_mongodb.go              | 245 ++++++++++++
 internal/budget/store_postgresql.go           | 290 ++++++++++++++
 internal/budget/store_sqlite.go               | 353 ++++++++++++++++++
 internal/budget/store_sqlite_test.go          |  66 ++++
 internal/budget/types.go                      | 238 ++++++++++++
 internal/budget/types_test.go                 |  44 +++
 internal/server/budget_support.go             |  45 +++
 internal/server/handlers.go                   |   4 +
 internal/server/http.go                       |   7 +
 internal/server/native_batch_service.go       |   4 +
 internal/server/passthrough_service.go        |   4 +
 .../server/translated_inference_service.go    |  13 +
 29 files changed, 2791 insertions(+), 15 deletions(-)
 create mode 100644 internal/admin/dashboard/static/js/modules/budgets.js
 create mode 100644 internal/admin/dashboard/static/js/modules/budgets.test.js
 create mode 100644 internal/budget/factory.go
 create mode 100644 internal/budget/service.go
 create mode 100644 internal/budget/service_test.go
 create mode 100644 internal/budget/settings_helpers.go
 create mode 100644 internal/budget/store.go
 create mode 100644 internal/budget/store_mongodb.go
 create mode 100644 internal/budget/store_postgresql.go
 create mode 100644 internal/budget/store_sqlite.go
 create mode 100644 internal/budget/store_sqlite_test.go
 create mode 100644 internal/budget/types.go
 create mode 100644 internal/budget/types_test.go
 create mode 100644 internal/server/budget_support.go

diff --git a/config/config.example.yaml b/config/config.example.yaml
index e6e6a312..2b2070d5 100644
--- a/config/config.example.yaml
+++ b/config/config.example.yaml
@@ -86,6 +86,18 @@ usage:
   flush_interval: 5
   retention_days: 90
 
+budgets:
+  enabled: true # env: BUDGETS_ENABLED; with no configured budgets this has no effect
+  user_paths:
+    # Env equivalent:
+    # SET_BUDGET_USER_PATH_EXAMPLE="daily=10,weekly=50"
+    - path: "/user/path/example"
+      limits:
+        - period: "daily" # hourly, daily, weekly, monthly; stored in DB as period_seconds
+          amount: 10.00
+        - period: "weekly"
+          amount: 50.00
+
 metrics:
   enabled: false
   endpoint: "/metrics"
diff --git a/config/config.go b/config/config.go
index e762bf23..5579b0f2 100644
--- a/config/config.go
+++ b/config/config.go
@@ -36,6 +36,7 @@ type Config struct {
 	Storage    StorageConfig    `yaml:"storage"`
 	Logging    LogConfig        `yaml:"logging"`
 	Usage      UsageConfig      `yaml:"usage"`
+	Budgets    BudgetsConfig    `yaml:"budgets"`
 	Metrics    MetricsConfig    `yaml:"metrics"`
 	HTTP       HTTPConfig       `yaml:"http"`
 	Admin      AdminConfig      `yaml:"admin"`
@@ -373,6 +374,36 @@ type UsageConfig struct {
 	RetentionDays int `yaml:"retention_days" env:"USAGE_RETENTION_DAYS"`
 }
 
+// BudgetsConfig holds per-user-path spend limits.
+type BudgetsConfig struct {
+	// Enabled controls whether budget checks are active.
+	// Default: true. With no configured budgets, this has no effect.
+	Enabled bool `yaml:"enabled" env:"BUDGETS_ENABLED"`
+
+	// UserPaths declares budget limits by tracked user path.
+	UserPaths []BudgetUserPathConfig `yaml:"user_paths"`
+}
+
+// BudgetUserPathConfig declares one or more budget limits for a user path.
+type BudgetUserPathConfig struct {
+	Path   string              `yaml:"path"`
+	Limits []BudgetLimitConfig `yaml:"limits"`
+}
+
+// BudgetLimitConfig declares one spend limit for a reset period.
+type BudgetLimitConfig struct {
+	// Period accepts hourly, daily, weekly, or monthly. The resolved period is
+	// persisted as PeriodSeconds in the database.
+	Period string `yaml:"period"`
+
+	// PeriodSeconds can be set directly instead of Period. Standard values are
+	// 3600, 86400, 604800, and 2592000.
+	PeriodSeconds int64 `yaml:"period_seconds"`
+
+	// Amount is the maximum allowed tracked provider spend for the period.
+	Amount float64 `yaml:"amount"`
+}
+
 // StorageConfig holds database storage configuration (used by audit logging, usage tracking, future IAM, etc.)
 type StorageConfig struct {
 	// Type specifies the storage backend: "sqlite" (default), "postgresql", or "mongodb"
@@ -968,6 +999,9 @@ func buildDefaultConfig() *Config {
 			FlushInterval:             5,
 			RetentionDays:             90,
 		},
+		Budgets: BudgetsConfig{
+			Enabled: true,
+		},
 		Metrics: MetricsConfig{
 			Endpoint: "/metrics",
 		},
@@ -1016,6 +1050,15 @@ func Load() (*LoadResult, error) {
 	if err := applyEnvOverrides(cfg); err != nil {
 		return nil, err
 	}
+	if err := applyBudgetEnv(cfg); err != nil {
+		return nil, err
+	}
+	if err := validateBudgetConfig(&cfg.Budgets); err != nil {
+		return nil, err
+	}
+	if err := validateBudgetDependencies(cfg); err != nil {
+		return nil, err
+	}
 	cfg.Models.ConfiguredProviderModelsMode = ResolveConfiguredProviderModelsMode(cfg.Models.ConfiguredProviderModelsMode)
 	if !cfg.Models.ConfiguredProviderModelsMode.Valid() {
 		return nil, fmt.Errorf("models.configured_provider_models_mode must be one of: fallback, allowlist")
@@ -1216,6 +1259,155 @@ func loadFallbackConfig(cfg *FallbackConfig) error {
 	return nil
 }
 
+func applyBudgetEnv(cfg *Config) error {
+	if cfg == nil {
+		return nil
+	}
+	if !cfg.Budgets.Enabled {
+		return nil
+	}
+
+	const prefix = "SET_BUDGET_"
+	for _, item := range os.Environ() {
+		key, value, ok := strings.Cut(item, "=")
+		if !ok || !strings.HasPrefix(key, prefix) || strings.TrimSpace(value) == "" {
+			continue
+		}
+		path := budgetEnvPath(key[len(prefix):])
+		limits, err := parseBudgetEnvLimits(value)
+		if err != nil {
+			return fmt.Errorf("invalid value for %s: %w", key, err)
+		}
+		if len(limits) == 0 {
+			continue
+		}
+		cfg.Budgets.UserPaths = append(cfg.Budgets.UserPaths, BudgetUserPathConfig{
+			Path:   path,
+			Limits: limits,
+		})
+	}
+	return nil
+}
+
+func budgetEnvPath(suffix string) string {
+	suffix = strings.Trim(strings.ToLower(strings.TrimSpace(suffix)), "_")
+	if suffix == "" {
+		return "/"
+	}
+	segments := make([]string, 0)
+	for _, part := range strings.Split(suffix, "_") {
+		part = strings.TrimSpace(part)
+		if part != "" {
+			segments = append(segments, part)
+		}
+	}
+	if len(segments) == 0 {
+		return "/"
+	}
+	return "/" + strings.Join(segments, "/")
+}
+
+func parseBudgetEnvLimits(raw string) ([]BudgetLimitConfig, error) {
+	raw = strings.TrimSpace(raw)
+	if raw == "" {
+		return nil, nil
+	}
+	if strings.HasPrefix(raw, "{") {
+		values := map[string]float64{}
+		if err := json.Unmarshal([]byte(raw), &values); err != nil {
+			return nil, err
+		}
+		limits := make([]BudgetLimitConfig, 0, len(values))
+		for period, amount := range values {
+			limits = append(limits, BudgetLimitConfig{Period: period, Amount: amount})
+		}
+		return limits, nil
+	}
+	if strings.HasPrefix(raw, "[") {
+		var limits []BudgetLimitConfig
+		if err := json.Unmarshal([]byte(raw), &limits); err != nil {
+			return nil, err
+		}
+		return limits, nil
+	}
+
+	fields := strings.FieldsFunc(raw, func(r rune) bool {
+		return r == ',' || r == ';' || r == '\n'
+	})
+	limits := make([]BudgetLimitConfig, 0, len(fields))
+	for _, field := range fields {
+		field = strings.TrimSpace(field)
+		if field == "" {
+			continue
+		}
+		period, amountText, ok := strings.Cut(field, "=")
+		if !ok {
+			period, amountText, ok = strings.Cut(field, ":")
+		}
+		if !ok {
+			return nil, fmt.Errorf("budget limit %q must use period=amount", field)
+		}
+		amount, err := strconv.ParseFloat(strings.TrimSpace(amountText), 64)
+		if err != nil {
+			return nil, fmt.Errorf("budget amount %q is not a valid number", amountText)
+		}
+		limits = append(limits, BudgetLimitConfig{
+			Period: strings.TrimSpace(period),
+			Amount: amount,
+		})
+	}
+	return limits, nil
+}
+
+func validateBudgetConfig(cfg *BudgetsConfig) error {
+	if cfg == nil {
+		return nil
+	}
+	if !cfg.Enabled {
+		return nil
+	}
+	for pathIdx, entry := range cfg.UserPaths {
+		if strings.TrimSpace(entry.Path) == "" {
+			return fmt.Errorf("budgets.user_paths[%d].path is required", pathIdx)
+		}
+		for limitIdx, limit := range entry.Limits {
+			if limit.Amount <= 0 {
+				return fmt.Errorf("budgets.user_paths[%d].limits[%d].amount must be greater than 0", pathIdx, limitIdx)
+			}
+			if limit.PeriodSeconds <= 0 {
+				seconds, ok := budgetPeriodSeconds(limit.Period)
+				if !ok {
+					return fmt.Errorf("budgets.user_paths[%d].limits[%d].period must be one of hourly, daily, weekly, monthly or period_seconds must be set", pathIdx, limitIdx)
+				}
+				cfg.UserPaths[pathIdx].Limits[limitIdx].PeriodSeconds = seconds
+			}
+		}
+	}
+	return nil
+}
+
+func validateBudgetDependencies(cfg *Config) error {
+	if cfg == nil || !cfg.Budgets.Enabled || len(cfg.Budgets.UserPaths) == 0 || cfg.Usage.Enabled {
+		return nil
+	}
+	return fmt.Errorf("budgets require usage tracking to be enabled because spend limits are evaluated from usage cost records")
+}
+
+func budgetPeriodSeconds(period string) (int64, bool) {
+	switch strings.ToLower(strings.TrimSpace(period)) {
+	case "hour", "hourly", "hours":
+		return 3600, true
+	case "day", "daily", "days":
+		return 86400, true
+	case "week", "weekly", "weeks":
+		return 604800, true
+	case "month", "monthly", "months":
+		return 2592000, true
+	default:
+		return 0, false
+	}
+}
+
 // applyEnvOverrides walks cfg's struct fields and applies env var overrides
 // based on `env` struct tags. Maps are skipped.
 func applyEnvOverrides(cfg *Config) error {
diff --git a/config/config_test.go b/config/config_test.go
index a9682924..6d2cb287 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -55,6 +55,7 @@ func clearAllConfigEnvVars(t *testing.T) {
 		"LOGGING_FLUSH_INTERVAL", "LOGGING_RETENTION_DAYS",
 		"USAGE_ENABLED", "ENFORCE_RETURNING_USAGE_DATA",
 		"USAGE_BUFFER_SIZE", "USAGE_FLUSH_INTERVAL", "USAGE_RETENTION_DAYS",
+		"BUDGETS_ENABLED",
 		"GUARDRAILS_ENABLED", "ENABLE_GUARDRAILS_FOR_BATCH_PROCESSING",
 		"FEATURE_FALLBACK_MODE", "FALLBACK_MANUAL_RULES_PATH",
 		"MODEL_OVERRIDES_ENABLED", "MODELS_ENABLED_BY_DEFAULT", "KEEP_ONLY_ALIASES_AT_MODELS_ENDPOINT", "CONFIGURED_PROVIDER_MODELS_MODE",
@@ -64,6 +65,13 @@ func clearAllConfigEnvVars(t *testing.T) {
 		t.Setenv(key, "")
 		os.Unsetenv(key)
 	}
+	for _, item := range os.Environ() {
+		key, _, _ := strings.Cut(item, "=")
+		if strings.HasPrefix(key, "SET_BUDGET_") {
+			t.Setenv(key, "")
+			os.Unsetenv(key)
+		}
+	}
 	clearProviderEnvVars(t)
 }
 
@@ -157,6 +165,9 @@ func TestBuildDefaultConfig(t *testing.T) {
 	if cfg.Usage.RetentionDays != 90 {
 		t.Errorf("expected Usage.RetentionDays=90, got %d", cfg.Usage.RetentionDays)
 	}
+	if !cfg.Budgets.Enabled {
+		t.Error("expected Budgets.Enabled=true")
+	}
 	if cfg.Metrics.Endpoint != "/metrics" {
 		t.Errorf("expected Metrics.Endpoint=/metrics, got %s", cfg.Metrics.Endpoint)
 	}
@@ -205,6 +216,79 @@ func TestBuildDefaultConfig(t *testing.T) {
 	}
 }
 
+func TestLoadBudgetEnvUserPath(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "daily=12.5,weekly=50")
+
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
+		}
+
+		entries := result.Config.Budgets.UserPaths
+		if len(entries) != 1 {
+			t.Fatalf("expected 1 budget user path, got %d", len(entries))
+		}
+		if got, want := entries[0].Path, "/user/path/example"; got != want {
+			t.Fatalf("budget env path = %q, want %q", got, want)
+		}
+		if len(entries[0].Limits) != 2 {
+			t.Fatalf("expected 2 budget limits, got %d", len(entries[0].Limits))
+		}
+		if got, want := entries[0].Limits[0].PeriodSeconds, int64(86400); got != want {
+			t.Fatalf("daily period seconds = %d, want %d", got, want)
+		}
+		if got, want := entries[0].Limits[0].Amount, 12.5; got != want {
+			t.Fatalf("daily amount = %v, want %v", got, want)
+		}
+		if got, want := entries[0].Limits[1].PeriodSeconds, int64(604800); got != want {
+			t.Fatalf("weekly period seconds = %d, want %d", got, want)
+		}
+		if got, want := entries[0].Limits[1].Amount, 50.0; got != want {
+			t.Fatalf("weekly amount = %v, want %v", got, want)
+		}
+	})
+}
+
+func TestLoadBudgetEnvRequiresUsageTracking(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("USAGE_ENABLED", "false")
+		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "daily=12.5")
+
+		_, err := Load()
+		if err == nil {
+			t.Fatal("expected Load() to fail when budgets are configured while usage tracking is disabled")
+		}
+		if !strings.Contains(err.Error(), "budgets require usage tracking") {
+			t.Fatalf("Load() error = %v, want budget usage dependency error", err)
+		}
+	})
+}
+
+func TestLoadDisabledBudgetsIgnoreMalformedBudgetEnv(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("BUDGETS_ENABLED", "false")
+		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "not-a-budget-limit")
+
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
+		}
+		if result.Config.Budgets.Enabled {
+			t.Fatal("expected budgets to be disabled")
+		}
+		if len(result.Config.Budgets.UserPaths) != 0 {
+			t.Fatalf("expected disabled budgets to ignore env user paths, got %d", len(result.Config.Budgets.UserPaths))
+		}
+	})
+}
+
 func TestLoad_ZeroConfig(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
diff --git a/internal/admin/dashboard/static/css/dashboard.css b/internal/admin/dashboard/static/css/dashboard.css
index ea27766f..2beb25ac 100644
--- a/internal/admin/dashboard/static/css/dashboard.css
+++ b/internal/admin/dashboard/static/css/dashboard.css
@@ -1875,6 +1875,23 @@ textarea:focus {
   border-color: var(--accent);
 }
 
+.form-input {
+  width: 100%;
+  min-height: 38px;
+  padding: 8px 10px;
+  background: var(--bg-surface);
+  border: 1px solid var(--border);
+  border-radius: var(--radius);
+  color: var(--text);
+  font-size: 13px;
+  font-family: inherit;
+  outline: none;
+}
+
+.form-input:focus {
+  border-color: var(--accent);
+}
+
 .alias-checkbox {
   display: inline-flex;
   align-items: center;
@@ -3072,6 +3089,19 @@ body.conversation-drawer-open {
   border-color: color-mix(in srgb, var(--danger) 75%, var(--border));
 }
 
+.pagination-btn-danger {
+  color: #fff;
+  border-color: color-mix(in srgb, var(--danger) 76%, #000 12%);
+  background: var(--danger);
+  font-weight: 600;
+  box-shadow: 0 10px 22px color-mix(in srgb, var(--danger) 20%, transparent);
+}
+
+.pagination-btn-danger:hover:not(:disabled) {
+  background: color-mix(in srgb, var(--danger) 90%, #fff 10%);
+  border-color: color-mix(in srgb, var(--danger) 82%, #000 14%);
+}
+
 .pagination-btn-with-icon {
   display: inline-flex;
   align-items: center;
@@ -3384,6 +3414,25 @@ body.conversation-drawer-open {
   line-height: 1.55;
 }
 
+.budget-settings-section {
+  width: 100%;
+}
+
+.budget-settings-grid {
+  width: min(100%, 780px);
+  grid-template-columns: repeat(3, minmax(140px, 1fr));
+}
+
+.budget-settings-actions {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 10px;
+}
+
+.budget-reset-dialog {
+  max-width: 460px;
+}
+
 .settings-refresh-icon,
 .alias-create-icon,
 .form-action-icon {
@@ -3831,6 +3880,15 @@ body.conversation-drawer-open {
   .settings-form-grid {
     grid-template-columns: 1fr;
   }
+  .budget-settings-grid {
+    grid-template-columns: 1fr;
+  }
+  .budget-settings-actions {
+    width: 100%;
+  }
+  .budget-settings-actions .pagination-btn {
+    width: 100%;
+  }
 
   /* Date picker mobile */
   .date-picker-dropdown {
diff --git a/internal/admin/dashboard/static/js/dashboard.js b/internal/admin/dashboard/static/js/dashboard.js
index 563a8bda..2dbfe32c 100644
--- a/internal/admin/dashboard/static/js/dashboard.js
+++ b/internal/admin/dashboard/static/js/dashboard.js
@@ -196,6 +196,9 @@ function dashboard() {
         if (typeof this.ensureTimezoneOptions === "function") {
           this.ensureTimezoneOptions();
         }
+        if (typeof this.fetchBudgetSettings === "function") {
+          this.fetchBudgetSettings();
+        }
       }
       if (page === "overview") this.renderChart();
       if (page === "usage") this.fetchUsagePage();
@@ -356,6 +359,7 @@ function dashboard() {
         (this.page === "workflows" && this.workflowFormOpen) ||
         (this.page === "guardrails" && this.guardrailFormOpen) ||
         (this.page === "auth-keys" && this.authKeyFormOpen)
+        || this.budgetResetDialogOpen
       );
     },
 
@@ -922,6 +926,12 @@ function dashboard() {
         : null,
       "dashboardGuardrailsModule",
     ),
+    resolveModuleFactory(
+      typeof dashboardBudgetsModule === "function"
+        ? dashboardBudgetsModule
+        : null,
+      "dashboardBudgetsModule",
+    ),
     resolveModuleFactory(
       typeof dashboardWorkflowsModule === "function"
         ? dashboardWorkflowsModule
diff --git a/internal/admin/dashboard/static/js/modules/budgets.js b/internal/admin/dashboard/static/js/modules/budgets.js
new file mode 100644
index 00000000..1c3dcbea
--- /dev/null
+++ b/internal/admin/dashboard/static/js/modules/budgets.js
@@ -0,0 +1,175 @@
+(function(global) {
+    function dashboardBudgetsModule() {
+        return {
+            budgetSettings: {
+                daily_reset_hour: 0,
+                daily_reset_minute: 0,
+                weekly_reset_weekday: 1,
+                weekly_reset_hour: 0,
+                weekly_reset_minute: 0,
+                monthly_reset_day: 1,
+                monthly_reset_hour: 0,
+                monthly_reset_minute: 0
+            },
+            budgetSettingsLoading: false,
+            budgetSettingsSaving: false,
+            budgetSettingsNotice: '',
+            budgetSettingsError: '',
+            budgetResetDialogOpen: false,
+            budgetResetConfirmation: '',
+            budgetResetLoading: false,
+
+            budgetManagementEnabled() {
+                return typeof this.workflowRuntimeBooleanFlag === 'function'
+                    ? this.workflowRuntimeBooleanFlag('BUDGETS_ENABLED', true)
+                    : true;
+            },
+
+            budgetWeekdays() {
+                return [
+                    { value: 0, label: 'Sunday' },
+                    { value: 1, label: 'Monday' },
+                    { value: 2, label: 'Tuesday' },
+                    { value: 3, label: 'Wednesday' },
+                    { value: 4, label: 'Thursday' },
+                    { value: 5, label: 'Friday' },
+                    { value: 6, label: 'Saturday' }
+                ];
+            },
+
+            normalizeBudgetSettings(payload) {
+                const current = this.budgetSettings || {};
+                const numberValue = (key, fallback) => {
+                    const parsed = Number(payload && payload[key]);
+                    return Number.isFinite(parsed) ? parsed : fallback;
+                };
+                return {
+                    daily_reset_hour: numberValue('daily_reset_hour', Number(current.daily_reset_hour || 0)),
+                    daily_reset_minute: numberValue('daily_reset_minute', Number(current.daily_reset_minute || 0)),
+                    weekly_reset_weekday: numberValue('weekly_reset_weekday', Number(current.weekly_reset_weekday || 1)),
+                    weekly_reset_hour: numberValue('weekly_reset_hour', Number(current.weekly_reset_hour || 0)),
+                    weekly_reset_minute: numberValue('weekly_reset_minute', Number(current.weekly_reset_minute || 0)),
+                    monthly_reset_day: numberValue('monthly_reset_day', Number(current.monthly_reset_day || 1)),
+                    monthly_reset_hour: numberValue('monthly_reset_hour', Number(current.monthly_reset_hour || 0)),
+                    monthly_reset_minute: numberValue('monthly_reset_minute', Number(current.monthly_reset_minute || 0))
+                };
+            },
+
+            budgetSettingsPayload() {
+                return this.normalizeBudgetSettings(this.budgetSettings);
+            },
+
+            async fetchBudgetSettings() {
+                if (!this.budgetManagementEnabled()) {
+                    this.budgetSettingsError = '';
+                    return;
+                }
+                this.budgetSettingsLoading = true;
+                this.budgetSettingsError = '';
+                try {
+                    const request = this.requestOptions();
+                    const res = await fetch('/admin/api/v1/budgets/settings', request);
+                    const handled = this.handleFetchResponse(res, 'budget settings', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetSettingsError = 'Unable to load budget settings.';
+                        return;
+                    }
+                    this.budgetSettings = this.normalizeBudgetSettings(await res.json());
+                } catch (e) {
+                    console.error('Failed to fetch budget settings:', e);
+                    this.budgetSettingsError = 'Unable to load budget settings.';
+                } finally {
+                    this.budgetSettingsLoading = false;
+                }
+            },
+
+            async saveBudgetSettings() {
+                if (this.budgetSettingsSaving) {
+                    return;
+                }
+                this.budgetSettingsSaving = true;
+                this.budgetSettingsNotice = '';
+                this.budgetSettingsError = '';
+                try {
+                    const request = this.requestOptions({
+                        method: 'PUT',
+                        body: JSON.stringify(this.budgetSettingsPayload())
+                    });
+                    const res = await fetch('/admin/api/v1/budgets/settings', request);
+                    const handled = this.handleFetchResponse(res, 'budget settings', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetSettingsError = 'Unable to save budget settings.';
+                        return;
+                    }
+                    this.budgetSettings = this.normalizeBudgetSettings(await res.json());
+                    this.budgetSettingsNotice = 'Budget settings saved.';
+                } catch (e) {
+                    console.error('Failed to save budget settings:', e);
+                    this.budgetSettingsError = 'Unable to save budget settings.';
+                } finally {
+                    this.budgetSettingsSaving = false;
+                }
+            },
+
+            openBudgetResetDialog() {
+                this.budgetResetConfirmation = '';
+                this.budgetSettingsError = '';
+                this.budgetResetDialogOpen = true;
+                setTimeout(() => {
+                    const input = document.getElementById('budget-reset-confirmation');
+                    if (input && typeof input.focus === 'function') {
+                        input.focus();
+                    }
+                }, 0);
+            },
+
+            closeBudgetResetDialog() {
+                this.budgetResetDialogOpen = false;
+                this.budgetResetConfirmation = '';
+            },
+
+            async resetBudgets() {
+                if (this.budgetResetLoading) {
+                    return;
+                }
+                if (String(this.budgetResetConfirmation || '').trim().toLowerCase() !== 'reset') {
+                    this.budgetSettingsError = 'Type reset to confirm.';
+                    return;
+                }
+                this.budgetResetLoading = true;
+                this.budgetSettingsNotice = '';
+                this.budgetSettingsError = '';
+                try {
+                    const request = this.requestOptions({
+                        method: 'POST',
+                        body: JSON.stringify({ confirmation: 'reset' })
+                    });
+                    const res = await fetch('/admin/api/v1/budgets/reset', request);
+                    const handled = this.handleFetchResponse(res, 'budget reset', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetSettingsError = 'Unable to reset budgets.';
+                        return;
+                    }
+                    this.closeBudgetResetDialog();
+                    this.budgetSettingsNotice = 'Budgets reset.';
+                } catch (e) {
+                    console.error('Failed to reset budgets:', e);
+                    this.budgetSettingsError = 'Unable to reset budgets.';
+                } finally {
+                    this.budgetResetLoading = false;
+                }
+            }
+        };
+    }
+
+    global.dashboardBudgetsModule = dashboardBudgetsModule;
+})(typeof window !== 'undefined' ? window : globalThis);
diff --git a/internal/admin/dashboard/static/js/modules/budgets.test.js b/internal/admin/dashboard/static/js/modules/budgets.test.js
new file mode 100644
index 00000000..69df1f44
--- /dev/null
+++ b/internal/admin/dashboard/static/js/modules/budgets.test.js
@@ -0,0 +1,80 @@
+const test = require('node:test');
+const assert = require('node:assert/strict');
+const fs = require('node:fs');
+const path = require('node:path');
+const vm = require('node:vm');
+
+function loadBudgetsModuleFactory(overrides = {}) {
+    const source = fs.readFileSync(path.join(__dirname, 'budgets.js'), 'utf8');
+    const window = {
+        ...(overrides.window || {})
+    };
+    const context = {
+        console,
+        setTimeout,
+        clearTimeout,
+        ...overrides,
+        window
+    };
+    vm.createContext(context);
+    vm.runInContext(source, context);
+    return context.window.dashboardBudgetsModule;
+}
+
+function createBudgetsModule(overrides) {
+    const factory = loadBudgetsModuleFactory(overrides);
+    return factory();
+}
+
+test('budgetManagementEnabled defaults on and respects the runtime flag', () => {
+    const module = createBudgetsModule();
+    assert.equal(module.budgetManagementEnabled(), true);
+
+    module.workflowRuntimeBooleanFlag = (key, fallback) => {
+        assert.equal(key, 'BUDGETS_ENABLED');
+        assert.equal(fallback, true);
+        return false;
+    };
+    assert.equal(module.budgetManagementEnabled(), false);
+});
+
+test('budgetSettingsPayload normalizes numeric values before saving', () => {
+    const module = createBudgetsModule();
+    module.budgetSettings = {
+        daily_reset_hour: '7',
+        daily_reset_minute: '15',
+        weekly_reset_weekday: '3',
+        weekly_reset_hour: '8',
+        weekly_reset_minute: '45',
+        monthly_reset_day: '31',
+        monthly_reset_hour: '9',
+        monthly_reset_minute: '30'
+    };
+
+    assert.equal(JSON.stringify(module.budgetSettingsPayload()), JSON.stringify({
+        daily_reset_hour: 7,
+        daily_reset_minute: 15,
+        weekly_reset_weekday: 3,
+        weekly_reset_hour: 8,
+        weekly_reset_minute: 45,
+        monthly_reset_day: 31,
+        monthly_reset_hour: 9,
+        monthly_reset_minute: 30
+    }));
+});
+
+test('resetBudgets requires the typed reset confirmation before posting', async () => {
+    const module = createBudgetsModule({
+        fetch() {
+            throw new Error('fetch should not be called');
+        }
+    });
+    module.requestOptions = (options) => options || {};
+    module.handleFetchResponse = () => true;
+    module.budgetResetConfirmation = 'nope';
+
+    await module.resetBudgets();
+
+    assert.equal(module.budgetSettingsError, 'Type reset to confirm.');
+    assert.equal(module.budgetResetLoading, false);
+});
diff --git a/internal/admin/dashboard/static/js/modules/workflows.js b/internal/admin/dashboard/static/js/modules/workflows.js
index 49e61998..f330cbc2 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.js
@@ -82,6 +82,7 @@
 	                    'FEATURE_FALLBACK_MODE',
 	                    'LOGGING_ENABLED',
 	                    'USAGE_ENABLED',
+	                    'BUDGETS_ENABLED',
 	                    'GUARDRAILS_ENABLED',
 	                    'CACHE_ENABLED',
 	                    'REDIS_URL',
diff --git a/internal/admin/dashboard/templates/layout.html b/internal/admin/dashboard/templates/layout.html
index 499826f2..1f8acc0e 100644
--- a/internal/admin/dashboard/templates/layout.html
+++ b/internal/admin/dashboard/templates/layout.html
@@ -81,6 +81,7 @@ <h2 id="authDialogTitle" x-text="needsAuth ? 'Dashboard locked' : 'Change API ke
     <script src="/admin/static/js/modules/workflows.js"></script>
     <script src="/admin/static/js/modules/auth-keys.js"></script>
     <script src="/admin/static/js/modules/guardrails.js"></script>
+    <script src="/admin/static/js/modules/budgets.js"></script>
     <script src="/admin/static/js/modules/conversation-drawer.js"></script>
     <script src="/admin/static/js/modules/contribution-calendar.js"></script>
     <script src="/admin/static/js/modules/charts.js"></script>
diff --git a/internal/admin/dashboard/templates/page-settings.html b/internal/admin/dashboard/templates/page-settings.html
index b4a96b32..db7de69e 100644
--- a/internal/admin/dashboard/templates/page-settings.html
+++ b/internal/admin/dashboard/templates/page-settings.html
@@ -36,6 +36,82 @@ <h3>Timezone</h3>
             <button type="button" class="pagination-btn" x-show="timezoneOverride" @click="clearTimezoneOverride()">Use Browser Timezone</button>
         </div>
 
+        <div class="settings-refresh-section budget-settings-section" x-show="budgetManagementEnabled()">
+            <div class="inline-help-section" x-data="{ open: false, copyId: 'budget-settings-help-copy', showLabel: 'Show budget help', hideLabel: 'Hide budget help', text: 'Budget reset anchors are stored in the database and evaluated in UTC. Hourly budgets reset at the top of each hour.' }">
+                <div class="inline-help-title-row">
+                    <h3>Budget Resets</h3>
+                    {{template "inline-help-toggle" .}}
+                </div>
+                <p :id="copyId" class="inline-help-copy" x-show="open" x-transition.opacity.duration.200ms x-text="text"></p>
+            </div>
+            <div class="settings-form-grid budget-settings-grid">
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-daily-hour">Daily Reset Hour</label>
+                    <input id="budget-daily-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.daily_reset_hour">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-daily-minute">Daily Reset Minute</label>
+                    <input id="budget-daily-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.daily_reset_minute">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-weekly-day">Weekly Reset Day</label>
+                    <select id="budget-weekly-day" class="usage-log-select settings-select" x-model.number="budgetSettings.weekly_reset_weekday">
+                        <template x-for="day in budgetWeekdays()" :key="day.value">
+                            <option :value="day.value" x-text="day.label"></option>
+                        </template>
+                    </select>
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-weekly-hour">Weekly Reset Hour</label>
+                    <input id="budget-weekly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.weekly_reset_hour">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-weekly-minute">Weekly Reset Minute</label>
+                    <input id="budget-weekly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.weekly_reset_minute">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-monthly-day">Monthly Reset Day</label>
+                    <input id="budget-monthly-day" class="form-input" type="number" min="1" max="31" step="1" x-model.number="budgetSettings.monthly_reset_day">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-monthly-hour">Monthly Reset Hour</label>
+                    <input id="budget-monthly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.monthly_reset_hour">
+                </div>
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-monthly-minute">Monthly Reset Minute</label>
+                    <input id="budget-monthly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.monthly_reset_minute">
+                </div>
+            </div>
+            <div class="settings-refresh-actions budget-settings-actions">
+                <button type="button"
+                        class="pagination-btn pagination-btn-primary pagination-btn-with-icon"
+                        :disabled="budgetSettingsSaving || budgetSettingsLoading"
+                        :aria-busy="budgetSettingsSaving ? 'true' : 'false'"
+                        aria-describedby="budget-settings-help-copy"
+                        @click="saveBudgetSettings()">
+                    <i data-lucide="save" class="form-action-icon" aria-hidden="true"></i>
+                    <span>Save Budget Settings</span>
+                </button>
+                <button type="button"
+                        class="pagination-btn pagination-btn-danger pagination-btn-with-icon"
+                        :disabled="budgetResetLoading"
+                        @click="openBudgetResetDialog()">
+                    <i data-lucide="rotate-ccw" class="form-action-icon" aria-hidden="true"></i>
+                    <span>Reset Budgets</span>
+                </button>
+            </div>
+            <div class="alert alert-success settings-refresh-alert"
+                 role="status"
+                 aria-live="polite"
+                 x-show="budgetSettingsNotice"
+                 x-text="budgetSettingsNotice"></div>
+            <div class="alert alert-warning settings-refresh-alert"
+                 role="alert"
+                 aria-live="assertive"
+                 x-show="budgetSettingsError"
+                 x-text="budgetSettingsError"></div>
+        </div>
+
         <div class="settings-refresh-section">
             <div class="inline-help-section" x-data="{ open: false, copyId: 'runtime-refresh-help-copy', showLabel: 'Show runtime refresh help', hideLabel: 'Hide runtime refresh help', text: 'Pull the latest model metadata, provider inventory, API keys, aliases, model access rules, guardrails, and workflows.' }">
                 <div class="inline-help-title-row">
@@ -80,6 +156,49 @@ <h3>Runtime Refresh</h3>
             </ul>
         </div>
     </div>
+    <div class="auth-dialog-backdrop"
+         x-cloak
+         x-show="budgetResetDialogOpen"
+         x-transition.opacity.duration.160ms
+         aria-hidden="true"></div>
+    <div class="auth-dialog-shell"
+         x-cloak
+         x-show="budgetResetDialogOpen"
+         x-transition.opacity.duration.160ms
+         @click="closeBudgetResetDialog()"
+         @keydown.escape.window="budgetResetDialogOpen && closeBudgetResetDialog()">
+        <section class="auth-dialog budget-reset-dialog"
+                 role="dialog"
+                 aria-modal="true"
+                 aria-labelledby="budgetResetDialogTitle"
+                 @click.stop>
+            <div class="auth-dialog-header">
+                <h2 id="budgetResetDialogTitle">Reset Budgets</h2>
+                <button type="button" class="auth-dialog-close dialog-close-btn" aria-label="Close budget reset dialog" @click="closeBudgetResetDialog()">
+                    {{template "x-icon"}}
+                </button>
+            </div>
+            <form class="auth-dialog-form" @submit.prevent="resetBudgets()">
+                <div class="form-field">
+                    <label class="form-field-label" for="budget-reset-confirmation">Type reset to confirm</label>
+                    <input id="budget-reset-confirmation"
+                           class="form-input"
+                           type="text"
+                           autocomplete="off"
+                           x-model="budgetResetConfirmation">
+                </div>
+                <div class="auth-dialog-actions">
+                    <button type="button" class="pagination-btn" @click="closeBudgetResetDialog()">Cancel</button>
+                    <button type="submit"
+                            class="pagination-btn pagination-btn-danger pagination-btn-with-icon"
+                            :disabled="budgetResetLoading || String(budgetResetConfirmation || '').trim().toLowerCase() !== 'reset'">
+                        <i data-lucide="rotate-ccw" class="form-action-icon" aria-hidden="true"></i>
+                        <span>Reset All Budgets</span>
+                    </button>
+                </div>
+            </form>
+        </section>
+    </div>
 </div>
 </template>
 {{end}}
diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index dfa2fe23..8ae2130f 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -20,6 +20,7 @@ import (
 	"gomodel/internal/aliases"
 	"gomodel/internal/auditlog"
 	"gomodel/internal/authkeys"
+	"gomodel/internal/budget"
 	"gomodel/internal/core"
 	"gomodel/internal/guardrails"
 	"gomodel/internal/modeloverrides"
@@ -37,6 +38,7 @@ type Handler struct {
 	aliases             *aliases.Service
 	modelOverrides      *modeloverrides.Service
 	workflows           *workflows.Service
+	budgets             *budget.Service
 	guardrails          guardrails.Catalog
 	guardrailDefs       *guardrails.Service
 	runtimeConfig       DashboardConfigResponse
@@ -53,6 +55,7 @@ const (
 	DashboardConfigFeatureFallbackMode  = "FEATURE_FALLBACK_MODE"
 	DashboardConfigLoggingEnabled       = "LOGGING_ENABLED"
 	DashboardConfigUsageEnabled         = "USAGE_ENABLED"
+	DashboardConfigBudgetsEnabled       = "BUDGETS_ENABLED"
 	DashboardConfigGuardrailsEnabled    = "GUARDRAILS_ENABLED"
 	DashboardConfigCacheEnabled         = "CACHE_ENABLED"
 	DashboardConfigRedisURL             = "REDIS_URL"
@@ -64,6 +67,7 @@ type DashboardConfigResponse struct {
 	FeatureFallbackMode  string `json:"FEATURE_FALLBACK_MODE,omitempty"`
 	LoggingEnabled       string `json:"LOGGING_ENABLED,omitempty"`
 	UsageEnabled         string `json:"USAGE_ENABLED,omitempty"`
+	BudgetsEnabled       string `json:"BUDGETS_ENABLED,omitempty"`
 	GuardrailsEnabled    string `json:"GUARDRAILS_ENABLED,omitempty"`
 	CacheEnabled         string `json:"CACHE_ENABLED,omitempty"`
 	RedisURL             string `json:"REDIS_URL,omitempty"`
@@ -173,6 +177,13 @@ func WithWorkflows(service *workflows.Service) Option {
 	}
 }
 
+// WithBudgets enables budget administration endpoints.
+func WithBudgets(service *budget.Service) Option {
+	return func(h *Handler) {
+		h.budgets = service
+	}
+}
+
 // WithGuardrailsRegistry enables listing valid guardrail references for workflow authoring.
 func WithGuardrailsRegistry(registry guardrails.Catalog) Option {
 	return func(h *Handler) {
@@ -232,6 +243,7 @@ func normalizeDashboardRuntimeConfig(values DashboardConfigResponse) DashboardCo
 		FeatureFallbackMode:  strings.TrimSpace(values.FeatureFallbackMode),
 		LoggingEnabled:       strings.TrimSpace(values.LoggingEnabled),
 		UsageEnabled:         strings.TrimSpace(values.UsageEnabled),
+		BudgetsEnabled:       strings.TrimSpace(values.BudgetsEnabled),
 		GuardrailsEnabled:    strings.TrimSpace(values.GuardrailsEnabled),
 		CacheEnabled:         strings.TrimSpace(values.CacheEnabled),
 		RedisURL:             strings.TrimSpace(values.RedisURL),
@@ -985,6 +997,58 @@ func (h *Handler) DashboardConfig(c *echo.Context) error {
 	return c.JSON(http.StatusOK, cloneDashboardRuntimeConfig(h.runtimeConfig))
 }
 
+// BudgetSettings handles GET /admin/api/v1/budgets/settings.
+func (h *Handler) BudgetSettings(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	return c.JSON(http.StatusOK, h.budgets.Settings())
+}
+
+// UpdateBudgetSettings handles PUT /admin/api/v1/budgets/settings.
+func (h *Handler) UpdateBudgetSettings(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	var req updateBudgetSettingsRequest
+	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
+	}
+	settings := budget.Settings{
+		DailyResetHour:     req.DailyResetHour,
+		DailyResetMinute:   req.DailyResetMinute,
+		WeeklyResetWeekday: req.WeeklyResetWeekday,
+		WeeklyResetHour:    req.WeeklyResetHour,
+		WeeklyResetMinute:  req.WeeklyResetMinute,
+		MonthlyResetDay:    req.MonthlyResetDay,
+		MonthlyResetHour:   req.MonthlyResetHour,
+		MonthlyResetMinute: req.MonthlyResetMinute,
+	}
+	saved, err := h.budgets.SaveSettings(c.Request().Context(), settings)
+	if err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	return c.JSON(http.StatusOK, saved)
+}
+
+// ResetBudgets handles POST /admin/api/v1/budgets/reset.
+func (h *Handler) ResetBudgets(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	var req resetBudgetsRequest
+	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
+	}
+	if strings.TrimSpace(strings.ToLower(req.Confirmation)) != "reset" {
+		return handleError(c, core.NewInvalidRequestError("confirmation must be reset", nil))
+	}
+	if err := h.budgets.ResetAll(c.Request().Context(), time.Now().UTC()); err != nil {
+		return handleError(c, core.NewProviderError("budgets", http.StatusServiceUnavailable, "failed to reset budgets", err))
+	}
+	return c.JSON(http.StatusOK, map[string]any{"status": "ok"})
+}
+
 // ProviderStatus handles GET /admin/api/v1/providers/status
 func (h *Handler) ProviderStatus(c *echo.Context) error {
 	return c.JSON(http.StatusOK, h.buildProviderStatusResponse())
@@ -1177,6 +1241,21 @@ type createAuthKeyRequest struct {
 	ExpiresAt   *time.Time `json:"expires_at,omitempty"`
 }
 
+type updateBudgetSettingsRequest struct {
+	DailyResetHour     int `json:"daily_reset_hour"`
+	DailyResetMinute   int `json:"daily_reset_minute"`
+	WeeklyResetWeekday int `json:"weekly_reset_weekday"`
+	WeeklyResetHour    int `json:"weekly_reset_hour"`
+	WeeklyResetMinute  int `json:"weekly_reset_minute"`
+	MonthlyResetDay    int `json:"monthly_reset_day"`
+	MonthlyResetHour   int `json:"monthly_reset_hour"`
+	MonthlyResetMinute int `json:"monthly_reset_minute"`
+}
+
+type resetBudgetsRequest struct {
+	Confirmation string `json:"confirmation"`
+}
+
 func featureUnavailableError(message string) error {
 	return core.NewInvalidRequestErrorWithStatus(http.StatusServiceUnavailable, message, nil).
 		WithCode("feature_unavailable")
diff --git a/internal/app/app.go b/internal/app/app.go
index bd5a6ea8..4efeb94f 100644
--- a/internal/app/app.go
+++ b/internal/app/app.go
@@ -21,6 +21,7 @@ import (
 	"gomodel/internal/auditlog"
 	"gomodel/internal/authkeys"
 	"gomodel/internal/batch"
+	"gomodel/internal/budget"
 	"gomodel/internal/core"
 	"gomodel/internal/fallback"
 	"gomodel/internal/guardrails"
@@ -40,6 +41,7 @@ type App struct {
 	providers      *providers.InitResult
 	audit          *auditlog.Result
 	usage          *usage.Result
+	budgets        *budget.Result
 	batch          *batch.Result
 	aliases        *aliases.Result
 	modelOverrides *modeloverrides.Result
@@ -135,6 +137,27 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 	}
 	app.usage = usageResult
 
+	var budgetResult *budget.Result
+	if appCfg.Budgets.Enabled {
+		sharedBudgetStorage := firstSharedStorage(auditResult.Storage, usageResult.Storage)
+		if sharedBudgetStorage != nil {
+			budgetResult, err = budget.NewWithSharedStorage(ctx, appCfg, sharedBudgetStorage)
+		} else {
+			budgetResult, err = budget.New(ctx, appCfg)
+		}
+		if err != nil {
+			closeErr := errors.Join(app.usage.Close(), app.audit.Close(), app.providers.Close())
+			if closeErr != nil {
+				return nil, fmt.Errorf("failed to initialize budgets: %w (also: close error: %v)", err, closeErr)
+			}
+			return nil, fmt.Errorf("failed to initialize budgets: %w", err)
+		}
+	} else {
+		budgetResult = &budget.Result{}
+		slog.Info("budgets disabled")
+	}
+	app.budgets = budgetResult
+
 	// Initialize batch lifecycle storage.
 	var batchResult *batch.Result
 	if auditResult.Storage != nil {
@@ -145,7 +168,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		batchResult, err = batch.New(ctx, appCfg)
 	}
 	if err != nil {
-		closeErr := errors.Join(app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize batch storage: %w (also: close error: %v)", err, closeErr)
 		}
@@ -165,7 +188,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		aliasResult, err = aliases.New(ctx, appCfg, providerResult.Registry)
 	}
 	if err != nil {
-		closeErr := errors.Join(app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize aliases: %w (also: close error: %v)", err, closeErr)
 		}
@@ -182,7 +205,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 			modelOverrideResult, err = modeloverrides.New(ctx, appCfg, providerResult.Registry)
 		}
 		if err != nil {
-			closeErr := errors.Join(app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+			closeErr := errors.Join(app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 			if closeErr != nil {
 				return nil, fmt.Errorf("failed to initialize model overrides: %w (also: close error: %v)", err, closeErr)
 			}
@@ -209,7 +232,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		guardrailResult, err = guardrails.New(ctx, appCfg, refreshInterval, guardrailExecutor)
 	}
 	if err != nil {
-		closeErr := errors.Join(app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize guardrails: %w (also: close error: %v)", err, closeErr)
 		}
@@ -219,14 +242,14 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 
 	seedGuardrails, err := configGuardrailDefinitions(appCfg.Guardrails)
 	if err != nil {
-		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to prepare guardrail definitions: %w (also: close error: %v)", err, closeErr)
 		}
 		return nil, fmt.Errorf("failed to prepare guardrail definitions: %w", err)
 	}
 	if err := guardrailResult.Service.UpsertDefinitions(ctx, seedGuardrails); err != nil {
-		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to upsert guardrails: %w (also: close error: %v)", err, closeErr)
 		}
@@ -249,7 +272,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		workflowResult, err = workflows.New(ctx, appCfg, workflowCompiler, refreshInterval)
 	}
 	if err != nil {
-		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize workflows: %w (also: close error: %v)", err, closeErr)
 		}
@@ -257,14 +280,14 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 	}
 	defaultWorkflow := defaultWorkflowInput(appCfg, guardrailResult.Service.Names(), seedGuardrails)
 	if err := workflowResult.Service.EnsureDefaultGlobal(ctx, defaultWorkflow); err != nil {
-		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to seed workflows: %w (also: close error: %v)", err, closeErr)
 		}
 		return nil, fmt.Errorf("failed to seed workflows: %w", err)
 	}
 	if err := workflowResult.Service.Refresh(ctx); err != nil {
-		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to load workflows: %w (also: close error: %v)", err, closeErr)
 		}
@@ -288,7 +311,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		authKeyResult, err = authkeys.New(ctx, appCfg)
 	}
 	if err != nil {
-		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(workflowResult.Close(), app.guardrails.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize auth keys: %w (also: close error: %v)", err, closeErr)
 		}
@@ -334,6 +357,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		PprofEnabled:                    appCfg.Server.PprofEnabled,
 		AuditLogger:                     auditResult.Logger,
 		UsageLogger:                     usageResult.Logger,
+		BudgetChecker:                   budgetResult.Service,
 		PricingResolver:                 providerResult.Registry,
 		ModelResolver:                   app.aliases.Service,
 		ModelAuthorizer:                 app.modelOverrides.Service,
@@ -370,6 +394,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 			app.modelOverrides.Service,
 			workflowResult.Service,
 			app.guardrails.Service,
+			budgetResult.Service,
 			app,
 			dashboardRuntimeConfig(appCfg, usageEnabledForDashboard),
 			adminCfg.UIEnabled,
@@ -430,7 +455,7 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		if app.batch != nil {
 			batchCloseErr = app.batch.Close()
 		}
-		closeErr := errors.Join(workflowsCloseErr, guardrailsCloseErr, authKeysCloseErr, aliasCloseErr, modelOverridesCloseErr, batchCloseErr, app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(workflowsCloseErr, guardrailsCloseErr, authKeysCloseErr, aliasCloseErr, modelOverridesCloseErr, batchCloseErr, app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to initialize response cache: %w (also: close error: %v)", err, closeErr)
 		}
@@ -449,14 +474,14 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 		ResponseCache:          rcm,
 	})
 	if err := guardrailResult.Service.SetExecutor(ctx, internalGuardrailExecutor); err != nil {
-		closeErr := errors.Join(rcm.Close(), app.workflows.Close(), app.guardrails.Close(), app.authKeys.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(rcm.Close(), app.workflows.Close(), app.guardrails.Close(), app.authKeys.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to wire internal guardrail executor: %w (also: close error: %v)", err, closeErr)
 		}
 		return nil, fmt.Errorf("failed to wire internal guardrail executor: %w", err)
 	}
 	if err := workflowResult.Service.Refresh(ctx); err != nil {
-		closeErr := errors.Join(rcm.Close(), app.workflows.Close(), app.guardrails.Close(), app.authKeys.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
+		closeErr := errors.Join(rcm.Close(), app.workflows.Close(), app.guardrails.Close(), app.authKeys.Close(), app.modelOverrides.Close(), app.aliases.Close(), app.batch.Close(), app.budgets.Close(), app.usage.Close(), app.audit.Close(), app.providers.Close())
 		if closeErr != nil {
 			return nil, fmt.Errorf("failed to refresh workflows after wiring internal guardrail executor: %w (also: close error: %v)", err, closeErr)
 		}
@@ -661,7 +686,15 @@ func (a *App) Shutdown(ctx context.Context) error {
 		}
 	}
 
-	// 9. Close usage tracking (flushes pending entries)
+	// 9. Close budget subsystem.
+	if a.budgets != nil {
+		if err := a.budgets.Close(); err != nil {
+			slog.Error("budgets close error", "error", err)
+			errs = append(errs, fmt.Errorf("budgets close: %w", err))
+		}
+	}
+
+	// 10. Close usage tracking (flushes pending entries)
 	if a.usage != nil {
 		if err := a.usage.Close(); err != nil {
 			slog.Error("usage logger close error", "error", err)
@@ -669,7 +702,7 @@ func (a *App) Shutdown(ctx context.Context) error {
 		}
 	}
 
-	// 10. Close audit logging (flushes pending logs)
+	// 11. Close audit logging (flushes pending logs)
 	if a.audit != nil {
 		if err := a.audit.Close(); err != nil {
 			slog.Error("audit logger close error", "error", err)
@@ -749,6 +782,7 @@ func initAdmin(
 	modelOverrideService *modeloverrides.Service,
 	workflowService *workflows.Service,
 	guardrailService *guardrails.Service,
+	budgetService *budget.Service,
 	runtimeRefresher admin.RuntimeRefresher,
 	runtimeConfig admin.DashboardConfigResponse,
 	uiEnabled bool,
@@ -792,6 +826,7 @@ func initAdmin(
 		admin.WithModelOverrides(modelOverrideService),
 		admin.WithWorkflows(workflowService),
 		admin.WithGuardrailService(guardrailService),
+		admin.WithBudgets(budgetService),
 		admin.WithRuntimeRefresher(runtimeRefresher),
 		admin.WithDashboardRuntimeConfig(runtimeConfig),
 	)
@@ -917,6 +952,7 @@ func dashboardRuntimeConfig(cfg *config.Config, usageEnabled bool) admin.Dashboa
 		FeatureFallbackMode:  dashboardFallbackModeValue(cfg),
 		LoggingEnabled:       dashboardEnabledValue(cfg != nil && cfg.Logging.Enabled),
 		UsageEnabled:         dashboardEnabledValue(cfg != nil && cfg.Usage.Enabled),
+		BudgetsEnabled:       dashboardEnabledValue(cfg != nil && cfg.Budgets.Enabled),
 		GuardrailsEnabled:    dashboardEnabledValue(cfg != nil && cfg.Guardrails.Enabled),
 		CacheEnabled:         dashboardEnabledValue(cacheAnalyticsConfigured(cfg, usageEnabled)),
 		RedisURL:             dashboardEnabledValue(simpleResponseCacheConfigured(cfg)),
diff --git a/internal/budget/factory.go b/internal/budget/factory.go
new file mode 100644
index 00000000..edb3bab5
--- /dev/null
+++ b/internal/budget/factory.go
@@ -0,0 +1,132 @@
+package budget
+
+import (
+	"context"
+	"database/sql"
+	"errors"
+	"fmt"
+	"sync"
+
+	"github.com/jackc/pgx/v5/pgxpool"
+	"go.mongodb.org/mongo-driver/v2/mongo"
+
+	"gomodel/config"
+	"gomodel/internal/storage"
+)
+
+type Result struct {
+	Service *Service
+	Store   Store
+	Storage storage.Storage
+
+	closeOnce sync.Once
+	closeErr  error
+}
+
+func (r *Result) Close() error {
+	if r == nil {
+		return nil
+	}
+	r.closeOnce.Do(func() {
+		var errs []error
+		if r.Store != nil {
+			if err := r.Store.Close(); err != nil {
+				errs = append(errs, fmt.Errorf("store close: %w", err))
+			}
+		}
+		if r.Storage != nil {
+			if err := r.Storage.Close(); err != nil {
+				errs = append(errs, fmt.Errorf("storage close: %w", err))
+			}
+		}
+		if len(errs) > 0 {
+			r.closeErr = fmt.Errorf("close errors: %w", errors.Join(errs...))
+		}
+	})
+	return r.closeErr
+}
+
+func New(ctx context.Context, cfg *config.Config) (*Result, error) {
+	if cfg == nil {
+		return nil, fmt.Errorf("config is required")
+	}
+	if !cfg.Budgets.Enabled {
+		return &Result{}, nil
+	}
+	storeConn, err := storage.New(ctx, cfg.Storage.BackendConfig())
+	if err != nil {
+		return nil, fmt.Errorf("failed to create storage: %w", err)
+	}
+	result, err := newResult(ctx, cfg, storeConn)
+	if err != nil {
+		_ = storeConn.Close()
+		return nil, err
+	}
+	result.Storage = storeConn
+	return result, nil
+}
+
+func NewWithSharedStorage(ctx context.Context, cfg *config.Config, shared storage.Storage) (*Result, error) {
+	if cfg == nil {
+		return nil, fmt.Errorf("config is required")
+	}
+	if !cfg.Budgets.Enabled {
+		return &Result{}, nil
+	}
+	if shared == nil {
+		return nil, fmt.Errorf("shared storage is required")
+	}
+	return newResult(ctx, cfg, shared)
+}
+
+func newResult(ctx context.Context, cfg *config.Config, storeConn storage.Storage) (*Result, error) {
+	store, err := createStore(ctx, storeConn)
+	if err != nil {
+		return nil, err
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		return nil, err
+	}
+	if err := seedConfiguredBudgets(ctx, service, cfg.Budgets); err != nil {
+		return nil, err
+	}
+	return &Result{Service: service, Store: store}, nil
+}
+
+func createStore(ctx context.Context, store storage.Storage) (Store, error) {
+	return storage.ResolveBackend[Store](
+		store,
+		func(db *sql.DB) (Store, error) { return NewSQLiteStore(db) },
+		func(pool *pgxpool.Pool) (Store, error) { return NewPostgreSQLStore(ctx, pool) },
+		func(db *mongo.Database) (Store, error) { return NewMongoDBStore(ctx, db) },
+	)
+}
+
+func seedConfiguredBudgets(ctx context.Context, service *Service, cfg config.BudgetsConfig) error {
+	if service == nil || len(cfg.UserPaths) == 0 {
+		return nil
+	}
+	budgets := make([]Budget, 0)
+	for _, entry := range cfg.UserPaths {
+		userPath, err := NormalizeUserPath(entry.Path)
+		if err != nil {
+			return fmt.Errorf("invalid budget user path %q: %w", entry.Path, err)
+		}
+		for _, limit := range entry.Limits {
+			seconds := limit.PeriodSeconds
+			if seconds <= 0 {
+				if parsed, ok := PeriodSeconds(limit.Period); ok {
+					seconds = parsed
+				}
+			}
+			budgets = append(budgets, Budget{
+				UserPath:      userPath,
+				PeriodSeconds: seconds,
+				Amount:        limit.Amount,
+				Source:        "config",
+			})
+		}
+	}
+	return service.ReplaceConfigBudgets(ctx, budgets)
+}
diff --git a/internal/budget/service.go b/internal/budget/service.go
new file mode 100644
index 00000000..c690831b
--- /dev/null
+++ b/internal/budget/service.go
@@ -0,0 +1,185 @@
+package budget
+
+import (
+	"context"
+	"fmt"
+	"sort"
+	"strings"
+	"sync"
+	"time"
+)
+
+type Service struct {
+	store Store
+	mu    sync.RWMutex
+
+	budgets  []Budget
+	settings Settings
+}
+
+func NewService(ctx context.Context, store Store) (*Service, error) {
+	if store == nil {
+		return nil, fmt.Errorf("budget store is required")
+	}
+	service := &Service{
+		store:    store,
+		settings: DefaultSettings(),
+	}
+	if err := service.Refresh(ctx); err != nil {
+		return nil, err
+	}
+	return service, nil
+}
+
+func (s *Service) Refresh(ctx context.Context) error {
+	if s == nil || s.store == nil {
+		return nil
+	}
+	budgets, err := s.store.ListBudgets(ctx)
+	if err != nil {
+		return err
+	}
+	settings, err := s.store.GetSettings(ctx)
+	if err != nil {
+		return err
+	}
+	sort.SliceStable(budgets, func(i, j int) bool {
+		if budgets[i].UserPath == budgets[j].UserPath {
+			return budgets[i].PeriodSeconds < budgets[j].PeriodSeconds
+		}
+		return budgets[i].UserPath < budgets[j].UserPath
+	})
+	s.mu.Lock()
+	s.budgets = budgets
+	s.settings = settings
+	s.mu.Unlock()
+	return nil
+}
+
+func (s *Service) UpsertBudgets(ctx context.Context, budgets []Budget) error {
+	if s == nil || s.store == nil {
+		return nil
+	}
+	if err := s.store.UpsertBudgets(ctx, budgets); err != nil {
+		return err
+	}
+	return s.Refresh(ctx)
+}
+
+func (s *Service) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
+	if s == nil || s.store == nil {
+		return nil
+	}
+	if err := s.store.ReplaceConfigBudgets(ctx, budgets); err != nil {
+		return err
+	}
+	return s.Refresh(ctx)
+}
+
+func (s *Service) Budgets() []Budget {
+	if s == nil {
+		return nil
+	}
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	return append([]Budget(nil), s.budgets...)
+}
+
+func (s *Service) Settings() Settings {
+	if s == nil {
+		return DefaultSettings()
+	}
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	return s.settings
+}
+
+func (s *Service) SaveSettings(ctx context.Context, settings Settings) (Settings, error) {
+	if s == nil || s.store == nil {
+		return Settings{}, fmt.Errorf("budget service is unavailable")
+	}
+	saved, err := s.store.SaveSettings(ctx, settings)
+	if err != nil {
+		return Settings{}, err
+	}
+	if err := s.Refresh(ctx); err != nil {
+		return Settings{}, err
+	}
+	return saved, nil
+}
+
+func (s *Service) ResetAll(ctx context.Context, at time.Time) error {
+	if s == nil || s.store == nil {
+		return fmt.Errorf("budget service is unavailable")
+	}
+	if at.IsZero() {
+		at = time.Now().UTC()
+	}
+	if err := s.store.ResetAllBudgets(ctx, at.UTC()); err != nil {
+		return err
+	}
+	return s.Refresh(ctx)
+}
+
+func (s *Service) Check(ctx context.Context, userPath string, now time.Time) error {
+	_, err := s.CheckWithResults(ctx, userPath, now)
+	return err
+}
+
+func (s *Service) CheckWithResults(ctx context.Context, userPath string, now time.Time) ([]CheckResult, error) {
+	if s == nil || s.store == nil {
+		return nil, nil
+	}
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return nil, err
+	}
+	if now.IsZero() {
+		now = time.Now().UTC()
+	}
+	now = now.UTC()
+
+	s.mu.RLock()
+	budgets := append([]Budget(nil), s.budgets...)
+	settings := s.settings
+	s.mu.RUnlock()
+	if len(budgets) == 0 {
+		return nil, nil
+	}
+
+	results := make([]CheckResult, 0)
+	for _, budget := range budgets {
+		if !budgetAppliesToPath(budget.UserPath, userPath) {
+			continue
+		}
+		start, end := PeriodBounds(now, budget.PeriodSeconds, settings)
+		if budget.LastResetAt != nil && budget.LastResetAt.After(start) {
+			start = budget.LastResetAt.UTC()
+		}
+		spent, _, err := s.store.SumUsageCost(ctx, budget.UserPath, start, now)
+		if err != nil {
+			return results, err
+		}
+		result := CheckResult{
+			Budget:      budget,
+			PeriodStart: start,
+			PeriodEnd:   end,
+			Spent:       spent,
+			Remaining:   budget.Amount - spent,
+		}
+		results = append(results, result)
+		if spent >= budget.Amount {
+			return results, &ExceededError{Result: result}
+		}
+	}
+	return results, nil
+}
+
+func budgetAppliesToPath(budgetPath, requestPath string) bool {
+	budgetPath = strings.TrimSpace(budgetPath)
+	requestPath = strings.TrimSpace(requestPath)
+	if budgetPath == "/" {
+		return true
+	}
+	return requestPath == budgetPath || strings.HasPrefix(requestPath, budgetPath+"/")
+}
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
new file mode 100644
index 00000000..665a4ff3
--- /dev/null
+++ b/internal/budget/service_test.go
@@ -0,0 +1,138 @@
+package budget
+
+import (
+	"context"
+	"errors"
+	"testing"
+	"time"
+)
+
+type fakeStore struct {
+	budgets  []Budget
+	settings Settings
+	sum      func(userPath string, start, end time.Time) (float64, bool, error)
+
+	lastSumUserPath string
+	lastSumStart    time.Time
+	lastResetAt     time.Time
+}
+
+func (s *fakeStore) ListBudgets(context.Context) ([]Budget, error) {
+	return append([]Budget(nil), s.budgets...), nil
+}
+
+func (s *fakeStore) UpsertBudgets(context.Context, []Budget) error {
+	return nil
+}
+
+func (s *fakeStore) ReplaceConfigBudgets(context.Context, []Budget) error {
+	return nil
+}
+
+func (s *fakeStore) GetSettings(context.Context) (Settings, error) {
+	if s.settings == (Settings{}) {
+		return DefaultSettings(), nil
+	}
+	return s.settings, nil
+}
+
+func (s *fakeStore) SaveSettings(context.Context, Settings) (Settings, error) {
+	return Settings{}, nil
+}
+
+func (s *fakeStore) ResetAllBudgets(_ context.Context, at time.Time) error {
+	s.lastResetAt = at
+	return nil
+}
+
+func (s *fakeStore) SumUsageCost(_ context.Context, userPath string, start, end time.Time) (float64, bool, error) {
+	s.lastSumUserPath = userPath
+	s.lastSumStart = start
+	if s.sum == nil {
+		return 0, false, nil
+	}
+	return s.sum(userPath, start, end)
+}
+
+func (s *fakeStore) Close() error {
+	return nil
+}
+
+func TestServiceCheckRejectsExceededBudgetForMatchingUserPath(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{
+		budgets: []Budget{
+			{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+		},
+		sum: func(userPath string, start, end time.Time) (float64, bool, error) {
+			if userPath != "/team" {
+				t.Fatalf("sum user path = %q, want /team", userPath)
+			}
+			return 10, true, nil
+		},
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+
+	err = service.Check(ctx, "/team/app", time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC))
+	var exceeded *ExceededError
+	if !errors.As(err, &exceeded) {
+		t.Fatalf("Check() error = %v, want ExceededError", err)
+	}
+	if got := exceeded.Result.Budget.UserPath; got != "/team" {
+		t.Fatalf("exceeded budget path = %q, want /team", got)
+	}
+}
+
+func TestServiceCheckIgnoresSiblingUserPath(t *testing.T) {
+	ctx := context.Background()
+	called := false
+	store := &fakeStore{
+		budgets: []Budget{
+			{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+		},
+		sum: func(userPath string, start, end time.Time) (float64, bool, error) {
+			called = true
+			return 0, false, nil
+		},
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+
+	results, err := service.CheckWithResults(ctx, "/team-alpha", time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC))
+	if err != nil {
+		t.Fatalf("CheckWithResults() error = %v", err)
+	}
+	if len(results) != 0 {
+		t.Fatalf("expected no matching budgets, got %d", len(results))
+	}
+	if called {
+		t.Fatal("sum should not be called for a sibling path")
+	}
+}
+
+func TestServiceCheckStartsAtManualResetWhenNewerThanPeriodStart(t *testing.T) {
+	ctx := context.Background()
+	resetAt := time.Date(2026, time.April, 25, 9, 0, 0, 0, time.UTC)
+	store := &fakeStore{
+		budgets: []Budget{
+			{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10, LastResetAt: &resetAt},
+		},
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+
+	_, err = service.CheckWithResults(ctx, "/team", time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC))
+	if err != nil {
+		t.Fatalf("CheckWithResults() error = %v", err)
+	}
+	if !store.lastSumStart.Equal(resetAt) {
+		t.Fatalf("sum start = %s, want reset time %s", store.lastSumStart, resetAt)
+	}
+}
diff --git a/internal/budget/settings_helpers.go b/internal/budget/settings_helpers.go
new file mode 100644
index 00000000..bcff6b34
--- /dev/null
+++ b/internal/budget/settings_helpers.go
@@ -0,0 +1,83 @@
+package budget
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type settingsRowScanner interface {
+	Next() bool
+	Scan(dest ...any) error
+	Err() error
+}
+
+func settingsKeyValues(settings Settings) map[string]int {
+	return map[string]int{
+		settingDailyResetHour:     settings.DailyResetHour,
+		settingDailyResetMinute:   settings.DailyResetMinute,
+		settingWeeklyResetWeekday: settings.WeeklyResetWeekday,
+		settingWeeklyResetHour:    settings.WeeklyResetHour,
+		settingWeeklyResetMinute:  settings.WeeklyResetMinute,
+		settingMonthlyResetDay:    settings.MonthlyResetDay,
+		settingMonthlyResetHour:   settings.MonthlyResetHour,
+		settingMonthlyResetMinute: settings.MonthlyResetMinute,
+	}
+}
+
+func applySettingValue(settings *Settings, key, value string) error {
+	if settings == nil {
+		return nil
+	}
+	parsed, err := strconv.Atoi(strings.TrimSpace(value))
+	if err != nil {
+		return fmt.Errorf("budget setting %s must be an integer", key)
+	}
+	switch strings.TrimSpace(key) {
+	case settingDailyResetHour:
+		settings.DailyResetHour = parsed
+	case settingDailyResetMinute:
+		settings.DailyResetMinute = parsed
+	case settingWeeklyResetWeekday:
+		settings.WeeklyResetWeekday = parsed
+	case settingWeeklyResetHour:
+		settings.WeeklyResetHour = parsed
+	case settingWeeklyResetMinute:
+		settings.WeeklyResetMinute = parsed
+	case settingMonthlyResetDay:
+		settings.MonthlyResetDay = parsed
+	case settingMonthlyResetHour:
+		settings.MonthlyResetHour = parsed
+	case settingMonthlyResetMinute:
+		settings.MonthlyResetMinute = parsed
+	default:
+		return nil
+	}
+	return nil
+}
+
+func scanSettingsRows(rows settingsRowScanner) (Settings, error) {
+	settings := DefaultSettings()
+	var latest int64
+	for rows.Next() {
+		var key, value string
+		var updatedAt int64
+		if err := rows.Scan(&key, &value, &updatedAt); err != nil {
+			return Settings{}, fmt.Errorf("scan budget setting: %w", err)
+		}
+		if err := applySettingValue(&settings, key, value); err != nil {
+			return Settings{}, err
+		}
+		if updatedAt > latest {
+			latest = updatedAt
+		}
+	}
+	if err := rows.Err(); err != nil {
+		return Settings{}, fmt.Errorf("iterate budget settings: %w", err)
+	}
+	if latest > 0 {
+		settings.UpdatedAt = time.Unix(latest, 0).UTC()
+	}
+	return normalizeLoadedSettings(settings)
+}
diff --git a/internal/budget/store.go b/internal/budget/store.go
new file mode 100644
index 00000000..3ab3ced5
--- /dev/null
+++ b/internal/budget/store.go
@@ -0,0 +1,78 @@
+package budget
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"time"
+)
+
+// Store persists budget definitions, reset settings, and spend lookups.
+type Store interface {
+	ListBudgets(ctx context.Context) ([]Budget, error)
+	UpsertBudgets(ctx context.Context, budgets []Budget) error
+	ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error
+	GetSettings(ctx context.Context) (Settings, error)
+	SaveSettings(ctx context.Context, settings Settings) (Settings, error)
+	ResetAllBudgets(ctx context.Context, at time.Time) error
+	SumUsageCost(ctx context.Context, userPath string, start, end time.Time) (float64, bool, error)
+	Close() error
+}
+
+func normalizeBudgetsForUpsert(budgets []Budget) ([]Budget, error) {
+	if len(budgets) == 0 {
+		return nil, nil
+	}
+	normalized := make([]Budget, 0, len(budgets))
+	seen := make(map[string]int, len(budgets))
+	for _, budget := range budgets {
+		item, err := NormalizeBudget(budget)
+		if err != nil {
+			return nil, err
+		}
+		key := budgetKey(item.UserPath, item.PeriodSeconds)
+		if existing, ok := seen[key]; ok {
+			normalized[existing] = item
+			continue
+		}
+		seen[key] = len(normalized)
+		normalized = append(normalized, item)
+	}
+	return normalized, nil
+}
+
+func budgetKey(userPath string, periodSeconds int64) string {
+	return strings.TrimSpace(userPath) + ":" + fmt.Sprint(periodSeconds)
+}
+
+func normalizeLoadedSettings(settings Settings) (Settings, error) {
+	defaults := DefaultSettings()
+	if settings.MonthlyResetDay == 0 {
+		settings.MonthlyResetDay = defaults.MonthlyResetDay
+	}
+	if settings.UpdatedAt.IsZero() {
+		settings.UpdatedAt = time.Now().UTC()
+	}
+	if err := ValidateSettings(settings); err != nil {
+		return Settings{}, err
+	}
+	return settings, nil
+}
+
+func usagePathMatchesBudgetExpr(column string) string {
+	return "COALESCE(NULLIF(TRIM(" + column + "), ''), '/')"
+}
+
+func usagePathLikePattern(userPath string) string {
+	if userPath == "/" {
+		return "/%"
+	}
+	return escapeLikeWildcards(userPath) + "/%"
+}
+
+func escapeLikeWildcards(s string) string {
+	s = strings.ReplaceAll(s, `\`, `\\`)
+	s = strings.ReplaceAll(s, `%`, `\%`)
+	s = strings.ReplaceAll(s, `_`, `\_`)
+	return s
+}
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
new file mode 100644
index 00000000..1b3ba6fe
--- /dev/null
+++ b/internal/budget/store_mongodb.go
@@ -0,0 +1,245 @@
+package budget
+
+import (
+	"context"
+	"fmt"
+	"regexp"
+	"strconv"
+	"time"
+
+	"go.mongodb.org/mongo-driver/v2/bson"
+	"go.mongodb.org/mongo-driver/v2/mongo"
+	"go.mongodb.org/mongo-driver/v2/mongo/options"
+)
+
+type MongoDBStore struct {
+	budgets  *mongo.Collection
+	settings *mongo.Collection
+	usage    *mongo.Collection
+}
+
+func NewMongoDBStore(ctx context.Context, database *mongo.Database) (*MongoDBStore, error) {
+	if database == nil {
+		return nil, fmt.Errorf("database is required")
+	}
+	store := &MongoDBStore{
+		budgets:  database.Collection("budgets"),
+		settings: database.Collection("budget_settings"),
+		usage:    database.Collection("usage"),
+	}
+	_, err := store.budgets.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.D{{Key: "user_path", Value: 1}, {Key: "period_seconds", Value: 1}},
+			Options: options.Index().SetUnique(true),
+		},
+		{Keys: bson.D{{Key: "user_path", Value: 1}}},
+		{Keys: bson.D{{Key: "period_seconds", Value: 1}}},
+	})
+	if err != nil {
+		return nil, fmt.Errorf("create budget indexes: %w", err)
+	}
+	_, err = store.settings.Indexes().CreateOne(ctx, mongo.IndexModel{
+		Keys:    bson.D{{Key: "key", Value: 1}},
+		Options: options.Index().SetUnique(true),
+	})
+	if err != nil {
+		return nil, fmt.Errorf("create budget settings indexes: %w", err)
+	}
+	return store, nil
+}
+
+func (s *MongoDBStore) ListBudgets(ctx context.Context) ([]Budget, error) {
+	cursor, err := s.budgets.Find(ctx, bson.D{}, options.Find().SetSort(bson.D{{Key: "user_path", Value: 1}, {Key: "period_seconds", Value: 1}}))
+	if err != nil {
+		return nil, fmt.Errorf("list budgets: %w", err)
+	}
+	defer cursor.Close(ctx)
+
+	budgets := make([]Budget, 0)
+	for cursor.Next(ctx) {
+		var budget Budget
+		if err := cursor.Decode(&budget); err != nil {
+			return nil, fmt.Errorf("decode budget: %w", err)
+		}
+		budgets = append(budgets, budget)
+	}
+	if err := cursor.Err(); err != nil {
+		return nil, fmt.Errorf("iterate budgets: %w", err)
+	}
+	return budgets, nil
+}
+
+func (s *MongoDBStore) UpsertBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	if len(budgets) == 0 {
+		return nil
+	}
+	for _, budget := range budgets {
+		filter := bson.D{{Key: "user_path", Value: budget.UserPath}, {Key: "period_seconds", Value: budget.PeriodSeconds}}
+		update := bson.D{{Key: "$set", Value: bson.D{
+			{Key: "user_path", Value: budget.UserPath},
+			{Key: "period_seconds", Value: budget.PeriodSeconds},
+			{Key: "amount", Value: budget.Amount},
+			{Key: "source", Value: budget.Source},
+			{Key: "updated_at", Value: budget.UpdatedAt},
+		}}, {Key: "$setOnInsert", Value: bson.D{
+			{Key: "created_at", Value: budget.CreatedAt},
+			{Key: "last_reset_at", Value: budget.LastResetAt},
+		}}}
+		if _, err := s.budgets.UpdateOne(ctx, filter, update, options.UpdateOne().SetUpsert(true)); err != nil {
+			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
+		}
+	}
+	return nil
+}
+
+func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	for i := range budgets {
+		budgets[i].Source = "config"
+	}
+
+	filter := bson.D{{Key: "source", Value: "config"}}
+	if len(budgets) > 0 {
+		keep := make(bson.A, 0, len(budgets))
+		for _, budget := range budgets {
+			keep = append(keep, bson.D{
+				{Key: "user_path", Value: budget.UserPath},
+				{Key: "period_seconds", Value: budget.PeriodSeconds},
+			})
+		}
+		filter = append(filter, bson.E{Key: "$nor", Value: keep})
+	}
+	if _, err := s.budgets.DeleteMany(ctx, filter); err != nil {
+		return fmt.Errorf("delete old config budgets: %w", err)
+	}
+	return s.UpsertBudgets(ctx, budgets)
+}
+
+func (s *MongoDBStore) GetSettings(ctx context.Context) (Settings, error) {
+	cursor, err := s.settings.Find(ctx, bson.D{})
+	if err != nil {
+		return Settings{}, fmt.Errorf("get budget settings: %w", err)
+	}
+	defer cursor.Close(ctx)
+
+	settings := DefaultSettings()
+	var latest time.Time
+	for cursor.Next(ctx) {
+		var row struct {
+			Key       string    `bson:"key"`
+			Value     string    `bson:"value"`
+			UpdatedAt time.Time `bson:"updated_at"`
+		}
+		if err := cursor.Decode(&row); err != nil {
+			return Settings{}, fmt.Errorf("decode budget setting: %w", err)
+		}
+		if err := applySettingValue(&settings, row.Key, row.Value); err != nil {
+			return Settings{}, err
+		}
+		if row.UpdatedAt.After(latest) {
+			latest = row.UpdatedAt
+		}
+	}
+	if err := cursor.Err(); err != nil {
+		return Settings{}, fmt.Errorf("iterate budget settings: %w", err)
+	}
+	if !latest.IsZero() {
+		settings.UpdatedAt = latest.UTC()
+	}
+	return normalizeLoadedSettings(settings)
+}
+
+func (s *MongoDBStore) SaveSettings(ctx context.Context, settings Settings) (Settings, error) {
+	if err := ValidateSettings(settings); err != nil {
+		return Settings{}, err
+	}
+	settings.UpdatedAt = time.Now().UTC()
+	for key, value := range settingsKeyValues(settings) {
+		filter := bson.D{{Key: "key", Value: key}}
+		update := bson.D{{Key: "$set", Value: bson.D{
+			{Key: "key", Value: key},
+			{Key: "value", Value: strconv.Itoa(value)},
+			{Key: "updated_at", Value: settings.UpdatedAt},
+		}}}
+		if _, err := s.settings.UpdateOne(ctx, filter, update, options.UpdateOne().SetUpsert(true)); err != nil {
+			return Settings{}, fmt.Errorf("save budget setting %s: %w", key, err)
+		}
+	}
+	return settings, nil
+}
+
+func (s *MongoDBStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
+	_, err := s.budgets.UpdateMany(ctx, bson.D{}, bson.D{{Key: "$set", Value: bson.D{
+		{Key: "last_reset_at", Value: at.UTC()},
+		{Key: "updated_at", Value: at.UTC()},
+	}}})
+	if err != nil {
+		return fmt.Errorf("reset all budgets: %w", err)
+	}
+	return nil
+}
+
+func (s *MongoDBStore) SumUsageCost(ctx context.Context, userPath string, start, end time.Time) (float64, bool, error) {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return 0, false, err
+	}
+	pathPattern := usagePathRegex(userPath)
+	pipeline := bson.A{
+		bson.D{{Key: "$addFields", Value: bson.D{
+			{Key: "_gomodel_budget_user_path", Value: bson.D{{Key: "$cond", Value: bson.A{
+				bson.D{{Key: "$ne", Value: bson.A{bson.D{{Key: "$trim", Value: bson.D{{Key: "input", Value: bson.D{{Key: "$ifNull", Value: bson.A{"$user_path", ""}}}}}}}, ""}}},
+				bson.D{{Key: "$trim", Value: bson.D{{Key: "input", Value: "$user_path"}}}},
+				"/",
+			}}}},
+		}}},
+		bson.D{{Key: "$match", Value: bson.D{
+			{Key: "timestamp", Value: bson.D{{Key: "$gte", Value: start.UTC()}, {Key: "$lt", Value: end.UTC()}}},
+			{Key: "_gomodel_budget_user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}},
+			{Key: "$or", Value: bson.A{
+				bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
+				bson.D{{Key: "cache_type", Value: ""}},
+			}},
+		}}},
+		bson.D{{Key: "$group", Value: bson.D{
+			{Key: "_id", Value: nil},
+			{Key: "total", Value: bson.D{{Key: "$sum", Value: bson.D{{Key: "$ifNull", Value: bson.A{"$total_cost", 0}}}}}},
+			{Key: "has_costs", Value: bson.D{{Key: "$sum", Value: bson.D{{Key: "$cond", Value: bson.A{bson.D{{Key: "$gt", Value: bson.A{"$total_cost", nil}}}, 1, 0}}}}}},
+		}}},
+	}
+	cursor, err := s.usage.Aggregate(ctx, pipeline)
+	if err != nil {
+		return 0, false, fmt.Errorf("sum usage cost: %w", err)
+	}
+	defer cursor.Close(ctx)
+
+	if !cursor.Next(ctx) {
+		return 0, false, cursor.Err()
+	}
+	var row struct {
+		Total    float64 `bson:"total"`
+		HasCosts int     `bson:"has_costs"`
+	}
+	if err := cursor.Decode(&row); err != nil {
+		return 0, false, fmt.Errorf("decode usage cost sum: %w", err)
+	}
+	return row.Total, row.HasCosts > 0, nil
+}
+
+func (s *MongoDBStore) Close() error {
+	return nil
+}
+
+func usagePathRegex(userPath string) string {
+	if userPath == "/" {
+		return "^/"
+	}
+	return "^" + regexp.QuoteMeta(userPath) + "(?:/|$)"
+}
diff --git a/internal/budget/store_postgresql.go b/internal/budget/store_postgresql.go
new file mode 100644
index 00000000..835b035d
--- /dev/null
+++ b/internal/budget/store_postgresql.go
@@ -0,0 +1,290 @@
+package budget
+
+import (
+	"context"
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/jackc/pgx/v5"
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+type PostgreSQLStore struct {
+	pool *pgxpool.Pool
+}
+
+func NewPostgreSQLStore(ctx context.Context, pool *pgxpool.Pool) (*PostgreSQLStore, error) {
+	if pool == nil {
+		return nil, fmt.Errorf("connection pool is required")
+	}
+	if _, err := pool.Exec(ctx, `
+		CREATE TABLE IF NOT EXISTS budgets (
+			user_path TEXT NOT NULL,
+			period_seconds BIGINT NOT NULL,
+			amount DOUBLE PRECISION NOT NULL,
+			source TEXT NOT NULL DEFAULT '',
+			last_reset_at BIGINT,
+			created_at BIGINT NOT NULL,
+			updated_at BIGINT NOT NULL,
+			PRIMARY KEY (user_path, period_seconds)
+		)
+	`); err != nil {
+		return nil, fmt.Errorf("failed to create budgets table: %w", err)
+	}
+	for _, migration := range []string{
+		`ALTER TABLE budgets ADD COLUMN IF NOT EXISTS source TEXT NOT NULL DEFAULT ''`,
+		`ALTER TABLE budgets ADD COLUMN IF NOT EXISTS last_reset_at BIGINT`,
+	} {
+		if _, err := pool.Exec(ctx, migration); err != nil {
+			return nil, fmt.Errorf("failed to migrate budgets table: %w", err)
+		}
+	}
+	if _, err := pool.Exec(ctx, `
+		CREATE TABLE IF NOT EXISTS budget_settings (
+			key TEXT PRIMARY KEY,
+			value TEXT NOT NULL,
+			updated_at BIGINT NOT NULL
+		)
+	`); err != nil {
+		return nil, fmt.Errorf("failed to create budget_settings table: %w", err)
+	}
+	for _, index := range []string{
+		`CREATE INDEX IF NOT EXISTS idx_budgets_user_path ON budgets(user_path)`,
+		`CREATE INDEX IF NOT EXISTS idx_budgets_period_seconds ON budgets(period_seconds)`,
+	} {
+		if _, err := pool.Exec(ctx, index); err != nil {
+			return nil, fmt.Errorf("failed to create budget index: %w", err)
+		}
+	}
+	return &PostgreSQLStore{pool: pool}, nil
+}
+
+func (s *PostgreSQLStore) ListBudgets(ctx context.Context) ([]Budget, error) {
+	rows, err := s.pool.Query(ctx, `
+		SELECT user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at
+		FROM budgets
+		ORDER BY user_path ASC, period_seconds ASC
+	`)
+	if err != nil {
+		return nil, fmt.Errorf("list budgets: %w", err)
+	}
+	defer rows.Close()
+
+	budgets := make([]Budget, 0)
+	for rows.Next() {
+		budget, err := scanPostgreSQLBudget(rows)
+		if err != nil {
+			return nil, err
+		}
+		budgets = append(budgets, budget)
+	}
+	if err := rows.Err(); err != nil {
+		return nil, fmt.Errorf("iterate budgets: %w", err)
+	}
+	return budgets, nil
+}
+
+func (s *PostgreSQLStore) UpsertBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	if len(budgets) == 0 {
+		return nil
+	}
+	tx, err := s.pool.Begin(ctx)
+	if err != nil {
+		return fmt.Errorf("begin budget upsert: %w", err)
+	}
+	defer tx.Rollback(ctx) //nolint:errcheck
+
+	for _, budget := range budgets {
+		_, err := tx.Exec(ctx, `
+			INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
+			VALUES ($1, $2, $3, $4, $5, $6, $7)
+			ON CONFLICT (user_path, period_seconds) DO UPDATE SET
+				amount = excluded.amount,
+				source = excluded.source,
+				updated_at = excluded.updated_at
+		`,
+			budget.UserPath,
+			budget.PeriodSeconds,
+			budget.Amount,
+			budget.Source,
+			unixOrNil(budget.LastResetAt),
+			budget.CreatedAt.Unix(),
+			budget.UpdatedAt.Unix(),
+		)
+		if err != nil {
+			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
+		}
+	}
+	if err := tx.Commit(ctx); err != nil {
+		return fmt.Errorf("commit budget upsert: %w", err)
+	}
+	return nil
+}
+
+func (s *PostgreSQLStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	for i := range budgets {
+		budgets[i].Source = "config"
+	}
+
+	tx, err := s.pool.Begin(ctx)
+	if err != nil {
+		return fmt.Errorf("begin config budget replace: %w", err)
+	}
+	defer tx.Rollback(ctx) //nolint:errcheck
+
+	if len(budgets) == 0 {
+		if _, err := tx.Exec(ctx, `DELETE FROM budgets WHERE source = 'config'`); err != nil {
+			return fmt.Errorf("delete old config budgets: %w", err)
+		}
+	} else {
+		conditions := make([]string, 0, len(budgets))
+		args := make([]any, 0, len(budgets)*2)
+		for i, budget := range budgets {
+			base := i*2 + 1
+			conditions = append(conditions, fmt.Sprintf(`(user_path = $%d AND period_seconds = $%d)`, base, base+1))
+			args = append(args, budget.UserPath, budget.PeriodSeconds)
+		}
+		query := `DELETE FROM budgets WHERE source = 'config' AND NOT (` + strings.Join(conditions, " OR ") + `)`
+		if _, err := tx.Exec(ctx, query, args...); err != nil {
+			return fmt.Errorf("delete old config budgets: %w", err)
+		}
+	}
+	if err := upsertPostgreSQLBudgets(ctx, tx, budgets); err != nil {
+		return err
+	}
+	if err := tx.Commit(ctx); err != nil {
+		return fmt.Errorf("commit config budget replace: %w", err)
+	}
+	return nil
+}
+
+func (s *PostgreSQLStore) GetSettings(ctx context.Context) (Settings, error) {
+	rows, err := s.pool.Query(ctx, `SELECT key, value, updated_at FROM budget_settings`)
+	if err != nil {
+		return Settings{}, fmt.Errorf("get budget settings: %w", err)
+	}
+	defer rows.Close()
+
+	return scanSettingsRows(rows)
+}
+
+func (s *PostgreSQLStore) SaveSettings(ctx context.Context, settings Settings) (Settings, error) {
+	if err := ValidateSettings(settings); err != nil {
+		return Settings{}, err
+	}
+	settings.UpdatedAt = time.Now().UTC()
+	tx, err := s.pool.Begin(ctx)
+	if err != nil {
+		return Settings{}, fmt.Errorf("begin budget settings save: %w", err)
+	}
+	defer tx.Rollback(ctx) //nolint:errcheck
+
+	for key, value := range settingsKeyValues(settings) {
+		if _, err := tx.Exec(ctx, `
+			INSERT INTO budget_settings (key, value, updated_at)
+			VALUES ($1, $2, $3)
+			ON CONFLICT (key) DO UPDATE SET
+				value = excluded.value,
+				updated_at = excluded.updated_at
+		`, key, strconv.Itoa(value), settings.UpdatedAt.Unix()); err != nil {
+			return Settings{}, fmt.Errorf("save budget setting %s: %w", key, err)
+		}
+	}
+	if err := tx.Commit(ctx); err != nil {
+		return Settings{}, fmt.Errorf("commit budget settings save: %w", err)
+	}
+	return settings, nil
+}
+
+func (s *PostgreSQLStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
+	_, err := s.pool.Exec(ctx, `UPDATE budgets SET last_reset_at = $1, updated_at = $2`, at.UTC().Unix(), at.UTC().Unix())
+	if err != nil {
+		return fmt.Errorf("reset all budgets: %w", err)
+	}
+	return nil
+}
+
+func (s *PostgreSQLStore) SumUsageCost(ctx context.Context, userPath string, start, end time.Time) (float64, bool, error) {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return 0, false, err
+	}
+	userPathExpr := usagePathMatchesBudgetExpr("user_path")
+	query := `SELECT SUM(total_cost) FROM "usage"
+		WHERE timestamp >= $1
+			AND timestamp < $2
+			AND (` + userPathExpr + ` = $3 OR ` + userPathExpr + ` LIKE $4 ESCAPE '\')
+			AND (cache_type IS NULL OR cache_type = '')`
+	var total *float64
+	if err := s.pool.QueryRow(ctx, query, start.UTC(), end.UTC(), userPath, usagePathLikePattern(userPath)).Scan(&total); err != nil {
+		return 0, false, fmt.Errorf("sum usage cost: %w", err)
+	}
+	if total == nil {
+		return 0, false, nil
+	}
+	return *total, true, nil
+}
+
+func (s *PostgreSQLStore) Close() error {
+	return nil
+}
+
+func upsertPostgreSQLBudgets(ctx context.Context, tx pgx.Tx, budgets []Budget) error {
+	for _, budget := range budgets {
+		_, err := tx.Exec(ctx, `
+			INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
+			VALUES ($1, $2, $3, $4, $5, $6, $7)
+			ON CONFLICT (user_path, period_seconds) DO UPDATE SET
+				amount = excluded.amount,
+				source = excluded.source,
+				updated_at = excluded.updated_at
+		`,
+			budget.UserPath,
+			budget.PeriodSeconds,
+			budget.Amount,
+			budget.Source,
+			unixOrNil(budget.LastResetAt),
+			budget.CreatedAt.Unix(),
+			budget.UpdatedAt.Unix(),
+		)
+		if err != nil {
+			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
+		}
+	}
+	return nil
+}
+
+func scanPostgreSQLBudget(row pgx.Row) (Budget, error) {
+	var budget Budget
+	var lastResetAt *int64
+	var createdAt int64
+	var updatedAt int64
+	if err := row.Scan(
+		&budget.UserPath,
+		&budget.PeriodSeconds,
+		&budget.Amount,
+		&budget.Source,
+		&lastResetAt,
+		&createdAt,
+		&updatedAt,
+	); err != nil {
+		return Budget{}, fmt.Errorf("scan budget: %w", err)
+	}
+	if lastResetAt != nil {
+		t := time.Unix(*lastResetAt, 0).UTC()
+		budget.LastResetAt = &t
+	}
+	budget.CreatedAt = time.Unix(createdAt, 0).UTC()
+	budget.UpdatedAt = time.Unix(updatedAt, 0).UTC()
+	return budget, nil
+}
diff --git a/internal/budget/store_sqlite.go b/internal/budget/store_sqlite.go
new file mode 100644
index 00000000..70597939
--- /dev/null
+++ b/internal/budget/store_sqlite.go
@@ -0,0 +1,353 @@
+package budget
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+)
+
+const (
+	settingDailyResetHour     = "daily_reset_hour"
+	settingDailyResetMinute   = "daily_reset_minute"
+	settingWeeklyResetWeekday = "weekly_reset_weekday"
+	settingWeeklyResetHour    = "weekly_reset_hour"
+	settingWeeklyResetMinute  = "weekly_reset_minute"
+	settingMonthlyResetDay    = "monthly_reset_day"
+	settingMonthlyResetHour   = "monthly_reset_hour"
+	settingMonthlyResetMinute = "monthly_reset_minute"
+)
+
+type SQLiteStore struct {
+	db *sql.DB
+}
+
+func NewSQLiteStore(db *sql.DB) (*SQLiteStore, error) {
+	if db == nil {
+		return nil, fmt.Errorf("database connection is required")
+	}
+	if _, err := db.Exec(`
+		CREATE TABLE IF NOT EXISTS budgets (
+			user_path TEXT NOT NULL,
+			period_seconds INTEGER NOT NULL,
+			amount REAL NOT NULL,
+			source TEXT NOT NULL DEFAULT '',
+			last_reset_at INTEGER,
+			created_at INTEGER NOT NULL,
+			updated_at INTEGER NOT NULL,
+			PRIMARY KEY (user_path, period_seconds)
+		)
+	`); err != nil {
+		return nil, fmt.Errorf("failed to create budgets table: %w", err)
+	}
+	for _, migration := range []string{
+		`ALTER TABLE budgets ADD COLUMN source TEXT NOT NULL DEFAULT ''`,
+		`ALTER TABLE budgets ADD COLUMN last_reset_at INTEGER`,
+	} {
+		if _, err := db.Exec(migration); err != nil && !isSQLiteDuplicateColumnError(err) {
+			return nil, fmt.Errorf("failed to migrate budgets table: %w", err)
+		}
+	}
+	if _, err := db.Exec(`
+		CREATE TABLE IF NOT EXISTS budget_settings (
+			key TEXT PRIMARY KEY,
+			value TEXT NOT NULL,
+			updated_at INTEGER NOT NULL
+		)
+	`); err != nil {
+		return nil, fmt.Errorf("failed to create budget_settings table: %w", err)
+	}
+	for _, index := range []string{
+		`CREATE INDEX IF NOT EXISTS idx_budgets_user_path ON budgets(user_path)`,
+		`CREATE INDEX IF NOT EXISTS idx_budgets_period_seconds ON budgets(period_seconds)`,
+	} {
+		if _, err := db.Exec(index); err != nil {
+			return nil, fmt.Errorf("failed to create budget index: %w", err)
+		}
+	}
+	return &SQLiteStore{db: db}, nil
+}
+
+func (s *SQLiteStore) ListBudgets(ctx context.Context) ([]Budget, error) {
+	rows, err := s.db.QueryContext(ctx, `
+		SELECT user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at
+		FROM budgets
+		ORDER BY user_path ASC, period_seconds ASC
+	`)
+	if err != nil {
+		return nil, fmt.Errorf("list budgets: %w", err)
+	}
+	defer rows.Close()
+
+	var budgets []Budget
+	for rows.Next() {
+		budget, err := scanSQLiteBudget(rows)
+		if err != nil {
+			return nil, err
+		}
+		budgets = append(budgets, budget)
+	}
+	if err := rows.Err(); err != nil {
+		return nil, fmt.Errorf("iterate budgets: %w", err)
+	}
+	return budgets, nil
+}
+
+func (s *SQLiteStore) UpsertBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	if len(budgets) == 0 {
+		return nil
+	}
+
+	tx, err := s.db.BeginTx(ctx, nil)
+	if err != nil {
+		return fmt.Errorf("begin budget upsert: %w", err)
+	}
+	defer tx.Rollback() //nolint:errcheck
+
+	stmt, err := tx.PrepareContext(ctx, `
+		INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?)
+		ON CONFLICT(user_path, period_seconds) DO UPDATE SET
+			amount = excluded.amount,
+			source = excluded.source,
+			updated_at = excluded.updated_at
+	`)
+	if err != nil {
+		return fmt.Errorf("prepare budget upsert: %w", err)
+	}
+	defer stmt.Close()
+
+	for _, budget := range budgets {
+		if _, err := stmt.ExecContext(
+			ctx,
+			budget.UserPath,
+			budget.PeriodSeconds,
+			budget.Amount,
+			budget.Source,
+			unixOrNil(budget.LastResetAt),
+			budget.CreatedAt.Unix(),
+			budget.UpdatedAt.Unix(),
+		); err != nil {
+			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
+		}
+	}
+	if err := tx.Commit(); err != nil {
+		return fmt.Errorf("commit budget upsert: %w", err)
+	}
+	return nil
+}
+
+func (s *SQLiteStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
+	budgets, err := normalizeBudgetsForUpsert(budgets)
+	if err != nil {
+		return err
+	}
+	for i := range budgets {
+		budgets[i].Source = "config"
+	}
+
+	tx, err := s.db.BeginTx(ctx, nil)
+	if err != nil {
+		return fmt.Errorf("begin config budget replace: %w", err)
+	}
+	defer tx.Rollback() //nolint:errcheck
+
+	if len(budgets) == 0 {
+		if _, err := tx.ExecContext(ctx, `DELETE FROM budgets WHERE source = 'config'`); err != nil {
+			return fmt.Errorf("delete old config budgets: %w", err)
+		}
+	} else {
+		conditions := make([]string, 0, len(budgets))
+		args := make([]any, 0, len(budgets)*2)
+		for _, budget := range budgets {
+			conditions = append(conditions, `(user_path = ? AND period_seconds = ?)`)
+			args = append(args, budget.UserPath, budget.PeriodSeconds)
+		}
+		query := `DELETE FROM budgets WHERE source = 'config' AND NOT (` + strings.Join(conditions, " OR ") + `)`
+		if _, err := tx.ExecContext(ctx, query, args...); err != nil {
+			return fmt.Errorf("delete old config budgets: %w", err)
+		}
+	}
+	if err := upsertSQLiteBudgets(ctx, tx, budgets); err != nil {
+		return err
+	}
+	if err := tx.Commit(); err != nil {
+		return fmt.Errorf("commit config budget replace: %w", err)
+	}
+	return nil
+}
+
+func (s *SQLiteStore) GetSettings(ctx context.Context) (Settings, error) {
+	rows, err := s.db.QueryContext(ctx, `SELECT key, value, updated_at FROM budget_settings`)
+	if err != nil {
+		return Settings{}, fmt.Errorf("get budget settings: %w", err)
+	}
+	defer rows.Close()
+
+	return scanSettingsRows(rows)
+}
+
+func (s *SQLiteStore) SaveSettings(ctx context.Context, settings Settings) (Settings, error) {
+	if err := ValidateSettings(settings); err != nil {
+		return Settings{}, err
+	}
+	settings.UpdatedAt = time.Now().UTC()
+	values := settingsKeyValues(settings)
+
+	tx, err := s.db.BeginTx(ctx, nil)
+	if err != nil {
+		return Settings{}, fmt.Errorf("begin budget settings save: %w", err)
+	}
+	defer tx.Rollback() //nolint:errcheck
+
+	stmt, err := tx.PrepareContext(ctx, `
+		INSERT INTO budget_settings (key, value, updated_at)
+		VALUES (?, ?, ?)
+		ON CONFLICT(key) DO UPDATE SET
+			value = excluded.value,
+			updated_at = excluded.updated_at
+	`)
+	if err != nil {
+		return Settings{}, fmt.Errorf("prepare budget settings save: %w", err)
+	}
+	defer stmt.Close()
+
+	for key, value := range values {
+		if _, err := stmt.ExecContext(ctx, key, strconv.Itoa(value), settings.UpdatedAt.Unix()); err != nil {
+			return Settings{}, fmt.Errorf("save budget setting %s: %w", key, err)
+		}
+	}
+	if err := tx.Commit(); err != nil {
+		return Settings{}, fmt.Errorf("commit budget settings save: %w", err)
+	}
+	return settings, nil
+}
+
+func (s *SQLiteStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
+	_, err := s.db.ExecContext(ctx, `UPDATE budgets SET last_reset_at = ?, updated_at = ?`, at.UTC().Unix(), at.UTC().Unix())
+	if err != nil {
+		return fmt.Errorf("reset all budgets: %w", err)
+	}
+	return nil
+}
+
+func (s *SQLiteStore) SumUsageCost(ctx context.Context, userPath string, start, end time.Time) (float64, bool, error) {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return 0, false, err
+	}
+	userPathExpr := usagePathMatchesBudgetExpr("user_path")
+	query := `SELECT SUM(total_cost) FROM usage
+		WHERE ` + sqliteTimestampEpochExpr() + ` >= unixepoch(?)
+			AND ` + sqliteTimestampEpochExpr() + ` < unixepoch(?)
+			AND (` + userPathExpr + ` = ? OR ` + userPathExpr + ` LIKE ? ESCAPE '\')
+			AND (cache_type IS NULL OR cache_type = '')`
+	var total sql.NullFloat64
+	if err := s.db.QueryRowContext(
+		ctx,
+		query,
+		start.UTC().Format(time.RFC3339Nano),
+		end.UTC().Format(time.RFC3339Nano),
+		userPath,
+		usagePathLikePattern(userPath),
+	).Scan(&total); err != nil {
+		return 0, false, fmt.Errorf("sum usage cost: %w", err)
+	}
+	if !total.Valid {
+		return 0, false, nil
+	}
+	return total.Float64, true, nil
+}
+
+func (s *SQLiteStore) Close() error {
+	return nil
+}
+
+func upsertSQLiteBudgets(ctx context.Context, tx *sql.Tx, budgets []Budget) error {
+	if len(budgets) == 0 {
+		return nil
+	}
+	stmt, err := tx.PrepareContext(ctx, `
+		INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?)
+		ON CONFLICT(user_path, period_seconds) DO UPDATE SET
+			amount = excluded.amount,
+			source = excluded.source,
+			updated_at = excluded.updated_at
+	`)
+	if err != nil {
+		return fmt.Errorf("prepare budget upsert: %w", err)
+	}
+	defer stmt.Close()
+
+	for _, budget := range budgets {
+		if _, err := stmt.ExecContext(
+			ctx,
+			budget.UserPath,
+			budget.PeriodSeconds,
+			budget.Amount,
+			budget.Source,
+			unixOrNil(budget.LastResetAt),
+			budget.CreatedAt.Unix(),
+			budget.UpdatedAt.Unix(),
+		); err != nil {
+			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
+		}
+	}
+	return nil
+}
+
+func scanSQLiteBudget(scanner interface{ Scan(dest ...any) error }) (Budget, error) {
+	var budget Budget
+	var lastResetAt sql.NullInt64
+	var createdAt int64
+	var updatedAt int64
+	if err := scanner.Scan(
+		&budget.UserPath,
+		&budget.PeriodSeconds,
+		&budget.Amount,
+		&budget.Source,
+		&lastResetAt,
+		&createdAt,
+		&updatedAt,
+	); err != nil {
+		return Budget{}, fmt.Errorf("scan budget: %w", err)
+	}
+	budget.LastResetAt = unixPtr(lastResetAt)
+	budget.CreatedAt = time.Unix(createdAt, 0).UTC()
+	budget.UpdatedAt = time.Unix(updatedAt, 0).UTC()
+	return budget, nil
+}
+
+func sqliteTimestampEpochExpr() string {
+	return "unixepoch(REPLACE(timestamp, ' ', 'T'))"
+}
+
+func isSQLiteDuplicateColumnError(err error) bool {
+	if err == nil {
+		return false
+	}
+	message := strings.ToLower(err.Error())
+	return strings.Contains(message, "duplicate column") || strings.Contains(message, "already exists")
+}
+
+func unixOrNil(value *time.Time) any {
+	if value == nil {
+		return nil
+	}
+	return value.UTC().Unix()
+}
+
+func unixPtr(value sql.NullInt64) *time.Time {
+	if !value.Valid {
+		return nil
+	}
+	t := time.Unix(value.Int64, 0).UTC()
+	return &t
+}
diff --git a/internal/budget/store_sqlite_test.go b/internal/budget/store_sqlite_test.go
new file mode 100644
index 00000000..5b90161d
--- /dev/null
+++ b/internal/budget/store_sqlite_test.go
@@ -0,0 +1,66 @@
+package budget
+
+import (
+	"context"
+	"database/sql"
+	"testing"
+	"time"
+
+	_ "modernc.org/sqlite"
+)
+
+func TestSQLiteStoreReplaceConfigBudgetsRemovesStaleConfigRowsOnly(t *testing.T) {
+	ctx := context.Background()
+	db, err := sql.Open("sqlite", ":memory:")
+	if err != nil {
+		t.Fatalf("sql.Open() failed: %v", err)
+	}
+	defer db.Close()
+
+	store, err := NewSQLiteStore(db)
+	if err != nil {
+		t.Fatalf("NewSQLiteStore() failed: %v", err)
+	}
+	resetAt := time.Date(2026, time.April, 25, 9, 0, 0, 0, time.UTC)
+	if err := store.UpsertBudgets(ctx, []Budget{
+		{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10, Source: "config"},
+		{UserPath: "/team", PeriodSeconds: PeriodWeeklySeconds, Amount: 50, Source: "config", LastResetAt: &resetAt},
+		{UserPath: "/manual", PeriodSeconds: PeriodDailySeconds, Amount: 5, Source: "manual"},
+	}); err != nil {
+		t.Fatalf("UpsertBudgets() failed: %v", err)
+	}
+
+	if err := store.ReplaceConfigBudgets(ctx, []Budget{
+		{UserPath: "/team", PeriodSeconds: PeriodWeeklySeconds, Amount: 75},
+	}); err != nil {
+		t.Fatalf("ReplaceConfigBudgets() failed: %v", err)
+	}
+
+	got, err := store.ListBudgets(ctx)
+	if err != nil {
+		t.Fatalf("ListBudgets() failed: %v", err)
+	}
+	if len(got) != 2 {
+		t.Fatalf("expected 2 budgets after replacement, got %d: %+v", len(got), got)
+	}
+	byKey := make(map[string]Budget, len(got))
+	for _, budget := range got {
+		byKey[budgetKey(budget.UserPath, budget.PeriodSeconds)] = budget
+	}
+	if _, ok := byKey[budgetKey("/team", PeriodDailySeconds)]; ok {
+		t.Fatal("stale config daily budget was not removed")
+	}
+	weekly := byKey[budgetKey("/team", PeriodWeeklySeconds)]
+	if weekly.Amount != 75 {
+		t.Fatalf("weekly amount = %v, want 75", weekly.Amount)
+	}
+	if weekly.Source != "config" {
+		t.Fatalf("weekly source = %q, want config", weekly.Source)
+	}
+	if weekly.LastResetAt == nil || !weekly.LastResetAt.Equal(resetAt) {
+		t.Fatalf("weekly last_reset_at = %v, want %s", weekly.LastResetAt, resetAt)
+	}
+	if _, ok := byKey[budgetKey("/manual", PeriodDailySeconds)]; !ok {
+		t.Fatal("manual budget was removed by config replacement")
+	}
+}
diff --git a/internal/budget/types.go b/internal/budget/types.go
new file mode 100644
index 00000000..003f3d79
--- /dev/null
+++ b/internal/budget/types.go
@@ -0,0 +1,238 @@
+package budget
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"gomodel/internal/core"
+)
+
+const (
+	PeriodHourlySeconds  int64 = 3600
+	PeriodDailySeconds   int64 = 86400
+	PeriodWeeklySeconds  int64 = 604800
+	PeriodMonthlySeconds int64 = 2592000
+)
+
+// Budget stores one spend limit for one user path and reset period.
+type Budget struct {
+	UserPath      string     `json:"user_path" bson:"user_path"`
+	PeriodSeconds int64      `json:"period_seconds" bson:"period_seconds"`
+	Amount        float64    `json:"amount" bson:"amount"`
+	Source        string     `json:"source,omitempty" bson:"source,omitempty"`
+	LastResetAt   *time.Time `json:"last_reset_at,omitempty" bson:"last_reset_at,omitempty"`
+	CreatedAt     time.Time  `json:"created_at" bson:"created_at"`
+	UpdatedAt     time.Time  `json:"updated_at" bson:"updated_at"`
+}
+
+// Settings controls the calendar anchors used to find the active budget period.
+// Values are interpreted in UTC.
+type Settings struct {
+	DailyResetHour     int       `json:"daily_reset_hour" bson:"daily_reset_hour"`
+	DailyResetMinute   int       `json:"daily_reset_minute" bson:"daily_reset_minute"`
+	WeeklyResetWeekday int       `json:"weekly_reset_weekday" bson:"weekly_reset_weekday"`
+	WeeklyResetHour    int       `json:"weekly_reset_hour" bson:"weekly_reset_hour"`
+	WeeklyResetMinute  int       `json:"weekly_reset_minute" bson:"weekly_reset_minute"`
+	MonthlyResetDay    int       `json:"monthly_reset_day" bson:"monthly_reset_day"`
+	MonthlyResetHour   int       `json:"monthly_reset_hour" bson:"monthly_reset_hour"`
+	MonthlyResetMinute int       `json:"monthly_reset_minute" bson:"monthly_reset_minute"`
+	UpdatedAt          time.Time `json:"updated_at" bson:"updated_at"`
+}
+
+// CheckResult describes one evaluated budget limit.
+type CheckResult struct {
+	Budget      Budget    `json:"budget"`
+	PeriodStart time.Time `json:"period_start"`
+	PeriodEnd   time.Time `json:"period_end"`
+	Spent       float64   `json:"spent"`
+	Remaining   float64   `json:"remaining"`
+}
+
+// ExceededError indicates a budget has already been exhausted.
+type ExceededError struct {
+	Result CheckResult
+}
+
+func (e *ExceededError) Error() string {
+	if e == nil {
+		return ""
+	}
+	return fmt.Sprintf(
+		"budget exceeded for %s %s limit: spent %.6f of %.6f",
+		e.Result.Budget.UserPath,
+		PeriodLabel(e.Result.Budget.PeriodSeconds),
+		e.Result.Spent,
+		e.Result.Budget.Amount,
+	)
+}
+
+// DefaultSettings returns the reset anchors used when no DB setting exists.
+func DefaultSettings() Settings {
+	return Settings{
+		DailyResetHour:     0,
+		DailyResetMinute:   0,
+		WeeklyResetWeekday: int(time.Monday),
+		WeeklyResetHour:    0,
+		WeeklyResetMinute:  0,
+		MonthlyResetDay:    1,
+		MonthlyResetHour:   0,
+		MonthlyResetMinute: 0,
+	}
+}
+
+func NormalizeUserPath(raw string) (string, error) {
+	path, err := core.NormalizeUserPath(raw)
+	if err != nil {
+		return "", err
+	}
+	if path == "" {
+		return "/", nil
+	}
+	return path, nil
+}
+
+func NormalizeBudget(b Budget) (Budget, error) {
+	path, err := NormalizeUserPath(b.UserPath)
+	if err != nil {
+		return Budget{}, err
+	}
+	b.UserPath = path
+	if b.PeriodSeconds <= 0 {
+		return Budget{}, fmt.Errorf("period_seconds must be greater than 0")
+	}
+	if b.Amount <= 0 {
+		return Budget{}, fmt.Errorf("amount must be greater than 0")
+	}
+	b.Source = strings.TrimSpace(b.Source)
+	if b.LastResetAt != nil {
+		t := b.LastResetAt.UTC()
+		b.LastResetAt = &t
+	}
+	now := time.Now().UTC()
+	if b.CreatedAt.IsZero() {
+		b.CreatedAt = now
+	}
+	b.UpdatedAt = now
+	return b, nil
+}
+
+func ValidateSettings(settings Settings) error {
+	if settings.DailyResetHour < 0 || settings.DailyResetHour > 23 {
+		return fmt.Errorf("daily_reset_hour must be between 0 and 23")
+	}
+	if settings.DailyResetMinute < 0 || settings.DailyResetMinute > 59 {
+		return fmt.Errorf("daily_reset_minute must be between 0 and 59")
+	}
+	if settings.WeeklyResetWeekday < int(time.Sunday) || settings.WeeklyResetWeekday > int(time.Saturday) {
+		return fmt.Errorf("weekly_reset_weekday must be between 0 and 6")
+	}
+	if settings.WeeklyResetHour < 0 || settings.WeeklyResetHour > 23 {
+		return fmt.Errorf("weekly_reset_hour must be between 0 and 23")
+	}
+	if settings.WeeklyResetMinute < 0 || settings.WeeklyResetMinute > 59 {
+		return fmt.Errorf("weekly_reset_minute must be between 0 and 59")
+	}
+	if settings.MonthlyResetDay < 1 || settings.MonthlyResetDay > 31 {
+		return fmt.Errorf("monthly_reset_day must be between 1 and 31")
+	}
+	if settings.MonthlyResetHour < 0 || settings.MonthlyResetHour > 23 {
+		return fmt.Errorf("monthly_reset_hour must be between 0 and 23")
+	}
+	if settings.MonthlyResetMinute < 0 || settings.MonthlyResetMinute > 59 {
+		return fmt.Errorf("monthly_reset_minute must be between 0 and 59")
+	}
+	return nil
+}
+
+func PeriodSeconds(period string) (int64, bool) {
+	switch strings.ToLower(strings.TrimSpace(period)) {
+	case "hour", "hourly", "hours":
+		return PeriodHourlySeconds, true
+	case "day", "daily", "days":
+		return PeriodDailySeconds, true
+	case "week", "weekly", "weeks":
+		return PeriodWeeklySeconds, true
+	case "month", "monthly", "months":
+		return PeriodMonthlySeconds, true
+	default:
+		return 0, false
+	}
+}
+
+func PeriodLabel(seconds int64) string {
+	switch seconds {
+	case PeriodHourlySeconds:
+		return "hourly"
+	case PeriodDailySeconds:
+		return "daily"
+	case PeriodWeeklySeconds:
+		return "weekly"
+	case PeriodMonthlySeconds:
+		return "monthly"
+	default:
+		return fmt.Sprintf("%ds", seconds)
+	}
+}
+
+func PeriodBounds(now time.Time, seconds int64, settings Settings) (time.Time, time.Time) {
+	now = now.UTC()
+	switch seconds {
+	case PeriodHourlySeconds:
+		start := now.Truncate(time.Hour)
+		return start, start.Add(time.Hour)
+	case PeriodDailySeconds:
+		start := anchoredDayStart(now, settings.DailyResetHour, settings.DailyResetMinute)
+		return start, start.AddDate(0, 0, 1)
+	case PeriodWeeklySeconds:
+		start := anchoredWeekStart(now, time.Weekday(settings.WeeklyResetWeekday), settings.WeeklyResetHour, settings.WeeklyResetMinute)
+		return start, start.AddDate(0, 0, 7)
+	case PeriodMonthlySeconds:
+		start := anchoredMonthStart(now, settings.MonthlyResetDay, settings.MonthlyResetHour, settings.MonthlyResetMinute)
+		nextMonth := time.Date(start.Year(), start.Month()+1, 1, 0, 0, 0, 0, time.UTC)
+		return start, monthAnchor(nextMonth.Year(), nextMonth.Month(), settings.MonthlyResetDay, settings.MonthlyResetHour, settings.MonthlyResetMinute)
+	default:
+		if seconds <= 0 {
+			return now, now
+		}
+		startUnix := now.Unix() - (now.Unix() % seconds)
+		start := time.Unix(startUnix, 0).UTC()
+		return start, start.Add(time.Duration(seconds) * time.Second)
+	}
+}
+
+func anchoredDayStart(now time.Time, hour, minute int) time.Time {
+	start := time.Date(now.Year(), now.Month(), now.Day(), hour, minute, 0, 0, time.UTC)
+	if now.Before(start) {
+		start = start.AddDate(0, 0, -1)
+	}
+	return start
+}
+
+func anchoredWeekStart(now time.Time, weekday time.Weekday, hour, minute int) time.Time {
+	todayAnchor := time.Date(now.Year(), now.Month(), now.Day(), hour, minute, 0, 0, time.UTC)
+	daysBack := (int(todayAnchor.Weekday()) - int(weekday) + 7) % 7
+	start := todayAnchor.AddDate(0, 0, -daysBack)
+	if now.Before(start) {
+		start = start.AddDate(0, 0, -7)
+	}
+	return start
+}
+
+func anchoredMonthStart(now time.Time, day, hour, minute int) time.Time {
+	start := monthAnchor(now.Year(), now.Month(), day, hour, minute)
+	if now.Before(start) {
+		prev := now.AddDate(0, -1, 0)
+		start = monthAnchor(prev.Year(), prev.Month(), day, hour, minute)
+	}
+	return start
+}
+
+func monthAnchor(year int, month time.Month, day, hour, minute int) time.Time {
+	anchorDay := min(day, daysInMonth(year, month))
+	return time.Date(year, month, anchorDay, hour, minute, 0, 0, time.UTC)
+}
+
+func daysInMonth(year int, month time.Month) int {
+	return time.Date(year, month+1, 0, 0, 0, 0, 0, time.UTC).Day()
+}
diff --git a/internal/budget/types_test.go b/internal/budget/types_test.go
new file mode 100644
index 00000000..fbbc2b4d
--- /dev/null
+++ b/internal/budget/types_test.go
@@ -0,0 +1,44 @@
+package budget
+
+import (
+	"testing"
+	"time"
+)
+
+func TestPeriodBoundsUsesConfiguredAnchors(t *testing.T) {
+	settings := Settings{
+		DailyResetHour:     6,
+		DailyResetMinute:   30,
+		WeeklyResetWeekday: int(time.Wednesday),
+		WeeklyResetHour:    9,
+		WeeklyResetMinute:  15,
+		MonthlyResetDay:    31,
+		MonthlyResetHour:   2,
+		MonthlyResetMinute: 45,
+	}
+	now := time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC)
+
+	dailyStart, dailyEnd := PeriodBounds(now, PeriodDailySeconds, settings)
+	if want := time.Date(2026, time.April, 25, 6, 30, 0, 0, time.UTC); !dailyStart.Equal(want) {
+		t.Fatalf("daily start = %s, want %s", dailyStart, want)
+	}
+	if want := time.Date(2026, time.April, 26, 6, 30, 0, 0, time.UTC); !dailyEnd.Equal(want) {
+		t.Fatalf("daily end = %s, want %s", dailyEnd, want)
+	}
+
+	weeklyStart, weeklyEnd := PeriodBounds(now, PeriodWeeklySeconds, settings)
+	if want := time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC); !weeklyStart.Equal(want) {
+		t.Fatalf("weekly start = %s, want %s", weeklyStart, want)
+	}
+	if want := time.Date(2026, time.April, 29, 9, 15, 0, 0, time.UTC); !weeklyEnd.Equal(want) {
+		t.Fatalf("weekly end = %s, want %s", weeklyEnd, want)
+	}
+
+	monthlyStart, monthlyEnd := PeriodBounds(now, PeriodMonthlySeconds, settings)
+	if want := time.Date(2026, time.March, 31, 2, 45, 0, 0, time.UTC); !monthlyStart.Equal(want) {
+		t.Fatalf("monthly start = %s, want %s", monthlyStart, want)
+	}
+	if want := time.Date(2026, time.April, 30, 2, 45, 0, 0, time.UTC); !monthlyEnd.Equal(want) {
+		t.Fatalf("monthly end = %s, want %s", monthlyEnd, want)
+	}
+}
diff --git a/internal/server/budget_support.go b/internal/server/budget_support.go
new file mode 100644
index 00000000..16338a17
--- /dev/null
+++ b/internal/server/budget_support.go
@@ -0,0 +1,45 @@
+package server
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/labstack/echo/v5"
+
+	"gomodel/internal/budget"
+	"gomodel/internal/core"
+)
+
+type BudgetChecker interface {
+	Check(ctx context.Context, userPath string, now time.Time) error
+}
+
+func enforceBudget(c *echo.Context, checker BudgetChecker) error {
+	if checker == nil || c == nil || c.Request() == nil {
+		return nil
+	}
+	userPath := core.UserPathFromContext(c.Request().Context())
+	if userPath == "" {
+		userPath = "/"
+	}
+	if err := checker.Check(c.Request().Context(), userPath, time.Now().UTC()); err != nil {
+		return budgetCheckError(err)
+	}
+	return nil
+}
+
+func budgetCheckError(err error) error {
+	var exceeded *budget.ExceededError
+	if errors.As(err, &exceeded) {
+		message := exceeded.Error()
+		if message == "" {
+			message = "budget exceeded"
+		}
+		return core.NewRateLimitError("budget", message).WithCode("budget_exceeded")
+	}
+	return core.NewProviderError("budget", http.StatusServiceUnavailable, fmt.Sprintf("budget check failed: %v", err), err).
+		WithCode("budget_check_failed")
+}
diff --git a/internal/server/handlers.go b/internal/server/handlers.go
index 5f387675..6ebf98e1 100644
--- a/internal/server/handlers.go
+++ b/internal/server/handlers.go
@@ -28,6 +28,7 @@ type Handler struct {
 	keepOnlyAliasesAtModelsEndpoint bool
 	logger                          auditlog.LoggerInterface
 	usageLogger                     usage.LoggerInterface
+	budgetChecker                   BudgetChecker
 	pricingResolver                 usage.PricingResolver
 	batchStore                      batchstore.Store
 	responseStore                   responsestore.Store
@@ -134,6 +135,7 @@ func (h *Handler) translatedInference() *translatedInferenceService {
 			translatedRequestPatcher: h.translatedRequestPatcher,
 			logger:                   h.logger,
 			usageLogger:              h.usageLogger,
+			budgetChecker:            h.budgetChecker,
 			pricingResolver:          h.pricingResolver,
 			responseCache:            h.responseCache,
 			guardrailsHash:           h.guardrailsHash,
@@ -161,6 +163,7 @@ func (h *Handler) nativeBatch() *nativeBatchService {
 		cleanupPreparedBatchInputFile:        h.cleanupPreparedBatchInputFile,
 		cleanupStoredBatchRewrittenInputFile: h.cleanupStoredBatchRewrittenInputFile,
 		usageLogger:                          h.usageLogger,
+		budgetChecker:                        h.budgetChecker,
 		pricingResolver:                      h.pricingResolver,
 	}
 }
@@ -192,6 +195,7 @@ func (h *Handler) passthrough() *passthroughService {
 		modelAuthorizer:              h.modelAuthorizer,
 		logger:                       h.logger,
 		usageLogger:                  h.usageLogger,
+		budgetChecker:                h.budgetChecker,
 		pricingResolver:              h.pricingResolver,
 		normalizePassthroughV1Prefix: h.normalizePassthroughV1Prefix,
 		enabledPassthroughProviders:  h.enabledPassthroughProviders,
diff --git a/internal/server/http.go b/internal/server/http.go
index 99c0d934..c9a5ca9c 100644
--- a/internal/server/http.go
+++ b/internal/server/http.go
@@ -53,6 +53,7 @@ type Config struct {
 	PprofEnabled                    bool                                   // Whether to expose debug profiling routes at /debug/pprof/*
 	AuditLogger                     auditlog.LoggerInterface               // Optional: Audit logger for request/response logging
 	UsageLogger                     usage.LoggerInterface                  // Optional: Usage logger for token tracking
+	BudgetChecker                   BudgetChecker                          // Optional: per-user-path budget checker
 	PricingResolver                 usage.PricingResolver                  // Optional: Resolves pricing for cost calculation
 	ModelResolver                   RequestModelResolver                   // Optional: explicit model resolver used during workflow resolution
 	ModelAuthorizer                 RequestModelAuthorizer                 // Optional: request-scoped concrete model access controller
@@ -94,10 +95,12 @@ func New(provider core.RoutableProvider, cfg *Config) *Server {
 	// Get loggers from config (may be nil)
 	var auditLogger auditlog.LoggerInterface
 	var usageLogger usage.LoggerInterface
+	var budgetChecker BudgetChecker
 	var pricingResolver usage.PricingResolver
 	if cfg != nil {
 		auditLogger = cfg.AuditLogger
 		usageLogger = cfg.UsageLogger
+		budgetChecker = cfg.BudgetChecker
 		pricingResolver = cfg.PricingResolver
 	}
 
@@ -115,6 +118,7 @@ func New(provider core.RoutableProvider, cfg *Config) *Server {
 	}
 
 	handler := newHandlerWithAuthorizer(provider, auditLogger, usageLogger, pricingResolver, modelResolver, modelAuthorizer, workflowPolicyResolver, fallbackResolver, translatedRequestPatcher)
+	handler.budgetChecker = budgetChecker
 	if cfg != nil {
 		handler.batchRequestPreparer = cfg.BatchRequestPreparer
 		handler.exposedModelLister = cfg.ExposedModelLister
@@ -322,6 +326,9 @@ func New(provider core.RoutableProvider, cfg *Config) *Server {
 		adminAPI.GET("/audit/conversation", cfg.AdminHandler.AuditConversation)
 		adminAPI.GET("/providers/status", cfg.AdminHandler.ProviderStatus)
 		adminAPI.POST("/runtime/refresh", cfg.AdminHandler.RefreshRuntime)
+		adminAPI.GET("/budgets/settings", cfg.AdminHandler.BudgetSettings)
+		adminAPI.PUT("/budgets/settings", cfg.AdminHandler.UpdateBudgetSettings)
+		adminAPI.POST("/budgets/reset", cfg.AdminHandler.ResetBudgets)
 		adminAPI.GET("/models", cfg.AdminHandler.ListModels)
 		adminAPI.GET("/models/categories", cfg.AdminHandler.ListCategories)
 		adminAPI.GET("/model-overrides", cfg.AdminHandler.ListModelOverrides)
diff --git a/internal/server/native_batch_service.go b/internal/server/native_batch_service.go
index 033b8c09..bdc85d07 100644
--- a/internal/server/native_batch_service.go
+++ b/internal/server/native_batch_service.go
@@ -26,6 +26,7 @@ type nativeBatchService struct {
 	cleanupPreparedBatchInputFile        func(context.Context, string, string)
 	cleanupStoredBatchRewrittenInputFile func(context.Context, *batchstore.StoredBatch) bool
 	usageLogger                          usage.LoggerInterface
+	budgetChecker                        BudgetChecker
 	pricingResolver                      usage.PricingResolver
 
 	orchestrator *gateway.BatchOrchestrator
@@ -55,6 +56,9 @@ func (s *nativeBatchService) Batches(c *echo.Context) error {
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
+	if err := enforceBudget(c, s.budgetChecker); err != nil {
+		return handleError(c, err)
+	}
 
 	ctx, requestID := requestContextWithRequestID(c.Request())
 	result, err := s.batch().Create(ctx, req, batchRequestMeta(c, requestID))
diff --git a/internal/server/passthrough_service.go b/internal/server/passthrough_service.go
index 73449f68..0d2e6fda 100644
--- a/internal/server/passthrough_service.go
+++ b/internal/server/passthrough_service.go
@@ -13,6 +13,7 @@ type passthroughService struct {
 	modelAuthorizer              RequestModelAuthorizer
 	logger                       auditlog.LoggerInterface
 	usageLogger                  usage.LoggerInterface
+	budgetChecker                BudgetChecker
 	pricingResolver              usage.PricingResolver
 	normalizePassthroughV1Prefix bool
 	enabledPassthroughProviders  map[string]struct{}
@@ -38,6 +39,9 @@ func (s *passthroughService) ProviderPassthrough(c *echo.Context) error {
 			}
 		}
 	}
+	if err := enforceBudget(c, s.budgetChecker); err != nil {
+		return handleError(c, err)
+	}
 
 	ctx, _ := requestContextWithRequestID(c.Request())
 	c.SetRequest(c.Request().WithContext(ctx))
diff --git a/internal/server/translated_inference_service.go b/internal/server/translated_inference_service.go
index 63537016..36672f68 100644
--- a/internal/server/translated_inference_service.go
+++ b/internal/server/translated_inference_service.go
@@ -33,6 +33,7 @@ type translatedInferenceService struct {
 	translatedRequestPatcher TranslatedRequestPatcher
 	logger                   auditlog.LoggerInterface
 	usageLogger              usage.LoggerInterface
+	budgetChecker            BudgetChecker
 	pricingResolver          usage.PricingResolver
 	responseCache            *responsecache.ResponseCacheMiddleware
 	guardrailsHash           string
@@ -81,6 +82,10 @@ func (s *translatedInferenceService) dispatchChatCompletion(c *echo.Context, req
 	ctx := c.Request().Context()
 	requestID := requestIDFromContextOrHeader(c.Request())
 
+	if err := enforceBudget(c, s.budgetChecker); err != nil {
+		return handleError(c, err)
+	}
+
 	if req.Stream {
 		if len(s.inference().FallbackSelectors(workflow)) == 0 {
 			if handled, err := s.tryFastPathStreamingChatPassthrough(c, workflow, req); handled {
@@ -221,6 +226,10 @@ func (s *translatedInferenceService) dispatchResponses(c *echo.Context, req *cor
 	ctx := c.Request().Context()
 	requestID := requestIDFromContextOrHeader(c.Request())
 
+	if err := enforceBudget(c, s.budgetChecker); err != nil {
+		return handleError(c, err)
+	}
+
 	if req.Stream {
 		result, err := s.inference().StreamResponses(ctx, workflow, req)
 		if err != nil {
@@ -376,6 +385,10 @@ func (s *translatedInferenceService) Embeddings(c *echo.Context) error {
 	}
 	attachPreparedWorkflow(c, prepared.Context, prepared.Workflow)
 
+	if err := enforceBudget(c, s.budgetChecker); err != nil {
+		return handleError(c, err)
+	}
+
 	requestID := requestIDFromContextOrHeader(c.Request())
 	result, err := s.inference().ExecuteEmbeddings(c.Request().Context(), prepared.Workflow, prepared.Request, requestID, "/v1/embeddings")
 	if err != nil {

From 98eb2047a082a9759d6cf35560f0c97ac52bf175 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Sun, 26 Apr 2026 18:24:17 +0200
Subject: [PATCH 2/9] feat(budget): expand budget management dashboard

---
 docs/advanced/admin-endpoints.mdx             |   24 +-
 docs/advanced/config-yaml.mdx                 |    1 +
 docs/advanced/configuration.mdx               |   26 +
 docs/advanced/workflows.mdx                   |    3 +
 docs/docs.json                                |    1 +
 docs/features/budgets.mdx                     |  203 +++
 docs/features/user-path.mdx                   |   14 +-
 docs/getting-started/quickstart.mdx           |    1 +
 docs/openapi.json                             | 1086 ++++++++++++++---
 .../admin/dashboard/static/css/dashboard.css  |  311 ++++-
 .../admin/dashboard/static/js/dashboard.js    |   21 +-
 .../dashboard/static/js/modules/budgets.js    |  525 ++++++++
 .../static/js/modules/budgets.test.js         |  130 ++
 .../js/modules/dashboard-layout.test.js       |  140 ++-
 .../dashboard/static/js/modules/timezone.js   |   13 +
 .../static/js/modules/timezone.test.js        |   11 +
 .../js/modules/workflows-layout.test.js       |   19 +-
 .../dashboard/static/js/modules/workflows.js  |   80 +-
 .../static/js/modules/workflows.test.js       |  100 +-
 internal/admin/dashboard/templates/index.html |    1 +
 .../dashboard/templates/page-budgets.html     |  233 ++++
 .../dashboard/templates/page-settings.html    |  100 +-
 .../dashboard/templates/page-workflows.html   |    4 +
 .../admin/dashboard/templates/sidebar.html    |    4 +
 .../dashboard/templates/workflow-chart.html   |   27 +-
 internal/admin/handler.go                     |  253 ++++
 internal/admin/handler_budgets_test.go        |  214 ++++
 internal/admin/handler_test.go                |    4 +
 internal/app/app.go                           |    3 +
 internal/app/app_test.go                      |    6 +
 internal/auditlog/auditlog.go                 |    2 +
 internal/auditlog/middleware.go               |    6 +-
 internal/budget/service.go                    |   99 +-
 internal/budget/service_test.go               |    9 +
 internal/budget/store.go                      |    2 +
 internal/budget/store_mongodb.go              |   42 +
 internal/budget/store_postgresql.go           |   43 +
 internal/budget/store_sqlite.go               |   45 +
 internal/budget/types.go                      |    1 +
 internal/core/workflow.go                     |    8 +
 internal/server/budget_support.go             |    3 +
 internal/server/budget_support_test.go        |   63 +
 internal/server/error_support.go              |    9 +-
 internal/server/error_support_test.go         |   28 +
 internal/server/http.go                       |    4 +
 .../internal_chat_completion_executor.go      |    3 +
 internal/workflows/types.go                   |    6 +
 47 files changed, 3668 insertions(+), 263 deletions(-)
 create mode 100644 docs/features/budgets.mdx
 create mode 100644 internal/admin/dashboard/templates/page-budgets.html
 create mode 100644 internal/admin/handler_budgets_test.go
 create mode 100644 internal/server/budget_support_test.go

diff --git a/docs/advanced/admin-endpoints.mdx b/docs/advanced/admin-endpoints.mdx
index d15f7a13..ec74aa17 100644
--- a/docs/advanced/admin-endpoints.mdx
+++ b/docs/advanced/admin-endpoints.mdx
@@ -1,6 +1,6 @@
 ---
 title: "Admin Endpoints"
-description: "Built-in REST API and dashboard for monitoring usage, models, and gateway health."
+description: "Built-in REST API and dashboard for monitoring usage, budgets, models, and gateway health."
 icon: "server-cog"
 ---
 
@@ -10,7 +10,7 @@ GoModel ships with admin endpoints **enabled by default**. The goal is simple: y
 
 The admin layer is split into two independently controllable pieces:
 
-1. **Admin REST API** (`/admin/api/v1/*`) — machine-readable JSON endpoints for usage data and model inventory. Protected by `GOMODEL_MASTER_KEY` like all other API routes.
+1. **Admin REST API** (`/admin/api/v1/*`) — machine-readable JSON endpoints for usage data, budgets, and model inventory. Protected by `GOMODEL_MASTER_KEY` like all other API routes.
 2. **Admin Dashboard UI** (`/admin/dashboard`) — a lightweight, embedded HTML dashboard that visualizes the same data. No external dependencies, no JavaScript frameworks to install — it's compiled into the binary.
 
 Both are on by default because observability shouldn't be opt-in. If you don't need them, turn them off with a single environment variable.
@@ -122,6 +122,26 @@ The `date` field in the response changes format based on the interval: `YYYY-MM-
 
 Returns an empty array if usage tracking is disabled or no data exists for the period.
 
+### Budget endpoints
+
+Budgets are managed under `/admin/api/v1/budgets`. These endpoints are
+available when budget management is enabled.
+
+| Method   | Path                                  | Description                          |
+| -------- | ------------------------------------- | ------------------------------------ |
+| `GET`    | `/admin/api/v1/budgets`               | List budgets with current status     |
+| `PUT`    | `/admin/api/v1/budgets`               | Create or update one budget          |
+| `DELETE` | `/admin/api/v1/budgets`               | Delete one budget                    |
+| `GET`    | `/admin/api/v1/budgets/settings`      | Read budget reset settings           |
+| `PUT`    | `/admin/api/v1/budgets/settings`      | Update budget reset settings         |
+| `POST`   | `/admin/api/v1/budgets/reset-one`     | Reset one budget period              |
+| `POST`   | `/admin/api/v1/budgets/reset`         | Reset all budget periods             |
+
+`PUT`, `DELETE`, and `reset-one` identify periods by either `period` (`hourly`,
+`daily`, `weekly`, `monthly`) or `period_seconds`.
+
+See [Budgets](/features/budgets) for request examples and enforcement behavior.
+
 ### GET /admin/api/v1/models
 
 Returns all registered models with both provider type and configured provider name.
diff --git a/docs/advanced/config-yaml.mdx b/docs/advanced/config-yaml.mdx
index e39a64c7..4ba6f5f4 100644
--- a/docs/advanced/config-yaml.mdx
+++ b/docs/advanced/config-yaml.mdx
@@ -15,6 +15,7 @@ especially:
 - custom provider instance names that do not fit the generated
   `<provider-type>-<suffix>` env naming
 - richer reviewable provider model lists, especially when using allowlist mode
+- reviewable budget limits by `user_path`
 - larger nested config that is easier to review in one file
 
 For multiple provider instances, env vars support
diff --git a/docs/advanced/configuration.mdx b/docs/advanced/configuration.mdx
index 6a954698..713b0c7c 100644
--- a/docs/advanced/configuration.mdx
+++ b/docs/advanced/configuration.mdx
@@ -112,6 +112,22 @@ Storage is shared by audit logging, usage tracking, and future features like IAM
 | `USAGE_FLUSH_INTERVAL`         | Flush interval in seconds                      | `5`     |
 | `USAGE_RETENTION_DAYS`         | Auto-delete after N days (0 = forever)         | `90`    |
 
+#### Budgets
+
+Budgets use tracked usage cost records, so budget limits require
+`USAGE_ENABLED=true`.
+
+| Variable            | Description                                             | Default |
+| ------------------- | ------------------------------------------------------- | ------- |
+| `BUDGETS_ENABLED`   | Enable budget management and workflow budget checks     | `true`  |
+| `SET_BUDGET_<PATH>` | Seed budget limits for a user path, such as `daily=10` | _(empty)_ |
+
+For example, `SET_BUDGET_TEAM_ALPHA="daily=10,weekly=50"` configures limits
+for `/team/alpha`. `SET_BUDGET_="monthly=500"` configures the root path `/`.
+
+See [Budgets](/features/budgets) for YAML examples, periods, matching, and
+workflow enforcement.
+
 #### Metrics
 
 <Note>
@@ -222,6 +238,16 @@ cache:
     redis:
       url: "redis://my-redis:6379"
 
+budgets:
+  enabled: true
+  user_paths:
+    - path: "/team/alpha"
+      limits:
+        - period: "daily"
+          amount: 10.00
+        - period: "weekly"
+          amount: 50.00
+
 providers:
   openai:
     type: openai
diff --git a/docs/advanced/workflows.mdx b/docs/advanced/workflows.mdx
index d3ae13b6..f374252a 100644
--- a/docs/advanced/workflows.mdx
+++ b/docs/advanced/workflows.mdx
@@ -11,6 +11,7 @@ Workflows are immutable workflow-policy versions stored in the gateway and match
 They currently control gateway-owned behavior such as:
 
 - cache
+- budgets
 - audit logging
 - usage tracking
 - guardrails
@@ -108,6 +109,7 @@ curl -X POST http://localhost:8080/admin/api/v1/workflows \
       "schema_version": 1,
       "features": {
         "cache": false,
+        "budget": true,
         "audit": true,
         "usage": true,
         "guardrails": false,
@@ -123,3 +125,4 @@ curl -X POST http://localhost:8080/admin/api/v1/workflows \
 - `scope_model` requires `scope_provider_name`
 - `scope_user_path` is normalized to canonical slash form
 - managed API keys can override the request `X-GoModel-User-Path`; workflow matching uses the effective request user path
+- budget enforcement runs only when the global budget feature and the matched workflow's `budget` feature are both enabled; see [Budgets](/features/budgets)
diff --git a/docs/docs.json b/docs/docs.json
index 0e000b39..c681c215 100644
--- a/docs/docs.json
+++ b/docs/docs.json
@@ -48,6 +48,7 @@
                             "features/aliases",
                             "features/user-path",
                             "features/passthrough-api",
+                            "features/budgets",
                             "features/cache",
                             "features/failover"
                         ]
diff --git a/docs/features/budgets.mdx b/docs/features/budgets.mdx
new file mode 100644
index 00000000..b47e5b66
--- /dev/null
+++ b/docs/features/budgets.mdx
@@ -0,0 +1,203 @@
+---
+title: "Budgets"
+description: "Set spend limits per user path and enforce them through workflow budget controls."
+icon: "wallet"
+keywords: ["budgets", "spend limits", "cost controls", "user path"]
+---
+
+## Overview
+
+Budgets let you set spend limits for a `user_path` subtree. GoModel evaluates
+them from tracked usage cost records and blocks matching requests when a limit
+has already been spent.
+
+Use budgets when you want limits such as:
+
+- `/team/alpha` can spend `$10` per day
+- `/team/alpha` can spend `$50` per week
+- `/` has a global monthly limit
+
+<Info>
+  Budget enforcement runs only when budgets are globally enabled and the active
+  workflow has Budget enabled. The Budget workflow control is enabled by default
+  when the global budget feature is on.
+</Info>
+
+## Enable budgets
+
+Budgets are enabled by default:
+
+```env
+BUDGETS_ENABLED=true
+```
+
+Budgets depend on usage tracking because spend is calculated from usage cost
+records:
+
+```env
+USAGE_ENABLED=true
+```
+
+If you configure budget limits while usage tracking is disabled, GoModel rejects
+the configuration.
+
+## Create budgets
+
+You can create budgets in the dashboard:
+
+```text
+Budgets -> Create Budget
+```
+
+Dashboard-created budgets are marked as `manual`. Budgets loaded from YAML or
+environment variables are marked as `config`.
+
+You can also seed budgets from YAML:
+
+```yaml
+budgets:
+  enabled: true
+  user_paths:
+    - path: "/team/alpha"
+      limits:
+        - period: "daily"
+          amount: 10.00
+        - period: "weekly"
+          amount: 50.00
+    - path: "/"
+      limits:
+        - period: "monthly"
+          amount: 500.00
+```
+
+Or use environment variables:
+
+```env
+SET_BUDGET_TEAM_ALPHA="daily=10,weekly=50"
+SET_BUDGET_="monthly=500"
+```
+
+The suffix after `SET_BUDGET_` becomes a slash-separated user path:
+
+- `SET_BUDGET_TEAM_ALPHA` -> `/team/alpha`
+- `SET_BUDGET_` -> `/`
+
+Supported standard periods are:
+
+| Period    | Seconds   |
+| --------- | --------- |
+| `hourly`  | `3600`    |
+| `daily`   | `86400`   |
+| `weekly`  | `604800`  |
+| `monthly` | `2592000` |
+
+For custom windows, set `period_seconds` in YAML:
+
+```yaml
+budgets:
+  user_paths:
+    - path: "/team/alpha"
+      limits:
+        - period_seconds: 7200
+          amount: 5.00
+```
+
+## How matching works
+
+Budget paths apply to the configured path and its descendants:
+
+- budget path `/team`
+- request path `/team/app`
+- result: budget applies
+
+Sibling paths do not match:
+
+- budget path `/team`
+- request path `/team-alpha`
+- result: budget does not apply
+
+If multiple budgets match a request, GoModel checks all matching limits. The
+request is rejected if any matching limit is exhausted.
+
+## Workflow enforcement
+
+The active workflow controls whether budget checks run for a request.
+
+In a workflow payload:
+
+```json
+{
+  "schema_version": 1,
+  "features": {
+    "budget": true,
+    "cache": true,
+    "audit": true,
+    "usage": true,
+    "guardrails": true,
+    "fallback": true
+  }
+}
+```
+
+Use scoped workflows to turn budget enforcement on or off for a provider, model,
+or `user_path` subtree. See [Workflows](/advanced/workflows) for matching
+precedence.
+
+<Note>
+  Response cache hits can return before budget enforcement. If a cached response
+  exists, GoModel can serve it without spending additional provider cost.
+</Note>
+
+## Reset windows
+
+Budget reset anchors are configured in the dashboard under:
+
+```text
+Settings -> Budget Resets
+```
+
+The reset settings are evaluated in UTC.
+
+For monthly budgets, if the configured day does not exist in a month, the reset
+runs on the last day of that month. For example, a monthly reset day of `31`
+runs on April 30 and on February 28 or 29.
+
+Editing a budget changes the limit but does not reset the current period. Use
+the row-level Reset action to start a new period for one budget, or
+`Settings -> Reset All Budgets` to reset all budgets.
+
+## Admin API
+
+Budget management is also available through the admin API:
+
+```bash
+curl -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
+  http://localhost:8080/admin/api/v1/budgets
+```
+
+Create or update a budget:
+
+```bash
+curl -X PUT http://localhost:8080/admin/api/v1/budgets \
+  -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "user_path": "/team/alpha",
+    "period": "daily",
+    "amount": 10.00
+  }'
+```
+
+Delete a budget:
+
+```bash
+curl -X DELETE http://localhost:8080/admin/api/v1/budgets \
+  -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "user_path": "/team/alpha",
+    "period": "daily"
+  }'
+```
+
+See [Admin Endpoints](/advanced/admin-endpoints) for the endpoint list.
diff --git a/docs/features/user-path.mdx b/docs/features/user-path.mdx
index 5a91fd18..0d950c46 100644
--- a/docs/features/user-path.mdx
+++ b/docs/features/user-path.mdx
@@ -9,8 +9,8 @@ icon: "route"
 `user_path` is a normalized hierarchy for the caller, for example
 `/team/alpha` or `/team/alpha/service`.
 
-GoModel uses it to keep model access, workflows, usage, and audit data scoped to
-the right team, tenant, service, or customer.
+GoModel uses it to keep model access, workflows, budgets, usage, and audit data
+scoped to the right team, tenant, service, or customer.
 
 ## API keys
 
@@ -63,7 +63,7 @@ different model access rules.
 ## Workflows
 
 Workflows can also include `scope_user_path`, so different teams or services can
-use different cache, audit, usage, guardrail, and fallback settings.
+use different budget, cache, audit, usage, guardrail, and fallback settings.
 
 You can combine user path with provider and model scope, for example:
 
@@ -72,3 +72,11 @@ You can combine user path with provider and model scope, for example:
 - `openai_primary` + `gpt-5` + `/team/alpha`
 
 See [Workflows](/advanced/workflows) for the full matching order.
+
+## Budgets
+
+Budgets are also scoped by `user_path`. A budget for `/team/alpha` applies to
+`/team/alpha` and descendants such as `/team/alpha/service`, but not to sibling
+paths such as `/team-alpha`.
+
+See [Budgets](/features/budgets) for spend limits and workflow enforcement.
diff --git a/docs/getting-started/quickstart.mdx b/docs/getting-started/quickstart.mdx
index c7f14430..377918de 100644
--- a/docs/getting-started/quickstart.mdx
+++ b/docs/getting-started/quickstart.mdx
@@ -120,6 +120,7 @@ Use one of those model IDs in your requests.
 ## Next Steps
 
 - Understand response caching: [Cache](/features/cache)
+- Add spend limits: [Budgets](/features/budgets)
 - Configure production settings: [Configuration](/advanced/configuration)
 - Add request policies: [Guardrails](/advanced/guardrails)
 - Connect OpenClaw: [Using GoModel with OpenClaw](/guides/openclaw)
diff --git a/docs/openapi.json b/docs/openapi.json
index 507a5bc5..1879bb8c 100644
--- a/docs/openapi.json
+++ b/docs/openapi.json
@@ -1,7 +1,7 @@
 {
   "openapi": "3.0.0",
   "info": {
-    "description": "High-performance AI gateway routing requests to multiple LLM providers (OpenAI, Anthropic, Gemini, Groq, OpenRouter, Z.ai, xAI, Oracle, Ollama). Drop-in OpenAI-compatible API.",
+    "description": "High-performance AI gateway routing requests to multiple LLM providers (OpenAI, Anthropic, Gemini, Groq, OpenRouter, Z.ai, xAI, MiniMax, Oracle, Ollama). Drop-in OpenAI-compatible API.",
     "title": "GoModel API",
     "contact": {},
     "version": "1.0"
@@ -197,7 +197,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/auditlog.LogListResult"
+                  "$ref": "#/components/schemas/admin.auditLogListResponse"
                 }
               }
             }
@@ -230,6 +230,421 @@
         ]
       }
     },
+    "/admin/api/v1/budgets": {
+      "get": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "List budgets with current status",
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/admin.budgetListResponse"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      },
+      "put": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Create or update one budget",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/admin.upsertBudgetRequest"
+              }
+            }
+          },
+          "description": "Budget definition",
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/admin.budgetListResponse"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      },
+      "delete": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Delete one budget",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/admin.deleteBudgetRequest"
+              }
+            }
+          },
+          "description": "Budget key",
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/admin.budgetListResponse"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      }
+    },
+    "/admin/api/v1/budgets/reset": {
+      "post": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Reset all budget periods",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/admin.resetBudgetsRequest"
+              }
+            }
+          },
+          "description": "Reset confirmation",
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "additionalProperties": true
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      }
+    },
+    "/admin/api/v1/budgets/reset-one": {
+      "post": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Reset one budget period",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/admin.resetBudgetRequest"
+              }
+            }
+          },
+          "description": "Budget key",
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/admin.budgetListResponse"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      }
+    },
+    "/admin/api/v1/budgets/settings": {
+      "get": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Get budget reset settings",
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/budget.Settings"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      },
+      "put": {
+        "tags": [
+          "admin"
+        ],
+        "summary": "Update budget reset settings",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/admin.updateBudgetSettingsRequest"
+              }
+            }
+          },
+          "description": "Budget reset settings",
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/budget.Settings"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          },
+          "503": {
+            "description": "Service Unavailable",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.GatewayError"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      }
+    },
     "/admin/api/v1/cache/overview": {
       "get": {
         "tags": [
@@ -3570,7 +3985,99 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/core.ResponsesResponse"
+                  "$ref": "#/components/schemas/core.ResponsesResponse"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Unauthorized",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
+                }
+              }
+            }
+          },
+          "404": {
+            "description": "Not Found",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
+                }
+              }
+            }
+          },
+          "501": {
+            "description": "Not Implemented",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
+                }
+              }
+            }
+          },
+          "502": {
+            "description": "Bad Gateway",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "BearerAuth": []
+          }
+        ]
+      },
+      "delete": {
+        "tags": [
+          "responses"
+        ],
+        "summary": "Delete a response",
+        "parameters": [
+          {
+            "description": "Response ID",
+            "name": "id",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "description": "Provider override for native deletion",
+            "name": "provider",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/core.ResponseDeleteResponse"
                 }
               }
             }
@@ -3631,12 +4138,14 @@
             "BearerAuth": []
           }
         ]
-      },
-      "delete": {
+      }
+    },
+    "/v1/responses/{id}/cancel": {
+      "post": {
         "tags": [
           "responses"
         ],
-        "summary": "Delete a response",
+        "summary": "Cancel a response",
         "parameters": [
           {
             "description": "Response ID",
@@ -3648,7 +4157,7 @@
             }
           },
           {
-            "description": "Provider override for native deletion",
+            "description": "Provider override for native cancellation",
             "name": "provider",
             "in": "query",
             "schema": {
@@ -3662,7 +4171,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/core.ResponseDeleteResponse"
+                  "$ref": "#/components/schemas/core.ResponsesResponse"
                 }
               }
             }
@@ -3725,12 +4234,12 @@
         ]
       }
     },
-    "/v1/responses/{id}/cancel": {
-      "post": {
+    "/v1/responses/{id}/input_items": {
+      "get": {
         "tags": [
           "responses"
         ],
-        "summary": "Cancel a response",
+        "summary": "List response input items",
         "parameters": [
           {
             "description": "Response ID",
@@ -3742,12 +4251,64 @@
             }
           },
           {
-            "description": "Provider override for native cancellation",
+            "description": "Provider override for native lookups",
             "name": "provider",
             "in": "query",
             "schema": {
               "type": "string"
             }
+          },
+          {
+            "description": "Pagination cursor",
+            "name": "after",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "description": "Fields to include in listed input items",
+            "name": "include",
+            "in": "query",
+            "explode": true,
+            "schema": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          },
+          {
+            "description": "Fields to include in listed input items",
+            "name": "include[]",
+            "in": "query",
+            "explode": true,
+            "schema": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          },
+          {
+            "description": "Maximum items to return (1-100, default 20)",
+            "name": "limit",
+            "in": "query",
+            "schema": {
+              "type": "integer"
+            }
+          },
+          {
+            "description": "Sort order: asc or desc",
+            "name": "order",
+            "in": "query",
+            "schema": {
+              "type": "string",
+              "enum": [
+                "asc",
+                "desc"
+              ]
+            }
           }
         ],
         "responses": {
@@ -3756,7 +4317,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/core.ResponsesResponse"
+                  "$ref": "#/components/schemas/core.ResponseInputItemListResponse"
                 }
               }
             }
@@ -3818,173 +4379,278 @@
           }
         ]
       }
+    }
+  },
+  "servers": [
+    {
+      "url": "https://gomodel.example.com",
+      "description": "GoModel HTTPS deployment"
     },
-    "/v1/responses/{id}/input_items": {
-      "get": {
-        "tags": [
-          "responses"
-        ],
-        "summary": "List response input items",
-        "parameters": [
-          {
-            "description": "Response ID",
-            "name": "id",
-            "in": "path",
-            "required": true,
-            "schema": {
-              "type": "string"
+    {
+      "url": "http://localhost:8080",
+      "description": "Local GoModel"
+    }
+  ],
+  "components": {
+    "securitySchemes": {
+      "BearerAuth": {
+        "type": "apiKey",
+        "name": "Authorization",
+        "in": "header"
+      }
+    },
+    "schemas": {
+      "admin.auditLogEntryResponse": {
+        "type": "object",
+        "properties": {
+          "alias_used": {
+            "type": "boolean"
+          },
+          "auth_key_id": {
+            "type": "string"
+          },
+          "auth_method": {
+            "type": "string"
+          },
+          "cache_type": {
+            "type": "string"
+          },
+          "client_ip": {
+            "type": "string"
+          },
+          "data": {
+            "description": "Data contains flexible request/response information as JSON",
+            "allOf": [
+              {
+                "$ref": "#/components/schemas/auditlog.LogData"
+              }
+            ]
+          },
+          "duration_ns": {
+            "description": "DurationNs is the request duration in nanoseconds",
+            "type": "integer"
+          },
+          "error_type": {
+            "type": "string"
+          },
+          "id": {
+            "description": "ID is a unique identifier for this log entry (UUID)",
+            "type": "string"
+          },
+          "method": {
+            "type": "string"
+          },
+          "path": {
+            "type": "string"
+          },
+          "provider": {
+            "description": "canonical provider type used for routing and filters",
+            "type": "string"
+          },
+          "provider_name": {
+            "type": "string"
+          },
+          "request_id": {
+            "description": "Extracted fields for efficient filtering (indexed in relational DBs)",
+            "type": "string"
+          },
+          "requested_model": {
+            "description": "Core fields (indexed for queries)",
+            "type": "string"
+          },
+          "resolved_model": {
+            "type": "string"
+          },
+          "status_code": {
+            "type": "integer"
+          },
+          "stream": {
+            "type": "boolean"
+          },
+          "timestamp": {
+            "description": "Timestamp is when the request started",
+            "type": "string"
+          },
+          "usage": {
+            "$ref": "#/components/schemas/usage.RequestUsageSummary"
+          },
+          "user_path": {
+            "type": "string"
+          },
+          "workflow_version_id": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.auditLogListResponse": {
+        "type": "object",
+        "properties": {
+          "entries": {
+            "type": "array",
+            "items": {
+              "$ref": "#/components/schemas/admin.auditLogEntryResponse"
+            }
+          },
+          "limit": {
+            "type": "integer"
+          },
+          "offset": {
+            "type": "integer"
+          },
+          "total": {
+            "type": "integer"
+          }
+        }
+      },
+      "admin.budgetListResponse": {
+        "type": "object",
+        "properties": {
+          "budgets": {
+            "type": "array",
+            "items": {
+              "$ref": "#/components/schemas/admin.budgetStatusResponse"
             }
           },
-          {
-            "description": "Provider override for native lookups",
-            "name": "provider",
-            "in": "query",
-            "schema": {
-              "type": "string"
-            }
+          "server_time": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.budgetStatusResponse": {
+        "type": "object",
+        "properties": {
+          "amount": {
+            "type": "number"
+          },
+          "created_at": {
+            "type": "string"
+          },
+          "has_usage": {
+            "type": "boolean"
+          },
+          "last_reset_at": {
+            "type": "string"
+          },
+          "period_end": {
+            "type": "string"
+          },
+          "period_label": {
+            "type": "string"
+          },
+          "period_ratio": {
+            "type": "number"
+          },
+          "period_seconds": {
+            "type": "integer"
+          },
+          "period_start": {
+            "type": "string"
+          },
+          "remaining": {
+            "type": "number"
+          },
+          "source": {
+            "type": "string"
+          },
+          "spent": {
+            "type": "number"
+          },
+          "updated_at": {
+            "type": "string"
+          },
+          "usage_ratio": {
+            "type": "number"
+          },
+          "user_path": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.deleteBudgetRequest": {
+        "type": "object",
+        "properties": {
+          "period": {
+            "type": "string"
+          },
+          "period_seconds": {
+            "type": "integer"
           },
-          {
-            "description": "Pagination cursor",
-            "name": "after",
-            "in": "query",
-            "schema": {
-              "type": "string"
-            }
+          "user_path": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.resetBudgetRequest": {
+        "type": "object",
+        "properties": {
+          "period": {
+            "type": "string"
           },
-          {
-            "description": "Fields to include in listed input items",
-            "name": "include",
-            "in": "query",
-            "explode": true,
-            "schema": {
-              "type": "array",
-              "items": {
-                "type": "string"
-              }
-            }
+          "period_seconds": {
+            "type": "integer"
           },
-          {
-            "description": "Fields to include in listed input items",
-            "name": "include[]",
-            "in": "query",
-            "explode": true,
-            "schema": {
-              "type": "array",
-              "items": {
-                "type": "string"
-              }
-            }
+          "user_path": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.resetBudgetsRequest": {
+        "type": "object",
+        "properties": {
+          "confirmation": {
+            "type": "string"
+          }
+        }
+      },
+      "admin.updateBudgetSettingsRequest": {
+        "type": "object",
+        "properties": {
+          "daily_reset_hour": {
+            "type": "integer"
           },
-          {
-            "description": "Maximum items to return (1-100, default 20)",
-            "name": "limit",
-            "in": "query",
-            "schema": {
-              "type": "integer"
-            }
+          "daily_reset_minute": {
+            "type": "integer"
           },
-          {
-            "description": "Sort order: asc or desc",
-            "name": "order",
-            "in": "query",
-            "schema": {
-              "type": "string",
-              "enum": [
-                "asc",
-                "desc"
-              ]
-            }
-          }
-        ],
-        "responses": {
-          "200": {
-            "description": "OK",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.ResponseInputItemListResponse"
-                }
-              }
-            }
+          "monthly_reset_day": {
+            "type": "integer"
           },
-          "400": {
-            "description": "Bad Request",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
-                }
-              }
-            }
+          "monthly_reset_hour": {
+            "type": "integer"
           },
-          "401": {
-            "description": "Unauthorized",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
-                }
-              }
-            }
+          "monthly_reset_minute": {
+            "type": "integer"
           },
-          "404": {
-            "description": "Not Found",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
-                }
-              }
-            }
+          "weekly_reset_hour": {
+            "type": "integer"
           },
-          "501": {
-            "description": "Not Implemented",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
-                }
-              }
-            }
+          "weekly_reset_minute": {
+            "type": "integer"
           },
-          "502": {
-            "description": "Bad Gateway",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/core.OpenAIErrorEnvelope"
-                }
-              }
-            }
+          "weekly_reset_weekday": {
+            "type": "integer"
           }
-        },
-        "security": [
-          {
-            "BearerAuth": []
+        }
+      },
+      "admin.upsertBudgetRequest": {
+        "type": "object",
+        "properties": {
+          "amount": {
+            "type": "number"
+          },
+          "period": {
+            "type": "string"
+          },
+          "period_seconds": {
+            "type": "integer"
+          },
+          "source": {
+            "type": "string"
+          },
+          "user_path": {
+            "type": "string"
           }
-        ]
-      }
-    }
-  },
-  "servers": [
-    {
-      "url": "https://gomodel.example.com",
-      "description": "GoModel HTTPS deployment"
-    },
-    {
-      "url": "http://localhost:8080",
-      "description": "Local GoModel"
-    }
-  ],
-  "components": {
-    "securitySchemes": {
-      "BearerAuth": {
-        "type": "apiKey",
-        "name": "Authorization",
-        "in": "header"
-      }
-    },
-    "schemas": {
+        }
+      },
       "auditlog.ConversationResult": {
         "type": "object",
         "properties": {
@@ -4013,6 +4679,9 @@
           "api_key_hash": {
             "type": "string"
           },
+          "error_code": {
+            "type": "string"
+          },
           "error_message": {
             "description": "Error details (message can be long, so kept in JSON)",
             "type": "string"
@@ -4149,32 +4818,15 @@
           }
         }
       },
-      "auditlog.LogListResult": {
-        "type": "object",
-        "properties": {
-          "entries": {
-            "type": "array",
-            "items": {
-              "$ref": "#/components/schemas/auditlog.LogEntry"
-            }
-          },
-          "limit": {
-            "type": "integer"
-          },
-          "offset": {
-            "type": "integer"
-          },
-          "total": {
-            "type": "integer"
-          }
-        }
-      },
       "auditlog.WorkflowFeaturesSnapshot": {
         "type": "object",
         "properties": {
           "audit": {
             "type": "boolean"
           },
+          "budget": {
+            "type": "boolean"
+          },
           "cache": {
             "type": "boolean"
           },
@@ -4189,6 +4841,38 @@
           }
         }
       },
+      "budget.Settings": {
+        "type": "object",
+        "properties": {
+          "daily_reset_hour": {
+            "type": "integer"
+          },
+          "daily_reset_minute": {
+            "type": "integer"
+          },
+          "monthly_reset_day": {
+            "type": "integer"
+          },
+          "monthly_reset_hour": {
+            "type": "integer"
+          },
+          "monthly_reset_minute": {
+            "type": "integer"
+          },
+          "updated_at": {
+            "type": "string"
+          },
+          "weekly_reset_hour": {
+            "type": "integer"
+          },
+          "weekly_reset_minute": {
+            "type": "integer"
+          },
+          "weekly_reset_weekday": {
+            "type": "integer"
+          }
+        }
+      },
       "core.BatchError": {
         "type": "object",
         "properties": {
@@ -5606,6 +6290,38 @@
           }
         }
       },
+      "usage.RequestUsageSummary": {
+        "type": "object",
+        "properties": {
+          "cache_write_input_tokens": {
+            "type": "integer"
+          },
+          "cached_input_ratio": {
+            "type": "number"
+          },
+          "cached_input_tokens": {
+            "type": "integer"
+          },
+          "entries": {
+            "type": "integer"
+          },
+          "estimated_cached_characters": {
+            "type": "integer"
+          },
+          "input_tokens": {
+            "type": "integer"
+          },
+          "output_tokens": {
+            "type": "integer"
+          },
+          "total_tokens": {
+            "type": "integer"
+          },
+          "uncached_input_tokens": {
+            "type": "integer"
+          }
+        }
+      },
       "usage.UsageLogEntry": {
         "type": "object",
         "properties": {
diff --git a/internal/admin/dashboard/static/css/dashboard.css b/internal/admin/dashboard/static/css/dashboard.css
index 2beb25ac..d3f70011 100644
--- a/internal/admin/dashboard/static/css/dashboard.css
+++ b/internal/admin/dashboard/static/css/dashboard.css
@@ -3418,9 +3418,291 @@ body.conversation-drawer-open {
   width: 100%;
 }
 
+.budget-help-notice {
+  margin-bottom: 16px;
+}
+
+.budget-list {
+  display: grid;
+  gap: 10px;
+}
+
+.budget-row {
+  display: grid;
+  grid-template-columns: minmax(0, 1fr) auto;
+  align-items: center;
+  gap: 16px;
+  padding: 12px 14px;
+  background: var(--bg-surface);
+  border: 1px solid var(--border);
+  border-radius: var(--radius);
+}
+
+.budget-row-main {
+  min-width: 0;
+}
+
+.budget-row-head {
+  display: flex;
+  align-items: center;
+  gap: 10px;
+  min-width: 0;
+}
+
+.budget-user-path {
+  display: inline-flex;
+  align-items: center;
+  max-width: 100%;
+  min-height: 24px;
+  padding: 2px 8px;
+  border: 1px solid color-mix(in srgb, var(--accent) 32%, var(--border));
+  border-radius: 6px;
+  background: color-mix(in srgb, var(--accent) 9%, var(--bg));
+  color: var(--text);
+  font-family: "SF Mono", Menlo, Consolas, monospace;
+  font-size: 12px;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
+.budget-row-meta {
+  display: inline-flex;
+  align-items: center;
+  gap: 8px;
+  min-width: 0;
+  color: var(--text-muted);
+  font-size: 12px;
+}
+
+.budget-source {
+  padding: 2px 7px;
+  border: 1px solid var(--border);
+  border-radius: 999px;
+  background: var(--bg);
+  color: var(--text-muted);
+  font-size: 11px;
+}
+
+.budget-bars {
+  display: grid;
+  gap: 6px;
+  margin-top: 10px;
+}
+
+.budget-bar-line {
+  display: grid;
+  grid-template-columns: 118px minmax(0, 1fr);
+  align-items: center;
+  gap: 10px;
+}
+
+.budget-bar-label {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  gap: 6px;
+  color: var(--text-muted);
+  font-size: 11px;
+  line-height: 1;
+}
+
+.budget-bar-track {
+  position: relative;
+  height: 14px;
+  overflow: hidden;
+  border-radius: 999px;
+  background: color-mix(in srgb, var(--border) 75%, var(--bg));
+}
+
+.budget-bar-fill {
+  height: 100%;
+  min-width: 0;
+  border-radius: inherit;
+  transition: width 0.2s ease;
+}
+
+.budget-bar-fill-usage {
+  background: color-mix(in srgb, var(--success) 82%, var(--accent));
+}
+
+.budget-bar-fill-period {
+  background: color-mix(in srgb, var(--accent) 75%, var(--warning));
+}
+
+.budget-bar-fill-danger {
+  background: var(--danger);
+}
+
+.budget-bar-text-row {
+  position: absolute;
+  inset: 0;
+  z-index: 1;
+  pointer-events: none;
+  color: var(--text);
+}
+
+.budget-bar-text-row-on-fill {
+  color: #fff;
+  clip-path: inset(0 calc(100% - var(--budget-progress, 0%)) 0 0);
+}
+
+.budget-bar-text {
+  position: absolute;
+  top: 50%;
+  max-width: min(44%, 190px);
+  overflow: hidden;
+  font-size: 10px;
+  font-weight: 700;
+  line-height: 1;
+  text-overflow: ellipsis;
+  text-shadow: 0 1px 1px color-mix(in srgb, var(--bg) 72%, transparent);
+  white-space: nowrap;
+}
+
+.budget-bar-text-start {
+  left: 6px;
+  transform: translateY(-50%);
+}
+
+.budget-bar-text-center {
+  left: 50%;
+  max-width: min(46%, 240px);
+  transform: translate(-50%, -50%);
+}
+
+.budget-bar-text-end {
+  right: 6px;
+  max-width: min(34%, 180px);
+  text-align: right;
+  transform: translateY(-50%);
+}
+
+.budget-period-label {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  gap: 5px;
+  padding: 2px 7px;
+  border: 1px solid var(--border);
+  border-radius: 999px;
+  color: var(--text);
+  font-weight: 600;
+  white-space: nowrap;
+}
+
+.budget-period-label::before {
+  content: "";
+  width: 6px;
+  height: 6px;
+  flex: 0 0 6px;
+  border-radius: 999px;
+  background: currentColor;
+}
+
+.budget-period-label-hourly {
+  border-color: color-mix(in srgb, var(--accent) 48%, var(--border));
+  background: color-mix(in srgb, var(--accent) 10%, var(--bg));
+  color: var(--accent);
+}
+
+.budget-period-label-daily {
+  border-color: color-mix(in srgb, var(--success) 42%, var(--border));
+  background: color-mix(in srgb, var(--success) 9%, var(--bg));
+  color: var(--success);
+}
+
+.budget-period-label-weekly {
+  border-color: color-mix(in srgb, var(--warning) 45%, var(--border));
+  background: color-mix(in srgb, var(--warning) 10%, var(--bg));
+  color: var(--warning);
+}
+
+.budget-period-label-monthly {
+  border-color: color-mix(in srgb, var(--accent-hover) 58%, var(--border));
+  background: color-mix(in srgb, var(--accent-hover) 16%, var(--bg));
+  color: var(--accent-hover);
+  box-shadow: inset 0 -2px 0 color-mix(in srgb, var(--accent-hover) 32%, transparent);
+}
+
+.budget-period-label-custom {
+  border-style: dashed;
+  border-color: color-mix(in srgb, var(--text-muted) 58%, var(--border));
+  background: color-mix(in srgb, var(--text-muted) 9%, var(--bg));
+  color: var(--text-muted);
+}
+
+.budget-period-label-custom::before {
+  background: transparent;
+  border: 1px solid currentColor;
+}
+
+.budget-row-actions {
+  display: flex;
+  flex-direction: column;
+  flex-wrap: wrap;
+  justify-content: flex-end;
+  gap: 8px;
+}
+
+.budget-action-btn {
+  min-width: 82px;
+  justify-content: center;
+}
+
+.budget-action-btn-warning {
+  color: var(--warning);
+  border-color: color-mix(in srgb, var(--warning) 50%, var(--border));
+}
+
+.budget-action-icon {
+  width: 14px;
+  height: 14px;
+  flex: 0 0 14px;
+}
+
+.budget-editor {
+  background: color-mix(in srgb, var(--bg-surface) 86%, var(--bg) 14%);
+}
+
 .budget-settings-grid {
-  width: min(100%, 780px);
-  grid-template-columns: repeat(3, minmax(140px, 1fr));
+  display: grid;
+  gap: 12px;
+}
+
+.budget-settings-row {
+  display: grid;
+  grid-template-columns: 96px minmax(170px, 1fr) minmax(110px, 140px) minmax(110px, 140px) minmax(220px, 280px);
+  align-items: start;
+  gap: 12px;
+}
+
+.budget-settings-period {
+  align-self: end;
+  color: var(--text);
+  font-size: 12px;
+  font-weight: 700;
+  letter-spacing: 0;
+  min-height: 35px;
+  padding-bottom: 9px;
+  text-transform: uppercase;
+}
+
+.budget-settings-spacer {
+  min-height: 1px;
+}
+
+.budget-settings-help-cell {
+  align-self: start;
+  min-width: 0;
+  min-height: 35px;
+}
+
+.budget-settings-help-cell .inline-help-copy {
+  margin: 22px 0 0;
+  max-width: 280px;
+  font-size: 12px;
+  line-height: 1.35;
 }
 
 .budget-settings-actions {
@@ -3757,6 +4039,25 @@ body.conversation-drawer-open {
     font-size: 11px;
   }
 
+  .budget-row {
+    grid-template-columns: 1fr;
+  }
+  .budget-row-head {
+    align-items: flex-start;
+    flex-direction: column;
+  }
+  .budget-row-actions {
+    justify-content: flex-start;
+  }
+  .budget-bar-line {
+    grid-template-columns: 1fr;
+    gap: 5px;
+  }
+  .budget-period-window {
+    flex-direction: column;
+    gap: 4px;
+  }
+
   .form-grid {
     grid-template-columns: 1fr;
   }
@@ -3883,6 +4184,12 @@ body.conversation-drawer-open {
   .budget-settings-grid {
     grid-template-columns: 1fr;
   }
+  .budget-settings-row {
+    grid-template-columns: 1fr;
+  }
+  .budget-settings-spacer {
+    display: none;
+  }
   .budget-settings-actions {
     width: 100%;
   }
diff --git a/internal/admin/dashboard/static/js/dashboard.js b/internal/admin/dashboard/static/js/dashboard.js
index 2dbfe32c..219743a3 100644
--- a/internal/admin/dashboard/static/js/dashboard.js
+++ b/internal/admin/dashboard/static/js/dashboard.js
@@ -160,6 +160,7 @@ function dashboard() {
       page = [
         "overview",
         "usage",
+        "budgets",
         "models",
         "workflows",
         "audit-logs",
@@ -192,6 +193,9 @@ function dashboard() {
       ) {
         this.fetchGuardrailsPage();
       }
+      if (page === "budgets" && typeof this.fetchBudgetsPage === "function") {
+        this.fetchBudgetsPage();
+      }
       if (page === "settings") {
         if (typeof this.ensureTimezoneOptions === "function") {
           this.ensureTimezoneOptions();
@@ -358,8 +362,9 @@ function dashboard() {
           (this.aliasFormOpen || this.modelOverrideFormOpen)) ||
         (this.page === "workflows" && this.workflowFormOpen) ||
         (this.page === "guardrails" && this.guardrailFormOpen) ||
-        (this.page === "auth-keys" && this.authKeyFormOpen)
-        || this.budgetResetDialogOpen
+        (this.page === "auth-keys" && this.authKeyFormOpen) ||
+        (this.page === "budgets" && this.budgetFormOpen) ||
+        this.budgetResetDialogOpen
       );
     },
 
@@ -454,6 +459,12 @@ function dashboard() {
       if (typeof this.fetchWorkflowsPage === "function") {
         requests.push(this.fetchWorkflowsPage());
       }
+      if (
+        this.page === "budgets" &&
+        typeof this.fetchBudgetsPage === "function"
+      ) {
+        requests.push(this.fetchBudgetsPage());
+      }
       if (
         this.hasCalendarModule &&
         typeof this.fetchCalendarData === "function"
@@ -544,6 +555,12 @@ function dashboard() {
       ) {
         requests.push(this.fetchGuardrailsPage());
       }
+      if (
+        this.page === "budgets" &&
+        typeof this.fetchBudgetsPage === "function"
+      ) {
+        requests.push(this.fetchBudgetsPage());
+      }
       if (this.page === "usage" && typeof this.fetchUsagePage === "function") {
         requests.push(this.fetchUsagePage());
       }
diff --git a/internal/admin/dashboard/static/js/modules/budgets.js b/internal/admin/dashboard/static/js/modules/budgets.js
index 1c3dcbea..e42b2c48 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.js
+++ b/internal/admin/dashboard/static/js/modules/budgets.js
@@ -18,6 +18,25 @@
             budgetResetDialogOpen: false,
             budgetResetConfirmation: '',
             budgetResetLoading: false,
+            budgets: [],
+            budgetsAvailable: true,
+            budgetsLoading: false,
+            budgetFilter: '',
+            budgetError: '',
+            budgetNotice: '',
+            budgetFormOpen: false,
+            budgetFormSubmitting: false,
+            budgetFormError: '',
+            budgetEditing: false,
+            budgetResettingKey: '',
+            budgetDeletingKey: '',
+            budgetForm: {
+                user_path: '',
+                period: 'daily',
+                period_seconds: 86400,
+                amount: '',
+                source: 'manual'
+            },
 
             budgetManagementEnabled() {
                 return typeof this.workflowRuntimeBooleanFlag === 'function'
@@ -25,6 +44,509 @@
                     : true;
             },
 
+            defaultBudgetForm() {
+                return {
+                    user_path: '',
+                    period: 'daily',
+                    period_seconds: 86400,
+                    amount: '',
+                    source: 'manual'
+                };
+            },
+
+            budgetPeriodOptions() {
+                return [
+                    { value: 'hourly', label: 'Hourly' },
+                    { value: 'daily', label: 'Daily' },
+                    { value: 'weekly', label: 'Weekly' },
+                    { value: 'monthly', label: 'Monthly' },
+                    { value: 'custom', label: 'Custom seconds' }
+                ];
+            },
+
+            budgetPeriodSeconds(period) {
+                switch (String(period || '').trim().toLowerCase()) {
+                case 'hourly':
+                    return 3600;
+                case 'daily':
+                    return 86400;
+                case 'weekly':
+                    return 604800;
+                case 'monthly':
+                    return 2592000;
+                default:
+                    return 0;
+                }
+            },
+
+            budgetPeriodFromSeconds(seconds) {
+                switch (Number(seconds || 0)) {
+                case 3600:
+                    return 'hourly';
+                case 86400:
+                    return 'daily';
+                case 604800:
+                    return 'weekly';
+                case 2592000:
+                    return 'monthly';
+                default:
+                    return 'custom';
+                }
+            },
+
+            syncBudgetPeriodSeconds() {
+                const period = String(this.budgetForm && this.budgetForm.period || '').trim();
+                const seconds = this.budgetPeriodSeconds(period);
+                if (seconds > 0) {
+                    this.budgetForm.period_seconds = seconds;
+                }
+            },
+
+            budgetKey(item) {
+                return String(item && item.user_path || '') + ':' + String(item && item.period_seconds || '');
+            },
+
+            budgetUserPathValidationError(value) {
+                const trimmed = String(value || '').trim();
+                if (!trimmed) {
+                    return 'User path is required.';
+                }
+                const raw = trimmed.startsWith('/') ? trimmed : '/' + trimmed;
+                const segments = raw.split('/');
+                for (const part of segments) {
+                    const segment = String(part || '').trim();
+                    if (!segment) {
+                        continue;
+                    }
+                    if (segment === '.' || segment === '..') {
+                        return 'User path cannot contain "." or ".." segments.';
+                    }
+                    if (segment.includes(':')) {
+                        return 'User path cannot contain ":" segments.';
+                    }
+                }
+                return '';
+            },
+
+            normalizeBudgetUserPath(value) {
+                if (this.budgetUserPathValidationError(value)) {
+                    return '';
+                }
+                const trimmed = String(value || '').trim();
+                const raw = trimmed.startsWith('/') ? trimmed : '/' + trimmed;
+                const segments = raw.split('/');
+                const canonical = [];
+                for (const part of segments) {
+                    const segment = String(part || '').trim();
+                    if (segment) {
+                        canonical.push(segment);
+                    }
+                }
+                return canonical.length ? '/' + canonical.join('/') : '/';
+            },
+
+            normalizeBudgetListPayload(payload) {
+                if (Array.isArray(payload)) {
+                    return payload;
+                }
+                if (payload && Array.isArray(payload.budgets)) {
+                    return payload.budgets;
+                }
+                return [];
+            },
+
+            filteredBudgets() {
+                const filter = String(this.budgetFilter || '').trim().toLowerCase();
+                if (!filter) {
+                    return this.budgets;
+                }
+                return this.budgets.filter((item) => {
+                    const userPath = String(item && item.user_path || '').toLowerCase();
+                    return userPath.includes(filter);
+                });
+            },
+
+            async budgetResponseMessage(res, fallback) {
+                try {
+                    const payload = await res.json();
+                    if (payload && payload.error && payload.error.message) {
+                        return payload.error.message;
+                    }
+                } catch (_) {
+                    // Ignore invalid or empty responses and return the fallback message.
+                }
+                return fallback;
+            },
+
+            async fetchBudgetsPage() {
+                if (!this.budgetManagementEnabled()) {
+                    this.budgets = [];
+                    this.budgetsAvailable = false;
+                    this.budgetError = '';
+                    return;
+                }
+                await this.fetchBudgets();
+            },
+
+            async fetchBudgets() {
+                this.budgetsLoading = true;
+                this.budgetError = '';
+                try {
+                    const request = typeof this.requestOptions === 'function' ? this.requestOptions() : { headers: this.headers() };
+                    const res = await fetch('/admin/api/v1/budgets', request);
+                    if (res.status === 503) {
+                        this.budgetsAvailable = false;
+                        this.budgets = [];
+                        return;
+                    }
+                    const handled = this.handleFetchResponse(res, 'budgets', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    this.budgetsAvailable = true;
+                    if (!handled) {
+                        this.budgetError = 'Unable to load budgets.';
+                        return;
+                    }
+                    this.budgets = this.normalizeBudgetListPayload(await res.json());
+                    if (typeof this.renderIconsAfterUpdate === 'function') {
+                        this.renderIconsAfterUpdate();
+                    }
+                } catch (e) {
+                    console.error('Failed to fetch budgets:', e);
+                    this.budgets = [];
+                    this.budgetError = 'Unable to load budgets.';
+                } finally {
+                    this.budgetsLoading = false;
+                }
+            },
+
+            openBudgetForm(item) {
+                this.budgetEditing = !!item;
+                this.budgetFormError = '';
+                this.budgetError = '';
+                this.budgetNotice = '';
+                if (item) {
+                    const periodSeconds = Number(item.period_seconds || 0);
+                    this.budgetForm = {
+                        user_path: String(item.user_path || ''),
+                        period: this.budgetPeriodFromSeconds(periodSeconds),
+                        period_seconds: periodSeconds,
+                        amount: String(item.amount || ''),
+                        source: String(item.source || 'manual')
+                    };
+                } else {
+                    this.budgetForm = this.defaultBudgetForm();
+                }
+                this.budgetFormOpen = true;
+                if (typeof this.renderIconsAfterUpdate === 'function') {
+                    this.renderIconsAfterUpdate();
+                }
+                if (typeof this.$nextTick === 'function') {
+                    this.$nextTick(() => {
+                        const refs = this.$refs || {};
+                        const input = this.budgetEditing ? refs.budgetAmountInput : refs.budgetUserPathInput;
+                        if (input && typeof input.focus === 'function') {
+                            input.focus({ preventScroll: true });
+                        }
+                    });
+                }
+            },
+
+            closeBudgetForm() {
+                this.budgetFormOpen = false;
+                this.budgetFormSubmitting = false;
+                this.budgetFormError = '';
+                this.budgetEditing = false;
+                this.budgetForm = this.defaultBudgetForm();
+            },
+
+            budgetFormPayload() {
+                const userPathError = this.budgetUserPathValidationError(this.budgetForm.user_path);
+                if (userPathError) {
+                    this.budgetFormError = userPathError;
+                    return null;
+                }
+                const amount = Number(this.budgetForm.amount);
+                if (!Number.isFinite(amount) || amount <= 0) {
+                    this.budgetFormError = 'Amount must be greater than 0.';
+                    return null;
+                }
+                const period = String(this.budgetForm.period || '').trim();
+                let periodSeconds = this.budgetPeriodSeconds(period);
+                if (period === 'custom') {
+                    periodSeconds = Number(this.budgetForm.period_seconds);
+                }
+                if (!Number.isFinite(periodSeconds) || periodSeconds <= 0) {
+                    this.budgetFormError = 'Period seconds must be greater than 0.';
+                    return null;
+                }
+                return {
+                    user_path: this.normalizeBudgetUserPath(this.budgetForm.user_path),
+                    period_seconds: Math.trunc(periodSeconds),
+                    amount,
+                    source: String(this.budgetForm.source || 'manual').trim() || 'manual'
+                };
+            },
+
+            async submitBudgetForm() {
+                if (this.budgetFormSubmitting) {
+                    return;
+                }
+                const payload = this.budgetFormPayload();
+                if (!payload) {
+                    return;
+                }
+                this.budgetFormSubmitting = true;
+                this.budgetFormError = '';
+                this.budgetError = '';
+                this.budgetNotice = '';
+                try {
+                    const request = typeof this.requestOptions === 'function'
+                        ? this.requestOptions({
+                            method: 'PUT',
+                            body: JSON.stringify(payload)
+                        })
+                        : {
+                            method: 'PUT',
+                            headers: this.headers(),
+                            body: JSON.stringify(payload)
+                        };
+                    const res = await fetch('/admin/api/v1/budgets', request);
+                    if (res.status === 503) {
+                        this.budgetsAvailable = false;
+                        this.budgetFormError = 'Budget management is unavailable.';
+                        return;
+                    }
+                    const handled = this.handleFetchResponse(res, 'budget', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetFormError = await this.budgetResponseMessage(res, 'Unable to save budget.');
+                        return;
+                    }
+                    this.closeBudgetForm();
+                    await this.fetchBudgets();
+                    this.budgetNotice = 'Budget saved.';
+                } catch (e) {
+                    console.error('Failed to save budget:', e);
+                    this.budgetFormError = 'Unable to save budget.';
+                } finally {
+                    this.budgetFormSubmitting = false;
+                }
+            },
+
+            async resetBudget(item) {
+                if (!item) {
+                    return;
+                }
+                const key = this.budgetKey(item);
+                if (this.budgetResettingKey === key) {
+                    return;
+                }
+                const label = String(item.user_path || '') + ' ' + this.budgetPeriodLabel(item);
+                if (global.confirm && !global.confirm('Reset budget "' + label + '"?')) {
+                    return;
+                }
+                this.budgetResettingKey = key;
+                this.budgetError = '';
+                this.budgetNotice = '';
+                try {
+                    const request = typeof this.requestOptions === 'function'
+                        ? this.requestOptions({
+                            method: 'POST',
+                            body: JSON.stringify({
+                                user_path: item.user_path,
+                                period_seconds: item.period_seconds
+                            })
+                        })
+                        : {
+                            method: 'POST',
+                            headers: this.headers(),
+                            body: JSON.stringify({
+                                user_path: item.user_path,
+                                period_seconds: item.period_seconds
+                            })
+                        };
+                    const res = await fetch('/admin/api/v1/budgets/reset-one', request);
+                    if (res.status === 503) {
+                        this.budgetsAvailable = false;
+                        this.budgetError = 'Budget management is unavailable.';
+                        return;
+                    }
+                    const handled = this.handleFetchResponse(res, 'budget reset', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetError = await this.budgetResponseMessage(res, 'Unable to reset budget.');
+                        return;
+                    }
+                    await this.fetchBudgets();
+                    this.budgetNotice = 'Budget reset.';
+                } catch (e) {
+                    console.error('Failed to reset budget:', e);
+                    this.budgetError = 'Unable to reset budget.';
+                } finally {
+                    this.budgetResettingKey = '';
+                }
+            },
+
+            async deleteBudget(item) {
+                if (!item) {
+                    return;
+                }
+                const key = this.budgetKey(item);
+                if (this.budgetDeletingKey === key) {
+                    return;
+                }
+                const label = String(item.user_path || '') + ' ' + this.budgetPeriodLabel(item);
+                if (global.confirm && !global.confirm('Delete budget "' + label + '"? This cannot be undone.')) {
+                    return;
+                }
+                this.budgetDeletingKey = key;
+                this.budgetError = '';
+                this.budgetNotice = '';
+                try {
+                    const request = typeof this.requestOptions === 'function'
+                        ? this.requestOptions({
+                            method: 'DELETE',
+                            body: JSON.stringify({
+                                user_path: item.user_path,
+                                period_seconds: item.period_seconds
+                            })
+                        })
+                        : {
+                            method: 'DELETE',
+                            headers: this.headers(),
+                            body: JSON.stringify({
+                                user_path: item.user_path,
+                                period_seconds: item.period_seconds
+                            })
+                        };
+                    const res = await fetch('/admin/api/v1/budgets', request);
+                    if (res.status === 503) {
+                        this.budgetsAvailable = false;
+                        this.budgetError = 'Budget management is unavailable.';
+                        return;
+                    }
+                    const handled = this.handleFetchResponse(res, 'budget delete', request);
+                    if (typeof this.isStaleAuthFetchResult === 'function' && this.isStaleAuthFetchResult(handled)) {
+                        return;
+                    }
+                    if (!handled) {
+                        this.budgetError = await this.budgetResponseMessage(res, 'Unable to delete budget.');
+                        return;
+                    }
+                    this.budgets = this.normalizeBudgetListPayload(await res.json());
+                    if (typeof this.renderIconsAfterUpdate === 'function') {
+                        this.renderIconsAfterUpdate();
+                    }
+                    this.budgetNotice = 'Budget deleted.';
+                } catch (e) {
+                    console.error('Failed to delete budget:', e);
+                    this.budgetError = 'Unable to delete budget.';
+                } finally {
+                    this.budgetDeletingKey = '';
+                }
+            },
+
+            budgetRatio(value) {
+                const parsed = Number(value);
+                if (!Number.isFinite(parsed) || parsed < 0) {
+                    return 0;
+                }
+                return parsed;
+            },
+
+            budgetPercentFromRatio(value, clamp) {
+                const ratio = this.budgetRatio(value);
+                const bounded = clamp ? Math.min(ratio, 1) : ratio;
+                return Math.round(bounded * 1000) / 10;
+            },
+
+            budgetUsageRatio(item) {
+                return this.budgetRatio(item && item.usage_ratio);
+            },
+
+            budgetUsagePercent(item) {
+                return this.budgetPercentFromRatio(this.budgetUsageRatio(item), true);
+            },
+
+            budgetPeriodPercent(item) {
+                return this.budgetPercentFromRatio(item && item.period_ratio, true);
+            },
+
+            budgetUsagePercentLabel(item) {
+                return this.budgetPercentFromRatio(this.budgetUsageRatio(item), false).toFixed(1).replace(/\.0$/, '') + '%';
+            },
+
+            budgetPeriodPercentLabel(item) {
+                return this.budgetPeriodPercent(item).toFixed(1).replace(/\.0$/, '') + '%';
+            },
+
+            budgetPeriodLabel(item) {
+                const seconds = Number(item && item.period_seconds || 0);
+                switch (seconds) {
+                case 3600:
+                    return 'Hourly';
+                case 86400:
+                    return 'Daily';
+                case 604800:
+                    return 'Weekly';
+                case 2592000:
+                    return 'Monthly';
+                default: {
+                    const label = String(item && item.period_label || '').trim();
+                    return label ? 'Custom ' + label : 'Custom ' + String(seconds || '') + 's';
+                }
+                }
+            },
+
+            budgetPeriodClass(item) {
+                const seconds = Number(item && item.period_seconds || 0);
+                switch (seconds) {
+                case 3600:
+                    return 'budget-period-label-hourly';
+                case 86400:
+                    return 'budget-period-label-daily';
+                case 604800:
+                    return 'budget-period-label-weekly';
+                case 2592000:
+                    return 'budget-period-label-monthly';
+                default:
+                    return 'budget-period-label-custom';
+                }
+            },
+
+            budgetSourceLabel(item) {
+                const source = String(item && item.source || '').trim();
+                return source || 'manual';
+            },
+
+            budgetSourceTitle(item) {
+                const source = this.budgetSourceLabel(item).toLowerCase();
+                if (source === 'manual') {
+                    return 'Created from the dashboard.';
+                }
+                if (source === 'config') {
+                    return 'Loaded from configuration.';
+                }
+                return 'Budget source: ' + source;
+            },
+
+            budgetRemainingLabel(item) {
+                const remaining = Number(item && item.remaining);
+                if (!Number.isFinite(remaining)) {
+                    return '';
+                }
+                if (remaining < 0) {
+                    return this.formatCost(Math.abs(remaining)) + ' over';
+                }
+                return this.formatCost(remaining) + ' remaining';
+            },
+
             budgetWeekdays() {
                 return [
                     { value: 0, label: 'Sunday' },
@@ -160,6 +682,9 @@
                         return;
                     }
                     this.closeBudgetResetDialog();
+                    if (this.page === 'budgets' && typeof this.fetchBudgets === 'function') {
+                        await this.fetchBudgets();
+                    }
                     this.budgetSettingsNotice = 'Budgets reset.';
                 } catch (e) {
                     console.error('Failed to reset budgets:', e);
diff --git a/internal/admin/dashboard/static/js/modules/budgets.test.js b/internal/admin/dashboard/static/js/modules/budgets.test.js
index 69df1f44..9e40fad1 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.test.js
+++ b/internal/admin/dashboard/static/js/modules/budgets.test.js
@@ -63,6 +63,136 @@ test('budgetSettingsPayload normalizes numeric values before saving', () => {
     }));
 });
 
+test('budgetFormPayload normalizes user path and standard periods', () => {
+    const module = createBudgetsModule();
+    module.budgetForm = {
+        user_path: 'team/alpha',
+        period: 'weekly',
+        period_seconds: 0,
+        amount: '12.3456',
+        source: ''
+    };
+
+    assert.equal(JSON.stringify(module.budgetFormPayload()), JSON.stringify({
+        user_path: '/team/alpha',
+        period_seconds: 604800,
+        amount: 12.3456,
+        source: 'manual'
+    }));
+});
+
+test('fetchBudgets reads budget rows from the list envelope', async () => {
+    let renderIconsCalls = 0;
+    const module = createBudgetsModule({
+        fetch(url) {
+            assert.equal(url, '/admin/api/v1/budgets');
+            return Promise.resolve({
+                status: 200,
+                ok: true,
+                json: () => Promise.resolve({
+                    budgets: [
+                        { user_path: '/team', period_seconds: 86400, amount: 10 }
+                    ]
+                })
+            });
+        }
+    });
+    module.requestOptions = () => ({});
+    module.handleFetchResponse = () => true;
+    module.renderIconsAfterUpdate = () => {
+        renderIconsCalls++;
+    };
+
+    await module.fetchBudgets();
+
+    assert.equal(module.budgetsAvailable, true);
+    assert.equal(module.budgets.length, 1);
+    assert.equal(module.budgets[0].user_path, '/team');
+    assert.equal(renderIconsCalls, 1);
+});
+
+test('filteredBudgets filters only by user path', () => {
+    const module = createBudgetsModule();
+    module.budgets = [
+        { user_path: '/team/alpha', period_label: 'daily' },
+        { user_path: '/team/beta', period_label: 'weekly' },
+        { user_path: '/platform', period_label: 'team' }
+    ];
+
+    module.budgetFilter = 'TEAM/A';
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
+        { user_path: '/team/alpha', period_label: 'daily' }
+    ]));
+
+    module.budgetFilter = 'weekly';
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([]));
+
+    module.budgetFilter = '';
+    assert.equal(module.filteredBudgets(), module.budgets);
+});
+
+test('budgetSourceTitle explains manual and config sources', () => {
+    const module = createBudgetsModule();
+
+    assert.equal(module.budgetSourceTitle({ source: 'manual' }), 'Created from the dashboard.');
+    assert.equal(module.budgetSourceTitle({ source: 'config' }), 'Loaded from configuration.');
+    assert.equal(module.budgetSourceTitle({ source: 'import' }), 'Budget source: import');
+});
+
+test('budgetPeriodLabel and class distinguish standard and custom periods', () => {
+    const module = createBudgetsModule();
+
+    assert.equal(module.budgetPeriodLabel({ period_seconds: 3600 }), 'Hourly');
+    assert.equal(module.budgetPeriodClass({ period_seconds: 3600 }), 'budget-period-label-hourly');
+    assert.equal(module.budgetPeriodLabel({ period_seconds: 86400 }), 'Daily');
+    assert.equal(module.budgetPeriodClass({ period_seconds: 86400 }), 'budget-period-label-daily');
+    assert.equal(module.budgetPeriodLabel({ period_seconds: 604800 }), 'Weekly');
+    assert.equal(module.budgetPeriodClass({ period_seconds: 604800 }), 'budget-period-label-weekly');
+    assert.equal(module.budgetPeriodLabel({ period_seconds: 2592000 }), 'Monthly');
+    assert.equal(module.budgetPeriodClass({ period_seconds: 2592000 }), 'budget-period-label-monthly');
+    assert.equal(module.budgetPeriodLabel({ period_seconds: 7200, period_label: '7200s' }), 'Custom 7200s');
+    assert.equal(module.budgetPeriodClass({ period_seconds: 7200 }), 'budget-period-label-custom');
+});
+
+test('deleteBudget posts the selected budget key and refreshes from the response envelope', async () => {
+    const requests = [];
+    const module = createBudgetsModule({
+        confirm(message) {
+            assert.match(message, /Delete budget "\/team Daily"\? This cannot be undone\./);
+            return true;
+        },
+        fetch(url, request) {
+            requests.push({ url, request });
+            return Promise.resolve({
+                status: 200,
+                ok: true,
+                json: () => Promise.resolve({
+                    budgets: [
+                        { user_path: '/other', period_seconds: 86400, amount: 5 }
+                    ]
+                })
+            });
+        }
+    });
+    module.requestOptions = (options) => options || {};
+    module.handleFetchResponse = () => true;
+
+    await module.deleteBudget({ user_path: '/team', period_seconds: 86400, period_label: 'daily' });
+
+    assert.equal(requests.length, 1);
+    assert.equal(requests[0].url, '/admin/api/v1/budgets');
+    assert.equal(requests[0].request.method, 'DELETE');
+    assert.equal(requests[0].request.body, JSON.stringify({
+        user_path: '/team',
+        period_seconds: 86400
+    }));
+    assert.equal(module.budgetDeletingKey, '');
+    assert.equal(module.budgetNotice, 'Budget deleted.');
+    assert.equal(JSON.stringify(module.budgets), JSON.stringify([
+        { user_path: '/other', period_seconds: 86400, amount: 5 }
+    ]));
+});
+
 test('resetBudgets requires the typed reset confirmation before posting', async () => {
     const module = createBudgetsModule({
         fetch() {
diff --git a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
index 8b2b6021..acd5496e 100644
--- a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
+++ b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
@@ -19,6 +19,7 @@ function readDashboardTemplateSource() {
     readFixture("../../../templates/index.html"),
     readFixture("../../../templates/page-overview.html"),
     readFixture("../../../templates/page-usage.html"),
+    readFixture("../../../templates/page-budgets.html"),
     readFixture("../../../templates/page-settings.html"),
     readFixture("../../../templates/page-guardrails.html"),
     readFixture("../../../templates/page-auth-keys.html"),
@@ -62,7 +63,7 @@ test("sidebar and main content share the flex layout without manual content offs
   assert.doesNotMatch(template, /content-collapsed/);
   assert.match(
     template,
-    /href="\/admin\/dashboard\/overview"[\s\S]*<span>Overview<\/span>[\s\S]*href="\/admin\/dashboard\/models"[\s\S]*<span>Models<\/span>[\s\S]*href="\/admin\/dashboard\/audit-logs"[\s\S]*<span>Audit Logs<\/span>[\s\S]*href="\/admin\/dashboard\/usage"[\s\S]*<span>Usage<\/span>[\s\S]*href="\/admin\/dashboard\/auth-keys"[\s\S]*<span>API Keys<\/span>[\s\S]*href="\/admin\/dashboard\/workflows"[\s\S]*<span>Workflows<\/span>[\s\S]*href="\/admin\/dashboard\/guardrails"[\s\S]*x-show="guardrailsPageVisible\(\)"[\s\S]*<span>Guardrails \(experimental\)<\/span>[\s\S]*href="\/admin\/dashboard\/settings"[\s\S]*<span>Settings<\/span>/,
+    /href="\/admin\/dashboard\/overview"[\s\S]*<span>Overview<\/span>[\s\S]*href="\/admin\/dashboard\/models"[\s\S]*<span>Models<\/span>[\s\S]*href="\/admin\/dashboard\/audit-logs"[\s\S]*<span>Audit Logs<\/span>[\s\S]*href="\/admin\/dashboard\/usage"[\s\S]*<span>Usage<\/span>[\s\S]*href="\/admin\/dashboard\/budgets"[\s\S]*x-show="budgetManagementEnabled\(\)"[\s\S]*<span>Budgets<\/span>[\s\S]*href="\/admin\/dashboard\/auth-keys"[\s\S]*<span>API Keys<\/span>[\s\S]*href="\/admin\/dashboard\/workflows"[\s\S]*<span>Workflows<\/span>[\s\S]*href="\/admin\/dashboard\/guardrails"[\s\S]*x-show="guardrailsPageVisible\(\)"[\s\S]*<span>Guardrails \(experimental\)<\/span>[\s\S]*href="\/admin\/dashboard\/settings"[\s\S]*<span>Settings<\/span>/,
   );
 
   const sidebarRule = readCSSRule(css, ".sidebar");
@@ -178,6 +179,10 @@ test("dashboard chrome uses Lucide icons for stable navigation and auth controls
     template,
     /data-lucide="chart-column" class="nav-icon"[\s\S]*<span>Usage<\/span>/,
   );
+  assert.match(
+    template,
+    /data-lucide="wallet" class="nav-icon"[\s\S]*<span>Budgets<\/span>/,
+  );
   assert.match(
     template,
     /data-lucide="key-round" class="nav-icon"[\s\S]*<span>API Keys<\/span>/,
@@ -300,7 +305,7 @@ test("dashboard pages reuse a shared auth banner template", () => {
 
   const authBannerCalls =
     indexTemplate.match(/{{template "auth-banner" \.}}/g) || [];
-  assert.equal(authBannerCalls.length, 8);
+  assert.equal(authBannerCalls.length, 9);
   assert.match(
     indexTemplate,
     /<template x-if="page==='settings'">\s*<div>[\s\S]*{{template "auth-banner" \.}}/,
@@ -566,6 +571,135 @@ test("workflow guardrail warning links directly to the top-level guardrails page
   );
 });
 
+test("workflow editor and chart include budget control when budgets are enabled", () => {
+  const indexTemplate = readDashboardTemplateSource();
+  const chartTemplate = readFixture("../../../templates/workflow-chart.html");
+
+  assert.match(
+    indexTemplate,
+    /class="workflow-feature-toggle"[\s\S]*x-show="workflowBudgetVisible\(\)"[\s\S]*x-model="workflowForm\.features\.budget"[\s\S]*<span>Budget<\/span>/,
+  );
+  assert.match(
+    chartTemplate,
+    /class="workflow-conn" x-show="chart\.showBudget"[\s\S]*class="workflow-node workflow-node-feature workflow-node-budget" x-show="chart\.showBudget" :class="chart\.budgetNodeClass"[\s\S]*<span class="workflow-node-label">Budget<\/span>[\s\S]*x-text="chart\.budgetStatusLabel"/,
+  );
+});
+
+test("budget reset settings use period rows instead of a flat field grid", () => {
+  const indexTemplate = readDashboardTemplateSource();
+  const css = readFixture("../../css/dashboard.css");
+
+  assert.match(
+    indexTemplate,
+    /class="budget-settings-grid"[\s\S]*class="budget-settings-row"[\s\S]*class="budget-settings-period">Monthly<\/div>[\s\S]*for="budget-monthly-day">Day of Month<\/label>[\s\S]*for="budget-monthly-hour">Hour<\/label>[\s\S]*for="budget-monthly-minute">Minute<\/label>[\s\S]*class="budget-settings-period">Weekly<\/div>[\s\S]*for="budget-weekly-day">Day of Week<\/label>[\s\S]*class="budget-settings-help-cell" aria-hidden="true"[\s\S]*class="budget-settings-period">Daily<\/div>[\s\S]*class="budget-settings-spacer" aria-hidden="true"[\s\S]*for="budget-daily-hour">Hour<\/label>[\s\S]*for="budget-daily-minute">Minute<\/label>[\s\S]*class="budget-settings-help-cell" aria-hidden="true"/,
+  );
+  assert.match(
+    indexTemplate,
+    /copyId: 'budget-monthly-day-help-copy'[\s\S]*If the selected day does not exist in a month, the reset runs on the last day of that month\.[\s\S]*for="budget-monthly-day">Day of Month<\/label>[\s\S]*{{template "inline-help-toggle" \.}}[\s\S]*id="budget-monthly-day"[\s\S]*aria-describedby="budget-monthly-day-help-copy"[\s\S]*id="budget-monthly-minute"[\s\S]*<div class="budget-settings-help-cell">[\s\S]*<p :id="copyId" class="inline-help-copy" x-show="open" x-transition\.opacity\.duration\.200ms x-text="text"><\/p>/,
+  );
+  assert.match(
+    indexTemplate,
+    /<h3>Budget Resets<\/h3>[\s\S]*<span>Save Budget Settings<\/span>[\s\S]*<h3>Reset All Budgets<\/h3>[\s\S]*Start new budget periods for every configured budget without changing the limits\.[\s\S]*@click="openBudgetResetDialog\(\)"[\s\S]*<span>Reset Budgets<\/span>/,
+  );
+
+  const gridRule = readCSSRule(css, ".budget-settings-grid");
+  assert.match(gridRule, /display:\s*grid/);
+  assert.doesNotMatch(gridRule, /width:\s*min\(100%,\s*780px\)/);
+
+  const rowRule = readCSSRule(css, ".budget-settings-row");
+  assert.match(rowRule, /grid-template-columns:\s*96px/);
+  assert.match(rowRule, /minmax\(220px,\s*280px\)/);
+  assert.match(rowRule, /align-items:\s*start/);
+
+  const helpCellRule = readCSSRule(css, ".budget-settings-help-cell");
+  assert.match(helpCellRule, /min-height:\s*35px/);
+});
+
+test("budget row record actions stack reset under edit", () => {
+  const indexTemplate = readDashboardTemplateSource();
+  const css = readFixture("../../css/dashboard.css");
+
+  assert.match(
+    indexTemplate,
+    /copyId: 'budgets-help-copy'[\s\S]*Budgets are evaluated from tracked usage cost records for each user path subtree\. Enforcement runs only when Budget is enabled for the active workflow\.[\s\S]*<h2>Budgets<\/h2>[\s\S]*{{template "inline-help-toggle" \.}}[\s\S]*<p :id="copyId" class="inline-help-copy" x-show="open" x-transition\.opacity\.duration\.200ms x-text="text"><\/p>/,
+  );
+  assert.match(
+    indexTemplate,
+    /id="budget-filter"[\s\S]*placeholder="Filter by user path\.\.\."[\s\S]*aria-label="Filter budgets by user path"[\s\S]*x-model="budgetFilter"/,
+  );
+  assert.match(
+    indexTemplate,
+    /x-show="budgetEditing"[\s\S]*Editing a budget updates its limit only\. Use Reset to start a new budget period\./,
+  );
+  assert.match(
+    indexTemplate,
+    /class="budget-list" x-show="filteredBudgets\(\)\.length > 0[\s\S]*<template x-for="item in filteredBudgets\(\)"[\s\S]*No budgets match your filter\./,
+  );
+  assert.match(
+    indexTemplate,
+    /class="budget-source" x-text="budgetSourceLabel\(item\)" :title="budgetSourceTitle\(item\)"/,
+  );
+  assert.match(
+    indexTemplate,
+    /<div class="budget-row-actions">[\s\S]*class="table-action-btn budget-action-btn budget-action-btn-warning"[\s\S]*@click="resetBudget\(item\)"[\s\S]*Resetting\.\.\.[\s\S]*Reset[\s\S]*class="table-action-btn table-action-btn-danger budget-action-btn"[\s\S]*@click="deleteBudget\(item\)"[\s\S]*Deleting\.\.\.[\s\S]*Delete/,
+  );
+  assert.match(
+    indexTemplate,
+    /class="budget-row-head"[\s\S]*class="budget-user-path" x-text="item\.user_path"[\s\S]*class="budget-period-label" :class="budgetPeriodClass\(item\)" x-text="budgetPeriodLabel\(item\)"[\s\S]*class="budget-row-meta"/,
+  );
+  assert.match(
+    indexTemplate,
+    /:aria-label="'Budget usage: ' \+ formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\) \+ ', ' \+ budgetRemainingLabel\(item\)"[\s\S]*:style="'--budget-progress: ' \+ budgetUsagePercent\(item\) \+ '%'"[\s\S]*class="budget-bar-text budget-bar-text-center" x-text="formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="budgetRemainingLabel\(item\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
+  );
+  assert.match(
+    indexTemplate,
+    /:style="'--budget-progress: ' \+ budgetPeriodPercent\(item\) \+ '%'"[\s\S]*class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp\(item\.period_start\)" :title="timestampTimeZoneTitle\(item\.period_start\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp\(item\.period_end\)" :title="timestampTimeZoneTitle\(item\.period_end\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
+  );
+
+  const actionsRule = readCSSRule(css, ".budget-row-actions");
+  assert.match(actionsRule, /display:\s*flex/);
+  assert.match(actionsRule, /flex-direction:\s*column/);
+
+  const warningActionRule = readCSSRule(css, ".budget-action-btn-warning");
+  assert.match(warningActionRule, /color:\s*var\(--warning\)/);
+
+  const budgetBarTrackRule = readCSSRule(css, ".budget-bar-track");
+  assert.match(budgetBarTrackRule, /height:\s*14px/);
+
+  const budgetBarTextRowRule = readCSSRule(css, ".budget-bar-text-row");
+  assert.match(budgetBarTextRowRule, /position:\s*absolute/);
+  assert.match(budgetBarTextRowRule, /color:\s*var\(--text\)/);
+
+  const budgetBarTextOnFillRule = readCSSRule(css, ".budget-bar-text-row-on-fill");
+  assert.match(budgetBarTextOnFillRule, /color:\s*#fff/);
+  assert.match(budgetBarTextOnFillRule, /clip-path:\s*inset\(0 calc\(100% - var\(--budget-progress, 0%\)\) 0 0\)/);
+
+  const budgetBarTextRule = readCSSRule(css, ".budget-bar-text");
+  assert.match(budgetBarTextRule, /position:\s*absolute/);
+  assert.match(budgetBarTextRule, /max-width:\s*min\(44%, 190px\)/);
+
+  const periodLabelRule = readCSSRule(css, ".budget-period-label");
+  assert.match(periodLabelRule, /font-weight:\s*600/);
+  assert.match(periodLabelRule, /display:\s*inline-flex/);
+
+  const periodLabelMarkerRule = readCSSRule(css, ".budget-period-label::before");
+  assert.match(periodLabelMarkerRule, /background:\s*currentColor/);
+
+  const hourlyPeriodRule = readCSSRule(css, ".budget-period-label-hourly");
+  assert.match(hourlyPeriodRule, /var\(--accent\)/);
+  assert.match(css, /\.budget-period-label-daily\s*\{/);
+  assert.match(css, /\.budget-period-label-weekly\s*\{/);
+  const monthlyPeriodRule = readCSSRule(css, ".budget-period-label-monthly");
+  assert.match(monthlyPeriodRule, /var\(--accent-hover\)/);
+  assert.match(monthlyPeriodRule, /box-shadow:\s*inset 0 -2px 0/);
+  const customPeriodRule = readCSSRule(css, ".budget-period-label-custom");
+  assert.match(customPeriodRule, /border-style:\s*dashed/);
+  assert.match(customPeriodRule, /var\(--text-muted\)/);
+  const customMarkerRule = readCSSRule(css, ".budget-period-label-custom::before");
+  assert.match(customMarkerRule, /background:\s*transparent/);
+  assert.match(customMarkerRule, /border:\s*1px solid currentColor/);
+});
+
 test("usage request log toolbar puts search above the remaining filters", () => {
   const indexTemplate = readDashboardTemplateSource();
   const css = readFixture("../../css/dashboard.css");
@@ -929,6 +1063,7 @@ test("modal and conversation close controls use the shared dialog close style",
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close model access editor"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close workflow editor"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close guardrail editor"[\s\S]*{{template "x-icon"}}/);
+  assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close budget editor"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn"[\s\S]*@click="closeAuthKeyForm\(\)"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" x-ref="conversationCloseBtn" aria-label="Close interactions"[\s\S]*{{template "x-icon"}}/);
   assert.doesNotMatch(indexTemplate, /alias-close-btn/);
@@ -949,6 +1084,7 @@ test("modal escape handlers do not close editors behind the auth dialog", () =>
   assert.match(indexTemplate, /@keydown\.escape\.window="workflowFormOpen && !authDialogOpen && closeWorkflowForm\(\)"/);
   assert.match(indexTemplate, /@keydown\.escape\.window="guardrailFormOpen && !authDialogOpen && closeGuardrailForm\(\)"/);
   assert.match(indexTemplate, /@keydown\.escape\.window="authKeyFormOpen && !authDialogOpen && closeAuthKeyForm\(\)"/);
+  assert.match(indexTemplate, /@keydown\.escape\.window="budgetFormOpen && !authDialogOpen && closeBudgetForm\(\)"/);
 });
 
 test("overview interval controls are explicit non-submit buttons", () => {
diff --git a/internal/admin/dashboard/static/js/modules/timezone.js b/internal/admin/dashboard/static/js/modules/timezone.js
index be6e53a6..ccc84c13 100644
--- a/internal/admin/dashboard/static/js/modules/timezone.js
+++ b/internal/admin/dashboard/static/js/modules/timezone.js
@@ -340,6 +340,19 @@
                     return '';
                 }
                 return this.formatTimestampUTC(ts);
+            },
+
+            timestampTimeZoneTitle(ts) {
+                if (!ts || typeof this.effectiveTimeZoneLabel !== 'function') {
+                    return '';
+                }
+                const formatted = typeof this.formatTimestamp === 'function'
+                    ? this.formatTimestamp(ts)
+                    : this.formatTimestampInEffectiveTimeZone(ts);
+                if (!formatted || formatted === '-') {
+                    return '';
+                }
+                return formatted + ' ' + this.effectiveTimeZoneLabel();
             }
         };
     }
diff --git a/internal/admin/dashboard/static/js/modules/timezone.test.js b/internal/admin/dashboard/static/js/modules/timezone.test.js
index 02471e03..4a88e1a1 100644
--- a/internal/admin/dashboard/static/js/modules/timezone.test.js
+++ b/internal/admin/dashboard/static/js/modules/timezone.test.js
@@ -102,6 +102,17 @@ test('timestampTitle keeps the UTC timestamp without a duplicate prefix label',
     );
 });
 
+test('timestampTimeZoneTitle shows the timestamp in the effective timezone with its offset label', () => {
+    const module = createTimezoneModule();
+    module.detectedTimezone = 'Europe/Warsaw';
+    module.timezoneOverride = '';
+
+    assert.equal(
+        module.timestampTimeZoneTitle('2026-04-27T02:22:00Z'),
+        '2026-04-27 04:22:00 Europe/Warsaw (UTC+02:00)'
+    );
+});
+
 test('formatTimestampInTimeZone accepts a zero epoch timestamp', () => {
     const module = createTimezoneModule();
 
diff --git a/internal/admin/dashboard/static/js/modules/workflows-layout.test.js b/internal/admin/dashboard/static/js/modules/workflows-layout.test.js
index 4cf976c0..69427bc3 100644
--- a/internal/admin/dashboard/static/js/modules/workflows-layout.test.js
+++ b/internal/admin/dashboard/static/js/modules/workflows-layout.test.js
@@ -142,6 +142,17 @@ test("auth node uses the cache iconography in workflow charts", () => {
   );
 });
 
+test("budget node uses the same wallet iconography as the budget navigation item", () => {
+  const chartTemplate = readFixture("../../../templates/workflow-chart.html");
+  const sidebarTemplate = readFixture("../../../templates/sidebar.html");
+
+  assert.match(sidebarTemplate, /data-lucide="wallet" class="nav-icon"/);
+  assert.match(
+    chartTemplate,
+    /workflow-node-budget[\s\S]*?<svg viewBox="0 0 24 24"><path d="M19 7V4a1 1 0 0 0-1-1H5a2 2 0 0 0 0 4h15a1 1 0 0 1 1 1v4h-3a2 2 0 0 0 0 4h3a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1"\/><path d="M3 5v14a2 2 0 0 0 2 2h15a1 1 0 0 0 1-1v-4"\/><\/svg>/,
+  );
+});
+
 test("workflow authoring inputs expose stable accessible names", () => {
   const template = readDashboardTemplateSource();
 
@@ -268,6 +279,10 @@ test("workflow feature controls and guardrail sections are gated by global runti
     template,
     /x-show="workflowUsageVisible\(\)"[\s\S]*x-model="workflowForm\.features\.usage"/,
   );
+  assert.match(
+    template,
+    /x-show="workflowBudgetVisible\(\)"[\s\S]*x-model="workflowForm\.features\.budget"/,
+  );
   assert.match(
     template,
     /x-show="workflowGuardrailsVisible\(\)"[\s\S]*x-model="workflowForm\.features\.guardrails"/,
@@ -296,7 +311,7 @@ test("workflow editor renders a live preview card from the draft workflow state"
   );
   assert.match(
     chartTemplate,
-    /{{define "workflow-chart"}}[\s\S]*x-data="\{ chart: {{\.}} \|\| \{\} \}"[\s\S]*x-effect="chart = {{\.}} \|\| \{\}"[\s\S]*<span class="workflow-node-label">Auth<\/span>[\s\S]*x-text="chart\.authNodeSublabel"[\s\S]*x-show="chart\.showGuardrails"[\s\S]*x-show="chart\.showCache"[\s\S]*x-text="chart\.aiLabel"[\s\S]*x-show="chart\.showFailover"[\s\S]*x-text="chart\.failoverTargetLabel"/,
+    /{{define "workflow-chart"}}[\s\S]*x-data="\{ chart: {{\.}} \|\| \{\} \}"[\s\S]*x-effect="chart = {{\.}} \|\| \{\}"[\s\S]*<span class="workflow-node-label">Auth<\/span>[\s\S]*x-text="chart\.authNodeSublabel"[\s\S]*x-show="chart\.showCache"[\s\S]*x-show="chart\.showBudget"[\s\S]*x-show="chart\.showGuardrails"[\s\S]*x-text="chart\.aiLabel"[\s\S]*x-show="chart\.showFailover"[\s\S]*x-text="chart\.failoverTargetLabel"/,
   );
   assert.doesNotMatch(chartTemplate, /x-data="\{ workflow:/);
 });
@@ -443,7 +458,7 @@ test("workflow pipeline main row is flattened without workflow-left or workflow-
   assert.doesNotMatch(template, /class="workflow-step"/);
   assert.match(
     template,
-    /<div class="workflow-pipeline-row">[\s\S]*<div class="workflow-node workflow-node-endpoint">[\s\S]*<div class="workflow-conn"><\/div>[\s\S]*<div class="workflow-node workflow-node-feature workflow-node-auth"[\s\S]*<div class="workflow-conn" :class="chart\.aiConnClass"><\/div>[\s\S]*<div class="workflow-node workflow-node-ai" :class="chart\.aiNodeClass">[\s\S]*<div class="workflow-conn" :class="chart\.responseConnClass"><\/div>[\s\S]*<div class="workflow-node workflow-node-endpoint" :class="chart\.responseNodeClass">/,
+    /<div class="workflow-pipeline-row">[\s\S]*<div class="workflow-node workflow-node-endpoint">[\s\S]*<div class="workflow-conn"><\/div>[\s\S]*<div class="workflow-node workflow-node-feature workflow-node-auth"[\s\S]*<div class="workflow-conn" x-show="chart\.showCache" :class="chart\.cacheConnClass"><\/div>[\s\S]*<div class="workflow-node workflow-node-feature workflow-node-cache" x-show="chart\.showCache" :class="chart\.cacheNodeClass">[\s\S]*<div class="workflow-conn" x-show="chart\.showBudget"><\/div>[\s\S]*<div class="workflow-node workflow-node-feature workflow-node-budget" x-show="chart\.showBudget" :class="chart\.budgetNodeClass">[\s\S]*<div class="workflow-conn" :class="chart\.aiConnClass"><\/div>[\s\S]*<div class="workflow-node workflow-node-ai" :class="chart\.aiNodeClass">[\s\S]*<div class="workflow-conn" :class="chart\.responseConnClass"><\/div>[\s\S]*<div class="workflow-node workflow-node-endpoint" :class="chart\.responseNodeClass">/,
   );
   assert.doesNotMatch(css, /\.workflow-left\s*,/);
   assert.doesNotMatch(css, /\.workflow-right\s*\{/);
diff --git a/internal/admin/dashboard/static/js/modules/workflows.js b/internal/admin/dashboard/static/js/modules/workflows.js
index f330cbc2..617bd13b 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.js
@@ -53,6 +53,7 @@
                     cache: true,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: false,
                     fallback: true
                 },
@@ -70,6 +71,7 @@
                         cache: true,
                         audit: true,
                         usage: true,
+                        budget: true,
                         guardrails: false,
                         fallback: true
                     },
@@ -125,6 +127,10 @@
 	                return this.workflowRuntimeBooleanFlag('USAGE_ENABLED', true);
 	            },
 
+	            workflowBudgetVisible() {
+	                return this.workflowRuntimeBooleanFlag('BUDGETS_ENABLED', true);
+	            },
+
 	            workflowGuardrailsVisible() {
 	                return this.workflowRuntimeBooleanFlag('GUARDRAILS_ENABLED', true);
 	            },
@@ -134,6 +140,7 @@
 	                    cache: this.workflowCacheVisible(),
 	                    audit: this.workflowAuditVisible(),
 	                    usage: this.workflowUsageVisible(),
+	                    budget: this.workflowBudgetVisible(),
 	                    guardrails: this.workflowGuardrailsVisible()
 	                };
 	            },
@@ -168,6 +175,7 @@
 	                    cache: !!this.workflowReadFeatureFlag(raw, 'cache', false),
 	                    audit: !!this.workflowReadFeatureFlag(raw, 'audit', false),
 	                    usage: !!this.workflowReadFeatureFlag(raw, 'usage', false),
+	                    budget: this.workflowReadFeatureFlag(raw, 'budget', true) !== false,
 	                    guardrails: !!this.workflowReadFeatureFlag(raw, 'guardrails', false),
 	                    fallback: this.workflowReadFeatureFlag(raw, 'fallback', true) !== false
 	                };
@@ -180,6 +188,7 @@
 	                    cache: features.cache && caps.cache,
 	                    audit: features.audit && caps.audit,
 	                    usage: features.usage && caps.usage,
+	                    budget: features.budget && caps.budget,
 	                    guardrails: features.guardrails && caps.guardrails,
 	                    fallback: features.fallback
 	                };
@@ -410,6 +419,7 @@
                             cache: !!features.cache,
                             audit: !!features.audit,
                             usage: !!features.usage,
+                            budget: !!features.budget,
                             guardrails: guardrailsEnabled,
                             fallback: !!features.fallback
                         },
@@ -560,6 +570,7 @@
                         cache: !!features.cache,
                         audit: !!features.audit,
                         usage: !!features.usage,
+                        budget: !!features.budget,
                         guardrails: !!features.guardrails,
                         fallback: !!features.fallback
                     },
@@ -707,6 +718,7 @@
                             cache: !!features.cache,
                             audit: !!features.audit,
                             usage: !!features.usage,
+                            budget: !!features.budget,
                             guardrails: !!features.guardrails
                         },
                         guardrails
@@ -1193,6 +1205,7 @@
                     : this.workflowSourceFeatures(source);
                 const forceAudit = !!config.forceAudit;
                 const highlightAsyncPresent = !!config.highlightAsyncPresent;
+                const showBudget = !!features.budget || this.workflowRuntimeBudgetExceeded(runtime);
                 const showGuardrails = !!features.guardrails;
                 const showUsage = !!features.usage;
                 const showAudit = forceAudit || !!features.audit;
@@ -1200,6 +1213,9 @@
                 const showFailover = !!features.fallback || this.workflowRuntimeUsedFailover(runtime);
                 const workflowID = this.workflowChartWorkflowID(source, config.entry);
                 return {
+                    showBudget,
+                    budgetNodeClass: this.workflowBudgetNodeClass(showBudget, runtime, highlightAsyncPresent),
+                    budgetStatusLabel: this.workflowBudgetStatusLabel(runtime),
                     showGuardrails,
                     guardrailLabel: showGuardrails ? this.workflowGuardrailLabel(source) : '',
                     showCache: !!config.forceCache || !!features.cache || this.workflowRuntimeHasCache(runtime),
@@ -1243,6 +1259,7 @@
                             cache: false,
                             audit: false,
                             usage: false,
+                            budget: false,
                             guardrails: false,
                             fallback: false
                         });
@@ -1263,7 +1280,8 @@
             //   model,
             //   statusCode: number|null,
             //   responseSuccess: bool,
-            //   aiSuccess: bool
+            //   aiSuccess: bool,
+            //   budgetExceeded: bool
             // }
             workflowRuntimeHasCache(runtime) {
                 return !!(runtime && runtime.cacheHit);
@@ -1273,6 +1291,10 @@
                 return !!(runtime && runtime.failoverTarget);
             },
 
+            workflowRuntimeBudgetExceeded(runtime) {
+                return !!(runtime && runtime.budgetExceeded);
+            },
+
             workflowShowCacheStep(source, runtime) {
                 return this.workflowHasCache(source) || this.workflowRuntimeHasCache(runtime);
             },
@@ -1291,6 +1313,16 @@
                 return 'Hit (Exact)';
             },
 
+            workflowBudgetNodeClass(visible, runtime, highlightPresent) {
+                if (!visible) return '';
+                if (this.workflowRuntimeBudgetExceeded(runtime)) return 'workflow-node-error';
+                return highlightPresent ? 'workflow-node-success' : '';
+            },
+
+            workflowBudgetStatusLabel(runtime) {
+                return this.workflowRuntimeBudgetExceeded(runtime) ? 'Exceeded' : null;
+            },
+
             workflowFailoverNodeClass(runtime) {
                 if (runtime && runtime.cacheHit) return 'workflow-node-skipped';
                 return runtime && runtime.failoverTarget ? 'workflow-node-success' : '';
@@ -1355,6 +1387,48 @@
                 return runtime.authMethod;
             },
 
+            workflowEntryErrorCode(entry) {
+                const data = entry && entry.data && typeof entry.data === 'object' && !Array.isArray(entry.data)
+                    ? entry.data
+                    : {};
+                const direct = String(data.error_code || data.errorCode || '').trim();
+                if (direct) return direct;
+                return this.workflowNestedErrorCode(data.response_body);
+            },
+
+            workflowNestedErrorCode(value, depth = 0) {
+                if (depth > 4 || value === null || value === undefined) {
+                    return '';
+                }
+                if (typeof value === 'string') {
+                    const trimmed = value.trim();
+                    if (!trimmed || (trimmed[0] !== '{' && trimmed[0] !== '[')) {
+                        return '';
+                    }
+                    try {
+                        return this.workflowNestedErrorCode(JSON.parse(trimmed), depth + 1);
+                    } catch (_) {
+                        return '';
+                    }
+                }
+                if (Array.isArray(value)) {
+                    for (const item of value) {
+                        const code = this.workflowNestedErrorCode(item, depth + 1);
+                        if (code) return code;
+                    }
+                    return '';
+                }
+                if (typeof value !== 'object') {
+                    return '';
+                }
+                const code = String(value.code || '').trim();
+                if (code) return code;
+                if (value.error !== undefined) {
+                    return this.workflowNestedErrorCode(value.error, depth + 1);
+                }
+                return '';
+            },
+
             workflowAsyncNodeClass(visible, highlightPresent) {
                 return visible && highlightPresent ? 'workflow-node-success' : '';
             },
@@ -1428,6 +1502,7 @@
                 const responseSuccess = Number.isFinite(statusCode) && statusCode >= 200 && statusCode < 300;
                 const authError = String(entry.error_type || '').trim().toLowerCase() === 'authentication_error';
                 const authMethod = String(entry.auth_method || '').trim().toLowerCase() || null;
+                const budgetExceeded = this.workflowEntryErrorCode(entry).toLowerCase() === 'budget_exceeded';
                 return {
                     cacheHit,
                     cacheType: normalizedCacheType || null,
@@ -1438,7 +1513,8 @@
                     responseSuccess,
                     aiSuccess: responseSuccess && !cacheHit,
                     authError,
-                    authMethod
+                    authMethod,
+                    budgetExceeded
                 };
             },
 
diff --git a/internal/admin/dashboard/static/js/modules/workflows.test.js b/internal/admin/dashboard/static/js/modules/workflows.test.js
index 2ad11bb2..e2a0acb0 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.test.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.test.js
@@ -66,7 +66,9 @@ test('defaultWorkflowForm starts fallback enabled for new workflows', () => {
     const module = createWorkflowsModule();
 
     assert.equal(module.workflowForm.features.fallback, true);
+    assert.equal(module.workflowForm.features.budget, true);
     assert.equal(module.defaultWorkflowForm().features.fallback, true);
+    assert.equal(module.defaultWorkflowForm().features.budget, true);
 });
 
 test('workflowPreview mirrors the draft workflow card state from the editor form', () => {
@@ -106,6 +108,7 @@ test('workflowPreview mirrors the draft workflow card state from the editor form
                     cache: true,
                     audit: false,
                     usage: true,
+                    budget: true,
                     guardrails: true,
                     fallback: false
                 },
@@ -154,6 +157,7 @@ test('workflowPreview renders path-scoped draft labels using canonical scope dis
                     cache: true,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: false,
                     fallback: false
                 },
@@ -203,6 +207,7 @@ test('workflowChart returns the shared chart contract for workflow sources', ()
                     cache: true,
                     audit: true,
                     usage: false,
+                    budget: true,
                     guardrails: true,
                     fallback: true
                 },
@@ -213,6 +218,9 @@ test('workflowChart returns the shared chart contract for workflow sources', ()
             }
         })),
         JSON.stringify({
+            showBudget: true,
+            budgetNodeClass: '',
+            budgetStatusLabel: null,
             showGuardrails: true,
             guardrailLabel: '2 steps',
             showCache: true,
@@ -249,6 +257,7 @@ test('workflowChart masks globally disabled workflow features from persisted wor
         FEATURE_FALLBACK_MODE: 'off',
         LOGGING_ENABLED: 'off',
         USAGE_ENABLED: 'off',
+        BUDGETS_ENABLED: 'off',
         GUARDRAILS_ENABLED: 'off',
         REDIS_URL: 'off',
         SEMANTIC_CACHE_ENABLED: 'off'
@@ -265,6 +274,7 @@ test('workflowChart masks globally disabled workflow features from persisted wor
                     cache: true,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: true,
                     fallback: true
                 },
@@ -274,6 +284,9 @@ test('workflowChart masks globally disabled workflow features from persisted wor
             }
         })),
         JSON.stringify({
+            showBudget: false,
+            budgetNodeClass: '',
+            budgetStatusLabel: null,
             showGuardrails: false,
             guardrailLabel: '',
             showCache: false,
@@ -405,6 +418,7 @@ test('workflowAuditChart returns the shared chart contract for audit runtime ent
                     cache: false,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: true,
                     fallback: true
                 },
@@ -424,6 +438,9 @@ test('workflowAuditChart returns the shared chart contract for audit runtime ent
             status_code: 200
         })),
         JSON.stringify({
+            showBudget: true,
+            budgetNodeClass: 'workflow-node-success',
+            budgetStatusLabel: null,
             showGuardrails: true,
             guardrailLabel: '1 step',
             showCache: true,
@@ -466,6 +483,9 @@ test('workflowAuditChart forces audit nodes even when the workflow version canno
             status_code: 200
         })),
         JSON.stringify({
+            showBudget: false,
+            budgetNodeClass: '',
+            budgetStatusLabel: null,
             showGuardrails: false,
             guardrailLabel: '',
             showCache: true,
@@ -510,6 +530,7 @@ test('workflowAuditChart prefers request-time workflow features over current wor
                     cache: true,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: true,
                     fallback: true
                 },
@@ -531,12 +552,16 @@ test('workflowAuditChart prefers request-time workflow features over current wor
                     cache: false,
                     audit: true,
                     usage: false,
+                    budget: false,
                     guardrails: false,
                     fallback: true
                 }
             }
         })),
         JSON.stringify({
+            showBudget: false,
+            budgetNodeClass: '',
+            budgetStatusLabel: null,
             showGuardrails: false,
             guardrailLabel: '',
             showCache: false,
@@ -581,6 +606,7 @@ test('workflowAuditChart highlights configured failover redirects and exposes th
                     cache: false,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: false,
                     fallback: true
                 },
@@ -600,6 +626,7 @@ test('workflowAuditChart highlights configured failover redirects and exposes th
                     cache: false,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: false,
                     fallback: true
                 },
@@ -609,6 +636,9 @@ test('workflowAuditChart highlights configured failover redirects and exposes th
             }
         })),
         JSON.stringify({
+            showBudget: true,
+            budgetNodeClass: 'workflow-node-success',
+            budgetStatusLabel: null,
             showGuardrails: false,
             guardrailLabel: '',
             showCache: false,
@@ -675,7 +705,8 @@ test('workflowRuntimeFromEntry preserves the primary route for cross-provider fa
             responseSuccess: true,
             aiSuccess: true,
             authError: false,
-            authMethod: null
+            authMethod: null,
+            budgetExceeded: false
         })
     );
 });
@@ -796,6 +827,7 @@ test('buildWorkflowRequest emits provider-model payload and strips guardrails wh
                     cache: true,
                     audit: true,
                     usage: true,
+                    budget: true,
                     guardrails: false,
                     fallback: false
                 },
@@ -811,6 +843,7 @@ test('openWorkflowCreate hydrates features and guardrails via shared normalizers
         cache: false,
         audit: false,
         usage: true,
+        budget: false,
         guardrails: true,
         fallback: false
     });
@@ -846,6 +879,7 @@ test('openWorkflowCreate hydrates features and guardrails via shared normalizers
             cache: false,
             audit: false,
             usage: true,
+            budget: false,
             guardrails: true,
             fallback: false
         })
@@ -1053,6 +1087,7 @@ test('workflowSourceFeatures defaults fallback to true when omitted', () => {
             cache: true,
             audit: false,
             usage: true,
+            budget: true,
             guardrails: false,
             fallback: true
         })
@@ -1077,6 +1112,7 @@ test('workflowSourceFeatures respects effective runtime features for persisted w
                 cache: false,
                 audit: false,
                 usage: true,
+                budget: true,
                 guardrails: false,
                 fallback: false
             }
@@ -1085,6 +1121,7 @@ test('workflowSourceFeatures respects effective runtime features for persisted w
             cache: false,
             audit: false,
             usage: true,
+            budget: true,
             guardrails: false,
             fallback: true
         })
@@ -1097,6 +1134,7 @@ test('workflowSourceFeatures masks raw workflow features by global runtime confi
         FEATURE_FALLBACK_MODE: 'off',
         LOGGING_ENABLED: 'off',
         USAGE_ENABLED: 'off',
+        BUDGETS_ENABLED: 'off',
         GUARDRAILS_ENABLED: 'off',
         REDIS_URL: 'off',
         SEMANTIC_CACHE_ENABLED: 'off'
@@ -1118,6 +1156,7 @@ test('workflowSourceFeatures masks raw workflow features by global runtime confi
             cache: false,
             audit: false,
             usage: false,
+            budget: false,
             guardrails: false,
             fallback: true
         })
@@ -1135,6 +1174,7 @@ test('fetchWorkflowRuntimeConfig loads FEATURE_FALLBACK_MODE from the admin conf
                     FEATURE_FALLBACK_MODE: 'manual',
                     LOGGING_ENABLED: 'on',
                     USAGE_ENABLED: 'off',
+                    BUDGETS_ENABLED: 'on',
                     GUARDRAILS_ENABLED: 'on',
                     REDIS_URL: 'on',
                     SEMANTIC_CACHE_ENABLED: 'off',
@@ -1154,6 +1194,7 @@ test('fetchWorkflowRuntimeConfig loads FEATURE_FALLBACK_MODE from the admin conf
             FEATURE_FALLBACK_MODE: 'manual',
             LOGGING_ENABLED: 'on',
             USAGE_ENABLED: 'off',
+            BUDGETS_ENABLED: 'on',
             GUARDRAILS_ENABLED: 'on',
             REDIS_URL: 'on',
             SEMANTIC_CACHE_ENABLED: 'off'
@@ -1251,6 +1292,7 @@ test('buildWorkflowRequest omits fallback for new workflows when the control is
             cache: true,
             audit: true,
             usage: true,
+            budget: true,
             guardrails: false
         })
     );
@@ -1292,6 +1334,7 @@ test('buildWorkflowRequest preserves fallback state for hydrated workflows even
             cache: true,
             audit: true,
             usage: true,
+            budget: true,
             guardrails: false,
             fallback: false
         })
@@ -1350,6 +1393,7 @@ test('buildWorkflowRequest preserves hidden fallback for fresh save flows that m
             cache: true,
             audit: true,
             usage: true,
+            budget: true,
             guardrails: false,
             fallback: false
         })
@@ -1392,6 +1436,7 @@ test('buildWorkflowRequest omits hidden fallback when a hydrated workflow is ret
             cache: true,
             audit: true,
             usage: true,
+            budget: true,
             guardrails: false
         })
     );
@@ -1403,6 +1448,7 @@ test('buildWorkflowRequest clamps globally disabled workflow features off even w
         FEATURE_FALLBACK_MODE: 'off',
         LOGGING_ENABLED: 'off',
         USAGE_ENABLED: 'off',
+        BUDGETS_ENABLED: 'off',
         GUARDRAILS_ENABLED: 'off',
         REDIS_URL: 'off',
         SEMANTIC_CACHE_ENABLED: 'off'
@@ -1437,6 +1483,7 @@ test('buildWorkflowRequest clamps globally disabled workflow features off even w
                     cache: false,
                     audit: false,
                     usage: false,
+                    budget: false,
                     guardrails: false
                 },
                 guardrails: []
@@ -1875,7 +1922,8 @@ test('workflowRuntimeFromEntry derives cache hit state from cache_type without r
             responseSuccess: false,
             aiSuccess: false,
             authError: false,
-            authMethod: null
+            authMethod: null,
+            budgetExceeded: false
         })
     );
 
@@ -1891,7 +1939,8 @@ test('workflowRuntimeFromEntry derives cache hit state from cache_type without r
             responseSuccess: false,
             aiSuccess: false,
             authError: false,
-            authMethod: null
+            authMethod: null,
+            budgetExceeded: false
         })
     );
 
@@ -1907,7 +1956,8 @@ test('workflowRuntimeFromEntry derives cache hit state from cache_type without r
             responseSuccess: false,
             aiSuccess: false,
             authError: false,
-            authMethod: null
+            authMethod: null,
+            budgetExceeded: false
         })
     );
 });
@@ -1996,7 +2046,8 @@ test('workflowRuntimeFromEntry treats any uncached 2xx status as a successful AI
             responseSuccess: true,
             aiSuccess: true,
             authError: false,
-            authMethod: null
+            authMethod: null,
+            budgetExceeded: false
         })
     );
 });
@@ -2019,6 +2070,45 @@ test('auth runtime highlights auth node state from audit entries', () => {
     assert.equal(module.workflowAuthNodeSublabel(masterKeyAuth), 'master_key');
 });
 
+test('budget runtime highlights audit budget node success and exceeded states', () => {
+    const module = createWorkflowsModule();
+
+    const successfulBudget = module.workflowRuntimeFromEntry({
+        status_code: 200,
+        data: {
+            workflow_features: {
+                budget: true
+            }
+        }
+    });
+    assert.equal(module.workflowBudgetNodeClass(true, successfulBudget, true), 'workflow-node-success');
+    assert.equal(module.workflowBudgetStatusLabel(successfulBudget), null);
+
+    const exceededBudget = module.workflowRuntimeFromEntry({
+        status_code: 429,
+        data: {
+            error_code: 'budget_exceeded',
+            workflow_features: {
+                budget: true
+            }
+        }
+    });
+    assert.equal(exceededBudget.budgetExceeded, true);
+    assert.equal(module.workflowBudgetNodeClass(true, exceededBudget, true), 'workflow-node-error');
+    assert.equal(module.workflowBudgetStatusLabel(exceededBudget), 'Exceeded');
+
+    const chart = module.workflowAuditChart({
+        workflow_version_id: 'missing-budget-workflow',
+        status_code: 429,
+        data: {
+            error_code: 'budget_exceeded'
+        }
+    });
+    assert.equal(chart.showBudget, true);
+    assert.equal(chart.budgetNodeClass, 'workflow-node-error');
+    assert.equal(chart.budgetStatusLabel, 'Exceeded');
+});
+
 test('auditEntryWorkflow prefers an exact historical workflow version cache over active workflows', () => {
     const module = createWorkflowsModule();
     module.workflows = [
diff --git a/internal/admin/dashboard/templates/index.html b/internal/admin/dashboard/templates/index.html
index e8fc96f8..a2245a7b 100644
--- a/internal/admin/dashboard/templates/index.html
+++ b/internal/admin/dashboard/templates/index.html
@@ -1,6 +1,7 @@
 {{define "index"}}
 {{template "dashboard-page-overview" .}}
 {{template "dashboard-page-usage" .}}
+{{template "dashboard-page-budgets" .}}
 {{template "dashboard-page-settings" .}}
 {{template "dashboard-page-guardrails" .}}
 {{template "dashboard-page-auth-keys" .}}
diff --git a/internal/admin/dashboard/templates/page-budgets.html b/internal/admin/dashboard/templates/page-budgets.html
new file mode 100644
index 00000000..4d588b20
--- /dev/null
+++ b/internal/admin/dashboard/templates/page-budgets.html
@@ -0,0 +1,233 @@
+{{define "dashboard-page-budgets"}}
+<!-- Budgets Page -->
+<template x-if="page==='budgets'">
+<div>
+    <div class="page-header">
+        <div>
+            <div class="inline-help-section" x-data="{ open: false, copyId: 'budgets-help-copy', showLabel: 'Show budgets help', hideLabel: 'Hide budgets help', text: 'Budgets are evaluated from tracked usage cost records for each user path subtree. Enforcement runs only when Budget is enabled for the active workflow.' }">
+                <div class="inline-help-title-row">
+                    <h2>Budgets</h2>
+                    {{template "inline-help-toggle" .}}
+                </div>
+                <p :id="copyId" class="inline-help-copy" x-show="open" x-transition.opacity.duration.200ms x-text="text"></p>
+            </div>
+        </div>
+        <div class="page-header-controls">
+            <button type="button"
+                    class="pagination-btn pagination-btn-primary pagination-btn-with-icon"
+                    x-show="budgetManagementEnabled() && budgetsAvailable && !authError"
+                    :disabled="budgetFormSubmitting"
+                    @click="openBudgetForm()">
+                <i data-lucide="plus" class="form-action-icon" aria-hidden="true"></i>
+                <span>Create Budget</span>
+            </button>
+        </div>
+    </div>
+
+    {{template "auth-banner" .}}
+
+    <div class="alert alert-warning" x-show="(!budgetManagementEnabled() || !budgetsAvailable) && !authError">
+        Budget management is unavailable.
+    </div>
+    <p class="form-error" x-show="budgetError && !authError && !budgetFormOpen" x-text="budgetError" role="alert" aria-live="assertive"></p>
+    <div class="alert alert-success" x-show="budgetNotice && !budgetFormOpen" x-text="budgetNotice" role="status" aria-live="polite"></div>
+    <div class="loading-state" x-show="budgetsLoading && !authError">
+        <div class="loading-spinner"></div>
+        <span>Loading budgets...</span>
+    </div>
+
+    <div class="table-toolbar" x-show="(budgets.length > 0 || budgetFilter) && budgetsAvailable && !authError && !budgetFormOpen">
+        <div class="table-toolbar-main">
+            <div class="filter-input-wrap">
+                <i data-lucide="search" class="filter-input-icon" aria-hidden="true"></i>
+                <input type="text"
+                       id="budget-filter"
+                       class="filter-input"
+                       placeholder="Filter by user path..."
+                       aria-label="Filter budgets by user path"
+                       x-model="budgetFilter">
+            </div>
+        </div>
+    </div>
+
+    <div class="editor-modal-backdrop"
+         x-cloak
+         x-show="budgetFormOpen"
+         x-transition.opacity.duration.160ms
+         aria-hidden="true"></div>
+    <div class="editor-modal-shell"
+         x-cloak
+         x-show="budgetFormOpen"
+         x-transition.opacity.duration.160ms
+         @click="closeBudgetForm()"
+         @keydown.escape.window="budgetFormOpen && !authDialogOpen && closeBudgetForm()">
+        <div class="model-editor budget-editor" x-show="budgetFormOpen" role="dialog" aria-modal="true" aria-label="Budget editor" @click.stop>
+            <form class="form" @submit.prevent="submitBudgetForm()">
+                <div class="editor-header">
+                    <div>
+                        <h3 x-text="budgetEditing ? 'Edit Budget' : 'Create Budget'">Create Budget</h3>
+                    </div>
+                    <button type="button" class="dialog-close-btn" aria-label="Close budget editor" @click="closeBudgetForm()">
+                        {{template "x-icon"}}
+                    </button>
+                </div>
+
+                <div class="form-grid">
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-user-path">User Path</label>
+                        <input id="budget-user-path"
+                               class="form-input"
+                               type="text"
+                               placeholder="/team/alpha"
+                               x-ref="budgetUserPathInput"
+                               x-model="budgetForm.user_path"
+                               :disabled="budgetEditing">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-period">Period</label>
+                        <select id="budget-period"
+                                class="usage-log-select settings-select"
+                                x-model="budgetForm.period"
+                                :disabled="budgetEditing"
+                                @change="syncBudgetPeriodSeconds()">
+                            <template x-for="option in budgetPeriodOptions()" :key="option.value">
+                                <option :value="option.value" x-text="option.label"></option>
+                            </template>
+                        </select>
+                    </div>
+                    <div class="form-field" x-show="budgetForm.period === 'custom'">
+                        <label class="form-field-label" for="budget-period-seconds">Period Seconds</label>
+                        <input id="budget-period-seconds"
+                               class="form-input"
+                               type="number"
+                               min="1"
+                               step="1"
+                               x-model.number="budgetForm.period_seconds"
+                               :disabled="budgetEditing">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-amount">Amount</label>
+                        <input id="budget-amount"
+                               class="form-input"
+                               type="number"
+                               min="0"
+                               step="0.0001"
+                               placeholder="10.00"
+                               x-ref="budgetAmountInput"
+                               x-model="budgetForm.amount">
+                    </div>
+                </div>
+                <p class="form-hint" x-show="budgetEditing">
+                    Editing a budget updates its limit only. Use Reset to start a new budget period.
+                </p>
+
+                <p class="form-error" x-show="budgetFormError" x-text="budgetFormError" role="alert" aria-live="assertive"></p>
+                <div class="form-actions">
+                    <button type="button" class="pagination-btn" @click="closeBudgetForm()">Cancel</button>
+                    <button type="submit" class="pagination-btn pagination-btn-primary pagination-btn-with-icon" :disabled="budgetFormSubmitting">
+                        <i data-lucide="save" class="form-action-icon" aria-hidden="true"></i>
+                        <span x-text="budgetFormSubmitting ? 'Saving...' : 'Save Budget'">Save Budget</span>
+                    </button>
+                </div>
+            </form>
+        </div>
+    </div>
+
+    <div class="budget-list" x-show="filteredBudgets().length > 0 && budgetsAvailable && !authError">
+        <template x-for="item in filteredBudgets()" :key="budgetKey(item)">
+            <section class="budget-row">
+                <div class="budget-row-main">
+                    <div class="budget-row-head">
+                        <code class="budget-user-path" x-text="item.user_path"></code>
+                        <span class="budget-period-label" :class="budgetPeriodClass(item)" x-text="budgetPeriodLabel(item)"></span>
+                        <div class="budget-row-meta">
+                            <span class="budget-source" x-text="budgetSourceLabel(item)" :title="budgetSourceTitle(item)"></span>
+                        </div>
+                    </div>
+                    <div class="budget-bars">
+                        <div class="budget-bar-line">
+                            <div class="budget-bar-label">
+                                <span>Usage</span>
+                                <span x-text="budgetUsagePercentLabel(item)"></span>
+                            </div>
+                            <div class="budget-bar-track"
+                                 role="progressbar"
+                                 aria-valuemin="0"
+                                 aria-valuemax="100"
+                                 :aria-valuenow="budgetUsagePercent(item)"
+                                 :aria-label="'Budget usage: ' + formatCost(item.spent) + ' of ' + formatCost(item.amount) + ', ' + budgetRemainingLabel(item)"
+                                 :style="'--budget-progress: ' + budgetUsagePercent(item) + '%'">
+                                <div class="budget-bar-fill budget-bar-fill-usage"
+                                     :class="{ 'budget-bar-fill-danger': budgetUsageRatio(item) >= 1 }"
+                                     style="width: var(--budget-progress)"></div>
+                                <span class="budget-bar-text-row">
+                                    <span class="budget-bar-text budget-bar-text-center" x-text="formatCost(item.spent) + ' of ' + formatCost(item.amount)"></span>
+                                    <span class="budget-bar-text budget-bar-text-end" x-text="budgetRemainingLabel(item)"></span>
+                                </span>
+                                <span class="budget-bar-text-row budget-bar-text-row-on-fill" aria-hidden="true">
+                                    <span class="budget-bar-text budget-bar-text-center" x-text="formatCost(item.spent) + ' of ' + formatCost(item.amount)"></span>
+                                    <span class="budget-bar-text budget-bar-text-end" x-text="budgetRemainingLabel(item)"></span>
+                                </span>
+                            </div>
+                        </div>
+                        <div class="budget-bar-line">
+                            <div class="budget-bar-label">
+                                <span>Period</span>
+                                <span x-text="budgetPeriodPercentLabel(item)"></span>
+                            </div>
+                            <div class="budget-bar-track"
+                                 role="progressbar"
+                                 aria-label="Budget period elapsed"
+                                 aria-valuemin="0"
+                                 aria-valuemax="100"
+                                 :aria-valuenow="budgetPeriodPercent(item)"
+                                 :style="'--budget-progress: ' + budgetPeriodPercent(item) + '%'">
+                                <div class="budget-bar-fill budget-bar-fill-period"
+                                     style="width: var(--budget-progress)"></div>
+                                <span class="budget-bar-text-row">
+                                    <span class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp(item.period_start)" :title="timestampTimeZoneTitle(item.period_start)"></span>
+                                    <span class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp(item.period_end)" :title="timestampTimeZoneTitle(item.period_end)"></span>
+                                </span>
+                                <span class="budget-bar-text-row budget-bar-text-row-on-fill" aria-hidden="true">
+                                    <span class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp(item.period_start)"></span>
+                                    <span class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp(item.period_end)"></span>
+                                </span>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+                <div class="budget-row-actions">
+                    <button type="button" class="table-action-btn budget-action-btn" @click="openBudgetForm(item)">
+                        <i data-lucide="pencil" class="budget-action-icon" aria-hidden="true"></i>
+                        <span>Edit</span>
+                    </button>
+                    <button type="button"
+                            class="table-action-btn budget-action-btn budget-action-btn-warning"
+                            :disabled="budgetResettingKey === budgetKey(item)"
+                            @click="resetBudget(item)">
+                        <i data-lucide="rotate-ccw" class="budget-action-icon" aria-hidden="true"></i>
+                        <span x-text="budgetResettingKey === budgetKey(item) ? 'Resetting...' : 'Reset'">Reset</span>
+                    </button>
+                    <button type="button"
+                            class="table-action-btn table-action-btn-danger budget-action-btn"
+                            :disabled="budgetDeletingKey === budgetKey(item)"
+                            @click="deleteBudget(item)">
+                        <i data-lucide="trash-2" class="budget-action-icon" aria-hidden="true"></i>
+                        <span x-text="budgetDeletingKey === budgetKey(item) ? 'Deleting...' : 'Delete'">Delete</span>
+                    </button>
+                </div>
+            </section>
+        </template>
+    </div>
+
+    <p class="empty-state"
+       x-show="budgets.length === 0 && !budgetFilter && !budgetsLoading && !authError && !budgetError && budgetsAvailable && budgetManagementEnabled()">
+        No budgets configured yet.
+    </p>
+    <p class="empty-state"
+       x-show="budgets.length > 0 && filteredBudgets().length === 0 && budgetFilter && !budgetsLoading && !authError && !budgetError && budgetsAvailable && budgetManagementEnabled()">
+        No budgets match your filter.
+    </p>
+</div>
+</template>
+{{end}}
diff --git a/internal/admin/dashboard/templates/page-settings.html b/internal/admin/dashboard/templates/page-settings.html
index db7de69e..fbd2c357 100644
--- a/internal/admin/dashboard/templates/page-settings.html
+++ b/internal/admin/dashboard/templates/page-settings.html
@@ -44,42 +44,62 @@ <h3>Budget Resets</h3>
                 </div>
                 <p :id="copyId" class="inline-help-copy" x-show="open" x-transition.opacity.duration.200ms x-text="text"></p>
             </div>
-            <div class="settings-form-grid budget-settings-grid">
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-daily-hour">Daily Reset Hour</label>
-                    <input id="budget-daily-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.daily_reset_hour">
-                </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-daily-minute">Daily Reset Minute</label>
-                    <input id="budget-daily-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.daily_reset_minute">
-                </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-weekly-day">Weekly Reset Day</label>
-                    <select id="budget-weekly-day" class="usage-log-select settings-select" x-model.number="budgetSettings.weekly_reset_weekday">
-                        <template x-for="day in budgetWeekdays()" :key="day.value">
-                            <option :value="day.value" x-text="day.label"></option>
-                        </template>
-                    </select>
-                </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-weekly-hour">Weekly Reset Hour</label>
-                    <input id="budget-weekly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.weekly_reset_hour">
-                </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-weekly-minute">Weekly Reset Minute</label>
-                    <input id="budget-weekly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.weekly_reset_minute">
-                </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-monthly-day">Monthly Reset Day</label>
-                    <input id="budget-monthly-day" class="form-input" type="number" min="1" max="31" step="1" x-model.number="budgetSettings.monthly_reset_day">
+            <div class="budget-settings-grid">
+                <div class="budget-settings-row" x-data="{ open: false, copyId: 'budget-monthly-day-help-copy', showLabel: 'Show day of month help', hideLabel: 'Hide day of month help', text: 'If the selected day does not exist in a month, the reset runs on the last day of that month.' }">
+                    <div class="budget-settings-period">Monthly</div>
+                    <div class="form-field">
+                        <div class="inline-help-section">
+                            <div class="inline-help-title-row">
+                                <label class="form-field-label" for="budget-monthly-day">Day of Month</label>
+                                {{template "inline-help-toggle" .}}
+                            </div>
+                        </div>
+                        <input id="budget-monthly-day" class="form-input" type="number" min="1" max="31" step="1" x-model.number="budgetSettings.monthly_reset_day" aria-describedby="budget-monthly-day-help-copy">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-monthly-hour">Hour</label>
+                        <input id="budget-monthly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.monthly_reset_hour">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-monthly-minute">Minute</label>
+                        <input id="budget-monthly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.monthly_reset_minute">
+                    </div>
+                    <div class="budget-settings-help-cell">
+                        <p :id="copyId" class="inline-help-copy" x-show="open" x-transition.opacity.duration.200ms x-text="text"></p>
+                    </div>
                 </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-monthly-hour">Monthly Reset Hour</label>
-                    <input id="budget-monthly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.monthly_reset_hour">
+                <div class="budget-settings-row">
+                    <div class="budget-settings-period">Weekly</div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-weekly-day">Day of Week</label>
+                        <select id="budget-weekly-day" class="usage-log-select settings-select" x-model.number="budgetSettings.weekly_reset_weekday">
+                            <template x-for="day in budgetWeekdays()" :key="day.value">
+                                <option :value="day.value" x-text="day.label"></option>
+                            </template>
+                        </select>
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-weekly-hour">Hour</label>
+                        <input id="budget-weekly-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.weekly_reset_hour">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-weekly-minute">Minute</label>
+                        <input id="budget-weekly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.weekly_reset_minute">
+                    </div>
+                    <div class="budget-settings-help-cell" aria-hidden="true"></div>
                 </div>
-                <div class="form-field">
-                    <label class="form-field-label" for="budget-monthly-minute">Monthly Reset Minute</label>
-                    <input id="budget-monthly-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.monthly_reset_minute">
+                <div class="budget-settings-row">
+                    <div class="budget-settings-period">Daily</div>
+                    <div class="budget-settings-spacer" aria-hidden="true"></div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-daily-hour">Hour</label>
+                        <input id="budget-daily-hour" class="form-input" type="number" min="0" max="23" step="1" x-model.number="budgetSettings.daily_reset_hour">
+                    </div>
+                    <div class="form-field">
+                        <label class="form-field-label" for="budget-daily-minute">Minute</label>
+                        <input id="budget-daily-minute" class="form-input" type="number" min="0" max="59" step="1" x-model.number="budgetSettings.daily_reset_minute">
+                    </div>
+                    <div class="budget-settings-help-cell" aria-hidden="true"></div>
                 </div>
             </div>
             <div class="settings-refresh-actions budget-settings-actions">
@@ -92,6 +112,15 @@ <h3>Budget Resets</h3>
                     <i data-lucide="save" class="form-action-icon" aria-hidden="true"></i>
                     <span>Save Budget Settings</span>
                 </button>
+            </div>
+        </div>
+
+        <div class="settings-refresh-section budget-reset-all-section" x-show="budgetManagementEnabled()">
+            <div>
+                <h3>Reset All Budgets</h3>
+                <p>Start new budget periods for every configured budget without changing the limits.</p>
+            </div>
+            <div class="settings-refresh-actions budget-settings-actions">
                 <button type="button"
                         class="pagination-btn pagination-btn-danger pagination-btn-with-icon"
                         :disabled="budgetResetLoading"
@@ -100,6 +129,9 @@ <h3>Budget Resets</h3>
                     <span>Reset Budgets</span>
                 </button>
             </div>
+        </div>
+
+        <div x-show="budgetManagementEnabled()">
             <div class="alert alert-success settings-refresh-alert"
                  role="status"
                  aria-live="polite"
diff --git a/internal/admin/dashboard/templates/page-workflows.html b/internal/admin/dashboard/templates/page-workflows.html
index 33c3ae3f..12f93c3c 100644
--- a/internal/admin/dashboard/templates/page-workflows.html
+++ b/internal/admin/dashboard/templates/page-workflows.html
@@ -118,6 +118,10 @@ <h3 x-text="workflowSubmitMode() === 'save' ? 'Edit Workflow' : 'Create Workflow
                         <input type="checkbox" x-model="workflowForm.features.usage">
                         <span>Usage</span>
                     </label>
+                    <label class="workflow-feature-toggle" x-show="workflowBudgetVisible()">
+                        <input type="checkbox" x-model="workflowForm.features.budget">
+                        <span>Budget</span>
+                    </label>
                     <label class="workflow-feature-toggle" x-show="workflowGuardrailsVisible()">
                         <input type="checkbox" x-model="workflowForm.features.guardrails">
                         <span>Guardrails</span>
diff --git a/internal/admin/dashboard/templates/sidebar.html b/internal/admin/dashboard/templates/sidebar.html
index 1decf3ac..cd863d5f 100644
--- a/internal/admin/dashboard/templates/sidebar.html
+++ b/internal/admin/dashboard/templates/sidebar.html
@@ -28,6 +28,10 @@ <h1>GoModel</h1>
             <i data-lucide="chart-column" class="nav-icon" aria-hidden="true"></i>
             <span>Usage</span>
         </a>
+        <a href="/admin/dashboard/budgets" class="nav-item" :class="{ active: page === 'budgets' }" title="Budgets" x-show="budgetManagementEnabled()" @click.prevent="navigate('budgets')">
+            <i data-lucide="wallet" class="nav-icon" aria-hidden="true"></i>
+            <span>Budgets</span>
+        </a>
         <a href="/admin/dashboard/auth-keys" class="nav-item" :class="{ active: page === 'auth-keys' }" title="API Keys" @click.prevent="navigate('auth-keys')">
             <i data-lucide="key-round" class="nav-icon" aria-hidden="true"></i>
             <span>API Keys</span>
diff --git a/internal/admin/dashboard/templates/workflow-chart.html b/internal/admin/dashboard/templates/workflow-chart.html
index 02d8ce69..6b937f13 100644
--- a/internal/admin/dashboard/templates/workflow-chart.html
+++ b/internal/admin/dashboard/templates/workflow-chart.html
@@ -33,15 +33,6 @@
             <span class="workflow-node-sub" x-show="chart.authNodeSublabel" x-text="chart.authNodeSublabel"></span>
         </div>
 
-        <div class="workflow-conn" x-show="chart.showGuardrails"></div>
-        <div class="workflow-node workflow-node-feature workflow-node-guardrails" x-show="chart.showGuardrails">
-            <div class="workflow-node-icon">
-                <svg viewBox="0 0 24 24"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>
-            </div>
-            <span class="workflow-node-label">Guardrails</span>
-            <span class="workflow-node-sub" x-show="chart.guardrailLabel" x-text="chart.guardrailLabel"></span>
-        </div>
-
         <div class="workflow-conn" x-show="chart.showCache" :class="chart.cacheConnClass"></div>
         <div class="workflow-node workflow-node-feature workflow-node-cache" x-show="chart.showCache" :class="chart.cacheNodeClass">
             <div class="workflow-node-icon">
@@ -51,6 +42,24 @@
             <span class="workflow-node-badge" x-show="chart.cacheStatusLabel" x-text="chart.cacheStatusLabel"></span>
         </div>
 
+        <div class="workflow-conn" x-show="chart.showBudget"></div>
+        <div class="workflow-node workflow-node-feature workflow-node-budget" x-show="chart.showBudget" :class="chart.budgetNodeClass">
+            <div class="workflow-node-icon">
+                <svg viewBox="0 0 24 24"><path d="M19 7V4a1 1 0 0 0-1-1H5a2 2 0 0 0 0 4h15a1 1 0 0 1 1 1v4h-3a2 2 0 0 0 0 4h3a1 1 0 0 0 1-1v-2a1 1 0 0 0-1-1"/><path d="M3 5v14a2 2 0 0 0 2 2h15a1 1 0 0 0 1-1v-4"/></svg>
+            </div>
+            <span class="workflow-node-label">Budget</span>
+            <span class="workflow-node-badge" x-show="chart.budgetStatusLabel" x-text="chart.budgetStatusLabel"></span>
+        </div>
+
+        <div class="workflow-conn" x-show="chart.showGuardrails"></div>
+        <div class="workflow-node workflow-node-feature workflow-node-guardrails" x-show="chart.showGuardrails">
+            <div class="workflow-node-icon">
+                <svg viewBox="0 0 24 24"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>
+            </div>
+            <span class="workflow-node-label">Guardrails</span>
+            <span class="workflow-node-sub" x-show="chart.guardrailLabel" x-text="chart.guardrailLabel"></span>
+        </div>
+
         <div class="workflow-conn" :class="chart.aiConnClass"></div>
 
         <div class="workflow-node workflow-node-ai" :class="chart.aiNodeClass">
diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index 8ae2130f..e04a2fa7 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -997,7 +997,108 @@ func (h *Handler) DashboardConfig(c *echo.Context) error {
 	return c.JSON(http.StatusOK, cloneDashboardRuntimeConfig(h.runtimeConfig))
 }
 
+// ListBudgets handles GET /admin/api/v1/budgets.
+// @Summary      List budgets with current status
+// @Tags         admin
+// @Produce      json
+// @Security     BearerAuth
+// @Success      200  {object}  budgetListResponse
+// @Failure      401  {object}  core.GatewayError
+// @Failure      503  {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets [get]
+func (h *Handler) ListBudgets(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	now := time.Now().UTC()
+	statuses, err := h.budgets.Statuses(c.Request().Context(), now)
+	if err != nil {
+		return handleError(c, core.NewProviderError("budgets", http.StatusServiceUnavailable, "failed to list budgets", err))
+	}
+	return c.JSON(http.StatusOK, budgetListResponse{
+		Budgets:    budgetStatusResponses(statuses, now),
+		ServerTime: now,
+	})
+}
+
+// UpsertBudget handles PUT /admin/api/v1/budgets.
+// @Summary      Create or update one budget
+// @Tags         admin
+// @Accept       json
+// @Produce      json
+// @Security     BearerAuth
+// @Param        budget  body      upsertBudgetRequest  true  "Budget definition"
+// @Success      200     {object}  budgetListResponse
+// @Failure      400     {object}  core.GatewayError
+// @Failure      401     {object}  core.GatewayError
+// @Failure      503     {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets [put]
+func (h *Handler) UpsertBudget(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	var req upsertBudgetRequest
+	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
+	}
+	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
+	if err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	source := strings.TrimSpace(req.Source)
+	if source == "" {
+		source = "manual"
+	}
+	if err := h.budgets.UpsertBudgets(c.Request().Context(), []budget.Budget{{
+		UserPath:      req.UserPath,
+		PeriodSeconds: periodSeconds,
+		Amount:        req.Amount,
+		Source:        source,
+	}}); err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	return h.ListBudgets(c)
+}
+
+// DeleteBudget handles DELETE /admin/api/v1/budgets.
+// @Summary      Delete one budget
+// @Tags         admin
+// @Accept       json
+// @Produce      json
+// @Security     BearerAuth
+// @Param        budget  body      deleteBudgetRequest  true  "Budget key"
+// @Success      200     {object}  budgetListResponse
+// @Failure      400     {object}  core.GatewayError
+// @Failure      401     {object}  core.GatewayError
+// @Failure      503     {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets [delete]
+func (h *Handler) DeleteBudget(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	var req deleteBudgetRequest
+	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
+	}
+	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
+	if err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	if err := h.budgets.DeleteBudget(c.Request().Context(), req.UserPath, periodSeconds); err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	return h.ListBudgets(c)
+}
+
 // BudgetSettings handles GET /admin/api/v1/budgets/settings.
+// @Summary      Get budget reset settings
+// @Tags         admin
+// @Produce      json
+// @Security     BearerAuth
+// @Success      200  {object}  budget.Settings
+// @Failure      401  {object}  core.GatewayError
+// @Failure      503  {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/settings [get]
 func (h *Handler) BudgetSettings(c *echo.Context) error {
 	if h.budgets == nil {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
@@ -1006,6 +1107,17 @@ func (h *Handler) BudgetSettings(c *echo.Context) error {
 }
 
 // UpdateBudgetSettings handles PUT /admin/api/v1/budgets/settings.
+// @Summary      Update budget reset settings
+// @Tags         admin
+// @Accept       json
+// @Produce      json
+// @Security     BearerAuth
+// @Param        settings  body      updateBudgetSettingsRequest  true  "Budget reset settings"
+// @Success      200       {object}  budget.Settings
+// @Failure      400       {object}  core.GatewayError
+// @Failure      401       {object}  core.GatewayError
+// @Failure      503       {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/settings [put]
 func (h *Handler) UpdateBudgetSettings(c *echo.Context) error {
 	if h.budgets == nil {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
@@ -1031,7 +1143,48 @@ func (h *Handler) UpdateBudgetSettings(c *echo.Context) error {
 	return c.JSON(http.StatusOK, saved)
 }
 
+// ResetBudget handles POST /admin/api/v1/budgets/reset-one.
+// @Summary      Reset one budget period
+// @Tags         admin
+// @Accept       json
+// @Produce      json
+// @Security     BearerAuth
+// @Param        budget  body      resetBudgetRequest  true  "Budget key"
+// @Success      200     {object}  budgetListResponse
+// @Failure      400     {object}  core.GatewayError
+// @Failure      401     {object}  core.GatewayError
+// @Failure      503     {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/reset-one [post]
+func (h *Handler) ResetBudget(c *echo.Context) error {
+	if h.budgets == nil {
+		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
+	}
+	var req resetBudgetRequest
+	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
+	}
+	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
+	if err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	if err := h.budgets.ResetBudget(c.Request().Context(), req.UserPath, periodSeconds, time.Now().UTC()); err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
+	return h.ListBudgets(c)
+}
+
 // ResetBudgets handles POST /admin/api/v1/budgets/reset.
+// @Summary      Reset all budget periods
+// @Tags         admin
+// @Accept       json
+// @Produce      json
+// @Security     BearerAuth
+// @Param        confirmation  body      resetBudgetsRequest  true  "Reset confirmation"
+// @Success      200           {object}  map[string]interface{}
+// @Failure      400           {object}  core.GatewayError
+// @Failure      401           {object}  core.GatewayError
+// @Failure      503           {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/reset [post]
 func (h *Handler) ResetBudgets(c *echo.Context) error {
 	if h.budgets == nil {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
@@ -1241,6 +1394,49 @@ type createAuthKeyRequest struct {
 	ExpiresAt   *time.Time `json:"expires_at,omitempty"`
 }
 
+type budgetListResponse struct {
+	Budgets    []budgetStatusResponse `json:"budgets"`
+	ServerTime time.Time              `json:"server_time"`
+}
+
+type budgetStatusResponse struct {
+	UserPath      string     `json:"user_path"`
+	PeriodSeconds int64      `json:"period_seconds"`
+	PeriodLabel   string     `json:"period_label"`
+	Amount        float64    `json:"amount"`
+	Source        string     `json:"source,omitempty"`
+	LastResetAt   *time.Time `json:"last_reset_at,omitempty"`
+	CreatedAt     time.Time  `json:"created_at"`
+	UpdatedAt     time.Time  `json:"updated_at"`
+	PeriodStart   time.Time  `json:"period_start"`
+	PeriodEnd     time.Time  `json:"period_end"`
+	Spent         float64    `json:"spent"`
+	HasUsage      bool       `json:"has_usage"`
+	Remaining     float64    `json:"remaining"`
+	UsageRatio    float64    `json:"usage_ratio"`
+	PeriodRatio   float64    `json:"period_ratio"`
+}
+
+type upsertBudgetRequest struct {
+	UserPath      string  `json:"user_path"`
+	Period        string  `json:"period,omitempty"`
+	PeriodSeconds int64   `json:"period_seconds,omitempty"`
+	Amount        float64 `json:"amount"`
+	Source        string  `json:"source,omitempty"`
+}
+
+type resetBudgetRequest struct {
+	UserPath      string `json:"user_path"`
+	Period        string `json:"period,omitempty"`
+	PeriodSeconds int64  `json:"period_seconds,omitempty"`
+}
+
+type deleteBudgetRequest struct {
+	UserPath      string `json:"user_path"`
+	Period        string `json:"period,omitempty"`
+	PeriodSeconds int64  `json:"period_seconds,omitempty"`
+}
+
 type updateBudgetSettingsRequest struct {
 	DailyResetHour     int `json:"daily_reset_hour"`
 	DailyResetMinute   int `json:"daily_reset_minute"`
@@ -1256,6 +1452,63 @@ type resetBudgetsRequest struct {
 	Confirmation string `json:"confirmation"`
 }
 
+func budgetStatusResponses(statuses []budget.CheckResult, now time.Time) []budgetStatusResponse {
+	if len(statuses) == 0 {
+		return []budgetStatusResponse{}
+	}
+	responses := make([]budgetStatusResponse, 0, len(statuses))
+	for _, status := range statuses {
+		item := status.Budget
+		usageRatio := 0.0
+		if item.Amount > 0 {
+			usageRatio = status.Spent / item.Amount
+		}
+		periodRatio := 0.0
+		periodDuration := status.PeriodEnd.Sub(status.PeriodStart).Seconds()
+		if periodDuration > 0 {
+			periodRatio = now.Sub(status.PeriodStart).Seconds() / periodDuration
+		}
+		responses = append(responses, budgetStatusResponse{
+			UserPath:      item.UserPath,
+			PeriodSeconds: item.PeriodSeconds,
+			PeriodLabel:   budget.PeriodLabel(item.PeriodSeconds),
+			Amount:        item.Amount,
+			Source:        item.Source,
+			LastResetAt:   item.LastResetAt,
+			CreatedAt:     item.CreatedAt,
+			UpdatedAt:     item.UpdatedAt,
+			PeriodStart:   status.PeriodStart,
+			PeriodEnd:     status.PeriodEnd,
+			Spent:         status.Spent,
+			HasUsage:      status.HasUsage,
+			Remaining:     status.Remaining,
+			UsageRatio:    usageRatio,
+			PeriodRatio:   clampBudgetRatio(periodRatio),
+		})
+	}
+	return responses
+}
+
+func budgetRequestPeriodSeconds(period string, periodSeconds int64) (int64, error) {
+	if periodSeconds > 0 {
+		return periodSeconds, nil
+	}
+	if parsed, ok := budget.PeriodSeconds(period); ok {
+		return parsed, nil
+	}
+	return 0, errors.New("period must be one of hourly, daily, weekly, monthly or period_seconds must be set")
+}
+
+func clampBudgetRatio(value float64) float64 {
+	if value < 0 {
+		return 0
+	}
+	if value > 1 {
+		return 1
+	}
+	return value
+}
+
 func featureUnavailableError(message string) error {
 	return core.NewInvalidRequestErrorWithStatus(http.StatusServiceUnavailable, message, nil).
 		WithCode("feature_unavailable")
diff --git a/internal/admin/handler_budgets_test.go b/internal/admin/handler_budgets_test.go
new file mode 100644
index 00000000..2349dc17
--- /dev/null
+++ b/internal/admin/handler_budgets_test.go
@@ -0,0 +1,214 @@
+package admin
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/labstack/echo/v5"
+
+	"gomodel/internal/budget"
+)
+
+type adminBudgetStore struct {
+	budgets []budget.Budget
+	sum     float64
+
+	resetUserPath      string
+	resetPeriodSeconds int64
+}
+
+func (s *adminBudgetStore) ListBudgets(context.Context) ([]budget.Budget, error) {
+	return append([]budget.Budget(nil), s.budgets...), nil
+}
+
+func (s *adminBudgetStore) UpsertBudgets(_ context.Context, budgets []budget.Budget) error {
+	for _, item := range budgets {
+		normalized, err := budget.NormalizeBudget(item)
+		if err != nil {
+			return err
+		}
+		replaced := false
+		for i, existing := range s.budgets {
+			if existing.UserPath == normalized.UserPath && existing.PeriodSeconds == normalized.PeriodSeconds {
+				s.budgets[i] = normalized
+				replaced = true
+				break
+			}
+		}
+		if !replaced {
+			s.budgets = append(s.budgets, normalized)
+		}
+	}
+	return nil
+}
+
+func (s *adminBudgetStore) DeleteBudget(_ context.Context, userPath string, periodSeconds int64) error {
+	normalizedPath, err := budget.NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	for i, existing := range s.budgets {
+		if existing.UserPath == normalizedPath && existing.PeriodSeconds == periodSeconds {
+			s.budgets = append(s.budgets[:i], s.budgets[i+1:]...)
+			return nil
+		}
+	}
+	return nil
+}
+
+func (s *adminBudgetStore) ReplaceConfigBudgets(ctx context.Context, budgets []budget.Budget) error {
+	s.budgets = nil
+	return s.UpsertBudgets(ctx, budgets)
+}
+
+func (s *adminBudgetStore) GetSettings(context.Context) (budget.Settings, error) {
+	return budget.DefaultSettings(), nil
+}
+
+func (s *adminBudgetStore) SaveSettings(_ context.Context, settings budget.Settings) (budget.Settings, error) {
+	return settings, nil
+}
+
+func (s *adminBudgetStore) ResetBudget(_ context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	s.resetUserPath = userPath
+	s.resetPeriodSeconds = periodSeconds
+	for i := range s.budgets {
+		if s.budgets[i].UserPath == userPath && s.budgets[i].PeriodSeconds == periodSeconds {
+			t := at.UTC()
+			s.budgets[i].LastResetAt = &t
+		}
+	}
+	return nil
+}
+
+func (s *adminBudgetStore) ResetAllBudgets(_ context.Context, at time.Time) error {
+	for i := range s.budgets {
+		t := at.UTC()
+		s.budgets[i].LastResetAt = &t
+	}
+	return nil
+}
+
+func (s *adminBudgetStore) SumUsageCost(context.Context, string, time.Time, time.Time) (float64, bool, error) {
+	return s.sum, s.sum > 0, nil
+}
+
+func (s *adminBudgetStore) Close() error {
+	return nil
+}
+
+func newBudgetHandler(t *testing.T, store *adminBudgetStore) *Handler {
+	t.Helper()
+	service, err := budget.NewService(context.Background(), store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+	return NewHandler(nil, nil, WithBudgets(service))
+}
+
+func TestBudgetEndpointsListStatuses(t *testing.T) {
+	store := &adminBudgetStore{
+		budgets: []budget.Budget{
+			{UserPath: "/team", PeriodSeconds: budget.PeriodDailySeconds, Amount: 10},
+		},
+		sum: 4,
+	}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodGet, "/admin/api/v1/budgets", nil)
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+
+	if err := h.ListBudgets(c); err != nil {
+		t.Fatalf("ListBudgets() failed: %v", err)
+	}
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status = %d, want %d body=%s", rec.Code, http.StatusOK, rec.Body.String())
+	}
+	var body budgetListResponse
+	if err := json.Unmarshal(rec.Body.Bytes(), &body); err != nil {
+		t.Fatalf("decode response: %v", err)
+	}
+	if len(body.Budgets) != 1 {
+		t.Fatalf("expected 1 budget, got %d", len(body.Budgets))
+	}
+	if got := body.Budgets[0].UsageRatio; got != 0.4 {
+		t.Fatalf("usage_ratio = %v, want 0.4", got)
+	}
+}
+
+func TestBudgetEndpointsUpsertAndResetOneBudget(t *testing.T) {
+	store := &adminBudgetStore{}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+
+	upsertReq := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets",
+		strings.NewReader(`{"user_path":"team/beta","period":"weekly","amount":12.5}`),
+	)
+	upsertReq.Header.Set("Content-Type", "application/json")
+	upsertRec := httptest.NewRecorder()
+	upsertCtx := e.NewContext(upsertReq, upsertRec)
+	if err := h.UpsertBudget(upsertCtx); err != nil {
+		t.Fatalf("UpsertBudget() failed: %v", err)
+	}
+	if upsertRec.Code != http.StatusOK {
+		t.Fatalf("upsert status = %d, want %d body=%s", upsertRec.Code, http.StatusOK, upsertRec.Body.String())
+	}
+	if len(store.budgets) != 1 || store.budgets[0].UserPath != "/team/beta" || store.budgets[0].PeriodSeconds != budget.PeriodWeeklySeconds {
+		t.Fatalf("stored budgets = %+v", store.budgets)
+	}
+
+	resetReq := httptest.NewRequest(
+		http.MethodPost,
+		"/admin/api/v1/budgets/reset-one",
+		strings.NewReader(`{"user_path":"/team/beta","period_seconds":604800}`),
+	)
+	resetReq.Header.Set("Content-Type", "application/json")
+	resetRec := httptest.NewRecorder()
+	resetCtx := e.NewContext(resetReq, resetRec)
+	if err := h.ResetBudget(resetCtx); err != nil {
+		t.Fatalf("ResetBudget() failed: %v", err)
+	}
+	if resetRec.Code != http.StatusOK {
+		t.Fatalf("reset status = %d, want %d body=%s", resetRec.Code, http.StatusOK, resetRec.Body.String())
+	}
+	if store.resetUserPath != "/team/beta" || store.resetPeriodSeconds != budget.PeriodWeeklySeconds {
+		t.Fatalf("reset key = %s/%d", store.resetUserPath, store.resetPeriodSeconds)
+	}
+}
+
+func TestBudgetEndpointsDeleteBudget(t *testing.T) {
+	store := &adminBudgetStore{
+		budgets: []budget.Budget{
+			{UserPath: "/team/beta", PeriodSeconds: budget.PeriodWeeklySeconds, Amount: 12.5},
+			{UserPath: "/team/beta", PeriodSeconds: budget.PeriodDailySeconds, Amount: 4},
+		},
+	}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+	req := httptest.NewRequest(
+		http.MethodDelete,
+		"/admin/api/v1/budgets",
+		strings.NewReader(`{"user_path":"/team/beta","period_seconds":604800}`),
+	)
+	req.Header.Set("Content-Type", "application/json")
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+
+	if err := h.DeleteBudget(c); err != nil {
+		t.Fatalf("DeleteBudget() failed: %v", err)
+	}
+	if rec.Code != http.StatusOK {
+		t.Fatalf("delete status = %d, want %d body=%s", rec.Code, http.StatusOK, rec.Body.String())
+	}
+	if len(store.budgets) != 1 || store.budgets[0].PeriodSeconds != budget.PeriodDailySeconds {
+		t.Fatalf("stored budgets after delete = %+v", store.budgets)
+	}
+}
diff --git a/internal/admin/handler_test.go b/internal/admin/handler_test.go
index 90e00312..7d2464f5 100644
--- a/internal/admin/handler_test.go
+++ b/internal/admin/handler_test.go
@@ -1665,6 +1665,7 @@ func TestDashboardConfig_ReturnsAllowlistedRuntimeFlags(t *testing.T) {
 		FeatureFallbackMode:  "auto",
 		LoggingEnabled:       "on",
 		UsageEnabled:         "off",
+		BudgetsEnabled:       "on",
 		GuardrailsEnabled:    "on",
 		CacheEnabled:         "on",
 		RedisURL:             "on",
@@ -1692,6 +1693,9 @@ func TestDashboardConfig_ReturnsAllowlistedRuntimeFlags(t *testing.T) {
 	if got := body.UsageEnabled; got != "off" {
 		t.Fatalf("USAGE_ENABLED = %q, want off", got)
 	}
+	if got := body.BudgetsEnabled; got != "on" {
+		t.Fatalf("BUDGETS_ENABLED = %q, want on", got)
+	}
 	if got := body.GuardrailsEnabled; got != "on" {
 		t.Fatalf("GUARDRAILS_ENABLED = %q, want on", got)
 	}
diff --git a/internal/app/app.go b/internal/app/app.go
index 4efeb94f..7fd4ef9d 100644
--- a/internal/app/app.go
+++ b/internal/app/app.go
@@ -898,12 +898,14 @@ func configGuardrailDefinitions(cfg config.GuardrailsConfig) ([]guardrails.Defin
 
 func defaultWorkflowInput(cfg *config.Config, availableGuardrails []string, configuredGuardrails []guardrails.Definition) workflows.CreateInput {
 	fallbackEnabled := fallbackFeatureEnabledGlobally(cfg)
+	budgetEnabled := cfg.Budgets.Enabled
 	payload := workflows.Payload{
 		SchemaVersion: 1,
 		Features: workflows.FeatureFlags{
 			Cache:    responseCacheConfigured(cfg.Cache.Response),
 			Audit:    cfg.Logging.Enabled,
 			Usage:    cfg.Usage.Enabled,
+			Budget:   &budgetEnabled,
 			Fallback: &fallbackEnabled,
 		},
 	}
@@ -1005,6 +1007,7 @@ func runtimeWorkflowFeatureCaps(cfg *config.Config) core.WorkflowFeatures {
 		Cache:      responseCacheConfigured(cfg.Cache.Response),
 		Audit:      cfg.Logging.Enabled,
 		Usage:      cfg.Usage.Enabled,
+		Budget:     cfg.Budgets.Enabled,
 		Guardrails: cfg.Guardrails.Enabled,
 		Fallback:   fallbackFeatureEnabledGlobally(cfg),
 	}
diff --git a/internal/app/app_test.go b/internal/app/app_test.go
index a4209269..ea595000 100644
--- a/internal/app/app_test.go
+++ b/internal/app/app_test.go
@@ -440,6 +440,9 @@ func TestDashboardRuntimeConfig_ExposesFeatureAvailabilityFlags(t *testing.T) {
 		Usage: config.UsageConfig{
 			Enabled: true,
 		},
+		Budgets: config.BudgetsConfig{
+			Enabled: true,
+		},
 		Guardrails: config.GuardrailsConfig{
 			Enabled: true,
 		},
@@ -462,6 +465,9 @@ func TestDashboardRuntimeConfig_ExposesFeatureAvailabilityFlags(t *testing.T) {
 	if got := values.UsageEnabled; got != "on" {
 		t.Fatalf("dashboardRuntimeConfig()[%q] = %q, want on", admin.DashboardConfigUsageEnabled, got)
 	}
+	if got := values.BudgetsEnabled; got != "on" {
+		t.Fatalf("dashboardRuntimeConfig()[%q] = %q, want on", admin.DashboardConfigBudgetsEnabled, got)
+	}
 	if got := values.GuardrailsEnabled; got != "on" {
 		t.Fatalf("dashboardRuntimeConfig()[%q] = %q, want on", admin.DashboardConfigGuardrailsEnabled, got)
 	}
diff --git a/internal/auditlog/auditlog.go b/internal/auditlog/auditlog.go
index 78f5f0df..0fc7bdf1 100644
--- a/internal/auditlog/auditlog.go
+++ b/internal/auditlog/auditlog.go
@@ -94,6 +94,7 @@ type LogData struct {
 
 	// Error details (message can be long, so kept in JSON)
 	ErrorMessage string `json:"error_message,omitempty" bson:"error_message,omitempty"`
+	ErrorCode    string `json:"error_code,omitempty" bson:"error_code,omitempty"`
 
 	// Optional headers (when LOGGING_LOG_HEADERS=true)
 	// Sensitive headers are auto-redacted
@@ -118,6 +119,7 @@ type WorkflowFeaturesSnapshot struct {
 	Cache      bool `json:"cache" bson:"cache"`
 	Audit      bool `json:"audit" bson:"audit"`
 	Usage      bool `json:"usage" bson:"usage"`
+	Budget     bool `json:"budget" bson:"budget"`
 	Guardrails bool `json:"guardrails" bson:"guardrails"`
 	Fallback   bool `json:"fallback" bson:"fallback"`
 }
diff --git a/internal/auditlog/middleware.go b/internal/auditlog/middleware.go
index d67e0482..b769d637 100644
--- a/internal/auditlog/middleware.go
+++ b/internal/auditlog/middleware.go
@@ -219,6 +219,7 @@ func enrichEntryWithWorkflow(entry *LogEntry, workflow *core.Workflow) {
 			Cache:      workflow.Policy.Features.Cache,
 			Audit:      workflow.Policy.Features.Audit,
 			Usage:      workflow.Policy.Features.Usage,
+			Budget:     workflow.Policy.Features.Budget,
 			Guardrails: workflow.Policy.Features.Guardrails,
 			Fallback:   workflow.Policy.Features.Fallback,
 		}
@@ -578,7 +579,7 @@ func auditEnabledForContext(ctx context.Context) bool {
 }
 
 // EnrichEntryWithError adds error information to the log entry.
-func EnrichEntryWithError(c *echo.Context, errorType, errorMessage string) {
+func EnrichEntryWithError(c *echo.Context, errorType, errorMessage string, errorCode ...string) {
 	entryVal := c.Get(string(LogEntryKey))
 	if entryVal == nil {
 		return
@@ -592,6 +593,9 @@ func EnrichEntryWithError(c *echo.Context, errorType, errorMessage string) {
 	entry.ErrorType = errorType
 	if entry.Data != nil {
 		entry.Data.ErrorMessage = errorMessage
+		if len(errorCode) > 0 {
+			entry.Data.ErrorCode = strings.TrimSpace(errorCode[0])
+		}
 	}
 }
 
diff --git a/internal/budget/service.go b/internal/budget/service.go
index c690831b..d0751fbc 100644
--- a/internal/budget/service.go
+++ b/internal/budget/service.go
@@ -66,6 +66,23 @@ func (s *Service) UpsertBudgets(ctx context.Context, budgets []Budget) error {
 	return s.Refresh(ctx)
 }
 
+func (s *Service) DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error {
+	if s == nil || s.store == nil {
+		return fmt.Errorf("budget service is unavailable")
+	}
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	if err := s.store.DeleteBudget(ctx, userPath, periodSeconds); err != nil {
+		return err
+	}
+	return s.Refresh(ctx)
+}
+
 func (s *Service) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	if s == nil || s.store == nil {
 		return nil
@@ -108,6 +125,54 @@ func (s *Service) SaveSettings(ctx context.Context, settings Settings) (Settings
 	return saved, nil
 }
 
+func (s *Service) Statuses(ctx context.Context, now time.Time) ([]CheckResult, error) {
+	if s == nil || s.store == nil {
+		return nil, nil
+	}
+	if now.IsZero() {
+		now = time.Now().UTC()
+	}
+	now = now.UTC()
+
+	s.mu.RLock()
+	budgets := append([]Budget(nil), s.budgets...)
+	settings := s.settings
+	s.mu.RUnlock()
+	if len(budgets) == 0 {
+		return []CheckResult{}, nil
+	}
+
+	results := make([]CheckResult, 0, len(budgets))
+	for _, budget := range budgets {
+		result, err := s.evaluateBudget(ctx, budget, now, settings)
+		if err != nil {
+			return results, err
+		}
+		results = append(results, result)
+	}
+	return results, nil
+}
+
+func (s *Service) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	if s == nil || s.store == nil {
+		return fmt.Errorf("budget service is unavailable")
+	}
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	if at.IsZero() {
+		at = time.Now().UTC()
+	}
+	if err := s.store.ResetBudget(ctx, userPath, periodSeconds, at.UTC()); err != nil {
+		return err
+	}
+	return s.Refresh(ctx)
+}
+
 func (s *Service) ResetAll(ctx context.Context, at time.Time) error {
 	if s == nil || s.store == nil {
 		return fmt.Errorf("budget service is unavailable")
@@ -152,29 +217,37 @@ func (s *Service) CheckWithResults(ctx context.Context, userPath string, now tim
 		if !budgetAppliesToPath(budget.UserPath, userPath) {
 			continue
 		}
-		start, end := PeriodBounds(now, budget.PeriodSeconds, settings)
-		if budget.LastResetAt != nil && budget.LastResetAt.After(start) {
-			start = budget.LastResetAt.UTC()
-		}
-		spent, _, err := s.store.SumUsageCost(ctx, budget.UserPath, start, now)
+		result, err := s.evaluateBudget(ctx, budget, now, settings)
 		if err != nil {
 			return results, err
 		}
-		result := CheckResult{
-			Budget:      budget,
-			PeriodStart: start,
-			PeriodEnd:   end,
-			Spent:       spent,
-			Remaining:   budget.Amount - spent,
-		}
 		results = append(results, result)
-		if spent >= budget.Amount {
+		if result.Spent >= budget.Amount {
 			return results, &ExceededError{Result: result}
 		}
 	}
 	return results, nil
 }
 
+func (s *Service) evaluateBudget(ctx context.Context, budget Budget, now time.Time, settings Settings) (CheckResult, error) {
+	start, end := PeriodBounds(now, budget.PeriodSeconds, settings)
+	if budget.LastResetAt != nil && budget.LastResetAt.After(start) {
+		start = budget.LastResetAt.UTC()
+	}
+	spent, hasUsage, err := s.store.SumUsageCost(ctx, budget.UserPath, start, now)
+	if err != nil {
+		return CheckResult{}, err
+	}
+	return CheckResult{
+		Budget:      budget,
+		PeriodStart: start,
+		PeriodEnd:   end,
+		Spent:       spent,
+		HasUsage:    hasUsage,
+		Remaining:   budget.Amount - spent,
+	}, nil
+}
+
 func budgetAppliesToPath(budgetPath, requestPath string) bool {
 	budgetPath = strings.TrimSpace(budgetPath)
 	requestPath = strings.TrimSpace(requestPath)
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
index 665a4ff3..26ce9959 100644
--- a/internal/budget/service_test.go
+++ b/internal/budget/service_test.go
@@ -25,6 +25,10 @@ func (s *fakeStore) UpsertBudgets(context.Context, []Budget) error {
 	return nil
 }
 
+func (s *fakeStore) DeleteBudget(context.Context, string, int64) error {
+	return nil
+}
+
 func (s *fakeStore) ReplaceConfigBudgets(context.Context, []Budget) error {
 	return nil
 }
@@ -40,6 +44,11 @@ func (s *fakeStore) SaveSettings(context.Context, Settings) (Settings, error) {
 	return Settings{}, nil
 }
 
+func (s *fakeStore) ResetBudget(_ context.Context, _ string, _ int64, at time.Time) error {
+	s.lastResetAt = at
+	return nil
+}
+
 func (s *fakeStore) ResetAllBudgets(_ context.Context, at time.Time) error {
 	s.lastResetAt = at
 	return nil
diff --git a/internal/budget/store.go b/internal/budget/store.go
index 3ab3ced5..0a355111 100644
--- a/internal/budget/store.go
+++ b/internal/budget/store.go
@@ -11,9 +11,11 @@ import (
 type Store interface {
 	ListBudgets(ctx context.Context) ([]Budget, error)
 	UpsertBudgets(ctx context.Context, budgets []Budget) error
+	DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error
 	ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error
 	GetSettings(ctx context.Context) (Settings, error)
 	SaveSettings(ctx context.Context, settings Settings) (Settings, error)
+	ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error
 	ResetAllBudgets(ctx context.Context, at time.Time) error
 	SumUsageCost(ctx context.Context, userPath string, start, end time.Time) (float64, bool, error)
 	Close() error
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
index 1b3ba6fe..f9fd64f7 100644
--- a/internal/budget/store_mongodb.go
+++ b/internal/budget/store_mongodb.go
@@ -96,6 +96,24 @@ func (s *MongoDBStore) UpsertBudgets(ctx context.Context, budgets []Budget) erro
 	return nil
 }
 
+func (s *MongoDBStore) DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	result, err := s.budgets.DeleteOne(ctx, bson.D{{Key: "user_path", Value: userPath}, {Key: "period_seconds", Value: periodSeconds}})
+	if err != nil {
+		return fmt.Errorf("delete budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	if result.DeletedCount == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	budgets, err := normalizeBudgetsForUpsert(budgets)
 	if err != nil {
@@ -175,6 +193,30 @@ func (s *MongoDBStore) SaveSettings(ctx context.Context, settings Settings) (Set
 	return settings, nil
 }
 
+func (s *MongoDBStore) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	result, err := s.budgets.UpdateOne(ctx,
+		bson.D{{Key: "user_path", Value: userPath}, {Key: "period_seconds", Value: periodSeconds}},
+		bson.D{{Key: "$set", Value: bson.D{
+			{Key: "last_reset_at", Value: at.UTC()},
+			{Key: "updated_at", Value: at.UTC()},
+		}}},
+	)
+	if err != nil {
+		return fmt.Errorf("reset budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	if result.MatchedCount == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *MongoDBStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
 	_, err := s.budgets.UpdateMany(ctx, bson.D{}, bson.D{{Key: "$set", Value: bson.D{
 		{Key: "last_reset_at", Value: at.UTC()},
diff --git a/internal/budget/store_postgresql.go b/internal/budget/store_postgresql.go
index 835b035d..377232e0 100644
--- a/internal/budget/store_postgresql.go
+++ b/internal/budget/store_postgresql.go
@@ -127,6 +127,27 @@ func (s *PostgreSQLStore) UpsertBudgets(ctx context.Context, budgets []Budget) e
 	return nil
 }
 
+func (s *PostgreSQLStore) DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	tag, err := s.pool.Exec(ctx, `
+		DELETE FROM budgets
+		WHERE user_path = $1 AND period_seconds = $2
+	`, userPath, periodSeconds)
+	if err != nil {
+		return fmt.Errorf("delete budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	if tag.RowsAffected() == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *PostgreSQLStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	budgets, err := normalizeBudgetsForUpsert(budgets)
 	if err != nil {
@@ -206,6 +227,28 @@ func (s *PostgreSQLStore) SaveSettings(ctx context.Context, settings Settings) (
 	return settings, nil
 }
 
+func (s *PostgreSQLStore) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	tag, err := s.pool.Exec(ctx, `
+		UPDATE budgets
+		SET last_reset_at = $1, updated_at = $2
+		WHERE user_path = $3 AND period_seconds = $4
+	`, at.UTC().Unix(), at.UTC().Unix(), userPath, periodSeconds)
+	if err != nil {
+		return fmt.Errorf("reset budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	if tag.RowsAffected() == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *PostgreSQLStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
 	_, err := s.pool.Exec(ctx, `UPDATE budgets SET last_reset_at = $1, updated_at = $2`, at.UTC().Unix(), at.UTC().Unix())
 	if err != nil {
diff --git a/internal/budget/store_sqlite.go b/internal/budget/store_sqlite.go
index 70597939..2f03f2ba 100644
--- a/internal/budget/store_sqlite.go
+++ b/internal/budget/store_sqlite.go
@@ -143,6 +143,28 @@ func (s *SQLiteStore) UpsertBudgets(ctx context.Context, budgets []Budget) error
 	return nil
 }
 
+func (s *SQLiteStore) DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	result, err := s.db.ExecContext(ctx, `
+		DELETE FROM budgets
+		WHERE user_path = ? AND period_seconds = ?
+	`, userPath, periodSeconds)
+	if err != nil {
+		return fmt.Errorf("delete budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	affected, err := result.RowsAffected()
+	if err == nil && affected == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *SQLiteStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	budgets, err := normalizeBudgetsForUpsert(budgets)
 	if err != nil {
@@ -229,6 +251,29 @@ func (s *SQLiteStore) SaveSettings(ctx context.Context, settings Settings) (Sett
 	return settings, nil
 }
 
+func (s *SQLiteStore) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	userPath, err := NormalizeUserPath(userPath)
+	if err != nil {
+		return err
+	}
+	if periodSeconds <= 0 {
+		return fmt.Errorf("period_seconds must be greater than 0")
+	}
+	result, err := s.db.ExecContext(ctx, `
+		UPDATE budgets
+		SET last_reset_at = ?, updated_at = ?
+		WHERE user_path = ? AND period_seconds = ?
+	`, at.UTC().Unix(), at.UTC().Unix(), userPath, periodSeconds)
+	if err != nil {
+		return fmt.Errorf("reset budget %s/%d: %w", userPath, periodSeconds, err)
+	}
+	affected, err := result.RowsAffected()
+	if err == nil && affected == 0 {
+		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+	}
+	return nil
+}
+
 func (s *SQLiteStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
 	_, err := s.db.ExecContext(ctx, `UPDATE budgets SET last_reset_at = ?, updated_at = ?`, at.UTC().Unix(), at.UTC().Unix())
 	if err != nil {
diff --git a/internal/budget/types.go b/internal/budget/types.go
index 003f3d79..dae46586 100644
--- a/internal/budget/types.go
+++ b/internal/budget/types.go
@@ -46,6 +46,7 @@ type CheckResult struct {
 	PeriodStart time.Time `json:"period_start"`
 	PeriodEnd   time.Time `json:"period_end"`
 	Spent       float64   `json:"spent"`
+	HasUsage    bool      `json:"has_usage"`
 	Remaining   float64   `json:"remaining"`
 }
 
diff --git a/internal/core/workflow.go b/internal/core/workflow.go
index 203488aa..d0665bb2 100644
--- a/internal/core/workflow.go
+++ b/internal/core/workflow.go
@@ -96,6 +96,7 @@ type WorkflowFeatures struct {
 	Cache      bool `json:"cache"`
 	Audit      bool `json:"audit"`
 	Usage      bool `json:"usage"`
+	Budget     bool `json:"budget"`
 	Guardrails bool `json:"guardrails"`
 	Fallback   bool `json:"fallback"`
 }
@@ -106,6 +107,7 @@ func (f WorkflowFeatures) ApplyUpperBound(caps WorkflowFeatures) WorkflowFeature
 		Cache:      f.Cache && caps.Cache,
 		Audit:      f.Audit && caps.Audit,
 		Usage:      f.Usage && caps.Usage,
+		Budget:     f.Budget && caps.Budget,
 		Guardrails: f.Guardrails && caps.Guardrails,
 		Fallback:   f.Fallback && caps.Fallback,
 	}
@@ -118,6 +120,7 @@ func DefaultWorkflowFeatures() WorkflowFeatures {
 		Cache:      true,
 		Audit:      true,
 		Usage:      true,
+		Budget:     true,
 		Guardrails: true,
 		Fallback:   true,
 	}
@@ -191,6 +194,11 @@ func (p *Workflow) UsageEnabled() bool {
 	return p.featureEnabled(func(features WorkflowFeatures) bool { return features.Usage })
 }
 
+// BudgetEnabled reports whether budget checks are enabled for the request.
+func (p *Workflow) BudgetEnabled() bool {
+	return p.featureEnabled(func(features WorkflowFeatures) bool { return features.Budget })
+}
+
 // GuardrailsEnabled reports whether guardrail processing is enabled for the request.
 func (p *Workflow) GuardrailsEnabled() bool {
 	return p.featureEnabled(func(features WorkflowFeatures) bool { return features.Guardrails })
diff --git a/internal/server/budget_support.go b/internal/server/budget_support.go
index 16338a17..69dc69be 100644
--- a/internal/server/budget_support.go
+++ b/internal/server/budget_support.go
@@ -21,6 +21,9 @@ func enforceBudget(c *echo.Context, checker BudgetChecker) error {
 	if checker == nil || c == nil || c.Request() == nil {
 		return nil
 	}
+	if workflow := core.GetWorkflow(c.Request().Context()); workflow != nil && !workflow.BudgetEnabled() {
+		return nil
+	}
 	userPath := core.UserPathFromContext(c.Request().Context())
 	if userPath == "" {
 		userPath = "/"
diff --git a/internal/server/budget_support_test.go b/internal/server/budget_support_test.go
new file mode 100644
index 00000000..e4eb3ab6
--- /dev/null
+++ b/internal/server/budget_support_test.go
@@ -0,0 +1,63 @@
+package server
+
+import (
+	"context"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/labstack/echo/v5"
+
+	"gomodel/internal/core"
+)
+
+type countingBudgetChecker struct {
+	calls    int
+	userPath string
+}
+
+func (c *countingBudgetChecker) Check(_ context.Context, userPath string, _ time.Time) error {
+	c.calls++
+	c.userPath = userPath
+	return nil
+}
+
+func TestEnforceBudgetSkipsWhenWorkflowBudgetDisabled(t *testing.T) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+	req = req.WithContext(core.WithWorkflow(req.Context(), &core.Workflow{
+		Policy: &core.ResolvedWorkflowPolicy{
+			VersionID: "workflow-v1",
+			Features: core.WorkflowFeatures{
+				Budget: false,
+			},
+		},
+	}))
+	c := e.NewContext(req, httptest.NewRecorder())
+	checker := &countingBudgetChecker{}
+
+	if err := enforceBudget(c, checker); err != nil {
+		t.Fatalf("enforceBudget returned error: %v", err)
+	}
+	if checker.calls != 0 {
+		t.Fatalf("budget checker was called %d times, want 0", checker.calls)
+	}
+}
+
+func TestEnforceBudgetDefaultsEnabledWithoutWorkflow(t *testing.T) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+	c := e.NewContext(req, httptest.NewRecorder())
+	checker := &countingBudgetChecker{}
+
+	if err := enforceBudget(c, checker); err != nil {
+		t.Fatalf("enforceBudget returned error: %v", err)
+	}
+	if checker.calls != 1 {
+		t.Fatalf("budget checker was called %d times, want 1", checker.calls)
+	}
+	if checker.userPath != "/" {
+		t.Fatalf("budget user path = %q, want /", checker.userPath)
+	}
+}
diff --git a/internal/server/error_support.go b/internal/server/error_support.go
index 0613e953..77758275 100644
--- a/internal/server/error_support.go
+++ b/internal/server/error_support.go
@@ -15,7 +15,7 @@ import (
 func handleError(c *echo.Context, err error) error {
 	if gatewayErr, ok := errors.AsType[*core.GatewayError](err); ok {
 		logHandledError(c, gatewayErr)
-		auditlog.EnrichEntryWithError(c, string(gatewayErr.Type), gatewayErr.Message)
+		auditlog.EnrichEntryWithError(c, string(gatewayErr.Type), gatewayErr.Message, gatewayErrorCode(gatewayErr))
 		return c.JSON(gatewayErr.HTTPStatusCode(), gatewayErr.ToJSON())
 	}
 
@@ -25,6 +25,13 @@ func handleError(c *echo.Context, err error) error {
 	return c.JSON(gatewayErr.HTTPStatusCode(), gatewayErr.ToJSON())
 }
 
+func gatewayErrorCode(err *core.GatewayError) string {
+	if err == nil || err.Code == nil {
+		return ""
+	}
+	return *err.Code
+}
+
 func logHandledError(c *echo.Context, gatewayErr *core.GatewayError) {
 	if gatewayErr == nil {
 		return
diff --git a/internal/server/error_support_test.go b/internal/server/error_support_test.go
index c46d0487..3244f3da 100644
--- a/internal/server/error_support_test.go
+++ b/internal/server/error_support_test.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/labstack/echo/v5"
 
+	"gomodel/internal/auditlog"
 	"gomodel/internal/core"
 )
 
@@ -88,3 +89,30 @@ func TestHandleError_LogsServerErrorsAtErrorLevel(t *testing.T) {
 		t.Fatalf("expected error message in log, got %q", logOutput)
 	}
 }
+
+func TestHandleError_EnrichesAuditEntryWithGatewayErrorCode(t *testing.T) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+	entry := &auditlog.LogEntry{Data: &auditlog.LogData{}}
+	c.Set(string(auditlog.LogEntryKey), entry)
+
+	err := core.NewRateLimitError("budget", "budget exceeded").WithCode("budget_exceeded")
+	if handleErr := handleError(c, err); handleErr != nil {
+		t.Fatalf("handleError() error = %v", handleErr)
+	}
+
+	if rec.Code != http.StatusTooManyRequests {
+		t.Fatalf("status = %d, want %d", rec.Code, http.StatusTooManyRequests)
+	}
+	if entry.ErrorType != string(core.ErrorTypeRateLimit) {
+		t.Fatalf("entry.ErrorType = %q, want %q", entry.ErrorType, core.ErrorTypeRateLimit)
+	}
+	if entry.Data.ErrorMessage != "budget exceeded" {
+		t.Fatalf("entry.Data.ErrorMessage = %q, want budget exceeded", entry.Data.ErrorMessage)
+	}
+	if entry.Data.ErrorCode != "budget_exceeded" {
+		t.Fatalf("entry.Data.ErrorCode = %q, want budget_exceeded", entry.Data.ErrorCode)
+	}
+}
diff --git a/internal/server/http.go b/internal/server/http.go
index c9a5ca9c..4cdde481 100644
--- a/internal/server/http.go
+++ b/internal/server/http.go
@@ -326,8 +326,12 @@ func New(provider core.RoutableProvider, cfg *Config) *Server {
 		adminAPI.GET("/audit/conversation", cfg.AdminHandler.AuditConversation)
 		adminAPI.GET("/providers/status", cfg.AdminHandler.ProviderStatus)
 		adminAPI.POST("/runtime/refresh", cfg.AdminHandler.RefreshRuntime)
+		adminAPI.GET("/budgets", cfg.AdminHandler.ListBudgets)
+		adminAPI.PUT("/budgets", cfg.AdminHandler.UpsertBudget)
+		adminAPI.DELETE("/budgets", cfg.AdminHandler.DeleteBudget)
 		adminAPI.GET("/budgets/settings", cfg.AdminHandler.BudgetSettings)
 		adminAPI.PUT("/budgets/settings", cfg.AdminHandler.UpdateBudgetSettings)
+		adminAPI.POST("/budgets/reset-one", cfg.AdminHandler.ResetBudget)
 		adminAPI.POST("/budgets/reset", cfg.AdminHandler.ResetBudgets)
 		adminAPI.GET("/models", cfg.AdminHandler.ListModels)
 		adminAPI.GET("/models/categories", cfg.AdminHandler.ListCategories)
diff --git a/internal/server/internal_chat_completion_executor.go b/internal/server/internal_chat_completion_executor.go
index c8d718fc..cad041c5 100644
--- a/internal/server/internal_chat_completion_executor.go
+++ b/internal/server/internal_chat_completion_executor.go
@@ -252,6 +252,9 @@ func (e *InternalChatCompletionExecutor) finishAuditEntry(
 			entry.StatusCode = gatewayErr.HTTPStatusCode()
 			if entry.Data != nil {
 				entry.Data.ErrorMessage = gatewayErr.Message
+				if gatewayErr.Code != nil {
+					entry.Data.ErrorCode = *gatewayErr.Code
+				}
 			}
 		} else {
 			entry.ErrorType = string(core.ErrorTypeProvider)
diff --git a/internal/workflows/types.go b/internal/workflows/types.go
index d91bfb74..a1d86086 100644
--- a/internal/workflows/types.go
+++ b/internal/workflows/types.go
@@ -66,6 +66,7 @@ type FeatureFlags struct {
 	Cache      bool  `json:"cache" bson:"cache"`
 	Audit      bool  `json:"audit" bson:"audit"`
 	Usage      bool  `json:"usage" bson:"usage"`
+	Budget     *bool `json:"budget,omitempty" bson:"budget,omitempty"`
 	Guardrails bool  `json:"guardrails" bson:"guardrails"`
 	Fallback   *bool `json:"fallback,omitempty" bson:"fallback,omitempty"`
 }
@@ -85,10 +86,15 @@ func (f FeatureFlags) runtimeFeatures() core.WorkflowFeatures {
 	if f.Fallback != nil {
 		fallback = *f.Fallback
 	}
+	budget := true
+	if f.Budget != nil {
+		budget = *f.Budget
+	}
 	return core.WorkflowFeatures{
 		Cache:      f.Cache,
 		Audit:      f.Audit,
 		Usage:      f.Usage,
+		Budget:     budget,
 		Guardrails: f.Guardrails,
 		Fallback:   fallback,
 	}

From 1bacaca5f1ca0114aa6517dbffee58835e1320e4 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Sun, 26 Apr 2026 21:10:14 +0200
Subject: [PATCH 3/9] feat(budgets): confirm budget overrides

---
 .../admin/dashboard/static/css/dashboard.css  | 214 +++++++++++++-----
 .../dashboard/static/js/modules/budgets.js    | 180 ++++++++++++++-
 .../static/js/modules/budgets.test.js         | 156 ++++++++++++-
 .../js/modules/dashboard-layout.test.js       | 135 +++++++++--
 .../dashboard/templates/page-budgets.html     | 128 ++++++++---
 5 files changed, 694 insertions(+), 119 deletions(-)

diff --git a/internal/admin/dashboard/static/css/dashboard.css b/internal/admin/dashboard/static/css/dashboard.css
index d3f70011..0240e8be 100644
--- a/internal/admin/dashboard/static/css/dashboard.css
+++ b/internal/admin/dashboard/static/css/dashboard.css
@@ -183,6 +183,7 @@ body.dashboard-modal-open {
   width: 28px;
   height: 28px;
   flex-shrink: 0;
+  color: var(--accent);
 }
 
 .sidebar-logo svg {
@@ -3429,7 +3430,7 @@ body.conversation-drawer-open {
 
 .budget-row {
   display: grid;
-  grid-template-columns: minmax(0, 1fr) auto;
+  grid-template-columns: minmax(0, 1fr);
   align-items: center;
   gap: 16px;
   padding: 12px 14px;
@@ -3443,7 +3444,8 @@ body.conversation-drawer-open {
 }
 
 .budget-row-head {
-  display: flex;
+  display: grid;
+  grid-template-columns: minmax(0, 1fr) auto minmax(0, 1fr);
   align-items: center;
   gap: 10px;
   min-width: 0;
@@ -3452,6 +3454,8 @@ body.conversation-drawer-open {
 .budget-user-path {
   display: inline-flex;
   align-items: center;
+  justify-self: start;
+  width: fit-content;
   max-width: 100%;
   min-height: 24px;
   padding: 2px 8px;
@@ -3484,6 +3488,41 @@ body.conversation-drawer-open {
   font-size: 11px;
 }
 
+.budget-row-period {
+  display: flex;
+  justify-content: center;
+  min-width: 0;
+}
+
+.budget-row-controls {
+  display: flex;
+  align-items: center;
+  justify-content: flex-end;
+  gap: 8px;
+  min-width: 0;
+}
+
+.budget-sort-control {
+  align-items: center;
+  gap: 8px;
+}
+
+.budget-sort-control label {
+  color: var(--text-muted);
+  font-size: 12px;
+  font-weight: 600;
+  white-space: nowrap;
+}
+
+.budget-sort-select {
+  background-color: var(--bg-surface);
+  min-width: 132px;
+}
+
+.budget-sort-select:hover {
+  background-color: var(--bg-surface-hover);
+}
+
 .budget-bars {
   display: grid;
   gap: 6px;
@@ -3507,9 +3546,13 @@ body.conversation-drawer-open {
   line-height: 1;
 }
 
+.budget-bar-percent {
+  font-weight: 700;
+}
+
 .budget-bar-track {
   position: relative;
-  height: 14px;
+  height: 16px;
   overflow: hidden;
   border-radius: 999px;
   background: color-mix(in srgb, var(--border) 75%, var(--bg));
@@ -3526,14 +3569,30 @@ body.conversation-drawer-open {
   background: color-mix(in srgb, var(--success) 82%, var(--accent));
 }
 
-.budget-bar-fill-period {
-  background: color-mix(in srgb, var(--accent) 75%, var(--warning));
-}
-
 .budget-bar-fill-danger {
   background: var(--danger);
 }
 
+.budget-bar-fill-period-monthly {
+  background: #30302c;
+}
+
+.budget-bar-fill-period-weekly {
+  background: #68765c;
+}
+
+.budget-bar-fill-period-daily {
+  background: #b5652d;
+}
+
+.budget-bar-fill-period-hourly {
+  background: #783f22;
+}
+
+.budget-bar-fill-period-custom {
+  background: #bfa584;
+}
+
 .budget-bar-text-row {
   position: absolute;
   inset: 0;
@@ -3547,21 +3606,24 @@ body.conversation-drawer-open {
   clip-path: inset(0 calc(100% - var(--budget-progress, 0%)) 0 0);
 }
 
+.budget-bar-track-period-custom .budget-bar-text-row-on-fill {
+  color: #3f332a;
+}
+
 .budget-bar-text {
   position: absolute;
   top: 50%;
   max-width: min(44%, 190px);
   overflow: hidden;
-  font-size: 10px;
+  font-size: 11px;
   font-weight: 700;
-  line-height: 1;
+  line-height: 12px;
   text-overflow: ellipsis;
-  text-shadow: 0 1px 1px color-mix(in srgb, var(--bg) 72%, transparent);
   white-space: nowrap;
 }
 
 .budget-bar-text-start {
-  left: 6px;
+  left: 8px;
   transform: translateY(-50%);
 }
 
@@ -3572,7 +3634,7 @@ body.conversation-drawer-open {
 }
 
 .budget-bar-text-end {
-  right: 6px;
+  right: 8px;
   max-width: min(34%, 180px);
   text-align: right;
   transform: translateY(-50%);
@@ -3587,67 +3649,104 @@ body.conversation-drawer-open {
   border: 1px solid var(--border);
   border-radius: 999px;
   color: var(--text);
+  font-size: 11px;
   font-weight: 600;
   white-space: nowrap;
 }
 
-.budget-period-label::before {
-  content: "";
-  width: 6px;
-  height: 6px;
-  flex: 0 0 6px;
-  border-radius: 999px;
-  background: currentColor;
+.budget-period-icon {
+  width: 12px;
+  height: 12px;
+  flex: 0 0 12px;
+  stroke-width: 2.2;
 }
 
-.budget-period-label-hourly {
-  border-color: color-mix(in srgb, var(--accent) 48%, var(--border));
-  background: color-mix(in srgb, var(--accent) 10%, var(--bg));
-  color: var(--accent);
+.budget-period-label-monthly {
+  border-color: color-mix(in srgb, #30302c 62%, var(--border));
+  background: color-mix(in srgb, #30302c 12%, var(--bg));
+  color: color-mix(in srgb, #30302c 34%, var(--text) 66%);
 }
 
-.budget-period-label-daily {
-  border-color: color-mix(in srgb, var(--success) 42%, var(--border));
-  background: color-mix(in srgb, var(--success) 9%, var(--bg));
-  color: var(--success);
+.budget-period-label-weekly {
+  border-color: color-mix(in srgb, #68765c 62%, var(--border));
+  background: color-mix(in srgb, #68765c 12%, var(--bg));
+  color: #68765c;
 }
 
-.budget-period-label-weekly {
-  border-color: color-mix(in srgb, var(--warning) 45%, var(--border));
-  background: color-mix(in srgb, var(--warning) 10%, var(--bg));
-  color: var(--warning);
+.budget-period-label-daily {
+  border-color: color-mix(in srgb, #b5652d 62%, var(--border));
+  background: color-mix(in srgb, #b5652d 12%, var(--bg));
+  color: #b5652d;
 }
 
-.budget-period-label-monthly {
-  border-color: color-mix(in srgb, var(--accent-hover) 58%, var(--border));
-  background: color-mix(in srgb, var(--accent-hover) 16%, var(--bg));
-  color: var(--accent-hover);
-  box-shadow: inset 0 -2px 0 color-mix(in srgb, var(--accent-hover) 32%, transparent);
+.budget-period-label-hourly {
+  border-color: color-mix(in srgb, #783f22 62%, var(--border));
+  background: color-mix(in srgb, #783f22 12%, var(--bg));
+  color: #783f22;
 }
 
 .budget-period-label-custom {
   border-style: dashed;
-  border-color: color-mix(in srgb, var(--text-muted) 58%, var(--border));
-  background: color-mix(in srgb, var(--text-muted) 9%, var(--bg));
-  color: var(--text-muted);
+  border-color: color-mix(in srgb, #bfa584 68%, var(--border));
+  background: color-mix(in srgb, #bfa584 16%, var(--bg));
+  color: #8b6f4f;
 }
 
-.budget-period-label-custom::before {
-  background: transparent;
-  border: 1px solid currentColor;
+[data-theme="light"] .budget-period-label-monthly {
+  color: #30302c;
+}
+
+@media (prefers-color-scheme: light) {
+  :root:not([data-theme="dark"]) .budget-period-label-monthly {
+    color: #30302c;
+  }
 }
 
 .budget-row-actions {
   display: flex;
-  flex-direction: column;
+  flex-direction: row;
   flex-wrap: wrap;
+  align-items: center;
   justify-content: flex-end;
-  gap: 8px;
+  gap: 6px;
 }
 
 .budget-action-btn {
-  min-width: 82px;
+  width: 28px;
+  height: 28px;
+  min-width: 0;
+  gap: 0;
+  padding: 0;
   justify-content: center;
+  overflow: hidden;
+  white-space: nowrap;
+  transition:
+    width 0.18s ease,
+    border-color 0.15s,
+    background 0.15s,
+    color 0.15s;
+}
+
+.budget-action-btn:hover,
+.budget-action-btn:focus-visible {
+  width: 82px;
+  gap: 6px;
+  padding: 0 9px;
+}
+
+.budget-action-label {
+  max-width: 0;
+  overflow: hidden;
+  opacity: 0;
+  transition:
+    max-width 0.18s ease,
+    opacity 0.12s ease;
+}
+
+.budget-action-btn:hover .budget-action-label,
+.budget-action-btn:focus-visible .budget-action-label {
+  max-width: 58px;
+  opacity: 1;
 }
 
 .budget-action-btn-warning {
@@ -3715,6 +3814,18 @@ body.conversation-drawer-open {
   max-width: 460px;
 }
 
+.budget-override-dialog-backdrop {
+  z-index: 100;
+}
+
+.budget-override-dialog-shell {
+  z-index: 110;
+}
+
+.budget-override-dialog {
+  max-width: 460px;
+}
+
 .settings-refresh-icon,
 .alias-create-icon,
 .form-action-icon {
@@ -4042,22 +4153,13 @@ body.conversation-drawer-open {
   .budget-row {
     grid-template-columns: 1fr;
   }
-  .budget-row-head {
-    align-items: flex-start;
-    flex-direction: column;
-  }
-  .budget-row-actions {
-    justify-content: flex-start;
+  .budget-row-controls {
+    flex-wrap: wrap;
   }
   .budget-bar-line {
     grid-template-columns: 1fr;
     gap: 5px;
   }
-  .budget-period-window {
-    flex-direction: column;
-    gap: 4px;
-  }
-
   .form-grid {
     grid-template-columns: 1fr;
   }
diff --git a/internal/admin/dashboard/static/js/modules/budgets.js b/internal/admin/dashboard/static/js/modules/budgets.js
index e42b2c48..1fac84cd 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.js
+++ b/internal/admin/dashboard/static/js/modules/budgets.js
@@ -22,16 +22,20 @@
             budgetsAvailable: true,
             budgetsLoading: false,
             budgetFilter: '',
+            budgetSortBy: 'user_path',
             budgetError: '',
             budgetNotice: '',
             budgetFormOpen: false,
             budgetFormSubmitting: false,
             budgetFormError: '',
             budgetEditing: false,
+            budgetOverrideDialogOpen: false,
+            budgetOverridePendingPayload: null,
+            budgetOverrideExistingBudget: null,
             budgetResettingKey: '',
             budgetDeletingKey: '',
             budgetForm: {
-                user_path: '',
+                user_path: '/',
                 period: 'daily',
                 period_seconds: 86400,
                 amount: '',
@@ -46,7 +50,7 @@
 
             defaultBudgetForm() {
                 return {
-                    user_path: '',
+                    user_path: '/',
                     period: 'daily',
                     period_seconds: 86400,
                     amount: '',
@@ -106,6 +110,14 @@
                 return String(item && item.user_path || '') + ':' + String(item && item.period_seconds || '');
             },
 
+            existingBudgetForPayload(payload) {
+                if (!payload || !Array.isArray(this.budgets)) {
+                    return null;
+                }
+                const key = this.budgetKey(payload);
+                return this.budgets.find((item) => this.budgetKey(item) === key) || null;
+            },
+
             budgetUserPathValidationError(value) {
                 const trimmed = String(value || '').trim();
                 if (!trimmed) {
@@ -145,6 +157,18 @@
                 return canonical.length ? '/' + canonical.join('/') : '/';
             },
 
+            budgetInputUserPath(value) {
+                const body = String(value || '').trimStart().replace(/^\/+/, '');
+                return '/' + body;
+            },
+
+            setBudgetFormUserPath(value) {
+                if (!this.budgetForm) {
+                    return;
+                }
+                this.budgetForm.user_path = this.budgetInputUserPath(value);
+            },
+
             normalizeBudgetListPayload(payload) {
                 if (Array.isArray(payload)) {
                     return payload;
@@ -157,13 +181,40 @@
 
             filteredBudgets() {
                 const filter = String(this.budgetFilter || '').trim().toLowerCase();
+                let items = this.budgets;
                 if (!filter) {
-                    return this.budgets;
+                    items = this.budgets.slice();
+                } else {
+                    items = this.budgets.filter((item) => {
+                        return this.budgetFilterText(item).includes(filter);
+                    });
                 }
-                return this.budgets.filter((item) => {
-                    const userPath = String(item && item.user_path || '').toLowerCase();
-                    return userPath.includes(filter);
+                return this.sortBudgets(items);
+            },
+
+            budgetFilterText(item) {
+                const seconds = Number(item && item.period_seconds || 0);
+                return [
+                    item && item.user_path,
+                    this.budgetPeriodLabel(item),
+                    this.budgetPeriodFromSeconds(seconds),
+                    seconds ? String(seconds) + 's' : '',
+                    seconds ? String(seconds) + ' seconds' : ''
+                ].join(' ').toLowerCase();
+            },
+
+            sortBudgets(items) {
+                const sorted = Array.isArray(items) ? items.slice() : [];
+                const sortBy = String(this.budgetSortBy || 'user_path');
+                sorted.sort((a, b) => {
+                    const pathCompare = String(a && a.user_path || '').localeCompare(String(b && b.user_path || ''));
+                    const periodCompare = Number(b && b.period_seconds || 0) - Number(a && a.period_seconds || 0);
+                    if (sortBy === 'period') {
+                        return periodCompare || pathCompare;
+                    }
+                    return pathCompare || periodCompare;
                 });
+                return sorted;
             },
 
             async budgetResponseMessage(res, fallback) {
@@ -254,6 +305,7 @@
             },
 
             closeBudgetForm() {
+                this.closeBudgetOverrideDialog();
                 this.budgetFormOpen = false;
                 this.budgetFormSubmitting = false;
                 this.budgetFormError = '';
@@ -289,6 +341,63 @@
                 };
             },
 
+            openBudgetOverrideDialog(existing, payload) {
+                this.budgetOverrideExistingBudget = existing || null;
+                this.budgetOverridePendingPayload = payload || null;
+                this.budgetOverrideDialogOpen = true;
+                if (typeof this.renderIconsAfterUpdate === 'function') {
+                    this.renderIconsAfterUpdate();
+                }
+                if (typeof this.$nextTick === 'function') {
+                    this.$nextTick(() => {
+                        const refs = this.$refs || {};
+                        const button = refs.budgetOverrideCancelButton;
+                        if (button && typeof button.focus === 'function') {
+                            button.focus({ preventScroll: true });
+                        }
+                    });
+                }
+            },
+
+            closeBudgetOverrideDialog() {
+                this.budgetOverrideDialogOpen = false;
+                this.budgetOverridePendingPayload = null;
+                this.budgetOverrideExistingBudget = null;
+            },
+
+            budgetAmountLabel(value) {
+                const amount = Number(value);
+                if (!Number.isFinite(amount)) {
+                    return 'N/A';
+                }
+                if (typeof this.formatCost === 'function') {
+                    return this.formatCost(amount);
+                }
+                return '$' + amount.toFixed(4);
+            },
+
+            budgetOverrideDialogMessage() {
+                const payload = this.budgetOverridePendingPayload || {};
+                const existing = this.budgetOverrideExistingBudget || {};
+                const label = String(payload.user_path || existing.user_path || '') + ' ' + this.budgetPeriodLabel({
+                    period_seconds: payload.period_seconds || existing.period_seconds,
+                    period_label: existing.period_label
+                });
+                return 'A budget for "' + label + '" already exists. Saving will override the current '
+                    + this.budgetAmountLabel(existing.amount) + ' limit with '
+                    + this.budgetAmountLabel(payload.amount) + '.';
+            },
+
+            async confirmBudgetOverride() {
+                if (!this.budgetOverridePendingPayload) {
+                    this.closeBudgetOverrideDialog();
+                    return;
+                }
+                const payload = this.budgetOverridePendingPayload;
+                this.closeBudgetOverrideDialog();
+                await this.saveBudgetPayload(payload);
+            },
+
             async submitBudgetForm() {
                 if (this.budgetFormSubmitting) {
                     return;
@@ -297,6 +406,20 @@
                 if (!payload) {
                     return;
                 }
+                if (!this.budgetEditing) {
+                    const existing = this.existingBudgetForPayload(payload);
+                    if (existing) {
+                        this.openBudgetOverrideDialog(existing, payload);
+                        return;
+                    }
+                }
+                await this.saveBudgetPayload(payload);
+            },
+
+            async saveBudgetPayload(payload) {
+                if (this.budgetFormSubmitting || !payload) {
+                    return;
+                }
                 this.budgetFormSubmitting = true;
                 this.budgetFormError = '';
                 this.budgetError = '';
@@ -520,6 +643,51 @@
                 }
             },
 
+            budgetPeriodBarClass(item) {
+                return this.budgetPeriodClass(item).replace('budget-period-label-', 'budget-bar-fill-period-');
+            },
+
+            budgetPeriodTrackClass(item) {
+                return this.budgetPeriodClass(item).replace('budget-period-label-', 'budget-bar-track-period-');
+            },
+
+            budgetPeriodIcon(item) {
+                const seconds = Number(item && item.period_seconds || 0);
+                switch (seconds) {
+                case 3600:
+                    return 'clock';
+                case 86400:
+                    return 'sun';
+                case 604800:
+                    return 'calendar-days';
+                case 2592000:
+                    return 'calendar';
+                default:
+                    return 'settings-2';
+                }
+            },
+
+            budgetPeriodDurationLabel(item) {
+                const seconds = Number(item && item.period_seconds || 0);
+                switch (seconds) {
+                case 3600:
+                    return '1 hour';
+                case 86400:
+                    return '1 day';
+                case 604800:
+                    return '1 week';
+                case 2592000:
+                    return '1 month';
+                default:
+                    return this.formatBudgetPeriodSeconds(seconds);
+                }
+            },
+
+            formatBudgetPeriodSeconds(seconds) {
+                const normalized = Math.max(0, Math.trunc(Number(seconds || 0)));
+                return normalized + ' ' + (normalized === 1 ? 'second' : 'seconds');
+            },
+
             budgetSourceLabel(item) {
                 const source = String(item && item.source || '').trim();
                 return source || 'manual';
diff --git a/internal/admin/dashboard/static/js/modules/budgets.test.js b/internal/admin/dashboard/static/js/modules/budgets.test.js
index 9e40fad1..bb5c40d5 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.test.js
+++ b/internal/admin/dashboard/static/js/modules/budgets.test.js
@@ -81,6 +81,22 @@ test('budgetFormPayload normalizes user path and standard periods', () => {
     }));
 });
 
+test('setBudgetFormUserPath keeps the form input controlled with a leading slash', () => {
+    const module = createBudgetsModule();
+
+    assert.equal(module.defaultBudgetForm().user_path, '/');
+
+    module.budgetForm = module.defaultBudgetForm();
+    module.setBudgetFormUserPath('team/alpha');
+    assert.equal(module.budgetForm.user_path, '/team/alpha');
+
+    module.setBudgetFormUserPath('/platform/service');
+    assert.equal(module.budgetForm.user_path, '/platform/service');
+
+    module.setBudgetFormUserPath('');
+    assert.equal(module.budgetForm.user_path, '/');
+});
+
 test('fetchBudgets reads budget rows from the list envelope', async () => {
     let renderIconsCalls = 0;
     const module = createBudgetsModule({
@@ -111,24 +127,129 @@ test('fetchBudgets reads budget rows from the list envelope', async () => {
     assert.equal(renderIconsCalls, 1);
 });
 
-test('filteredBudgets filters only by user path', () => {
+test('submitBudgetForm asks for confirmation before a create overrides an existing budget', async () => {
+    const module = createBudgetsModule({
+        fetch() {
+            throw new Error('fetch should not be called before override confirmation');
+        }
+    });
+    module.budgets = [
+        { user_path: '/team', period_seconds: 86400, amount: 10, period_label: 'daily' }
+    ];
+    module.budgetForm = {
+        user_path: 'team',
+        period: 'daily',
+        period_seconds: 0,
+        amount: '12.5',
+        source: 'manual'
+    };
+
+    await module.submitBudgetForm();
+
+    assert.equal(module.budgetOverrideDialogOpen, true);
+    assert.equal(module.budgetFormSubmitting, false);
+    assert.equal(module.budgetOverrideExistingBudget.user_path, '/team');
+    assert.equal(JSON.stringify(module.budgetOverridePendingPayload), JSON.stringify({
+        user_path: '/team',
+        period_seconds: 86400,
+        amount: 12.5,
+        source: 'manual'
+    }));
+    assert.match(module.budgetOverrideDialogMessage(), /A budget for "\/team Daily" already exists/);
+    assert.match(module.budgetOverrideDialogMessage(), /override the current \$10\.0000 limit with \$12\.5000/);
+});
+
+test('confirmBudgetOverride saves the pending create after confirmation', async () => {
+    const requests = [];
+    const module = createBudgetsModule({
+        fetch(url, request) {
+            requests.push({ url, request });
+            return Promise.resolve({
+                status: 200,
+                ok: true,
+                json: () => Promise.resolve({
+                    budgets: [
+                        { user_path: '/team', period_seconds: 86400, amount: 12.5 }
+                    ]
+                })
+            });
+        }
+    });
+    module.requestOptions = (options) => options || {};
+    module.handleFetchResponse = () => true;
+    module.budgetFormOpen = true;
+    module.budgetOverrideDialogOpen = true;
+    module.budgetOverrideExistingBudget = { user_path: '/team', period_seconds: 86400, amount: 10 };
+    module.budgetOverridePendingPayload = {
+        user_path: '/team',
+        period_seconds: 86400,
+        amount: 12.5,
+        source: 'manual'
+    };
+
+    await module.confirmBudgetOverride();
+
+    assert.equal(requests.length, 2);
+    assert.equal(requests[0].url, '/admin/api/v1/budgets');
+    assert.equal(requests[0].request.method, 'PUT');
+    assert.equal(requests[0].request.body, JSON.stringify({
+        user_path: '/team',
+        period_seconds: 86400,
+        amount: 12.5,
+        source: 'manual'
+    }));
+    assert.equal(requests[1].url, '/admin/api/v1/budgets');
+    assert.equal(module.budgetOverrideDialogOpen, false);
+    assert.equal(module.budgetFormOpen, false);
+    assert.equal(module.budgetNotice, 'Budget saved.');
+    assert.equal(JSON.stringify(module.budgets), JSON.stringify([
+        { user_path: '/team', period_seconds: 86400, amount: 12.5 }
+    ]));
+});
+
+test('filteredBudgets filters by user path or period and applies selected sorting', () => {
     const module = createBudgetsModule();
     module.budgets = [
-        { user_path: '/team/alpha', period_label: 'daily' },
-        { user_path: '/team/beta', period_label: 'weekly' },
-        { user_path: '/platform', period_label: 'team' }
+        { user_path: '/team/beta', period_seconds: 604800, period_label: 'weekly' },
+        { user_path: '/team/alpha', period_seconds: 86400, period_label: 'daily' },
+        { user_path: '/platform', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/team/alpha', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/experiments', period_seconds: 777777, period_label: '777777s' }
     ];
 
     module.budgetFilter = 'TEAM/A';
     assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
-        { user_path: '/team/alpha', period_label: 'daily' }
+        { user_path: '/team/alpha', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/team/alpha', period_seconds: 86400, period_label: 'daily' }
     ]));
 
     module.budgetFilter = 'weekly';
-    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([]));
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
+        { user_path: '/team/beta', period_seconds: 604800, period_label: 'weekly' }
+    ]));
+
+    module.budgetFilter = 'custom';
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
+        { user_path: '/experiments', period_seconds: 777777, period_label: '777777s' }
+    ]));
 
     module.budgetFilter = '';
-    assert.equal(module.filteredBudgets(), module.budgets);
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
+        { user_path: '/experiments', period_seconds: 777777, period_label: '777777s' },
+        { user_path: '/platform', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/team/alpha', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/team/alpha', period_seconds: 86400, period_label: 'daily' },
+        { user_path: '/team/beta', period_seconds: 604800, period_label: 'weekly' }
+    ]));
+
+    module.budgetSortBy = 'period';
+    assert.equal(JSON.stringify(module.filteredBudgets()), JSON.stringify([
+        { user_path: '/platform', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/team/alpha', period_seconds: 2592000, period_label: 'monthly' },
+        { user_path: '/experiments', period_seconds: 777777, period_label: '777777s' },
+        { user_path: '/team/beta', period_seconds: 604800, period_label: 'weekly' },
+        { user_path: '/team/alpha', period_seconds: 86400, period_label: 'daily' }
+    ]));
 });
 
 test('budgetSourceTitle explains manual and config sources', () => {
@@ -144,14 +265,35 @@ test('budgetPeriodLabel and class distinguish standard and custom periods', () =
 
     assert.equal(module.budgetPeriodLabel({ period_seconds: 3600 }), 'Hourly');
     assert.equal(module.budgetPeriodClass({ period_seconds: 3600 }), 'budget-period-label-hourly');
+    assert.equal(module.budgetPeriodBarClass({ period_seconds: 3600 }), 'budget-bar-fill-period-hourly');
+    assert.equal(module.budgetPeriodTrackClass({ period_seconds: 3600 }), 'budget-bar-track-period-hourly');
+    assert.equal(module.budgetPeriodIcon({ period_seconds: 3600 }), 'clock');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 3600 }), '1 hour');
     assert.equal(module.budgetPeriodLabel({ period_seconds: 86400 }), 'Daily');
     assert.equal(module.budgetPeriodClass({ period_seconds: 86400 }), 'budget-period-label-daily');
+    assert.equal(module.budgetPeriodBarClass({ period_seconds: 86400 }), 'budget-bar-fill-period-daily');
+    assert.equal(module.budgetPeriodTrackClass({ period_seconds: 86400 }), 'budget-bar-track-period-daily');
+    assert.equal(module.budgetPeriodIcon({ period_seconds: 86400 }), 'sun');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 86400 }), '1 day');
     assert.equal(module.budgetPeriodLabel({ period_seconds: 604800 }), 'Weekly');
     assert.equal(module.budgetPeriodClass({ period_seconds: 604800 }), 'budget-period-label-weekly');
+    assert.equal(module.budgetPeriodBarClass({ period_seconds: 604800 }), 'budget-bar-fill-period-weekly');
+    assert.equal(module.budgetPeriodTrackClass({ period_seconds: 604800 }), 'budget-bar-track-period-weekly');
+    assert.equal(module.budgetPeriodIcon({ period_seconds: 604800 }), 'calendar-days');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 604800 }), '1 week');
     assert.equal(module.budgetPeriodLabel({ period_seconds: 2592000 }), 'Monthly');
     assert.equal(module.budgetPeriodClass({ period_seconds: 2592000 }), 'budget-period-label-monthly');
+    assert.equal(module.budgetPeriodBarClass({ period_seconds: 2592000 }), 'budget-bar-fill-period-monthly');
+    assert.equal(module.budgetPeriodTrackClass({ period_seconds: 2592000 }), 'budget-bar-track-period-monthly');
+    assert.equal(module.budgetPeriodIcon({ period_seconds: 2592000 }), 'calendar');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 2592000 }), '1 month');
     assert.equal(module.budgetPeriodLabel({ period_seconds: 7200, period_label: '7200s' }), 'Custom 7200s');
     assert.equal(module.budgetPeriodClass({ period_seconds: 7200 }), 'budget-period-label-custom');
+    assert.equal(module.budgetPeriodBarClass({ period_seconds: 7200 }), 'budget-bar-fill-period-custom');
+    assert.equal(module.budgetPeriodTrackClass({ period_seconds: 7200 }), 'budget-bar-track-period-custom');
+    assert.equal(module.budgetPeriodIcon({ period_seconds: 7200 }), 'settings-2');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 7200 }), '7200 seconds');
+    assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 1 }), '1 second');
 });
 
 test('deleteBudget posts the selected budget key and refreshes from the response envelope', async () => {
diff --git a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
index acd5496e..ab3b0b0e 100644
--- a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
+++ b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.js
@@ -89,6 +89,9 @@ test("sidebar and main content share the flex layout without manual content offs
 
   const collapsedSidebarRule = readCSSRule(css, ".sidebar.sidebar-collapsed");
   assert.match(collapsedSidebarRule, /flex-basis:\s*60px/);
+
+  const sidebarLogoRule = readCSSRule(css, ".sidebar-logo");
+  assert.match(sidebarLogoRule, /color:\s*var\(--accent\)/);
 });
 
 test("sidebar theme controls and collapse handle stay keyboard accessible", () => {
@@ -625,12 +628,26 @@ test("budget row record actions stack reset under edit", () => {
   );
   assert.match(
     indexTemplate,
-    /id="budget-filter"[\s\S]*placeholder="Filter by user path\.\.\."[\s\S]*aria-label="Filter budgets by user path"[\s\S]*x-model="budgetFilter"/,
+    /id="budget-filter"[\s\S]*placeholder="Filter by user path or period\.\.\."[\s\S]*aria-label="Filter budgets by user path or period"[\s\S]*x-model="budgetFilter"/,
+  );
+  assert.match(
+    indexTemplate,
+    /class="table-toolbar-actions budget-sort-control"[\s\S]*<label for="budget-sort-by">Sort by<\/label>[\s\S]*id="budget-sort-by"[\s\S]*aria-label="Sort budgets by"[\s\S]*x-model="budgetSortBy"[\s\S]*value="user_path">User Path[\s\S]*value="period">Period/,
   );
   assert.match(
     indexTemplate,
     /x-show="budgetEditing"[\s\S]*Editing a budget updates its limit only\. Use Reset to start a new budget period\./,
   );
+  assert.match(
+    indexTemplate,
+    /id="budget-user-path"[\s\S]*class="form-input"[\s\S]*placeholder="\/team\/alpha"[\s\S]*x-ref="budgetUserPathInput"[\s\S]*:value="budgetForm\.user_path"[\s\S]*@input="setBudgetFormUserPath\(\$event\.target\.value\)"[\s\S]*:disabled="budgetEditing"/,
+  );
+  assert.match(
+    indexTemplate,
+    /class="auth-dialog-backdrop budget-override-dialog-backdrop"[\s\S]*x-show="budgetOverrideDialogOpen"[\s\S]*id="budgetOverrideDialogTitle">Override Existing Budget<\/h2>[\s\S]*@submit\.prevent="confirmBudgetOverride\(\)"[\s\S]*id="budgetOverrideDialogDescription"[\s\S]*x-text="budgetOverrideDialogMessage\(\)"[\s\S]*<span x-text="budgetFormSubmitting \? 'Saving\.\.\.' : 'Override Budget'">Override Budget<\/span>/,
+  );
+  assert.match(readCSSRule(css, ".budget-override-dialog-backdrop"), /z-index:\s*100/);
+  assert.match(readCSSRule(css, ".budget-override-dialog-shell"), /z-index:\s*110/);
   assert.match(
     indexTemplate,
     /class="budget-list" x-show="filteredBudgets\(\)\.length > 0[\s\S]*<template x-for="item in filteredBudgets\(\)"[\s\S]*No budgets match your filter\./,
@@ -641,30 +658,83 @@ test("budget row record actions stack reset under edit", () => {
   );
   assert.match(
     indexTemplate,
-    /<div class="budget-row-actions">[\s\S]*class="table-action-btn budget-action-btn budget-action-btn-warning"[\s\S]*@click="resetBudget\(item\)"[\s\S]*Resetting\.\.\.[\s\S]*Reset[\s\S]*class="table-action-btn table-action-btn-danger budget-action-btn"[\s\S]*@click="deleteBudget\(item\)"[\s\S]*Deleting\.\.\.[\s\S]*Delete/,
+    /class="budget-row-head"[\s\S]*class="budget-user-path" :title="'User Path: ' \+ item\.user_path" x-text="item\.user_path"[\s\S]*class="budget-row-period"[\s\S]*class="budget-period-label" :class="budgetPeriodClass\(item\)"[\s\S]*:data-lucide="budgetPeriodIcon\(item\)" class="budget-period-icon"[\s\S]*x-text="budgetPeriodLabel\(item\)"[\s\S]*class="budget-row-controls"[\s\S]*class="budget-row-meta"[\s\S]*<div class="budget-row-actions">[\s\S]*title="Edit budget"[\s\S]*aria-label="Edit budget"[\s\S]*@click="openBudgetForm\(item\)"[\s\S]*class="budget-action-label">Edit<\/span>[\s\S]*class="table-action-btn budget-action-btn budget-action-btn-warning"[\s\S]*:title="budgetResettingKey === budgetKey\(item\) \? 'Resetting budget' : 'Reset budget'"[\s\S]*:aria-label="budgetResettingKey === budgetKey\(item\) \? 'Resetting budget' : 'Reset budget'"[\s\S]*@click="resetBudget\(item\)"[\s\S]*class="budget-action-label" x-text="budgetResettingKey === budgetKey\(item\) \? 'Resetting' : 'Reset'"[\s\S]*class="table-action-btn table-action-btn-danger budget-action-btn"[\s\S]*:title="budgetDeletingKey === budgetKey\(item\) \? 'Deleting budget' : 'Delete budget'"[\s\S]*:aria-label="budgetDeletingKey === budgetKey\(item\) \? 'Deleting budget' : 'Delete budget'"[\s\S]*@click="deleteBudget\(item\)"[\s\S]*class="budget-action-label" x-text="budgetDeletingKey === budgetKey\(item\) \? 'Deleting' : 'Delete'"/,
   );
   assert.match(
     indexTemplate,
-    /class="budget-row-head"[\s\S]*class="budget-user-path" x-text="item\.user_path"[\s\S]*class="budget-period-label" :class="budgetPeriodClass\(item\)" x-text="budgetPeriodLabel\(item\)"[\s\S]*class="budget-row-meta"/,
+    /:aria-label="'Budget usage: ' \+ formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\) \+ ', ' \+ budgetRemainingLabel\(item\)"[\s\S]*:style="'--budget-progress: ' \+ budgetUsagePercent\(item\) \+ '%'"[\s\S]*class="budget-bar-text budget-bar-text-center" x-text="formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="budgetRemainingLabel\(item\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
   );
   assert.match(
     indexTemplate,
-    /:aria-label="'Budget usage: ' \+ formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\) \+ ', ' \+ budgetRemainingLabel\(item\)"[\s\S]*:style="'--budget-progress: ' \+ budgetUsagePercent\(item\) \+ '%'"[\s\S]*class="budget-bar-text budget-bar-text-center" x-text="formatCost\(item\.spent\) \+ ' of ' \+ formatCost\(item\.amount\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="budgetRemainingLabel\(item\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
+    /class="budget-bar-percent" x-text="budgetUsagePercentLabel\(item\)"[\s\S]*class="budget-bar-percent" x-text="budgetPeriodPercentLabel\(item\)"/,
   );
   assert.match(
     indexTemplate,
-    /:style="'--budget-progress: ' \+ budgetPeriodPercent\(item\) \+ '%'"[\s\S]*class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp\(item\.period_start\)" :title="timestampTimeZoneTitle\(item\.period_start\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp\(item\.period_end\)" :title="timestampTimeZoneTitle\(item\.period_end\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
+    /:class="budgetPeriodTrackClass\(item\)"[\s\S]*:style="'--budget-progress: ' \+ budgetPeriodPercent\(item\) \+ '%'"[\s\S]*class="budget-bar-fill budget-bar-fill-period"[\s\S]*:class="budgetPeriodBarClass\(item\)"[\s\S]*class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp\(item\.period_start\)" :title="timestampTimeZoneTitle\(item\.period_start\)"[\s\S]*class="budget-bar-text budget-bar-text-center" x-text="budgetPeriodDurationLabel\(item\)"[\s\S]*class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp\(item\.period_end\)" :title="timestampTimeZoneTitle\(item\.period_end\)"[\s\S]*class="budget-bar-text-row budget-bar-text-row-on-fill"/,
   );
 
   const actionsRule = readCSSRule(css, ".budget-row-actions");
   assert.match(actionsRule, /display:\s*flex/);
-  assert.match(actionsRule, /flex-direction:\s*column/);
+  assert.match(actionsRule, /flex-direction:\s*row/);
+  assert.doesNotMatch(actionsRule, /margin-left:\s*auto/);
+
+  const rowHeadRule = readCSSRule(css, ".budget-row-head");
+  assert.match(rowHeadRule, /display:\s*grid/);
+  assert.match(rowHeadRule, /grid-template-columns:\s*minmax\(0,\s*1fr\) auto minmax\(0,\s*1fr\)/);
+  assert.doesNotMatch(css, /\.budget-row-head\s*\{[^}]*grid-template-columns:\s*1fr/);
+
+  const rowPeriodRule = readCSSRule(css, ".budget-row-period");
+  assert.match(rowPeriodRule, /justify-content:\s*center/);
+
+  const rowControlsRule = readCSSRule(css, ".budget-row-controls");
+  assert.match(rowControlsRule, /display:\s*flex/);
+  assert.match(rowControlsRule, /justify-content:\s*flex-end/);
+
+  const userPathRule = readCSSRule(css, ".budget-user-path");
+  assert.match(userPathRule, /justify-self:\s*start/);
+  assert.match(userPathRule, /width:\s*fit-content/);
+
+  const budgetActionButtonRule = readCSSRule(css, ".budget-action-btn");
+  assert.match(budgetActionButtonRule, /width:\s*28px/);
+  assert.match(budgetActionButtonRule, /height:\s*28px/);
+  assert.match(budgetActionButtonRule, /gap:\s*0/);
+  assert.match(budgetActionButtonRule, /padding:\s*0/);
+  assert.match(budgetActionButtonRule, /overflow:\s*hidden/);
+  assert.match(budgetActionButtonRule, /width 0\.18s ease/);
+
+  const budgetActionButtonHoverRule = readCSSRule(css, ".budget-action-btn:hover,\n.budget-action-btn:focus-visible");
+  assert.match(budgetActionButtonHoverRule, /width:\s*82px/);
+  assert.match(budgetActionButtonHoverRule, /gap:\s*6px/);
+  assert.match(budgetActionButtonHoverRule, /padding:\s*0 9px/);
+
+  const budgetActionLabelRule = readCSSRule(css, ".budget-action-label");
+  assert.match(budgetActionLabelRule, /max-width:\s*0/);
+  assert.match(budgetActionLabelRule, /opacity:\s*0/);
+
+  const budgetActionLabelHoverRule = readCSSRule(css, ".budget-action-btn:hover .budget-action-label,\n.budget-action-btn:focus-visible .budget-action-label");
+  assert.match(budgetActionLabelHoverRule, /max-width:\s*58px/);
+  assert.match(budgetActionLabelHoverRule, /opacity:\s*1/);
 
   const warningActionRule = readCSSRule(css, ".budget-action-btn-warning");
   assert.match(warningActionRule, /color:\s*var\(--warning\)/);
 
+  const budgetSortControlRule = readCSSRule(css, ".budget-sort-control");
+  assert.match(budgetSortControlRule, /align-items:\s*center/);
+  const budgetSortSelectRule = readCSSRule(css, ".budget-sort-select");
+  assert.match(budgetSortSelectRule, /background-color:\s*var\(--bg-surface\)/);
+  assert.match(budgetSortSelectRule, /min-width:\s*132px/);
+  const budgetSortSelectHoverRule = readCSSRule(css, ".budget-sort-select:hover");
+  assert.match(budgetSortSelectHoverRule, /background-color:\s*var\(--bg-surface-hover\)/);
+
+  assert.doesNotMatch(css, /\.budget-user-path-field\s*\{/);
+  assert.doesNotMatch(css, /\.budget-user-path-prefix\s*\{/);
+  assert.doesNotMatch(css, /\.budget-user-path-input\s*\{/);
+
   const budgetBarTrackRule = readCSSRule(css, ".budget-bar-track");
-  assert.match(budgetBarTrackRule, /height:\s*14px/);
+  assert.match(budgetBarTrackRule, /height:\s*16px/);
+
+  const budgetBarPercentRule = readCSSRule(css, ".budget-bar-percent");
+  assert.match(budgetBarPercentRule, /font-weight:\s*700/);
 
   const budgetBarTextRowRule = readCSSRule(css, ".budget-bar-text-row");
   assert.match(budgetBarTextRowRule, /position:\s*absolute/);
@@ -673,31 +743,54 @@ test("budget row record actions stack reset under edit", () => {
   const budgetBarTextOnFillRule = readCSSRule(css, ".budget-bar-text-row-on-fill");
   assert.match(budgetBarTextOnFillRule, /color:\s*#fff/);
   assert.match(budgetBarTextOnFillRule, /clip-path:\s*inset\(0 calc\(100% - var\(--budget-progress, 0%\)\) 0 0\)/);
+  assert.match(readCSSRule(css, ".budget-bar-track-period-custom .budget-bar-text-row-on-fill"), /color:\s*#3f332a/);
 
   const budgetBarTextRule = readCSSRule(css, ".budget-bar-text");
   assert.match(budgetBarTextRule, /position:\s*absolute/);
   assert.match(budgetBarTextRule, /max-width:\s*min\(44%, 190px\)/);
+  assert.match(budgetBarTextRule, /font-size:\s*11px/);
+  assert.match(budgetBarTextRule, /line-height:\s*12px/);
+  assert.doesNotMatch(budgetBarTextRule, /text-shadow/);
+
+  const budgetBarTextStartRule = readCSSRule(css, ".budget-bar-text-start");
+  assert.match(budgetBarTextStartRule, /left:\s*8px/);
+  const budgetBarTextEndRule = readCSSRule(css, ".budget-bar-text-end");
+  assert.match(budgetBarTextEndRule, /right:\s*8px/);
 
   const periodLabelRule = readCSSRule(css, ".budget-period-label");
+  assert.match(periodLabelRule, /padding:\s*2px 7px/);
+  assert.match(periodLabelRule, /font-size:\s*11px/);
   assert.match(periodLabelRule, /font-weight:\s*600/);
   assert.match(periodLabelRule, /display:\s*inline-flex/);
 
-  const periodLabelMarkerRule = readCSSRule(css, ".budget-period-label::before");
-  assert.match(periodLabelMarkerRule, /background:\s*currentColor/);
+  const periodIconRule = readCSSRule(css, ".budget-period-icon");
+  assert.match(periodIconRule, /width:\s*12px/);
+  assert.match(periodIconRule, /height:\s*12px/);
 
-  const hourlyPeriodRule = readCSSRule(css, ".budget-period-label-hourly");
-  assert.match(hourlyPeriodRule, /var\(--accent\)/);
-  assert.match(css, /\.budget-period-label-daily\s*\{/);
-  assert.match(css, /\.budget-period-label-weekly\s*\{/);
   const monthlyPeriodRule = readCSSRule(css, ".budget-period-label-monthly");
-  assert.match(monthlyPeriodRule, /var\(--accent-hover\)/);
-  assert.match(monthlyPeriodRule, /box-shadow:\s*inset 0 -2px 0/);
+  assert.match(monthlyPeriodRule, /#30302c/);
+  assert.match(monthlyPeriodRule, /color:\s*color-mix\(in srgb,\s*#30302c 34%,\s*var\(--text\) 66%\)/);
+  assert.doesNotMatch(monthlyPeriodRule, /box-shadow/);
+  assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-monthly'), /color:\s*#30302c/);
+  const weeklyPeriodRule = readCSSRule(css, ".budget-period-label-weekly");
+  assert.match(weeklyPeriodRule, /#68765c/);
+  assert.match(weeklyPeriodRule, /color:\s*#68765c/);
+  const dailyPeriodRule = readCSSRule(css, ".budget-period-label-daily");
+  assert.match(dailyPeriodRule, /#b5652d/);
+  assert.match(dailyPeriodRule, /color:\s*#b5652d/);
+  const hourlyPeriodRule = readCSSRule(css, ".budget-period-label-hourly");
+  assert.match(hourlyPeriodRule, /#783f22/);
+  assert.match(hourlyPeriodRule, /color:\s*#783f22/);
   const customPeriodRule = readCSSRule(css, ".budget-period-label-custom");
   assert.match(customPeriodRule, /border-style:\s*dashed/);
-  assert.match(customPeriodRule, /var\(--text-muted\)/);
-  const customMarkerRule = readCSSRule(css, ".budget-period-label-custom::before");
-  assert.match(customMarkerRule, /background:\s*transparent/);
-  assert.match(customMarkerRule, /border:\s*1px solid currentColor/);
+  assert.match(customPeriodRule, /#bfa584/);
+  assert.match(customPeriodRule, /color:\s*#8b6f4f/);
+
+  assert.match(readCSSRule(css, ".budget-bar-fill-period-monthly"), /background:\s*#30302c/);
+  assert.match(readCSSRule(css, ".budget-bar-fill-period-weekly"), /background:\s*#68765c/);
+  assert.match(readCSSRule(css, ".budget-bar-fill-period-daily"), /background:\s*#b5652d/);
+  assert.match(readCSSRule(css, ".budget-bar-fill-period-hourly"), /background:\s*#783f22/);
+  assert.match(readCSSRule(css, ".budget-bar-fill-period-custom"), /background:\s*#bfa584/);
 });
 
 test("usage request log toolbar puts search above the remaining filters", () => {
@@ -1064,6 +1157,7 @@ test("modal and conversation close controls use the shared dialog close style",
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close workflow editor"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close guardrail editor"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" aria-label="Close budget editor"[\s\S]*{{template "x-icon"}}/);
+  assert.match(indexTemplate, /class="auth-dialog-close dialog-close-btn" aria-label="Close budget override dialog"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn"[\s\S]*@click="closeAuthKeyForm\(\)"[\s\S]*{{template "x-icon"}}/);
   assert.match(indexTemplate, /class="dialog-close-btn" x-ref="conversationCloseBtn" aria-label="Close interactions"[\s\S]*{{template "x-icon"}}/);
   assert.doesNotMatch(indexTemplate, /alias-close-btn/);
@@ -1084,7 +1178,8 @@ test("modal escape handlers do not close editors behind the auth dialog", () =>
   assert.match(indexTemplate, /@keydown\.escape\.window="workflowFormOpen && !authDialogOpen && closeWorkflowForm\(\)"/);
   assert.match(indexTemplate, /@keydown\.escape\.window="guardrailFormOpen && !authDialogOpen && closeGuardrailForm\(\)"/);
   assert.match(indexTemplate, /@keydown\.escape\.window="authKeyFormOpen && !authDialogOpen && closeAuthKeyForm\(\)"/);
-  assert.match(indexTemplate, /@keydown\.escape\.window="budgetFormOpen && !authDialogOpen && closeBudgetForm\(\)"/);
+  assert.match(indexTemplate, /@keydown\.escape\.window="budgetFormOpen && !authDialogOpen && !budgetOverrideDialogOpen && closeBudgetForm\(\)"/);
+  assert.match(indexTemplate, /@keydown\.escape\.window="budgetOverrideDialogOpen && closeBudgetOverrideDialog\(\)"/);
 });
 
 test("overview interval controls are explicit non-submit buttons", () => {
diff --git a/internal/admin/dashboard/templates/page-budgets.html b/internal/admin/dashboard/templates/page-budgets.html
index 4d588b20..5ab9bdb5 100644
--- a/internal/admin/dashboard/templates/page-budgets.html
+++ b/internal/admin/dashboard/templates/page-budgets.html
@@ -43,11 +43,21 @@ <h2>Budgets</h2>
                 <input type="text"
                        id="budget-filter"
                        class="filter-input"
-                       placeholder="Filter by user path..."
-                       aria-label="Filter budgets by user path"
+                       placeholder="Filter by user path or period..."
+                       aria-label="Filter budgets by user path or period"
                        x-model="budgetFilter">
             </div>
         </div>
+        <div class="table-toolbar-actions budget-sort-control">
+            <label for="budget-sort-by">Sort by</label>
+            <select id="budget-sort-by"
+                    class="usage-log-select budget-sort-select"
+                    aria-label="Sort budgets by"
+                    x-model="budgetSortBy">
+                <option value="user_path">User Path</option>
+                <option value="period">Period</option>
+            </select>
+        </div>
     </div>
 
     <div class="editor-modal-backdrop"
@@ -60,7 +70,7 @@ <h2>Budgets</h2>
          x-show="budgetFormOpen"
          x-transition.opacity.duration.160ms
          @click="closeBudgetForm()"
-         @keydown.escape.window="budgetFormOpen && !authDialogOpen && closeBudgetForm()">
+         @keydown.escape.window="budgetFormOpen && !authDialogOpen && !budgetOverrideDialogOpen && closeBudgetForm()">
         <div class="model-editor budget-editor" x-show="budgetFormOpen" role="dialog" aria-modal="true" aria-label="Budget editor" @click.stop>
             <form class="form" @submit.prevent="submitBudgetForm()">
                 <div class="editor-header">
@@ -80,7 +90,8 @@ <h3 x-text="budgetEditing ? 'Edit Budget' : 'Create Budget'">Create Budget</h3>
                                type="text"
                                placeholder="/team/alpha"
                                x-ref="budgetUserPathInput"
-                               x-model="budgetForm.user_path"
+                               :value="budgetForm.user_path"
+                               @input="setBudgetFormUserPath($event.target.value)"
                                :disabled="budgetEditing">
                     </div>
                     <div class="form-field">
@@ -133,22 +144,95 @@ <h3 x-text="budgetEditing ? 'Edit Budget' : 'Create Budget'">Create Budget</h3>
         </div>
     </div>
 
+    <div class="auth-dialog-backdrop budget-override-dialog-backdrop"
+         x-cloak
+         x-show="budgetOverrideDialogOpen"
+         x-transition.opacity.duration.160ms
+         aria-hidden="true"></div>
+    <div class="auth-dialog-shell budget-override-dialog-shell"
+         x-cloak
+         x-show="budgetOverrideDialogOpen"
+         x-transition.opacity.duration.160ms
+         @click="closeBudgetOverrideDialog()"
+         @keydown.escape.window="budgetOverrideDialogOpen && closeBudgetOverrideDialog()">
+        <section class="auth-dialog budget-override-dialog"
+                 role="dialog"
+                 aria-modal="true"
+                 aria-labelledby="budgetOverrideDialogTitle"
+                 aria-describedby="budgetOverrideDialogDescription"
+                 @click.stop>
+            <div class="auth-dialog-header">
+                <h2 id="budgetOverrideDialogTitle">Override Existing Budget</h2>
+                <button type="button" class="auth-dialog-close dialog-close-btn" aria-label="Close budget override dialog" @click="closeBudgetOverrideDialog()">
+                    {{template "x-icon"}}
+                </button>
+            </div>
+            <form class="auth-dialog-form" @submit.prevent="confirmBudgetOverride()">
+                <p id="budgetOverrideDialogDescription" class="auth-dialog-hint" x-text="budgetOverrideDialogMessage()"></p>
+                <div class="auth-dialog-actions">
+                    <button type="button" class="pagination-btn" x-ref="budgetOverrideCancelButton" @click="closeBudgetOverrideDialog()">Cancel</button>
+                    <button type="submit"
+                            class="pagination-btn pagination-btn-danger pagination-btn-with-icon"
+                            :disabled="budgetFormSubmitting">
+                        <i data-lucide="save" class="form-action-icon" aria-hidden="true"></i>
+                        <span x-text="budgetFormSubmitting ? 'Saving...' : 'Override Budget'">Override Budget</span>
+                    </button>
+                </div>
+            </form>
+        </section>
+    </div>
+
     <div class="budget-list" x-show="filteredBudgets().length > 0 && budgetsAvailable && !authError">
         <template x-for="item in filteredBudgets()" :key="budgetKey(item)">
             <section class="budget-row">
                 <div class="budget-row-main">
                     <div class="budget-row-head">
-                        <code class="budget-user-path" x-text="item.user_path"></code>
-                        <span class="budget-period-label" :class="budgetPeriodClass(item)" x-text="budgetPeriodLabel(item)"></span>
-                        <div class="budget-row-meta">
-                            <span class="budget-source" x-text="budgetSourceLabel(item)" :title="budgetSourceTitle(item)"></span>
+                        <code class="budget-user-path" :title="'User Path: ' + item.user_path" x-text="item.user_path"></code>
+                        <div class="budget-row-period">
+                            <span class="budget-period-label" :class="budgetPeriodClass(item)">
+                                <i :data-lucide="budgetPeriodIcon(item)" class="budget-period-icon" aria-hidden="true"></i>
+                                <span x-text="budgetPeriodLabel(item)"></span>
+                            </span>
+                        </div>
+                        <div class="budget-row-controls">
+                            <div class="budget-row-meta">
+                                <span class="budget-source" x-text="budgetSourceLabel(item)" :title="budgetSourceTitle(item)"></span>
+                            </div>
+                            <div class="budget-row-actions">
+                                <button type="button"
+                                        class="table-action-btn budget-action-btn"
+                                        title="Edit budget"
+                                        aria-label="Edit budget"
+                                        @click="openBudgetForm(item)">
+                                    <i data-lucide="pencil" class="budget-action-icon" aria-hidden="true"></i>
+                                    <span class="budget-action-label">Edit</span>
+                                </button>
+                                <button type="button"
+                                        class="table-action-btn budget-action-btn budget-action-btn-warning"
+                                        :title="budgetResettingKey === budgetKey(item) ? 'Resetting budget' : 'Reset budget'"
+                                        :aria-label="budgetResettingKey === budgetKey(item) ? 'Resetting budget' : 'Reset budget'"
+                                        :disabled="budgetResettingKey === budgetKey(item)"
+                                        @click="resetBudget(item)">
+                                    <i data-lucide="rotate-ccw" class="budget-action-icon" aria-hidden="true"></i>
+                                    <span class="budget-action-label" x-text="budgetResettingKey === budgetKey(item) ? 'Resetting' : 'Reset'">Reset</span>
+                                </button>
+                                <button type="button"
+                                        class="table-action-btn table-action-btn-danger budget-action-btn"
+                                        :title="budgetDeletingKey === budgetKey(item) ? 'Deleting budget' : 'Delete budget'"
+                                        :aria-label="budgetDeletingKey === budgetKey(item) ? 'Deleting budget' : 'Delete budget'"
+                                        :disabled="budgetDeletingKey === budgetKey(item)"
+                                        @click="deleteBudget(item)">
+                                    <i data-lucide="trash-2" class="budget-action-icon" aria-hidden="true"></i>
+                                    <span class="budget-action-label" x-text="budgetDeletingKey === budgetKey(item) ? 'Deleting' : 'Delete'">Delete</span>
+                                </button>
+                            </div>
                         </div>
                     </div>
                     <div class="budget-bars">
                         <div class="budget-bar-line">
                             <div class="budget-bar-label">
                                 <span>Usage</span>
-                                <span x-text="budgetUsagePercentLabel(item)"></span>
+                                <span class="budget-bar-percent" x-text="budgetUsagePercentLabel(item)"></span>
                             </div>
                             <div class="budget-bar-track"
                                  role="progressbar"
@@ -173,9 +257,10 @@ <h3 x-text="budgetEditing ? 'Edit Budget' : 'Create Budget'">Create Budget</h3>
                         <div class="budget-bar-line">
                             <div class="budget-bar-label">
                                 <span>Period</span>
-                                <span x-text="budgetPeriodPercentLabel(item)"></span>
+                                <span class="budget-bar-percent" x-text="budgetPeriodPercentLabel(item)"></span>
                             </div>
                             <div class="budget-bar-track"
+                                 :class="budgetPeriodTrackClass(item)"
                                  role="progressbar"
                                  aria-label="Budget period elapsed"
                                  aria-valuemin="0"
@@ -183,39 +268,22 @@ <h3 x-text="budgetEditing ? 'Edit Budget' : 'Create Budget'">Create Budget</h3>
                                  :aria-valuenow="budgetPeriodPercent(item)"
                                  :style="'--budget-progress: ' + budgetPeriodPercent(item) + '%'">
                                 <div class="budget-bar-fill budget-bar-fill-period"
+                                     :class="budgetPeriodBarClass(item)"
                                      style="width: var(--budget-progress)"></div>
                                 <span class="budget-bar-text-row">
                                     <span class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp(item.period_start)" :title="timestampTimeZoneTitle(item.period_start)"></span>
+                                    <span class="budget-bar-text budget-bar-text-center" x-text="budgetPeriodDurationLabel(item)"></span>
                                     <span class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp(item.period_end)" :title="timestampTimeZoneTitle(item.period_end)"></span>
                                 </span>
                                 <span class="budget-bar-text-row budget-bar-text-row-on-fill" aria-hidden="true">
                                     <span class="budget-bar-text budget-bar-text-start" x-text="formatTimestamp(item.period_start)"></span>
+                                    <span class="budget-bar-text budget-bar-text-center" x-text="budgetPeriodDurationLabel(item)"></span>
                                     <span class="budget-bar-text budget-bar-text-end" x-text="formatTimestamp(item.period_end)"></span>
                                 </span>
                             </div>
                         </div>
                     </div>
                 </div>
-                <div class="budget-row-actions">
-                    <button type="button" class="table-action-btn budget-action-btn" @click="openBudgetForm(item)">
-                        <i data-lucide="pencil" class="budget-action-icon" aria-hidden="true"></i>
-                        <span>Edit</span>
-                    </button>
-                    <button type="button"
-                            class="table-action-btn budget-action-btn budget-action-btn-warning"
-                            :disabled="budgetResettingKey === budgetKey(item)"
-                            @click="resetBudget(item)">
-                        <i data-lucide="rotate-ccw" class="budget-action-icon" aria-hidden="true"></i>
-                        <span x-text="budgetResettingKey === budgetKey(item) ? 'Resetting...' : 'Reset'">Reset</span>
-                    </button>
-                    <button type="button"
-                            class="table-action-btn table-action-btn-danger budget-action-btn"
-                            :disabled="budgetDeletingKey === budgetKey(item)"
-                            @click="deleteBudget(item)">
-                        <i data-lucide="trash-2" class="budget-action-icon" aria-hidden="true"></i>
-                        <span x-text="budgetDeletingKey === budgetKey(item) ? 'Deleting...' : 'Delete'">Delete</span>
-                    </button>
-                </div>
             </section>
         </template>
     </div>

From 047a2ee9b1c769c36beb6bdcc25dc5adf5b2d3d9 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Sun, 26 Apr 2026 21:10:22 +0200
Subject: [PATCH 4/9] fix(budgets): require usage for budget enforcement

---
 config/config.go                            |   5 +-
 config/config_test.go                       |  16 +++
 internal/core/workflow.go                   |   5 +-
 internal/core/workflow_test.go              |  19 ++++
 internal/gateway/batch_orchestrator.go      |   9 ++
 internal/gateway/batch_orchestrator_test.go | 117 ++++++++++++++++++++
 internal/server/budget_support.go           |  13 ++-
 internal/server/budget_support_test.go      |  25 +++++
 internal/server/native_batch_service.go     |  13 ++-
 internal/workflows/types.go                 |   2 +-
 internal/workflows/types_test.go            |  39 +++++++
 11 files changed, 252 insertions(+), 11 deletions(-)

diff --git a/config/config.go b/config/config.go
index 5579b0f2..946bfdaf 100644
--- a/config/config.go
+++ b/config/config.go
@@ -377,7 +377,8 @@ type UsageConfig struct {
 // BudgetsConfig holds per-user-path spend limits.
 type BudgetsConfig struct {
 	// Enabled controls whether budget checks are active.
-	// Default: true. With no configured budgets, this has no effect.
+	// Default: true. Requires usage tracking because spend limits are evaluated
+	// from usage cost records.
 	Enabled bool `yaml:"enabled" env:"BUDGETS_ENABLED"`
 
 	// UserPaths declares budget limits by tracked user path.
@@ -1387,7 +1388,7 @@ func validateBudgetConfig(cfg *BudgetsConfig) error {
 }
 
 func validateBudgetDependencies(cfg *Config) error {
-	if cfg == nil || !cfg.Budgets.Enabled || len(cfg.Budgets.UserPaths) == 0 || cfg.Usage.Enabled {
+	if cfg == nil || !cfg.Budgets.Enabled || cfg.Usage.Enabled {
 		return nil
 	}
 	return fmt.Errorf("budgets require usage tracking to be enabled because spend limits are evaluated from usage cost records")
diff --git a/config/config_test.go b/config/config_test.go
index 6d2cb287..9e148508 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -269,6 +269,22 @@ func TestLoadBudgetEnvRequiresUsageTracking(t *testing.T) {
 	})
 }
 
+func TestLoadBudgetsEnabledRequiresUsageTrackingWithoutSeedBudgets(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("USAGE_ENABLED", "false")
+
+		_, err := Load()
+		if err == nil {
+			t.Fatal("expected Load() to fail when budgets are enabled while usage tracking is disabled")
+		}
+		if !strings.Contains(err.Error(), "budgets require usage tracking") {
+			t.Fatalf("Load() error = %v, want budget usage dependency error", err)
+		}
+	})
+}
+
 func TestLoadDisabledBudgetsIgnoreMalformedBudgetEnv(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
diff --git a/internal/core/workflow.go b/internal/core/workflow.go
index d0665bb2..7659e2a7 100644
--- a/internal/core/workflow.go
+++ b/internal/core/workflow.go
@@ -103,11 +103,12 @@ type WorkflowFeatures struct {
 
 // ApplyUpperBound returns features with process-level caps applied.
 func (f WorkflowFeatures) ApplyUpperBound(caps WorkflowFeatures) WorkflowFeatures {
+	usage := f.Usage && caps.Usage
 	return WorkflowFeatures{
 		Cache:      f.Cache && caps.Cache,
 		Audit:      f.Audit && caps.Audit,
-		Usage:      f.Usage && caps.Usage,
-		Budget:     f.Budget && caps.Budget,
+		Usage:      usage,
+		Budget:     usage && f.Budget && caps.Budget,
 		Guardrails: f.Guardrails && caps.Guardrails,
 		Fallback:   f.Fallback && caps.Fallback,
 	}
diff --git a/internal/core/workflow_test.go b/internal/core/workflow_test.go
index eb206e13..4f232eef 100644
--- a/internal/core/workflow_test.go
+++ b/internal/core/workflow_test.go
@@ -10,3 +10,22 @@ func TestNewWorkflowSelector_DropsInvalidUserPath(t *testing.T) {
 		t.Fatalf("UserPath = %q, want empty", selector.UserPath)
 	}
 }
+
+func TestWorkflowFeaturesApplyUpperBound_DisablesBudgetWhenUsageDisabled(t *testing.T) {
+	t.Parallel()
+
+	features := WorkflowFeatures{
+		Usage:  true,
+		Budget: true,
+	}.ApplyUpperBound(WorkflowFeatures{
+		Usage:  false,
+		Budget: true,
+	})
+
+	if features.Usage {
+		t.Fatal("ApplyUpperBound().Usage = true, want false")
+	}
+	if features.Budget {
+		t.Fatal("ApplyUpperBound().Budget = true, want false")
+	}
+}
diff --git a/internal/gateway/batch_orchestrator.go b/internal/gateway/batch_orchestrator.go
index 8a24f88f..7ad3a289 100644
--- a/internal/gateway/batch_orchestrator.go
+++ b/internal/gateway/batch_orchestrator.go
@@ -28,6 +28,7 @@ type BatchConfig struct {
 	CleanupStoredBatchRewrittenInputFile func(context.Context, *batchstore.StoredBatch) bool
 	UsageLogger                          usage.LoggerInterface
 	PricingResolver                      usage.PricingResolver
+	BudgetEnforcer                       func(context.Context) error
 }
 
 // BatchOrchestrator owns native batch lifecycle behavior independent of HTTP.
@@ -42,6 +43,7 @@ type BatchOrchestrator struct {
 	cleanupStoredBatchRewrittenInputFile func(context.Context, *batchstore.StoredBatch) bool
 	usageLogger                          usage.LoggerInterface
 	pricingResolver                      usage.PricingResolver
+	budgetEnforcer                       func(context.Context) error
 }
 
 // NewBatchOrchestrator creates a native batch orchestrator.
@@ -57,6 +59,7 @@ func NewBatchOrchestrator(cfg BatchConfig) *BatchOrchestrator {
 		cleanupStoredBatchRewrittenInputFile: cfg.CleanupStoredBatchRewrittenInputFile,
 		usageLogger:                          cfg.UsageLogger,
 		pricingResolver:                      cfg.PricingResolver,
+		budgetEnforcer:                       cfg.BudgetEnforcer,
 	}
 }
 
@@ -115,6 +118,12 @@ func (o *BatchOrchestrator) Create(ctx context.Context, req *core.BatchRequest,
 	if err != nil {
 		return nil, err
 	}
+	ctx = core.WithWorkflow(ctx, workflow)
+	if o.budgetEnforcer != nil {
+		if err := o.budgetEnforcer(ctx); err != nil {
+			return nil, err
+		}
+	}
 
 	forward := req
 	var preparedHints map[string]string
diff --git a/internal/gateway/batch_orchestrator_test.go b/internal/gateway/batch_orchestrator_test.go
index ab5313c0..b84e5851 100644
--- a/internal/gateway/batch_orchestrator_test.go
+++ b/internal/gateway/batch_orchestrator_test.go
@@ -3,6 +3,7 @@ package gateway
 import (
 	"context"
 	"errors"
+	"io"
 	"net/http"
 	"testing"
 
@@ -43,3 +44,119 @@ func TestBatchOrchestratorWorkflowForBatchNormalizesPolicyErrors(t *testing.T) {
 		t.Fatalf("gateway error type = %q, want %q", gatewayErr.Type, core.ErrorTypeProvider)
 	}
 }
+
+func TestBatchOrchestratorCreateEnforcesBudgetAfterWorkflowResolution(t *testing.T) {
+	t.Parallel()
+
+	provider := &batchBudgetProvider{}
+	budgetErr := errors.New("budget denied")
+	var budgetWorkflow *core.Workflow
+	var budgetRequestID string
+
+	orchestrator := NewBatchOrchestrator(BatchConfig{
+		Provider: provider,
+		WorkflowPolicyResolver: workflowPolicyResolverFunc(func(selector core.WorkflowSelector) (*core.ResolvedWorkflowPolicy, error) {
+			if selector.Provider != "openai" {
+				t.Fatalf("workflow selector provider = %q, want openai", selector.Provider)
+			}
+			return &core.ResolvedWorkflowPolicy{
+				VersionID: "workflow-budget-disabled",
+				Features: core.WorkflowFeatures{
+					Usage:  true,
+					Budget: false,
+				},
+			}, nil
+		}),
+		BudgetEnforcer: func(ctx context.Context) error {
+			budgetWorkflow = core.GetWorkflow(ctx)
+			budgetRequestID = core.GetRequestID(ctx)
+			return budgetErr
+		},
+	})
+
+	_, err := orchestrator.Create(context.Background(), &core.BatchRequest{
+		InputFileID: "file-123",
+		Endpoint:    "/v1/chat/completions",
+		Metadata: map[string]string{
+			"provider": "openai",
+		},
+	}, BatchMeta{
+		RequestID: "req-budget",
+		Endpoint:  core.DescribeEndpoint(http.MethodPost, "/v1/batches"),
+	})
+	if !errors.Is(err, budgetErr) {
+		t.Fatalf("Create() error = %v, want %v", err, budgetErr)
+	}
+	if budgetWorkflow == nil || budgetWorkflow.Policy == nil {
+		t.Fatal("budget enforcer did not receive resolved workflow")
+	}
+	if budgetWorkflow.Policy.VersionID != "workflow-budget-disabled" {
+		t.Fatalf("budget workflow version = %q, want workflow-budget-disabled", budgetWorkflow.Policy.VersionID)
+	}
+	if budgetRequestID != "req-budget" {
+		t.Fatalf("budget request id = %q, want req-budget", budgetRequestID)
+	}
+	if provider.createCalls != 0 {
+		t.Fatalf("provider CreateBatch calls = %d, want 0", provider.createCalls)
+	}
+}
+
+type batchBudgetProvider struct {
+	createCalls int
+}
+
+func (p *batchBudgetProvider) Supports(string) bool { return true }
+
+func (p *batchBudgetProvider) GetProviderType(string) string { return "openai" }
+
+func (p *batchBudgetProvider) GetProviderNameForType(providerType string) string { return providerType }
+
+func (p *batchBudgetProvider) ChatCompletion(context.Context, *core.ChatRequest) (*core.ChatResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) StreamChatCompletion(context.Context, *core.ChatRequest) (io.ReadCloser, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) ListModels(context.Context) (*core.ModelsResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) Responses(context.Context, *core.ResponsesRequest) (*core.ResponsesResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) StreamResponses(context.Context, *core.ResponsesRequest) (io.ReadCloser, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) Embeddings(context.Context, *core.EmbeddingRequest) (*core.EmbeddingResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) CreateBatch(_ context.Context, _ string, req *core.BatchRequest) (*core.BatchResponse, error) {
+	p.createCalls++
+	return &core.BatchResponse{
+		ID:        "provider-batch-123",
+		Endpoint:  req.Endpoint,
+		Status:    "validating",
+		CreatedAt: 1,
+	}, nil
+}
+
+func (p *batchBudgetProvider) GetBatch(context.Context, string, string) (*core.BatchResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) ListBatches(context.Context, string, int, string) (*core.BatchListResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) CancelBatch(context.Context, string, string) (*core.BatchResponse, error) {
+	return nil, nil
+}
+
+func (p *batchBudgetProvider) GetBatchResults(context.Context, string, string) (*core.BatchResultsResponse, error) {
+	return nil, nil
+}
diff --git a/internal/server/budget_support.go b/internal/server/budget_support.go
index 69dc69be..54a63017 100644
--- a/internal/server/budget_support.go
+++ b/internal/server/budget_support.go
@@ -21,14 +21,21 @@ func enforceBudget(c *echo.Context, checker BudgetChecker) error {
 	if checker == nil || c == nil || c.Request() == nil {
 		return nil
 	}
-	if workflow := core.GetWorkflow(c.Request().Context()); workflow != nil && !workflow.BudgetEnabled() {
+	return enforceBudgetForContext(c.Request().Context(), checker)
+}
+
+func enforceBudgetForContext(ctx context.Context, checker BudgetChecker) error {
+	if checker == nil || ctx == nil {
+		return nil
+	}
+	if workflow := core.GetWorkflow(ctx); workflow != nil && !workflow.BudgetEnabled() {
 		return nil
 	}
-	userPath := core.UserPathFromContext(c.Request().Context())
+	userPath := core.UserPathFromContext(ctx)
 	if userPath == "" {
 		userPath = "/"
 	}
-	if err := checker.Check(c.Request().Context(), userPath, time.Now().UTC()); err != nil {
+	if err := checker.Check(ctx, userPath, time.Now().UTC()); err != nil {
 		return budgetCheckError(err)
 	}
 	return nil
diff --git a/internal/server/budget_support_test.go b/internal/server/budget_support_test.go
index e4eb3ab6..99db79d6 100644
--- a/internal/server/budget_support_test.go
+++ b/internal/server/budget_support_test.go
@@ -61,3 +61,28 @@ func TestEnforceBudgetDefaultsEnabledWithoutWorkflow(t *testing.T) {
 		t.Fatalf("budget user path = %q, want /", checker.userPath)
 	}
 }
+
+func TestBatchBudgetEnforcerUsesResolvedWorkflow(t *testing.T) {
+	checker := &countingBudgetChecker{}
+	enforcer := batchBudgetEnforcer(checker)
+	if enforcer == nil {
+		t.Fatal("batchBudgetEnforcer() = nil, want function")
+	}
+
+	ctx := core.WithWorkflow(context.Background(), &core.Workflow{
+		Policy: &core.ResolvedWorkflowPolicy{
+			VersionID: "workflow-v1",
+			Features: core.WorkflowFeatures{
+				Usage:  true,
+				Budget: false,
+			},
+		},
+	})
+
+	if err := enforcer(ctx); err != nil {
+		t.Fatalf("batch budget enforcer returned error: %v", err)
+	}
+	if checker.calls != 0 {
+		t.Fatalf("budget checker was called %d times, want 0", checker.calls)
+	}
+}
diff --git a/internal/server/native_batch_service.go b/internal/server/native_batch_service.go
index bdc85d07..b4f8d9b9 100644
--- a/internal/server/native_batch_service.go
+++ b/internal/server/native_batch_service.go
@@ -47,6 +47,7 @@ func (s *nativeBatchService) batch() *gateway.BatchOrchestrator {
 		CleanupStoredBatchRewrittenInputFile: s.cleanupStoredBatchRewrittenInputFile,
 		UsageLogger:                          s.usageLogger,
 		PricingResolver:                      s.pricingResolver,
+		BudgetEnforcer:                       batchBudgetEnforcer(s.budgetChecker),
 	})
 	return s.orchestrator
 }
@@ -56,9 +57,6 @@ func (s *nativeBatchService) Batches(c *echo.Context) error {
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
-	if err := enforceBudget(c, s.budgetChecker); err != nil {
-		return handleError(c, err)
-	}
 
 	ctx, requestID := requestContextWithRequestID(c.Request())
 	result, err := s.batch().Create(ctx, req, batchRequestMeta(c, requestID))
@@ -169,6 +167,15 @@ func batchIDFromRequest(c *echo.Context) (string, error) {
 	return id, nil
 }
 
+func batchBudgetEnforcer(checker BudgetChecker) func(context.Context) error {
+	if checker == nil {
+		return nil
+	}
+	return func(ctx context.Context) error {
+		return enforceBudgetForContext(ctx, checker)
+	}
+}
+
 func auditBatchEntry(c *echo.Context, providerType string) {
 	if c == nil {
 		return
diff --git a/internal/workflows/types.go b/internal/workflows/types.go
index a1d86086..a8f51d8a 100644
--- a/internal/workflows/types.go
+++ b/internal/workflows/types.go
@@ -94,7 +94,7 @@ func (f FeatureFlags) runtimeFeatures() core.WorkflowFeatures {
 		Cache:      f.Cache,
 		Audit:      f.Audit,
 		Usage:      f.Usage,
-		Budget:     budget,
+		Budget:     f.Usage && budget,
 		Guardrails: f.Guardrails,
 		Fallback:   fallback,
 	}
diff --git a/internal/workflows/types_test.go b/internal/workflows/types_test.go
index 6d858d05..0b69318f 100644
--- a/internal/workflows/types_test.go
+++ b/internal/workflows/types_test.go
@@ -123,6 +123,45 @@ func TestFeatureFlagsRuntimeFeatures_FallbackDefaultsToTrue(t *testing.T) {
 	}
 }
 
+func TestFeatureFlagsRuntimeFeatures_DisablesBudgetWhenUsageDisabled(t *testing.T) {
+	t.Parallel()
+
+	explicitBudget := true
+	tests := []struct {
+		name   string
+		flags  FeatureFlags
+		budget bool
+	}{
+		{
+			name:   "implicit budget",
+			flags:  FeatureFlags{Usage: false},
+			budget: false,
+		},
+		{
+			name:   "explicit budget",
+			flags:  FeatureFlags{Usage: false, Budget: &explicitBudget},
+			budget: false,
+		},
+		{
+			name:   "usage enabled",
+			flags:  FeatureFlags{Usage: true, Budget: &explicitBudget},
+			budget: true,
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			features := tt.flags.runtimeFeatures()
+			if features.Budget != tt.budget {
+				t.Fatalf("runtimeFeatures().Budget = %v, want %v", features.Budget, tt.budget)
+			}
+		})
+	}
+}
+
 func TestNormalizePayload_CanonicalizesFallbackForStableWorkflowHash(t *testing.T) {
 	explicitTrue := true
 

From 10efcd50337cfadcb8192eb9811d9a33efe6eb32 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Sun, 26 Apr 2026 22:14:15 +0200
Subject: [PATCH 5/9] fix(budgets): harden budget admin and config handling

---
 CHANGELOG.md                                  |   7 +
 config/config.example.yaml                    |   2 +-
 config/config.go                              |  30 ++--
 config/config_test.go                         |  74 +++++++--
 docs/advanced/admin-endpoints.mdx             |  11 +-
 docs/advanced/configuration.mdx               |  25 ++-
 docs/features/budgets.mdx                     |  33 ++--
 docs/openapi.json                             |  85 ++++++----
 .../admin/dashboard/static/css/dashboard.css  |  40 ++++-
 .../admin/dashboard/static/js/dashboard.js    |   6 -
 .../dashboard/static/js/modules/budgets.js    |  67 +++++---
 .../static/js/modules/budgets.test.cjs        |  35 ++--
 .../js/modules/dashboard-layout.test.cjs      |  12 +-
 .../dashboard/templates/page-settings.html    |   2 +-
 internal/admin/handler.go                     | 137 ++++++++++------
 internal/admin/handler_budgets_test.go        | 149 +++++++++++++++++-
 internal/app/app.go                           |   8 +
 internal/auditlog/middleware.go               |   4 +-
 internal/budget/factory.go                    |   2 +-
 internal/budget/service.go                    |   4 +-
 internal/budget/service_test.go               |  93 ++++++++++-
 internal/budget/settings_helpers.go           |  29 ++--
 internal/budget/store_mongodb.go              |  58 +++++--
 internal/budget/types_test.go                 | 120 +++++++++++---
 internal/core/workflow_test.go                |  46 ++++--
 internal/server/budget_support.go             |  44 +++++-
 internal/server/budget_support_test.go        |  64 ++++++++
 internal/server/error_support.go              |  26 ++-
 internal/server/http.go                       |   4 +-
 .../server/translated_inference_service.go    |   4 +
 internal/usage/cache_type.go                  |  18 ++-
 internal/usage/cache_type_test.go             |  15 ++
 internal/workflows/types.go                   |  23 ++-
 internal/workflows/types_test.go              |  14 +-
 34 files changed, 1023 insertions(+), 268 deletions(-)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..2f569698
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,7 @@
+# Changelog
+
+## Unreleased
+
+### Migration notes
+
+- Budget management depends on usage tracking. If `USAGE_ENABLED=false`, GoModel starts with budgets disabled and logs a warning even when `BUDGETS_ENABLED=true`; enable both `USAGE_ENABLED` and `BUDGETS_ENABLED` to enforce budgets.
diff --git a/config/config.example.yaml b/config/config.example.yaml
index 1a343a6b..bb3ff27c 100644
--- a/config/config.example.yaml
+++ b/config/config.example.yaml
@@ -92,7 +92,7 @@ budgets:
   enabled: true # env: BUDGETS_ENABLED; with no configured budgets this has no effect
   user_paths:
     # Env equivalent:
-    # SET_BUDGET_USER_PATH_EXAMPLE="daily=10,weekly=50"
+    # SET_BUDGET_USER__PATH__EXAMPLE="daily=10,weekly=50"
     - path: "/user/path/example"
       limits:
         - period: "daily" # hourly, daily, weekly, monthly; stored in DB as period_seconds
diff --git a/config/config.go b/config/config.go
index 5a8dbe6e..90585049 100644
--- a/config/config.go
+++ b/config/config.go
@@ -6,11 +6,13 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"log/slog"
 	"math"
 	"os"
 	"path"
 	"reflect"
 	"regexp"
+	"sort"
 	"strconv"
 	"strings"
 	"time"
@@ -1090,15 +1092,13 @@ func Load() (*LoadResult, error) {
 	if err := applyEnvOverrides(cfg); err != nil {
 		return nil, err
 	}
+	applyBudgetDependencies(cfg)
 	if err := applyBudgetEnv(cfg); err != nil {
 		return nil, err
 	}
 	if err := validateBudgetConfig(&cfg.Budgets); err != nil {
 		return nil, err
 	}
-	if err := validateBudgetDependencies(cfg); err != nil {
-		return nil, err
-	}
 	cfg.Server.BasePath = NormalizeBasePath(cfg.Server.BasePath)
 	cfg.Models.ConfiguredProviderModelsMode = ResolveConfiguredProviderModelsMode(cfg.Models.ConfiguredProviderModelsMode)
 	if !cfg.Models.ConfiguredProviderModelsMode.Valid() {
@@ -1331,12 +1331,12 @@ func applyBudgetEnv(cfg *Config) error {
 }
 
 func budgetEnvPath(suffix string) string {
-	suffix = strings.Trim(strings.ToLower(strings.TrimSpace(suffix)), "_")
+	suffix = strings.ToLower(strings.TrimSpace(suffix))
 	if suffix == "" {
 		return "/"
 	}
 	segments := make([]string, 0)
-	for _, part := range strings.Split(suffix, "_") {
+	for _, part := range strings.Split(suffix, "__") {
 		part = strings.TrimSpace(part)
 		if part != "" {
 			segments = append(segments, part)
@@ -1359,8 +1359,13 @@ func parseBudgetEnvLimits(raw string) ([]BudgetLimitConfig, error) {
 			return nil, err
 		}
 		limits := make([]BudgetLimitConfig, 0, len(values))
-		for period, amount := range values {
-			limits = append(limits, BudgetLimitConfig{Period: period, Amount: amount})
+		periods := make([]string, 0, len(values))
+		for period := range values {
+			periods = append(periods, period)
+		}
+		sort.Strings(periods)
+		for _, period := range periods {
+			limits = append(limits, BudgetLimitConfig{Period: period, Amount: values[period]})
 		}
 		return limits, nil
 	}
@@ -1427,11 +1432,16 @@ func validateBudgetConfig(cfg *BudgetsConfig) error {
 	return nil
 }
 
-func validateBudgetDependencies(cfg *Config) error {
+func applyBudgetDependencies(cfg *Config) {
 	if cfg == nil || !cfg.Budgets.Enabled || cfg.Usage.Enabled {
-		return nil
+		return
 	}
-	return fmt.Errorf("budgets require usage tracking to be enabled because spend limits are evaluated from usage cost records")
+	cfg.Budgets.Enabled = false
+	slog.Warn("budget management disabled because usage tracking is disabled",
+		"usage_enabled", false,
+		"budgets_enabled", false,
+		"hint", "enable usage tracking to use budgets, or set BUDGETS_ENABLED=false to silence this warning",
+	)
 }
 
 func budgetPeriodSeconds(period string) (int64, bool) {
diff --git a/config/config_test.go b/config/config_test.go
index 8483587d..182511dd 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -226,7 +226,7 @@ func TestLoadBudgetEnvUserPath(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
 	withTempDir(t, func(string) {
-		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "daily=12.5,weekly=50")
+		t.Setenv("SET_BUDGET_USER__PATH__EXAMPLE", "daily=12.5,weekly=50")
 
 		result, err := Load()
 		if err != nil {
@@ -258,35 +258,79 @@ func TestLoadBudgetEnvUserPath(t *testing.T) {
 	})
 }
 
-func TestLoadBudgetEnvRequiresUsageTracking(t *testing.T) {
+func TestBudgetEnvPathUsesDoubleUnderscoreSeparator(t *testing.T) {
+	tests := []struct {
+		name   string
+		suffix string
+		want   string
+	}{
+		{name: "root", suffix: "", want: "/"},
+		{name: "double underscore separator", suffix: "TEAM__ALPHA", want: "/team/alpha"},
+		{name: "single underscore preserved", suffix: "USER_123", want: "/user_123"},
+		{name: "single underscores preserved per segment", suffix: "USER_123__PROJECT_A", want: "/user_123/project_a"},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := budgetEnvPath(tt.suffix); got != tt.want {
+				t.Fatalf("budgetEnvPath(%q) = %q, want %q", tt.suffix, got, tt.want)
+			}
+		})
+	}
+}
+
+func TestLoadBudgetEnvJSONLimitsAreSorted(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("SET_BUDGET_TEAM__ALPHA", `{"weekly":50,"daily":10,"monthly":100}`)
+
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
+		}
+
+		limits := result.Config.Budgets.UserPaths[0].Limits
+		got := []string{limits[0].Period, limits[1].Period, limits[2].Period}
+		want := []string{"daily", "monthly", "weekly"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("period order = %v, want %v", got, want)
+		}
+	})
+}
+
+func TestLoadBudgetEnvDisablesBudgetsWhenUsageTrackingDisabled(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
 	withTempDir(t, func(string) {
 		t.Setenv("USAGE_ENABLED", "false")
-		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "daily=12.5")
+		t.Setenv("SET_BUDGET_USER__PATH__EXAMPLE", "daily=12.5")
 
-		_, err := Load()
-		if err == nil {
-			t.Fatal("expected Load() to fail when budgets are configured while usage tracking is disabled")
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
 		}
-		if !strings.Contains(err.Error(), "budgets require usage tracking") {
-			t.Fatalf("Load() error = %v, want budget usage dependency error", err)
+		if result.Config.Budgets.Enabled {
+			t.Fatal("expected budgets to be disabled when usage tracking is disabled")
+		}
+		if len(result.Config.Budgets.UserPaths) != 0 {
+			t.Fatalf("expected auto-disabled budgets to ignore env user paths, got %d", len(result.Config.Budgets.UserPaths))
 		}
 	})
 }
 
-func TestLoadBudgetsEnabledRequiresUsageTrackingWithoutSeedBudgets(t *testing.T) {
+func TestLoadBudgetsEnabledDisablesBudgetsWhenUsageTrackingDisabledWithoutSeedBudgets(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
 	withTempDir(t, func(string) {
 		t.Setenv("USAGE_ENABLED", "false")
 
-		_, err := Load()
-		if err == nil {
-			t.Fatal("expected Load() to fail when budgets are enabled while usage tracking is disabled")
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
 		}
-		if !strings.Contains(err.Error(), "budgets require usage tracking") {
-			t.Fatalf("Load() error = %v, want budget usage dependency error", err)
+		if result.Config.Budgets.Enabled {
+			t.Fatal("expected budgets to be disabled when usage tracking is disabled")
 		}
 	})
 }
@@ -296,7 +340,7 @@ func TestLoadDisabledBudgetsIgnoreMalformedBudgetEnv(t *testing.T) {
 
 	withTempDir(t, func(string) {
 		t.Setenv("BUDGETS_ENABLED", "false")
-		t.Setenv("SET_BUDGET_USER_PATH_EXAMPLE", "not-a-budget-limit")
+		t.Setenv("SET_BUDGET_USER__PATH__EXAMPLE", "not-a-budget-limit")
 
 		result, err := Load()
 		if err != nil {
diff --git a/docs/advanced/admin-endpoints.mdx b/docs/advanced/admin-endpoints.mdx
index ec74aa17..1f2edd0a 100644
--- a/docs/advanced/admin-endpoints.mdx
+++ b/docs/advanced/admin-endpoints.mdx
@@ -130,15 +130,18 @@ available when budget management is enabled.
 | Method   | Path                                  | Description                          |
 | -------- | ------------------------------------- | ------------------------------------ |
 | `GET`    | `/admin/api/v1/budgets`               | List budgets with current status     |
-| `PUT`    | `/admin/api/v1/budgets`               | Create or update one budget          |
-| `DELETE` | `/admin/api/v1/budgets`               | Delete one budget                    |
+| `PUT`    | `/admin/api/v1/budgets/{user_path}/{period}` | Create or update one budget          |
+| `DELETE` | `/admin/api/v1/budgets/{user_path}/{period}` | Delete one budget                    |
 | `GET`    | `/admin/api/v1/budgets/settings`      | Read budget reset settings           |
 | `PUT`    | `/admin/api/v1/budgets/settings`      | Update budget reset settings         |
 | `POST`   | `/admin/api/v1/budgets/reset-one`     | Reset one budget period              |
 | `POST`   | `/admin/api/v1/budgets/reset`         | Reset all budget periods             |
 
-`PUT`, `DELETE`, and `reset-one` identify periods by either `period` (`hourly`,
-`daily`, `weekly`, `monthly`) or `period_seconds`.
+`PUT`, `DELETE`, and `reset-one` identify one budget by the composite
+`(user_path, period)` key, or `(user_path, period_seconds)` for custom periods.
+These operations are not global per period. For the path-scoped `PUT` and
+`DELETE` routes, URL-encode `user_path`; see [Budgets](/features/budgets) for
+the request shape.
 
 See [Budgets](/features/budgets) for request examples and enforcement behavior.
 
diff --git a/docs/advanced/configuration.mdx b/docs/advanced/configuration.mdx
index 3f638e2e..fb03a177 100644
--- a/docs/advanced/configuration.mdx
+++ b/docs/advanced/configuration.mdx
@@ -115,16 +115,31 @@ Storage is shared by audit logging, usage tracking, and future features like IAM
 
 #### Budgets
 
-Budgets use tracked usage cost records, so budget limits require
-`USAGE_ENABLED=true`.
+Budgets use tracked usage cost records. If usage tracking is disabled, GoModel
+starts with budget management disabled and logs a warning.
 
 | Variable            | Description                                             | Default |
 | ------------------- | ------------------------------------------------------- | ------- |
-| `BUDGETS_ENABLED`   | Enable budget management and workflow budget checks     | `true`  |
+| `BUDGETS_ENABLED`   | Enable budget management and workflow budget checks when usage tracking is enabled | `true`  |
 | `SET_BUDGET_<PATH>` | Seed budget limits for a user path, such as `daily=10` | _(empty)_ |
 
-For example, `SET_BUDGET_TEAM_ALPHA="daily=10,weekly=50"` configures limits
-for `/team/alpha`. `SET_BUDGET_="monthly=500"` configures the root path `/`.
+`SET_BUDGET_<PATH>` supports the standard periods `hourly`, `daily`, `weekly`,
+and `monthly`. The `<PATH>` suffix is lowercased; use double underscores
+(`__`) between path segments, while single underscores stay inside a segment.
+For example, `SET_BUDGET_TEAM__ALPHA__SERVICE="daily=10"` configures
+`/team/alpha/service`, and `SET_BUDGET_TEAM_ALPHA="daily=10"` configures
+`/team_alpha`. This differs from provider `<SUFFIX>` variables below, which
+convert underscores to hyphens in provider names.
+
+`SET_BUDGET_="monthly=500"` means a literal environment variable named
+`SET_BUDGET_`, which configures the root path `/`. POSIX permits that name, but
+some shells and orchestrators, including some Kubernetes validators, may reject
+it. Use YAML or the dashboard when your environment cannot set it.
+
+Migration note: budget management depends on usage tracking. If
+`USAGE_ENABLED=false`, GoModel starts with budgets disabled and logs a warning,
+even when `BUDGETS_ENABLED=true`. Set both `USAGE_ENABLED=true` and
+`BUDGETS_ENABLED=true` to enforce budgets.
 
 See [Budgets](/features/budgets) for YAML examples, periods, matching, and
 workflow enforcement.
diff --git a/docs/features/budgets.mdx b/docs/features/budgets.mdx
index b47e5b66..23e000de 100644
--- a/docs/features/budgets.mdx
+++ b/docs/features/budgets.mdx
@@ -38,8 +38,8 @@ records:
 USAGE_ENABLED=true
 ```
 
-If you configure budget limits while usage tracking is disabled, GoModel rejects
-the configuration.
+If usage tracking is disabled, GoModel starts with budget management disabled
+and logs a warning.
 
 ## Create budgets
 
@@ -73,15 +73,20 @@ budgets:
 Or use environment variables:
 
 ```env
-SET_BUDGET_TEAM_ALPHA="daily=10,weekly=50"
+SET_BUDGET_TEAM__ALPHA="daily=10,weekly=50"
 SET_BUDGET_="monthly=500"
 ```
 
-The suffix after `SET_BUDGET_` becomes a slash-separated user path:
+The suffix after `SET_BUDGET_` becomes a user path. Use double underscores
+(`__`) between path segments; single underscores remain part of a segment:
 
-- `SET_BUDGET_TEAM_ALPHA` -> `/team/alpha`
+- `SET_BUDGET_TEAM__ALPHA` -> `/team/alpha`
+- `SET_BUDGET_USER_123` -> `/user_123`
 - `SET_BUDGET_` -> `/`
 
+There is no escape for a literal double underscore inside a path segment. Use
+YAML or the dashboard for paths that need a `__` segment value.
+
 Supported standard periods are:
 
 | Period    | Seconds   |
@@ -91,6 +96,11 @@ Supported standard periods are:
 | `weekly`  | `604800`  |
 | `monthly` | `2592000` |
 
+The Seconds column is the internal period identifier. Standard periods use the
+configured reset-anchor logic; for example, `monthly` is stored as `2592000` but
+resets on calendar month anchors and clamps the reset day to shorter months.
+Only custom `period_seconds` values behave as fixed-second windows.
+
 For custom windows, set `period_seconds` in YAML:
 
 ```yaml
@@ -178,12 +188,10 @@ curl -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
 Create or update a budget:
 
 ```bash
-curl -X PUT http://localhost:8080/admin/api/v1/budgets \
+curl -X PUT http://localhost:8080/admin/api/v1/budgets/%2Fteam%2Falpha/daily \
   -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
   -H "Content-Type: application/json" \
   -d '{
-    "user_path": "/team/alpha",
-    "period": "daily",
     "amount": 10.00
   }'
 ```
@@ -191,13 +199,8 @@ curl -X PUT http://localhost:8080/admin/api/v1/budgets \
 Delete a budget:
 
 ```bash
-curl -X DELETE http://localhost:8080/admin/api/v1/budgets \
-  -H "Authorization: Bearer $GOMODEL_MASTER_KEY" \
-  -H "Content-Type: application/json" \
-  -d '{
-    "user_path": "/team/alpha",
-    "period": "daily"
-  }'
+curl -X DELETE http://localhost:8080/admin/api/v1/budgets/%2Fteam%2Falpha/daily \
+  -H "Authorization: Bearer $GOMODEL_MASTER_KEY"
 ```
 
 See [Admin Endpoints](/advanced/admin-endpoints) for the endpoint list.
diff --git a/docs/openapi.json b/docs/openapi.json
index 1879bb8c..ce0ed90b 100644
--- a/docs/openapi.json
+++ b/docs/openapi.json
@@ -273,12 +273,34 @@
             "BearerAuth": []
           }
         ]
-      },
+      }
+    },
+    "/admin/api/v1/budgets/{user_path}/{period}": {
       "put": {
         "tags": [
           "admin"
         ],
         "summary": "Create or update one budget",
+        "parameters": [
+          {
+            "description": "URL-encoded budget user path",
+            "name": "user_path",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "description": "Budget period name or seconds",
+            "name": "period",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
         "requestBody": {
           "content": {
             "application/json": {
@@ -287,7 +309,7 @@
               }
             }
           },
-          "description": "Budget definition",
+          "description": "Budget amount",
           "required": true
         },
         "responses": {
@@ -343,17 +365,26 @@
           "admin"
         ],
         "summary": "Delete one budget",
-        "requestBody": {
-          "content": {
-            "application/json": {
-              "schema": {
-                "$ref": "#/components/schemas/admin.deleteBudgetRequest"
-              }
+        "parameters": [
+          {
+            "description": "URL-encoded budget user path",
+            "name": "user_path",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
             }
           },
-          "description": "Budget key",
-          "required": true
-        },
+          {
+            "description": "Budget period name or seconds",
+            "name": "period",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
         "responses": {
           "200": {
             "description": "OK",
@@ -426,8 +457,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "type": "object",
-                  "additionalProperties": true
+                  "$ref": "#/components/schemas/admin.resetBudgetsResponse"
                 }
               }
             }
@@ -4394,9 +4424,9 @@
   "components": {
     "securitySchemes": {
       "BearerAuth": {
-        "type": "apiKey",
-        "name": "Authorization",
-        "in": "header"
+        "type": "http",
+        "scheme": "bearer",
+        "bearerFormat": "JWT"
       }
     },
     "schemas": {
@@ -4597,11 +4627,22 @@
       "admin.resetBudgetsRequest": {
         "type": "object",
         "properties": {
+          "confirm": {
+            "type": "string"
+          },
           "confirmation": {
             "type": "string"
           }
         }
       },
+      "admin.resetBudgetsResponse": {
+        "type": "object",
+        "properties": {
+          "status": {
+            "type": "string"
+          }
+        }
+      },
       "admin.updateBudgetSettingsRequest": {
         "type": "object",
         "properties": {
@@ -4636,18 +4677,6 @@
         "properties": {
           "amount": {
             "type": "number"
-          },
-          "period": {
-            "type": "string"
-          },
-          "period_seconds": {
-            "type": "integer"
-          },
-          "source": {
-            "type": "string"
-          },
-          "user_path": {
-            "type": "string"
           }
         }
       },
diff --git a/internal/admin/dashboard/static/css/dashboard.css b/internal/admin/dashboard/static/css/dashboard.css
index 0240e8be..3c4a4570 100644
--- a/internal/admin/dashboard/static/css/dashboard.css
+++ b/internal/admin/dashboard/static/css/dashboard.css
@@ -3670,36 +3670,68 @@ body.conversation-drawer-open {
 .budget-period-label-weekly {
   border-color: color-mix(in srgb, #68765c 62%, var(--border));
   background: color-mix(in srgb, #68765c 12%, var(--bg));
-  color: #68765c;
+  color: color-mix(in srgb, #68765c 34%, var(--text) 66%);
 }
 
 .budget-period-label-daily {
   border-color: color-mix(in srgb, #b5652d 62%, var(--border));
   background: color-mix(in srgb, #b5652d 12%, var(--bg));
-  color: #b5652d;
+  color: color-mix(in srgb, #b5652d 34%, var(--text) 66%);
 }
 
 .budget-period-label-hourly {
   border-color: color-mix(in srgb, #783f22 62%, var(--border));
   background: color-mix(in srgb, #783f22 12%, var(--bg));
-  color: #783f22;
+  color: color-mix(in srgb, #783f22 34%, var(--text) 66%);
 }
 
 .budget-period-label-custom {
   border-style: dashed;
   border-color: color-mix(in srgb, #bfa584 68%, var(--border));
   background: color-mix(in srgb, #bfa584 16%, var(--bg));
-  color: #8b6f4f;
+  color: color-mix(in srgb, #8b6f4f 34%, var(--text) 66%);
 }
 
 [data-theme="light"] .budget-period-label-monthly {
   color: #30302c;
 }
 
+[data-theme="light"] .budget-period-label-weekly {
+  color: #68765c;
+}
+
+[data-theme="light"] .budget-period-label-daily {
+  color: #b5652d;
+}
+
+[data-theme="light"] .budget-period-label-hourly {
+  color: #783f22;
+}
+
+[data-theme="light"] .budget-period-label-custom {
+  color: #8b6f4f;
+}
+
 @media (prefers-color-scheme: light) {
   :root:not([data-theme="dark"]) .budget-period-label-monthly {
     color: #30302c;
   }
+
+  :root:not([data-theme="dark"]) .budget-period-label-weekly {
+    color: #68765c;
+  }
+
+  :root:not([data-theme="dark"]) .budget-period-label-daily {
+    color: #b5652d;
+  }
+
+  :root:not([data-theme="dark"]) .budget-period-label-hourly {
+    color: #783f22;
+  }
+
+  :root:not([data-theme="dark"]) .budget-period-label-custom {
+    color: #8b6f4f;
+  }
 }
 
 .budget-row-actions {
diff --git a/internal/admin/dashboard/static/js/dashboard.js b/internal/admin/dashboard/static/js/dashboard.js
index 35a2b9b0..16533219 100644
--- a/internal/admin/dashboard/static/js/dashboard.js
+++ b/internal/admin/dashboard/static/js/dashboard.js
@@ -582,12 +582,6 @@ function dashboard() {
       ) {
         requests.push(this.fetchGuardrailsPage());
       }
-      if (
-        this.page === "budgets" &&
-        typeof this.fetchBudgetsPage === "function"
-      ) {
-        requests.push(this.fetchBudgetsPage());
-      }
       if (this.page === "usage" && typeof this.fetchUsagePage === "function") {
         requests.push(this.fetchUsagePage());
       }
diff --git a/internal/admin/dashboard/static/js/modules/budgets.js b/internal/admin/dashboard/static/js/modules/budgets.js
index 1fac84cd..0415ed8b 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.js
+++ b/internal/admin/dashboard/static/js/modules/budgets.js
@@ -21,6 +21,7 @@
             budgets: [],
             budgetsAvailable: true,
             budgetsLoading: false,
+            budgetFetchPromise: null,
             budgetFilter: '',
             budgetSortBy: 'user_path',
             budgetError: '',
@@ -181,7 +182,7 @@
 
             filteredBudgets() {
                 const filter = String(this.budgetFilter || '').trim().toLowerCase();
-                let items = this.budgets;
+                let items;
                 if (!filter) {
                     items = this.budgets.slice();
                 } else {
@@ -236,7 +237,13 @@
                     this.budgetError = '';
                     return;
                 }
-                await this.fetchBudgets();
+                if (this.budgetFetchPromise) {
+                    return this.budgetFetchPromise;
+                }
+                this.budgetFetchPromise = this.fetchBudgets().finally(() => {
+                    this.budgetFetchPromise = null;
+                });
+                return this.budgetFetchPromise;
             },
 
             async fetchBudgets() {
@@ -341,6 +348,12 @@
                 };
             },
 
+            budgetAPIPath(userPath, periodSeconds) {
+                const encodedPath = encodeURIComponent(this.normalizeBudgetUserPath(userPath));
+                const encodedPeriod = encodeURIComponent(String(Math.trunc(Number(periodSeconds || 0))));
+                return '/admin/api/v1/budgets/' + encodedPath + '/' + encodedPeriod;
+            },
+
             openBudgetOverrideDialog(existing, payload) {
                 this.budgetOverrideExistingBudget = existing || null;
                 this.budgetOverridePendingPayload = payload || null;
@@ -428,14 +441,14 @@
                     const request = typeof this.requestOptions === 'function'
                         ? this.requestOptions({
                             method: 'PUT',
-                            body: JSON.stringify(payload)
+                            body: JSON.stringify({ amount: payload.amount })
                         })
                         : {
                             method: 'PUT',
                             headers: this.headers(),
-                            body: JSON.stringify(payload)
+                            body: JSON.stringify({ amount: payload.amount })
                         };
-                    const res = await fetch('/admin/api/v1/budgets', request);
+                    const res = await fetch(this.budgetAPIPath(payload.user_path, payload.period_seconds), request);
                     if (res.status === 503) {
                         this.budgetsAvailable = false;
                         this.budgetFormError = 'Budget management is unavailable.';
@@ -534,21 +547,13 @@
                 try {
                     const request = typeof this.requestOptions === 'function'
                         ? this.requestOptions({
-                            method: 'DELETE',
-                            body: JSON.stringify({
-                                user_path: item.user_path,
-                                period_seconds: item.period_seconds
-                            })
+                            method: 'DELETE'
                         })
                         : {
                             method: 'DELETE',
-                            headers: this.headers(),
-                            body: JSON.stringify({
-                                user_path: item.user_path,
-                                period_seconds: item.period_seconds
-                            })
+                            headers: this.headers()
                         };
-                    const res = await fetch('/admin/api/v1/budgets', request);
+                    const res = await fetch(this.budgetAPIPath(item.user_path, item.period_seconds), request);
                     if (res.status === 503) {
                         this.budgetsAvailable = false;
                         this.budgetError = 'Budget management is unavailable.';
@@ -729,19 +734,29 @@
 
             normalizeBudgetSettings(payload) {
                 const current = this.budgetSettings || {};
+                const integerValue = (value, fallback) => {
+                    if (value === '') {
+                        return fallback;
+                    }
+                    const parsed = Number(value);
+                    return Number.isFinite(parsed) && Number.isInteger(parsed) ? Math.trunc(parsed) : fallback;
+                };
+                const currentValue = (key, fallback) => integerValue(current[key], fallback);
                 const numberValue = (key, fallback) => {
-                    const parsed = Number(payload && payload[key]);
-                    return Number.isFinite(parsed) ? parsed : fallback;
+                    if (!payload) {
+                        return fallback;
+                    }
+                    return integerValue(payload[key], fallback);
                 };
                 return {
-                    daily_reset_hour: numberValue('daily_reset_hour', Number(current.daily_reset_hour || 0)),
-                    daily_reset_minute: numberValue('daily_reset_minute', Number(current.daily_reset_minute || 0)),
-                    weekly_reset_weekday: numberValue('weekly_reset_weekday', Number(current.weekly_reset_weekday || 1)),
-                    weekly_reset_hour: numberValue('weekly_reset_hour', Number(current.weekly_reset_hour || 0)),
-                    weekly_reset_minute: numberValue('weekly_reset_minute', Number(current.weekly_reset_minute || 0)),
-                    monthly_reset_day: numberValue('monthly_reset_day', Number(current.monthly_reset_day || 1)),
-                    monthly_reset_hour: numberValue('monthly_reset_hour', Number(current.monthly_reset_hour || 0)),
-                    monthly_reset_minute: numberValue('monthly_reset_minute', Number(current.monthly_reset_minute || 0))
+                    daily_reset_hour: numberValue('daily_reset_hour', currentValue('daily_reset_hour', 0)),
+                    daily_reset_minute: numberValue('daily_reset_minute', currentValue('daily_reset_minute', 0)),
+                    weekly_reset_weekday: numberValue('weekly_reset_weekday', currentValue('weekly_reset_weekday', 1)),
+                    weekly_reset_hour: numberValue('weekly_reset_hour', currentValue('weekly_reset_hour', 0)),
+                    weekly_reset_minute: numberValue('weekly_reset_minute', currentValue('weekly_reset_minute', 0)),
+                    monthly_reset_day: numberValue('monthly_reset_day', currentValue('monthly_reset_day', 1)),
+                    monthly_reset_hour: numberValue('monthly_reset_hour', currentValue('monthly_reset_hour', 0)),
+                    monthly_reset_minute: numberValue('monthly_reset_minute', currentValue('monthly_reset_minute', 0))
                 };
             },
 
diff --git a/internal/admin/dashboard/static/js/modules/budgets.test.cjs b/internal/admin/dashboard/static/js/modules/budgets.test.cjs
index bb5c40d5..c308c163 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.test.cjs
+++ b/internal/admin/dashboard/static/js/modules/budgets.test.cjs
@@ -63,6 +63,25 @@ test('budgetSettingsPayload normalizes numeric values before saving', () => {
     }));
 });
 
+test('budgetSettingsPayload falls back for blank and fractional values', () => {
+    const module = createBudgetsModule();
+    module.budgetSettings = {
+        daily_reset_hour: '',
+        daily_reset_minute: '15.5',
+        weekly_reset_weekday: '3',
+        weekly_reset_hour: '8',
+        weekly_reset_minute: '45',
+        monthly_reset_day: '31',
+        monthly_reset_hour: '9',
+        monthly_reset_minute: '30'
+    };
+
+    const payload = module.budgetSettingsPayload();
+    assert.equal(payload.daily_reset_hour, 0);
+    assert.equal(payload.daily_reset_minute, 0);
+    assert.equal(payload.weekly_reset_weekday, 3);
+});
+
 test('budgetFormPayload normalizes user path and standard periods', () => {
     const module = createBudgetsModule();
     module.budgetForm = {
@@ -190,13 +209,10 @@ test('confirmBudgetOverride saves the pending create after confirmation', async
     await module.confirmBudgetOverride();
 
     assert.equal(requests.length, 2);
-    assert.equal(requests[0].url, '/admin/api/v1/budgets');
+    assert.equal(requests[0].url, '/admin/api/v1/budgets/%2Fteam/86400');
     assert.equal(requests[0].request.method, 'PUT');
     assert.equal(requests[0].request.body, JSON.stringify({
-        user_path: '/team',
-        period_seconds: 86400,
-        amount: 12.5,
-        source: 'manual'
+        amount: 12.5
     }));
     assert.equal(requests[1].url, '/admin/api/v1/budgets');
     assert.equal(module.budgetOverrideDialogOpen, false);
@@ -296,7 +312,7 @@ test('budgetPeriodLabel and class distinguish standard and custom periods', () =
     assert.equal(module.budgetPeriodDurationLabel({ period_seconds: 1 }), '1 second');
 });
 
-test('deleteBudget posts the selected budget key and refreshes from the response envelope', async () => {
+test('deleteBudget uses the selected budget key in the URL and refreshes from the response envelope', async () => {
     const requests = [];
     const module = createBudgetsModule({
         confirm(message) {
@@ -322,12 +338,9 @@ test('deleteBudget posts the selected budget key and refreshes from the response
     await module.deleteBudget({ user_path: '/team', period_seconds: 86400, period_label: 'daily' });
 
     assert.equal(requests.length, 1);
-    assert.equal(requests[0].url, '/admin/api/v1/budgets');
+    assert.equal(requests[0].url, '/admin/api/v1/budgets/%2Fteam/86400');
     assert.equal(requests[0].request.method, 'DELETE');
-    assert.equal(requests[0].request.body, JSON.stringify({
-        user_path: '/team',
-        period_seconds: 86400
-    }));
+    assert.equal(requests[0].request.body, undefined);
     assert.equal(module.budgetDeletingKey, '');
     assert.equal(module.budgetNotice, 'Budget deleted.');
     assert.equal(JSON.stringify(module.budgets), JSON.stringify([
diff --git a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.cjs b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.cjs
index c0f9ee63..aa5e25d5 100644
--- a/internal/admin/dashboard/static/js/modules/dashboard-layout.test.cjs
+++ b/internal/admin/dashboard/static/js/modules/dashboard-layout.test.cjs
@@ -774,17 +774,21 @@ test("budget row record actions stack reset under edit", () => {
   assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-monthly'), /color:\s*#30302c/);
   const weeklyPeriodRule = readCSSRule(css, ".budget-period-label-weekly");
   assert.match(weeklyPeriodRule, /#68765c/);
-  assert.match(weeklyPeriodRule, /color:\s*#68765c/);
+  assert.match(weeklyPeriodRule, /color:\s*color-mix\(in srgb,\s*#68765c 34%,\s*var\(--text\) 66%\)/);
+  assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-weekly'), /color:\s*#68765c/);
   const dailyPeriodRule = readCSSRule(css, ".budget-period-label-daily");
   assert.match(dailyPeriodRule, /#b5652d/);
-  assert.match(dailyPeriodRule, /color:\s*#b5652d/);
+  assert.match(dailyPeriodRule, /color:\s*color-mix\(in srgb,\s*#b5652d 34%,\s*var\(--text\) 66%\)/);
+  assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-daily'), /color:\s*#b5652d/);
   const hourlyPeriodRule = readCSSRule(css, ".budget-period-label-hourly");
   assert.match(hourlyPeriodRule, /#783f22/);
-  assert.match(hourlyPeriodRule, /color:\s*#783f22/);
+  assert.match(hourlyPeriodRule, /color:\s*color-mix\(in srgb,\s*#783f22 34%,\s*var\(--text\) 66%\)/);
+  assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-hourly'), /color:\s*#783f22/);
   const customPeriodRule = readCSSRule(css, ".budget-period-label-custom");
   assert.match(customPeriodRule, /border-style:\s*dashed/);
   assert.match(customPeriodRule, /#bfa584/);
-  assert.match(customPeriodRule, /color:\s*#8b6f4f/);
+  assert.match(customPeriodRule, /color:\s*color-mix\(in srgb,\s*#8b6f4f 34%,\s*var\(--text\) 66%\)/);
+  assert.match(readCSSRule(css, '[data-theme="light"] .budget-period-label-custom'), /color:\s*#8b6f4f/);
 
   assert.match(readCSSRule(css, ".budget-bar-fill-period-monthly"), /background:\s*#30302c/);
   assert.match(readCSSRule(css, ".budget-bar-fill-period-weekly"), /background:\s*#68765c/);
diff --git a/internal/admin/dashboard/templates/page-settings.html b/internal/admin/dashboard/templates/page-settings.html
index fbd2c357..a18bc644 100644
--- a/internal/admin/dashboard/templates/page-settings.html
+++ b/internal/admin/dashboard/templates/page-settings.html
@@ -198,7 +198,7 @@ <h3>Runtime Refresh</h3>
          x-show="budgetResetDialogOpen"
          x-transition.opacity.duration.160ms
          @click="closeBudgetResetDialog()"
-         @keydown.escape.window="budgetResetDialogOpen && closeBudgetResetDialog()">
+         @keydown.escape.window="!authDialogOpen && budgetResetDialogOpen && closeBudgetResetDialog()">
         <section class="auth-dialog budget-reset-dialog"
                  role="dialog"
                  aria-modal="true"
diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index 8562def2..a4134a4a 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -5,6 +5,7 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"log/slog"
 	"net/http"
 	"net/url"
@@ -1042,18 +1043,20 @@ func (h *Handler) ListBudgets(c *echo.Context) error {
 	})
 }
 
-// UpsertBudget handles PUT /admin/api/v1/budgets.
+// UpsertBudget handles PUT /admin/api/v1/budgets/{user_path}/{period}.
 // @Summary      Create or update one budget
 // @Tags         admin
 // @Accept       json
 // @Produce      json
 // @Security     BearerAuth
-// @Param        budget  body      upsertBudgetRequest  true  "Budget definition"
-// @Success      200     {object}  budgetListResponse
-// @Failure      400     {object}  core.GatewayError
-// @Failure      401     {object}  core.GatewayError
-// @Failure      503     {object}  core.GatewayError
-// @Router       /admin/api/v1/budgets [put]
+// @Param        user_path  path      string               true  "URL-encoded budget user path"
+// @Param        period     path      string               true  "Budget period name or seconds"
+// @Param        budget     body      upsertBudgetRequest  true  "Budget amount"
+// @Success      200        {object}  budgetListResponse
+// @Failure      400        {object}  core.GatewayError
+// @Failure      401        {object}  core.GatewayError
+// @Failure      503        {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/{user_path}/{period} [put]
 func (h *Handler) UpsertBudget(c *echo.Context) error {
 	if h.budgets == nil {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
@@ -1062,51 +1065,47 @@ func (h *Handler) UpsertBudget(c *echo.Context) error {
 	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
-	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
+	userPath, periodSeconds, err := budgetRouteKey(c)
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
-	source := strings.TrimSpace(req.Source)
-	if source == "" {
-		source = "manual"
-	}
-	if err := h.budgets.UpsertBudgets(c.Request().Context(), []budget.Budget{{
-		UserPath:      req.UserPath,
+	item, err := budget.NormalizeBudget(budget.Budget{
+		UserPath:      userPath,
 		PeriodSeconds: periodSeconds,
 		Amount:        req.Amount,
-		Source:        source,
-	}}); err != nil {
+		Source:        "manual",
+	})
+	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
+	if err := h.budgets.UpsertBudgets(c.Request().Context(), []budget.Budget{item}); err != nil {
+		return handleError(c, budgetServiceError("failed to save budget", err))
+	}
 	return h.ListBudgets(c)
 }
 
-// DeleteBudget handles DELETE /admin/api/v1/budgets.
+// DeleteBudget handles DELETE /admin/api/v1/budgets/{user_path}/{period}.
 // @Summary      Delete one budget
 // @Tags         admin
-// @Accept       json
 // @Produce      json
 // @Security     BearerAuth
-// @Param        budget  body      deleteBudgetRequest  true  "Budget key"
-// @Success      200     {object}  budgetListResponse
-// @Failure      400     {object}  core.GatewayError
-// @Failure      401     {object}  core.GatewayError
-// @Failure      503     {object}  core.GatewayError
-// @Router       /admin/api/v1/budgets [delete]
+// @Param        user_path  path      string  true  "URL-encoded budget user path"
+// @Param        period     path      string  true  "Budget period name or seconds"
+// @Success      200        {object}  budgetListResponse
+// @Failure      400        {object}  core.GatewayError
+// @Failure      401        {object}  core.GatewayError
+// @Failure      503        {object}  core.GatewayError
+// @Router       /admin/api/v1/budgets/{user_path}/{period} [delete]
 func (h *Handler) DeleteBudget(c *echo.Context) error {
 	if h.budgets == nil {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
 	}
-	var req deleteBudgetRequest
-	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
-		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
-	}
-	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
+	userPath, periodSeconds, err := budgetRouteKey(c)
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
-	if err := h.budgets.DeleteBudget(c.Request().Context(), req.UserPath, periodSeconds); err != nil {
-		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	if err := h.budgets.DeleteBudget(c.Request().Context(), userPath, periodSeconds); err != nil {
+		return handleError(c, budgetServiceError("failed to delete budget", err))
 	}
 	return h.ListBudgets(c)
 }
@@ -1157,9 +1156,12 @@ func (h *Handler) UpdateBudgetSettings(c *echo.Context) error {
 		MonthlyResetHour:   req.MonthlyResetHour,
 		MonthlyResetMinute: req.MonthlyResetMinute,
 	}
+	if err := budget.ValidateSettings(settings); err != nil {
+		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+	}
 	saved, err := h.budgets.SaveSettings(c.Request().Context(), settings)
 	if err != nil {
-		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
+		return handleError(c, budgetServiceError("failed to save budget settings", err))
 	}
 	return c.JSON(http.StatusOK, saved)
 }
@@ -1188,9 +1190,13 @@ func (h *Handler) ResetBudget(c *echo.Context) error {
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
-	if err := h.budgets.ResetBudget(c.Request().Context(), req.UserPath, periodSeconds, time.Now().UTC()); err != nil {
+	userPath, err := budget.NormalizeUserPath(req.UserPath)
+	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
+	if err := h.budgets.ResetBudget(c.Request().Context(), userPath, periodSeconds, time.Now().UTC()); err != nil {
+		return handleError(c, budgetServiceError("failed to reset budget", err))
+	}
 	return h.ListBudgets(c)
 }
 
@@ -1201,7 +1207,7 @@ func (h *Handler) ResetBudget(c *echo.Context) error {
 // @Produce      json
 // @Security     BearerAuth
 // @Param        confirmation  body      resetBudgetsRequest  true  "Reset confirmation"
-// @Success      200           {object}  map[string]interface{}
+// @Success      200           {object}  resetBudgetsResponse
 // @Failure      400           {object}  core.GatewayError
 // @Failure      401           {object}  core.GatewayError
 // @Failure      503           {object}  core.GatewayError
@@ -1214,13 +1220,13 @@ func (h *Handler) ResetBudgets(c *echo.Context) error {
 	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
-	if strings.TrimSpace(strings.ToLower(req.Confirmation)) != "reset" {
+	if strings.TrimSpace(strings.ToLower(req.confirmationValue())) != "reset" {
 		return handleError(c, core.NewInvalidRequestError("confirmation must be reset", nil))
 	}
 	if err := h.budgets.ResetAll(c.Request().Context(), time.Now().UTC()); err != nil {
 		return handleError(c, core.NewProviderError("budgets", http.StatusServiceUnavailable, "failed to reset budgets", err))
 	}
-	return c.JSON(http.StatusOK, map[string]any{"status": "ok"})
+	return c.JSON(http.StatusOK, resetBudgetsResponse{Status: "ok"})
 }
 
 // ProviderStatus handles GET /admin/api/v1/providers/status
@@ -1439,11 +1445,7 @@ type budgetStatusResponse struct {
 }
 
 type upsertBudgetRequest struct {
-	UserPath      string  `json:"user_path"`
-	Period        string  `json:"period,omitempty"`
-	PeriodSeconds int64   `json:"period_seconds,omitempty"`
-	Amount        float64 `json:"amount"`
-	Source        string  `json:"source,omitempty"`
+	Amount float64 `json:"amount"`
 }
 
 type resetBudgetRequest struct {
@@ -1452,12 +1454,6 @@ type resetBudgetRequest struct {
 	PeriodSeconds int64  `json:"period_seconds,omitempty"`
 }
 
-type deleteBudgetRequest struct {
-	UserPath      string `json:"user_path"`
-	Period        string `json:"period,omitempty"`
-	PeriodSeconds int64  `json:"period_seconds,omitempty"`
-}
-
 type updateBudgetSettingsRequest struct {
 	DailyResetHour     int `json:"daily_reset_hour"`
 	DailyResetMinute   int `json:"daily_reset_minute"`
@@ -1471,6 +1467,18 @@ type updateBudgetSettingsRequest struct {
 
 type resetBudgetsRequest struct {
 	Confirmation string `json:"confirmation"`
+	Confirm      string `json:"confirm,omitempty"`
+}
+
+func (r resetBudgetsRequest) confirmationValue() string {
+	if strings.TrimSpace(r.Confirmation) != "" {
+		return r.Confirmation
+	}
+	return r.Confirm
+}
+
+type resetBudgetsResponse struct {
+	Status string `json:"status"`
 }
 
 func budgetStatusResponses(statuses []budget.CheckResult, now time.Time) []budgetStatusResponse {
@@ -1510,6 +1518,37 @@ func budgetStatusResponses(statuses []budget.CheckResult, now time.Time) []budge
 	return responses
 }
 
+func budgetRouteKey(c *echo.Context) (string, int64, error) {
+	userPathParam := strings.TrimSpace(c.Param("user_path"))
+	if userPathParam == "" {
+		return "", 0, errors.New("user_path path parameter is required")
+	}
+	userPath, err := url.PathUnescape(userPathParam)
+	if err != nil {
+		return "", 0, fmt.Errorf("invalid user_path path parameter: %w", err)
+	}
+	userPath, err = budget.NormalizeUserPath(userPath)
+	if err != nil {
+		return "", 0, err
+	}
+
+	periodParam := strings.TrimSpace(c.Param("period"))
+	if periodParam == "" {
+		return "", 0, errors.New("period path parameter is required")
+	}
+	if seconds, err := strconv.ParseInt(periodParam, 10, 64); err == nil {
+		if seconds <= 0 {
+			return "", 0, errors.New("period_seconds must be greater than 0")
+		}
+		return userPath, seconds, nil
+	}
+	periodSeconds, err := budgetRequestPeriodSeconds(periodParam, 0)
+	if err != nil {
+		return "", 0, err
+	}
+	return userPath, periodSeconds, nil
+}
+
 func budgetRequestPeriodSeconds(period string, periodSeconds int64) (int64, error) {
 	if periodSeconds > 0 {
 		return periodSeconds, nil
@@ -1530,6 +1569,10 @@ func clampBudgetRatio(value float64) float64 {
 	return value
 }
 
+func budgetServiceError(message string, err error) error {
+	return core.NewProviderError("budgets", http.StatusServiceUnavailable, message, err)
+}
+
 func featureUnavailableError(message string) error {
 	return core.NewInvalidRequestErrorWithStatus(http.StatusServiceUnavailable, message, nil).
 		WithCode("feature_unavailable")
diff --git a/internal/admin/handler_budgets_test.go b/internal/admin/handler_budgets_test.go
index 2349dc17..be2970b3 100644
--- a/internal/admin/handler_budgets_test.go
+++ b/internal/admin/handler_budgets_test.go
@@ -15,11 +15,13 @@ import (
 )
 
 type adminBudgetStore struct {
-	budgets []budget.Budget
-	sum     float64
+	budgets  []budget.Budget
+	sum      float64
+	settings budget.Settings
 
 	resetUserPath      string
 	resetPeriodSeconds int64
+	resetAllAt         time.Time
 }
 
 func (s *adminBudgetStore) ListBudgets(context.Context) ([]budget.Budget, error) {
@@ -67,10 +69,14 @@ func (s *adminBudgetStore) ReplaceConfigBudgets(ctx context.Context, budgets []b
 }
 
 func (s *adminBudgetStore) GetSettings(context.Context) (budget.Settings, error) {
-	return budget.DefaultSettings(), nil
+	if s.settings == (budget.Settings{}) {
+		return budget.DefaultSettings(), nil
+	}
+	return s.settings, nil
 }
 
 func (s *adminBudgetStore) SaveSettings(_ context.Context, settings budget.Settings) (budget.Settings, error) {
+	s.settings = settings
 	return settings, nil
 }
 
@@ -87,6 +93,7 @@ func (s *adminBudgetStore) ResetBudget(_ context.Context, userPath string, perio
 }
 
 func (s *adminBudgetStore) ResetAllBudgets(_ context.Context, at time.Time) error {
+	s.resetAllAt = at.UTC()
 	for i := range s.budgets {
 		t := at.UTC()
 		s.budgets[i].LastResetAt = &t
@@ -149,12 +156,16 @@ func TestBudgetEndpointsUpsertAndResetOneBudget(t *testing.T) {
 
 	upsertReq := httptest.NewRequest(
 		http.MethodPut,
-		"/admin/api/v1/budgets",
-		strings.NewReader(`{"user_path":"team/beta","period":"weekly","amount":12.5}`),
+		"/admin/api/v1/budgets/%2Fteam%2Fbeta/weekly",
+		strings.NewReader(`{"amount":12.5}`),
 	)
 	upsertReq.Header.Set("Content-Type", "application/json")
 	upsertRec := httptest.NewRecorder()
 	upsertCtx := e.NewContext(upsertReq, upsertRec)
+	upsertCtx.SetPathValues(echo.PathValues{
+		{Name: "user_path", Value: "%2Fteam%2Fbeta"},
+		{Name: "period", Value: "weekly"},
+	})
 	if err := h.UpsertBudget(upsertCtx); err != nil {
 		t.Fatalf("UpsertBudget() failed: %v", err)
 	}
@@ -195,12 +206,15 @@ func TestBudgetEndpointsDeleteBudget(t *testing.T) {
 	e := echo.New()
 	req := httptest.NewRequest(
 		http.MethodDelete,
-		"/admin/api/v1/budgets",
-		strings.NewReader(`{"user_path":"/team/beta","period_seconds":604800}`),
+		"/admin/api/v1/budgets/%2Fteam%2Fbeta/604800",
+		nil,
 	)
-	req.Header.Set("Content-Type", "application/json")
 	rec := httptest.NewRecorder()
 	c := e.NewContext(req, rec)
+	c.SetPathValues(echo.PathValues{
+		{Name: "user_path", Value: "%2Fteam%2Fbeta"},
+		{Name: "period", Value: "604800"},
+	})
 
 	if err := h.DeleteBudget(c); err != nil {
 		t.Fatalf("DeleteBudget() failed: %v", err)
@@ -212,3 +226,122 @@ func TestBudgetEndpointsDeleteBudget(t *testing.T) {
 		t.Fatalf("stored budgets after delete = %+v", store.budgets)
 	}
 }
+
+func TestBudgetSettingsEndpoints(t *testing.T) {
+	store := &adminBudgetStore{}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+
+	getReq := httptest.NewRequest(http.MethodGet, "/admin/api/v1/budgets/settings", nil)
+	getRec := httptest.NewRecorder()
+	getCtx := e.NewContext(getReq, getRec)
+	if err := h.BudgetSettings(getCtx); err != nil {
+		t.Fatalf("BudgetSettings() failed: %v", err)
+	}
+	if getRec.Code != http.StatusOK {
+		t.Fatalf("settings status = %d, want %d body=%s", getRec.Code, http.StatusOK, getRec.Body.String())
+	}
+	var defaults budget.Settings
+	if err := json.Unmarshal(getRec.Body.Bytes(), &defaults); err != nil {
+		t.Fatalf("decode settings: %v", err)
+	}
+	if defaults.MonthlyResetDay != 1 || defaults.WeeklyResetWeekday != int(time.Monday) {
+		t.Fatalf("default settings = %+v", defaults)
+	}
+
+	updateReq := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets/settings",
+		strings.NewReader(`{"daily_reset_hour":6,"daily_reset_minute":30,"weekly_reset_weekday":2,"weekly_reset_hour":9,"weekly_reset_minute":15,"monthly_reset_day":31,"monthly_reset_hour":2,"monthly_reset_minute":45}`),
+	)
+	updateReq.Header.Set("Content-Type", "application/json")
+	updateRec := httptest.NewRecorder()
+	updateCtx := e.NewContext(updateReq, updateRec)
+	if err := h.UpdateBudgetSettings(updateCtx); err != nil {
+		t.Fatalf("UpdateBudgetSettings() failed: %v", err)
+	}
+	if updateRec.Code != http.StatusOK {
+		t.Fatalf("update settings status = %d, want %d body=%s", updateRec.Code, http.StatusOK, updateRec.Body.String())
+	}
+	if store.settings.DailyResetHour != 6 || store.settings.MonthlyResetDay != 31 {
+		t.Fatalf("stored settings = %+v", store.settings)
+	}
+
+	invalidReq := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets/settings",
+		strings.NewReader(`{"daily_reset_hour":24,"daily_reset_minute":0,"weekly_reset_weekday":1,"weekly_reset_hour":0,"weekly_reset_minute":0,"monthly_reset_day":1,"monthly_reset_hour":0,"monthly_reset_minute":0}`),
+	)
+	invalidReq.Header.Set("Content-Type", "application/json")
+	invalidRec := httptest.NewRecorder()
+	invalidCtx := e.NewContext(invalidReq, invalidRec)
+	if err := h.UpdateBudgetSettings(invalidCtx); err != nil {
+		t.Fatalf("invalid UpdateBudgetSettings() returned handler error: %v", err)
+	}
+	if invalidRec.Code != http.StatusBadRequest {
+		t.Fatalf("invalid settings status = %d, want %d body=%s", invalidRec.Code, http.StatusBadRequest, invalidRec.Body.String())
+	}
+
+	malformedReq := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets/settings",
+		strings.NewReader(`{"daily_reset_hour":`),
+	)
+	malformedReq.Header.Set("Content-Type", "application/json")
+	malformedRec := httptest.NewRecorder()
+	malformedCtx := e.NewContext(malformedReq, malformedRec)
+	if err := h.UpdateBudgetSettings(malformedCtx); err != nil {
+		t.Fatalf("malformed UpdateBudgetSettings() returned handler error: %v", err)
+	}
+	if malformedRec.Code != http.StatusBadRequest {
+		t.Fatalf("malformed settings status = %d, want %d body=%s", malformedRec.Code, http.StatusBadRequest, malformedRec.Body.String())
+	}
+}
+
+func TestResetBudgetsEndpoint(t *testing.T) {
+	store := &adminBudgetStore{
+		budgets: []budget.Budget{
+			{UserPath: "/team", PeriodSeconds: budget.PeriodDailySeconds, Amount: 10},
+		},
+	}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+
+	badReq := httptest.NewRequest(http.MethodPost, "/admin/api/v1/budgets/reset", strings.NewReader(`{"confirm":"no"}`))
+	badReq.Header.Set("Content-Type", "application/json")
+	badRec := httptest.NewRecorder()
+	badCtx := e.NewContext(badReq, badRec)
+	if err := h.ResetBudgets(badCtx); err != nil {
+		t.Fatalf("invalid ResetBudgets() returned handler error: %v", err)
+	}
+	if badRec.Code != http.StatusBadRequest {
+		t.Fatalf("invalid reset status = %d, want %d body=%s", badRec.Code, http.StatusBadRequest, badRec.Body.String())
+	}
+	if !store.resetAllAt.IsZero() {
+		t.Fatalf("resetAllAt = %s, want zero", store.resetAllAt)
+	}
+
+	req := httptest.NewRequest(http.MethodPost, "/admin/api/v1/budgets/reset", strings.NewReader(`{"confirm":"reset"}`))
+	req.Header.Set("Content-Type", "application/json")
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+	if err := h.ResetBudgets(c); err != nil {
+		t.Fatalf("ResetBudgets() failed: %v", err)
+	}
+	if rec.Code != http.StatusOK {
+		t.Fatalf("reset all status = %d, want %d body=%s", rec.Code, http.StatusOK, rec.Body.String())
+	}
+	if store.resetAllAt.IsZero() {
+		t.Fatal("ResetAllBudgets was not called")
+	}
+	if store.budgets[0].LastResetAt == nil || !store.budgets[0].LastResetAt.Equal(store.resetAllAt) {
+		t.Fatalf("budget reset time = %v, want %s", store.budgets[0].LastResetAt, store.resetAllAt)
+	}
+	var body resetBudgetsResponse
+	if err := json.Unmarshal(rec.Body.Bytes(), &body); err != nil {
+		t.Fatalf("decode reset response: %v", err)
+	}
+	if body.Status != "ok" {
+		t.Fatalf("reset status body = %q, want ok", body.Status)
+	}
+}
diff --git a/internal/app/app.go b/internal/app/app.go
index b134a3c5..5a29d9fb 100644
--- a/internal/app/app.go
+++ b/internal/app/app.go
@@ -85,6 +85,14 @@ func New(ctx context.Context, cfg Config) (*App, error) {
 	}
 
 	appCfg := cfg.AppConfig.Config
+	if appCfg.Budgets.Enabled && !appCfg.Usage.Enabled {
+		appCfg.Budgets.Enabled = false
+		slog.Warn("budget management disabled because usage tracking is disabled",
+			"usage_enabled", false,
+			"budgets_enabled", false,
+			"hint", "enable usage tracking to use budgets, or set BUDGETS_ENABLED=false to silence this warning",
+		)
+	}
 
 	app := &App{
 		config: appCfg,
diff --git a/internal/auditlog/middleware.go b/internal/auditlog/middleware.go
index b769d637..2d9a6780 100644
--- a/internal/auditlog/middleware.go
+++ b/internal/auditlog/middleware.go
@@ -594,7 +594,9 @@ func EnrichEntryWithError(c *echo.Context, errorType, errorMessage string, error
 	if entry.Data != nil {
 		entry.Data.ErrorMessage = errorMessage
 		if len(errorCode) > 0 {
-			entry.Data.ErrorCode = strings.TrimSpace(errorCode[0])
+			if code := strings.TrimSpace(errorCode[0]); code != "" {
+				entry.Data.ErrorCode = code
+			}
 		}
 	}
 }
diff --git a/internal/budget/factory.go b/internal/budget/factory.go
index edb3bab5..d86f27ba 100644
--- a/internal/budget/factory.go
+++ b/internal/budget/factory.go
@@ -104,7 +104,7 @@ func createStore(ctx context.Context, store storage.Storage) (Store, error) {
 }
 
 func seedConfiguredBudgets(ctx context.Context, service *Service, cfg config.BudgetsConfig) error {
-	if service == nil || len(cfg.UserPaths) == 0 {
+	if service == nil {
 		return nil
 	}
 	budgets := make([]Budget, 0)
diff --git a/internal/budget/service.go b/internal/budget/service.go
index d0751fbc..d95c792b 100644
--- a/internal/budget/service.go
+++ b/internal/budget/service.go
@@ -45,7 +45,7 @@ func (s *Service) Refresh(ctx context.Context) error {
 	}
 	sort.SliceStable(budgets, func(i, j int) bool {
 		if budgets[i].UserPath == budgets[j].UserPath {
-			return budgets[i].PeriodSeconds < budgets[j].PeriodSeconds
+			return budgets[i].PeriodSeconds > budgets[j].PeriodSeconds
 		}
 		return budgets[i].UserPath < budgets[j].UserPath
 	})
@@ -222,7 +222,7 @@ func (s *Service) CheckWithResults(ctx context.Context, userPath string, now tim
 			return results, err
 		}
 		results = append(results, result)
-		if result.Spent >= budget.Amount {
+		if result.HasUsage && result.Spent >= budget.Amount {
 			return results, &ExceededError{Result: result}
 		}
 	}
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
index 26ce9959..71e93521 100644
--- a/internal/budget/service_test.go
+++ b/internal/budget/service_test.go
@@ -5,6 +5,8 @@ import (
 	"errors"
 	"testing"
 	"time"
+
+	"gomodel/config"
 )
 
 type fakeStore struct {
@@ -15,6 +17,8 @@ type fakeStore struct {
 	lastSumUserPath string
 	lastSumStart    time.Time
 	lastResetAt     time.Time
+	replaceCalls    int
+	replacedBudgets []Budget
 }
 
 func (s *fakeStore) ListBudgets(context.Context) ([]Budget, error) {
@@ -29,7 +33,9 @@ func (s *fakeStore) DeleteBudget(context.Context, string, int64) error {
 	return nil
 }
 
-func (s *fakeStore) ReplaceConfigBudgets(context.Context, []Budget) error {
+func (s *fakeStore) ReplaceConfigBudgets(_ context.Context, budgets []Budget) error {
+	s.replaceCalls++
+	s.replacedBudgets = append([]Budget(nil), budgets...)
 	return nil
 }
 
@@ -67,6 +73,58 @@ func (s *fakeStore) Close() error {
 	return nil
 }
 
+func TestServiceRefreshSortsBudgetsByUserPathThenLongestPeriod(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{
+		budgets: []Budget{
+			{UserPath: "/team/beta", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+			{UserPath: "/team/alpha", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+			{UserPath: "/team/alpha", PeriodSeconds: PeriodMonthlySeconds, Amount: 100},
+			{UserPath: "/team/alpha", PeriodSeconds: PeriodWeeklySeconds, Amount: 50},
+		},
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+
+	got := service.Budgets()
+	want := []Budget{
+		{UserPath: "/team/alpha", PeriodSeconds: PeriodMonthlySeconds, Amount: 100},
+		{UserPath: "/team/alpha", PeriodSeconds: PeriodWeeklySeconds, Amount: 50},
+		{UserPath: "/team/alpha", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+		{UserPath: "/team/beta", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+	}
+	if len(got) != len(want) {
+		t.Fatalf("got %d budgets, want %d: %+v", len(got), len(want), got)
+	}
+	for i := range want {
+		if got[i].UserPath != want[i].UserPath || got[i].PeriodSeconds != want[i].PeriodSeconds {
+			t.Fatalf("budget[%d] = %s/%d, want %s/%d", i, got[i].UserPath, got[i].PeriodSeconds, want[i].UserPath, want[i].PeriodSeconds)
+		}
+	}
+}
+
+func TestSeedConfiguredBudgetsReplacesEmptyConfigSet(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+	store.replaceCalls = 0
+
+	if err := seedConfiguredBudgets(ctx, service, config.BudgetsConfig{}); err != nil {
+		t.Fatalf("seedConfiguredBudgets() failed: %v", err)
+	}
+	if store.replaceCalls != 1 {
+		t.Fatalf("ReplaceConfigBudgets calls = %d, want 1", store.replaceCalls)
+	}
+	if len(store.replacedBudgets) != 0 {
+		t.Fatalf("replaced budgets = %+v, want empty", store.replacedBudgets)
+	}
+}
+
 func TestServiceCheckRejectsExceededBudgetForMatchingUserPath(t *testing.T) {
 	ctx := context.Background()
 	store := &fakeStore{
@@ -95,6 +153,39 @@ func TestServiceCheckRejectsExceededBudgetForMatchingUserPath(t *testing.T) {
 	}
 }
 
+func TestServiceCheckDoesNotEnforceBudgetWithoutUsage(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{
+		budgets: []Budget{
+			{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10},
+		},
+		sum: func(userPath string, start, end time.Time) (float64, bool, error) {
+			if userPath != "/team" {
+				t.Fatalf("sum user path = %q, want /team", userPath)
+			}
+			return 100, false, nil
+		},
+	}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+
+	if err := service.Check(ctx, "/team", time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC)); err != nil {
+		t.Fatalf("Check() error = %v, want nil when SumUsageCost reports no usage", err)
+	}
+	results, err := service.CheckWithResults(ctx, "/team", time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC))
+	if err != nil {
+		t.Fatalf("CheckWithResults() error = %v", err)
+	}
+	if len(results) != 1 {
+		t.Fatalf("CheckWithResults() returned %d results, want 1", len(results))
+	}
+	if results[0].HasUsage {
+		t.Fatal("CheckWithResults().HasUsage = true, want false")
+	}
+}
+
 func TestServiceCheckIgnoresSiblingUserPath(t *testing.T) {
 	ctx := context.Background()
 	called := false
diff --git a/internal/budget/settings_helpers.go b/internal/budget/settings_helpers.go
index bcff6b34..766975cb 100644
--- a/internal/budget/settings_helpers.go
+++ b/internal/budget/settings_helpers.go
@@ -30,30 +30,33 @@ func applySettingValue(settings *Settings, key, value string) error {
 	if settings == nil {
 		return nil
 	}
-	parsed, err := strconv.Atoi(strings.TrimSpace(value))
-	if err != nil {
-		return fmt.Errorf("budget setting %s must be an integer", key)
-	}
-	switch strings.TrimSpace(key) {
+	key = strings.TrimSpace(key)
+	var target *int
+	switch key {
 	case settingDailyResetHour:
-		settings.DailyResetHour = parsed
+		target = &settings.DailyResetHour
 	case settingDailyResetMinute:
-		settings.DailyResetMinute = parsed
+		target = &settings.DailyResetMinute
 	case settingWeeklyResetWeekday:
-		settings.WeeklyResetWeekday = parsed
+		target = &settings.WeeklyResetWeekday
 	case settingWeeklyResetHour:
-		settings.WeeklyResetHour = parsed
+		target = &settings.WeeklyResetHour
 	case settingWeeklyResetMinute:
-		settings.WeeklyResetMinute = parsed
+		target = &settings.WeeklyResetMinute
 	case settingMonthlyResetDay:
-		settings.MonthlyResetDay = parsed
+		target = &settings.MonthlyResetDay
 	case settingMonthlyResetHour:
-		settings.MonthlyResetHour = parsed
+		target = &settings.MonthlyResetHour
 	case settingMonthlyResetMinute:
-		settings.MonthlyResetMinute = parsed
+		target = &settings.MonthlyResetMinute
 	default:
 		return nil
 	}
+	parsed, err := strconv.Atoi(strings.TrimSpace(value))
+	if err != nil {
+		return fmt.Errorf("budget setting %s must be an integer", key)
+	}
+	*target = parsed
 	return nil
 }
 
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
index f9fd64f7..d45d2abd 100644
--- a/internal/budget/store_mongodb.go
+++ b/internal/budget/store_mongodb.go
@@ -74,6 +74,10 @@ func (s *MongoDBStore) UpsertBudgets(ctx context.Context, budgets []Budget) erro
 	if err != nil {
 		return err
 	}
+	return s.upsertNormalizedBudgets(ctx, budgets)
+}
+
+func (s *MongoDBStore) upsertNormalizedBudgets(ctx context.Context, budgets []Budget) error {
 	if len(budgets) == 0 {
 		return nil
 	}
@@ -123,6 +127,25 @@ func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budge
 		budgets[i].Source = "config"
 	}
 
+	session, err := s.budgets.Database().Client().StartSession()
+	if err != nil {
+		return fmt.Errorf("start config budget replacement transaction: %w", err)
+	}
+	defer session.EndSession(ctx)
+
+	_, err = session.WithTransaction(ctx, func(txCtx context.Context) (any, error) {
+		if err := s.replaceConfigBudgets(txCtx, budgets); err != nil {
+			return nil, err
+		}
+		return nil, nil
+	})
+	if err != nil {
+		return fmt.Errorf("replace config budgets transaction: %w", err)
+	}
+	return nil
+}
+
+func (s *MongoDBStore) replaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	filter := bson.D{{Key: "source", Value: "config"}}
 	if len(budgets) > 0 {
 		keep := make(bson.A, 0, len(budgets))
@@ -137,7 +160,7 @@ func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budge
 	if _, err := s.budgets.DeleteMany(ctx, filter); err != nil {
 		return fmt.Errorf("delete old config budgets: %w", err)
 	}
-	return s.UpsertBudgets(ctx, budgets)
+	return s.upsertNormalizedBudgets(ctx, budgets)
 }
 
 func (s *MongoDBStore) GetSettings(ctx context.Context) (Settings, error) {
@@ -179,6 +202,26 @@ func (s *MongoDBStore) SaveSettings(ctx context.Context, settings Settings) (Set
 		return Settings{}, err
 	}
 	settings.UpdatedAt = time.Now().UTC()
+
+	session, err := s.settings.Database().Client().StartSession()
+	if err != nil {
+		return Settings{}, fmt.Errorf("start budget settings transaction: %w", err)
+	}
+	defer session.EndSession(ctx)
+
+	_, err = session.WithTransaction(ctx, func(txCtx context.Context) (any, error) {
+		if err := s.saveSettingsValues(txCtx, settings); err != nil {
+			return nil, err
+		}
+		return nil, nil
+	})
+	if err != nil {
+		return Settings{}, fmt.Errorf("save budget settings transaction: %w", err)
+	}
+	return settings, nil
+}
+
+func (s *MongoDBStore) saveSettingsValues(ctx context.Context, settings Settings) error {
 	for key, value := range settingsKeyValues(settings) {
 		filter := bson.D{{Key: "key", Value: key}}
 		update := bson.D{{Key: "$set", Value: bson.D{
@@ -187,10 +230,10 @@ func (s *MongoDBStore) SaveSettings(ctx context.Context, settings Settings) (Set
 			{Key: "updated_at", Value: settings.UpdatedAt},
 		}}}
 		if _, err := s.settings.UpdateOne(ctx, filter, update, options.UpdateOne().SetUpsert(true)); err != nil {
-			return Settings{}, fmt.Errorf("save budget setting %s: %w", key, err)
+			return fmt.Errorf("save budget setting %s: %w", key, err)
 		}
 	}
-	return settings, nil
+	return nil
 }
 
 func (s *MongoDBStore) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
@@ -235,16 +278,9 @@ func (s *MongoDBStore) SumUsageCost(ctx context.Context, userPath string, start,
 	}
 	pathPattern := usagePathRegex(userPath)
 	pipeline := bson.A{
-		bson.D{{Key: "$addFields", Value: bson.D{
-			{Key: "_gomodel_budget_user_path", Value: bson.D{{Key: "$cond", Value: bson.A{
-				bson.D{{Key: "$ne", Value: bson.A{bson.D{{Key: "$trim", Value: bson.D{{Key: "input", Value: bson.D{{Key: "$ifNull", Value: bson.A{"$user_path", ""}}}}}}}, ""}}},
-				bson.D{{Key: "$trim", Value: bson.D{{Key: "input", Value: "$user_path"}}}},
-				"/",
-			}}}},
-		}}},
 		bson.D{{Key: "$match", Value: bson.D{
 			{Key: "timestamp", Value: bson.D{{Key: "$gte", Value: start.UTC()}, {Key: "$lt", Value: end.UTC()}}},
-			{Key: "_gomodel_budget_user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}},
+			{Key: "user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}},
 			{Key: "$or", Value: bson.A{
 				bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
 				bson.D{{Key: "cache_type", Value: ""}},
diff --git a/internal/budget/types_test.go b/internal/budget/types_test.go
index fbbc2b4d..0fa5ca14 100644
--- a/internal/budget/types_test.go
+++ b/internal/budget/types_test.go
@@ -1,10 +1,29 @@
 package budget
 
 import (
+	"strings"
 	"testing"
 	"time"
 )
 
+func TestApplySettingValueIgnoresUnknownNonInteger(t *testing.T) {
+	settings := DefaultSettings()
+	if err := applySettingValue(&settings, "unknown_setting", "not-an-int"); err != nil {
+		t.Fatalf("applySettingValue() error = %v, want nil for unknown setting", err)
+	}
+}
+
+func TestApplySettingValueRejectsKnownNonInteger(t *testing.T) {
+	settings := DefaultSettings()
+	err := applySettingValue(&settings, settingDailyResetHour, "not-an-int")
+	if err == nil {
+		t.Fatal("applySettingValue() error = nil, want parse error")
+	}
+	if !strings.Contains(err.Error(), "must be an integer") {
+		t.Fatalf("applySettingValue() error = %v", err)
+	}
+}
+
 func TestPeriodBoundsUsesConfiguredAnchors(t *testing.T) {
 	settings := Settings{
 		DailyResetHour:     6,
@@ -16,29 +35,88 @@ func TestPeriodBoundsUsesConfiguredAnchors(t *testing.T) {
 		MonthlyResetHour:   2,
 		MonthlyResetMinute: 45,
 	}
-	now := time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC)
-
-	dailyStart, dailyEnd := PeriodBounds(now, PeriodDailySeconds, settings)
-	if want := time.Date(2026, time.April, 25, 6, 30, 0, 0, time.UTC); !dailyStart.Equal(want) {
-		t.Fatalf("daily start = %s, want %s", dailyStart, want)
-	}
-	if want := time.Date(2026, time.April, 26, 6, 30, 0, 0, time.UTC); !dailyEnd.Equal(want) {
-		t.Fatalf("daily end = %s, want %s", dailyEnd, want)
-	}
 
-	weeklyStart, weeklyEnd := PeriodBounds(now, PeriodWeeklySeconds, settings)
-	if want := time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC); !weeklyStart.Equal(want) {
-		t.Fatalf("weekly start = %s, want %s", weeklyStart, want)
-	}
-	if want := time.Date(2026, time.April, 29, 9, 15, 0, 0, time.UTC); !weeklyEnd.Equal(want) {
-		t.Fatalf("weekly end = %s, want %s", weeklyEnd, want)
+	tests := []struct {
+		name      string
+		now       time.Time
+		period    int64
+		wantStart time.Time
+		wantEnd   time.Time
+	}{
+		{
+			name:      "daily exactly at anchor",
+			now:       time.Date(2026, time.April, 25, 6, 30, 0, 0, time.UTC),
+			period:    PeriodDailySeconds,
+			wantStart: time.Date(2026, time.April, 25, 6, 30, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.April, 26, 6, 30, 0, 0, time.UTC),
+		},
+		{
+			name:      "weekly on anchor weekday before anchor",
+			now:       time.Date(2026, time.April, 22, 9, 14, 59, 0, time.UTC),
+			period:    PeriodWeeklySeconds,
+			wantStart: time.Date(2026, time.April, 15, 9, 15, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC),
+		},
+		{
+			name:      "weekly exactly at anchor",
+			now:       time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC),
+			period:    PeriodWeeklySeconds,
+			wantStart: time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.April, 29, 9, 15, 0, 0, time.UTC),
+		},
+		{
+			name:      "weekly on anchor weekday after anchor",
+			now:       time.Date(2026, time.April, 22, 9, 15, 1, 0, time.UTC),
+			period:    PeriodWeeklySeconds,
+			wantStart: time.Date(2026, time.April, 22, 9, 15, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.April, 29, 9, 15, 0, 0, time.UTC),
+		},
+		{
+			name:      "monthly day 31 before non-leap February anchor",
+			now:       time.Date(2026, time.February, 28, 2, 44, 59, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2026, time.January, 31, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.February, 28, 2, 45, 0, 0, time.UTC),
+		},
+		{
+			name:      "monthly day 31 at non-leap February anchor",
+			now:       time.Date(2026, time.February, 28, 2, 45, 0, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2026, time.February, 28, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.March, 31, 2, 45, 0, 0, time.UTC),
+		},
+		{
+			name:      "monthly day 31 at leap February anchor",
+			now:       time.Date(2024, time.February, 29, 2, 45, 0, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2024, time.February, 29, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2024, time.March, 31, 2, 45, 0, 0, time.UTC),
+		},
+		{
+			name:      "monthly day 31 clamps April",
+			now:       time.Date(2026, time.April, 30, 3, 0, 0, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2026, time.April, 30, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.May, 31, 2, 45, 0, 0, time.UTC),
+		},
+		{
+			name:      "monthly day 31 clamps June",
+			now:       time.Date(2026, time.June, 30, 3, 0, 0, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2026, time.June, 30, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.July, 31, 2, 45, 0, 0, time.UTC),
+		},
 	}
 
-	monthlyStart, monthlyEnd := PeriodBounds(now, PeriodMonthlySeconds, settings)
-	if want := time.Date(2026, time.March, 31, 2, 45, 0, 0, time.UTC); !monthlyStart.Equal(want) {
-		t.Fatalf("monthly start = %s, want %s", monthlyStart, want)
-	}
-	if want := time.Date(2026, time.April, 30, 2, 45, 0, 0, time.UTC); !monthlyEnd.Equal(want) {
-		t.Fatalf("monthly end = %s, want %s", monthlyEnd, want)
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			start, end := PeriodBounds(tt.now, tt.period, settings)
+			if !start.Equal(tt.wantStart) {
+				t.Fatalf("start = %s, want %s", start, tt.wantStart)
+			}
+			if !end.Equal(tt.wantEnd) {
+				t.Fatalf("end = %s, want %s", end, tt.wantEnd)
+			}
+		})
 	}
 }
diff --git a/internal/core/workflow_test.go b/internal/core/workflow_test.go
index 4f232eef..f2c0f611 100644
--- a/internal/core/workflow_test.go
+++ b/internal/core/workflow_test.go
@@ -14,18 +14,40 @@ func TestNewWorkflowSelector_DropsInvalidUserPath(t *testing.T) {
 func TestWorkflowFeaturesApplyUpperBound_DisablesBudgetWhenUsageDisabled(t *testing.T) {
 	t.Parallel()
 
-	features := WorkflowFeatures{
-		Usage:  true,
-		Budget: true,
-	}.ApplyUpperBound(WorkflowFeatures{
-		Usage:  false,
-		Budget: true,
-	})
-
-	if features.Usage {
-		t.Fatal("ApplyUpperBound().Usage = true, want false")
+	tests := []struct {
+		name       string
+		base       WorkflowFeatures
+		caps       WorkflowFeatures
+		wantUsage  bool
+		wantBudget bool
+	}{
+		{
+			name:       "disables budget when usage cap disabled",
+			base:       WorkflowFeatures{Usage: true, Budget: true},
+			caps:       WorkflowFeatures{Usage: false, Budget: true},
+			wantUsage:  false,
+			wantBudget: false,
+		},
+		{
+			name:       "keeps budget when usage and budget enabled",
+			base:       WorkflowFeatures{Usage: true, Budget: true},
+			caps:       WorkflowFeatures{Usage: true, Budget: true},
+			wantUsage:  true,
+			wantBudget: true,
+		},
 	}
-	if features.Budget {
-		t.Fatal("ApplyUpperBound().Budget = true, want false")
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			features := tt.base.ApplyUpperBound(tt.caps)
+			if features.Usage != tt.wantUsage {
+				t.Fatalf("ApplyUpperBound().Usage = %v, want %v", features.Usage, tt.wantUsage)
+			}
+			if features.Budget != tt.wantBudget {
+				t.Fatalf("ApplyUpperBound().Budget = %v, want %v", features.Budget, tt.wantBudget)
+			}
+		})
 	}
 }
diff --git a/internal/server/budget_support.go b/internal/server/budget_support.go
index 54a63017..e176d07d 100644
--- a/internal/server/budget_support.go
+++ b/internal/server/budget_support.go
@@ -4,7 +4,9 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"math"
 	"net/http"
+	"strconv"
 	"time"
 
 	"github.com/labstack/echo/v5"
@@ -48,8 +50,48 @@ func budgetCheckError(err error) error {
 		if message == "" {
 			message = "budget exceeded"
 		}
-		return core.NewRateLimitError("budget", message).WithCode("budget_exceeded")
+		gatewayErr := core.NewRateLimitError("budget", message).WithCode("budget_exceeded")
+		if retryAfter := budgetRetryAfterHeader(exceeded.Result.PeriodEnd, time.Now().UTC()); retryAfter != "" {
+			return &gatewayErrorWithResponseHeaders{
+				GatewayError: gatewayErr,
+				headers:      http.Header{"Retry-After": []string{retryAfter}},
+			}
+		}
+		return gatewayErr
 	}
 	return core.NewProviderError("budget", http.StatusServiceUnavailable, fmt.Sprintf("budget check failed: %v", err), err).
 		WithCode("budget_check_failed")
 }
+
+type gatewayErrorWithResponseHeaders struct {
+	*core.GatewayError
+	headers http.Header
+}
+
+func (e *gatewayErrorWithResponseHeaders) Unwrap() error {
+	if e == nil {
+		return nil
+	}
+	return e.GatewayError
+}
+
+func (e *gatewayErrorWithResponseHeaders) ResponseHeaders() http.Header {
+	if e == nil {
+		return nil
+	}
+	return e.headers.Clone()
+}
+
+func budgetRetryAfterHeader(periodEnd time.Time, now time.Time) string {
+	if periodEnd.IsZero() {
+		return ""
+	}
+	if now.IsZero() {
+		now = time.Now().UTC()
+	}
+	delay := periodEnd.UTC().Sub(now.UTC())
+	if delay <= 0 {
+		return "0"
+	}
+	return strconv.FormatInt(int64(math.Ceil(delay.Seconds())), 10)
+}
diff --git a/internal/server/budget_support_test.go b/internal/server/budget_support_test.go
index 99db79d6..3a94f5d2 100644
--- a/internal/server/budget_support_test.go
+++ b/internal/server/budget_support_test.go
@@ -4,11 +4,13 @@ import (
 	"context"
 	"net/http"
 	"net/http/httptest"
+	"strconv"
 	"testing"
 	"time"
 
 	"github.com/labstack/echo/v5"
 
+	"gomodel/internal/budget"
 	"gomodel/internal/core"
 )
 
@@ -86,3 +88,65 @@ func TestBatchBudgetEnforcerUsesResolvedWorkflow(t *testing.T) {
 		t.Fatalf("budget checker was called %d times, want 0", checker.calls)
 	}
 }
+
+func TestBatchBudgetEnforcerInvokesCheckerWhenEnabled(t *testing.T) {
+	checker := &countingBudgetChecker{}
+	enforcer := batchBudgetEnforcer(checker)
+	if enforcer == nil {
+		t.Fatal("batchBudgetEnforcer() = nil, want function")
+	}
+
+	ctx := core.WithWorkflow(context.Background(), &core.Workflow{
+		Policy: &core.ResolvedWorkflowPolicy{
+			VersionID: "workflow-v1",
+			Features: core.WorkflowFeatures{
+				Usage:  true,
+				Budget: true,
+			},
+		},
+	})
+
+	if err := enforcer(ctx); err != nil {
+		t.Fatalf("batch budget enforcer returned error: %v", err)
+	}
+	if checker.calls != 1 {
+		t.Fatalf("budget checker was called %d times, want 1", checker.calls)
+	}
+}
+
+func TestBudgetExceededResponseIncludesRetryAfter(t *testing.T) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+
+	err := budgetCheckError(&budget.ExceededError{
+		Result: budget.CheckResult{
+			Budget: budget.Budget{
+				UserPath:      "/",
+				PeriodSeconds: budget.PeriodDailySeconds,
+				Amount:        1,
+			},
+			PeriodEnd: time.Now().UTC().Add(5 * time.Minute),
+			Spent:     1,
+		},
+	})
+	if err := handleError(c, err); err != nil {
+		t.Fatalf("handleError() error = %v", err)
+	}
+
+	if rec.Code != http.StatusTooManyRequests {
+		t.Fatalf("status = %d, want %d", rec.Code, http.StatusTooManyRequests)
+	}
+	retryAfter := rec.Header().Get("Retry-After")
+	if retryAfter == "" {
+		t.Fatal("Retry-After header is empty")
+	}
+	seconds, parseErr := strconv.Atoi(retryAfter)
+	if parseErr != nil {
+		t.Fatalf("Retry-After = %q, want delay seconds", retryAfter)
+	}
+	if seconds <= 0 || seconds > 300 {
+		t.Fatalf("Retry-After = %d, want between 1 and 300", seconds)
+	}
+}
diff --git a/internal/server/error_support.go b/internal/server/error_support.go
index 77758275..65878737 100644
--- a/internal/server/error_support.go
+++ b/internal/server/error_support.go
@@ -16,15 +16,39 @@ func handleError(c *echo.Context, err error) error {
 	if gatewayErr, ok := errors.AsType[*core.GatewayError](err); ok {
 		logHandledError(c, gatewayErr)
 		auditlog.EnrichEntryWithError(c, string(gatewayErr.Type), gatewayErr.Message, gatewayErrorCode(gatewayErr))
+		applyErrorResponseHeaders(c, err)
 		return c.JSON(gatewayErr.HTTPStatusCode(), gatewayErr.ToJSON())
 	}
 
 	gatewayErr := core.NewProviderError("", http.StatusInternalServerError, "an unexpected error occurred", err)
 	logHandledError(c, gatewayErr)
-	auditlog.EnrichEntryWithError(c, string(gatewayErr.Type), gatewayErr.Message)
+	auditlog.EnrichEntryWithError(c, string(gatewayErr.Type), gatewayErr.Message, gatewayErrorCode(gatewayErr))
 	return c.JSON(gatewayErr.HTTPStatusCode(), gatewayErr.ToJSON())
 }
 
+type responseHeaderError interface {
+	ResponseHeaders() http.Header
+}
+
+func applyErrorResponseHeaders(c *echo.Context, err error) {
+	if c == nil || err == nil {
+		return
+	}
+	var headerErr responseHeaderError
+	if !errors.As(err, &headerErr) {
+		return
+	}
+	for key, values := range headerErr.ResponseHeaders() {
+		for i, value := range values {
+			if i == 0 {
+				c.Response().Header().Set(key, value)
+				continue
+			}
+			c.Response().Header().Add(key, value)
+		}
+	}
+}
+
 func gatewayErrorCode(err *core.GatewayError) string {
 	if err == nil || err.Code == nil {
 		return ""
diff --git a/internal/server/http.go b/internal/server/http.go
index 28d5ede9..006baeb3 100644
--- a/internal/server/http.go
+++ b/internal/server/http.go
@@ -328,8 +328,8 @@ func New(provider core.RoutableProvider, cfg *Config) *Server {
 		adminAPI.GET("/providers/status", cfg.AdminHandler.ProviderStatus)
 		adminAPI.POST("/runtime/refresh", cfg.AdminHandler.RefreshRuntime)
 		adminAPI.GET("/budgets", cfg.AdminHandler.ListBudgets)
-		adminAPI.PUT("/budgets", cfg.AdminHandler.UpsertBudget)
-		adminAPI.DELETE("/budgets", cfg.AdminHandler.DeleteBudget)
+		adminAPI.PUT("/budgets/:user_path/:period", cfg.AdminHandler.UpsertBudget)
+		adminAPI.DELETE("/budgets/:user_path/:period", cfg.AdminHandler.DeleteBudget)
 		adminAPI.GET("/budgets/settings", cfg.AdminHandler.BudgetSettings)
 		adminAPI.PUT("/budgets/settings", cfg.AdminHandler.UpdateBudgetSettings)
 		adminAPI.POST("/budgets/reset-one", cfg.AdminHandler.ResetBudget)
diff --git a/internal/server/translated_inference_service.go b/internal/server/translated_inference_service.go
index 36672f68..0483f2f5 100644
--- a/internal/server/translated_inference_service.go
+++ b/internal/server/translated_inference_service.go
@@ -201,6 +201,10 @@ func responsesPreparedFields(prepared *gateway.PreparedResponsesRequest) (contex
 
 // handleWithCache routes translated requests through the response cache when
 // enabled. The request has already been resolved and patched by the orchestrator.
+// Cache hits intentionally return before dispatch and budget enforcement because
+// they do not incur provider spend. Cache misses still run dispatch, where
+// dispatchChatCompletion and dispatchResponses call enforceBudget before any
+// provider request.
 func handleWithCache[R any](
 	s *translatedInferenceService,
 	c *echo.Context,
diff --git a/internal/usage/cache_type.go b/internal/usage/cache_type.go
index 2f338c00..f47970e7 100644
--- a/internal/usage/cache_type.go
+++ b/internal/usage/cache_type.go
@@ -1,6 +1,10 @@
 package usage
 
-import "strings"
+import (
+	"strings"
+
+	"gomodel/internal/core"
+)
 
 const (
 	CacheTypeExact    = "exact"
@@ -47,12 +51,22 @@ func normalizedUsageEntryForStorage(entry *UsageEntry) *UsageEntry {
 
 	normalized := normalizeCacheType(entry.CacheType)
 	providerName := strings.TrimSpace(entry.ProviderName)
-	if normalized == entry.CacheType && providerName == entry.ProviderName {
+	userPath := normalizeUsageEntryUserPath(entry.UserPath)
+	if normalized == entry.CacheType && providerName == entry.ProviderName && userPath == entry.UserPath {
 		return entry
 	}
 
 	cloned := *entry
 	cloned.CacheType = normalized
 	cloned.ProviderName = providerName
+	cloned.UserPath = userPath
 	return &cloned
 }
+
+func normalizeUsageEntryUserPath(value string) string {
+	normalized, err := core.NormalizeUserPath(value)
+	if err != nil || normalized == "" {
+		return "/"
+	}
+	return normalized
+}
diff --git a/internal/usage/cache_type_test.go b/internal/usage/cache_type_test.go
index c292701a..9a1ca2f0 100644
--- a/internal/usage/cache_type_test.go
+++ b/internal/usage/cache_type_test.go
@@ -20,3 +20,18 @@ func TestNormalizedUsageEntryForStorageClearsInvalidCacheTypeWithoutMutatingInpu
 		t.Fatalf("input CacheType mutated to %q", entry.CacheType)
 	}
 }
+
+func TestNormalizedUsageEntryForStorageNormalizesUserPath(t *testing.T) {
+	entry := &UsageEntry{
+		ID:       "usage-1",
+		UserPath: " team/alpha ",
+	}
+
+	got := normalizedUsageEntryForStorage(entry)
+	if got.UserPath != "/team/alpha" {
+		t.Fatalf("normalized UserPath = %q, want /team/alpha", got.UserPath)
+	}
+	if entry.UserPath != " team/alpha " {
+		t.Fatalf("input UserPath mutated to %q", entry.UserPath)
+	}
+}
diff --git a/internal/workflows/types.go b/internal/workflows/types.go
index a8f51d8a..c5a399bc 100644
--- a/internal/workflows/types.go
+++ b/internal/workflows/types.go
@@ -72,31 +72,26 @@ type FeatureFlags struct {
 }
 
 func (f FeatureFlags) canonicalize() FeatureFlags {
-	if f.Fallback != nil {
-		return f
+	if f.Budget == nil {
+		budgetEnabled := true
+		f.Budget = &budgetEnabled
+	}
+	if f.Fallback == nil {
+		fallbackEnabled := true
+		f.Fallback = &fallbackEnabled
 	}
-	fallbackEnabled := true
-	f.Fallback = &fallbackEnabled
 	return f
 }
 
 func (f FeatureFlags) runtimeFeatures() core.WorkflowFeatures {
 	f = f.canonicalize()
-	fallback := true
-	if f.Fallback != nil {
-		fallback = *f.Fallback
-	}
-	budget := true
-	if f.Budget != nil {
-		budget = *f.Budget
-	}
 	return core.WorkflowFeatures{
 		Cache:      f.Cache,
 		Audit:      f.Audit,
 		Usage:      f.Usage,
-		Budget:     f.Usage && budget,
+		Budget:     f.Usage && *f.Budget,
 		Guardrails: f.Guardrails,
-		Fallback:   fallback,
+		Fallback:   *f.Fallback,
 	}
 }
 
diff --git a/internal/workflows/types_test.go b/internal/workflows/types_test.go
index 0b69318f..27f4b5d0 100644
--- a/internal/workflows/types_test.go
+++ b/internal/workflows/types_test.go
@@ -143,7 +143,12 @@ func TestFeatureFlagsRuntimeFeatures_DisablesBudgetWhenUsageDisabled(t *testing.
 			budget: false,
 		},
 		{
-			name:   "usage enabled",
+			name:   "implicit budget with usage enabled",
+			flags:  FeatureFlags{Usage: true},
+			budget: true,
+		},
+		{
+			name:   "explicit budget with usage enabled",
 			flags:  FeatureFlags{Usage: true, Budget: &explicitBudget},
 			budget: true,
 		},
@@ -186,6 +191,7 @@ func TestNormalizePayload_CanonicalizesFallbackForStableWorkflowHash(t *testing.
 			Usage:      true,
 			Guardrails: false,
 			Fallback:   &explicitTrue,
+			Budget:     &explicitTrue,
 		},
 	})
 	if err != nil {
@@ -198,6 +204,12 @@ func TestNormalizePayload_CanonicalizesFallbackForStableWorkflowHash(t *testing.
 	if explicitPayload.Features.Fallback == nil || !*explicitPayload.Features.Fallback {
 		t.Fatalf("explicit payload fallback = %v, want explicit true", explicitPayload.Features.Fallback)
 	}
+	if implicitPayload.Features.Budget == nil || !*implicitPayload.Features.Budget {
+		t.Fatalf("implicit payload budget = %v, want explicit true", implicitPayload.Features.Budget)
+	}
+	if explicitPayload.Features.Budget == nil || !*explicitPayload.Features.Budget {
+		t.Fatalf("explicit payload budget = %v, want explicit true", explicitPayload.Features.Budget)
+	}
 	if implicitHash != explicitHash {
 		t.Fatalf("workflow hash mismatch: implicit=%q explicit=%q", implicitHash, explicitHash)
 	}

From 771d3fc43cf148e0802edc71a15cdad6e0ee4dd6 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Mon, 27 Apr 2026 00:45:22 +0200
Subject: [PATCH 6/9] fix(budgets): harden budget management edge cases

---
 CHANGELOG.md                                  |   7 +-
 config/config.go                              |  15 ++-
 config/config_test.go                         |  58 ++++++++++
 docs/openapi.json                             |   3 +
 .../static/js/modules/budgets.test.cjs        |  41 +++++++
 .../dashboard/static/js/modules/workflows.js  |   5 +-
 .../static/js/modules/workflows.test.cjs      |  30 ++++-
 internal/admin/handler.go                     |   7 +-
 internal/admin/handler_budgets_test.go        |  74 +++++++++++++
 internal/budget/factory.go                    |   8 +-
 internal/budget/service_test.go               |  32 ++++++
 internal/budget/store.go                      |   3 +
 internal/budget/store_mongodb.go              | 104 ++++++++++++++++--
 internal/budget/store_mongodb_test.go         |  75 +++++++++++++
 internal/budget/store_postgresql.go           |   4 +-
 internal/budget/store_sqlite.go               |   4 +-
 internal/budget/types.go                      |   5 +-
 internal/budget/types_test.go                 |  28 +++++
 internal/server/base_path.go                  |  22 +++-
 internal/server/budget_support.go             |   3 +-
 internal/server/budget_support_test.go        |  31 ++++++
 internal/server/http_test.go                  |  43 ++++++++
 internal/usage/cache_type_test.go             |  86 +++++++++++++++
 23 files changed, 658 insertions(+), 30 deletions(-)
 create mode 100644 internal/budget/store_mongodb_test.go

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2f569698..c7867557 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,4 +4,9 @@
 
 ### Migration notes
 
-- Budget management depends on usage tracking. If `USAGE_ENABLED=false`, GoModel starts with budgets disabled and logs a warning even when `BUDGETS_ENABLED=true`; enable both `USAGE_ENABLED` and `BUDGETS_ENABLED` to enforce budgets.
+- Budget defaults are `USAGE_ENABLED=true` and `BUDGETS_ENABLED=true`.
+- `internal/app/app.go` disables budgets when it sees `BUDGETS_ENABLED=true` with `USAGE_ENABLED=false`, because budget checks depend on usage data.
+- Minimal enablement:
+  ```bash
+  USAGE_ENABLED=true BUDGETS_ENABLED=true ./gomodel
+  ```
diff --git a/config/config.go b/config/config.go
index 90585049..a08c5b86 100644
--- a/config/config.go
+++ b/config/config.go
@@ -1322,10 +1322,17 @@ func applyBudgetEnv(cfg *Config) error {
 		if len(limits) == 0 {
 			continue
 		}
-		cfg.Budgets.UserPaths = append(cfg.Budgets.UserPaths, BudgetUserPathConfig{
+		entry := BudgetUserPathConfig{
 			Path:   path,
 			Limits: limits,
-		})
+		}
+		replaced := cfg.Budgets.UserPaths[:0]
+		for _, existing := range cfg.Budgets.UserPaths {
+			if existing.Path != entry.Path {
+				replaced = append(replaced, existing)
+			}
+		}
+		cfg.Budgets.UserPaths = append(replaced, entry)
 	}
 	return nil
 }
@@ -1417,8 +1424,8 @@ func validateBudgetConfig(cfg *BudgetsConfig) error {
 			return fmt.Errorf("budgets.user_paths[%d].path is required", pathIdx)
 		}
 		for limitIdx, limit := range entry.Limits {
-			if limit.Amount <= 0 {
-				return fmt.Errorf("budgets.user_paths[%d].limits[%d].amount must be greater than 0", pathIdx, limitIdx)
+			if math.IsNaN(limit.Amount) || math.IsInf(limit.Amount, 0) || limit.Amount <= 0 {
+				return fmt.Errorf("budgets.user_paths[%d].limits[%d].amount must be a finite number greater than 0", pathIdx, limitIdx)
 			}
 			if limit.PeriodSeconds <= 0 {
 				seconds, ok := budgetPeriodSeconds(limit.Period)
diff --git a/config/config_test.go b/config/config_test.go
index 182511dd..009355de 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -299,6 +299,64 @@ func TestLoadBudgetEnvJSONLimitsAreSorted(t *testing.T) {
 	})
 }
 
+func TestLoadBudgetEnvReplacesMatchingYAMLUserPath(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(dir string) {
+		yamlConfig := `
+budgets:
+  user_paths:
+    - path: /team/alpha
+      limits:
+        - period: daily
+          amount: 1
+    - path: /team/beta
+      limits:
+        - period: daily
+          amount: 2
+`
+		if err := os.WriteFile(filepath.Join(dir, "config.yaml"), []byte(yamlConfig), 0644); err != nil {
+			t.Fatalf("Failed to write config.yaml: %v", err)
+		}
+		t.Setenv("SET_BUDGET_TEAM__ALPHA", "weekly=50")
+
+		result, err := Load()
+		if err != nil {
+			t.Fatalf("Load() failed: %v", err)
+		}
+
+		entries := result.Config.Budgets.UserPaths
+		if len(entries) != 2 {
+			t.Fatalf("expected 2 budget user paths, got %d: %+v", len(entries), entries)
+		}
+		if entries[0].Path != "/team/beta" || entries[0].Limits[0].Amount != 2 {
+			t.Fatalf("first budget entry = %+v, want untouched /team/beta YAML entry", entries[0])
+		}
+		if entries[1].Path != "/team/alpha" {
+			t.Fatalf("env replacement path = %q, want /team/alpha", entries[1].Path)
+		}
+		if len(entries[1].Limits) != 1 || entries[1].Limits[0].PeriodSeconds != 604800 || entries[1].Limits[0].Amount != 50 {
+			t.Fatalf("env replacement limits = %+v, want weekly=50", entries[1].Limits)
+		}
+	})
+}
+
+func TestLoadBudgetEnvRejectsNonFiniteAmount(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(string) {
+		t.Setenv("SET_BUDGET_TEAM__ALPHA", "daily=NaN")
+
+		_, err := Load()
+		if err == nil {
+			t.Fatal("Load() error = nil, want non-finite budget amount error")
+		}
+		if !strings.Contains(err.Error(), "amount must be a finite number greater than 0") {
+			t.Fatalf("Load() error = %v, want finite amount validation", err)
+		}
+	})
+}
+
 func TestLoadBudgetEnvDisablesBudgetsWhenUsageTrackingDisabled(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
diff --git a/docs/openapi.json b/docs/openapi.json
index ce0ed90b..023f0a92 100644
--- a/docs/openapi.json
+++ b/docs/openapi.json
@@ -4674,6 +4674,9 @@
       },
       "admin.upsertBudgetRequest": {
         "type": "object",
+        "required": [
+          "amount"
+        ],
         "properties": {
           "amount": {
             "type": "number"
diff --git a/internal/admin/dashboard/static/js/modules/budgets.test.cjs b/internal/admin/dashboard/static/js/modules/budgets.test.cjs
index c308c163..6f9d5408 100644
--- a/internal/admin/dashboard/static/js/modules/budgets.test.cjs
+++ b/internal/admin/dashboard/static/js/modules/budgets.test.cjs
@@ -363,3 +363,44 @@ test('resetBudgets requires the typed reset confirmation before posting', async
     assert.equal(module.budgetSettingsError, 'Type reset to confirm.');
     assert.equal(module.budgetResetLoading, false);
 });
+
+test('resetBudgets posts after confirmation and refreshes the budget page', async () => {
+    const requests = [];
+    let refreshCalls = 0;
+    const module = createBudgetsModule({
+        fetch(url, request) {
+            return module.fetch(url, request);
+        }
+    });
+    module.fetch = (url, request) => {
+        requests.push({ url, request });
+        assert.equal(url, '/admin/api/v1/budgets/reset');
+        assert.equal(request.method, 'POST');
+        return Promise.resolve({ status: 200, ok: true });
+    };
+    module.requestOptions = (options) => options || {};
+    module.handleFetchResponse = (res, label, request) => {
+        assert.equal(label, 'budget reset');
+        assert.equal(res.ok, true);
+        assert.equal(request.method, 'POST');
+        return true;
+    };
+    module.page = 'budgets';
+    module.budgetResetDialogOpen = true;
+    module.budgetResetConfirmation = 'reset';
+    module.fetchBudgets = async () => {
+        refreshCalls++;
+        module.budgets = [{ user_path: '/', period_seconds: 86400, amount: 1 }];
+    };
+
+    await module.resetBudgets();
+
+    assert.equal(module.budgetSettingsError, '');
+    assert.equal(module.budgetResetLoading, false);
+    assert.equal(requests.length, 1);
+    assert.equal(requests[0].request.body, JSON.stringify({ confirmation: 'reset' }));
+    assert.equal(refreshCalls, 1);
+    assert.equal(module.budgetResetDialogOpen, false);
+    assert.equal(module.budgetSettingsNotice, 'Budgets reset.');
+    assert.deepEqual(module.budgets, [{ user_path: '/', period_seconds: 86400, amount: 1 }]);
+});
diff --git a/internal/admin/dashboard/static/js/modules/workflows.js b/internal/admin/dashboard/static/js/modules/workflows.js
index 617bd13b..f944cdcb 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.js
@@ -184,11 +184,12 @@
 	            workflowApplyGlobalFeatureCaps(raw) {
 	                const features = this.workflowNormalizedFeatures(raw);
 	                const caps = this.workflowFeatureCaps();
+	                const usage = features.usage && caps.usage;
 	                return {
 	                    cache: features.cache && caps.cache,
 	                    audit: features.audit && caps.audit,
-	                    usage: features.usage && caps.usage,
-	                    budget: features.budget && caps.budget,
+	                    usage,
+	                    budget: usage && features.budget && caps.budget,
 	                    guardrails: features.guardrails && caps.guardrails,
 	                    fallback: features.fallback
 	                };
diff --git a/internal/admin/dashboard/static/js/modules/workflows.test.cjs b/internal/admin/dashboard/static/js/modules/workflows.test.cjs
index e2a0acb0..ec32320b 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.test.cjs
+++ b/internal/admin/dashboard/static/js/modules/workflows.test.cjs
@@ -218,7 +218,7 @@ test('workflowChart returns the shared chart contract for workflow sources', ()
             }
         })),
         JSON.stringify({
-            showBudget: true,
+            showBudget: false,
             budgetNodeClass: '',
             budgetStatusLabel: null,
             showGuardrails: true,
@@ -837,6 +837,34 @@ test('buildWorkflowRequest emits provider-model payload and strips guardrails wh
     );
 });
 
+test('buildWorkflowRequest disables budget when usage is disabled in the form', () => {
+    const module = createWorkflowsModule();
+    module.workflowRuntimeConfig = {
+        USAGE_ENABLED: 'on',
+        BUDGETS_ENABLED: 'on'
+    };
+    module.workflowForm = {
+        scope_provider: 'openai',
+        scope_model: 'gpt-5',
+        name: 'OpenAI GPT-5',
+        description: 'Usage disabled',
+        features: {
+            cache: true,
+            audit: true,
+            usage: false,
+            budget: true,
+            guardrails: false,
+            fallback: true
+        },
+        guardrails: []
+    };
+
+    const features = module.buildWorkflowRequest().workflow_payload.features;
+
+    assert.equal(features.usage, false);
+    assert.equal(features.budget, false);
+});
+
 test('openWorkflowCreate hydrates features and guardrails via shared normalizers', () => {
     const module = createWorkflowsModule();
     module.workflowSourceFeatures = () => ({
diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index a4134a4a..fa267b81 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -1035,7 +1035,7 @@ func (h *Handler) ListBudgets(c *echo.Context) error {
 	now := time.Now().UTC()
 	statuses, err := h.budgets.Statuses(c.Request().Context(), now)
 	if err != nil {
-		return handleError(c, core.NewProviderError("budgets", http.StatusServiceUnavailable, "failed to list budgets", err))
+		return handleError(c, budgetServiceError("failed to list budgets", err))
 	}
 	return c.JSON(http.StatusOK, budgetListResponse{
 		Budgets:    budgetStatusResponses(statuses, now),
@@ -1224,7 +1224,7 @@ func (h *Handler) ResetBudgets(c *echo.Context) error {
 		return handleError(c, core.NewInvalidRequestError("confirmation must be reset", nil))
 	}
 	if err := h.budgets.ResetAll(c.Request().Context(), time.Now().UTC()); err != nil {
-		return handleError(c, core.NewProviderError("budgets", http.StatusServiceUnavailable, "failed to reset budgets", err))
+		return handleError(c, budgetServiceError("failed to reset budgets", err))
 	}
 	return c.JSON(http.StatusOK, resetBudgetsResponse{Status: "ok"})
 }
@@ -1570,6 +1570,9 @@ func clampBudgetRatio(value float64) float64 {
 }
 
 func budgetServiceError(message string, err error) error {
+	if errors.Is(err, budget.ErrNotFound) {
+		return core.NewNotFoundError("budget not found").WithCode("budget_not_found")
+	}
 	return core.NewProviderError("budgets", http.StatusServiceUnavailable, message, err)
 }
 
diff --git a/internal/admin/handler_budgets_test.go b/internal/admin/handler_budgets_test.go
index be2970b3..52cab00c 100644
--- a/internal/admin/handler_budgets_test.go
+++ b/internal/admin/handler_budgets_test.go
@@ -22,6 +22,8 @@ type adminBudgetStore struct {
 	resetUserPath      string
 	resetPeriodSeconds int64
 	resetAllAt         time.Time
+	deleteErr          error
+	resetErr           error
 }
 
 func (s *adminBudgetStore) ListBudgets(context.Context) ([]budget.Budget, error) {
@@ -50,6 +52,9 @@ func (s *adminBudgetStore) UpsertBudgets(_ context.Context, budgets []budget.Bud
 }
 
 func (s *adminBudgetStore) DeleteBudget(_ context.Context, userPath string, periodSeconds int64) error {
+	if s.deleteErr != nil {
+		return s.deleteErr
+	}
 	normalizedPath, err := budget.NormalizeUserPath(userPath)
 	if err != nil {
 		return err
@@ -81,6 +86,9 @@ func (s *adminBudgetStore) SaveSettings(_ context.Context, settings budget.Setti
 }
 
 func (s *adminBudgetStore) ResetBudget(_ context.Context, userPath string, periodSeconds int64, at time.Time) error {
+	if s.resetErr != nil {
+		return s.resetErr
+	}
 	s.resetUserPath = userPath
 	s.resetPeriodSeconds = periodSeconds
 	for i := range s.budgets {
@@ -227,6 +235,72 @@ func TestBudgetEndpointsDeleteBudget(t *testing.T) {
 	}
 }
 
+func TestBudgetEndpointsMissingMutationsReturnNotFound(t *testing.T) {
+	tests := []struct {
+		name  string
+		run   func(*Handler, *echo.Echo) *httptest.ResponseRecorder
+		setup func(*adminBudgetStore)
+	}{
+		{
+			name: "delete missing budget",
+			setup: func(store *adminBudgetStore) {
+				store.deleteErr = budget.ErrNotFound
+			},
+			run: func(h *Handler, e *echo.Echo) *httptest.ResponseRecorder {
+				req := httptest.NewRequest(http.MethodDelete, "/admin/api/v1/budgets/%2Fteam/86400", nil)
+				rec := httptest.NewRecorder()
+				c := e.NewContext(req, rec)
+				c.SetPathValues(echo.PathValues{
+					{Name: "user_path", Value: "%2Fteam"},
+					{Name: "period", Value: "86400"},
+				})
+				if err := h.DeleteBudget(c); err != nil {
+					t.Fatalf("DeleteBudget() returned handler error: %v", err)
+				}
+				return rec
+			},
+		},
+		{
+			name: "reset missing budget",
+			setup: func(store *adminBudgetStore) {
+				store.resetErr = budget.ErrNotFound
+			},
+			run: func(h *Handler, e *echo.Echo) *httptest.ResponseRecorder {
+				req := httptest.NewRequest(
+					http.MethodPost,
+					"/admin/api/v1/budgets/reset-one",
+					strings.NewReader(`{"user_path":"/team","period_seconds":86400}`),
+				)
+				req.Header.Set("Content-Type", "application/json")
+				rec := httptest.NewRecorder()
+				c := e.NewContext(req, rec)
+				if err := h.ResetBudget(c); err != nil {
+					t.Fatalf("ResetBudget() returned handler error: %v", err)
+				}
+				return rec
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			store := &adminBudgetStore{}
+			tt.setup(store)
+			h := newBudgetHandler(t, store)
+			e := echo.New()
+
+			rec := tt.run(h, e)
+
+			if rec.Code != http.StatusNotFound {
+				t.Fatalf("status = %d, want %d body=%s", rec.Code, http.StatusNotFound, rec.Body.String())
+			}
+			if !strings.Contains(rec.Body.String(), `"code":"budget_not_found"`) {
+				t.Fatalf("body = %s, want budget_not_found code", rec.Body.String())
+			}
+		})
+	}
+}
+
 func TestBudgetSettingsEndpoints(t *testing.T) {
 	store := &adminBudgetStore{}
 	h := newBudgetHandler(t, store)
diff --git a/internal/budget/factory.go b/internal/budget/factory.go
index d86f27ba..56ef7366 100644
--- a/internal/budget/factory.go
+++ b/internal/budget/factory.go
@@ -113,12 +113,14 @@ func seedConfiguredBudgets(ctx context.Context, service *Service, cfg config.Bud
 		if err != nil {
 			return fmt.Errorf("invalid budget user path %q: %w", entry.Path, err)
 		}
-		for _, limit := range entry.Limits {
+		for limitIdx, limit := range entry.Limits {
 			seconds := limit.PeriodSeconds
 			if seconds <= 0 {
-				if parsed, ok := PeriodSeconds(limit.Period); ok {
-					seconds = parsed
+				parsed, ok := PeriodSeconds(limit.Period)
+				if !ok {
+					return fmt.Errorf("invalid budget period for user path %q limit %d: %q", userPath, limitIdx, limit.Period)
 				}
+				seconds = parsed
 			}
 			budgets = append(budgets, Budget{
 				UserPath:      userPath,
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
index 71e93521..f105f249 100644
--- a/internal/budget/service_test.go
+++ b/internal/budget/service_test.go
@@ -3,6 +3,7 @@ package budget
 import (
 	"context"
 	"errors"
+	"strings"
 	"testing"
 	"time"
 
@@ -125,6 +126,37 @@ func TestSeedConfiguredBudgetsReplacesEmptyConfigSet(t *testing.T) {
 	}
 }
 
+func TestSeedConfiguredBudgetsRejectsInvalidPeriodBeforeReplacing(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+	store.replaceCalls = 0
+
+	err = seedConfiguredBudgets(ctx, service, config.BudgetsConfig{
+		UserPaths: []config.BudgetUserPathConfig{
+			{
+				Path: "/team",
+				Limits: []config.BudgetLimitConfig{
+					{Period: "fortnightly", Amount: 10},
+				},
+			},
+		},
+	})
+
+	if err == nil {
+		t.Fatal("seedConfiguredBudgets() error = nil, want invalid period error")
+	}
+	if !strings.Contains(err.Error(), `invalid budget period for user path "/team" limit 0: "fortnightly"`) {
+		t.Fatalf("seedConfiguredBudgets() error = %v, want contextual invalid period error", err)
+	}
+	if store.replaceCalls != 0 {
+		t.Fatalf("ReplaceConfigBudgets calls = %d, want 0", store.replaceCalls)
+	}
+}
+
 func TestServiceCheckRejectsExceededBudgetForMatchingUserPath(t *testing.T) {
 	ctx := context.Background()
 	store := &fakeStore{
diff --git a/internal/budget/store.go b/internal/budget/store.go
index 0a355111..14a49b14 100644
--- a/internal/budget/store.go
+++ b/internal/budget/store.go
@@ -2,11 +2,14 @@ package budget
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
 )
 
+var ErrNotFound = errors.New("budget not found")
+
 // Store persists budget definitions, reset settings, and spend lookups.
 type Store interface {
 	ListBudgets(ctx context.Context) ([]Budget, error)
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
index d45d2abd..a17bfcd3 100644
--- a/internal/budget/store_mongodb.go
+++ b/internal/budget/store_mongodb.go
@@ -2,9 +2,12 @@ package budget
 
 import (
 	"context"
+	"errors"
 	"fmt"
+	"log/slog"
 	"regexp"
 	"strconv"
+	"strings"
 	"time"
 
 	"go.mongodb.org/mongo-driver/v2/bson"
@@ -113,7 +116,7 @@ func (s *MongoDBStore) DeleteBudget(ctx context.Context, userPath string, period
 		return fmt.Errorf("delete budget %s/%d: %w", userPath, periodSeconds, err)
 	}
 	if result.DeletedCount == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
@@ -135,11 +138,24 @@ func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budge
 
 	_, err = session.WithTransaction(ctx, func(txCtx context.Context) (any, error) {
 		if err := s.replaceConfigBudgets(txCtx, budgets); err != nil {
+			if isMongoTransactionCapabilityError(err) {
+				return nil, &mongoTransactionFallbackError{err: err}
+			}
 			return nil, err
 		}
 		return nil, nil
 	})
 	if err != nil {
+		if fallbackErr := mongoTransactionFallbackCause(err); fallbackErr != nil || isMongoTransactionCapabilityError(err) {
+			if fallbackErr == nil {
+				fallbackErr = err
+			}
+			slog.Warn("MongoDB transactions unavailable for budget config replacement; falling back to non-transactional update", "error", fallbackErr)
+			if err := s.replaceConfigBudgets(ctx, budgets); err != nil {
+				return fmt.Errorf("replace config budgets without transaction: %w", errors.Join(fallbackErr, err))
+			}
+			return nil
+		}
 		return fmt.Errorf("replace config budgets transaction: %w", err)
 	}
 	return nil
@@ -211,16 +227,73 @@ func (s *MongoDBStore) SaveSettings(ctx context.Context, settings Settings) (Set
 
 	_, err = session.WithTransaction(ctx, func(txCtx context.Context) (any, error) {
 		if err := s.saveSettingsValues(txCtx, settings); err != nil {
+			if isMongoTransactionCapabilityError(err) {
+				return nil, &mongoTransactionFallbackError{err: err}
+			}
 			return nil, err
 		}
 		return nil, nil
 	})
 	if err != nil {
+		if fallbackErr := mongoTransactionFallbackCause(err); fallbackErr != nil || isMongoTransactionCapabilityError(err) {
+			if fallbackErr == nil {
+				fallbackErr = err
+			}
+			slog.Warn("MongoDB transactions unavailable for budget settings save; falling back to non-transactional update", "error", fallbackErr)
+			if err := s.saveSettingsValues(ctx, settings); err != nil {
+				return Settings{}, fmt.Errorf("save budget settings without transaction: %w", errors.Join(fallbackErr, err))
+			}
+			return settings, nil
+		}
 		return Settings{}, fmt.Errorf("save budget settings transaction: %w", err)
 	}
 	return settings, nil
 }
 
+type mongoTransactionFallbackError struct {
+	err error
+}
+
+func (e *mongoTransactionFallbackError) Error() string {
+	if e == nil || e.err == nil {
+		return ""
+	}
+	return e.err.Error()
+}
+
+func mongoTransactionFallbackCause(err error) error {
+	var fallbackErr *mongoTransactionFallbackError
+	if errors.As(err, &fallbackErr) {
+		return fallbackErr.err
+	}
+	return nil
+}
+
+func isMongoTransactionCapabilityError(err error) bool {
+	if err == nil {
+		return false
+	}
+	message := strings.ToLower(err.Error())
+	capabilityPhrases := []string{
+		"transaction numbers are only allowed",
+		"transactions are not supported",
+		"transaction is not supported",
+		"transaction not supported",
+		"replica set member or mongos",
+		"requires a replica set",
+	}
+	for _, phrase := range capabilityPhrases {
+		if strings.Contains(message, phrase) {
+			return true
+		}
+	}
+	var labeled mongo.LabeledError
+	return errors.As(err, &labeled) &&
+		labeled.HasErrorLabel("TransientTransactionError") &&
+		strings.Contains(message, "transaction") &&
+		(strings.Contains(message, "not supported") || strings.Contains(message, "not allowed"))
+}
+
 func (s *MongoDBStore) saveSettingsValues(ctx context.Context, settings Settings) error {
 	for key, value := range settingsKeyValues(settings) {
 		filter := bson.D{{Key: "key", Value: key}}
@@ -255,7 +328,7 @@ func (s *MongoDBStore) ResetBudget(ctx context.Context, userPath string, periodS
 		return fmt.Errorf("reset budget %s/%d: %w", userPath, periodSeconds, err)
 	}
 	if result.MatchedCount == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
@@ -276,14 +349,12 @@ func (s *MongoDBStore) SumUsageCost(ctx context.Context, userPath string, start,
 	if err != nil {
 		return 0, false, err
 	}
-	pathPattern := usagePathRegex(userPath)
 	pipeline := bson.A{
 		bson.D{{Key: "$match", Value: bson.D{
 			{Key: "timestamp", Value: bson.D{{Key: "$gte", Value: start.UTC()}, {Key: "$lt", Value: end.UTC()}}},
-			{Key: "user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}},
-			{Key: "$or", Value: bson.A{
-				bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
-				bson.D{{Key: "cache_type", Value: ""}},
+			{Key: "$and", Value: bson.A{
+				mongoUsagePathMatch(userPath),
+				mongoUncachedUsageMatch(),
 			}},
 		}}},
 		bson.D{{Key: "$group", Value: bson.D{
@@ -321,3 +392,22 @@ func usagePathRegex(userPath string) string {
 	}
 	return "^" + regexp.QuoteMeta(userPath) + "(?:/|$)"
 }
+
+func mongoUsagePathMatch(userPath string) bson.D {
+	pathPattern := usagePathRegex(userPath)
+	if userPath == "/" {
+		return bson.D{{Key: "$or", Value: bson.A{
+			bson.D{{Key: "user_path", Value: bson.D{{Key: "$exists", Value: false}}}},
+			bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: `^\s*$`}}}},
+			bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}}},
+		}}}
+	}
+	return bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: pathPattern}}}}
+}
+
+func mongoUncachedUsageMatch() bson.D {
+	return bson.D{{Key: "$or", Value: bson.A{
+		bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
+		bson.D{{Key: "cache_type", Value: ""}},
+	}}}
+}
diff --git a/internal/budget/store_mongodb_test.go b/internal/budget/store_mongodb_test.go
new file mode 100644
index 00000000..c0730860
--- /dev/null
+++ b/internal/budget/store_mongodb_test.go
@@ -0,0 +1,75 @@
+package budget
+
+import (
+	"errors"
+	"reflect"
+	"testing"
+
+	"go.mongodb.org/mongo-driver/v2/bson"
+	"go.mongodb.org/mongo-driver/v2/mongo"
+)
+
+func TestIsMongoTransactionCapabilityError(t *testing.T) {
+	tests := []struct {
+		name string
+		err  error
+		want bool
+	}{
+		{
+			name: "standalone transaction message",
+			err:  errors.New("Transaction numbers are only allowed on a replica set member or mongos"),
+			want: true,
+		},
+		{
+			name: "labeled unsupported transaction message",
+			err: mongo.CommandError{
+				Message: "transaction is not supported by this deployment",
+				Labels:  []string{"TransientTransactionError"},
+			},
+			want: true,
+		},
+		{
+			name: "ordinary transient transaction error",
+			err: mongo.CommandError{
+				Message: "temporary write conflict",
+				Labels:  []string{"TransientTransactionError"},
+			},
+			want: false,
+		},
+		{
+			name: "ordinary error",
+			err:  errors.New("network timeout"),
+			want: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := isMongoTransactionCapabilityError(tt.err); got != tt.want {
+				t.Fatalf("isMongoTransactionCapabilityError(%v) = %v, want %v", tt.err, got, tt.want)
+			}
+		})
+	}
+}
+
+func TestMongoUsagePathMatchIncludesLegacyRootRows(t *testing.T) {
+	got := mongoUsagePathMatch("/")
+	want := bson.D{{Key: "$or", Value: bson.A{
+		bson.D{{Key: "user_path", Value: bson.D{{Key: "$exists", Value: false}}}},
+		bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: `^\s*$`}}}},
+		bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: "^/"}}}},
+	}}}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Fatalf("mongoUsagePathMatch(/) = %#v, want %#v", got, want)
+	}
+}
+
+func TestMongoUsagePathMatchNestedPathRequiresPrefixBoundary(t *testing.T) {
+	got := mongoUsagePathMatch("/team")
+	want := bson.D{{Key: "user_path", Value: bson.D{{Key: "$regex", Value: `^/team(?:/|$)`}}}}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Fatalf("mongoUsagePathMatch(/team) = %#v, want %#v", got, want)
+	}
+}
diff --git a/internal/budget/store_postgresql.go b/internal/budget/store_postgresql.go
index 377232e0..54545154 100644
--- a/internal/budget/store_postgresql.go
+++ b/internal/budget/store_postgresql.go
@@ -143,7 +143,7 @@ func (s *PostgreSQLStore) DeleteBudget(ctx context.Context, userPath string, per
 		return fmt.Errorf("delete budget %s/%d: %w", userPath, periodSeconds, err)
 	}
 	if tag.RowsAffected() == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
@@ -244,7 +244,7 @@ func (s *PostgreSQLStore) ResetBudget(ctx context.Context, userPath string, peri
 		return fmt.Errorf("reset budget %s/%d: %w", userPath, periodSeconds, err)
 	}
 	if tag.RowsAffected() == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
diff --git a/internal/budget/store_sqlite.go b/internal/budget/store_sqlite.go
index 2f03f2ba..fbfffbc8 100644
--- a/internal/budget/store_sqlite.go
+++ b/internal/budget/store_sqlite.go
@@ -160,7 +160,7 @@ func (s *SQLiteStore) DeleteBudget(ctx context.Context, userPath string, periodS
 	}
 	affected, err := result.RowsAffected()
 	if err == nil && affected == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
@@ -269,7 +269,7 @@ func (s *SQLiteStore) ResetBudget(ctx context.Context, userPath string, periodSe
 	}
 	affected, err := result.RowsAffected()
 	if err == nil && affected == 0 {
-		return fmt.Errorf("budget %s/%d not found", userPath, periodSeconds)
+		return fmt.Errorf("%w: %s/%d", ErrNotFound, userPath, periodSeconds)
 	}
 	return nil
 }
diff --git a/internal/budget/types.go b/internal/budget/types.go
index dae46586..10cefbee 100644
--- a/internal/budget/types.go
+++ b/internal/budget/types.go
@@ -2,6 +2,7 @@ package budget
 
 import (
 	"fmt"
+	"math"
 	"strings"
 	"time"
 
@@ -102,8 +103,8 @@ func NormalizeBudget(b Budget) (Budget, error) {
 	if b.PeriodSeconds <= 0 {
 		return Budget{}, fmt.Errorf("period_seconds must be greater than 0")
 	}
-	if b.Amount <= 0 {
-		return Budget{}, fmt.Errorf("amount must be greater than 0")
+	if math.IsNaN(b.Amount) || math.IsInf(b.Amount, 0) || b.Amount <= 0 {
+		return Budget{}, fmt.Errorf("amount must be a finite number greater than 0")
 	}
 	b.Source = strings.TrimSpace(b.Source)
 	if b.LastResetAt != nil {
diff --git a/internal/budget/types_test.go b/internal/budget/types_test.go
index 0fa5ca14..d0c0820a 100644
--- a/internal/budget/types_test.go
+++ b/internal/budget/types_test.go
@@ -1,6 +1,7 @@
 package budget
 
 import (
+	"math"
 	"strings"
 	"testing"
 	"time"
@@ -24,6 +25,33 @@ func TestApplySettingValueRejectsKnownNonInteger(t *testing.T) {
 	}
 }
 
+func TestNormalizeBudgetRejectsNonFiniteAmount(t *testing.T) {
+	tests := []struct {
+		name   string
+		amount float64
+	}{
+		{name: "nan", amount: math.NaN()},
+		{name: "positive infinity", amount: math.Inf(1)},
+		{name: "negative infinity", amount: math.Inf(-1)},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			_, err := NormalizeBudget(Budget{
+				UserPath:      "/team",
+				PeriodSeconds: PeriodDailySeconds,
+				Amount:        tt.amount,
+			})
+			if err == nil {
+				t.Fatal("NormalizeBudget() error = nil, want non-finite amount error")
+			}
+			if !strings.Contains(err.Error(), "amount must be a finite number greater than 0") {
+				t.Fatalf("NormalizeBudget() error = %v, want finite amount validation", err)
+			}
+		})
+	}
+}
+
 func TestPeriodBoundsUsesConfiguredAnchors(t *testing.T) {
 	settings := Settings{
 		DailyResetHour:     6,
diff --git a/internal/server/base_path.go b/internal/server/base_path.go
index b6879c8d..ee3db60e 100644
--- a/internal/server/base_path.go
+++ b/internal/server/base_path.go
@@ -33,9 +33,9 @@ func stripBasePathMiddleware(basePath string) echo.MiddlewareFunc {
 			cloned := req.Clone(req.Context())
 			urlCopy := *req.URL
 			urlCopy.Path = strippedPath
-			urlCopy.RawPath = ""
+			urlCopy.RawPath = strippedRawPath(req.URL.RawPath, basePath)
 			cloned.URL = &urlCopy
-			cloned.RequestURI = strippedPath
+			cloned.RequestURI = strippedRequestURI(strippedPath, urlCopy.RawPath)
 			if urlCopy.RawQuery != "" {
 				cloned.RequestURI += "?" + urlCopy.RawQuery
 			}
@@ -66,3 +66,21 @@ func stripBasePath(requestPath, basePath string) (string, bool) {
 	}
 	return stripped, true
 }
+
+func strippedRawPath(rawPath, basePath string) string {
+	if rawPath == "" {
+		return ""
+	}
+	stripped, ok := stripBasePath(rawPath, basePath)
+	if !ok {
+		return ""
+	}
+	return stripped
+}
+
+func strippedRequestURI(pathValue, rawPath string) string {
+	if rawPath != "" {
+		return rawPath
+	}
+	return pathValue
+}
diff --git a/internal/server/budget_support.go b/internal/server/budget_support.go
index e176d07d..4cf1a097 100644
--- a/internal/server/budget_support.go
+++ b/internal/server/budget_support.go
@@ -3,7 +3,6 @@ package server
 import (
 	"context"
 	"errors"
-	"fmt"
 	"math"
 	"net/http"
 	"strconv"
@@ -59,7 +58,7 @@ func budgetCheckError(err error) error {
 		}
 		return gatewayErr
 	}
-	return core.NewProviderError("budget", http.StatusServiceUnavailable, fmt.Sprintf("budget check failed: %v", err), err).
+	return core.NewProviderError("budget", http.StatusServiceUnavailable, "budget check failed", err).
 		WithCode("budget_check_failed")
 }
 
diff --git a/internal/server/budget_support_test.go b/internal/server/budget_support_test.go
index 3a94f5d2..13bf2d16 100644
--- a/internal/server/budget_support_test.go
+++ b/internal/server/budget_support_test.go
@@ -2,9 +2,11 @@ package server
 
 import (
 	"context"
+	"errors"
 	"net/http"
 	"net/http/httptest"
 	"strconv"
+	"strings"
 	"testing"
 	"time"
 
@@ -150,3 +152,32 @@ func TestBudgetExceededResponseIncludesRetryAfter(t *testing.T) {
 		t.Fatalf("Retry-After = %d, want between 1 and 300", seconds)
 	}
 }
+
+func TestBudgetCheckFailedResponseMapping(t *testing.T) {
+	e := echo.New()
+	req := httptest.NewRequest(http.MethodPost, "/v1/chat/completions", nil)
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+
+	err := budgetCheckError(errors.New("backend details should not leak"))
+	if err := handleError(c, err); err != nil {
+		t.Fatalf("handleError() error = %v", err)
+	}
+
+	if rec.Code == http.StatusTooManyRequests {
+		t.Fatalf("status = %d, want non-rate-limit budget_check_failed response", rec.Code)
+	}
+	if rec.Code != http.StatusServiceUnavailable {
+		t.Fatalf("status = %d, want %d", rec.Code, http.StatusServiceUnavailable)
+	}
+	body := rec.Body.String()
+	if !strings.Contains(body, `"code":"budget_check_failed"`) {
+		t.Fatalf("body = %s, want budget_check_failed code", body)
+	}
+	if !strings.Contains(body, `"message":"budget check failed"`) {
+		t.Fatalf("body = %s, want generic budget check message", body)
+	}
+	if strings.Contains(body, "backend details should not leak") {
+		t.Fatalf("body leaked wrapped error detail: %s", body)
+	}
+}
diff --git a/internal/server/http_test.go b/internal/server/http_test.go
index 2116535c..35921c30 100644
--- a/internal/server/http_test.go
+++ b/internal/server/http_test.go
@@ -328,6 +328,49 @@ func TestBasePathStripsPrefixBeforeRouting(t *testing.T) {
 	}
 }
 
+func TestBasePathPreservesEscapedPathParamsBeforeRouting(t *testing.T) {
+	srv := New(&mockProvider{}, &Config{BasePath: "/g"})
+	srv.echo.PUT("/admin/api/v1/budgets/:user_path/:period", func(c *echo.Context) error {
+		return c.String(
+			http.StatusOK,
+			c.Param("user_path")+"|"+c.Param("period")+"|"+c.Request().URL.RawPath+"|"+c.Request().RequestURI,
+		)
+	})
+
+	tests := []struct {
+		name     string
+		path     string
+		expected string
+	}{
+		{
+			name:     "root user path",
+			path:     "/g/admin/api/v1/budgets/%2F/86400",
+			expected: "%2F|86400|/admin/api/v1/budgets/%2F/86400|/admin/api/v1/budgets/%2F/86400",
+		},
+		{
+			name:     "nested user path",
+			path:     "/g/admin/api/v1/budgets/%2Fteam%2Fbeta/604800",
+			expected: "%2Fteam%2Fbeta|604800|/admin/api/v1/budgets/%2Fteam%2Fbeta/604800|/admin/api/v1/budgets/%2Fteam%2Fbeta/604800",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodPut, tt.path, nil)
+			rec := httptest.NewRecorder()
+
+			srv.ServeHTTP(rec, req)
+
+			if rec.Code != http.StatusOK {
+				t.Fatalf("status = %d, want %d; body=%s", rec.Code, http.StatusOK, rec.Body.String())
+			}
+			if got := rec.Body.String(); got != tt.expected {
+				t.Fatalf("body = %q, want %q", got, tt.expected)
+			}
+		})
+	}
+}
+
 func TestMetricsEndpointReturnsPrometheusFormat(t *testing.T) {
 	mock := &mockProvider{}
 	srv := New(mock, &Config{
diff --git a/internal/usage/cache_type_test.go b/internal/usage/cache_type_test.go
index 9a1ca2f0..f98512d7 100644
--- a/internal/usage/cache_type_test.go
+++ b/internal/usage/cache_type_test.go
@@ -35,3 +35,89 @@ func TestNormalizedUsageEntryForStorageNormalizesUserPath(t *testing.T) {
 		t.Fatalf("input UserPath mutated to %q", entry.UserPath)
 	}
 }
+
+func TestNormalizedUsageEntryForStorageUserPathFallbackAndCloneBehavior(t *testing.T) {
+	tests := []struct {
+		name             string
+		entry            UsageEntry
+		wantUserPath     string
+		wantCacheType    string
+		wantProviderName string
+		wantSamePointer  bool
+	}{
+		{
+			name:             "invalid dotdot path falls back to root",
+			entry:            UsageEntry{ID: "usage-1", UserPath: "/team/../alpha", CacheType: CacheTypeExact, ProviderName: "openai"},
+			wantUserPath:     "/",
+			wantCacheType:    CacheTypeExact,
+			wantProviderName: "openai",
+		},
+		{
+			name:             "invalid colon path falls back to root",
+			entry:            UsageEntry{ID: "usage-2", UserPath: "/team:alpha", CacheType: CacheTypeSemantic, ProviderName: "openai"},
+			wantUserPath:     "/",
+			wantCacheType:    CacheTypeSemantic,
+			wantProviderName: "openai",
+		},
+		{
+			name:             "blank path falls back to root",
+			entry:            UsageEntry{ID: "usage-3", UserPath: "   ", ProviderName: "openai"},
+			wantUserPath:     "/",
+			wantProviderName: "openai",
+		},
+		{
+			name:             "canonical exact cache entry is reused",
+			entry:            UsageEntry{ID: "usage-4", UserPath: "/team/alpha", CacheType: CacheTypeExact, ProviderName: "openai"},
+			wantUserPath:     "/team/alpha",
+			wantCacheType:    CacheTypeExact,
+			wantProviderName: "openai",
+			wantSamePointer:  true,
+		},
+		{
+			name:            "canonical semantic cache entry with empty provider is reused",
+			entry:           UsageEntry{ID: "usage-5", UserPath: "/", CacheType: CacheTypeSemantic},
+			wantUserPath:    "/",
+			wantCacheType:   CacheTypeSemantic,
+			wantSamePointer: true,
+		},
+		{
+			name:             "cache type normalization clones entry",
+			entry:            UsageEntry{ID: "usage-6", UserPath: "/team", CacheType: "EXACT", ProviderName: "openai"},
+			wantUserPath:     "/team",
+			wantCacheType:    CacheTypeExact,
+			wantProviderName: "openai",
+		},
+		{
+			name:             "provider trim clones entry",
+			entry:            UsageEntry{ID: "usage-7", UserPath: "/team", CacheType: CacheTypeExact, ProviderName: " openai "},
+			wantUserPath:     "/team",
+			wantCacheType:    CacheTypeExact,
+			wantProviderName: "openai",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			entry := tt.entry
+			original := entry
+
+			got := normalizedUsageEntryForStorage(&entry)
+
+			if same := got == &entry; same != tt.wantSamePointer {
+				t.Fatalf("same pointer = %v, want %v", same, tt.wantSamePointer)
+			}
+			if got.UserPath != tt.wantUserPath {
+				t.Fatalf("UserPath = %q, want %q", got.UserPath, tt.wantUserPath)
+			}
+			if got.CacheType != tt.wantCacheType {
+				t.Fatalf("CacheType = %q, want %q", got.CacheType, tt.wantCacheType)
+			}
+			if got.ProviderName != tt.wantProviderName {
+				t.Fatalf("ProviderName = %q, want %q", got.ProviderName, tt.wantProviderName)
+			}
+			if entry.UserPath != original.UserPath || entry.CacheType != original.CacheType || entry.ProviderName != original.ProviderName {
+				t.Fatalf("input mutated from %+v to %+v", original, entry)
+			}
+		})
+	}
+}

From 535db6d42243c022ce778026c01dc205785abc7d Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Mon, 27 Apr 2026 00:52:42 +0200
Subject: [PATCH 7/9] fix(budgets): address review hardening

---
 internal/admin/handler.go              |  2 +-
 internal/admin/handler_budgets_test.go | 35 +++++++++++++++++++++
 internal/budget/factory.go             |  2 +-
 internal/budget/service.go             | 22 +++++++------
 internal/budget/service_test.go        | 43 ++++++++++++++++++++++++++
 internal/budget/store_mongodb.go       |  5 +--
 internal/budget/store_postgresql.go    | 13 ++++----
 internal/budget/store_sqlite.go        |  9 +++---
 internal/budget/store_sqlite_test.go   |  8 ++---
 internal/budget/types.go               | 14 +++++++--
 internal/server/base_path.go           | 27 +++++++++++++++-
 internal/server/http_test.go           | 10 ++++++
 12 files changed, 159 insertions(+), 31 deletions(-)

diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index fa267b81..7bbfd8f5 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -1073,7 +1073,7 @@ func (h *Handler) UpsertBudget(c *echo.Context) error {
 		UserPath:      userPath,
 		PeriodSeconds: periodSeconds,
 		Amount:        req.Amount,
-		Source:        "manual",
+		Source:        budget.SourceManual,
 	})
 	if err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
diff --git a/internal/admin/handler_budgets_test.go b/internal/admin/handler_budgets_test.go
index 52cab00c..911ee29d 100644
--- a/internal/admin/handler_budgets_test.go
+++ b/internal/admin/handler_budgets_test.go
@@ -203,6 +203,41 @@ func TestBudgetEndpointsUpsertAndResetOneBudget(t *testing.T) {
 	}
 }
 
+func TestBudgetEndpointsUpsertMarksConfigBudgetManual(t *testing.T) {
+	store := &adminBudgetStore{
+		budgets: []budget.Budget{
+			{UserPath: "/team", PeriodSeconds: budget.PeriodDailySeconds, Amount: 10, Source: budget.SourceConfig},
+		},
+	}
+	h := newBudgetHandler(t, store)
+	e := echo.New()
+	req := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets/%2Fteam/daily",
+		strings.NewReader(`{"amount":12.5}`),
+	)
+	req.Header.Set("Content-Type", "application/json")
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+	c.SetPathValues(echo.PathValues{
+		{Name: "user_path", Value: "%2Fteam"},
+		{Name: "period", Value: "daily"},
+	})
+
+	if err := h.UpsertBudget(c); err != nil {
+		t.Fatalf("UpsertBudget() failed: %v", err)
+	}
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status = %d, want %d body=%s", rec.Code, http.StatusOK, rec.Body.String())
+	}
+	if len(store.budgets) != 1 {
+		t.Fatalf("stored budgets = %+v, want one budget", store.budgets)
+	}
+	if got := store.budgets[0].Source; got != budget.SourceManual {
+		t.Fatalf("budget source = %q, want %q", got, budget.SourceManual)
+	}
+}
+
 func TestBudgetEndpointsDeleteBudget(t *testing.T) {
 	store := &adminBudgetStore{
 		budgets: []budget.Budget{
diff --git a/internal/budget/factory.go b/internal/budget/factory.go
index 56ef7366..b89b0730 100644
--- a/internal/budget/factory.go
+++ b/internal/budget/factory.go
@@ -126,7 +126,7 @@ func seedConfiguredBudgets(ctx context.Context, service *Service, cfg config.Bud
 				UserPath:      userPath,
 				PeriodSeconds: seconds,
 				Amount:        limit.Amount,
-				Source:        "config",
+				Source:        SourceConfig,
 			})
 		}
 	}
diff --git a/internal/budget/service.go b/internal/budget/service.go
index d95c792b..2e23f67a 100644
--- a/internal/budget/service.go
+++ b/internal/budget/service.go
@@ -2,6 +2,7 @@ package budget
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"sort"
 	"strings"
@@ -9,6 +10,9 @@ import (
 	"time"
 )
 
+// ErrUnavailable indicates a budget service was used without an initialized store.
+var ErrUnavailable = errors.New("budget service is unavailable")
+
 type Service struct {
 	store Store
 	mu    sync.RWMutex
@@ -33,7 +37,7 @@ func NewService(ctx context.Context, store Store) (*Service, error) {
 
 func (s *Service) Refresh(ctx context.Context) error {
 	if s == nil || s.store == nil {
-		return nil
+		return ErrUnavailable
 	}
 	budgets, err := s.store.ListBudgets(ctx)
 	if err != nil {
@@ -58,7 +62,7 @@ func (s *Service) Refresh(ctx context.Context) error {
 
 func (s *Service) UpsertBudgets(ctx context.Context, budgets []Budget) error {
 	if s == nil || s.store == nil {
-		return nil
+		return ErrUnavailable
 	}
 	if err := s.store.UpsertBudgets(ctx, budgets); err != nil {
 		return err
@@ -68,7 +72,7 @@ func (s *Service) UpsertBudgets(ctx context.Context, budgets []Budget) error {
 
 func (s *Service) DeleteBudget(ctx context.Context, userPath string, periodSeconds int64) error {
 	if s == nil || s.store == nil {
-		return fmt.Errorf("budget service is unavailable")
+		return ErrUnavailable
 	}
 	userPath, err := NormalizeUserPath(userPath)
 	if err != nil {
@@ -85,7 +89,7 @@ func (s *Service) DeleteBudget(ctx context.Context, userPath string, periodSecon
 
 func (s *Service) ReplaceConfigBudgets(ctx context.Context, budgets []Budget) error {
 	if s == nil || s.store == nil {
-		return nil
+		return ErrUnavailable
 	}
 	if err := s.store.ReplaceConfigBudgets(ctx, budgets); err != nil {
 		return err
@@ -113,7 +117,7 @@ func (s *Service) Settings() Settings {
 
 func (s *Service) SaveSettings(ctx context.Context, settings Settings) (Settings, error) {
 	if s == nil || s.store == nil {
-		return Settings{}, fmt.Errorf("budget service is unavailable")
+		return Settings{}, ErrUnavailable
 	}
 	saved, err := s.store.SaveSettings(ctx, settings)
 	if err != nil {
@@ -127,7 +131,7 @@ func (s *Service) SaveSettings(ctx context.Context, settings Settings) (Settings
 
 func (s *Service) Statuses(ctx context.Context, now time.Time) ([]CheckResult, error) {
 	if s == nil || s.store == nil {
-		return nil, nil
+		return nil, ErrUnavailable
 	}
 	if now.IsZero() {
 		now = time.Now().UTC()
@@ -155,7 +159,7 @@ func (s *Service) Statuses(ctx context.Context, now time.Time) ([]CheckResult, e
 
 func (s *Service) ResetBudget(ctx context.Context, userPath string, periodSeconds int64, at time.Time) error {
 	if s == nil || s.store == nil {
-		return fmt.Errorf("budget service is unavailable")
+		return ErrUnavailable
 	}
 	userPath, err := NormalizeUserPath(userPath)
 	if err != nil {
@@ -175,7 +179,7 @@ func (s *Service) ResetBudget(ctx context.Context, userPath string, periodSecond
 
 func (s *Service) ResetAll(ctx context.Context, at time.Time) error {
 	if s == nil || s.store == nil {
-		return fmt.Errorf("budget service is unavailable")
+		return ErrUnavailable
 	}
 	if at.IsZero() {
 		at = time.Now().UTC()
@@ -193,7 +197,7 @@ func (s *Service) Check(ctx context.Context, userPath string, now time.Time) err
 
 func (s *Service) CheckWithResults(ctx context.Context, userPath string, now time.Time) ([]CheckResult, error) {
 	if s == nil || s.store == nil {
-		return nil, nil
+		return nil, ErrUnavailable
 	}
 	userPath, err := NormalizeUserPath(userPath)
 	if err != nil {
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
index f105f249..e02f2ae3 100644
--- a/internal/budget/service_test.go
+++ b/internal/budget/service_test.go
@@ -74,6 +74,49 @@ func (s *fakeStore) Close() error {
 	return nil
 }
 
+func TestServiceUnavailableOperationsReturnErrors(t *testing.T) {
+	ctx := context.Background()
+	service := &Service{}
+	var nilService *Service
+	now := time.Date(2026, time.April, 25, 12, 0, 0, 0, time.UTC)
+
+	checks := []struct {
+		name string
+		run  func() error
+	}{
+		{name: "nil receiver", run: func() error { return nilService.Refresh(ctx) }},
+		{name: "refresh", run: func() error { return service.Refresh(ctx) }},
+		{name: "upsert", run: func() error {
+			return service.UpsertBudgets(ctx, []Budget{{UserPath: "/", PeriodSeconds: PeriodDailySeconds, Amount: 1}})
+		}},
+		{name: "delete", run: func() error { return service.DeleteBudget(ctx, "/", PeriodDailySeconds) }},
+		{name: "replace config", run: func() error { return service.ReplaceConfigBudgets(ctx, nil) }},
+		{name: "save settings", run: func() error {
+			_, err := service.SaveSettings(ctx, DefaultSettings())
+			return err
+		}},
+		{name: "statuses", run: func() error {
+			_, err := service.Statuses(ctx, now)
+			return err
+		}},
+		{name: "reset one", run: func() error { return service.ResetBudget(ctx, "/", PeriodDailySeconds, now) }},
+		{name: "reset all", run: func() error { return service.ResetAll(ctx, now) }},
+		{name: "check", run: func() error { return service.Check(ctx, "/", now) }},
+		{name: "check with results", run: func() error {
+			_, err := service.CheckWithResults(ctx, "/", now)
+			return err
+		}},
+	}
+
+	for _, tt := range checks {
+		t.Run(tt.name, func(t *testing.T) {
+			if err := tt.run(); !errors.Is(err, ErrUnavailable) {
+				t.Fatalf("error = %v, want ErrUnavailable", err)
+			}
+		})
+	}
+}
+
 func TestServiceRefreshSortsBudgetsByUserPathThenLongestPeriod(t *testing.T) {
 	ctx := context.Background()
 	store := &fakeStore{
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
index a17bfcd3..fecaa4b2 100644
--- a/internal/budget/store_mongodb.go
+++ b/internal/budget/store_mongodb.go
@@ -127,7 +127,7 @@ func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budge
 		return err
 	}
 	for i := range budgets {
-		budgets[i].Source = "config"
+		budgets[i].Source = SourceConfig
 	}
 
 	session, err := s.budgets.Database().Client().StartSession()
@@ -162,7 +162,7 @@ func (s *MongoDBStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budge
 }
 
 func (s *MongoDBStore) replaceConfigBudgets(ctx context.Context, budgets []Budget) error {
-	filter := bson.D{{Key: "source", Value: "config"}}
+	filter := bson.D{{Key: "source", Value: SourceConfig}}
 	if len(budgets) > 0 {
 		keep := make(bson.A, 0, len(budgets))
 		for _, budget := range budgets {
@@ -274,6 +274,7 @@ func isMongoTransactionCapabilityError(err error) bool {
 		return false
 	}
 	message := strings.ToLower(err.Error())
+	// TODO: Prefer structured driver labels here and revisit these defensive message matches on mongo-driver upgrades.
 	capabilityPhrases := []string{
 		"transaction numbers are only allowed",
 		"transactions are not supported",
diff --git a/internal/budget/store_postgresql.go b/internal/budget/store_postgresql.go
index 54545154..e3c964c3 100644
--- a/internal/budget/store_postgresql.go
+++ b/internal/budget/store_postgresql.go
@@ -154,7 +154,7 @@ func (s *PostgreSQLStore) ReplaceConfigBudgets(ctx context.Context, budgets []Bu
 		return err
 	}
 	for i := range budgets {
-		budgets[i].Source = "config"
+		budgets[i].Source = SourceConfig
 	}
 
 	tx, err := s.pool.Begin(ctx)
@@ -164,18 +164,19 @@ func (s *PostgreSQLStore) ReplaceConfigBudgets(ctx context.Context, budgets []Bu
 	defer tx.Rollback(ctx) //nolint:errcheck
 
 	if len(budgets) == 0 {
-		if _, err := tx.Exec(ctx, `DELETE FROM budgets WHERE source = 'config'`); err != nil {
+		if _, err := tx.Exec(ctx, `DELETE FROM budgets WHERE source = $1`, SourceConfig); err != nil {
 			return fmt.Errorf("delete old config budgets: %w", err)
 		}
 	} else {
 		conditions := make([]string, 0, len(budgets))
-		args := make([]any, 0, len(budgets)*2)
-		for i, budget := range budgets {
-			base := i*2 + 1
+		args := make([]any, 0, 1+len(budgets)*2)
+		args = append(args, SourceConfig)
+		for _, budget := range budgets {
+			base := len(args) + 1
 			conditions = append(conditions, fmt.Sprintf(`(user_path = $%d AND period_seconds = $%d)`, base, base+1))
 			args = append(args, budget.UserPath, budget.PeriodSeconds)
 		}
-		query := `DELETE FROM budgets WHERE source = 'config' AND NOT (` + strings.Join(conditions, " OR ") + `)`
+		query := `DELETE FROM budgets WHERE source = $1 AND NOT (` + strings.Join(conditions, " OR ") + `)`
 		if _, err := tx.Exec(ctx, query, args...); err != nil {
 			return fmt.Errorf("delete old config budgets: %w", err)
 		}
diff --git a/internal/budget/store_sqlite.go b/internal/budget/store_sqlite.go
index fbfffbc8..62efb19d 100644
--- a/internal/budget/store_sqlite.go
+++ b/internal/budget/store_sqlite.go
@@ -171,7 +171,7 @@ func (s *SQLiteStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget
 		return err
 	}
 	for i := range budgets {
-		budgets[i].Source = "config"
+		budgets[i].Source = SourceConfig
 	}
 
 	tx, err := s.db.BeginTx(ctx, nil)
@@ -181,17 +181,18 @@ func (s *SQLiteStore) ReplaceConfigBudgets(ctx context.Context, budgets []Budget
 	defer tx.Rollback() //nolint:errcheck
 
 	if len(budgets) == 0 {
-		if _, err := tx.ExecContext(ctx, `DELETE FROM budgets WHERE source = 'config'`); err != nil {
+		if _, err := tx.ExecContext(ctx, `DELETE FROM budgets WHERE source = ?`, SourceConfig); err != nil {
 			return fmt.Errorf("delete old config budgets: %w", err)
 		}
 	} else {
 		conditions := make([]string, 0, len(budgets))
-		args := make([]any, 0, len(budgets)*2)
+		args := make([]any, 0, 1+len(budgets)*2)
+		args = append(args, SourceConfig)
 		for _, budget := range budgets {
 			conditions = append(conditions, `(user_path = ? AND period_seconds = ?)`)
 			args = append(args, budget.UserPath, budget.PeriodSeconds)
 		}
-		query := `DELETE FROM budgets WHERE source = 'config' AND NOT (` + strings.Join(conditions, " OR ") + `)`
+		query := `DELETE FROM budgets WHERE source = ? AND NOT (` + strings.Join(conditions, " OR ") + `)`
 		if _, err := tx.ExecContext(ctx, query, args...); err != nil {
 			return fmt.Errorf("delete old config budgets: %w", err)
 		}
diff --git a/internal/budget/store_sqlite_test.go b/internal/budget/store_sqlite_test.go
index 5b90161d..5308042b 100644
--- a/internal/budget/store_sqlite_test.go
+++ b/internal/budget/store_sqlite_test.go
@@ -23,9 +23,9 @@ func TestSQLiteStoreReplaceConfigBudgetsRemovesStaleConfigRowsOnly(t *testing.T)
 	}
 	resetAt := time.Date(2026, time.April, 25, 9, 0, 0, 0, time.UTC)
 	if err := store.UpsertBudgets(ctx, []Budget{
-		{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10, Source: "config"},
-		{UserPath: "/team", PeriodSeconds: PeriodWeeklySeconds, Amount: 50, Source: "config", LastResetAt: &resetAt},
-		{UserPath: "/manual", PeriodSeconds: PeriodDailySeconds, Amount: 5, Source: "manual"},
+		{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10, Source: SourceConfig},
+		{UserPath: "/team", PeriodSeconds: PeriodWeeklySeconds, Amount: 50, Source: SourceConfig, LastResetAt: &resetAt},
+		{UserPath: "/manual", PeriodSeconds: PeriodDailySeconds, Amount: 5, Source: SourceManual},
 	}); err != nil {
 		t.Fatalf("UpsertBudgets() failed: %v", err)
 	}
@@ -54,7 +54,7 @@ func TestSQLiteStoreReplaceConfigBudgetsRemovesStaleConfigRowsOnly(t *testing.T)
 	if weekly.Amount != 75 {
 		t.Fatalf("weekly amount = %v, want 75", weekly.Amount)
 	}
-	if weekly.Source != "config" {
+	if weekly.Source != SourceConfig {
 		t.Fatalf("weekly source = %q, want config", weekly.Source)
 	}
 	if weekly.LastResetAt == nil || !weekly.LastResetAt.Equal(resetAt) {
diff --git a/internal/budget/types.go b/internal/budget/types.go
index 10cefbee..c8c16f63 100644
--- a/internal/budget/types.go
+++ b/internal/budget/types.go
@@ -10,12 +10,20 @@ import (
 )
 
 const (
-	PeriodHourlySeconds  int64 = 3600
-	PeriodDailySeconds   int64 = 86400
-	PeriodWeeklySeconds  int64 = 604800
+	PeriodHourlySeconds int64 = 3600
+	PeriodDailySeconds  int64 = 86400
+	PeriodWeeklySeconds int64 = 604800
+	// PeriodMonthlySeconds is a sentinel key for calendar-month windows, not a literal 30-day duration.
 	PeriodMonthlySeconds int64 = 2592000
 )
 
+const (
+	// SourceConfig marks budgets seeded from static configuration.
+	SourceConfig = "config"
+	// SourceManual marks budgets created or changed through admin APIs.
+	SourceManual = "manual"
+)
+
 // Budget stores one spend limit for one user path and reset period.
 type Budget struct {
 	UserPath      string     `json:"user_path" bson:"user_path"`
diff --git a/internal/server/base_path.go b/internal/server/base_path.go
index ee3db60e..88f7e6ba 100644
--- a/internal/server/base_path.go
+++ b/internal/server/base_path.go
@@ -2,6 +2,7 @@ package server
 
 import (
 	"net/http"
+	"net/url"
 	"strings"
 
 	"gomodel/config"
@@ -73,11 +74,35 @@ func strippedRawPath(rawPath, basePath string) string {
 	}
 	stripped, ok := stripBasePath(rawPath, basePath)
 	if !ok {
-		return ""
+		return stripRawPathByDecodedBase(rawPath, basePath)
 	}
 	return stripped
 }
 
+func stripRawPathByDecodedBase(rawPath, basePath string) string {
+	decoded, err := url.PathUnescape(rawPath)
+	if err != nil {
+		return ""
+	}
+	if _, ok := stripBasePath(decoded, basePath); !ok {
+		return ""
+	}
+	basePath = config.NormalizeBasePath(basePath)
+	if basePath == "/" {
+		return rawPath
+	}
+	rawParts := strings.Split(rawPath, "/")
+	baseParts := strings.Split(strings.Trim(basePath, "/"), "/")
+	if len(rawParts) == 0 || rawParts[0] != "" || len(rawParts) < len(baseParts)+1 {
+		return ""
+	}
+	suffixParts := rawParts[len(baseParts)+1:]
+	if len(suffixParts) == 0 {
+		return "/"
+	}
+	return "/" + strings.Join(suffixParts, "/")
+}
+
 func strippedRequestURI(pathValue, rawPath string) string {
 	if rawPath != "" {
 		return rawPath
diff --git a/internal/server/http_test.go b/internal/server/http_test.go
index 35921c30..7be88215 100644
--- a/internal/server/http_test.go
+++ b/internal/server/http_test.go
@@ -340,6 +340,7 @@ func TestBasePathPreservesEscapedPathParamsBeforeRouting(t *testing.T) {
 	tests := []struct {
 		name     string
 		path     string
+		rawPath  string
 		expected string
 	}{
 		{
@@ -352,11 +353,20 @@ func TestBasePathPreservesEscapedPathParamsBeforeRouting(t *testing.T) {
 			path:     "/g/admin/api/v1/budgets/%2Fteam%2Fbeta/604800",
 			expected: "%2Fteam%2Fbeta|604800|/admin/api/v1/budgets/%2Fteam%2Fbeta/604800|/admin/api/v1/budgets/%2Fteam%2Fbeta/604800",
 		},
+		{
+			name:     "encoded base path raw prefix",
+			path:     "/g/admin/api/v1/budgets/%2F/86400",
+			rawPath:  "/%67/admin/api/v1/budgets/%2F/86400",
+			expected: "%2F|86400|/admin/api/v1/budgets/%2F/86400|/admin/api/v1/budgets/%2F/86400",
+		},
 	}
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			req := httptest.NewRequest(http.MethodPut, tt.path, nil)
+			if tt.rawPath != "" {
+				req.URL.RawPath = tt.rawPath
+			}
 			rec := httptest.NewRecorder()
 
 			srv.ServeHTTP(rec, req)

From 9e1eed1fd1c07756f90e0a4452ca8b825c236ec5 Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Mon, 27 Apr 2026 13:15:23 +0200
Subject: [PATCH 8/9] fix(budgets): address follow-up review findings

---
 CHANGELOG.md                                  |  4 +-
 config/config.go                              | 19 +++-
 config/config_test.go                         | 30 +++++++
 .../dashboard/static/js/modules/workflows.js  | 27 ++++--
 .../static/js/modules/workflows.test.cjs      | 16 ++--
 internal/admin/handler.go                     | 63 ++++++++-----
 internal/admin/handler_budgets_test.go        | 18 ++++
 internal/budget/service.go                    |  4 +-
 internal/budget/service_test.go               | 33 ++++++-
 internal/budget/store_mongodb.go              | 88 ++++++++++++++-----
 internal/budget/store_mongodb_test.go         | 22 +++++
 internal/budget/store_postgresql.go           | 34 ++-----
 internal/budget/store_sqlite.go               | 24 +++--
 internal/budget/store_sqlite_test.go          | 36 ++++++++
 internal/budget/types.go                      |  3 +-
 internal/budget/types_test.go                 |  7 ++
 internal/server/base_path.go                  | 11 ++-
 internal/server/http_test.go                  | 35 ++++++++
 internal/usage/cache_type_test.go             | 20 ++---
 internal/usage/store_postgresql.go            |  1 +
 internal/usage/store_sqlite.go                |  1 +
 21 files changed, 380 insertions(+), 116 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c7867557..0f7b8087 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,8 +5,10 @@
 ### Migration notes
 
 - Budget defaults are `USAGE_ENABLED=true` and `BUDGETS_ENABLED=true`.
-- `internal/app/app.go` disables budgets when it sees `BUDGETS_ENABLED=true` with `USAGE_ENABLED=false`, because budget checks depend on usage data.
 - Minimal enablement:
+
   ```bash
   USAGE_ENABLED=true BUDGETS_ENABLED=true ./gomodel
   ```
+
+- `internal/app/app.go` disables budgets when it sees `BUDGETS_ENABLED=true` with `USAGE_ENABLED=false`, because budget checks depend on usage data.
diff --git a/config/config.go b/config/config.go
index a08c5b86..a538807c 100644
--- a/config/config.go
+++ b/config/config.go
@@ -19,6 +19,7 @@ import (
 
 	"gopkg.in/yaml.v3"
 
+	"gomodel/internal/core"
 	"gomodel/internal/storage"
 )
 
@@ -1419,21 +1420,37 @@ func validateBudgetConfig(cfg *BudgetsConfig) error {
 	if !cfg.Enabled {
 		return nil
 	}
+	seen := make(map[string]struct{})
 	for pathIdx, entry := range cfg.UserPaths {
 		if strings.TrimSpace(entry.Path) == "" {
 			return fmt.Errorf("budgets.user_paths[%d].path is required", pathIdx)
 		}
+		normalizedPath, err := core.NormalizeUserPath(entry.Path)
+		if err != nil {
+			return fmt.Errorf("budgets.user_paths[%d].path is invalid: %w", pathIdx, err)
+		}
+		if normalizedPath == "" {
+			return fmt.Errorf("budgets.user_paths[%d].path is required", pathIdx)
+		}
+		cfg.UserPaths[pathIdx].Path = normalizedPath
 		for limitIdx, limit := range entry.Limits {
 			if math.IsNaN(limit.Amount) || math.IsInf(limit.Amount, 0) || limit.Amount <= 0 {
 				return fmt.Errorf("budgets.user_paths[%d].limits[%d].amount must be a finite number greater than 0", pathIdx, limitIdx)
 			}
+			seconds := limit.PeriodSeconds
 			if limit.PeriodSeconds <= 0 {
-				seconds, ok := budgetPeriodSeconds(limit.Period)
+				parsed, ok := budgetPeriodSeconds(limit.Period)
 				if !ok {
 					return fmt.Errorf("budgets.user_paths[%d].limits[%d].period must be one of hourly, daily, weekly, monthly or period_seconds must be set", pathIdx, limitIdx)
 				}
+				seconds = parsed
 				cfg.UserPaths[pathIdx].Limits[limitIdx].PeriodSeconds = seconds
 			}
+			key := normalizedPath + ":" + strconv.FormatInt(seconds, 10)
+			if _, ok := seen[key]; ok {
+				return fmt.Errorf("duplicate budget for path %s period %d", normalizedPath, seconds)
+			}
+			seen[key] = struct{}{}
 		}
 	}
 	return nil
diff --git a/config/config_test.go b/config/config_test.go
index 009355de..dfaf772f 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -357,6 +357,36 @@ func TestLoadBudgetEnvRejectsNonFiniteAmount(t *testing.T) {
 	})
 }
 
+func TestLoadBudgetConfigRejectsDuplicateLogicalBudgets(t *testing.T) {
+	clearAllConfigEnvVars(t)
+
+	withTempDir(t, func(dir string) {
+		yamlConfig := `
+budgets:
+  user_paths:
+    - path: team/alpha
+      limits:
+        - period: daily
+          amount: 1
+    - path: /team/alpha
+      limits:
+        - period_seconds: 86400
+          amount: 2
+`
+		if err := os.WriteFile(filepath.Join(dir, "config.yaml"), []byte(yamlConfig), 0644); err != nil {
+			t.Fatalf("Failed to write config.yaml: %v", err)
+		}
+
+		_, err := Load()
+		if err == nil {
+			t.Fatal("Load() error = nil, want duplicate budget error")
+		}
+		if !strings.Contains(err.Error(), "duplicate budget for path /team/alpha period 86400") {
+			t.Fatalf("Load() error = %v, want duplicate budget validation", err)
+		}
+	})
+}
+
 func TestLoadBudgetEnvDisablesBudgetsWhenUsageTrackingDisabled(t *testing.T) {
 	clearAllConfigEnvVars(t)
 
diff --git a/internal/admin/dashboard/static/js/modules/workflows.js b/internal/admin/dashboard/static/js/modules/workflows.js
index f944cdcb..5d072aa4 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.js
@@ -559,8 +559,17 @@
                     scope_model: String(workflow.scope && workflow.scope.scope_model || '').trim(),
                     scope_user_path: String(workflow.scope && workflow.scope.scope_user_path || '').trim()
                 };
-                const features = this.workflowSourceFeatures(workflow);
-                const guardrails = this.workflowSourceGuardrails(workflow);
+                const storedFeatures = workflow && workflow.workflow_payload && workflow.workflow_payload.features
+                    ? this.workflowNormalizedFeatures(workflow.workflow_payload.features)
+                    : this.workflowSourceFeatures(workflow);
+                const storedGuardrails = Array.isArray(workflow && workflow.workflow_payload && workflow.workflow_payload.guardrails)
+                    ? workflow.workflow_payload.guardrails
+                        .map((step) => ({
+                            ref: String(step && step.ref || '').trim(),
+                            step: this.parseWorkflowGuardrailStep(step && step.step)
+                        }))
+                        .filter((step) => Number.isInteger(step.step) && step.step >= 0)
+                    : this.workflowSourceGuardrails(workflow);
                 this.workflowForm = {
                     scope_provider: this.workflowScopeProviderValue(workflow.scope),
                     scope_model: String(workflow.scope && workflow.scope.scope_model || ''),
@@ -568,14 +577,14 @@
                     name: String(workflow.name || ''),
                     description: String(workflow.description || ''),
                     features: {
-                        cache: !!features.cache,
-                        audit: !!features.audit,
-                        usage: !!features.usage,
-                        budget: !!features.budget,
-                        guardrails: !!features.guardrails,
-                        fallback: !!features.fallback
+                        cache: !!storedFeatures.cache,
+                        audit: !!storedFeatures.audit,
+                        usage: !!storedFeatures.usage,
+                        budget: !!storedFeatures.budget,
+                        guardrails: !!storedFeatures.guardrails,
+                        fallback: !!storedFeatures.fallback
                     },
-                    guardrails: guardrails.map((step) => ({
+                    guardrails: storedGuardrails.map((step) => ({
                         ref: String(step && step.ref || ''),
                         step: Number.isFinite(step && step.step) ? step.step : 10
                     }))
diff --git a/internal/admin/dashboard/static/js/modules/workflows.test.cjs b/internal/admin/dashboard/static/js/modules/workflows.test.cjs
index ec32320b..5d2fec12 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.test.cjs
+++ b/internal/admin/dashboard/static/js/modules/workflows.test.cjs
@@ -865,7 +865,7 @@ test('buildWorkflowRequest disables budget when usage is disabled in the form',
     assert.equal(features.budget, false);
 });
 
-test('openWorkflowCreate hydrates features and guardrails via shared normalizers', () => {
+test('openWorkflowCreate hydrates saved features and guardrails from payload', () => {
     const module = createWorkflowsModule();
     module.workflowSourceFeatures = () => ({
         cache: false,
@@ -904,18 +904,18 @@ test('openWorkflowCreate hydrates features and guardrails via shared normalizers
     assert.equal(
         JSON.stringify(module.workflowForm.features),
         JSON.stringify({
-            cache: false,
-            audit: false,
-            usage: true,
-            budget: false,
-            guardrails: true,
-            fallback: false
+            cache: true,
+            audit: true,
+            usage: false,
+            budget: true,
+            guardrails: false,
+            fallback: true
         })
     );
     assert.equal(module.workflowFormHydrated, true);
     assert.equal(
         JSON.stringify(module.workflowForm.guardrails),
-        JSON.stringify([{ ref: 'policy-system', step: 30 }])
+        JSON.stringify([{ ref: 'wrong-source', step: 10 }])
     );
     assert.equal(module.workflowForm.scope_user_path, '/team/alpha');
 });
diff --git a/internal/admin/handler.go b/internal/admin/handler.go
index 7bbfd8f5..88f56f71 100644
--- a/internal/admin/handler.go
+++ b/internal/admin/handler.go
@@ -1062,7 +1062,7 @@ func (h *Handler) UpsertBudget(c *echo.Context) error {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
 	}
 	var req upsertBudgetRequest
-	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+	if err := c.Bind(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
 	userPath, periodSeconds, err := budgetRouteKey(c)
@@ -1143,19 +1143,10 @@ func (h *Handler) UpdateBudgetSettings(c *echo.Context) error {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
 	}
 	var req updateBudgetSettingsRequest
-	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+	if err := c.Bind(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
-	settings := budget.Settings{
-		DailyResetHour:     req.DailyResetHour,
-		DailyResetMinute:   req.DailyResetMinute,
-		WeeklyResetWeekday: req.WeeklyResetWeekday,
-		WeeklyResetHour:    req.WeeklyResetHour,
-		WeeklyResetMinute:  req.WeeklyResetMinute,
-		MonthlyResetDay:    req.MonthlyResetDay,
-		MonthlyResetHour:   req.MonthlyResetHour,
-		MonthlyResetMinute: req.MonthlyResetMinute,
-	}
+	settings := req.apply(h.budgets.Settings())
 	if err := budget.ValidateSettings(settings); err != nil {
 		return handleError(c, core.NewInvalidRequestError(err.Error(), err))
 	}
@@ -1183,7 +1174,7 @@ func (h *Handler) ResetBudget(c *echo.Context) error {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
 	}
 	var req resetBudgetRequest
-	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+	if err := c.Bind(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
 	periodSeconds, err := budgetRequestPeriodSeconds(req.Period, req.PeriodSeconds)
@@ -1217,7 +1208,7 @@ func (h *Handler) ResetBudgets(c *echo.Context) error {
 		return handleError(c, featureUnavailableError("budgets feature is unavailable"))
 	}
 	var req resetBudgetsRequest
-	if err := json.NewDecoder(c.Request().Body).Decode(&req); err != nil {
+	if err := c.Bind(&req); err != nil {
 		return handleError(c, core.NewInvalidRequestError("invalid request body: "+err.Error(), err))
 	}
 	if strings.TrimSpace(strings.ToLower(req.confirmationValue())) != "reset" {
@@ -1455,14 +1446,42 @@ type resetBudgetRequest struct {
 }
 
 type updateBudgetSettingsRequest struct {
-	DailyResetHour     int `json:"daily_reset_hour"`
-	DailyResetMinute   int `json:"daily_reset_minute"`
-	WeeklyResetWeekday int `json:"weekly_reset_weekday"`
-	WeeklyResetHour    int `json:"weekly_reset_hour"`
-	WeeklyResetMinute  int `json:"weekly_reset_minute"`
-	MonthlyResetDay    int `json:"monthly_reset_day"`
-	MonthlyResetHour   int `json:"monthly_reset_hour"`
-	MonthlyResetMinute int `json:"monthly_reset_minute"`
+	DailyResetHour     *int `json:"daily_reset_hour"`
+	DailyResetMinute   *int `json:"daily_reset_minute"`
+	WeeklyResetWeekday *int `json:"weekly_reset_weekday"`
+	WeeklyResetHour    *int `json:"weekly_reset_hour"`
+	WeeklyResetMinute  *int `json:"weekly_reset_minute"`
+	MonthlyResetDay    *int `json:"monthly_reset_day"`
+	MonthlyResetHour   *int `json:"monthly_reset_hour"`
+	MonthlyResetMinute *int `json:"monthly_reset_minute"`
+}
+
+func (r updateBudgetSettingsRequest) apply(settings budget.Settings) budget.Settings {
+	if r.DailyResetHour != nil {
+		settings.DailyResetHour = *r.DailyResetHour
+	}
+	if r.DailyResetMinute != nil {
+		settings.DailyResetMinute = *r.DailyResetMinute
+	}
+	if r.WeeklyResetWeekday != nil {
+		settings.WeeklyResetWeekday = *r.WeeklyResetWeekday
+	}
+	if r.WeeklyResetHour != nil {
+		settings.WeeklyResetHour = *r.WeeklyResetHour
+	}
+	if r.WeeklyResetMinute != nil {
+		settings.WeeklyResetMinute = *r.WeeklyResetMinute
+	}
+	if r.MonthlyResetDay != nil {
+		settings.MonthlyResetDay = *r.MonthlyResetDay
+	}
+	if r.MonthlyResetHour != nil {
+		settings.MonthlyResetHour = *r.MonthlyResetHour
+	}
+	if r.MonthlyResetMinute != nil {
+		settings.MonthlyResetMinute = *r.MonthlyResetMinute
+	}
+	return settings
 }
 
 type resetBudgetsRequest struct {
diff --git a/internal/admin/handler_budgets_test.go b/internal/admin/handler_budgets_test.go
index 911ee29d..dd156f4c 100644
--- a/internal/admin/handler_budgets_test.go
+++ b/internal/admin/handler_budgets_test.go
@@ -376,6 +376,24 @@ func TestBudgetSettingsEndpoints(t *testing.T) {
 		t.Fatalf("stored settings = %+v", store.settings)
 	}
 
+	partialReq := httptest.NewRequest(
+		http.MethodPut,
+		"/admin/api/v1/budgets/settings",
+		strings.NewReader(`{"daily_reset_hour":8}`),
+	)
+	partialReq.Header.Set("Content-Type", "application/json")
+	partialRec := httptest.NewRecorder()
+	partialCtx := e.NewContext(partialReq, partialRec)
+	if err := h.UpdateBudgetSettings(partialCtx); err != nil {
+		t.Fatalf("partial UpdateBudgetSettings() failed: %v", err)
+	}
+	if partialRec.Code != http.StatusOK {
+		t.Fatalf("partial update status = %d, want %d body=%s", partialRec.Code, http.StatusOK, partialRec.Body.String())
+	}
+	if store.settings.DailyResetHour != 8 || store.settings.DailyResetMinute != 30 || store.settings.MonthlyResetDay != 31 {
+		t.Fatalf("partial settings update = %+v, want existing values preserved", store.settings)
+	}
+
 	invalidReq := httptest.NewRequest(
 		http.MethodPut,
 		"/admin/api/v1/budgets/settings",
diff --git a/internal/budget/service.go b/internal/budget/service.go
index 2e23f67a..768d6ada 100644
--- a/internal/budget/service.go
+++ b/internal/budget/service.go
@@ -124,7 +124,7 @@ func (s *Service) SaveSettings(ctx context.Context, settings Settings) (Settings
 		return Settings{}, err
 	}
 	if err := s.Refresh(ctx); err != nil {
-		return Settings{}, err
+		return saved, fmt.Errorf("refresh budget service after saving settings: %w", err)
 	}
 	return saved, nil
 }
@@ -216,7 +216,7 @@ func (s *Service) CheckWithResults(ctx context.Context, userPath string, now tim
 		return nil, nil
 	}
 
-	results := make([]CheckResult, 0)
+	results := make([]CheckResult, 0, len(budgets))
 	for _, budget := range budgets {
 		if !budgetAppliesToPath(budget.UserPath, userPath) {
 			continue
diff --git a/internal/budget/service_test.go b/internal/budget/service_test.go
index e02f2ae3..2a6b1052 100644
--- a/internal/budget/service_test.go
+++ b/internal/budget/service_test.go
@@ -13,6 +13,7 @@ import (
 type fakeStore struct {
 	budgets  []Budget
 	settings Settings
+	listErr  error
 	sum      func(userPath string, start, end time.Time) (float64, bool, error)
 
 	lastSumUserPath string
@@ -23,6 +24,9 @@ type fakeStore struct {
 }
 
 func (s *fakeStore) ListBudgets(context.Context) ([]Budget, error) {
+	if s.listErr != nil {
+		return nil, s.listErr
+	}
 	return append([]Budget(nil), s.budgets...), nil
 }
 
@@ -47,8 +51,9 @@ func (s *fakeStore) GetSettings(context.Context) (Settings, error) {
 	return s.settings, nil
 }
 
-func (s *fakeStore) SaveSettings(context.Context, Settings) (Settings, error) {
-	return Settings{}, nil
+func (s *fakeStore) SaveSettings(_ context.Context, settings Settings) (Settings, error) {
+	s.settings = settings
+	return settings, nil
 }
 
 func (s *fakeStore) ResetBudget(_ context.Context, _ string, _ int64, at time.Time) error {
@@ -117,6 +122,30 @@ func TestServiceUnavailableOperationsReturnErrors(t *testing.T) {
 	}
 }
 
+func TestServiceSaveSettingsReturnsSavedSnapshotWhenRefreshFails(t *testing.T) {
+	ctx := context.Background()
+	store := &fakeStore{}
+	service, err := NewService(ctx, store)
+	if err != nil {
+		t.Fatalf("NewService() failed: %v", err)
+	}
+	store.listErr = errors.New("refresh failed")
+
+	want := DefaultSettings()
+	want.DailyResetHour = 7
+	saved, err := service.SaveSettings(ctx, want)
+
+	if err == nil {
+		t.Fatal("SaveSettings() error = nil, want refresh error")
+	}
+	if !strings.Contains(err.Error(), "refresh budget service after saving settings") {
+		t.Fatalf("SaveSettings() error = %v, want refresh wrapper", err)
+	}
+	if saved.DailyResetHour != want.DailyResetHour {
+		t.Fatalf("saved settings = %+v, want persisted snapshot %+v", saved, want)
+	}
+}
+
 func TestServiceRefreshSortsBudgetsByUserPathThenLongestPeriod(t *testing.T) {
 	ctx := context.Background()
 	store := &fakeStore{
diff --git a/internal/budget/store_mongodb.go b/internal/budget/store_mongodb.go
index fecaa4b2..90166de0 100644
--- a/internal/budget/store_mongodb.go
+++ b/internal/budget/store_mongodb.go
@@ -35,7 +35,6 @@ func NewMongoDBStore(ctx context.Context, database *mongo.Database) (*MongoDBSto
 			Keys:    bson.D{{Key: "user_path", Value: 1}, {Key: "period_seconds", Value: 1}},
 			Options: options.Index().SetUnique(true),
 		},
-		{Keys: bson.D{{Key: "user_path", Value: 1}}},
 		{Keys: bson.D{{Key: "period_seconds", Value: 1}}},
 	})
 	if err != nil {
@@ -84,6 +83,7 @@ func (s *MongoDBStore) upsertNormalizedBudgets(ctx context.Context, budgets []Bu
 	if len(budgets) == 0 {
 		return nil
 	}
+	models := make([]mongo.WriteModel, 0, len(budgets))
 	for _, budget := range budgets {
 		filter := bson.D{{Key: "user_path", Value: budget.UserPath}, {Key: "period_seconds", Value: budget.PeriodSeconds}}
 		update := bson.D{{Key: "$set", Value: bson.D{
@@ -96,9 +96,13 @@ func (s *MongoDBStore) upsertNormalizedBudgets(ctx context.Context, budgets []Bu
 			{Key: "created_at", Value: budget.CreatedAt},
 			{Key: "last_reset_at", Value: budget.LastResetAt},
 		}}}
-		if _, err := s.budgets.UpdateOne(ctx, filter, update, options.UpdateOne().SetUpsert(true)); err != nil {
-			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
-		}
+		models = append(models, mongo.NewUpdateOneModel().
+			SetFilter(filter).
+			SetUpdate(update).
+			SetUpsert(true))
+	}
+	if _, err := s.budgets.BulkWrite(ctx, models); err != nil {
+		return fmt.Errorf("upsert %d budgets: %w", len(budgets), err)
 	}
 	return nil
 }
@@ -176,7 +180,50 @@ func (s *MongoDBStore) replaceConfigBudgets(ctx context.Context, budgets []Budge
 	if _, err := s.budgets.DeleteMany(ctx, filter); err != nil {
 		return fmt.Errorf("delete old config budgets: %w", err)
 	}
-	return s.upsertNormalizedBudgets(ctx, budgets)
+	configBudgets, err := s.configBudgetsWithoutManualCollisions(ctx, budgets)
+	if err != nil {
+		return err
+	}
+	return s.upsertNormalizedBudgets(ctx, configBudgets)
+}
+
+func (s *MongoDBStore) configBudgetsWithoutManualCollisions(ctx context.Context, budgets []Budget) ([]Budget, error) {
+	if len(budgets) == 0 {
+		return nil, nil
+	}
+	keys := make(bson.A, 0, len(budgets))
+	for _, budget := range budgets {
+		keys = append(keys, bson.D{
+			{Key: "user_path", Value: budget.UserPath},
+			{Key: "period_seconds", Value: budget.PeriodSeconds},
+		})
+	}
+	cursor, err := s.budgets.Find(ctx, bson.D{{Key: "$or", Value: keys}})
+	if err != nil {
+		return nil, fmt.Errorf("find existing config budget collisions: %w", err)
+	}
+	defer cursor.Close(ctx)
+
+	existingSources := make(map[string]string, len(budgets))
+	for cursor.Next(ctx) {
+		var existing Budget
+		if err := cursor.Decode(&existing); err != nil {
+			return nil, fmt.Errorf("decode existing budget collision: %w", err)
+		}
+		existingSources[budgetKey(existing.UserPath, existing.PeriodSeconds)] = existing.Source
+	}
+	if err := cursor.Err(); err != nil {
+		return nil, fmt.Errorf("iterate existing budget collisions: %w", err)
+	}
+
+	filtered := make([]Budget, 0, len(budgets))
+	for _, budget := range budgets {
+		if source, ok := existingSources[budgetKey(budget.UserPath, budget.PeriodSeconds)]; ok && source != "" && source != SourceConfig {
+			continue
+		}
+		filtered = append(filtered, budget)
+	}
+	return filtered, nil
 }
 
 func (s *MongoDBStore) GetSettings(ctx context.Context) (Settings, error) {
@@ -273,26 +320,20 @@ func isMongoTransactionCapabilityError(err error) bool {
 	if err == nil {
 		return false
 	}
-	message := strings.ToLower(err.Error())
-	// TODO: Prefer structured driver labels here and revisit these defensive message matches on mongo-driver upgrades.
-	capabilityPhrases := []string{
-		"transaction numbers are only allowed",
-		"transactions are not supported",
-		"transaction is not supported",
-		"transaction not supported",
-		"replica set member or mongos",
-		"requires a replica set",
-	}
-	for _, phrase := range capabilityPhrases {
-		if strings.Contains(message, phrase) {
-			return true
-		}
+	var commandErr mongo.CommandError
+	if errors.As(err, &commandErr) && commandErr.HasErrorCode(20) {
+		return true
 	}
 	var labeled mongo.LabeledError
-	return errors.As(err, &labeled) &&
-		labeled.HasErrorLabel("TransientTransactionError") &&
-		strings.Contains(message, "transaction") &&
-		(strings.Contains(message, "not supported") || strings.Contains(message, "not allowed"))
+	if errors.As(err, &labeled) && labeled.HasErrorLabel("TransientTransactionError") {
+		message := strings.ToLower(err.Error())
+		return strings.Contains(message, "transaction") &&
+			(strings.Contains(message, "not supported") ||
+				strings.Contains(message, "not allowed") ||
+				strings.Contains(message, "replica set"))
+	}
+	message := strings.ToLower(err.Error())
+	return strings.Contains(message, "transaction numbers are only allowed on a replica set member or mongos")
 }
 
 func (s *MongoDBStore) saveSettingsValues(ctx context.Context, settings Settings) error {
@@ -409,6 +450,7 @@ func mongoUsagePathMatch(userPath string) bson.D {
 func mongoUncachedUsageMatch() bson.D {
 	return bson.D{{Key: "$or", Value: bson.A{
 		bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
+		bson.D{{Key: "cache_type", Value: nil}},
 		bson.D{{Key: "cache_type", Value: ""}},
 	}}}
 }
diff --git a/internal/budget/store_mongodb_test.go b/internal/budget/store_mongodb_test.go
index c0730860..2e85e49e 100644
--- a/internal/budget/store_mongodb_test.go
+++ b/internal/budget/store_mongodb_test.go
@@ -20,6 +20,15 @@ func TestIsMongoTransactionCapabilityError(t *testing.T) {
 			err:  errors.New("Transaction numbers are only allowed on a replica set member or mongos"),
 			want: true,
 		},
+		{
+			name: "illegal operation command code",
+			err: mongo.CommandError{
+				Code:    20,
+				Message: "transaction is not supported by this deployment",
+				Labels:  []string{"TransientTransactionError"},
+			},
+			want: true,
+		},
 		{
 			name: "labeled unsupported transaction message",
 			err: mongo.CommandError{
@@ -73,3 +82,16 @@ func TestMongoUsagePathMatchNestedPathRequiresPrefixBoundary(t *testing.T) {
 		t.Fatalf("mongoUsagePathMatch(/team) = %#v, want %#v", got, want)
 	}
 }
+
+func TestMongoUncachedUsageMatchIncludesMissingNilAndEmptyCacheType(t *testing.T) {
+	got := mongoUncachedUsageMatch()
+	want := bson.D{{Key: "$or", Value: bson.A{
+		bson.D{{Key: "cache_type", Value: bson.D{{Key: "$exists", Value: false}}}},
+		bson.D{{Key: "cache_type", Value: nil}},
+		bson.D{{Key: "cache_type", Value: ""}},
+	}}}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Fatalf("mongoUncachedUsageMatch() = %#v, want %#v", got, want)
+	}
+}
diff --git a/internal/budget/store_postgresql.go b/internal/budget/store_postgresql.go
index e3c964c3..d73f945f 100644
--- a/internal/budget/store_postgresql.go
+++ b/internal/budget/store_postgresql.go
@@ -51,7 +51,6 @@ func NewPostgreSQLStore(ctx context.Context, pool *pgxpool.Pool) (*PostgreSQLSto
 		return nil, fmt.Errorf("failed to create budget_settings table: %w", err)
 	}
 	for _, index := range []string{
-		`CREATE INDEX IF NOT EXISTS idx_budgets_user_path ON budgets(user_path)`,
 		`CREATE INDEX IF NOT EXISTS idx_budgets_period_seconds ON budgets(period_seconds)`,
 	} {
 		if _, err := pool.Exec(ctx, index); err != nil {
@@ -100,26 +99,8 @@ func (s *PostgreSQLStore) UpsertBudgets(ctx context.Context, budgets []Budget) e
 	}
 	defer tx.Rollback(ctx) //nolint:errcheck
 
-	for _, budget := range budgets {
-		_, err := tx.Exec(ctx, `
-			INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
-			VALUES ($1, $2, $3, $4, $5, $6, $7)
-			ON CONFLICT (user_path, period_seconds) DO UPDATE SET
-				amount = excluded.amount,
-				source = excluded.source,
-				updated_at = excluded.updated_at
-		`,
-			budget.UserPath,
-			budget.PeriodSeconds,
-			budget.Amount,
-			budget.Source,
-			unixOrNil(budget.LastResetAt),
-			budget.CreatedAt.Unix(),
-			budget.UpdatedAt.Unix(),
-		)
-		if err != nil {
-			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
-		}
+	if err := upsertPostgreSQLBudgets(ctx, tx, budgets); err != nil {
+		return err
 	}
 	if err := tx.Commit(ctx); err != nil {
 		return fmt.Errorf("commit budget upsert: %w", err)
@@ -251,7 +232,8 @@ func (s *PostgreSQLStore) ResetBudget(ctx context.Context, userPath string, peri
 }
 
 func (s *PostgreSQLStore) ResetAllBudgets(ctx context.Context, at time.Time) error {
-	_, err := s.pool.Exec(ctx, `UPDATE budgets SET last_reset_at = $1, updated_at = $2`, at.UTC().Unix(), at.UTC().Unix())
+	utcUnix := at.UTC().Unix()
+	_, err := s.pool.Exec(ctx, `UPDATE budgets SET last_reset_at = $1, updated_at = $2`, utcUnix, utcUnix)
 	if err != nil {
 		return fmt.Errorf("reset all budgets: %w", err)
 	}
@@ -289,9 +271,9 @@ func upsertPostgreSQLBudgets(ctx context.Context, tx pgx.Tx, budgets []Budget) e
 			INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
 			VALUES ($1, $2, $3, $4, $5, $6, $7)
 			ON CONFLICT (user_path, period_seconds) DO UPDATE SET
-				amount = excluded.amount,
-				source = excluded.source,
-				updated_at = excluded.updated_at
+				amount = CASE WHEN excluded.source = $8 OR budgets.source = $9 THEN excluded.amount ELSE budgets.amount END,
+				source = CASE WHEN excluded.source = $8 OR budgets.source = $9 THEN excluded.source ELSE budgets.source END,
+				updated_at = CASE WHEN excluded.source = $8 OR budgets.source = $9 THEN excluded.updated_at ELSE budgets.updated_at END
 		`,
 			budget.UserPath,
 			budget.PeriodSeconds,
@@ -300,6 +282,8 @@ func upsertPostgreSQLBudgets(ctx context.Context, tx pgx.Tx, budgets []Budget) e
 			unixOrNil(budget.LastResetAt),
 			budget.CreatedAt.Unix(),
 			budget.UpdatedAt.Unix(),
+			SourceManual,
+			SourceConfig,
 		)
 		if err != nil {
 			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
diff --git a/internal/budget/store_sqlite.go b/internal/budget/store_sqlite.go
index 62efb19d..6d523eda 100644
--- a/internal/budget/store_sqlite.go
+++ b/internal/budget/store_sqlite.go
@@ -114,9 +114,9 @@ func (s *SQLiteStore) UpsertBudgets(ctx context.Context, budgets []Budget) error
 		INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
 		VALUES (?, ?, ?, ?, ?, ?, ?)
 		ON CONFLICT(user_path, period_seconds) DO UPDATE SET
-			amount = excluded.amount,
-			source = excluded.source,
-			updated_at = excluded.updated_at
+			amount = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.amount ELSE budgets.amount END,
+			source = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.source ELSE budgets.source END,
+			updated_at = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.updated_at ELSE budgets.updated_at END
 	`)
 	if err != nil {
 		return fmt.Errorf("prepare budget upsert: %w", err)
@@ -133,6 +133,12 @@ func (s *SQLiteStore) UpsertBudgets(ctx context.Context, budgets []Budget) error
 			unixOrNil(budget.LastResetAt),
 			budget.CreatedAt.Unix(),
 			budget.UpdatedAt.Unix(),
+			SourceManual,
+			SourceConfig,
+			SourceManual,
+			SourceConfig,
+			SourceManual,
+			SourceConfig,
 		); err != nil {
 			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
 		}
@@ -323,9 +329,9 @@ func upsertSQLiteBudgets(ctx context.Context, tx *sql.Tx, budgets []Budget) erro
 		INSERT INTO budgets (user_path, period_seconds, amount, source, last_reset_at, created_at, updated_at)
 		VALUES (?, ?, ?, ?, ?, ?, ?)
 		ON CONFLICT(user_path, period_seconds) DO UPDATE SET
-			amount = excluded.amount,
-			source = excluded.source,
-			updated_at = excluded.updated_at
+			amount = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.amount ELSE budgets.amount END,
+			source = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.source ELSE budgets.source END,
+			updated_at = CASE WHEN excluded.source = ? OR budgets.source = ? THEN excluded.updated_at ELSE budgets.updated_at END
 	`)
 	if err != nil {
 		return fmt.Errorf("prepare budget upsert: %w", err)
@@ -342,6 +348,12 @@ func upsertSQLiteBudgets(ctx context.Context, tx *sql.Tx, budgets []Budget) erro
 			unixOrNil(budget.LastResetAt),
 			budget.CreatedAt.Unix(),
 			budget.UpdatedAt.Unix(),
+			SourceManual,
+			SourceConfig,
+			SourceManual,
+			SourceConfig,
+			SourceManual,
+			SourceConfig,
 		); err != nil {
 			return fmt.Errorf("upsert budget %s/%d: %w", budget.UserPath, budget.PeriodSeconds, err)
 		}
diff --git a/internal/budget/store_sqlite_test.go b/internal/budget/store_sqlite_test.go
index 5308042b..2491055f 100644
--- a/internal/budget/store_sqlite_test.go
+++ b/internal/budget/store_sqlite_test.go
@@ -64,3 +64,39 @@ func TestSQLiteStoreReplaceConfigBudgetsRemovesStaleConfigRowsOnly(t *testing.T)
 		t.Fatal("manual budget was removed by config replacement")
 	}
 }
+
+func TestSQLiteStoreReplaceConfigBudgetsPreservesManualCollision(t *testing.T) {
+	ctx := context.Background()
+	db, err := sql.Open("sqlite", ":memory:")
+	if err != nil {
+		t.Fatalf("sql.Open() failed: %v", err)
+	}
+	defer db.Close()
+
+	store, err := NewSQLiteStore(db)
+	if err != nil {
+		t.Fatalf("NewSQLiteStore() failed: %v", err)
+	}
+	if err := store.UpsertBudgets(ctx, []Budget{
+		{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 10, Source: SourceManual},
+	}); err != nil {
+		t.Fatalf("UpsertBudgets() failed: %v", err)
+	}
+
+	if err := store.ReplaceConfigBudgets(ctx, []Budget{
+		{UserPath: "/team", PeriodSeconds: PeriodDailySeconds, Amount: 99},
+	}); err != nil {
+		t.Fatalf("ReplaceConfigBudgets() failed: %v", err)
+	}
+
+	got, err := store.ListBudgets(ctx)
+	if err != nil {
+		t.Fatalf("ListBudgets() failed: %v", err)
+	}
+	if len(got) != 1 {
+		t.Fatalf("expected 1 budget, got %d: %+v", len(got), got)
+	}
+	if got[0].Source != SourceManual || got[0].Amount != 10 {
+		t.Fatalf("manual budget = %+v, want manual amount preserved", got[0])
+	}
+}
diff --git a/internal/budget/types.go b/internal/budget/types.go
index c8c16f63..91e9584c 100644
--- a/internal/budget/types.go
+++ b/internal/budget/types.go
@@ -232,7 +232,8 @@ func anchoredWeekStart(now time.Time, weekday time.Weekday, hour, minute int) ti
 func anchoredMonthStart(now time.Time, day, hour, minute int) time.Time {
 	start := monthAnchor(now.Year(), now.Month(), day, hour, minute)
 	if now.Before(start) {
-		prev := now.AddDate(0, -1, 0)
+		prevFirst := time.Date(now.Year(), now.Month(), 1, now.Hour(), now.Minute(), now.Second(), now.Nanosecond(), now.Location())
+		prev := prevFirst.AddDate(0, -1, 0)
 		start = monthAnchor(prev.Year(), prev.Month(), day, hour, minute)
 	}
 	return start
diff --git a/internal/budget/types_test.go b/internal/budget/types_test.go
index d0c0820a..43befdae 100644
--- a/internal/budget/types_test.go
+++ b/internal/budget/types_test.go
@@ -113,6 +113,13 @@ func TestPeriodBoundsUsesConfiguredAnchors(t *testing.T) {
 			wantStart: time.Date(2026, time.February, 28, 2, 45, 0, 0, time.UTC),
 			wantEnd:   time.Date(2026, time.March, 31, 2, 45, 0, 0, time.UTC),
 		},
+		{
+			name:      "monthly day 31 before March anchor uses February anchor",
+			now:       time.Date(2026, time.March, 30, 3, 0, 0, 0, time.UTC),
+			period:    PeriodMonthlySeconds,
+			wantStart: time.Date(2026, time.February, 28, 2, 45, 0, 0, time.UTC),
+			wantEnd:   time.Date(2026, time.March, 31, 2, 45, 0, 0, time.UTC),
+		},
 		{
 			name:      "monthly day 31 at leap February anchor",
 			now:       time.Date(2024, time.February, 29, 2, 45, 0, 0, time.UTC),
diff --git a/internal/server/base_path.go b/internal/server/base_path.go
index 88f7e6ba..ebe0de3f 100644
--- a/internal/server/base_path.go
+++ b/internal/server/base_path.go
@@ -33,8 +33,12 @@ func stripBasePathMiddleware(basePath string) echo.MiddlewareFunc {
 
 			cloned := req.Clone(req.Context())
 			urlCopy := *req.URL
+			strippedRaw := strippedRawPath(req.URL.RawPath, basePath)
+			if req.URL.RawPath != "" && strippedRaw == "" {
+				return echo.NewHTTPError(http.StatusBadRequest, "invalid encoded request path")
+			}
 			urlCopy.Path = strippedPath
-			urlCopy.RawPath = strippedRawPath(req.URL.RawPath, basePath)
+			urlCopy.RawPath = strippedRaw
 			cloned.URL = &urlCopy
 			cloned.RequestURI = strippedRequestURI(strippedPath, urlCopy.RawPath)
 			if urlCopy.RawQuery != "" {
@@ -96,6 +100,11 @@ func stripRawPathByDecodedBase(rawPath, basePath string) string {
 	if len(rawParts) == 0 || rawParts[0] != "" || len(rawParts) < len(baseParts)+1 {
 		return ""
 	}
+	for _, rawPart := range rawParts[1 : len(baseParts)+1] {
+		if strings.Contains(strings.ToLower(rawPart), "%2f") {
+			return ""
+		}
+	}
 	suffixParts := rawParts[len(baseParts)+1:]
 	if len(suffixParts) == 0 {
 		return "/"
diff --git a/internal/server/http_test.go b/internal/server/http_test.go
index 7be88215..a8fc4465 100644
--- a/internal/server/http_test.go
+++ b/internal/server/http_test.go
@@ -381,6 +381,41 @@ func TestBasePathPreservesEscapedPathParamsBeforeRouting(t *testing.T) {
 	}
 }
 
+func TestBasePathRejectsInvalidRawPathPrefix(t *testing.T) {
+	srv := New(&mockProvider{}, &Config{BasePath: "/g"})
+	srv.echo.PUT("/admin/api/v1/budgets/:user_path/:period", func(c *echo.Context) error {
+		return c.NoContent(http.StatusOK)
+	})
+
+	tests := []struct {
+		name    string
+		rawPath string
+	}{
+		{
+			name:    "decoded raw path does not match base path",
+			rawPath: "/%2Fg/admin/api/v1/budgets/%2F/86400",
+		},
+		{
+			name:    "encoded slash in raw base path segment",
+			rawPath: "/%67%2Fadmin/api/v1/budgets/%2F/86400",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodPut, "/g/admin/api/v1/budgets/%2F/86400", nil)
+			req.URL.RawPath = tt.rawPath
+			rec := httptest.NewRecorder()
+
+			srv.ServeHTTP(rec, req)
+
+			if rec.Code != http.StatusBadRequest {
+				t.Fatalf("status = %d, want %d; body=%s", rec.Code, http.StatusBadRequest, rec.Body.String())
+			}
+		})
+	}
+}
+
 func TestMetricsEndpointReturnsPrometheusFormat(t *testing.T) {
 	mock := &mockProvider{}
 	srv := New(mock, &Config{
diff --git a/internal/usage/cache_type_test.go b/internal/usage/cache_type_test.go
index f98512d7..7647797e 100644
--- a/internal/usage/cache_type_test.go
+++ b/internal/usage/cache_type_test.go
@@ -21,21 +21,6 @@ func TestNormalizedUsageEntryForStorageClearsInvalidCacheTypeWithoutMutatingInpu
 	}
 }
 
-func TestNormalizedUsageEntryForStorageNormalizesUserPath(t *testing.T) {
-	entry := &UsageEntry{
-		ID:       "usage-1",
-		UserPath: " team/alpha ",
-	}
-
-	got := normalizedUsageEntryForStorage(entry)
-	if got.UserPath != "/team/alpha" {
-		t.Fatalf("normalized UserPath = %q, want /team/alpha", got.UserPath)
-	}
-	if entry.UserPath != " team/alpha " {
-		t.Fatalf("input UserPath mutated to %q", entry.UserPath)
-	}
-}
-
 func TestNormalizedUsageEntryForStorageUserPathFallbackAndCloneBehavior(t *testing.T) {
 	tests := []struct {
 		name             string
@@ -45,6 +30,11 @@ func TestNormalizedUsageEntryForStorageUserPathFallbackAndCloneBehavior(t *testi
 		wantProviderName string
 		wantSamePointer  bool
 	}{
+		{
+			name:         "trims whitespace and prepends slash",
+			entry:        UsageEntry{ID: "usage-0", UserPath: " team/alpha "},
+			wantUserPath: "/team/alpha",
+		},
 		{
 			name:             "invalid dotdot path falls back to root",
 			entry:            UsageEntry{ID: "usage-1", UserPath: "/team/../alpha", CacheType: CacheTypeExact, ProviderName: "openai"},
diff --git a/internal/usage/store_postgresql.go b/internal/usage/store_postgresql.go
index b96b859f..a0cd3c68 100644
--- a/internal/usage/store_postgresql.go
+++ b/internal/usage/store_postgresql.go
@@ -99,6 +99,7 @@ func NewPostgreSQLStore(pool *pgxpool.Pool, retentionDays int) (*PostgreSQLStore
 		"CREATE INDEX IF NOT EXISTS idx_usage_provider ON usage(provider)",
 		"CREATE INDEX IF NOT EXISTS idx_usage_provider_name ON usage(provider_name)",
 		"CREATE INDEX IF NOT EXISTS idx_usage_user_path ON usage(user_path)",
+		"CREATE INDEX IF NOT EXISTS idx_usage_user_path_normalized ON usage(COALESCE(NULLIF(TRIM(user_path), ''), '/'))",
 		"CREATE INDEX IF NOT EXISTS idx_usage_cache_type ON usage(cache_type)",
 		"CREATE INDEX IF NOT EXISTS idx_usage_raw_data_gin ON usage USING GIN (raw_data)",
 	}
diff --git a/internal/usage/store_sqlite.go b/internal/usage/store_sqlite.go
index 7c42cfdf..02b2e7e6 100644
--- a/internal/usage/store_sqlite.go
+++ b/internal/usage/store_sqlite.go
@@ -87,6 +87,7 @@ func NewSQLiteStore(db *sql.DB, retentionDays int) (*SQLiteStore, error) {
 		"CREATE INDEX IF NOT EXISTS idx_usage_provider ON usage(provider)",
 		"CREATE INDEX IF NOT EXISTS idx_usage_provider_name ON usage(provider_name)",
 		"CREATE INDEX IF NOT EXISTS idx_usage_user_path ON usage(user_path)",
+		"CREATE INDEX IF NOT EXISTS idx_usage_user_path_normalized ON usage(COALESCE(NULLIF(TRIM(user_path), ''), '/'))",
 		"CREATE INDEX IF NOT EXISTS idx_usage_cache_type ON usage(cache_type)",
 	}
 	for _, idx := range indexes {

From 39aee20818da18a4fe9197d863efffd2246db98b Mon Sep 17 00:00:00 2001
From: "Jakub A. W" <jakubwasek@gmail.com>
Date: Mon, 27 Apr 2026 14:21:48 +0200
Subject: [PATCH 9/9] fix(dashboard): remove redundant workflow guards

---
 internal/admin/dashboard/static/js/modules/workflows.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/admin/dashboard/static/js/modules/workflows.js b/internal/admin/dashboard/static/js/modules/workflows.js
index 5d072aa4..c32e57fd 100644
--- a/internal/admin/dashboard/static/js/modules/workflows.js
+++ b/internal/admin/dashboard/static/js/modules/workflows.js
@@ -559,10 +559,10 @@
                     scope_model: String(workflow.scope && workflow.scope.scope_model || '').trim(),
                     scope_user_path: String(workflow.scope && workflow.scope.scope_user_path || '').trim()
                 };
-                const storedFeatures = workflow && workflow.workflow_payload && workflow.workflow_payload.features
+                const storedFeatures = workflow.workflow_payload && workflow.workflow_payload.features
                     ? this.workflowNormalizedFeatures(workflow.workflow_payload.features)
                     : this.workflowSourceFeatures(workflow);
-                const storedGuardrails = Array.isArray(workflow && workflow.workflow_payload && workflow.workflow_payload.guardrails)
+                const storedGuardrails = Array.isArray(workflow.workflow_payload && workflow.workflow_payload.guardrails)
                     ? workflow.workflow_payload.guardrails
                         .map((step) => ({
                             ref: String(step && step.ref || '').trim(),