diff --git a/.flow/epics/fn-24.json b/.flow/epics/fn-24.json
new file mode 100644
index 000000000..3df011a0c
--- /dev/null
+++ b/.flow/epics/fn-24.json
@@ -0,0 +1,13 @@
+{
+  "branch_name": "fn-24",
+  "created_at": "2026-01-22T18:01:43.795974Z",
+  "depends_on_epics": [],
+  "id": "fn-24",
+  "next_task": 1,
+  "plan_review_status": "unknown",
+  "plan_reviewed_at": null,
+  "spec_path": ".flow/specs/fn-24.md",
+  "status": "open",
+  "title": "Month 0-2: Triage + Policy Engine",
+  "updated_at": "2026-01-22T18:01:43.796354Z"
+}
diff --git a/.flow/specs/fn-24.md b/.flow/specs/fn-24.md
new file mode 100644
index 000000000..89142dd47
--- /dev/null
+++ b/.flow/specs/fn-24.md
@@ -0,0 +1,44 @@
+# fn-24: Month 0-2: Triage + Policy Engine
+
+## Goal
+Ship policy-driven triage and investigation automation for data platform teams, with per-team rules, dataset overrides, queueing, and measurable activation/usage metrics.
+
+## Scope
+- Team policy engine with dataset overrides and per-team rate limits.
+- Integrations -> issues pipeline that applies policy actions (auto, review, issue-only).
+- Investigation queue/batch executor with Redis rate limiting per team.
+- Redis-backed SSE event storage + API rate limiting.
+- Policy editor UI in Settings > Teams.
+- Activation + weekly usage analytics.
+
+## Non-Goals
+- Automated fixing.
+- SCIM provisioning.
+- SAML (planned for Month 4-6).
+
+## Approach
+- Add policy tables and repository methods for team rules and dataset overrides.
+- Implement a policy evaluator that returns an action + queue config for each issue.
+- Route integration events through policy evaluation and trigger issue creation + optional investigations.
+- Add Redis-backed queue + rate limiter for investigations and SSE event replay storage.
+- Build a team policy editor in Settings > Teams with dataset overrides.
+- Instrument issue/investigation lifecycle events and weekly usage metrics.
+
+## Quick commands
+- `just test`
+
+## Acceptance
+- [ ] Team policies with dataset overrides are persisted and can be read/written via API.
+- [ ] Integration ingestion applies policy actions (auto, review, issue-only).
+- [ ] Auto investigations are queued and rate-limited per team via Redis.
+- [ ] SSE events and API rate limiting are no longer in-memory.
+- [ ] Team policy editor UI is usable in Settings > Teams.
+- [ ] Activation + weekly usage metrics are available via API or queries.
+
+## References
+- `python-packages/dataing/src/dataing/entrypoints/api/routes/integrations.py`
+- `python-packages/dataing/src/dataing/entrypoints/api/routes/runs.py`
+- `python-packages/dataing/src/dataing/entrypoints/api/middleware/rate_limit.py`
+- `frontend/app/src/features/issues/IssueList.tsx`
+- `frontend/app/src/features/issues/IssueWorkspace.tsx`
+- `frontend/app/src/features/settings/teams/teams-settings.tsx`
diff --git a/.flow/tasks/fn-24.1.json b/.flow/tasks/fn-24.1.json
new file mode 100644
index 000000000..8accc19b3
--- /dev/null
+++ b/.flow/tasks/fn-24.1.json
@@ -0,0 +1,23 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T18:07:36.595638Z",
+  "created_at": "2026-01-22T18:02:02.585217Z",
+  "depends_on": [],
+  "epic": "fn-24",
+  "evidence": {
+    "commits": [
+      "b63b00483c7d664738b6efd4e4b0d5837d83930a"
+    ],
+    "prs": [],
+    "tests": [
+      "uv run pytest python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py"
+    ]
+  },
+  "id": "fn-24.1",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.1.md",
+  "status": "done",
+  "title": "Data model + migrations for team policies and overrides",
+  "updated_at": "2026-01-22T19:08:26.558940Z"
+}
diff --git a/.flow/tasks/fn-24.1.md b/.flow/tasks/fn-24.1.md
new file mode 100644
index 000000000..f082ffca0
--- /dev/null
+++ b/.flow/tasks/fn-24.1.md
@@ -0,0 +1,29 @@
+# fn-24.1 Data model + migrations for team policies and overrides
+
+## Description
+Add database tables and repository helpers for team policy rules, dataset overrides, and per-team queue limits. Support overrides by dataset_id and tag-based selectors.
+
+## Acceptance
+- [ ] Migrations add tables for team policies, overrides, and queue limits.
+- [ ] Repository methods exist for CRUD on policies and overrides.
+- [ ] Dataset/tag selectors are represented in the schema (dataset_id or tag_id).
+- [ ] Basic unit tests cover create/read/update for policies.
+
+## Done summary
+- Added migration 028_team_policies.sql with 4 tables: team_policies, team_policy_overrides, team_queue_limits, dataset_tags
+- Created TeamPolicyRepository with full CRUD operations for policies, overrides, queue limits, and dataset tags
+- Added PolicyAction enum and dataclasses for type-safe domain entities
+
+Why:
+- Foundation for policy-driven triage and investigation automation
+- Enables per-team configuration with dataset/tag-specific overrides
+
+Verification:
+- 28 unit tests passing
+- ruff check passing
+- mypy type check passing
+- just test-ce passing (1257 tests)
+## Evidence
+- Commits: b63b00483c7d664738b6efd4e4b0d5837d83930a
+- Tests: uv run pytest python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py
+- PRs:
diff --git a/.flow/tasks/fn-24.2.json b/.flow/tasks/fn-24.2.json
new file mode 100644
index 000000000..08079e574
--- /dev/null
+++ b/.flow/tasks/fn-24.2.json
@@ -0,0 +1,25 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:09:11.846118Z",
+  "created_at": "2026-01-22T18:02:12.872541Z",
+  "depends_on": [
+    "fn-24.1"
+  ],
+  "epic": "fn-24",
+  "evidence": {
+    "commits": [
+      "5a240ac3e4f38322c857f7789c2f77edb75a629f"
+    ],
+    "prs": [],
+    "tests": [
+      "uv run pytest python-packages/dataing/tests/unit/services/test_policy.py"
+    ]
+  },
+  "id": "fn-24.2",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.2.md",
+  "status": "done",
+  "title": "Policy engine: evaluate team + dataset rules",
+  "updated_at": "2026-01-22T19:12:48.936850Z"
+}
diff --git a/.flow/tasks/fn-24.2.md b/.flow/tasks/fn-24.2.md
new file mode 100644
index 000000000..18fb34dd5
--- /dev/null
+++ b/.flow/tasks/fn-24.2.md
@@ -0,0 +1,30 @@
+# fn-24.2 Policy engine: evaluate team + dataset rules
+
+## Description
+Implement a policy evaluation service that resolves the effective action for an issue using team rules and dataset/tag overrides. Output should include action (auto, review, issue-only) and queue/rate-limit settings.
+
+## Acceptance
+- [ ] Policy evaluator resolves precedence: dataset overrides > team default.
+- [ ] Action outputs include auto/review/issue-only and queue settings.
+- [ ] Evaluation is exercised via unit tests with team + dataset scenarios.
+- [ ] API layer can fetch evaluated policy results for an issue.
+
+## Done summary
+- Added PolicyService with precedence-based policy evaluation
+- Implemented resolution order: dataset overrides > tag overrides > team default > system defaults
+- Added severity-based action resolution (auto/review thresholds)
+- Added QueueConfig, IssueContext, PolicyResult dataclasses
+- Added evaluate_policy_for_issue convenience function for API layer
+
+Why:
+- Central policy engine needed by integrations to determine triage actions
+- Enables automatic investigation triggering based on configured rules
+
+Verification:
+- 19 unit tests passing (test_policy.py)
+- ruff check passing
+- mypy type check passing
+## Evidence
+- Commits: 5a240ac3e4f38322c857f7789c2f77edb75a629f
+- Tests: uv run pytest python-packages/dataing/tests/unit/services/test_policy.py
+- PRs:
diff --git a/.flow/tasks/fn-24.3.json b/.flow/tasks/fn-24.3.json
new file mode 100644
index 000000000..362f9ea7b
--- /dev/null
+++ b/.flow/tasks/fn-24.3.json
@@ -0,0 +1,23 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:14:17.576326Z",
+  "created_at": "2026-01-22T18:02:31.734575Z",
+  "depends_on": [
+    "fn-24.2"
+  ],
+  "epic": "fn-24",
+  "evidence": {
+    "commits": [],
+    "prs": [],
+    "tests": [
+      "uv run pytest python-packages/dataing/tests/unit/api/test_integrations_routes.py python-packages/dataing/tests/unit/services/test_policy.py python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py"
+    ]
+  },
+  "id": "fn-24.3",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.3.md",
+  "status": "done",
+  "title": "Integrations to issues: policy-driven actions",
+  "updated_at": "2026-01-22T19:21:02.616765Z"
+}
diff --git a/.flow/tasks/fn-24.3.md b/.flow/tasks/fn-24.3.md
new file mode 100644
index 000000000..0961ea3c0
--- /dev/null
+++ b/.flow/tasks/fn-24.3.md
@@ -0,0 +1,36 @@
+# fn-24.3 Integrations to issues: policy-driven actions
+
+## Description
+Route integration events through the policy engine to create issues and trigger the correct action: auto investigation, review required, or issue-only. Ensure notifications for review-required flows.
+
+## Acceptance
+- [ ] Integration ingestion calls policy evaluation and records the action taken.
+- [ ] Auto actions enqueue investigations; review actions create approval notifications.
+- [ ] Issue-only path creates issue without starting investigation.
+- [ ] Idempotency behavior remains intact for integration events.
+
+## Done summary
+- Integrated policy evaluation into webhook issue creation flow
+- Policy determines action: auto investigation, review required, or issue-only
+- AUTO: Starts Temporal investigation workflow (if configured)
+- REVIEW: Sends notification via NotificationService
+- ISSUE_ONLY: No additional action beyond issue creation
+- Added policy_action and investigation_id fields to WebhookIssueResponse
+- Added get_default_team_for_tenant helper to TeamPolicyRepository
+
+Why:
+- Integration events need policy-driven triage to determine appropriate action
+- Enables automatic investigation triggering based on configured rules
+- Maintains idempotency behavior for integration events
+
+Verification:
+- 21 unit tests for integration routes (6 new policy-related tests)
+- 19 unit tests for PolicyService
+- 28 unit tests for TeamPolicyRepository
+- All 68 tests passing
+- ruff check passing
+- mypy type check passing
+## Evidence
+- Commits:
+- Tests: uv run pytest python-packages/dataing/tests/unit/api/test_integrations_routes.py python-packages/dataing/tests/unit/services/test_policy.py python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py
+- PRs:
diff --git a/.flow/tasks/fn-24.4.json b/.flow/tasks/fn-24.4.json
new file mode 100644
index 000000000..bf882b594
--- /dev/null
+++ b/.flow/tasks/fn-24.4.json
@@ -0,0 +1,23 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:21:55.582374Z",
+  "created_at": "2026-01-22T18:02:44.208277Z",
+  "depends_on": [
+    "fn-24.2"
+  ],
+  "epic": "fn-24",
+  "evidence": {
+    "commits": [],
+    "prs": [],
+    "tests": [
+      "uv run pytest python-packages/dataing/tests/unit/adapters/queue/ -v"
+    ]
+  },
+  "id": "fn-24.4",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.4.md",
+  "status": "done",
+  "title": "Investigation queue + per-team rate limits (Redis)",
+  "updated_at": "2026-01-22T19:30:31.922472Z"
+}
diff --git a/.flow/tasks/fn-24.4.md b/.flow/tasks/fn-24.4.md
new file mode 100644
index 000000000..9b0d84770
--- /dev/null
+++ b/.flow/tasks/fn-24.4.md
@@ -0,0 +1,38 @@
+# fn-24.4 Investigation queue + per-team rate limits (Redis)
+
+## Description
+Add a Redis-backed investigation queue with per-team rate limits and batch processing. Policies should control queue thresholds and rate limits.
+
+## Acceptance
+- [ ] Redis queue exists for investigation jobs with per-team routing.
+- [ ] Rate limiting is enforced per team with configurable limits.
+- [ ] Worker can batch-dequeue and start Temporal workflows.
+- [ ] Failures retry with backoff and do not block other teams.
+
+## Done summary
+- Added Redis-backed investigation queue with per-team routing
+- Implemented sliding window rate limiter using Redis Lua script
+- Created InvestigationWorker that processes jobs and starts Temporal workflows
+- Jobs support priority, retry with exponential backoff, and status tracking
+- Worker polls teams, respects rate limits, and processes in batches
+- Failures don't block other teams (isolated per-team queues)
+- Added redis>=5.0.0 dependency
+
+Why:
+- Per-team rate limiting prevents any single team from overwhelming the system
+- Batch processing improves throughput for investigation workflows
+- Retry with backoff handles transient failures gracefully
+
+Components:
+- InvestigationQueue: Per-team job queue with priority sorting
+- RedisRateLimiter: Sliding window rate limiter per team
+- InvestigationWorker: Background worker that processes queues
+
+Verification:
+- 25 unit tests for queue and rate limiter
+- mypy type check passing
+- ruff check passing
+## Evidence
+- Commits:
+- Tests: uv run pytest python-packages/dataing/tests/unit/adapters/queue/ -v
+- PRs:
diff --git a/.flow/tasks/fn-24.5.json b/.flow/tasks/fn-24.5.json
new file mode 100644
index 000000000..b8fc25fd7
--- /dev/null
+++ b/.flow/tasks/fn-24.5.json
@@ -0,0 +1,21 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:32:07.904710Z",
+  "created_at": "2026-01-22T18:02:54.454759Z",
+  "depends_on": [],
+  "epic": "fn-24",
+  "evidence": {
+    "commits": [],
+    "prs": [],
+    "tests": [
+      "uv run pytest python-packages/dataing/tests/unit/adapters/sse/ python-packages/dataing/tests/unit/middleware/test_redis_rate_limit.py -v"
+    ]
+  },
+  "id": "fn-24.5",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.5.md",
+  "status": "done",
+  "title": "Redis-backed SSE event store + rate limiting",
+  "updated_at": "2026-01-22T19:39:04.950959Z"
+}
diff --git a/.flow/tasks/fn-24.5.md b/.flow/tasks/fn-24.5.md
new file mode 100644
index 000000000..46a1b4862
--- /dev/null
+++ b/.flow/tasks/fn-24.5.md
@@ -0,0 +1,39 @@
+# fn-24.5 Redis-backed SSE event store + rate limiting
+
+## Description
+Replace in-memory SSE event storage and API rate limiting with Redis-backed implementations.
+
+## Acceptance
+- [ ] SSE run events are persisted in Redis and survive process restart.
+- [ ] Replay window reads from Redis instead of in-memory dicts.
+- [ ] API rate limiting uses Redis with per-tenant identifiers.
+- [ ] Existing SSE API behavior remains backward compatible.
+
+## Done summary
+- Added Redis-backed SSE event store for run events persistence
+- SSE events now survive process restart with configurable TTL
+- Replay window reads from Redis instead of in-memory dicts
+- Added Redis-backed API rate limiting middleware with sliding window algorithm
+- Rate limiting uses per-tenant identifiers (tenant > API key > IP fallback)
+- Both components fail open on Redis errors for reliability
+- Included in-memory fallback store for local development
+
+Why:
+- SSE events were lost on process restart, causing client reconnection issues
+- In-memory rate limiting didn't work in multi-instance deployments
+- Redis provides distributed state for horizontal scaling
+
+Components:
+- RedisSSEEventStore: Store/retrieve events with automatic sequencing and TTL
+- RunMetadata: Track run status and replay window expiration
+- InMemoryFallbackSSEEventStore: Local development fallback
+- RedisRateLimitMiddleware: Distributed rate limiting with Lua script
+
+Verification:
+- 41 unit tests for SSE event store and rate limit middleware
+- mypy type check passing
+- ruff check passing
+## Evidence
+- Commits:
+- Tests: uv run pytest python-packages/dataing/tests/unit/adapters/sse/ python-packages/dataing/tests/unit/middleware/test_redis_rate_limit.py -v
+- PRs:
diff --git a/.flow/tasks/fn-24.6.json b/.flow/tasks/fn-24.6.json
new file mode 100644
index 000000000..2271252fe
--- /dev/null
+++ b/.flow/tasks/fn-24.6.json
@@ -0,0 +1,24 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:40:38.864418Z",
+  "created_at": "2026-01-22T18:03:03.205338Z",
+  "depends_on": [
+    "fn-24.2"
+  ],
+  "epic": "fn-24",
+  "evidence": {
+    "files_changed": [
+      "frontend/app/src/features/settings/teams/team-policy-editor.tsx",
+      "frontend/app/src/features/settings/teams/teams-settings.tsx"
+    ],
+    "lint_pass": true,
+    "tests_pass": true
+  },
+  "id": "fn-24.6",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.6.md",
+  "status": "done",
+  "title": "Policy editor UI in Settings > Teams",
+  "updated_at": "2026-01-22T19:46:27.896902Z"
+}
diff --git a/.flow/tasks/fn-24.6.md b/.flow/tasks/fn-24.6.md
new file mode 100644
index 000000000..9d9828952
--- /dev/null
+++ b/.flow/tasks/fn-24.6.md
@@ -0,0 +1,17 @@
+# fn-24.6 Policy editor UI in Settings > Teams
+
+## Description
+Build a policy editor under Settings > Teams for managing per-team alert sources, auto-investigate thresholds, review requirements, and dataset/tag overrides.
+
+## Acceptance
+- [ ] UI lives under Settings > Teams and loads/saves policy via API.
+- [ ] Supports editing default team policy and dataset/tag overrides.
+- [ ] Displays queue/rate limit settings per team.
+- [ ] Error and empty states are handled.
+
+## Done summary
+Added team policy editor UI with default policy settings, dataset/tag overrides, and queue limit management. Integrated into Settings > Teams page with settings button for each team.
+## Evidence
+- Commits:
+- Tests:
+- PRs:
diff --git a/.flow/tasks/fn-24.7.json b/.flow/tasks/fn-24.7.json
new file mode 100644
index 000000000..33799cb20
--- /dev/null
+++ b/.flow/tasks/fn-24.7.json
@@ -0,0 +1,24 @@
+{
+  "assignee": "bordumbb@gmail.com",
+  "claim_note": "",
+  "claimed_at": "2026-01-22T19:47:21.428067Z",
+  "created_at": "2026-01-22T18:03:16.955998Z",
+  "depends_on": [],
+  "epic": "fn-24",
+  "evidence": {
+    "files_created": [
+      "migrations/029_analytics_events.sql",
+      "services/analytics.py",
+      "routes/analytics.py",
+      "tests/unit/services/test_analytics.py"
+    ],
+    "lint_pass": true,
+    "tests_pass": true
+  },
+  "id": "fn-24.7",
+  "priority": null,
+  "spec_path": ".flow/tasks/fn-24.7.md",
+  "status": "done",
+  "title": "Activation + weekly usage analytics",
+  "updated_at": "2026-01-22T19:51:59.254529Z"
+}
diff --git a/.flow/tasks/fn-24.7.md b/.flow/tasks/fn-24.7.md
new file mode 100644
index 000000000..4db64a05b
--- /dev/null
+++ b/.flow/tasks/fn-24.7.md
@@ -0,0 +1,23 @@
+# fn-24.7 Activation + weekly usage analytics
+
+## Description
+Instrument and expose metrics for activation (issue + investigation in first 7 days) and weekly usage (active teams, investigations/week, issue resolution rate).
+
+## Acceptance
+- [ ] Metrics events are recorded for issue create, investigation start, investigation complete, issue resolved.
+- [ ] Weekly usage queries or API endpoints return required aggregates.
+- [ ] Metrics include activation funnel counts for new orgs.
+- [ ] Documentation notes how to query or view the metrics.
+
+## Done summary
+Added activation and weekly usage analytics infrastructure:
+- Created analytics_events table and tenant_activation tracking
+- Added materialized view for weekly usage aggregates
+- Created AnalyticsService with event recording and query methods
+- Added /api/v1/analytics API endpoints with documentation
+- Implemented activation funnel tracking (issue + investigation within 7 days)
+- Added unit tests for analytics service (16 tests)
+## Evidence
+- Commits:
+- Tests:
+- PRs:
diff --git a/frontend/app/src/features/settings/teams/team-policy-editor.tsx b/frontend/app/src/features/settings/teams/team-policy-editor.tsx
new file mode 100644
index 000000000..53afd7c7f
--- /dev/null
+++ b/frontend/app/src/features/settings/teams/team-policy-editor.tsx
@@ -0,0 +1,677 @@
+import * as React from 'react'
+import { Plus, Trash2, Loader2, AlertTriangle, Database, Search, Table as TableIcon } from 'lucide-react'
+import { toast } from 'sonner'
+import { useQueryClient } from '@tanstack/react-query'
+
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/Card'
+import { Button } from '@/components/ui/Button'
+import { Input } from '@/components/ui/Input'
+import { Label } from '@/components/ui/label'
+import {
+  Select,
+  SelectContent,
+  SelectItem,
+  SelectTrigger,
+  SelectValue,
+} from '@/components/ui/select'
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from '@/components/ui/dialog'
+import { Badge } from '@/components/ui/Badge'
+import { EmptyState } from '@/components/shared/empty-state'
+import {
+  useGetTeamPolicyApiV1TeamsTeamIdPolicyGet,
+  useUpdateTeamPolicyApiV1TeamsTeamIdPolicyPut,
+  useCreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost,
+  useDeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete,
+  useUpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut,
+  getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey,
+} from '@/lib/api/generated/teams/teams'
+import type { TeamPolicyOverrideResponse } from '@/lib/api/model'
+import { useDataSources, useTableSearch } from '@/lib/api/datasources'
+
+const ALERT_SOURCES = ['monte_carlo', 'great_expectations', 'dbt', 'pagerduty', 'jira', 'custom']
+const POLICY_ACTIONS = ['auto', 'review', 'issue_only']
+const SEVERITY_LEVELS = ['low', 'medium', 'high', 'critical']
+
+interface TeamPolicyEditorProps {
+  teamId: string
+  teamName: string
+  onClose: () => void
+}
+
+export function TeamPolicyEditor({ teamId, teamName, onClose }: TeamPolicyEditorProps) {
+  const queryClient = useQueryClient()
+  const [showOverrideDialog, setShowOverrideDialog] = React.useState(false)
+  const [newOverride, setNewOverride] = React.useState({
+    datasourceId: '',
+    datasetId: '',
+    defaultAction: '',
+    autoInvestigateMinSeverity: '',
+    reviewRequiredMaxSeverity: '',
+  })
+  const [datasetSearchTerm, setDatasetSearchTerm] = React.useState('')
+  const [isDatasetDropdownOpen, setIsDatasetDropdownOpen] = React.useState(false)
+  const datasetInputRef = React.useRef<HTMLInputElement>(null)
+  const datasetDropdownRef = React.useRef<HTMLDivElement>(null)
+
+  // Fetch datasources for the picker
+  const { data: dataSources } = useDataSources()
+
+  // Search tables when typing in dataset field
+  const { data: tables, isLoading: isLoadingTables } = useTableSearch(
+    newOverride.datasourceId,
+    datasetSearchTerm
+  )
+
+  // Auto-select first datasource when dialog opens
+  React.useEffect(() => {
+    if (showOverrideDialog && dataSources && dataSources.length > 0 && !newOverride.datasourceId) {
+      setNewOverride((prev) => ({ ...prev, datasourceId: dataSources[0].id }))
+    }
+  }, [showOverrideDialog, dataSources, newOverride.datasourceId])
+
+  // Debounce search term
+  React.useEffect(() => {
+    const timer = setTimeout(() => setDatasetSearchTerm(newOverride.datasetId), 300)
+    return () => clearTimeout(timer)
+  }, [newOverride.datasetId])
+
+  // Close dropdown on outside click
+  React.useEffect(() => {
+    function handleClickOutside(event: MouseEvent) {
+      if (
+        datasetDropdownRef.current &&
+        !datasetDropdownRef.current.contains(event.target as Node) &&
+        datasetInputRef.current &&
+        !datasetInputRef.current.contains(event.target as Node)
+      ) {
+        setIsDatasetDropdownOpen(false)
+      }
+    }
+    document.addEventListener('mousedown', handleClickOutside)
+    return () => document.removeEventListener('mousedown', handleClickOutside)
+  }, [])
+
+  const { data: policyData, isLoading, error } = useGetTeamPolicyApiV1TeamsTeamIdPolicyGet(teamId)
+
+  const updatePolicyMutation = useUpdateTeamPolicyApiV1TeamsTeamIdPolicyPut({
+    mutation: {
+      onSuccess: () => {
+        queryClient.invalidateQueries({
+          queryKey: getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey(teamId),
+        })
+        toast.success('Policy updated successfully')
+      },
+      onError: (error: Error) => {
+        toast.error(`Failed to update policy: ${error.message || 'Unknown error'}`)
+      },
+    },
+  })
+
+  const createOverrideMutation = useCreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost({
+    mutation: {
+      onSuccess: () => {
+        queryClient.invalidateQueries({
+          queryKey: getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey(teamId),
+        })
+        toast.success('Override created successfully')
+        setShowOverrideDialog(false)
+        setNewOverride({
+          datasourceId: dataSources?.[0]?.id || '',
+          datasetId: '',
+          defaultAction: '',
+          autoInvestigateMinSeverity: '',
+          reviewRequiredMaxSeverity: '',
+        })
+        setDatasetSearchTerm('')
+        setIsDatasetDropdownOpen(false)
+      },
+      onError: (error: Error) => {
+        toast.error(`Failed to create override: ${error.message || 'Unknown error'}`)
+      },
+    },
+  })
+
+  const deleteOverrideMutation =
+    useDeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete({
+      mutation: {
+        onSuccess: () => {
+          queryClient.invalidateQueries({
+            queryKey: getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey(teamId),
+          })
+          toast.success('Override deleted successfully')
+        },
+        onError: (error: Error) => {
+          toast.error(`Failed to delete override: ${error.message || 'Unknown error'}`)
+        },
+      },
+    })
+
+  const updateQueueLimitsMutation = useUpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut({
+    mutation: {
+      onSuccess: () => {
+        queryClient.invalidateQueries({
+          queryKey: getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey(teamId),
+        })
+        toast.success('Queue limits updated successfully')
+      },
+      onError: (error: Error) => {
+        toast.error(`Failed to update queue limits: ${error.message || 'Unknown error'}`)
+      },
+    },
+  })
+
+  const handleUpdatePolicy = (updates: {
+    sources?: string[]
+    defaultAction?: string
+    autoInvestigateMinSeverity?: string | null
+    reviewRequiredMaxSeverity?: string | null
+  }) => {
+    updatePolicyMutation.mutate({
+      teamId,
+      data: {
+        sources: updates.sources,
+        default_action: updates.defaultAction,
+        auto_investigate_min_severity: updates.autoInvestigateMinSeverity,
+        review_required_max_severity: updates.reviewRequiredMaxSeverity,
+      },
+    })
+  }
+
+  const handleCreateOverride = () => {
+    if (!newOverride.datasetId.trim()) {
+      toast.error('Dataset ID is required')
+      return
+    }
+    createOverrideMutation.mutate({
+      teamId,
+      data: {
+        dataset_id: newOverride.datasetId.trim(),
+        default_action: newOverride.defaultAction || undefined,
+        auto_investigate_min_severity: newOverride.autoInvestigateMinSeverity || undefined,
+        review_required_max_severity: newOverride.reviewRequiredMaxSeverity || undefined,
+      },
+    })
+  }
+
+  const handleDeleteOverride = (overrideId: string) => {
+    deleteOverrideMutation.mutate({ teamId, overrideId })
+  }
+
+  const handleUpdateQueueLimits = (updates: {
+    rateLimitPerMinute?: number
+    burstSize?: number
+    maxConcurrent?: number
+    batchSize?: number
+  }) => {
+    updateQueueLimitsMutation.mutate({
+      teamId,
+      data: {
+        rate_limit_per_minute: updates.rateLimitPerMinute,
+        burst_size: updates.burstSize,
+        max_concurrent: updates.maxConcurrent,
+        batch_size: updates.batchSize,
+      },
+    })
+  }
+
+  if (isLoading) {
+    return (
+      <div className="flex items-center justify-center py-12">
+        <Loader2 className="h-6 w-6 animate-spin text-muted-foreground" />
+      </div>
+    )
+  }
+
+  if (error) {
+    return (
+      <EmptyState
+        icon={AlertTriangle}
+        title="Failed to load policy"
+        description="There was an error loading the team policy. Please try again."
+      />
+    )
+  }
+
+  const policy = policyData?.policy
+  const overrides = policyData?.overrides ?? []
+  const queueLimits = policyData?.queue_limits
+
+  return (
+    <div className="space-y-6">
+      <div className="flex items-center justify-between">
+        <div>
+          <h2 className="text-lg font-semibold">Policy Settings for {teamName}</h2>
+          <p className="text-sm text-muted-foreground">
+            Configure how alerts are handled for this team
+          </p>
+        </div>
+        <Button variant="outline" onClick={onClose}>
+          Close
+        </Button>
+      </div>
+
+      {/* Default Policy Settings */}
+      <Card>
+        <CardHeader>
+          <CardTitle className="text-base">Default Policy</CardTitle>
+          <CardDescription>
+            These settings apply to all alerts unless overridden by dataset-specific rules
+          </CardDescription>
+        </CardHeader>
+        <CardContent className="space-y-4">
+          <div className="grid grid-cols-2 gap-4">
+            <div className="space-y-2">
+              <Label>Default Action</Label>
+              <Select
+                value={policy?.default_action || 'issue_only'}
+                onValueChange={(value) => handleUpdatePolicy({ defaultAction: value })}
+              >
+                <SelectTrigger>
+                  <SelectValue />
+                </SelectTrigger>
+                <SelectContent>
+                  {POLICY_ACTIONS.map((action) => (
+                    <SelectItem key={action} value={action}>
+                      {action === 'auto'
+                        ? 'Auto Investigate'
+                        : action === 'review'
+                          ? 'Require Review'
+                          : 'Issue Only'}
+                    </SelectItem>
+                  ))}
+                </SelectContent>
+              </Select>
+            </div>
+
+            <div className="space-y-2">
+              <Label>Alert Sources</Label>
+              <div className="flex flex-wrap gap-2">
+                {ALERT_SOURCES.map((source) => {
+                  const isSelected = policy?.sources?.includes(source)
+                  return (
+                    <Badge
+                      key={source}
+                      variant={isSelected ? 'default' : 'outline'}
+                      className="cursor-pointer"
+                      onClick={() => {
+                        const currentSources = policy?.sources || []
+                        const newSources = isSelected
+                          ? currentSources.filter((s) => s !== source)
+                          : [...currentSources, source]
+                        handleUpdatePolicy({ sources: newSources })
+                      }}
+                    >
+                      {source}
+                    </Badge>
+                  )
+                })}
+              </div>
+            </div>
+          </div>
+
+          <div className="grid grid-cols-2 gap-4">
+            <div className="space-y-2">
+              <Label>Auto-investigate Min Severity</Label>
+              <Select
+                value={policy?.auto_investigate_min_severity || '__none__'}
+                onValueChange={(value) =>
+                  handleUpdatePolicy({
+                    autoInvestigateMinSeverity: value === '__none__' ? null : value,
+                  })
+                }
+              >
+                <SelectTrigger>
+                  <SelectValue placeholder="Not set" />
+                </SelectTrigger>
+                <SelectContent>
+                  <SelectItem value="__none__">Not set</SelectItem>
+                  {SEVERITY_LEVELS.map((level) => (
+                    <SelectItem key={level} value={level}>
+                      {level.charAt(0).toUpperCase() + level.slice(1)}
+                    </SelectItem>
+                  ))}
+                </SelectContent>
+              </Select>
+            </div>
+
+            <div className="space-y-2">
+              <Label>Review Required Max Severity</Label>
+              <Select
+                value={policy?.review_required_max_severity || '__none__'}
+                onValueChange={(value) =>
+                  handleUpdatePolicy({
+                    reviewRequiredMaxSeverity: value === '__none__' ? null : value,
+                  })
+                }
+              >
+                <SelectTrigger>
+                  <SelectValue placeholder="Not set" />
+                </SelectTrigger>
+                <SelectContent>
+                  <SelectItem value="__none__">Not set</SelectItem>
+                  {SEVERITY_LEVELS.map((level) => (
+                    <SelectItem key={level} value={level}>
+                      {level.charAt(0).toUpperCase() + level.slice(1)}
+                    </SelectItem>
+                  ))}
+                </SelectContent>
+              </Select>
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Dataset Overrides */}
+      <Card>
+        <CardHeader>
+          <div className="flex items-center justify-between">
+            <div>
+              <CardTitle className="text-base">Dataset Overrides</CardTitle>
+              <CardDescription>
+                Override default policy settings for specific datasets
+              </CardDescription>
+            </div>
+            <Button size="sm" onClick={() => setShowOverrideDialog(true)}>
+              <Plus className="mr-2 h-4 w-4" />
+              Add Override
+            </Button>
+          </div>
+        </CardHeader>
+        <CardContent>
+          {overrides.length === 0 ? (
+            <p className="text-sm text-muted-foreground">No dataset overrides configured</p>
+          ) : (
+            <div className="space-y-3">
+              {overrides.map((override: TeamPolicyOverrideResponse) => (
+                <div
+                  key={override.id}
+                  className="flex items-center justify-between rounded-lg border p-3"
+                >
+                  <div className="space-y-1">
+                    <p className="font-medium">{override.dataset_id || `Tag: ${override.tag_id}`}</p>
+                    <div className="flex gap-2">
+                      {override.default_action && (
+                        <Badge variant="secondary">{override.default_action}</Badge>
+                      )}
+                      {override.auto_investigate_min_severity && (
+                        <Badge variant="outline">
+                          Auto: {override.auto_investigate_min_severity}+
+                        </Badge>
+                      )}
+                      {override.review_required_max_severity && (
+                        <Badge variant="outline">
+                          Review: {override.review_required_max_severity}
+                        </Badge>
+                      )}
+                    </div>
+                  </div>
+                  <Button
+                    variant="ghost"
+                    size="icon"
+                    onClick={() => handleDeleteOverride(override.id)}
+                    disabled={deleteOverrideMutation.isPending}
+                  >
+                    <Trash2 className="h-4 w-4 text-destructive" />
+                  </Button>
+                </div>
+              ))}
+            </div>
+          )}
+        </CardContent>
+      </Card>
+
+      {/* Queue Limits */}
+      <Card>
+        <CardHeader>
+          <CardTitle className="text-base">Queue & Rate Limits</CardTitle>
+          <CardDescription>
+            Control investigation throughput and concurrency for this team
+          </CardDescription>
+        </CardHeader>
+        <CardContent>
+          <div className="grid grid-cols-2 gap-4">
+            <div className="space-y-2">
+              <Label>Rate Limit (per minute)</Label>
+              <Input
+                type="number"
+                value={queueLimits?.rate_limit_per_minute ?? 60}
+                onChange={(e) =>
+                  handleUpdateQueueLimits({ rateLimitPerMinute: parseInt(e.target.value) || 60 })
+                }
+              />
+            </div>
+            <div className="space-y-2">
+              <Label>Burst Size</Label>
+              <Input
+                type="number"
+                value={queueLimits?.burst_size ?? 10}
+                onChange={(e) =>
+                  handleUpdateQueueLimits({ burstSize: parseInt(e.target.value) || 10 })
+                }
+              />
+            </div>
+            <div className="space-y-2">
+              <Label>Max Concurrent</Label>
+              <Input
+                type="number"
+                value={queueLimits?.max_concurrent ?? 5}
+                onChange={(e) =>
+                  handleUpdateQueueLimits({ maxConcurrent: parseInt(e.target.value) || 5 })
+                }
+              />
+            </div>
+            <div className="space-y-2">
+              <Label>Batch Size</Label>
+              <Input
+                type="number"
+                value={queueLimits?.batch_size ?? 5}
+                onChange={(e) =>
+                  handleUpdateQueueLimits({ batchSize: parseInt(e.target.value) || 5 })
+                }
+              />
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Add Override Dialog */}
+      <Dialog open={showOverrideDialog} onOpenChange={setShowOverrideDialog}>
+        <DialogContent>
+          <DialogHeader>
+            <DialogTitle>Add Dataset Override</DialogTitle>
+            <DialogDescription>
+              Create a policy override for a specific dataset
+            </DialogDescription>
+          </DialogHeader>
+          <div className="space-y-4 py-4">
+            {/* Datasource and Dataset Picker */}
+            <div className="space-y-2">
+              <Label>Dataset</Label>
+              <div className="flex items-center gap-2 rounded-lg border border-border bg-muted/30 p-2">
+                <div className="flex items-center gap-2">
+                  <Database className="h-4 w-4 text-muted-foreground" />
+                  <select
+                    value={newOverride.datasourceId}
+                    onChange={(e) => {
+                      setNewOverride({ ...newOverride, datasourceId: e.target.value, datasetId: '' })
+                      setDatasetSearchTerm('')
+                    }}
+                    disabled={!dataSources || dataSources.length === 0}
+                    className="w-32 rounded-lg border border-border bg-background px-2 py-1.5 text-sm outline-none transition focus:border-primary focus:ring-2 focus:ring-primary/20 disabled:cursor-not-allowed disabled:opacity-50"
+                  >
+                    {!dataSources || dataSources.length === 0 ? (
+                      <option value="">No sources</option>
+                    ) : (
+                      dataSources.map((ds) => (
+                        <option key={ds.id} value={ds.id}>
+                          {ds.name}
+                        </option>
+                      ))
+                    )}
+                  </select>
+                </div>
+
+                <div className="relative flex-1">
+                  <Input
+                    ref={datasetInputRef}
+                    value={newOverride.datasetId}
+                    onChange={(e) => {
+                      setNewOverride({ ...newOverride, datasetId: e.target.value })
+                      setIsDatasetDropdownOpen(true)
+                    }}
+                    onFocus={() => setIsDatasetDropdownOpen(true)}
+                    disabled={!newOverride.datasourceId}
+                    placeholder={newOverride.datasourceId ? 'Search for table...' : 'Select a data source first'}
+                    className="pr-8"
+                  />
+                  <Search className="absolute right-2.5 top-1/2 h-4 w-4 -translate-y-1/2 text-muted-foreground" />
+
+                  {isDatasetDropdownOpen && newOverride.datasourceId && (
+                    <div
+                      ref={datasetDropdownRef}
+                      className="absolute z-50 mt-1 max-h-48 w-full overflow-auto rounded-lg border border-border bg-popover shadow-lg"
+                    >
+                      {isLoadingTables ? (
+                        <div className="flex items-center justify-center p-4">
+                          <Loader2 className="h-4 w-4 animate-spin text-muted-foreground" />
+                        </div>
+                      ) : tables && tables.length > 0 ? (
+                        <div className="py-1">
+                          {tables.slice(0, 10).map((table) => (
+                            <button
+                              key={table.native_path}
+                              type="button"
+                              className="flex w-full items-center gap-2 px-3 py-2 text-left text-sm hover:bg-accent"
+                              onClick={() => {
+                                setNewOverride({ ...newOverride, datasetId: table.native_path })
+                                setIsDatasetDropdownOpen(false)
+                              }}
+                            >
+                              <TableIcon className="h-4 w-4 text-muted-foreground" />
+                              <span className="font-mono">{table.native_path}</span>
+                              <span className="ml-auto text-xs text-muted-foreground">
+                                {table.columns.length} cols
+                              </span>
+                            </button>
+                          ))}
+                          {tables.length > 10 && (
+                            <div className="border-t border-border px-3 py-2 text-xs text-muted-foreground">
+                              +{tables.length - 10} more...
+                            </div>
+                          )}
+                        </div>
+                      ) : newOverride.datasetId.length >= 2 ? (
+                        <div className="p-3 text-sm text-muted-foreground">No tables found</div>
+                      ) : (
+                        <div className="p-3 text-sm text-muted-foreground">
+                          Type at least 2 characters to search...
+                        </div>
+                      )}
+                    </div>
+                  )}
+                </div>
+              </div>
+            </div>
+
+            <div className="space-y-2">
+              <Label>Override Action</Label>
+              <Select
+                value={newOverride.defaultAction || '__none__'}
+                onValueChange={(value) =>
+                  setNewOverride({
+                    ...newOverride,
+                    defaultAction: value === '__none__' ? '' : value,
+                  })
+                }
+              >
+                <SelectTrigger>
+                  <SelectValue placeholder="Use default" />
+                </SelectTrigger>
+                <SelectContent>
+                  <SelectItem value="__none__">Use default</SelectItem>
+                  {POLICY_ACTIONS.map((action) => (
+                    <SelectItem key={action} value={action}>
+                      {action === 'auto'
+                        ? 'Auto Investigate'
+                        : action === 'review'
+                          ? 'Require Review'
+                          : 'Issue Only'}
+                    </SelectItem>
+                  ))}
+                </SelectContent>
+              </Select>
+            </div>
+            <div className="grid grid-cols-2 gap-4">
+              <div className="space-y-2">
+                <Label>Auto-investigate Min Severity</Label>
+                <Select
+                  value={newOverride.autoInvestigateMinSeverity || '__none__'}
+                  onValueChange={(value) =>
+                    setNewOverride({
+                      ...newOverride,
+                      autoInvestigateMinSeverity: value === '__none__' ? '' : value,
+                    })
+                  }
+                >
+                  <SelectTrigger>
+                    <SelectValue placeholder="Use default" />
+                  </SelectTrigger>
+                  <SelectContent>
+                    <SelectItem value="__none__">Use default</SelectItem>
+                    {SEVERITY_LEVELS.map((level) => (
+                      <SelectItem key={level} value={level}>
+                        {level.charAt(0).toUpperCase() + level.slice(1)}
+                      </SelectItem>
+                    ))}
+                  </SelectContent>
+                </Select>
+              </div>
+              <div className="space-y-2">
+                <Label>Review Required Max Severity</Label>
+                <Select
+                  value={newOverride.reviewRequiredMaxSeverity || '__none__'}
+                  onValueChange={(value) =>
+                    setNewOverride({
+                      ...newOverride,
+                      reviewRequiredMaxSeverity: value === '__none__' ? '' : value,
+                    })
+                  }
+                >
+                  <SelectTrigger>
+                    <SelectValue placeholder="Use default" />
+                  </SelectTrigger>
+                  <SelectContent>
+                    <SelectItem value="__none__">Use default</SelectItem>
+                    {SEVERITY_LEVELS.map((level) => (
+                      <SelectItem key={level} value={level}>
+                        {level.charAt(0).toUpperCase() + level.slice(1)}
+                      </SelectItem>
+                    ))}
+                  </SelectContent>
+                </Select>
+              </div>
+            </div>
+          </div>
+          <DialogFooter>
+            <Button variant="outline" onClick={() => setShowOverrideDialog(false)}>
+              Cancel
+            </Button>
+            <Button onClick={handleCreateOverride} disabled={createOverrideMutation.isPending}>
+              {createOverrideMutation.isPending && (
+                <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+              )}
+              Create Override
+            </Button>
+          </DialogFooter>
+        </DialogContent>
+      </Dialog>
+    </div>
+  )
+}
diff --git a/frontend/app/src/features/settings/teams/teams-settings.tsx b/frontend/app/src/features/settings/teams/teams-settings.tsx
index 51fbe1745..54223c5c3 100644
--- a/frontend/app/src/features/settings/teams/teams-settings.tsx
+++ b/frontend/app/src/features/settings/teams/teams-settings.tsx
@@ -1,5 +1,5 @@
 import * as React from 'react'
-import { Plus, Users, Lock, Trash2, Loader2 } from 'lucide-react'
+import { Plus, Users, Lock, Trash2, Loader2, Settings } from 'lucide-react'
 import { toast } from 'sonner'
 import { useQueryClient } from '@tanstack/react-query'
 
@@ -24,12 +24,14 @@ import {
   getListTeamsApiV1TeamsGetQueryKey,
 } from '@/lib/api/generated/teams/teams'
 import type { TeamResponse } from '@/lib/api/model'
+import { TeamPolicyEditor } from './team-policy-editor'
 
 export function TeamsSettings() {
   const queryClient = useQueryClient()
   const [showCreateDialog, setShowCreateDialog] = React.useState(false)
   const [newTeamName, setNewTeamName] = React.useState('')
   const [teamToDelete, setTeamToDelete] = React.useState<TeamResponse | null>(null)
+  const [teamForPolicy, setTeamForPolicy] = React.useState<TeamResponse | null>(null)
 
   const { data: teamsData, isLoading, error } = useListTeamsApiV1TeamsGet()
   const teams = teamsData?.teams ?? []
@@ -159,6 +161,14 @@ export function TeamsSettings() {
                     </div>
                   </div>
                   <div className="flex items-center gap-2">
+                    <Button
+                      variant="ghost"
+                      size="icon"
+                      onClick={() => setTeamForPolicy(team)}
+                      title="Configure Policy"
+                    >
+                      <Settings className="h-4 w-4" />
+                    </Button>
                     {!team.is_scim_managed && (
                       <Button
                         variant="ghost"
@@ -234,6 +244,15 @@ export function TeamsSettings() {
           </DialogFooter>
         </DialogContent>
       </Dialog>
+
+      {/* Team Policy Editor */}
+      {teamForPolicy && (
+        <TeamPolicyEditor
+          teamId={teamForPolicy.id}
+          teamName={teamForPolicy.name}
+          onClose={() => setTeamForPolicy(null)}
+        />
+      )}
     </>
   )
 }
diff --git a/frontend/app/src/lib/api/generated/analytics/analytics.ts b/frontend/app/src/lib/api/generated/analytics/analytics.ts
new file mode 100644
index 000000000..19d14a542
--- /dev/null
+++ b/frontend/app/src/lib/api/generated/analytics/analytics.ts
@@ -0,0 +1,423 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import { useMutation, useQuery } from "@tanstack/react-query";
+import type {
+  MutationFunction,
+  QueryFunction,
+  QueryKey,
+  UseMutationOptions,
+  UseMutationResult,
+  UseQueryOptions,
+  UseQueryResult,
+} from "@tanstack/react-query";
+import type {
+  ActivationFunnelResponse,
+  ActivationStatusResponse,
+  GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams,
+  GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams,
+  HTTPValidationError,
+  WeeklyUsageListResponse,
+} from "../../model";
+import { customInstance } from "../../client";
+
+/**
+ * Get weekly usage statistics for the current tenant.
+
+Returns aggregated metrics per week including:
+- Issues created
+- Investigations started and completed
+- Issues resolved
+- Active teams count
+- Issue resolution rate
+ * @summary Get Weekly Usage
+ */
+export const getWeeklyUsageApiV1AnalyticsWeeklyUsageGet = (
+  params?: GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams,
+  signal?: AbortSignal,
+) => {
+  return customInstance<WeeklyUsageListResponse>({
+    url: `/api/v1/analytics/weekly-usage`,
+    method: "GET",
+    params,
+    signal,
+  });
+};
+
+export const getGetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryKey = (
+  params?: GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams,
+) => {
+  return [
+    `/api/v1/analytics/weekly-usage`,
+    ...(params ? [params] : []),
+  ] as const;
+};
+
+export const getGetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryOptions = <
+  TData = Awaited<
+    ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>
+  >,
+  TError = HTTPValidationError,
+>(
+  params?: GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams,
+  options?: {
+    query?: Partial<
+      UseQueryOptions<
+        Awaited<ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>>,
+        TError,
+        TData
+      >
+    >;
+  },
+) => {
+  const { query: queryOptions } = options ?? {};
+
+  const queryKey =
+    queryOptions?.queryKey ??
+    getGetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryKey(params);
+
+  const queryFn: QueryFunction<
+    Awaited<ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>>
+  > = ({ signal }) =>
+    getWeeklyUsageApiV1AnalyticsWeeklyUsageGet(params, signal);
+
+  return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+    Awaited<ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>>,
+    TError,
+    TData
+  > & { queryKey: QueryKey };
+};
+
+export type GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryResult = NonNullable<
+  Awaited<ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>>
+>;
+export type GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryError =
+  HTTPValidationError;
+
+/**
+ * @summary Get Weekly Usage
+ */
+export const useGetWeeklyUsageApiV1AnalyticsWeeklyUsageGet = <
+  TData = Awaited<
+    ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>
+  >,
+  TError = HTTPValidationError,
+>(
+  params?: GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams,
+  options?: {
+    query?: Partial<
+      UseQueryOptions<
+        Awaited<ReturnType<typeof getWeeklyUsageApiV1AnalyticsWeeklyUsageGet>>,
+        TError,
+        TData
+      >
+    >;
+  },
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
+  const queryOptions =
+    getGetWeeklyUsageApiV1AnalyticsWeeklyUsageGetQueryOptions(params, options);
+
+  const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+    queryKey: QueryKey;
+  };
+
+  query.queryKey = queryOptions.queryKey;
+
+  return query;
+};
+
+/**
+ * Get activation status for the current tenant.
+
+Activation is defined as having both:
+- Created at least one issue
+- Completed at least one investigation
+
+Within the first 7 days of account creation.
+ * @summary Get Activation Status
+ */
+export const getActivationStatusApiV1AnalyticsActivationGet = (
+  signal?: AbortSignal,
+) => {
+  return customInstance<ActivationStatusResponse>({
+    url: `/api/v1/analytics/activation`,
+    method: "GET",
+    signal,
+  });
+};
+
+export const getGetActivationStatusApiV1AnalyticsActivationGetQueryKey = () => {
+  return [`/api/v1/analytics/activation`] as const;
+};
+
+export const getGetActivationStatusApiV1AnalyticsActivationGetQueryOptions = <
+  TData = Awaited<
+    ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>
+  >,
+  TError = unknown,
+>(options?: {
+  query?: Partial<
+    UseQueryOptions<
+      Awaited<
+        ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>
+      >,
+      TError,
+      TData
+    >
+  >;
+}) => {
+  const { query: queryOptions } = options ?? {};
+
+  const queryKey =
+    queryOptions?.queryKey ??
+    getGetActivationStatusApiV1AnalyticsActivationGetQueryKey();
+
+  const queryFn: QueryFunction<
+    Awaited<ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>>
+  > = ({ signal }) => getActivationStatusApiV1AnalyticsActivationGet(signal);
+
+  return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+    Awaited<ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>>,
+    TError,
+    TData
+  > & { queryKey: QueryKey };
+};
+
+export type GetActivationStatusApiV1AnalyticsActivationGetQueryResult =
+  NonNullable<
+    Awaited<ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>>
+  >;
+export type GetActivationStatusApiV1AnalyticsActivationGetQueryError = unknown;
+
+/**
+ * @summary Get Activation Status
+ */
+export const useGetActivationStatusApiV1AnalyticsActivationGet = <
+  TData = Awaited<
+    ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>
+  >,
+  TError = unknown,
+>(options?: {
+  query?: Partial<
+    UseQueryOptions<
+      Awaited<
+        ReturnType<typeof getActivationStatusApiV1AnalyticsActivationGet>
+      >,
+      TError,
+      TData
+    >
+  >;
+}): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
+  const queryOptions =
+    getGetActivationStatusApiV1AnalyticsActivationGetQueryOptions(options);
+
+  const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+    queryKey: QueryKey;
+  };
+
+  query.queryKey = queryOptions.queryKey;
+
+  return query;
+};
+
+/**
+ * Get activation funnel statistics.
+
+Returns aggregated funnel metrics showing:
+- Total tenants created in period
+- Tenants that created at least one issue
+- Tenants that completed at least one investigation
+- Tenants that achieved activation
+
+Note: This endpoint requires admin permissions in production.
+ * @summary Get Activation Funnel
+ */
+export const getActivationFunnelApiV1AnalyticsActivationFunnelGet = (
+  params?: GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams,
+  signal?: AbortSignal,
+) => {
+  return customInstance<ActivationFunnelResponse>({
+    url: `/api/v1/analytics/activation/funnel`,
+    method: "GET",
+    params,
+    signal,
+  });
+};
+
+export const getGetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryKey = (
+  params?: GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams,
+) => {
+  return [
+    `/api/v1/analytics/activation/funnel`,
+    ...(params ? [params] : []),
+  ] as const;
+};
+
+export const getGetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryOptions =
+  <
+    TData = Awaited<
+      ReturnType<typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet>
+    >,
+    TError = HTTPValidationError,
+  >(
+    params?: GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams,
+    options?: {
+      query?: Partial<
+        UseQueryOptions<
+          Awaited<
+            ReturnType<
+              typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet
+            >
+          >,
+          TError,
+          TData
+        >
+      >;
+    },
+  ) => {
+    const { query: queryOptions } = options ?? {};
+
+    const queryKey =
+      queryOptions?.queryKey ??
+      getGetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryKey(params);
+
+    const queryFn: QueryFunction<
+      Awaited<
+        ReturnType<typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet>
+      >
+    > = ({ signal }) =>
+      getActivationFunnelApiV1AnalyticsActivationFunnelGet(params, signal);
+
+    return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
+      Awaited<
+        ReturnType<typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet>
+      >,
+      TError,
+      TData
+    > & { queryKey: QueryKey };
+  };
+
+export type GetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryResult =
+  NonNullable<
+    Awaited<
+      ReturnType<typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet>
+    >
+  >;
+export type GetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryError =
+  HTTPValidationError;
+
+/**
+ * @summary Get Activation Funnel
+ */
+export const useGetActivationFunnelApiV1AnalyticsActivationFunnelGet = <
+  TData = Awaited<
+    ReturnType<typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet>
+  >,
+  TError = HTTPValidationError,
+>(
+  params?: GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams,
+  options?: {
+    query?: Partial<
+      UseQueryOptions<
+        Awaited<
+          ReturnType<
+            typeof getActivationFunnelApiV1AnalyticsActivationFunnelGet
+          >
+        >,
+        TError,
+        TData
+      >
+    >;
+  },
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
+  const queryOptions =
+    getGetActivationFunnelApiV1AnalyticsActivationFunnelGetQueryOptions(
+      params,
+      options,
+    );
+
+  const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+    queryKey: QueryKey;
+  };
+
+  query.queryKey = queryOptions.queryKey;
+
+  return query;
+};
+
+/**
+ * Refresh the weekly usage statistics materialized view.
+
+This is typically called by a scheduled job but can be triggered manually.
+ * @summary Refresh Weekly Stats
+ */
+export const refreshWeeklyStatsApiV1AnalyticsRefreshPost = () => {
+  return customInstance<void>({
+    url: `/api/v1/analytics/refresh`,
+    method: "POST",
+  });
+};
+
+export const getRefreshWeeklyStatsApiV1AnalyticsRefreshPostMutationOptions = <
+  TError = unknown,
+  TContext = unknown,
+>(options?: {
+  mutation?: UseMutationOptions<
+    Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>,
+    TError,
+    void,
+    TContext
+  >;
+}): UseMutationOptions<
+  Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>,
+  TError,
+  void,
+  TContext
+> => {
+  const { mutation: mutationOptions } = options ?? {};
+
+  const mutationFn: MutationFunction<
+    Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>,
+    void
+  > = () => {
+    return refreshWeeklyStatsApiV1AnalyticsRefreshPost();
+  };
+
+  return { mutationFn, ...mutationOptions };
+};
+
+export type RefreshWeeklyStatsApiV1AnalyticsRefreshPostMutationResult =
+  NonNullable<
+    Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>
+  >;
+
+export type RefreshWeeklyStatsApiV1AnalyticsRefreshPostMutationError = unknown;
+
+/**
+ * @summary Refresh Weekly Stats
+ */
+export const useRefreshWeeklyStatsApiV1AnalyticsRefreshPost = <
+  TError = unknown,
+  TContext = unknown,
+>(options?: {
+  mutation?: UseMutationOptions<
+    Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>,
+    TError,
+    void,
+    TContext
+  >;
+}): UseMutationResult<
+  Awaited<ReturnType<typeof refreshWeeklyStatsApiV1AnalyticsRefreshPost>>,
+  TError,
+  void,
+  TContext
+> => {
+  const mutationOptions =
+    getRefreshWeeklyStatsApiV1AnalyticsRefreshPostMutationOptions(options);
+
+  return useMutation(mutationOptions);
+};
diff --git a/frontend/app/src/lib/api/generated/credentials/credentials.ts b/frontend/app/src/lib/api/generated/credentials/credentials.ts
index df2b74619..1b6401dbb 100644
--- a/frontend/app/src/lib/api/generated/credentials/credentials.ts
+++ b/frontend/app/src/lib/api/generated/credentials/credentials.ts
@@ -17,10 +17,10 @@ import type {
 } from "@tanstack/react-query";
 import type {
   CredentialsStatusResponse,
-  DataingEntrypointsApiRoutesCredentialsTestConnectionResponse,
   DeleteCredentialsResponse,
   HTTPValidationError,
   SaveCredentialsRequest,
+  TestConnectionResponse,
 } from "../../model";
 import { customInstance } from "../../client";
 
@@ -381,14 +381,12 @@ export const testCredentialsApiV1DatasourcesDatasourceIdCredentialsTestPost = (
   datasourceId: string,
   saveCredentialsRequest: SaveCredentialsRequest,
 ) => {
-  return customInstance<DataingEntrypointsApiRoutesCredentialsTestConnectionResponse>(
-    {
-      url: `/api/v1/datasources/${datasourceId}/credentials/test`,
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      data: saveCredentialsRequest,
-    },
-  );
+  return customInstance<TestConnectionResponse>({
+    url: `/api/v1/datasources/${datasourceId}/credentials/test`,
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    data: saveCredentialsRequest,
+  });
 };
 
 export const getTestCredentialsApiV1DatasourcesDatasourceIdCredentialsTestPostMutationOptions =
diff --git a/frontend/app/src/lib/api/generated/datasources/datasources.ts b/frontend/app/src/lib/api/generated/datasources/datasources.ts
index d7f64a250..e6db6b771 100644
--- a/frontend/app/src/lib/api/generated/datasources/datasources.ts
+++ b/frontend/app/src/lib/api/generated/datasources/datasources.ts
@@ -19,6 +19,7 @@ import type {
   CreateDataSourceRequest,
   DataSourceListResponse,
   DataSourceResponse,
+  DataingEntrypointsApiRoutesDatasourcesTestConnectionResponse,
   DatasourceDatasetsResponse,
   GetDatasourceSchemaApiV1DatasourcesDatasourceIdSchemaGetParams,
   GetDatasourceSchemaApiV1V2DatasourcesDatasourceIdSchemaGetParams,
@@ -33,7 +34,6 @@ import type {
   StatsResponse,
   SyncResponse,
   TestConnectionRequest,
-  TestConnectionResponse,
 } from "../../model";
 import { customInstance } from "../../client";
 
@@ -129,12 +129,14 @@ a data source.
 export const testConnectionApiV1DatasourcesTestPost = (
   testConnectionRequest: TestConnectionRequest,
 ) => {
-  return customInstance<TestConnectionResponse>({
-    url: `/api/v1/datasources/test`,
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    data: testConnectionRequest,
-  });
+  return customInstance<DataingEntrypointsApiRoutesDatasourcesTestConnectionResponse>(
+    {
+      url: `/api/v1/datasources/test`,
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      data: testConnectionRequest,
+    },
+  );
 };
 
 export const getTestConnectionApiV1DatasourcesTestPostMutationOptions = <
@@ -555,10 +557,9 @@ export const useDeleteDatasourceApiV1DatasourcesDatasourceIdDelete = <
 export const testDatasourceConnectionApiV1DatasourcesDatasourceIdTestPost = (
   datasourceId: string,
 ) => {
-  return customInstance<TestConnectionResponse>({
-    url: `/api/v1/datasources/${datasourceId}/test`,
-    method: "POST",
-  });
+  return customInstance<DataingEntrypointsApiRoutesDatasourcesTestConnectionResponse>(
+    { url: `/api/v1/datasources/${datasourceId}/test`, method: "POST" },
+  );
 };
 
 export const getTestDatasourceConnectionApiV1DatasourcesDatasourceIdTestPostMutationOptions =
@@ -1324,12 +1325,14 @@ a data source.
 export const testConnectionApiV1V2DatasourcesTestPost = (
   testConnectionRequest: TestConnectionRequest,
 ) => {
-  return customInstance<TestConnectionResponse>({
-    url: `/api/v1/v2/datasources/test`,
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    data: testConnectionRequest,
-  });
+  return customInstance<DataingEntrypointsApiRoutesDatasourcesTestConnectionResponse>(
+    {
+      url: `/api/v1/v2/datasources/test`,
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      data: testConnectionRequest,
+    },
+  );
 };
 
 export const getTestConnectionApiV1V2DatasourcesTestPostMutationOptions = <
@@ -1751,10 +1754,9 @@ export const useDeleteDatasourceApiV1V2DatasourcesDatasourceIdDelete = <
 export const testDatasourceConnectionApiV1V2DatasourcesDatasourceIdTestPost = (
   datasourceId: string,
 ) => {
-  return customInstance<TestConnectionResponse>({
-    url: `/api/v1/v2/datasources/${datasourceId}/test`,
-    method: "POST",
-  });
+  return customInstance<DataingEntrypointsApiRoutesDatasourcesTestConnectionResponse>(
+    { url: `/api/v1/v2/datasources/${datasourceId}/test`, method: "POST" },
+  );
 };
 
 export const getTestDatasourceConnectionApiV1V2DatasourcesDatasourceIdTestPostMutationOptions =
diff --git a/frontend/app/src/lib/api/generated/teams/teams.ts b/frontend/app/src/lib/api/generated/teams/teams.ts
index bb40e7a82..90dc515d9 100644
--- a/frontend/app/src/lib/api/generated/teams/teams.ts
+++ b/frontend/app/src/lib/api/generated/teams/teams.ts
@@ -17,11 +17,18 @@ import type {
 } from "@tanstack/react-query";
 import type {
   AddTeamMemberApiV1TeamsTeamIdMembersPost201,
-  AddTeamMemberApiV1TeamsTeamsTeamIdMembersPost201,
   HTTPValidationError,
   TeamCreate,
   TeamListResponse,
   TeamMemberAdd,
+  TeamPolicyFullResponse,
+  TeamPolicyOverrideCreate,
+  TeamPolicyOverrideResponse,
+  TeamPolicyOverrideUpdate,
+  TeamPolicyResponse,
+  TeamPolicyUpdate,
+  TeamQueueLimitsResponse,
+  TeamQueueLimitsUpdate,
   TeamResponse,
   TeamUpdate,
 } from "../../model";
@@ -31,25 +38,25 @@ import { customInstance } from "../../client";
  * List all teams in the organization.
  * @summary List Teams
  */
-export const listTeamsApiV1TeamsTeamsGet = (signal?: AbortSignal) => {
+export const listTeamsApiV1TeamsGet = (signal?: AbortSignal) => {
   return customInstance<TeamListResponse>({
-    url: `/api/v1/teams/teams/`,
+    url: `/api/v1/teams/`,
     method: "GET",
     signal,
   });
 };
 
-export const getListTeamsApiV1TeamsTeamsGetQueryKey = () => {
-  return [`/api/v1/teams/teams/`] as const;
+export const getListTeamsApiV1TeamsGetQueryKey = () => {
+  return [`/api/v1/teams/`] as const;
 };
 
-export const getListTeamsApiV1TeamsTeamsGetQueryOptions = <
-  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>,
+export const getListTeamsApiV1TeamsGetQueryOptions = <
+  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
   TError = unknown,
 >(options?: {
   query?: Partial<
     UseQueryOptions<
-      Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>,
+      Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
       TError,
       TData
     >
@@ -58,40 +65,40 @@ export const getListTeamsApiV1TeamsTeamsGetQueryOptions = <
   const { query: queryOptions } = options ?? {};
 
   const queryKey =
-    queryOptions?.queryKey ?? getListTeamsApiV1TeamsTeamsGetQueryKey();
+    queryOptions?.queryKey ?? getListTeamsApiV1TeamsGetQueryKey();
 
   const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>
-  > = ({ signal }) => listTeamsApiV1TeamsTeamsGet(signal);
+    Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>
+  > = ({ signal }) => listTeamsApiV1TeamsGet(signal);
 
   return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-    Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>,
+    Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
     TError,
     TData
   > & { queryKey: QueryKey };
 };
 
-export type ListTeamsApiV1TeamsTeamsGetQueryResult = NonNullable<
-  Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>
+export type ListTeamsApiV1TeamsGetQueryResult = NonNullable<
+  Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>
 >;
-export type ListTeamsApiV1TeamsTeamsGetQueryError = unknown;
+export type ListTeamsApiV1TeamsGetQueryError = unknown;
 
 /**
  * @summary List Teams
  */
-export const useListTeamsApiV1TeamsTeamsGet = <
-  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>,
+export const useListTeamsApiV1TeamsGet = <
+  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
   TError = unknown,
 >(options?: {
   query?: Partial<
     UseQueryOptions<
-      Awaited<ReturnType<typeof listTeamsApiV1TeamsTeamsGet>>,
+      Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
       TError,
       TData
     >
   >;
 }): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions = getListTeamsApiV1TeamsTeamsGetQueryOptions(options);
+  const queryOptions = getListTeamsApiV1TeamsGetQueryOptions(options);
 
   const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
     queryKey: QueryKey;
@@ -108,27 +115,27 @@ export const useListTeamsApiV1TeamsTeamsGet = <
 Requires admin scope.
  * @summary Create Team
  */
-export const createTeamApiV1TeamsTeamsPost = (teamCreate: TeamCreate) => {
+export const createTeamApiV1TeamsPost = (teamCreate: TeamCreate) => {
   return customInstance<TeamResponse>({
-    url: `/api/v1/teams/teams/`,
+    url: `/api/v1/teams/`,
     method: "POST",
     headers: { "Content-Type": "application/json" },
     data: teamCreate,
   });
 };
 
-export const getCreateTeamApiV1TeamsTeamsPostMutationOptions = <
+export const getCreateTeamApiV1TeamsPostMutationOptions = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>,
+    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
     TError,
     { data: TeamCreate },
     TContext
   >;
 }): UseMutationOptions<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>,
+  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
   TError,
   { data: TeamCreate },
   TContext
@@ -136,44 +143,43 @@ export const getCreateTeamApiV1TeamsTeamsPostMutationOptions = <
   const { mutation: mutationOptions } = options ?? {};
 
   const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>,
+    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
     { data: TeamCreate }
   > = (props) => {
     const { data } = props ?? {};
 
-    return createTeamApiV1TeamsTeamsPost(data);
+    return createTeamApiV1TeamsPost(data);
   };
 
   return { mutationFn, ...mutationOptions };
 };
 
-export type CreateTeamApiV1TeamsTeamsPostMutationResult = NonNullable<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>
+export type CreateTeamApiV1TeamsPostMutationResult = NonNullable<
+  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>
 >;
-export type CreateTeamApiV1TeamsTeamsPostMutationBody = TeamCreate;
-export type CreateTeamApiV1TeamsTeamsPostMutationError = HTTPValidationError;
+export type CreateTeamApiV1TeamsPostMutationBody = TeamCreate;
+export type CreateTeamApiV1TeamsPostMutationError = HTTPValidationError;
 
 /**
  * @summary Create Team
  */
-export const useCreateTeamApiV1TeamsTeamsPost = <
+export const useCreateTeamApiV1TeamsPost = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>,
+    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
     TError,
     { data: TeamCreate },
     TContext
   >;
 }): UseMutationResult<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsTeamsPost>>,
+  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
   TError,
   { data: TeamCreate },
   TContext
 > => {
-  const mutationOptions =
-    getCreateTeamApiV1TeamsTeamsPostMutationOptions(options);
+  const mutationOptions = getCreateTeamApiV1TeamsPostMutationOptions(options);
 
   return useMutation(mutationOptions);
 };
@@ -181,30 +187,30 @@ export const useCreateTeamApiV1TeamsTeamsPost = <
  * Get a team by ID.
  * @summary Get Team
  */
-export const getTeamApiV1TeamsTeamsTeamIdGet = (
+export const getTeamApiV1TeamsTeamIdGet = (
   teamId: string,
   signal?: AbortSignal,
 ) => {
   return customInstance<TeamResponse>({
-    url: `/api/v1/teams/teams/${teamId}`,
+    url: `/api/v1/teams/${teamId}`,
     method: "GET",
     signal,
   });
 };
 
-export const getGetTeamApiV1TeamsTeamsTeamIdGetQueryKey = (teamId: string) => {
-  return [`/api/v1/teams/teams/${teamId}`] as const;
+export const getGetTeamApiV1TeamsTeamIdGetQueryKey = (teamId: string) => {
+  return [`/api/v1/teams/${teamId}`] as const;
 };
 
-export const getGetTeamApiV1TeamsTeamsTeamIdGetQueryOptions = <
-  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>,
+export const getGetTeamApiV1TeamsTeamIdGetQueryOptions = <
+  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
   TError = HTTPValidationError,
 >(
   teamId: string,
   options?: {
     query?: Partial<
       UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>,
+        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
         TError,
         TData
       >
@@ -214,12 +220,11 @@ export const getGetTeamApiV1TeamsTeamsTeamIdGetQueryOptions = <
   const { query: queryOptions } = options ?? {};
 
   const queryKey =
-    queryOptions?.queryKey ??
-    getGetTeamApiV1TeamsTeamsTeamIdGetQueryKey(teamId);
+    queryOptions?.queryKey ?? getGetTeamApiV1TeamsTeamIdGetQueryKey(teamId);
 
   const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>
-  > = ({ signal }) => getTeamApiV1TeamsTeamsTeamIdGet(teamId, signal);
+    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>
+  > = ({ signal }) => getTeamApiV1TeamsTeamIdGet(teamId, signal);
 
   return {
     queryKey,
@@ -227,36 +232,36 @@ export const getGetTeamApiV1TeamsTeamsTeamIdGetQueryOptions = <
     enabled: !!teamId,
     ...queryOptions,
   } as UseQueryOptions<
-    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>,
+    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
     TError,
     TData
   > & { queryKey: QueryKey };
 };
 
-export type GetTeamApiV1TeamsTeamsTeamIdGetQueryResult = NonNullable<
-  Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>
+export type GetTeamApiV1TeamsTeamIdGetQueryResult = NonNullable<
+  Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>
 >;
-export type GetTeamApiV1TeamsTeamsTeamIdGetQueryError = HTTPValidationError;
+export type GetTeamApiV1TeamsTeamIdGetQueryError = HTTPValidationError;
 
 /**
  * @summary Get Team
  */
-export const useGetTeamApiV1TeamsTeamsTeamIdGet = <
-  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>,
+export const useGetTeamApiV1TeamsTeamIdGet = <
+  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
   TError = HTTPValidationError,
 >(
   teamId: string,
   options?: {
     query?: Partial<
       UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamsTeamIdGet>>,
+        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
         TError,
         TData
       >
     >;
   },
 ): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions = getGetTeamApiV1TeamsTeamsTeamIdGetQueryOptions(
+  const queryOptions = getGetTeamApiV1TeamsTeamIdGetQueryOptions(
     teamId,
     options,
   );
@@ -276,30 +281,30 @@ export const useGetTeamApiV1TeamsTeamsTeamIdGet = <
 Requires admin scope. Cannot update SCIM-managed teams.
  * @summary Update Team
  */
-export const updateTeamApiV1TeamsTeamsTeamIdPut = (
+export const updateTeamApiV1TeamsTeamIdPut = (
   teamId: string,
   teamUpdate: TeamUpdate,
 ) => {
   return customInstance<TeamResponse>({
-    url: `/api/v1/teams/teams/${teamId}`,
+    url: `/api/v1/teams/${teamId}`,
     method: "PUT",
     headers: { "Content-Type": "application/json" },
     data: teamUpdate,
   });
 };
 
-export const getUpdateTeamApiV1TeamsTeamsTeamIdPutMutationOptions = <
+export const getUpdateTeamApiV1TeamsTeamIdPutMutationOptions = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>,
+    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
     TError,
     { teamId: string; data: TeamUpdate },
     TContext
   >;
 }): UseMutationOptions<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>,
+  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
   TError,
   { teamId: string; data: TeamUpdate },
   TContext
@@ -307,45 +312,44 @@ export const getUpdateTeamApiV1TeamsTeamsTeamIdPutMutationOptions = <
   const { mutation: mutationOptions } = options ?? {};
 
   const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>,
+    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
     { teamId: string; data: TeamUpdate }
   > = (props) => {
     const { teamId, data } = props ?? {};
 
-    return updateTeamApiV1TeamsTeamsTeamIdPut(teamId, data);
+    return updateTeamApiV1TeamsTeamIdPut(teamId, data);
   };
 
   return { mutationFn, ...mutationOptions };
 };
 
-export type UpdateTeamApiV1TeamsTeamsTeamIdPutMutationResult = NonNullable<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>
+export type UpdateTeamApiV1TeamsTeamIdPutMutationResult = NonNullable<
+  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>
 >;
-export type UpdateTeamApiV1TeamsTeamsTeamIdPutMutationBody = TeamUpdate;
-export type UpdateTeamApiV1TeamsTeamsTeamIdPutMutationError =
-  HTTPValidationError;
+export type UpdateTeamApiV1TeamsTeamIdPutMutationBody = TeamUpdate;
+export type UpdateTeamApiV1TeamsTeamIdPutMutationError = HTTPValidationError;
 
 /**
  * @summary Update Team
  */
-export const useUpdateTeamApiV1TeamsTeamsTeamIdPut = <
+export const useUpdateTeamApiV1TeamsTeamIdPut = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>,
+    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
     TError,
     { teamId: string; data: TeamUpdate },
     TContext
   >;
 }): UseMutationResult<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamsTeamIdPut>>,
+  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
   TError,
   { teamId: string; data: TeamUpdate },
   TContext
 > => {
   const mutationOptions =
-    getUpdateTeamApiV1TeamsTeamsTeamIdPutMutationOptions(options);
+    getUpdateTeamApiV1TeamsTeamIdPutMutationOptions(options);
 
   return useMutation(mutationOptions);
 };
@@ -355,25 +359,25 @@ export const useUpdateTeamApiV1TeamsTeamsTeamIdPut = <
 Requires admin scope. Cannot delete SCIM-managed teams.
  * @summary Delete Team
  */
-export const deleteTeamApiV1TeamsTeamsTeamIdDelete = (teamId: string) => {
+export const deleteTeamApiV1TeamsTeamIdDelete = (teamId: string) => {
   return customInstance<void>({
-    url: `/api/v1/teams/teams/${teamId}`,
+    url: `/api/v1/teams/${teamId}`,
     method: "DELETE",
   });
 };
 
-export const getDeleteTeamApiV1TeamsTeamsTeamIdDeleteMutationOptions = <
+export const getDeleteTeamApiV1TeamsTeamIdDeleteMutationOptions = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>,
+    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
     TError,
     { teamId: string },
     TContext
   >;
 }): UseMutationOptions<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>,
+  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
   TError,
   { teamId: string },
   TContext
@@ -381,45 +385,44 @@ export const getDeleteTeamApiV1TeamsTeamsTeamIdDeleteMutationOptions = <
   const { mutation: mutationOptions } = options ?? {};
 
   const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>,
+    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
     { teamId: string }
   > = (props) => {
     const { teamId } = props ?? {};
 
-    return deleteTeamApiV1TeamsTeamsTeamIdDelete(teamId);
+    return deleteTeamApiV1TeamsTeamIdDelete(teamId);
   };
 
   return { mutationFn, ...mutationOptions };
 };
 
-export type DeleteTeamApiV1TeamsTeamsTeamIdDeleteMutationResult = NonNullable<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>
+export type DeleteTeamApiV1TeamsTeamIdDeleteMutationResult = NonNullable<
+  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>
 >;
 
-export type DeleteTeamApiV1TeamsTeamsTeamIdDeleteMutationError =
-  HTTPValidationError;
+export type DeleteTeamApiV1TeamsTeamIdDeleteMutationError = HTTPValidationError;
 
 /**
  * @summary Delete Team
  */
-export const useDeleteTeamApiV1TeamsTeamsTeamIdDelete = <
+export const useDeleteTeamApiV1TeamsTeamIdDelete = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>,
+    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
     TError,
     { teamId: string },
     TContext
   >;
 }): UseMutationResult<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamsTeamIdDelete>>,
+  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
   TError,
   { teamId: string },
   TContext
 > => {
   const mutationOptions =
-    getDeleteTeamApiV1TeamsTeamsTeamIdDeleteMutationOptions(options);
+    getDeleteTeamApiV1TeamsTeamIdDeleteMutationOptions(options);
 
   return useMutation(mutationOptions);
 };
@@ -427,36 +430,32 @@ export const useDeleteTeamApiV1TeamsTeamsTeamIdDelete = <
  * Get team members.
  * @summary Get Team Members
  */
-export const getTeamMembersApiV1TeamsTeamsTeamIdMembersGet = (
+export const getTeamMembersApiV1TeamsTeamIdMembersGet = (
   teamId: string,
   signal?: AbortSignal,
 ) => {
   return customInstance<string[]>({
-    url: `/api/v1/teams/teams/${teamId}/members`,
+    url: `/api/v1/teams/${teamId}/members`,
     method: "GET",
     signal,
   });
 };
 
-export const getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryKey = (
+export const getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryKey = (
   teamId: string,
 ) => {
-  return [`/api/v1/teams/teams/${teamId}/members`] as const;
+  return [`/api/v1/teams/${teamId}/members`] as const;
 };
 
-export const getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryOptions = <
-  TData = Awaited<
-    ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>
-  >,
+export const getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryOptions = <
+  TData = Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
   TError = HTTPValidationError,
 >(
   teamId: string,
   options?: {
     query?: Partial<
       UseQueryOptions<
-        Awaited<
-          ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>
-        >,
+        Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
         TError,
         TData
       >
@@ -467,12 +466,11 @@ export const getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryOptions = <
 
   const queryKey =
     queryOptions?.queryKey ??
-    getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryKey(teamId);
+    getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryKey(teamId);
 
   const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>>
-  > = ({ signal }) =>
-    getTeamMembersApiV1TeamsTeamsTeamIdMembersGet(teamId, signal);
+    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>
+  > = ({ signal }) => getTeamMembersApiV1TeamsTeamIdMembersGet(teamId, signal);
 
   return {
     queryKey,
@@ -480,46 +478,40 @@ export const getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryOptions = <
     enabled: !!teamId,
     ...queryOptions,
   } as UseQueryOptions<
-    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>>,
+    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
     TError,
     TData
   > & { queryKey: QueryKey };
 };
 
-export type GetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryResult =
-  NonNullable<
-    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>>
-  >;
-export type GetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryError =
+export type GetTeamMembersApiV1TeamsTeamIdMembersGetQueryResult = NonNullable<
+  Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>
+>;
+export type GetTeamMembersApiV1TeamsTeamIdMembersGetQueryError =
   HTTPValidationError;
 
 /**
  * @summary Get Team Members
  */
-export const useGetTeamMembersApiV1TeamsTeamsTeamIdMembersGet = <
-  TData = Awaited<
-    ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>
-  >,
+export const useGetTeamMembersApiV1TeamsTeamIdMembersGet = <
+  TData = Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
   TError = HTTPValidationError,
 >(
   teamId: string,
   options?: {
     query?: Partial<
       UseQueryOptions<
-        Awaited<
-          ReturnType<typeof getTeamMembersApiV1TeamsTeamsTeamIdMembersGet>
-        >,
+        Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
         TError,
         TData
       >
     >;
   },
 ): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions =
-    getGetTeamMembersApiV1TeamsTeamsTeamIdMembersGetQueryOptions(
-      teamId,
-      options,
-    );
+  const queryOptions = getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryOptions(
+    teamId,
+    options,
+  );
 
   const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
     queryKey: QueryKey;
@@ -536,30 +528,30 @@ export const useGetTeamMembersApiV1TeamsTeamsTeamIdMembersGet = <
 Requires admin scope.
  * @summary Add Team Member
  */
-export const addTeamMemberApiV1TeamsTeamsTeamIdMembersPost = (
+export const addTeamMemberApiV1TeamsTeamIdMembersPost = (
   teamId: string,
   teamMemberAdd: TeamMemberAdd,
 ) => {
-  return customInstance<AddTeamMemberApiV1TeamsTeamsTeamIdMembersPost201>({
-    url: `/api/v1/teams/teams/${teamId}/members`,
+  return customInstance<AddTeamMemberApiV1TeamsTeamIdMembersPost201>({
+    url: `/api/v1/teams/${teamId}/members`,
     method: "POST",
     headers: { "Content-Type": "application/json" },
     data: teamMemberAdd,
   });
 };
 
-export const getAddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationOptions = <
+export const getAddTeamMemberApiV1TeamsTeamIdMembersPostMutationOptions = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>,
+    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
     TError,
     { teamId: string; data: TeamMemberAdd },
     TContext
   >;
 }): UseMutationOptions<
-  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>,
+  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
   TError,
   { teamId: string; data: TeamMemberAdd },
   TContext
@@ -567,47 +559,47 @@ export const getAddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationOptions = <
   const { mutation: mutationOptions } = options ?? {};
 
   const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>,
+    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
     { teamId: string; data: TeamMemberAdd }
   > = (props) => {
     const { teamId, data } = props ?? {};
 
-    return addTeamMemberApiV1TeamsTeamsTeamIdMembersPost(teamId, data);
+    return addTeamMemberApiV1TeamsTeamIdMembersPost(teamId, data);
   };
 
   return { mutationFn, ...mutationOptions };
 };
 
-export type AddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationResult =
+export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationResult =
   NonNullable<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>
+    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>
   >;
-export type AddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationBody =
+export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationBody =
   TeamMemberAdd;
-export type AddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationError =
+export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationError =
   HTTPValidationError;
 
 /**
  * @summary Add Team Member
  */
-export const useAddTeamMemberApiV1TeamsTeamsTeamIdMembersPost = <
+export const useAddTeamMemberApiV1TeamsTeamIdMembersPost = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>,
+    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
     TError,
     { teamId: string; data: TeamMemberAdd },
     TContext
   >;
 }): UseMutationResult<
-  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamsTeamIdMembersPost>>,
+  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
   TError,
   { teamId: string; data: TeamMemberAdd },
   TContext
 > => {
   const mutationOptions =
-    getAddTeamMemberApiV1TeamsTeamsTeamIdMembersPostMutationOptions(options);
+    getAddTeamMemberApiV1TeamsTeamIdMembersPostMutationOptions(options);
 
   return useMutation(mutationOptions);
 };
@@ -617,23 +609,21 @@ export const useAddTeamMemberApiV1TeamsTeamsTeamIdMembersPost = <
 Requires admin scope.
  * @summary Remove Team Member
  */
-export const removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete = (
+export const removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete = (
   teamId: string,
   userId: string,
 ) => {
   return customInstance<void>({
-    url: `/api/v1/teams/teams/${teamId}/members/${userId}`,
+    url: `/api/v1/teams/${teamId}/members/${userId}`,
     method: "DELETE",
   });
 };
 
-export const getRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutationOptions =
+export const getRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationOptions =
   <TError = HTTPValidationError, TContext = unknown>(options?: {
     mutation?: UseMutationOptions<
       Awaited<
-        ReturnType<
-          typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete
-        >
+        ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
       >,
       TError,
       { teamId: string; userId: string },
@@ -641,9 +631,7 @@ export const getRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutation
     >;
   }): UseMutationOptions<
     Awaited<
-      ReturnType<
-        typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete
-      >
+      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
     >,
     TError,
     { teamId: string; userId: string },
@@ -653,15 +641,13 @@ export const getRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutation
 
     const mutationFn: MutationFunction<
       Awaited<
-        ReturnType<
-          typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete
-        >
+        ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
       >,
       { teamId: string; userId: string }
     > = (props) => {
       const { teamId, userId } = props ?? {};
 
-      return removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete(
+      return removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete(
         teamId,
         userId,
       );
@@ -670,30 +656,26 @@ export const getRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutation
     return { mutationFn, ...mutationOptions };
   };
 
-export type RemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutationResult =
+export type RemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationResult =
   NonNullable<
     Awaited<
-      ReturnType<
-        typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete
-      >
+      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
     >
   >;
 
-export type RemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutationError =
+export type RemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationError =
   HTTPValidationError;
 
 /**
  * @summary Remove Team Member
  */
-export const useRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete = <
+export const useRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDelete = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
     Awaited<
-      ReturnType<
-        typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete
-      >
+      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
     >,
     TError,
     { teamId: string; userId: string },
@@ -701,84 +683,107 @@ export const useRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete = <
   >;
 }): UseMutationResult<
   Awaited<
-    ReturnType<typeof removeTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDelete>
+    ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
   >,
   TError,
   { teamId: string; userId: string },
   TContext
 > => {
   const mutationOptions =
-    getRemoveTeamMemberApiV1TeamsTeamsTeamIdMembersUserIdDeleteMutationOptions(
+    getRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationOptions(
       options,
     );
 
   return useMutation(mutationOptions);
 };
 /**
- * List all teams in the organization.
- * @summary List Teams
+ * Get the full policy configuration for a team.
+
+Returns the team policy, all overrides, and queue limits.
+ * @summary Get Team Policy
  */
-export const listTeamsApiV1TeamsGet = (signal?: AbortSignal) => {
-  return customInstance<TeamListResponse>({
-    url: `/api/v1/teams/`,
+export const getTeamPolicyApiV1TeamsTeamIdPolicyGet = (
+  teamId: string,
+  signal?: AbortSignal,
+) => {
+  return customInstance<TeamPolicyFullResponse>({
+    url: `/api/v1/teams/${teamId}/policy`,
     method: "GET",
     signal,
   });
 };
 
-export const getListTeamsApiV1TeamsGetQueryKey = () => {
-  return [`/api/v1/teams/`] as const;
+export const getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey = (
+  teamId: string,
+) => {
+  return [`/api/v1/teams/${teamId}/policy`] as const;
 };
 
-export const getListTeamsApiV1TeamsGetQueryOptions = <
-  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
-  TError = unknown,
->(options?: {
-  query?: Partial<
-    UseQueryOptions<
-      Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
-      TError,
-      TData
-    >
-  >;
-}) => {
+export const getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryOptions = <
+  TData = Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>,
+  TError = HTTPValidationError,
+>(
+  teamId: string,
+  options?: {
+    query?: Partial<
+      UseQueryOptions<
+        Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>,
+        TError,
+        TData
+      >
+    >;
+  },
+) => {
   const { query: queryOptions } = options ?? {};
 
   const queryKey =
-    queryOptions?.queryKey ?? getListTeamsApiV1TeamsGetQueryKey();
+    queryOptions?.queryKey ??
+    getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryKey(teamId);
 
   const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>
-  > = ({ signal }) => listTeamsApiV1TeamsGet(signal);
+    Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>
+  > = ({ signal }) => getTeamPolicyApiV1TeamsTeamIdPolicyGet(teamId, signal);
 
-  return { queryKey, queryFn, ...queryOptions } as UseQueryOptions<
-    Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
+  return {
+    queryKey,
+    queryFn,
+    enabled: !!teamId,
+    ...queryOptions,
+  } as UseQueryOptions<
+    Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>,
     TError,
     TData
   > & { queryKey: QueryKey };
 };
 
-export type ListTeamsApiV1TeamsGetQueryResult = NonNullable<
-  Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>
+export type GetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryResult = NonNullable<
+  Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>
 >;
-export type ListTeamsApiV1TeamsGetQueryError = unknown;
+export type GetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryError =
+  HTTPValidationError;
 
 /**
- * @summary List Teams
+ * @summary Get Team Policy
  */
-export const useListTeamsApiV1TeamsGet = <
-  TData = Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
-  TError = unknown,
->(options?: {
-  query?: Partial<
-    UseQueryOptions<
-      Awaited<ReturnType<typeof listTeamsApiV1TeamsGet>>,
-      TError,
-      TData
-    >
-  >;
-}): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions = getListTeamsApiV1TeamsGetQueryOptions(options);
+export const useGetTeamPolicyApiV1TeamsTeamIdPolicyGet = <
+  TData = Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>,
+  TError = HTTPValidationError,
+>(
+  teamId: string,
+  options?: {
+    query?: Partial<
+      UseQueryOptions<
+        Awaited<ReturnType<typeof getTeamPolicyApiV1TeamsTeamIdPolicyGet>>,
+        TError,
+        TData
+      >
+    >;
+  },
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
+  const queryOptions = getGetTeamPolicyApiV1TeamsTeamIdPolicyGetQueryOptions(
+    teamId,
+    options,
+  );
 
   const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
     queryKey: QueryKey;
@@ -790,587 +795,487 @@ export const useListTeamsApiV1TeamsGet = <
 };
 
 /**
- * Create a new team.
+ * Update or create the team policy.
 
 Requires admin scope.
- * @summary Create Team
+ * @summary Update Team Policy
  */
-export const createTeamApiV1TeamsPost = (teamCreate: TeamCreate) => {
-  return customInstance<TeamResponse>({
-    url: `/api/v1/teams/`,
-    method: "POST",
+export const updateTeamPolicyApiV1TeamsTeamIdPolicyPut = (
+  teamId: string,
+  teamPolicyUpdate: TeamPolicyUpdate,
+) => {
+  return customInstance<TeamPolicyResponse>({
+    url: `/api/v1/teams/${teamId}/policy`,
+    method: "PUT",
     headers: { "Content-Type": "application/json" },
-    data: teamCreate,
+    data: teamPolicyUpdate,
   });
 };
 
-export const getCreateTeamApiV1TeamsPostMutationOptions = <
+export const getUpdateTeamPolicyApiV1TeamsTeamIdPolicyPutMutationOptions = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
+    Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>,
     TError,
-    { data: TeamCreate },
+    { teamId: string; data: TeamPolicyUpdate },
     TContext
   >;
 }): UseMutationOptions<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
+  Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>,
   TError,
-  { data: TeamCreate },
+  { teamId: string; data: TeamPolicyUpdate },
   TContext
 > => {
   const { mutation: mutationOptions } = options ?? {};
 
   const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
-    { data: TeamCreate }
+    Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>,
+    { teamId: string; data: TeamPolicyUpdate }
   > = (props) => {
-    const { data } = props ?? {};
+    const { teamId, data } = props ?? {};
 
-    return createTeamApiV1TeamsPost(data);
+    return updateTeamPolicyApiV1TeamsTeamIdPolicyPut(teamId, data);
   };
 
   return { mutationFn, ...mutationOptions };
 };
 
-export type CreateTeamApiV1TeamsPostMutationResult = NonNullable<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>
->;
-export type CreateTeamApiV1TeamsPostMutationBody = TeamCreate;
-export type CreateTeamApiV1TeamsPostMutationError = HTTPValidationError;
-
-/**
- * @summary Create Team
- */
-export const useCreateTeamApiV1TeamsPost = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
-    TError,
-    { data: TeamCreate },
-    TContext
-  >;
-}): UseMutationResult<
-  Awaited<ReturnType<typeof createTeamApiV1TeamsPost>>,
-  TError,
-  { data: TeamCreate },
-  TContext
-> => {
-  const mutationOptions = getCreateTeamApiV1TeamsPostMutationOptions(options);
-
-  return useMutation(mutationOptions);
-};
-/**
- * Get a team by ID.
- * @summary Get Team
- */
-export const getTeamApiV1TeamsTeamIdGet = (
-  teamId: string,
-  signal?: AbortSignal,
-) => {
-  return customInstance<TeamResponse>({
-    url: `/api/v1/teams/${teamId}`,
-    method: "GET",
-    signal,
-  });
-};
-
-export const getGetTeamApiV1TeamsTeamIdGetQueryKey = (teamId: string) => {
-  return [`/api/v1/teams/${teamId}`] as const;
-};
-
-export const getGetTeamApiV1TeamsTeamIdGetQueryOptions = <
-  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
-  TError = HTTPValidationError,
->(
-  teamId: string,
-  options?: {
-    query?: Partial<
-      UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
-        TError,
-        TData
-      >
-    >;
-  },
-) => {
-  const { query: queryOptions } = options ?? {};
-
-  const queryKey =
-    queryOptions?.queryKey ?? getGetTeamApiV1TeamsTeamIdGetQueryKey(teamId);
-
-  const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>
-  > = ({ signal }) => getTeamApiV1TeamsTeamIdGet(teamId, signal);
-
-  return {
-    queryKey,
-    queryFn,
-    enabled: !!teamId,
-    ...queryOptions,
-  } as UseQueryOptions<
-    Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
-    TError,
-    TData
-  > & { queryKey: QueryKey };
-};
-
-export type GetTeamApiV1TeamsTeamIdGetQueryResult = NonNullable<
-  Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>
->;
-export type GetTeamApiV1TeamsTeamIdGetQueryError = HTTPValidationError;
-
-/**
- * @summary Get Team
- */
-export const useGetTeamApiV1TeamsTeamIdGet = <
-  TData = Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
-  TError = HTTPValidationError,
->(
-  teamId: string,
-  options?: {
-    query?: Partial<
-      UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamApiV1TeamsTeamIdGet>>,
-        TError,
-        TData
-      >
-    >;
-  },
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions = getGetTeamApiV1TeamsTeamIdGetQueryOptions(
-    teamId,
-    options,
-  );
-
-  const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-    queryKey: QueryKey;
-  };
-
-  query.queryKey = queryOptions.queryKey;
-
-  return query;
-};
-
-/**
- * Update a team.
-
-Requires admin scope. Cannot update SCIM-managed teams.
- * @summary Update Team
- */
-export const updateTeamApiV1TeamsTeamIdPut = (
-  teamId: string,
-  teamUpdate: TeamUpdate,
-) => {
-  return customInstance<TeamResponse>({
-    url: `/api/v1/teams/${teamId}`,
-    method: "PUT",
-    headers: { "Content-Type": "application/json" },
-    data: teamUpdate,
-  });
-};
-
-export const getUpdateTeamApiV1TeamsTeamIdPutMutationOptions = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
-    TError,
-    { teamId: string; data: TeamUpdate },
-    TContext
-  >;
-}): UseMutationOptions<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
-  TError,
-  { teamId: string; data: TeamUpdate },
-  TContext
-> => {
-  const { mutation: mutationOptions } = options ?? {};
-
-  const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
-    { teamId: string; data: TeamUpdate }
-  > = (props) => {
-    const { teamId, data } = props ?? {};
-
-    return updateTeamApiV1TeamsTeamIdPut(teamId, data);
-  };
-
-  return { mutationFn, ...mutationOptions };
-};
-
-export type UpdateTeamApiV1TeamsTeamIdPutMutationResult = NonNullable<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>
->;
-export type UpdateTeamApiV1TeamsTeamIdPutMutationBody = TeamUpdate;
-export type UpdateTeamApiV1TeamsTeamIdPutMutationError = HTTPValidationError;
-
-/**
- * @summary Update Team
- */
-export const useUpdateTeamApiV1TeamsTeamIdPut = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
-    TError,
-    { teamId: string; data: TeamUpdate },
-    TContext
-  >;
-}): UseMutationResult<
-  Awaited<ReturnType<typeof updateTeamApiV1TeamsTeamIdPut>>,
-  TError,
-  { teamId: string; data: TeamUpdate },
-  TContext
-> => {
-  const mutationOptions =
-    getUpdateTeamApiV1TeamsTeamIdPutMutationOptions(options);
-
-  return useMutation(mutationOptions);
-};
-/**
- * Delete a team.
-
-Requires admin scope. Cannot delete SCIM-managed teams.
- * @summary Delete Team
- */
-export const deleteTeamApiV1TeamsTeamIdDelete = (teamId: string) => {
-  return customInstance<void>({
-    url: `/api/v1/teams/${teamId}`,
-    method: "DELETE",
-  });
-};
-
-export const getDeleteTeamApiV1TeamsTeamIdDeleteMutationOptions = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
-    TError,
-    { teamId: string },
-    TContext
-  >;
-}): UseMutationOptions<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
-  TError,
-  { teamId: string },
-  TContext
-> => {
-  const { mutation: mutationOptions } = options ?? {};
-
-  const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
-    { teamId: string }
-  > = (props) => {
-    const { teamId } = props ?? {};
-
-    return deleteTeamApiV1TeamsTeamIdDelete(teamId);
-  };
-
-  return { mutationFn, ...mutationOptions };
-};
-
-export type DeleteTeamApiV1TeamsTeamIdDeleteMutationResult = NonNullable<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>
->;
-
-export type DeleteTeamApiV1TeamsTeamIdDeleteMutationError = HTTPValidationError;
-
-/**
- * @summary Delete Team
- */
-export const useDeleteTeamApiV1TeamsTeamIdDelete = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
-    TError,
-    { teamId: string },
-    TContext
+export type UpdateTeamPolicyApiV1TeamsTeamIdPolicyPutMutationResult =
+  NonNullable<
+    Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>
   >;
-}): UseMutationResult<
-  Awaited<ReturnType<typeof deleteTeamApiV1TeamsTeamIdDelete>>,
-  TError,
-  { teamId: string },
-  TContext
-> => {
-  const mutationOptions =
-    getDeleteTeamApiV1TeamsTeamIdDeleteMutationOptions(options);
-
-  return useMutation(mutationOptions);
-};
-/**
- * Get team members.
- * @summary Get Team Members
- */
-export const getTeamMembersApiV1TeamsTeamIdMembersGet = (
-  teamId: string,
-  signal?: AbortSignal,
-) => {
-  return customInstance<string[]>({
-    url: `/api/v1/teams/${teamId}/members`,
-    method: "GET",
-    signal,
-  });
-};
-
-export const getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryKey = (
-  teamId: string,
-) => {
-  return [`/api/v1/teams/${teamId}/members`] as const;
-};
-
-export const getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryOptions = <
-  TData = Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
-  TError = HTTPValidationError,
->(
-  teamId: string,
-  options?: {
-    query?: Partial<
-      UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
-        TError,
-        TData
-      >
-    >;
-  },
-) => {
-  const { query: queryOptions } = options ?? {};
-
-  const queryKey =
-    queryOptions?.queryKey ??
-    getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryKey(teamId);
-
-  const queryFn: QueryFunction<
-    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>
-  > = ({ signal }) => getTeamMembersApiV1TeamsTeamIdMembersGet(teamId, signal);
-
-  return {
-    queryKey,
-    queryFn,
-    enabled: !!teamId,
-    ...queryOptions,
-  } as UseQueryOptions<
-    Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
-    TError,
-    TData
-  > & { queryKey: QueryKey };
-};
-
-export type GetTeamMembersApiV1TeamsTeamIdMembersGetQueryResult = NonNullable<
-  Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>
->;
-export type GetTeamMembersApiV1TeamsTeamIdMembersGetQueryError =
+export type UpdateTeamPolicyApiV1TeamsTeamIdPolicyPutMutationBody =
+  TeamPolicyUpdate;
+export type UpdateTeamPolicyApiV1TeamsTeamIdPolicyPutMutationError =
   HTTPValidationError;
 
 /**
- * @summary Get Team Members
+ * @summary Update Team Policy
  */
-export const useGetTeamMembersApiV1TeamsTeamIdMembersGet = <
-  TData = Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
+export const useUpdateTeamPolicyApiV1TeamsTeamIdPolicyPut = <
   TError = HTTPValidationError,
->(
-  teamId: string,
-  options?: {
-    query?: Partial<
-      UseQueryOptions<
-        Awaited<ReturnType<typeof getTeamMembersApiV1TeamsTeamIdMembersGet>>,
-        TError,
-        TData
-      >
-    >;
-  },
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } => {
-  const queryOptions = getGetTeamMembersApiV1TeamsTeamIdMembersGetQueryOptions(
-    teamId,
-    options,
-  );
-
-  const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-    queryKey: QueryKey;
-  };
-
-  query.queryKey = queryOptions.queryKey;
+  TContext = unknown,
+>(options?: {
+  mutation?: UseMutationOptions<
+    Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>,
+    TError,
+    { teamId: string; data: TeamPolicyUpdate },
+    TContext
+  >;
+}): UseMutationResult<
+  Awaited<ReturnType<typeof updateTeamPolicyApiV1TeamsTeamIdPolicyPut>>,
+  TError,
+  { teamId: string; data: TeamPolicyUpdate },
+  TContext
+> => {
+  const mutationOptions =
+    getUpdateTeamPolicyApiV1TeamsTeamIdPolicyPutMutationOptions(options);
 
-  return query;
+  return useMutation(mutationOptions);
 };
-
 /**
- * Add a member to a team.
+ * Create a policy override for a dataset or tag.
 
 Requires admin scope.
- * @summary Add Team Member
+ * @summary Create Policy Override
  */
-export const addTeamMemberApiV1TeamsTeamIdMembersPost = (
+export const createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost = (
   teamId: string,
-  teamMemberAdd: TeamMemberAdd,
+  teamPolicyOverrideCreate: TeamPolicyOverrideCreate,
 ) => {
-  return customInstance<AddTeamMemberApiV1TeamsTeamIdMembersPost201>({
-    url: `/api/v1/teams/${teamId}/members`,
+  return customInstance<TeamPolicyOverrideResponse>({
+    url: `/api/v1/teams/${teamId}/policy/overrides`,
     method: "POST",
     headers: { "Content-Type": "application/json" },
-    data: teamMemberAdd,
+    data: teamPolicyOverrideCreate,
   });
 };
 
-export const getAddTeamMemberApiV1TeamsTeamIdMembersPostMutationOptions = <
-  TError = HTTPValidationError,
-  TContext = unknown,
->(options?: {
-  mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
+export const getCreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPostMutationOptions =
+  <TError = HTTPValidationError, TContext = unknown>(options?: {
+    mutation?: UseMutationOptions<
+      Awaited<
+        ReturnType<
+          typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost
+        >
+      >,
+      TError,
+      { teamId: string; data: TeamPolicyOverrideCreate },
+      TContext
+    >;
+  }): UseMutationOptions<
+    Awaited<
+      ReturnType<typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost>
+    >,
     TError,
-    { teamId: string; data: TeamMemberAdd },
+    { teamId: string; data: TeamPolicyOverrideCreate },
     TContext
-  >;
-}): UseMutationOptions<
-  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
-  TError,
-  { teamId: string; data: TeamMemberAdd },
-  TContext
-> => {
-  const { mutation: mutationOptions } = options ?? {};
+  > => {
+    const { mutation: mutationOptions } = options ?? {};
 
-  const mutationFn: MutationFunction<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
-    { teamId: string; data: TeamMemberAdd }
-  > = (props) => {
-    const { teamId, data } = props ?? {};
+    const mutationFn: MutationFunction<
+      Awaited<
+        ReturnType<
+          typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost
+        >
+      >,
+      { teamId: string; data: TeamPolicyOverrideCreate }
+    > = (props) => {
+      const { teamId, data } = props ?? {};
 
-    return addTeamMemberApiV1TeamsTeamIdMembersPost(teamId, data);
-  };
+      return createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost(
+        teamId,
+        data,
+      );
+    };
 
-  return { mutationFn, ...mutationOptions };
-};
+    return { mutationFn, ...mutationOptions };
+  };
 
-export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationResult =
+export type CreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPostMutationResult =
   NonNullable<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>
+    Awaited<
+      ReturnType<typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost>
+    >
   >;
-export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationBody =
-  TeamMemberAdd;
-export type AddTeamMemberApiV1TeamsTeamIdMembersPostMutationError =
+export type CreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPostMutationBody =
+  TeamPolicyOverrideCreate;
+export type CreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPostMutationError =
   HTTPValidationError;
 
 /**
- * @summary Add Team Member
+ * @summary Create Policy Override
  */
-export const useAddTeamMemberApiV1TeamsTeamIdMembersPost = <
+export const useCreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
-    Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
+    Awaited<
+      ReturnType<typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost>
+    >,
     TError,
-    { teamId: string; data: TeamMemberAdd },
+    { teamId: string; data: TeamPolicyOverrideCreate },
     TContext
   >;
 }): UseMutationResult<
-  Awaited<ReturnType<typeof addTeamMemberApiV1TeamsTeamIdMembersPost>>,
+  Awaited<
+    ReturnType<typeof createPolicyOverrideApiV1TeamsTeamIdPolicyOverridesPost>
+  >,
   TError,
-  { teamId: string; data: TeamMemberAdd },
+  { teamId: string; data: TeamPolicyOverrideCreate },
   TContext
 > => {
   const mutationOptions =
-    getAddTeamMemberApiV1TeamsTeamIdMembersPostMutationOptions(options);
+    getCreatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesPostMutationOptions(
+      options,
+    );
 
   return useMutation(mutationOptions);
 };
 /**
- * Remove a member from a team.
+ * Update a policy override.
 
 Requires admin scope.
- * @summary Remove Team Member
+ * @summary Update Policy Override
  */
-export const removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete = (
+export const updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut =
+  (
+    teamId: string,
+    overrideId: string,
+    teamPolicyOverrideUpdate: TeamPolicyOverrideUpdate,
+  ) => {
+    return customInstance<TeamPolicyOverrideResponse>({
+      url: `/api/v1/teams/${teamId}/policy/overrides/${overrideId}`,
+      method: "PUT",
+      headers: { "Content-Type": "application/json" },
+      data: teamPolicyOverrideUpdate,
+    });
+  };
+
+export const getUpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPutMutationOptions =
+  <TError = HTTPValidationError, TContext = unknown>(options?: {
+    mutation?: UseMutationOptions<
+      Awaited<
+        ReturnType<
+          typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+        >
+      >,
+      TError,
+      { teamId: string; overrideId: string; data: TeamPolicyOverrideUpdate },
+      TContext
+    >;
+  }): UseMutationOptions<
+    Awaited<
+      ReturnType<
+        typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+      >
+    >,
+    TError,
+    { teamId: string; overrideId: string; data: TeamPolicyOverrideUpdate },
+    TContext
+  > => {
+    const { mutation: mutationOptions } = options ?? {};
+
+    const mutationFn: MutationFunction<
+      Awaited<
+        ReturnType<
+          typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+        >
+      >,
+      { teamId: string; overrideId: string; data: TeamPolicyOverrideUpdate }
+    > = (props) => {
+      const { teamId, overrideId, data } = props ?? {};
+
+      return updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut(
+        teamId,
+        overrideId,
+        data,
+      );
+    };
+
+    return { mutationFn, ...mutationOptions };
+  };
+
+export type UpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPutMutationResult =
+  NonNullable<
+    Awaited<
+      ReturnType<
+        typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+      >
+    >
+  >;
+export type UpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPutMutationBody =
+  TeamPolicyOverrideUpdate;
+export type UpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPutMutationError =
+  HTTPValidationError;
+
+/**
+ * @summary Update Policy Override
+ */
+export const useUpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut =
+  <TError = HTTPValidationError, TContext = unknown>(options?: {
+    mutation?: UseMutationOptions<
+      Awaited<
+        ReturnType<
+          typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+        >
+      >,
+      TError,
+      { teamId: string; overrideId: string; data: TeamPolicyOverrideUpdate },
+      TContext
+    >;
+  }): UseMutationResult<
+    Awaited<
+      ReturnType<
+        typeof updatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPut
+      >
+    >,
+    TError,
+    { teamId: string; overrideId: string; data: TeamPolicyOverrideUpdate },
+    TContext
+  > => {
+    const mutationOptions =
+      getUpdatePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdPutMutationOptions(
+        options,
+      );
+
+    return useMutation(mutationOptions);
+  };
+/**
+ * Delete a policy override.
+
+Requires admin scope.
+ * @summary Delete Policy Override
+ */
+export const deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete =
+  (teamId: string, overrideId: string) => {
+    return customInstance<void>({
+      url: `/api/v1/teams/${teamId}/policy/overrides/${overrideId}`,
+      method: "DELETE",
+    });
+  };
+
+export const getDeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDeleteMutationOptions =
+  <TError = HTTPValidationError, TContext = unknown>(options?: {
+    mutation?: UseMutationOptions<
+      Awaited<
+        ReturnType<
+          typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+        >
+      >,
+      TError,
+      { teamId: string; overrideId: string },
+      TContext
+    >;
+  }): UseMutationOptions<
+    Awaited<
+      ReturnType<
+        typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+      >
+    >,
+    TError,
+    { teamId: string; overrideId: string },
+    TContext
+  > => {
+    const { mutation: mutationOptions } = options ?? {};
+
+    const mutationFn: MutationFunction<
+      Awaited<
+        ReturnType<
+          typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+        >
+      >,
+      { teamId: string; overrideId: string }
+    > = (props) => {
+      const { teamId, overrideId } = props ?? {};
+
+      return deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete(
+        teamId,
+        overrideId,
+      );
+    };
+
+    return { mutationFn, ...mutationOptions };
+  };
+
+export type DeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDeleteMutationResult =
+  NonNullable<
+    Awaited<
+      ReturnType<
+        typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+      >
+    >
+  >;
+
+export type DeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDeleteMutationError =
+  HTTPValidationError;
+
+/**
+ * @summary Delete Policy Override
+ */
+export const useDeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete =
+  <TError = HTTPValidationError, TContext = unknown>(options?: {
+    mutation?: UseMutationOptions<
+      Awaited<
+        ReturnType<
+          typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+        >
+      >,
+      TError,
+      { teamId: string; overrideId: string },
+      TContext
+    >;
+  }): UseMutationResult<
+    Awaited<
+      ReturnType<
+        typeof deletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDelete
+      >
+    >,
+    TError,
+    { teamId: string; overrideId: string },
+    TContext
+  > => {
+    const mutationOptions =
+      getDeletePolicyOverrideApiV1TeamsTeamIdPolicyOverridesOverrideIdDeleteMutationOptions(
+        options,
+      );
+
+    return useMutation(mutationOptions);
+  };
+/**
+ * Update or create queue limits for a team.
+
+Requires admin scope.
+ * @summary Update Queue Limits
+ */
+export const updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut = (
   teamId: string,
-  userId: string,
+  teamQueueLimitsUpdate: TeamQueueLimitsUpdate,
 ) => {
-  return customInstance<void>({
-    url: `/api/v1/teams/${teamId}/members/${userId}`,
-    method: "DELETE",
+  return customInstance<TeamQueueLimitsResponse>({
+    url: `/api/v1/teams/${teamId}/policy/queue-limits`,
+    method: "PUT",
+    headers: { "Content-Type": "application/json" },
+    data: teamQueueLimitsUpdate,
   });
 };
 
-export const getRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationOptions =
+export const getUpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPutMutationOptions =
   <TError = HTTPValidationError, TContext = unknown>(options?: {
     mutation?: UseMutationOptions<
       Awaited<
-        ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+        ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
       >,
       TError,
-      { teamId: string; userId: string },
+      { teamId: string; data: TeamQueueLimitsUpdate },
       TContext
     >;
   }): UseMutationOptions<
     Awaited<
-      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+      ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
     >,
     TError,
-    { teamId: string; userId: string },
+    { teamId: string; data: TeamQueueLimitsUpdate },
     TContext
   > => {
     const { mutation: mutationOptions } = options ?? {};
 
     const mutationFn: MutationFunction<
       Awaited<
-        ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+        ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
       >,
-      { teamId: string; userId: string }
+      { teamId: string; data: TeamQueueLimitsUpdate }
     > = (props) => {
-      const { teamId, userId } = props ?? {};
+      const { teamId, data } = props ?? {};
 
-      return removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete(
+      return updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut(
         teamId,
-        userId,
+        data,
       );
     };
 
     return { mutationFn, ...mutationOptions };
   };
 
-export type RemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationResult =
+export type UpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPutMutationResult =
   NonNullable<
     Awaited<
-      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+      ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
     >
   >;
-
-export type RemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationError =
+export type UpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPutMutationBody =
+  TeamQueueLimitsUpdate;
+export type UpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPutMutationError =
   HTTPValidationError;
 
 /**
- * @summary Remove Team Member
+ * @summary Update Queue Limits
  */
-export const useRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDelete = <
+export const useUpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut = <
   TError = HTTPValidationError,
   TContext = unknown,
 >(options?: {
   mutation?: UseMutationOptions<
     Awaited<
-      ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+      ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
     >,
     TError,
-    { teamId: string; userId: string },
+    { teamId: string; data: TeamQueueLimitsUpdate },
     TContext
   >;
 }): UseMutationResult<
   Awaited<
-    ReturnType<typeof removeTeamMemberApiV1TeamsTeamIdMembersUserIdDelete>
+    ReturnType<typeof updateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPut>
   >,
   TError,
-  { teamId: string; userId: string },
+  { teamId: string; data: TeamQueueLimitsUpdate },
   TContext
 > => {
   const mutationOptions =
-    getRemoveTeamMemberApiV1TeamsTeamIdMembersUserIdDeleteMutationOptions(
+    getUpdateQueueLimitsApiV1TeamsTeamIdPolicyQueueLimitsPutMutationOptions(
       options,
     );
 
diff --git a/frontend/app/src/lib/api/model/activationFunnelResponse.ts b/frontend/app/src/lib/api/model/activationFunnelResponse.ts
new file mode 100644
index 000000000..e070cc8cf
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationFunnelResponse.ts
@@ -0,0 +1,20 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+/**
+ * Activation funnel statistics response.
+ */
+export interface ActivationFunnelResponse {
+  activation_rate: number;
+  investigation_rate: number;
+  issue_rate: number;
+  tenants_activated: number;
+  tenants_with_investigation: number;
+  tenants_with_issue: number;
+  total_tenants: number;
+}
diff --git a/frontend/app/src/lib/api/model/activationStatusResponse.ts b/frontend/app/src/lib/api/model/activationStatusResponse.ts
new file mode 100644
index 000000000..c35a9ae7a
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationStatusResponse.ts
@@ -0,0 +1,24 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { ActivationStatusResponseActivatedAt } from "./activationStatusResponseActivatedAt";
+import type { ActivationStatusResponseDaysToActivation } from "./activationStatusResponseDaysToActivation";
+import type { ActivationStatusResponseFirstInvestigationAt } from "./activationStatusResponseFirstInvestigationAt";
+import type { ActivationStatusResponseFirstIssueAt } from "./activationStatusResponseFirstIssueAt";
+
+/**
+ * Activation status response.
+ */
+export interface ActivationStatusResponse {
+  activated_at: ActivationStatusResponseActivatedAt;
+  created_at: string;
+  days_to_activation: ActivationStatusResponseDaysToActivation;
+  first_investigation_at: ActivationStatusResponseFirstInvestigationAt;
+  first_issue_at: ActivationStatusResponseFirstIssueAt;
+  is_activated: boolean;
+  tenant_id: string;
+}
diff --git a/frontend/app/src/lib/api/model/activationStatusResponseActivatedAt.ts b/frontend/app/src/lib/api/model/activationStatusResponseActivatedAt.ts
new file mode 100644
index 000000000..30623c582
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationStatusResponseActivatedAt.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type ActivationStatusResponseActivatedAt = string | null;
diff --git a/frontend/app/src/lib/api/model/activationStatusResponseDaysToActivation.ts b/frontend/app/src/lib/api/model/activationStatusResponseDaysToActivation.ts
new file mode 100644
index 000000000..b9fdbd9d0
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationStatusResponseDaysToActivation.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type ActivationStatusResponseDaysToActivation = number | null;
diff --git a/frontend/app/src/lib/api/model/activationStatusResponseFirstInvestigationAt.ts b/frontend/app/src/lib/api/model/activationStatusResponseFirstInvestigationAt.ts
new file mode 100644
index 000000000..6081a3f2e
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationStatusResponseFirstInvestigationAt.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type ActivationStatusResponseFirstInvestigationAt = string | null;
diff --git a/frontend/app/src/lib/api/model/activationStatusResponseFirstIssueAt.ts b/frontend/app/src/lib/api/model/activationStatusResponseFirstIssueAt.ts
new file mode 100644
index 000000000..d4ea739a4
--- /dev/null
+++ b/frontend/app/src/lib/api/model/activationStatusResponseFirstIssueAt.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type ActivationStatusResponseFirstIssueAt = string | null;
diff --git a/frontend/app/src/lib/api/model/assetRefRequest.ts b/frontend/app/src/lib/api/model/assetRefRequest.ts
index 9e920da2a..4babd192f 100644
--- a/frontend/app/src/lib/api/model/assetRefRequest.ts
+++ b/frontend/app/src/lib/api/model/assetRefRequest.ts
@@ -11,7 +11,10 @@ import type { AssetRefRequestDatasourceId } from "./assetRefRequestDatasourceId"
  * Asset reference in request.
  */
 export interface AssetRefRequest {
+  /** Optional datasource ID for disambiguation */
   datasource_id?: AssetRefRequestDatasourceId;
+  /** Fully qualified name (db.schema.table) */
   name: string;
+  /** Data platform (postgres, snowflake, dbt) */
   platform: string;
 }
diff --git a/frontend/app/src/lib/api/model/assetRefRequestDatasourceId.ts b/frontend/app/src/lib/api/model/assetRefRequestDatasourceId.ts
index 4f10abc6b..bb7d59184 100644
--- a/frontend/app/src/lib/api/model/assetRefRequestDatasourceId.ts
+++ b/frontend/app/src/lib/api/model/assetRefRequestDatasourceId.ts
@@ -6,4 +6,7 @@
  * OpenAPI spec version: 2.0.0
  */
 
+/**
+ * Optional datasource ID for disambiguation
+ */
 export type AssetRefRequestDatasourceId = string | null;
diff --git a/frontend/app/src/lib/api/model/createBundleRequest.ts b/frontend/app/src/lib/api/model/createBundleRequest.ts
index 50a92f3ab..3ba71d913 100644
--- a/frontend/app/src/lib/api/model/createBundleRequest.ts
+++ b/frontend/app/src/lib/api/model/createBundleRequest.ts
@@ -5,7 +5,7 @@
  * Autonomous Data Quality Investigation
  * OpenAPI spec version: 2.0.0
  */
-import type { DataingEntrypointsApiRoutesBundlesAssetRefRequest } from "./dataingEntrypointsApiRoutesBundlesAssetRefRequest";
+import type { AssetRefRequest } from "./assetRefRequest";
 import type { CreateBundleRequestWindow } from "./createBundleRequestWindow";
 
 /**
@@ -16,7 +16,7 @@ export interface CreateBundleRequest {
    * Assets to include in bundle
    * @minItems 1
    */
-  assets: DataingEntrypointsApiRoutesBundlesAssetRefRequest[];
+  assets: AssetRefRequest[];
   /** Include anomaly summary */
   include_anomalies?: boolean;
   /** Include lineage graph */
diff --git a/frontend/app/src/lib/api/model/getActivationFunnelApiV1AnalyticsActivationFunnelGetParams.ts b/frontend/app/src/lib/api/model/getActivationFunnelApiV1AnalyticsActivationFunnelGetParams.ts
new file mode 100644
index 000000000..1792d26fa
--- /dev/null
+++ b/frontend/app/src/lib/api/model/getActivationFunnelApiV1AnalyticsActivationFunnelGetParams.ts
@@ -0,0 +1,14 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type GetActivationFunnelApiV1AnalyticsActivationFunnelGetParams = {
+  /**
+   * Look back period in days
+   */
+  days?: number;
+};
diff --git a/frontend/app/src/lib/api/model/getWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams.ts b/frontend/app/src/lib/api/model/getWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams.ts
new file mode 100644
index 000000000..73a8776d0
--- /dev/null
+++ b/frontend/app/src/lib/api/model/getWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams.ts
@@ -0,0 +1,18 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type GetWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams = {
+  /**
+   * Number of weeks to return
+   */
+  weeks?: number;
+  /**
+   * Filter by team ID
+   */
+  team_id?: string | null;
+};
diff --git a/frontend/app/src/lib/api/model/index.ts b/frontend/app/src/lib/api/model/index.ts
index ba4029b48..8d1bac37b 100644
--- a/frontend/app/src/lib/api/model/index.ts
+++ b/frontend/app/src/lib/api/model/index.ts
@@ -6,6 +6,12 @@
  * OpenAPI spec version: 2.0.0
  */
 
+export * from "./activationFunnelResponse";
+export * from "./activationStatusResponse";
+export * from "./activationStatusResponseActivatedAt";
+export * from "./activationStatusResponseDaysToActivation";
+export * from "./activationStatusResponseFirstInvestigationAt";
+export * from "./activationStatusResponseFirstIssueAt";
 export * from "./addInvestigationTagApiV1InvestigationsInvestigationIdTagsPost201";
 export * from "./addTeamMemberApiV1TeamsTeamIdMembersPost201";
 export * from "./addTeamMemberApiV1TeamsTeamsTeamIdMembersPost201";
@@ -171,6 +177,7 @@ export * from "./feedbackItem";
 export * from "./feedbackItemComment";
 export * from "./feedbackItemReason";
 export * from "./feedbackResponse";
+export * from "./getActivationFunnelApiV1AnalyticsActivationFunnelGetParams";
 export * from "./getColumnLineageApiV1LineageColumnLineageGetParams";
 export * from "./getCurrentUserApiV1AuthMeGet200";
 export * from "./getDatasetApiV1LineageDatasetDatasetIdGetParams";
@@ -189,6 +196,7 @@ export * from "./getRunApiV1RunsRunIdGet200";
 export * from "./getUpstreamApiV1LineageUpstreamGetParams";
 export * from "./getUserApiV1ScimV2UsersUserIdGet200";
 export * from "./getUserOrgsApiV1AuthMeOrgsGet200Item";
+export * from "./getWeeklyUsageApiV1AnalyticsWeeklyUsageGetParams";
 export * from "./hTTPValidationError";
 export * from "./healthCheckHealthGet200";
 export * from "./inlineBundleRequest";
@@ -457,6 +465,39 @@ export * from "./tagUpdateName";
 export * from "./teamCreate";
 export * from "./teamListResponse";
 export * from "./teamMemberAdd";
+export * from "./teamPolicyFullResponse";
+export * from "./teamPolicyFullResponsePolicy";
+export * from "./teamPolicyFullResponseQueueLimits";
+export * from "./teamPolicyOverrideCreate";
+export * from "./teamPolicyOverrideCreateAutoInvestigateMinSeverity";
+export * from "./teamPolicyOverrideCreateDatasetId";
+export * from "./teamPolicyOverrideCreateDefaultAction";
+export * from "./teamPolicyOverrideCreateReviewRequiredMaxSeverity";
+export * from "./teamPolicyOverrideCreateTagId";
+export * from "./teamPolicyOverrideResponse";
+export * from "./teamPolicyOverrideResponseAutoInvestigateMinSeverity";
+export * from "./teamPolicyOverrideResponseDatasetId";
+export * from "./teamPolicyOverrideResponseDefaultAction";
+export * from "./teamPolicyOverrideResponseReviewRequiredMaxSeverity";
+export * from "./teamPolicyOverrideResponseTagId";
+export * from "./teamPolicyOverrideUpdate";
+export * from "./teamPolicyOverrideUpdateAutoInvestigateMinSeverity";
+export * from "./teamPolicyOverrideUpdateDefaultAction";
+export * from "./teamPolicyOverrideUpdateReviewRequiredMaxSeverity";
+export * from "./teamPolicyResponse";
+export * from "./teamPolicyResponseAutoInvestigateMinSeverity";
+export * from "./teamPolicyResponseReviewRequiredMaxSeverity";
+export * from "./teamPolicyUpdate";
+export * from "./teamPolicyUpdateAutoInvestigateMinSeverity";
+export * from "./teamPolicyUpdateDefaultAction";
+export * from "./teamPolicyUpdateReviewRequiredMaxSeverity";
+export * from "./teamPolicyUpdateSources";
+export * from "./teamQueueLimitsResponse";
+export * from "./teamQueueLimitsUpdate";
+export * from "./teamQueueLimitsUpdateBatchSize";
+export * from "./teamQueueLimitsUpdateBurstSize";
+export * from "./teamQueueLimitsUpdateMaxConcurrent";
+export * from "./teamQueueLimitsUpdateRateLimitPerMinute";
 export * from "./teamResponse";
 export * from "./teamResponseExternalId";
 export * from "./teamResponseMemberCount";
@@ -520,6 +561,10 @@ export * from "./watcherListResponse";
 export * from "./watcherResponse";
 export * from "./webhookCreatedResponse";
 export * from "./webhookIssueResponse";
+export * from "./webhookIssueResponseInvestigationId";
+export * from "./webhookIssueResponsePolicyAction";
 export * from "./webhookResponse";
 export * from "./webhookResponseLastStatus";
 export * from "./webhookResponseLastTriggeredAt";
+export * from "./weeklyUsageListResponse";
+export * from "./weeklyUsageResponse";
diff --git a/frontend/app/src/lib/api/model/inlineBundleRequest.ts b/frontend/app/src/lib/api/model/inlineBundleRequest.ts
index 57b409a46..edccf2f58 100644
--- a/frontend/app/src/lib/api/model/inlineBundleRequest.ts
+++ b/frontend/app/src/lib/api/model/inlineBundleRequest.ts
@@ -5,13 +5,13 @@
  * Autonomous Data Quality Investigation
  * OpenAPI spec version: 2.0.0
  */
-import type { AssetRefRequest } from "./assetRefRequest";
+import type { DataingEntrypointsApiRoutesRunsAssetRefRequest } from "./dataingEntrypointsApiRoutesRunsAssetRefRequest";
 import type { InlineBundleRequestWindow } from "./inlineBundleRequestWindow";
 
 /**
  * Inline bundle specification for one-call API.
  */
 export interface InlineBundleRequest {
-  assets: AssetRefRequest[];
+  assets: DataingEntrypointsApiRoutesRunsAssetRefRequest[];
   window?: InlineBundleRequestWindow;
 }
diff --git a/frontend/app/src/lib/api/model/teamPolicyFullResponse.ts b/frontend/app/src/lib/api/model/teamPolicyFullResponse.ts
new file mode 100644
index 000000000..a44669763
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyFullResponse.ts
@@ -0,0 +1,19 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyOverrideResponse } from "./teamPolicyOverrideResponse";
+import type { TeamPolicyFullResponsePolicy } from "./teamPolicyFullResponsePolicy";
+import type { TeamPolicyFullResponseQueueLimits } from "./teamPolicyFullResponseQueueLimits";
+
+/**
+ * Full team policy response including overrides and queue limits.
+ */
+export interface TeamPolicyFullResponse {
+  overrides?: TeamPolicyOverrideResponse[];
+  policy?: TeamPolicyFullResponsePolicy;
+  queue_limits?: TeamPolicyFullResponseQueueLimits;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyFullResponsePolicy.ts b/frontend/app/src/lib/api/model/teamPolicyFullResponsePolicy.ts
new file mode 100644
index 000000000..9a0c6e373
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyFullResponsePolicy.ts
@@ -0,0 +1,10 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyResponse } from "./teamPolicyResponse";
+
+export type TeamPolicyFullResponsePolicy = TeamPolicyResponse | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyFullResponseQueueLimits.ts b/frontend/app/src/lib/api/model/teamPolicyFullResponseQueueLimits.ts
new file mode 100644
index 000000000..ff349168c
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyFullResponseQueueLimits.ts
@@ -0,0 +1,10 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamQueueLimitsResponse } from "./teamQueueLimitsResponse";
+
+export type TeamPolicyFullResponseQueueLimits = TeamQueueLimitsResponse | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreate.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreate.ts
new file mode 100644
index 000000000..92b178430
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreate.ts
@@ -0,0 +1,23 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyOverrideCreateAutoInvestigateMinSeverity } from "./teamPolicyOverrideCreateAutoInvestigateMinSeverity";
+import type { TeamPolicyOverrideCreateDatasetId } from "./teamPolicyOverrideCreateDatasetId";
+import type { TeamPolicyOverrideCreateDefaultAction } from "./teamPolicyOverrideCreateDefaultAction";
+import type { TeamPolicyOverrideCreateReviewRequiredMaxSeverity } from "./teamPolicyOverrideCreateReviewRequiredMaxSeverity";
+import type { TeamPolicyOverrideCreateTagId } from "./teamPolicyOverrideCreateTagId";
+
+/**
+ * Create a policy override.
+ */
+export interface TeamPolicyOverrideCreate {
+  auto_investigate_min_severity?: TeamPolicyOverrideCreateAutoInvestigateMinSeverity;
+  dataset_id?: TeamPolicyOverrideCreateDatasetId;
+  default_action?: TeamPolicyOverrideCreateDefaultAction;
+  review_required_max_severity?: TeamPolicyOverrideCreateReviewRequiredMaxSeverity;
+  tag_id?: TeamPolicyOverrideCreateTagId;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreateAutoInvestigateMinSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateAutoInvestigateMinSeverity.ts
new file mode 100644
index 000000000..db0c1bf63
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateAutoInvestigateMinSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideCreateAutoInvestigateMinSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDatasetId.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDatasetId.ts
new file mode 100644
index 000000000..52cf10bac
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDatasetId.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideCreateDatasetId = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDefaultAction.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDefaultAction.ts
new file mode 100644
index 000000000..6ccfa0247
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateDefaultAction.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideCreateDefaultAction = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreateReviewRequiredMaxSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateReviewRequiredMaxSeverity.ts
new file mode 100644
index 000000000..669561ca1
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateReviewRequiredMaxSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideCreateReviewRequiredMaxSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideCreateTagId.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateTagId.ts
new file mode 100644
index 000000000..750bac391
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideCreateTagId.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideCreateTagId = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponse.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponse.ts
new file mode 100644
index 000000000..65e91592c
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponse.ts
@@ -0,0 +1,26 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyOverrideResponseAutoInvestigateMinSeverity } from "./teamPolicyOverrideResponseAutoInvestigateMinSeverity";
+import type { TeamPolicyOverrideResponseDatasetId } from "./teamPolicyOverrideResponseDatasetId";
+import type { TeamPolicyOverrideResponseDefaultAction } from "./teamPolicyOverrideResponseDefaultAction";
+import type { TeamPolicyOverrideResponseReviewRequiredMaxSeverity } from "./teamPolicyOverrideResponseReviewRequiredMaxSeverity";
+import type { TeamPolicyOverrideResponseTagId } from "./teamPolicyOverrideResponseTagId";
+
+/**
+ * Team policy override response.
+ */
+export interface TeamPolicyOverrideResponse {
+  auto_investigate_min_severity?: TeamPolicyOverrideResponseAutoInvestigateMinSeverity;
+  dataset_id?: TeamPolicyOverrideResponseDatasetId;
+  default_action?: TeamPolicyOverrideResponseDefaultAction;
+  id: string;
+  is_active?: boolean;
+  review_required_max_severity?: TeamPolicyOverrideResponseReviewRequiredMaxSeverity;
+  tag_id?: TeamPolicyOverrideResponseTagId;
+  team_id: string;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponseAutoInvestigateMinSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseAutoInvestigateMinSeverity.ts
new file mode 100644
index 000000000..8d36dc479
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseAutoInvestigateMinSeverity.ts
@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideResponseAutoInvestigateMinSeverity =
+  | string
+  | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDatasetId.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDatasetId.ts
new file mode 100644
index 000000000..102a8b331
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDatasetId.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideResponseDatasetId = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDefaultAction.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDefaultAction.ts
new file mode 100644
index 000000000..d62edf795
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseDefaultAction.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideResponseDefaultAction = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponseReviewRequiredMaxSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseReviewRequiredMaxSeverity.ts
new file mode 100644
index 000000000..38ef9f02e
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseReviewRequiredMaxSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideResponseReviewRequiredMaxSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideResponseTagId.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseTagId.ts
new file mode 100644
index 000000000..be004073d
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideResponseTagId.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideResponseTagId = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideUpdate.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdate.ts
new file mode 100644
index 000000000..f8b3d0d58
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdate.ts
@@ -0,0 +1,19 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyOverrideUpdateAutoInvestigateMinSeverity } from "./teamPolicyOverrideUpdateAutoInvestigateMinSeverity";
+import type { TeamPolicyOverrideUpdateDefaultAction } from "./teamPolicyOverrideUpdateDefaultAction";
+import type { TeamPolicyOverrideUpdateReviewRequiredMaxSeverity } from "./teamPolicyOverrideUpdateReviewRequiredMaxSeverity";
+
+/**
+ * Update a policy override.
+ */
+export interface TeamPolicyOverrideUpdate {
+  auto_investigate_min_severity?: TeamPolicyOverrideUpdateAutoInvestigateMinSeverity;
+  default_action?: TeamPolicyOverrideUpdateDefaultAction;
+  review_required_max_severity?: TeamPolicyOverrideUpdateReviewRequiredMaxSeverity;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateAutoInvestigateMinSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateAutoInvestigateMinSeverity.ts
new file mode 100644
index 000000000..6b8d567cf
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateAutoInvestigateMinSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideUpdateAutoInvestigateMinSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateDefaultAction.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateDefaultAction.ts
new file mode 100644
index 000000000..6e2cb43cc
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateDefaultAction.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideUpdateDefaultAction = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateReviewRequiredMaxSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateReviewRequiredMaxSeverity.ts
new file mode 100644
index 000000000..05105a52c
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyOverrideUpdateReviewRequiredMaxSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyOverrideUpdateReviewRequiredMaxSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyResponse.ts b/frontend/app/src/lib/api/model/teamPolicyResponse.ts
new file mode 100644
index 000000000..542dd14b8
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyResponse.ts
@@ -0,0 +1,22 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyResponseAutoInvestigateMinSeverity } from "./teamPolicyResponseAutoInvestigateMinSeverity";
+import type { TeamPolicyResponseReviewRequiredMaxSeverity } from "./teamPolicyResponseReviewRequiredMaxSeverity";
+
+/**
+ * Team policy response.
+ */
+export interface TeamPolicyResponse {
+  auto_investigate_min_severity?: TeamPolicyResponseAutoInvestigateMinSeverity;
+  default_action: string;
+  id: string;
+  is_active?: boolean;
+  review_required_max_severity?: TeamPolicyResponseReviewRequiredMaxSeverity;
+  sources?: string[];
+  team_id: string;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyResponseAutoInvestigateMinSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyResponseAutoInvestigateMinSeverity.ts
new file mode 100644
index 000000000..8a8004f5b
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyResponseAutoInvestigateMinSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyResponseAutoInvestigateMinSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyResponseReviewRequiredMaxSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyResponseReviewRequiredMaxSeverity.ts
new file mode 100644
index 000000000..f0a15622e
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyResponseReviewRequiredMaxSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyResponseReviewRequiredMaxSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyUpdate.ts b/frontend/app/src/lib/api/model/teamPolicyUpdate.ts
new file mode 100644
index 000000000..73c7e055b
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyUpdate.ts
@@ -0,0 +1,21 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamPolicyUpdateAutoInvestigateMinSeverity } from "./teamPolicyUpdateAutoInvestigateMinSeverity";
+import type { TeamPolicyUpdateDefaultAction } from "./teamPolicyUpdateDefaultAction";
+import type { TeamPolicyUpdateReviewRequiredMaxSeverity } from "./teamPolicyUpdateReviewRequiredMaxSeverity";
+import type { TeamPolicyUpdateSources } from "./teamPolicyUpdateSources";
+
+/**
+ * Team policy update request.
+ */
+export interface TeamPolicyUpdate {
+  auto_investigate_min_severity?: TeamPolicyUpdateAutoInvestigateMinSeverity;
+  default_action?: TeamPolicyUpdateDefaultAction;
+  review_required_max_severity?: TeamPolicyUpdateReviewRequiredMaxSeverity;
+  sources?: TeamPolicyUpdateSources;
+}
diff --git a/frontend/app/src/lib/api/model/teamPolicyUpdateAutoInvestigateMinSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyUpdateAutoInvestigateMinSeverity.ts
new file mode 100644
index 000000000..896a40a4d
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyUpdateAutoInvestigateMinSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyUpdateAutoInvestigateMinSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyUpdateDefaultAction.ts b/frontend/app/src/lib/api/model/teamPolicyUpdateDefaultAction.ts
new file mode 100644
index 000000000..e99eca74e
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyUpdateDefaultAction.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyUpdateDefaultAction = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyUpdateReviewRequiredMaxSeverity.ts b/frontend/app/src/lib/api/model/teamPolicyUpdateReviewRequiredMaxSeverity.ts
new file mode 100644
index 000000000..57c13aeab
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyUpdateReviewRequiredMaxSeverity.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyUpdateReviewRequiredMaxSeverity = string | null;
diff --git a/frontend/app/src/lib/api/model/teamPolicyUpdateSources.ts b/frontend/app/src/lib/api/model/teamPolicyUpdateSources.ts
new file mode 100644
index 000000000..98e0697ea
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamPolicyUpdateSources.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamPolicyUpdateSources = string[] | null;
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsResponse.ts b/frontend/app/src/lib/api/model/teamQueueLimitsResponse.ts
new file mode 100644
index 000000000..dd2e016ca
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsResponse.ts
@@ -0,0 +1,20 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+/**
+ * Team queue limits response.
+ */
+export interface TeamQueueLimitsResponse {
+  batch_size?: number;
+  burst_size?: number;
+  id: string;
+  is_active?: boolean;
+  max_concurrent?: number;
+  rate_limit_per_minute?: number;
+  team_id: string;
+}
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsUpdate.ts b/frontend/app/src/lib/api/model/teamQueueLimitsUpdate.ts
new file mode 100644
index 000000000..dafc35719
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsUpdate.ts
@@ -0,0 +1,21 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { TeamQueueLimitsUpdateBatchSize } from "./teamQueueLimitsUpdateBatchSize";
+import type { TeamQueueLimitsUpdateBurstSize } from "./teamQueueLimitsUpdateBurstSize";
+import type { TeamQueueLimitsUpdateMaxConcurrent } from "./teamQueueLimitsUpdateMaxConcurrent";
+import type { TeamQueueLimitsUpdateRateLimitPerMinute } from "./teamQueueLimitsUpdateRateLimitPerMinute";
+
+/**
+ * Team queue limits update request.
+ */
+export interface TeamQueueLimitsUpdate {
+  batch_size?: TeamQueueLimitsUpdateBatchSize;
+  burst_size?: TeamQueueLimitsUpdateBurstSize;
+  max_concurrent?: TeamQueueLimitsUpdateMaxConcurrent;
+  rate_limit_per_minute?: TeamQueueLimitsUpdateRateLimitPerMinute;
+}
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBatchSize.ts b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBatchSize.ts
new file mode 100644
index 000000000..7cb769f2a
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBatchSize.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamQueueLimitsUpdateBatchSize = number | null;
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBurstSize.ts b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBurstSize.ts
new file mode 100644
index 000000000..3d7d58ef0
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateBurstSize.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamQueueLimitsUpdateBurstSize = number | null;
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsUpdateMaxConcurrent.ts b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateMaxConcurrent.ts
new file mode 100644
index 000000000..1d08aad68
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateMaxConcurrent.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamQueueLimitsUpdateMaxConcurrent = number | null;
diff --git a/frontend/app/src/lib/api/model/teamQueueLimitsUpdateRateLimitPerMinute.ts b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateRateLimitPerMinute.ts
new file mode 100644
index 000000000..93098b4c0
--- /dev/null
+++ b/frontend/app/src/lib/api/model/teamQueueLimitsUpdateRateLimitPerMinute.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type TeamQueueLimitsUpdateRateLimitPerMinute = number | null;
diff --git a/frontend/app/src/lib/api/model/testConnectionResponse.ts b/frontend/app/src/lib/api/model/testConnectionResponse.ts
index 89ebe0a1b..7ba462e61 100644
--- a/frontend/app/src/lib/api/model/testConnectionResponse.ts
+++ b/frontend/app/src/lib/api/model/testConnectionResponse.ts
@@ -5,15 +5,14 @@
  * Autonomous Data Quality Investigation
  * OpenAPI spec version: 2.0.0
  */
-import type { TestConnectionResponseLatencyMs } from "./testConnectionResponseLatencyMs";
-import type { TestConnectionResponseServerVersion } from "./testConnectionResponseServerVersion";
+import type { TestConnectionResponseError } from "./testConnectionResponseError";
+import type { TestConnectionResponseTablesAccessible } from "./testConnectionResponseTablesAccessible";
 
 /**
- * Response for testing a connection.
+ * Response for testing credentials.
  */
 export interface TestConnectionResponse {
-  latency_ms?: TestConnectionResponseLatencyMs;
-  message: string;
-  server_version?: TestConnectionResponseServerVersion;
+  error?: TestConnectionResponseError;
   success: boolean;
+  tables_accessible?: TestConnectionResponseTablesAccessible;
 }
diff --git a/frontend/app/src/lib/api/model/webhookIssueResponse.ts b/frontend/app/src/lib/api/model/webhookIssueResponse.ts
index 9772b930f..f889d583c 100644
--- a/frontend/app/src/lib/api/model/webhookIssueResponse.ts
+++ b/frontend/app/src/lib/api/model/webhookIssueResponse.ts
@@ -5,6 +5,8 @@
  * Autonomous Data Quality Investigation
  * OpenAPI spec version: 2.0.0
  */
+import type { WebhookIssueResponseInvestigationId } from "./webhookIssueResponseInvestigationId";
+import type { WebhookIssueResponsePolicyAction } from "./webhookIssueResponsePolicyAction";
 
 /**
  * Response from webhook issue creation.
@@ -12,6 +14,8 @@
 export interface WebhookIssueResponse {
   created: boolean;
   id: string;
+  investigation_id?: WebhookIssueResponseInvestigationId;
   number: number;
+  policy_action?: WebhookIssueResponsePolicyAction;
   status: string;
 }
diff --git a/frontend/app/src/lib/api/model/webhookIssueResponseInvestigationId.ts b/frontend/app/src/lib/api/model/webhookIssueResponseInvestigationId.ts
new file mode 100644
index 000000000..87247121b
--- /dev/null
+++ b/frontend/app/src/lib/api/model/webhookIssueResponseInvestigationId.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type WebhookIssueResponseInvestigationId = string | null;
diff --git a/frontend/app/src/lib/api/model/webhookIssueResponsePolicyAction.ts b/frontend/app/src/lib/api/model/webhookIssueResponsePolicyAction.ts
new file mode 100644
index 000000000..715c071bd
--- /dev/null
+++ b/frontend/app/src/lib/api/model/webhookIssueResponsePolicyAction.ts
@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+export type WebhookIssueResponsePolicyAction = string | null;
diff --git a/frontend/app/src/lib/api/model/weeklyUsageListResponse.ts b/frontend/app/src/lib/api/model/weeklyUsageListResponse.ts
new file mode 100644
index 000000000..97a12e208
--- /dev/null
+++ b/frontend/app/src/lib/api/model/weeklyUsageListResponse.ts
@@ -0,0 +1,15 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+import type { WeeklyUsageResponse } from "./weeklyUsageResponse";
+
+/**
+ * List of weekly usage statistics.
+ */
+export interface WeeklyUsageListResponse {
+  weeks: WeeklyUsageResponse[];
+}
diff --git a/frontend/app/src/lib/api/model/weeklyUsageResponse.ts b/frontend/app/src/lib/api/model/weeklyUsageResponse.ts
new file mode 100644
index 000000000..23fc80878
--- /dev/null
+++ b/frontend/app/src/lib/api/model/weeklyUsageResponse.ts
@@ -0,0 +1,20 @@
+/**
+ * Generated by orval v6.31.0 🍺
+ * Do not edit manually.
+ * dataing
+ * Autonomous Data Quality Investigation
+ * OpenAPI spec version: 2.0.0
+ */
+
+/**
+ * Weekly usage statistics response.
+ */
+export interface WeeklyUsageResponse {
+  active_teams: number;
+  investigations_completed: number;
+  investigations_started: number;
+  issues_created: number;
+  issues_resolved: number;
+  resolution_rate: number;
+  week_start: string;
+}
diff --git a/justfile b/justfile
index 0cb4b5123..8d8260309 100644
--- a/justfile
+++ b/justfile
@@ -446,6 +446,8 @@ demo: demo-fixtures
     PGPASSWORD=dataing psql -h localhost -U dataing -d dataing_demo -f python-packages/dataing/migrations/025_sdk_bundles_runs.sql 2>&1 | grep -v "^NOTICE:" || true
     PGPASSWORD=dataing psql -h localhost -U dataing -d dataing_demo -f python-packages/dataing/migrations/026_sdk_evidence.sql 2>&1 | grep -v "^NOTICE:" || true
     PGPASSWORD=dataing psql -h localhost -U dataing -d dataing_demo -f python-packages/dataing/migrations/027_sdk_vp_fields.sql 2>&1 | grep -v "^NOTICE:" || true
+    PGPASSWORD=dataing psql -h localhost -U dataing -d dataing_demo -f python-packages/dataing/migrations/028_team_policies.sql 2>&1 | grep -v "^NOTICE:" || true
+    PGPASSWORD=dataing psql -h localhost -U dataing -d dataing_demo -f python-packages/dataing/migrations/029_analytics_events.sql 2>&1 | grep -v "^NOTICE:" || true
 
     trap 'kill 0' EXIT
 
diff --git a/plan.md b/plan.md
new file mode 100644
index 000000000..82dc83e58
--- /dev/null
+++ b/plan.md
@@ -0,0 +1,207 @@
+# Dataing 6-Month PMF + Series A Plan
+
+## Goals
+- Product market fit: teams use issues + investigations as the default data incident workflow.
+- Enterprise readiness: OIDC + generic SAML, audit logs, and VPC/self-host packaging.
+- Revenue: ARR growth with strong usage + retention in data platform teams.
+
+## Success Metrics
+- Activation: % of new orgs with first issue created and first investigation run within 7 days.
+- Engagement: weekly active data teams, investigations per org per week, and issue resolution rate.
+- Quality: % of investigations with accepted root cause and recommendations marked helpful.
+- Revenue: pipeline to first enterprise customers + measurable ARR growth.
+
+## UX (Aligned To Existing Frontend)
+
+### Issues (Top-of-funnel Triage)
+- Use existing list and workspace screens for triage, assignment, and investigation runs.
+- Add team policy banner + link to Teams settings (policy editor lives in Settings > Teams).
+- Show latest investigation summary on issue workspace when available.
+
+References:
+- `frontend/app/src/features/issues/IssueList.tsx`
+- `frontend/app/src/features/issues/IssueWorkspace.tsx`
+- `frontend/app/src/features/issues/IssueCreate.tsx`
+
+### Investigations
+- Keep current investigation detail layout (timeline, evidence, synthesis).
+- Wire feedback UI into synthesis and evidence (thumbs up/down + reason).
+- Support optional human-in-the-loop review UI when policies require it.
+
+References:
+- `frontend/app/src/features/investigation/InvestigationDetail.tsx`
+- `frontend/app/src/features/investigation/components/InvestigationFeedbackButtons.tsx`
+- `frontend/app/src/features/investigation/context-review.tsx`
+
+### Notifications
+- Keep current notifications page and route-to-resource behavior.
+- Use approval_required notifications to route to context review.
+
+References:
+- `frontend/app/src/features/notifications/notifications-page.tsx`
+- `frontend/app/src/features/notifications/components/notification-card.tsx`
+
+### Team Policy Editor
+- New editor in Settings > Teams to manage:
+  - Alert sources per team
+  - Auto-investigate thresholds
+  - Human review requirements
+  - Dataset-specific overrides (by dataset tag or explicit dataset)
+  - Queue and rate limit settings
+
+Reference:
+- `frontend/app/src/features/settings/teams/teams-settings.tsx`
+
+
+## Architecture
+
+### System Flow
+```mermaid
+flowchart LR
+    A[Alert Sources
+Monte Carlo / GE / dbt / PagerDuty / Jira / Custom] --> B[Integrations Ingest
+Field Mapping + Signature]
+    B --> C[Issue Service
+Create / Triage]
+    C --> D[Team Policy Engine
+Team + Dataset Rules]
+    D -->|Queue/Batch| E[Investigation Orchestrator
+Temporal Workflow]
+    E --> F[Evidence + Synthesis]
+    F --> G[Issue Update
+Resolve + Recos]
+    G --> H[Notifications
+SSE + Email + Slack]
+    F --> I[Feedback Signals
+Thumbs + Resolved]
+    I --> J[Learning Loop
+Patterns + Runbooks]
+```
+
+### Deployment + Enterprise Adapters
+```mermaid
+flowchart TB
+    subgraph UI[Frontend]
+        UI1[Issues]
+        UI2[Investigations]
+        UI3[Notifications]
+        UI4[Settings / Teams]
+    end
+
+    subgraph API[Backend API]
+        API1[Issue Service]
+        API2[Policy Engine]
+        API3[Investigation API]
+        API4[Notifications]
+        API5[Entitlements]
+    end
+
+    subgraph Core[Core Services]
+        CORE1[Temporal Orchestrator]
+        CORE2[Evidence Store]
+        CORE3[Feedback Store]
+    end
+
+    subgraph Adapters[Adapters]
+        AD1[Integrations
+MC/GE/dbt/PD/Jira]
+        AD2[SSO OIDC Adapter]
+        AD3[SAML Adapter
+(Generic)]
+        AD4[Audit Log Adapter]
+        AD5[Queue/Rate Limit
+Redis]
+    end
+
+    UI --> API --> Core
+    API --> Adapters
+```
+
+### Investigation Queueing
+```mermaid
+sequenceDiagram
+    participant Source as Alert Source
+    participant API as Issue API
+    participant Policy as Policy Engine
+    participant Queue as Team Queue
+    participant Worker as Investigation Worker
+    participant Temporal as Temporal
+
+    Source->>API: Create Issue (alert)
+    API->>Policy: Evaluate team + dataset rules
+    Policy-->>API: Action (auto / review / issue-only)
+    API->>Queue: Enqueue investigation (rate limit by team)
+    Queue->>Worker: Dequeue batch
+    Worker->>Temporal: Start workflow
+    Temporal-->>Worker: Run updates
+    Worker->>API: Store evidence + synthesis
+```
+
+
+## APIs (New or Extended)
+
+### Team Policies
+- `GET /api/v1/teams/{id}/policies`
+- `PUT /api/v1/teams/{id}/policies`
+- `POST /api/v1/teams/{id}/policies/overrides`
+
+Policy schema (high level):
+- `sources[]` (mc, ge, dbt, pagerduty, jira, custom)
+- `auto_investigate.min_severity`
+- `review_required.max_severity`
+- `queue.rate_limit_per_minute`
+- `dataset_overrides[]` (dataset_id or tag-based)
+
+### Issue Actions
+- `POST /api/v1/issues/{id}/queue-investigation`
+- `POST /api/v1/issues/{id}/require-review`
+- `POST /api/v1/issues/{id}/resolve` (marks resolved = strong signal)
+
+### Feedback
+- `POST /api/v1/investigations/{id}/feedback`
+- `GET /api/v1/investigations/{id}/feedback`
+
+### Notifications
+- `POST /api/v1/notifications/mark-all-read`
+- `GET /api/v1/notifications?unread=true`
+
+### Enterprise Auth
+- `GET /api/v1/auth/sso/providers` (OIDC + SAML)
+- `POST /api/v1/auth/sso/callback` (already for OIDC)
+- SAML endpoints via adapter: `/api/v1/auth/sso/saml/*`
+
+
+## Data Model (Additions)
+- `team_policies` table
+- `team_policy_overrides` table (dataset_id or tag)
+- `team_queue_limits` table
+- `issue_status_events` table (optional, for analytics)
+
+
+## Roadmap (6 Months)
+
+### Month 0-2: Triage + Policy Engine
+- Implement team policy engine with dataset overrides and rate limits.
+- Wire integrations into issues with policy-driven actions (auto, review, issue-only).
+- Add policy editor in Settings > Teams.
+- Replace in-memory SSE event storage and rate limiting with Redis.
+- Tighten issue + investigation analytics (activation, weekly usage).
+
+### Month 2-4: Investigation UX + Feedback Loop
+- Wire feedback UI to investigation detail (synthesis and evidence).
+- Add optional context review flow triggered by policy.
+- Promote investigation summary on issue workspace.
+- Improve recommendation capture and issue resolution signals.
+- Stabilize queue worker and retry behavior.
+
+### Month 4-6: Enterprise Readiness + VPC
+- OIDC + generic SAML adapters (hexagonal provider interface).
+- Audit log export and view.
+- VPC/self-host deployment packaging and docs.
+- Integration polish for Monte Carlo + Great Expectations.
+- Runbook generation surfaced for resolved issues.
+
+## Later Work
+- SCIM provisioning (stub exists).
+- Automated fixing based on validated user feedback.
+- Compliance extensions beyond GDPR (finance/healthcare).
diff --git a/python-packages/dataing/migrations/028_team_policies.sql b/python-packages/dataing/migrations/028_team_policies.sql
new file mode 100644
index 000000000..37c6cee06
--- /dev/null
+++ b/python-packages/dataing/migrations/028_team_policies.sql
@@ -0,0 +1,77 @@
+-- Team policy configuration for triage + investigation automation
+
+-- Dataset tags (for policy overrides by tag)
+CREATE TABLE dataset_tags (
+    dataset_id UUID NOT NULL REFERENCES datasets(id) ON DELETE CASCADE,
+    tag_id UUID NOT NULL REFERENCES resource_tags(id) ON DELETE CASCADE,
+    PRIMARY KEY (dataset_id, tag_id)
+);
+CREATE INDEX idx_dataset_tags_dataset ON dataset_tags(dataset_id);
+CREATE INDEX idx_dataset_tags_tag ON dataset_tags(tag_id);
+
+-- Team default policy
+CREATE TABLE team_policies (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    org_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    team_id UUID NOT NULL REFERENCES teams(id) ON DELETE CASCADE,
+    sources TEXT[] NOT NULL DEFAULT '{}',
+    default_action TEXT NOT NULL DEFAULT 'issue_only',
+    auto_investigate_min_severity TEXT,
+    review_required_max_severity TEXT,
+    is_active BOOLEAN NOT NULL DEFAULT true,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    UNIQUE (team_id)
+);
+CREATE INDEX idx_team_policies_org ON team_policies(org_id);
+CREATE INDEX idx_team_policies_team ON team_policies(team_id);
+
+-- Dataset-specific or tag-specific overrides
+CREATE TABLE team_policy_overrides (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    org_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    team_id UUID NOT NULL REFERENCES teams(id) ON DELETE CASCADE,
+    dataset_id TEXT,
+    tag_id UUID REFERENCES resource_tags(id) ON DELETE CASCADE,
+    default_action TEXT,
+    auto_investigate_min_severity TEXT,
+    review_required_max_severity TEXT,
+    is_active BOOLEAN NOT NULL DEFAULT true,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    CONSTRAINT one_override_selector CHECK (
+        (dataset_id IS NOT NULL)::int +
+        (tag_id IS NOT NULL)::int = 1
+    )
+);
+CREATE INDEX idx_team_policy_overrides_org ON team_policy_overrides(org_id);
+CREATE INDEX idx_team_policy_overrides_team ON team_policy_overrides(team_id);
+CREATE INDEX idx_team_policy_overrides_dataset ON team_policy_overrides(dataset_id)
+    WHERE dataset_id IS NOT NULL;
+CREATE INDEX idx_team_policy_overrides_tag ON team_policy_overrides(tag_id)
+    WHERE tag_id IS NOT NULL;
+
+-- Team queue limits (per team rate limit + concurrency)
+CREATE TABLE team_queue_limits (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    org_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    team_id UUID NOT NULL REFERENCES teams(id) ON DELETE CASCADE,
+    rate_limit_per_minute INTEGER NOT NULL DEFAULT 60,
+    burst_size INTEGER NOT NULL DEFAULT 10,
+    max_concurrent INTEGER NOT NULL DEFAULT 5,
+    batch_size INTEGER NOT NULL DEFAULT 5,
+    is_active BOOLEAN NOT NULL DEFAULT true,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    UNIQUE (team_id)
+);
+CREATE INDEX idx_team_queue_limits_org ON team_queue_limits(org_id);
+CREATE INDEX idx_team_queue_limits_team ON team_queue_limits(team_id);
+
+-- Triggers for updated_at
+CREATE TRIGGER update_team_policies_updated_at BEFORE UPDATE ON team_policies
+    FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
+CREATE TRIGGER update_team_policy_overrides_updated_at BEFORE UPDATE ON team_policy_overrides
+    FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
+CREATE TRIGGER update_team_queue_limits_updated_at BEFORE UPDATE ON team_queue_limits
+    FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
diff --git a/python-packages/dataing/migrations/029_analytics_events.sql b/python-packages/dataing/migrations/029_analytics_events.sql
new file mode 100644
index 000000000..2f02bd38a
--- /dev/null
+++ b/python-packages/dataing/migrations/029_analytics_events.sql
@@ -0,0 +1,101 @@
+-- Analytics Events for Activation and Usage Tracking
+-- fn-24.7: Activation + weekly usage analytics
+
+-- Analytics events table for recording business-level events
+CREATE TABLE analytics_events (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tenant_id UUID NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
+    team_id UUID REFERENCES teams(id) ON DELETE SET NULL,
+    event_type TEXT NOT NULL,  -- issue_created, investigation_started, investigation_completed, issue_resolved
+    entity_type TEXT NOT NULL,  -- issue, investigation
+    entity_id UUID NOT NULL,
+    payload JSONB NOT NULL DEFAULT '{}',
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+-- Indexes for common analytics queries
+CREATE INDEX idx_analytics_events_tenant_type ON analytics_events(tenant_id, event_type);
+CREATE INDEX idx_analytics_events_tenant_created ON analytics_events(tenant_id, created_at DESC);
+CREATE INDEX idx_analytics_events_team_type ON analytics_events(team_id, event_type) WHERE team_id IS NOT NULL;
+CREATE INDEX idx_analytics_events_type_created ON analytics_events(event_type, created_at);
+
+-- Tenant activation tracking
+CREATE TABLE tenant_activation (
+    tenant_id UUID PRIMARY KEY REFERENCES tenants(id) ON DELETE CASCADE,
+    created_at TIMESTAMPTZ NOT NULL,
+    first_issue_at TIMESTAMPTZ,
+    first_investigation_at TIMESTAMPTZ,
+    activated_at TIMESTAMPTZ,  -- set when both first_issue_at and first_investigation_at exist within 7 days of created_at
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+-- Index for activation funnel queries
+CREATE INDEX idx_tenant_activation_status ON tenant_activation(activated_at) WHERE activated_at IS NOT NULL;
+
+-- Materialized view for weekly usage aggregates (refreshed by cron or on-demand)
+CREATE MATERIALIZED VIEW weekly_usage_stats AS
+SELECT
+    date_trunc('week', ae.created_at) AS week_start,
+    ae.tenant_id,
+    ae.team_id,
+    COUNT(*) FILTER (WHERE ae.event_type = 'issue_created') AS issues_created,
+    COUNT(*) FILTER (WHERE ae.event_type = 'investigation_started') AS investigations_started,
+    COUNT(*) FILTER (WHERE ae.event_type = 'investigation_completed') AS investigations_completed,
+    COUNT(*) FILTER (WHERE ae.event_type = 'issue_resolved') AS issues_resolved,
+    COUNT(DISTINCT CASE WHEN ae.event_type IN ('issue_created', 'investigation_started') THEN ae.team_id END) AS active_teams
+FROM analytics_events ae
+GROUP BY date_trunc('week', ae.created_at), ae.tenant_id, ae.team_id;
+
+-- Create unique index for concurrent refresh
+CREATE UNIQUE INDEX idx_weekly_usage_stats_pk ON weekly_usage_stats(week_start, tenant_id, team_id);
+
+-- Function to record an analytics event
+CREATE OR REPLACE FUNCTION record_analytics_event(
+    p_tenant_id UUID,
+    p_team_id UUID,
+    p_event_type TEXT,
+    p_entity_type TEXT,
+    p_entity_id UUID,
+    p_payload JSONB DEFAULT '{}'
+) RETURNS UUID AS $$
+DECLARE
+    event_id UUID;
+BEGIN
+    INSERT INTO analytics_events (tenant_id, team_id, event_type, entity_type, entity_id, payload)
+    VALUES (p_tenant_id, p_team_id, p_event_type, p_entity_type, p_entity_id, p_payload)
+    RETURNING id INTO event_id;
+
+    -- Update activation tracking for tenant
+    IF p_event_type = 'issue_created' THEN
+        INSERT INTO tenant_activation (tenant_id, created_at, first_issue_at, updated_at)
+        VALUES (p_tenant_id, (SELECT created_at FROM tenants WHERE id = p_tenant_id), NOW(), NOW())
+        ON CONFLICT (tenant_id) DO UPDATE SET
+            first_issue_at = COALESCE(tenant_activation.first_issue_at, NOW()),
+            updated_at = NOW();
+    ELSIF p_event_type = 'investigation_completed' THEN
+        INSERT INTO tenant_activation (tenant_id, created_at, first_investigation_at, updated_at)
+        VALUES (p_tenant_id, (SELECT created_at FROM tenants WHERE id = p_tenant_id), NOW(), NOW())
+        ON CONFLICT (tenant_id) DO UPDATE SET
+            first_investigation_at = COALESCE(tenant_activation.first_investigation_at, NOW()),
+            updated_at = NOW();
+    END IF;
+
+    -- Check and set activation status
+    UPDATE tenant_activation
+    SET activated_at = NOW()
+    WHERE tenant_id = p_tenant_id
+      AND activated_at IS NULL
+      AND first_issue_at IS NOT NULL
+      AND first_investigation_at IS NOT NULL
+      AND (first_issue_at <= created_at + INTERVAL '7 days' OR first_investigation_at <= created_at + INTERVAL '7 days');
+
+    RETURN event_id;
+END;
+$$ LANGUAGE plpgsql;
+
+-- Function to refresh weekly stats
+CREATE OR REPLACE FUNCTION refresh_weekly_usage_stats() RETURNS void AS $$
+BEGIN
+    REFRESH MATERIALIZED VIEW CONCURRENTLY weekly_usage_stats;
+END;
+$$ LANGUAGE plpgsql;
diff --git a/python-packages/dataing/openapi.json b/python-packages/dataing/openapi.json
index 040173f29..a06e98ea7 100644
--- a/python-packages/dataing/openapi.json
+++ b/python-packages/dataing/openapi.json
@@ -1730,7 +1730,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TestConnectionResponse"
+                  "$ref": "#/components/schemas/dataing__entrypoints__api__routes__datasources__TestConnectionResponse"
                 }
               }
             }
@@ -1955,7 +1955,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TestConnectionResponse"
+                  "$ref": "#/components/schemas/dataing__entrypoints__api__routes__datasources__TestConnectionResponse"
                 }
               }
             }
@@ -2390,7 +2390,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TestConnectionResponse"
+                  "$ref": "#/components/schemas/dataing__entrypoints__api__routes__datasources__TestConnectionResponse"
                 }
               }
             }
@@ -2615,7 +2615,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TestConnectionResponse"
+                  "$ref": "#/components/schemas/dataing__entrypoints__api__routes__datasources__TestConnectionResponse"
                 }
               }
             }
@@ -3210,7 +3210,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/dataing__entrypoints__api__routes__credentials__TestConnectionResponse"
+                  "$ref": "#/components/schemas/TestConnectionResponse"
                 }
               }
             }
@@ -4269,6 +4269,189 @@
         ]
       }
     },
+    "/api/v1/analytics/weekly-usage": {
+      "get": {
+        "tags": [
+          "analytics"
+        ],
+        "summary": "Get Weekly Usage",
+        "description": "Get weekly usage statistics for the current tenant.\n\nReturns aggregated metrics per week including:\n- Issues created\n- Investigations started and completed\n- Issues resolved\n- Active teams count\n- Issue resolution rate",
+        "operationId": "get_weekly_usage_api_v1_analytics_weekly_usage_get",
+        "security": [
+          {
+            "APIKeyHeader": []
+          },
+          {
+            "HTTPBearer": []
+          }
+        ],
+        "parameters": [
+          {
+            "name": "weeks",
+            "in": "query",
+            "required": false,
+            "schema": {
+              "type": "integer",
+              "maximum": 52,
+              "minimum": 1,
+              "description": "Number of weeks to return",
+              "default": 4,
+              "title": "Weeks"
+            },
+            "description": "Number of weeks to return"
+          },
+          {
+            "name": "team_id",
+            "in": "query",
+            "required": false,
+            "schema": {
+              "anyOf": [
+                {
+                  "type": "string"
+                },
+                {
+                  "type": "null"
+                }
+              ],
+              "description": "Filter by team ID",
+              "title": "Team Id"
+            },
+            "description": "Filter by team ID"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/WeeklyUsageListResponse"
+                }
+              }
+            }
+          },
+          "422": {
+            "description": "Validation Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/HTTPValidationError"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/api/v1/analytics/activation": {
+      "get": {
+        "tags": [
+          "analytics"
+        ],
+        "summary": "Get Activation Status",
+        "description": "Get activation status for the current tenant.\n\nActivation is defined as having both:\n- Created at least one issue\n- Completed at least one investigation\n\nWithin the first 7 days of account creation.",
+        "operationId": "get_activation_status_api_v1_analytics_activation_get",
+        "responses": {
+          "200": {
+            "description": "Successful Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ActivationStatusResponse"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "APIKeyHeader": []
+          },
+          {
+            "HTTPBearer": []
+          }
+        ]
+      }
+    },
+    "/api/v1/analytics/activation/funnel": {
+      "get": {
+        "tags": [
+          "analytics"
+        ],
+        "summary": "Get Activation Funnel",
+        "description": "Get activation funnel statistics.\n\nReturns aggregated funnel metrics showing:\n- Total tenants created in period\n- Tenants that created at least one issue\n- Tenants that completed at least one investigation\n- Tenants that achieved activation\n\nNote: This endpoint requires admin permissions in production.",
+        "operationId": "get_activation_funnel_api_v1_analytics_activation_funnel_get",
+        "security": [
+          {
+            "APIKeyHeader": []
+          },
+          {
+            "HTTPBearer": []
+          }
+        ],
+        "parameters": [
+          {
+            "name": "days",
+            "in": "query",
+            "required": false,
+            "schema": {
+              "type": "integer",
+              "maximum": 365,
+              "minimum": 1,
+              "description": "Look back period in days",
+              "default": 90,
+              "title": "Days"
+            },
+            "description": "Look back period in days"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/ActivationFunnelResponse"
+                }
+              }
+            }
+          },
+          "422": {
+            "description": "Validation Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/HTTPValidationError"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "/api/v1/analytics/refresh": {
+      "post": {
+        "tags": [
+          "analytics"
+        ],
+        "summary": "Refresh Weekly Stats",
+        "description": "Refresh the weekly usage statistics materialized view.\n\nThis is typically called by a scheduled job but can be triggered manually.",
+        "operationId": "refresh_weekly_stats_api_v1_analytics_refresh_post",
+        "responses": {
+          "204": {
+            "description": "Successful Response"
+          }
+        },
+        "security": [
+          {
+            "APIKeyHeader": []
+          },
+          {
+            "HTTPBearer": []
+          }
+        ]
+      }
+    },
     "/api/v1/lineage/providers": {
       "get": {
         "tags": [
@@ -7244,14 +7427,14 @@
         }
       }
     },
-    "/api/v1/teams/teams/": {
+    "/api/v1/teams/": {
       "get": {
         "tags": [
           "teams"
         ],
         "summary": "List Teams",
         "description": "List all teams in the organization.",
-        "operationId": "list_teams_api_v1_teams_teams__get",
+        "operationId": "list_teams_api_v1_teams__get",
         "responses": {
           "200": {
             "description": "Successful Response",
@@ -7279,7 +7462,7 @@
         ],
         "summary": "Create Team",
         "description": "Create a new team.\n\nRequires admin scope.",
-        "operationId": "create_team_api_v1_teams_teams__post",
+        "operationId": "create_team_api_v1_teams__post",
         "requestBody": {
           "content": {
             "application/json": {
@@ -7322,14 +7505,14 @@
         ]
       }
     },
-    "/api/v1/teams/teams/{team_id}": {
+    "/api/v1/teams/{team_id}": {
       "get": {
         "tags": [
           "teams"
         ],
         "summary": "Get Team",
         "description": "Get a team by ID.",
-        "operationId": "get_team_api_v1_teams_teams__team_id__get",
+        "operationId": "get_team_api_v1_teams__team_id__get",
         "security": [
           {
             "APIKeyHeader": []
@@ -7379,7 +7562,7 @@
         ],
         "summary": "Update Team",
         "description": "Update a team.\n\nRequires admin scope. Cannot update SCIM-managed teams.",
-        "operationId": "update_team_api_v1_teams_teams__team_id__put",
+        "operationId": "update_team_api_v1_teams__team_id__put",
         "security": [
           {
             "APIKeyHeader": []
@@ -7439,7 +7622,7 @@
         ],
         "summary": "Delete Team",
         "description": "Delete a team.\n\nRequires admin scope. Cannot delete SCIM-managed teams.",
-        "operationId": "delete_team_api_v1_teams_teams__team_id__delete",
+        "operationId": "delete_team_api_v1_teams__team_id__delete",
         "security": [
           {
             "APIKeyHeader": []
@@ -7477,14 +7660,14 @@
         }
       }
     },
-    "/api/v1/teams/teams/{team_id}/members": {
+    "/api/v1/teams/{team_id}/members": {
       "get": {
         "tags": [
           "teams"
         ],
         "summary": "Get Team Members",
         "description": "Get team members.",
-        "operationId": "get_team_members_api_v1_teams_teams__team_id__members_get",
+        "operationId": "get_team_members_api_v1_teams__team_id__members_get",
         "security": [
           {
             "APIKeyHeader": []
@@ -7516,7 +7699,7 @@
                     "type": "string",
                     "format": "uuid"
                   },
-                  "title": "Response Get Team Members Api V1 Teams Teams  Team Id  Members Get"
+                  "title": "Response Get Team Members Api V1 Teams  Team Id  Members Get"
                 }
               }
             }
@@ -7539,7 +7722,7 @@
         ],
         "summary": "Add Team Member",
         "description": "Add a member to a team.\n\nRequires admin scope.",
-        "operationId": "add_team_member_api_v1_teams_teams__team_id__members_post",
+        "operationId": "add_team_member_api_v1_teams__team_id__members_post",
         "security": [
           {
             "APIKeyHeader": []
@@ -7580,7 +7763,7 @@
                   "additionalProperties": {
                     "type": "string"
                   },
-                  "title": "Response Add Team Member Api V1 Teams Teams  Team Id  Members Post"
+                  "title": "Response Add Team Member Api V1 Teams  Team Id  Members Post"
                 }
               }
             }
@@ -7598,14 +7781,14 @@
         }
       }
     },
-    "/api/v1/teams/teams/{team_id}/members/{user_id}": {
+    "/api/v1/teams/{team_id}/members/{user_id}": {
       "delete": {
         "tags": [
           "teams"
         ],
         "summary": "Remove Team Member",
         "description": "Remove a member from a team.\n\nRequires admin scope.",
-        "operationId": "remove_team_member_api_v1_teams_teams__team_id__members__user_id__delete",
+        "operationId": "remove_team_member_api_v1_teams__team_id__members__user_id__delete",
         "security": [
           {
             "APIKeyHeader": []
@@ -7653,26 +7836,14 @@
         }
       }
     },
-    "/api/v1/teams/": {
+    "/api/v1/teams/{team_id}/policy": {
       "get": {
         "tags": [
           "teams"
         ],
-        "summary": "List Teams",
-        "description": "List all teams in the organization.",
-        "operationId": "list_teams_api_v1_teams__get",
-        "responses": {
-          "200": {
-            "description": "Successful Response",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/TeamListResponse"
-                }
-              }
-            }
-          }
-        },
+        "summary": "Get Team Policy",
+        "description": "Get the full policy configuration for a team.\n\nReturns the team policy, all overrides, and queue limits.",
+        "operationId": "get_team_policy_api_v1_teams__team_id__policy_get",
         "security": [
           {
             "APIKeyHeader": []
@@ -7680,32 +7851,26 @@
           {
             "HTTPBearer": []
           }
-        ]
-      },
-      "post": {
-        "tags": [
-          "teams"
         ],
-        "summary": "Create Team",
-        "description": "Create a new team.\n\nRequires admin scope.",
-        "operationId": "create_team_api_v1_teams__post",
-        "requestBody": {
-          "content": {
-            "application/json": {
-              "schema": {
-                "$ref": "#/components/schemas/TeamCreate"
-              }
+        "parameters": [
+          {
+            "name": "team_id",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string",
+              "format": "uuid",
+              "title": "Team Id"
             }
-          },
-          "required": true
-        },
+          }
+        ],
         "responses": {
-          "201": {
+          "200": {
             "description": "Successful Response",
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TeamResponse"
+                  "$ref": "#/components/schemas/TeamPolicyFullResponse"
                 }
               }
             }
@@ -7720,25 +7885,15 @@
               }
             }
           }
-        },
-        "security": [
-          {
-            "APIKeyHeader": []
-          },
-          {
-            "HTTPBearer": []
-          }
-        ]
-      }
-    },
-    "/api/v1/teams/{team_id}": {
-      "get": {
+        }
+      },
+      "put": {
         "tags": [
           "teams"
         ],
-        "summary": "Get Team",
-        "description": "Get a team by ID.",
-        "operationId": "get_team_api_v1_teams__team_id__get",
+        "summary": "Update Team Policy",
+        "description": "Update or create the team policy.\n\nRequires admin scope.",
+        "operationId": "update_team_policy_api_v1_teams__team_id__policy_put",
         "security": [
           {
             "APIKeyHeader": []
@@ -7759,13 +7914,23 @@
             }
           }
         ],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/TeamPolicyUpdate"
+              }
+            }
+          }
+        },
         "responses": {
           "200": {
             "description": "Successful Response",
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TeamResponse"
+                  "$ref": "#/components/schemas/TeamPolicyResponse"
                 }
               }
             }
@@ -7781,14 +7946,16 @@
             }
           }
         }
-      },
-      "put": {
+      }
+    },
+    "/api/v1/teams/{team_id}/policy/overrides": {
+      "post": {
         "tags": [
           "teams"
         ],
-        "summary": "Update Team",
-        "description": "Update a team.\n\nRequires admin scope. Cannot update SCIM-managed teams.",
-        "operationId": "update_team_api_v1_teams__team_id__put",
+        "summary": "Create Policy Override",
+        "description": "Create a policy override for a dataset or tag.\n\nRequires admin scope.",
+        "operationId": "create_policy_override_api_v1_teams__team_id__policy_overrides_post",
         "security": [
           {
             "APIKeyHeader": []
@@ -7814,7 +7981,7 @@
           "content": {
             "application/json": {
               "schema": {
-                "$ref": "#/components/schemas/TeamUpdate"
+                "$ref": "#/components/schemas/TeamPolicyOverrideCreate"
               }
             }
           }
@@ -7825,7 +7992,7 @@
             "content": {
               "application/json": {
                 "schema": {
-                  "$ref": "#/components/schemas/TeamResponse"
+                  "$ref": "#/components/schemas/TeamPolicyOverrideResponse"
                 }
               }
             }
@@ -7841,14 +8008,16 @@
             }
           }
         }
-      },
-      "delete": {
+      }
+    },
+    "/api/v1/teams/{team_id}/policy/overrides/{override_id}": {
+      "put": {
         "tags": [
           "teams"
         ],
-        "summary": "Delete Team",
-        "description": "Delete a team.\n\nRequires admin scope. Cannot delete SCIM-managed teams.",
-        "operationId": "delete_team_api_v1_teams__team_id__delete",
+        "summary": "Update Policy Override",
+        "description": "Update a policy override.\n\nRequires admin scope.",
+        "operationId": "update_policy_override_api_v1_teams__team_id__policy_overrides__override_id__put",
         "security": [
           {
             "APIKeyHeader": []
@@ -7867,65 +8036,35 @@
               "format": "uuid",
               "title": "Team Id"
             }
-          }
-        ],
-        "responses": {
-          "204": {
-            "description": "Successful Response"
-          },
-          "422": {
-            "description": "Validation Error",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/HTTPValidationError"
-                }
-              }
-            }
-          }
-        }
-      }
-    },
-    "/api/v1/teams/{team_id}/members": {
-      "get": {
-        "tags": [
-          "teams"
-        ],
-        "summary": "Get Team Members",
-        "description": "Get team members.",
-        "operationId": "get_team_members_api_v1_teams__team_id__members_get",
-        "security": [
-          {
-            "APIKeyHeader": []
           },
           {
-            "HTTPBearer": []
-          }
-        ],
-        "parameters": [
-          {
-            "name": "team_id",
+            "name": "override_id",
             "in": "path",
             "required": true,
             "schema": {
               "type": "string",
               "format": "uuid",
-              "title": "Team Id"
+              "title": "Override Id"
             }
           }
         ],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/TeamPolicyOverrideUpdate"
+              }
+            }
+          }
+        },
         "responses": {
           "200": {
             "description": "Successful Response",
             "content": {
               "application/json": {
                 "schema": {
-                  "type": "array",
-                  "items": {
-                    "type": "string",
-                    "format": "uuid"
-                  },
-                  "title": "Response Get Team Members Api V1 Teams  Team Id  Members Get"
+                  "$ref": "#/components/schemas/TeamPolicyOverrideResponse"
                 }
               }
             }
@@ -7942,13 +8081,13 @@
           }
         }
       },
-      "post": {
+      "delete": {
         "tags": [
           "teams"
         ],
-        "summary": "Add Team Member",
-        "description": "Add a member to a team.\n\nRequires admin scope.",
-        "operationId": "add_team_member_api_v1_teams__team_id__members_post",
+        "summary": "Delete Policy Override",
+        "description": "Delete a policy override.\n\nRequires admin scope.",
+        "operationId": "delete_policy_override_api_v1_teams__team_id__policy_overrides__override_id__delete",
         "security": [
           {
             "APIKeyHeader": []
@@ -7967,32 +8106,21 @@
               "format": "uuid",
               "title": "Team Id"
             }
-          }
-        ],
-        "requestBody": {
-          "required": true,
-          "content": {
-            "application/json": {
-              "schema": {
-                "$ref": "#/components/schemas/TeamMemberAdd"
-              }
+          },
+          {
+            "name": "override_id",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string",
+              "format": "uuid",
+              "title": "Override Id"
             }
           }
-        },
+        ],
         "responses": {
-          "201": {
-            "description": "Successful Response",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "type": "object",
-                  "additionalProperties": {
-                    "type": "string"
-                  },
-                  "title": "Response Add Team Member Api V1 Teams  Team Id  Members Post"
-                }
-              }
-            }
+          "204": {
+            "description": "Successful Response"
           },
           "422": {
             "description": "Validation Error",
@@ -8007,14 +8135,14 @@
         }
       }
     },
-    "/api/v1/teams/{team_id}/members/{user_id}": {
-      "delete": {
+    "/api/v1/teams/{team_id}/policy/queue-limits": {
+      "put": {
         "tags": [
           "teams"
         ],
-        "summary": "Remove Team Member",
-        "description": "Remove a member from a team.\n\nRequires admin scope.",
-        "operationId": "remove_team_member_api_v1_teams__team_id__members__user_id__delete",
+        "summary": "Update Queue Limits",
+        "description": "Update or create queue limits for a team.\n\nRequires admin scope.",
+        "operationId": "update_queue_limits_api_v1_teams__team_id__policy_queue_limits_put",
         "security": [
           {
             "APIKeyHeader": []
@@ -8033,21 +8161,28 @@
               "format": "uuid",
               "title": "Team Id"
             }
-          },
-          {
-            "name": "user_id",
-            "in": "path",
-            "required": true,
-            "schema": {
-              "type": "string",
-              "format": "uuid",
-              "title": "User Id"
-            }
           }
         ],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/TeamQueueLimitsUpdate"
+              }
+            }
+          }
+        },
         "responses": {
-          "204": {
-            "description": "Successful Response"
+          "200": {
+            "description": "Successful Response",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/TeamQueueLimitsResponse"
+                }
+              }
+            }
           },
           "422": {
             "description": "Validation Error",
@@ -8675,6 +8810,126 @@
   },
   "components": {
     "schemas": {
+      "ActivationFunnelResponse": {
+        "properties": {
+          "total_tenants": {
+            "type": "integer",
+            "title": "Total Tenants"
+          },
+          "tenants_with_issue": {
+            "type": "integer",
+            "title": "Tenants With Issue"
+          },
+          "tenants_with_investigation": {
+            "type": "integer",
+            "title": "Tenants With Investigation"
+          },
+          "tenants_activated": {
+            "type": "integer",
+            "title": "Tenants Activated"
+          },
+          "issue_rate": {
+            "type": "number",
+            "title": "Issue Rate"
+          },
+          "investigation_rate": {
+            "type": "number",
+            "title": "Investigation Rate"
+          },
+          "activation_rate": {
+            "type": "number",
+            "title": "Activation Rate"
+          }
+        },
+        "type": "object",
+        "required": [
+          "total_tenants",
+          "tenants_with_issue",
+          "tenants_with_investigation",
+          "tenants_activated",
+          "issue_rate",
+          "investigation_rate",
+          "activation_rate"
+        ],
+        "title": "ActivationFunnelResponse",
+        "description": "Activation funnel statistics response."
+      },
+      "ActivationStatusResponse": {
+        "properties": {
+          "tenant_id": {
+            "type": "string",
+            "title": "Tenant Id"
+          },
+          "created_at": {
+            "type": "string",
+            "format": "date-time",
+            "title": "Created At"
+          },
+          "first_issue_at": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "date-time"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "First Issue At"
+          },
+          "first_investigation_at": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "date-time"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "First Investigation At"
+          },
+          "activated_at": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "date-time"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Activated At"
+          },
+          "is_activated": {
+            "type": "boolean",
+            "title": "Is Activated"
+          },
+          "days_to_activation": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Days To Activation"
+          }
+        },
+        "type": "object",
+        "required": [
+          "tenant_id",
+          "created_at",
+          "first_issue_at",
+          "first_investigation_at",
+          "activated_at",
+          "is_activated",
+          "days_to_activation"
+        ],
+        "title": "ActivationStatusResponse",
+        "description": "Activation status response."
+      },
       "AmbiguousAssetCandidate": {
         "properties": {
           "datasource_id": {
@@ -9102,11 +9357,13 @@
         "properties": {
           "platform": {
             "type": "string",
-            "title": "Platform"
+            "title": "Platform",
+            "description": "Data platform (postgres, snowflake, dbt)"
           },
           "name": {
             "type": "string",
-            "title": "Name"
+            "title": "Name",
+            "description": "Fully qualified name (db.schema.table)"
           },
           "datasource_id": {
             "anyOf": [
@@ -9117,7 +9374,8 @@
                 "type": "null"
               }
             ],
-            "title": "Datasource Id"
+            "title": "Datasource Id",
+            "description": "Optional datasource ID for disambiguation"
           }
         },
         "type": "object",
@@ -9437,7 +9695,7 @@
         "properties": {
           "assets": {
             "items": {
-              "$ref": "#/components/schemas/dataing__entrypoints__api__routes__bundles__AssetRefRequest"
+              "$ref": "#/components/schemas/AssetRefRequest"
             },
             "type": "array",
             "minItems": 1,
@@ -10593,7 +10851,7 @@
         "properties": {
           "assets": {
             "items": {
-              "$ref": "#/components/schemas/AssetRefRequest"
+              "$ref": "#/components/schemas/dataing__entrypoints__api__routes__runs__AssetRefRequest"
             },
             "type": "array",
             "title": "Assets"
@@ -13814,60 +14072,490 @@
         "title": "TeamMemberAdd",
         "description": "Add member request."
       },
-      "TeamResponse": {
+      "TeamPolicyFullResponse": {
         "properties": {
-          "id": {
-            "type": "string",
-            "format": "uuid",
-            "title": "Id"
-          },
-          "name": {
-            "type": "string",
-            "title": "Name"
-          },
-          "external_id": {
+          "policy": {
             "anyOf": [
               {
-                "type": "string"
+                "$ref": "#/components/schemas/TeamPolicyResponse"
               },
               {
                 "type": "null"
               }
-            ],
-            "title": "External Id"
+            ]
           },
-          "is_scim_managed": {
-            "type": "boolean",
-            "title": "Is Scim Managed"
+          "overrides": {
+            "items": {
+              "$ref": "#/components/schemas/TeamPolicyOverrideResponse"
+            },
+            "type": "array",
+            "title": "Overrides"
           },
-          "member_count": {
+          "queue_limits": {
             "anyOf": [
               {
-                "type": "integer"
+                "$ref": "#/components/schemas/TeamQueueLimitsResponse"
               },
               {
                 "type": "null"
               }
-            ],
-            "title": "Member Count"
+            ]
           }
         },
         "type": "object",
-        "required": [
-          "id",
-          "name",
-          "external_id",
-          "is_scim_managed"
-        ],
-        "title": "TeamResponse",
-        "description": "Team response."
+        "title": "TeamPolicyFullResponse",
+        "description": "Full team policy response including overrides and queue limits."
       },
-      "TeamUpdate": {
+      "TeamPolicyOverrideCreate": {
         "properties": {
-          "name": {
-            "type": "string",
-            "title": "Name"
-          }
+          "dataset_id": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Dataset Id"
+          },
+          "tag_id": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "uuid"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Tag Id"
+          },
+          "default_action": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Default Action"
+          },
+          "auto_investigate_min_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Auto Investigate Min Severity"
+          },
+          "review_required_max_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Review Required Max Severity"
+          }
+        },
+        "type": "object",
+        "title": "TeamPolicyOverrideCreate",
+        "description": "Create a policy override."
+      },
+      "TeamPolicyOverrideResponse": {
+        "properties": {
+          "id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Id"
+          },
+          "team_id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Team Id"
+          },
+          "dataset_id": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Dataset Id"
+          },
+          "tag_id": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "uuid"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Tag Id"
+          },
+          "default_action": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Default Action"
+          },
+          "auto_investigate_min_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Auto Investigate Min Severity"
+          },
+          "review_required_max_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Review Required Max Severity"
+          },
+          "is_active": {
+            "type": "boolean",
+            "title": "Is Active",
+            "default": true
+          }
+        },
+        "type": "object",
+        "required": [
+          "id",
+          "team_id"
+        ],
+        "title": "TeamPolicyOverrideResponse",
+        "description": "Team policy override response."
+      },
+      "TeamPolicyOverrideUpdate": {
+        "properties": {
+          "default_action": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Default Action"
+          },
+          "auto_investigate_min_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Auto Investigate Min Severity"
+          },
+          "review_required_max_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Review Required Max Severity"
+          }
+        },
+        "type": "object",
+        "title": "TeamPolicyOverrideUpdate",
+        "description": "Update a policy override."
+      },
+      "TeamPolicyResponse": {
+        "properties": {
+          "id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Id"
+          },
+          "team_id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Team Id"
+          },
+          "sources": {
+            "items": {
+              "type": "string"
+            },
+            "type": "array",
+            "title": "Sources"
+          },
+          "default_action": {
+            "type": "string",
+            "title": "Default Action"
+          },
+          "auto_investigate_min_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Auto Investigate Min Severity"
+          },
+          "review_required_max_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Review Required Max Severity"
+          },
+          "is_active": {
+            "type": "boolean",
+            "title": "Is Active",
+            "default": true
+          }
+        },
+        "type": "object",
+        "required": [
+          "id",
+          "team_id",
+          "default_action"
+        ],
+        "title": "TeamPolicyResponse",
+        "description": "Team policy response."
+      },
+      "TeamPolicyUpdate": {
+        "properties": {
+          "sources": {
+            "anyOf": [
+              {
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Sources"
+          },
+          "default_action": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Default Action"
+          },
+          "auto_investigate_min_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Auto Investigate Min Severity"
+          },
+          "review_required_max_severity": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Review Required Max Severity"
+          }
+        },
+        "type": "object",
+        "title": "TeamPolicyUpdate",
+        "description": "Team policy update request."
+      },
+      "TeamQueueLimitsResponse": {
+        "properties": {
+          "id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Id"
+          },
+          "team_id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Team Id"
+          },
+          "rate_limit_per_minute": {
+            "type": "integer",
+            "title": "Rate Limit Per Minute",
+            "default": 60
+          },
+          "burst_size": {
+            "type": "integer",
+            "title": "Burst Size",
+            "default": 10
+          },
+          "max_concurrent": {
+            "type": "integer",
+            "title": "Max Concurrent",
+            "default": 5
+          },
+          "batch_size": {
+            "type": "integer",
+            "title": "Batch Size",
+            "default": 5
+          },
+          "is_active": {
+            "type": "boolean",
+            "title": "Is Active",
+            "default": true
+          }
+        },
+        "type": "object",
+        "required": [
+          "id",
+          "team_id"
+        ],
+        "title": "TeamQueueLimitsResponse",
+        "description": "Team queue limits response."
+      },
+      "TeamQueueLimitsUpdate": {
+        "properties": {
+          "rate_limit_per_minute": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Rate Limit Per Minute"
+          },
+          "burst_size": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Burst Size"
+          },
+          "max_concurrent": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Max Concurrent"
+          },
+          "batch_size": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Batch Size"
+          }
+        },
+        "type": "object",
+        "title": "TeamQueueLimitsUpdate",
+        "description": "Team queue limits update request."
+      },
+      "TeamResponse": {
+        "properties": {
+          "id": {
+            "type": "string",
+            "format": "uuid",
+            "title": "Id"
+          },
+          "name": {
+            "type": "string",
+            "title": "Name"
+          },
+          "external_id": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "External Id"
+          },
+          "is_scim_managed": {
+            "type": "boolean",
+            "title": "Is Scim Managed"
+          },
+          "member_count": {
+            "anyOf": [
+              {
+                "type": "integer"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Member Count"
+          }
+        },
+        "type": "object",
+        "required": [
+          "id",
+          "name",
+          "external_id",
+          "is_scim_managed"
+        ],
+        "title": "TeamResponse",
+        "description": "Team response."
+      },
+      "TeamUpdate": {
+        "properties": {
+          "name": {
+            "type": "string",
+            "title": "Name"
+          }
         },
         "type": "object",
         "required": [
@@ -14009,40 +14697,35 @@
             "type": "boolean",
             "title": "Success"
           },
-          "message": {
-            "type": "string",
-            "title": "Message"
-          },
-          "latency_ms": {
+          "error": {
             "anyOf": [
               {
-                "type": "integer"
+                "type": "string"
               },
               {
                 "type": "null"
               }
             ],
-            "title": "Latency Ms"
+            "title": "Error"
           },
-          "server_version": {
+          "tables_accessible": {
             "anyOf": [
               {
-                "type": "string"
+                "type": "integer"
               },
               {
                 "type": "null"
               }
             ],
-            "title": "Server Version"
+            "title": "Tables Accessible"
           }
         },
         "type": "object",
         "required": [
-          "success",
-          "message"
+          "success"
         ],
         "title": "TestConnectionResponse",
-        "description": "Response for testing a connection."
+        "description": "Response for testing credentials."
       },
       "TokenResponse": {
         "properties": {
@@ -14462,6 +15145,29 @@
           "created": {
             "type": "boolean",
             "title": "Created"
+          },
+          "policy_action": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Policy Action"
+          },
+          "investigation_id": {
+            "anyOf": [
+              {
+                "type": "string",
+                "format": "uuid"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Investigation Id"
           }
         },
         "type": "object",
@@ -14474,74 +15180,108 @@
         "title": "WebhookIssueResponse",
         "description": "Response from webhook issue creation."
       },
-      "dataing__entrypoints__api__routes__bundles__AssetRefRequest": {
+      "WeeklyUsageListResponse": {
         "properties": {
-          "platform": {
+          "weeks": {
+            "items": {
+              "$ref": "#/components/schemas/WeeklyUsageResponse"
+            },
+            "type": "array",
+            "title": "Weeks"
+          }
+        },
+        "type": "object",
+        "required": [
+          "weeks"
+        ],
+        "title": "WeeklyUsageListResponse",
+        "description": "List of weekly usage statistics."
+      },
+      "WeeklyUsageResponse": {
+        "properties": {
+          "week_start": {
             "type": "string",
-            "title": "Platform",
-            "description": "Data platform (postgres, snowflake, dbt)"
+            "format": "date-time",
+            "title": "Week Start"
           },
-          "name": {
-            "type": "string",
-            "title": "Name",
-            "description": "Fully qualified name (db.schema.table)"
+          "issues_created": {
+            "type": "integer",
+            "title": "Issues Created"
           },
-          "datasource_id": {
-            "anyOf": [
-              {
-                "type": "string"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "title": "Datasource Id",
-            "description": "Optional datasource ID for disambiguation"
+          "investigations_started": {
+            "type": "integer",
+            "title": "Investigations Started"
+          },
+          "investigations_completed": {
+            "type": "integer",
+            "title": "Investigations Completed"
+          },
+          "issues_resolved": {
+            "type": "integer",
+            "title": "Issues Resolved"
+          },
+          "active_teams": {
+            "type": "integer",
+            "title": "Active Teams"
+          },
+          "resolution_rate": {
+            "type": "number",
+            "title": "Resolution Rate"
           }
         },
         "type": "object",
         "required": [
-          "platform",
-          "name"
+          "week_start",
+          "issues_created",
+          "investigations_started",
+          "investigations_completed",
+          "issues_resolved",
+          "active_teams",
+          "resolution_rate"
         ],
-        "title": "AssetRefRequest",
-        "description": "Asset reference in request."
+        "title": "WeeklyUsageResponse",
+        "description": "Weekly usage statistics response."
       },
-      "dataing__entrypoints__api__routes__credentials__TestConnectionResponse": {
+      "dataing__entrypoints__api__routes__datasources__TestConnectionResponse": {
         "properties": {
           "success": {
             "type": "boolean",
             "title": "Success"
           },
-          "error": {
+          "message": {
+            "type": "string",
+            "title": "Message"
+          },
+          "latency_ms": {
             "anyOf": [
               {
-                "type": "string"
+                "type": "integer"
               },
               {
                 "type": "null"
               }
             ],
-            "title": "Error"
+            "title": "Latency Ms"
           },
-          "tables_accessible": {
+          "server_version": {
             "anyOf": [
               {
-                "type": "integer"
+                "type": "string"
               },
               {
                 "type": "null"
               }
             ],
-            "title": "Tables Accessible"
+            "title": "Server Version"
           }
         },
         "type": "object",
         "required": [
-          "success"
+          "success",
+          "message"
         ],
         "title": "TestConnectionResponse",
-        "description": "Response for testing credentials."
+        "description": "Response for testing a connection."
       },
       "dataing__entrypoints__api__routes__lineage__LineageGraphResponse": {
         "properties": {
@@ -14580,6 +15320,36 @@
         ],
         "title": "LineageGraphResponse",
         "description": "Response for a lineage graph."
+      },
+      "dataing__entrypoints__api__routes__runs__AssetRefRequest": {
+        "properties": {
+          "platform": {
+            "type": "string",
+            "title": "Platform"
+          },
+          "name": {
+            "type": "string",
+            "title": "Name"
+          },
+          "datasource_id": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "title": "Datasource Id"
+          }
+        },
+        "type": "object",
+        "required": [
+          "platform",
+          "name"
+        ],
+        "title": "AssetRefRequest",
+        "description": "Asset reference in request."
       }
     },
     "securitySchemes": {
diff --git a/python-packages/dataing/pyproject.toml b/python-packages/dataing/pyproject.toml
index 10f1a34cd..87b30225f 100644
--- a/python-packages/dataing/pyproject.toml
+++ b/python-packages/dataing/pyproject.toml
@@ -31,6 +31,7 @@ dependencies = [
     "faker>=40.1.0",
     "bcrypt>=5.0.0",
     "pyjwt>=2.10.1",
+    "redis>=5.0.0",
 ]
 
 [project.optional-dependencies]
diff --git a/python-packages/dataing/src/dataing/adapters/db/__init__.py b/python-packages/dataing/src/dataing/adapters/db/__init__.py
index f2a620a8d..8372a75ea 100644
--- a/python-packages/dataing/src/dataing/adapters/db/__init__.py
+++ b/python-packages/dataing/src/dataing/adapters/db/__init__.py
@@ -11,6 +11,13 @@
 from .app_db import AppDatabase
 from .mock import MockDatabaseAdapter
 from .sdk_repository import BundleRepository, EvidenceRepository, RunRepository
+from .team_policy_repository import (
+    PolicyAction,
+    TeamPolicy,
+    TeamPolicyOverride,
+    TeamPolicyRepository,
+    TeamQueueLimits,
+)
 
 __all__ = [
     "AppDatabase",
@@ -18,4 +25,9 @@
     "BundleRepository",
     "RunRepository",
     "EvidenceRepository",
+    "PolicyAction",
+    "TeamPolicy",
+    "TeamPolicyOverride",
+    "TeamPolicyRepository",
+    "TeamQueueLimits",
 ]
diff --git a/python-packages/dataing/src/dataing/adapters/db/team_policy_repository.py b/python-packages/dataing/src/dataing/adapters/db/team_policy_repository.py
new file mode 100644
index 000000000..748ee1899
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/db/team_policy_repository.py
@@ -0,0 +1,598 @@
+"""PostgreSQL repository for team policies and overrides.
+
+This adapter persists team policy configuration to PostgreSQL using the
+schema defined in migrations/028_team_policies.sql.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from datetime import datetime
+from enum import Enum
+from typing import TYPE_CHECKING, Any
+from uuid import UUID
+
+if TYPE_CHECKING:
+    from dataing.adapters.db.app_db import AppDatabase
+
+
+class PolicyAction(str, Enum):
+    """Actions a policy can trigger."""
+
+    AUTO = "auto"
+    REVIEW = "review"
+    ISSUE_ONLY = "issue_only"
+
+
+@dataclass
+class TeamPolicy:
+    """Team default policy configuration."""
+
+    id: UUID
+    org_id: UUID
+    team_id: UUID
+    sources: list[str]
+    default_action: PolicyAction
+    auto_investigate_min_severity: str | None
+    review_required_max_severity: str | None
+    is_active: bool
+    created_at: datetime
+    updated_at: datetime
+
+
+@dataclass
+class TeamPolicyOverride:
+    """Dataset or tag-specific policy override."""
+
+    id: UUID
+    org_id: UUID
+    team_id: UUID
+    dataset_id: str | None
+    tag_id: UUID | None
+    default_action: PolicyAction | None
+    auto_investigate_min_severity: str | None
+    review_required_max_severity: str | None
+    is_active: bool
+    created_at: datetime
+    updated_at: datetime
+
+
+@dataclass
+class TeamQueueLimits:
+    """Per-team queue rate limits and concurrency settings."""
+
+    id: UUID
+    org_id: UUID
+    team_id: UUID
+    rate_limit_per_minute: int
+    burst_size: int
+    max_concurrent: int
+    batch_size: int
+    is_active: bool
+    created_at: datetime
+    updated_at: datetime
+
+
+class TeamPolicyRepository:
+    """PostgreSQL implementation for team policy operations."""
+
+    def __init__(self, db: AppDatabase) -> None:
+        """Initialize the repository."""
+        self.db = db
+
+    # =========================================================================
+    # Team Policy Operations
+    # =========================================================================
+
+    async def create_policy(
+        self,
+        org_id: UUID,
+        team_id: UUID,
+        sources: list[str] | None = None,
+        default_action: PolicyAction = PolicyAction.ISSUE_ONLY,
+        auto_investigate_min_severity: str | None = None,
+        review_required_max_severity: str | None = None,
+    ) -> TeamPolicy:
+        """Create a team policy."""
+        result = await self.db.execute_returning(
+            """
+            INSERT INTO team_policies
+                (org_id, team_id, sources, default_action,
+                 auto_investigate_min_severity, review_required_max_severity)
+            VALUES ($1, $2, $3, $4, $5, $6)
+            RETURNING id, org_id, team_id, sources, default_action,
+                      auto_investigate_min_severity, review_required_max_severity,
+                      is_active, created_at, updated_at
+            """,
+            org_id,
+            team_id,
+            sources or [],
+            default_action.value,
+            auto_investigate_min_severity,
+            review_required_max_severity,
+        )
+        if result is None:
+            raise RuntimeError("Failed to create team policy")
+        return self._row_to_policy(result)
+
+    async def get_policy(self, policy_id: UUID) -> TeamPolicy | None:
+        """Get a team policy by ID."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, sources, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policies
+            WHERE id = $1
+            """,
+            policy_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_policy(result)
+
+    async def get_policy_by_team(self, team_id: UUID) -> TeamPolicy | None:
+        """Get the policy for a team."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, sources, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policies
+            WHERE team_id = $1 AND is_active = true
+            """,
+            team_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_policy(result)
+
+    async def list_policies(self, org_id: UUID) -> list[TeamPolicy]:
+        """List all policies for an organization."""
+        results = await self.db.fetch_all(
+            """
+            SELECT id, org_id, team_id, sources, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policies
+            WHERE org_id = $1
+            ORDER BY created_at DESC
+            """,
+            org_id,
+        )
+        return [self._row_to_policy(row) for row in results]
+
+    async def update_policy(
+        self,
+        policy_id: UUID,
+        sources: list[str] | None = None,
+        default_action: PolicyAction | None = None,
+        auto_investigate_min_severity: str | None = None,
+        review_required_max_severity: str | None = None,
+        is_active: bool | None = None,
+    ) -> TeamPolicy | None:
+        """Update a team policy."""
+        updates: list[str] = []
+        args: list[Any] = [policy_id]
+        idx = 2
+
+        if sources is not None:
+            updates.append(f"sources = ${idx}")
+            args.append(sources)
+            idx += 1
+
+        if default_action is not None:
+            updates.append(f"default_action = ${idx}")
+            args.append(default_action.value)
+            idx += 1
+
+        if auto_investigate_min_severity is not None:
+            updates.append(f"auto_investigate_min_severity = ${idx}")
+            args.append(auto_investigate_min_severity)
+            idx += 1
+
+        if review_required_max_severity is not None:
+            updates.append(f"review_required_max_severity = ${idx}")
+            args.append(review_required_max_severity)
+            idx += 1
+
+        if is_active is not None:
+            updates.append(f"is_active = ${idx}")
+            args.append(is_active)
+            idx += 1
+
+        if not updates:
+            return await self.get_policy(policy_id)
+
+        query = f"""
+            UPDATE team_policies
+            SET {", ".join(updates)}, updated_at = NOW()
+            WHERE id = $1
+            RETURNING id, org_id, team_id, sources, default_action,
+                      auto_investigate_min_severity, review_required_max_severity,
+                      is_active, created_at, updated_at
+        """
+        result = await self.db.execute_returning(query, *args)
+        if result is None:
+            return None
+        return self._row_to_policy(result)
+
+    async def delete_policy(self, policy_id: UUID) -> bool:
+        """Delete a team policy."""
+        result = await self.db.execute(
+            "DELETE FROM team_policies WHERE id = $1",
+            policy_id,
+        )
+        return "DELETE 1" in result
+
+    # =========================================================================
+    # Policy Override Operations
+    # =========================================================================
+
+    async def create_override(
+        self,
+        org_id: UUID,
+        team_id: UUID,
+        dataset_id: str | None = None,
+        tag_id: UUID | None = None,
+        default_action: PolicyAction | None = None,
+        auto_investigate_min_severity: str | None = None,
+        review_required_max_severity: str | None = None,
+    ) -> TeamPolicyOverride:
+        """Create a policy override for a dataset or tag."""
+        if (dataset_id is None) == (tag_id is None):
+            raise ValueError("Exactly one of dataset_id or tag_id must be set")
+
+        result = await self.db.execute_returning(
+            """
+            INSERT INTO team_policy_overrides
+                (org_id, team_id, dataset_id, tag_id, default_action,
+                 auto_investigate_min_severity, review_required_max_severity)
+            VALUES ($1, $2, $3, $4, $5, $6, $7)
+            RETURNING id, org_id, team_id, dataset_id, tag_id, default_action,
+                      auto_investigate_min_severity, review_required_max_severity,
+                      is_active, created_at, updated_at
+            """,
+            org_id,
+            team_id,
+            dataset_id,
+            tag_id,
+            default_action.value if default_action else None,
+            auto_investigate_min_severity,
+            review_required_max_severity,
+        )
+        if result is None:
+            raise RuntimeError("Failed to create policy override")
+        return self._row_to_override(result)
+
+    async def get_override(self, override_id: UUID) -> TeamPolicyOverride | None:
+        """Get a policy override by ID."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, dataset_id, tag_id, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policy_overrides
+            WHERE id = $1
+            """,
+            override_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_override(result)
+
+    async def get_overrides_for_team(self, team_id: UUID) -> list[TeamPolicyOverride]:
+        """Get all policy overrides for a team."""
+        results = await self.db.fetch_all(
+            """
+            SELECT id, org_id, team_id, dataset_id, tag_id, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policy_overrides
+            WHERE team_id = $1 AND is_active = true
+            ORDER BY created_at DESC
+            """,
+            team_id,
+        )
+        return [self._row_to_override(row) for row in results]
+
+    async def get_override_for_dataset(
+        self, team_id: UUID, dataset_id: str
+    ) -> TeamPolicyOverride | None:
+        """Get the override for a specific dataset."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, dataset_id, tag_id, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policy_overrides
+            WHERE team_id = $1 AND dataset_id = $2 AND is_active = true
+            """,
+            team_id,
+            dataset_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_override(result)
+
+    async def get_overrides_for_tag(self, team_id: UUID, tag_id: UUID) -> TeamPolicyOverride | None:
+        """Get the override for a specific tag."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, dataset_id, tag_id, default_action,
+                   auto_investigate_min_severity, review_required_max_severity,
+                   is_active, created_at, updated_at
+            FROM team_policy_overrides
+            WHERE team_id = $1 AND tag_id = $2 AND is_active = true
+            """,
+            team_id,
+            tag_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_override(result)
+
+    async def update_override(
+        self,
+        override_id: UUID,
+        default_action: PolicyAction | None = None,
+        auto_investigate_min_severity: str | None = None,
+        review_required_max_severity: str | None = None,
+        is_active: bool | None = None,
+    ) -> TeamPolicyOverride | None:
+        """Update a policy override."""
+        updates: list[str] = []
+        args: list[Any] = [override_id]
+        idx = 2
+
+        if default_action is not None:
+            updates.append(f"default_action = ${idx}")
+            args.append(default_action.value)
+            idx += 1
+
+        if auto_investigate_min_severity is not None:
+            updates.append(f"auto_investigate_min_severity = ${idx}")
+            args.append(auto_investigate_min_severity)
+            idx += 1
+
+        if review_required_max_severity is not None:
+            updates.append(f"review_required_max_severity = ${idx}")
+            args.append(review_required_max_severity)
+            idx += 1
+
+        if is_active is not None:
+            updates.append(f"is_active = ${idx}")
+            args.append(is_active)
+            idx += 1
+
+        if not updates:
+            return await self.get_override(override_id)
+
+        query = f"""
+            UPDATE team_policy_overrides
+            SET {", ".join(updates)}, updated_at = NOW()
+            WHERE id = $1
+            RETURNING id, org_id, team_id, dataset_id, tag_id, default_action,
+                      auto_investigate_min_severity, review_required_max_severity,
+                      is_active, created_at, updated_at
+        """
+        result = await self.db.execute_returning(query, *args)
+        if result is None:
+            return None
+        return self._row_to_override(result)
+
+    async def delete_override(self, override_id: UUID) -> bool:
+        """Delete a policy override."""
+        result = await self.db.execute(
+            "DELETE FROM team_policy_overrides WHERE id = $1",
+            override_id,
+        )
+        return "DELETE 1" in result
+
+    # =========================================================================
+    # Queue Limits Operations
+    # =========================================================================
+
+    async def create_queue_limits(
+        self,
+        org_id: UUID,
+        team_id: UUID,
+        rate_limit_per_minute: int = 60,
+        burst_size: int = 10,
+        max_concurrent: int = 5,
+        batch_size: int = 5,
+    ) -> TeamQueueLimits:
+        """Create queue limits for a team."""
+        result = await self.db.execute_returning(
+            """
+            INSERT INTO team_queue_limits
+                (org_id, team_id, rate_limit_per_minute, burst_size,
+                 max_concurrent, batch_size)
+            VALUES ($1, $2, $3, $4, $5, $6)
+            RETURNING id, org_id, team_id, rate_limit_per_minute, burst_size,
+                      max_concurrent, batch_size, is_active, created_at, updated_at
+            """,
+            org_id,
+            team_id,
+            rate_limit_per_minute,
+            burst_size,
+            max_concurrent,
+            batch_size,
+        )
+        if result is None:
+            raise RuntimeError("Failed to create queue limits")
+        return self._row_to_queue_limits(result)
+
+    async def get_queue_limits(self, team_id: UUID) -> TeamQueueLimits | None:
+        """Get queue limits for a team."""
+        result = await self.db.fetch_one(
+            """
+            SELECT id, org_id, team_id, rate_limit_per_minute, burst_size,
+                   max_concurrent, batch_size, is_active, created_at, updated_at
+            FROM team_queue_limits
+            WHERE team_id = $1 AND is_active = true
+            """,
+            team_id,
+        )
+        if result is None:
+            return None
+        return self._row_to_queue_limits(result)
+
+    async def update_queue_limits(
+        self,
+        team_id: UUID,
+        rate_limit_per_minute: int | None = None,
+        burst_size: int | None = None,
+        max_concurrent: int | None = None,
+        batch_size: int | None = None,
+    ) -> TeamQueueLimits | None:
+        """Update queue limits for a team."""
+        updates: list[str] = []
+        args: list[Any] = [team_id]
+        idx = 2
+
+        if rate_limit_per_minute is not None:
+            updates.append(f"rate_limit_per_minute = ${idx}")
+            args.append(rate_limit_per_minute)
+            idx += 1
+
+        if burst_size is not None:
+            updates.append(f"burst_size = ${idx}")
+            args.append(burst_size)
+            idx += 1
+
+        if max_concurrent is not None:
+            updates.append(f"max_concurrent = ${idx}")
+            args.append(max_concurrent)
+            idx += 1
+
+        if batch_size is not None:
+            updates.append(f"batch_size = ${idx}")
+            args.append(batch_size)
+            idx += 1
+
+        if not updates:
+            return await self.get_queue_limits(team_id)
+
+        query = f"""
+            UPDATE team_queue_limits
+            SET {", ".join(updates)}, updated_at = NOW()
+            WHERE team_id = $1 AND is_active = true
+            RETURNING id, org_id, team_id, rate_limit_per_minute, burst_size,
+                      max_concurrent, batch_size, is_active, created_at, updated_at
+        """
+        result = await self.db.execute_returning(query, *args)
+        if result is None:
+            return None
+        return self._row_to_queue_limits(result)
+
+    # =========================================================================
+    # Team Lookup Operations
+    # =========================================================================
+
+    async def get_default_team_for_tenant(self, org_id: UUID) -> UUID | None:
+        """Get the default team for a tenant.
+
+        Returns the first team found for the organization, or None if no teams exist.
+        """
+        result = await self.db.fetch_one(
+            """
+            SELECT id FROM teams
+            WHERE org_id = $1
+            ORDER BY created_at ASC
+            LIMIT 1
+            """,
+            org_id,
+        )
+        return result["id"] if result else None
+
+    # =========================================================================
+    # Dataset Tags Operations
+    # =========================================================================
+
+    async def add_dataset_tag(self, dataset_id: UUID, tag_id: UUID) -> None:
+        """Add a tag to a dataset."""
+        await self.db.execute(
+            """
+            INSERT INTO dataset_tags (dataset_id, tag_id)
+            VALUES ($1, $2)
+            ON CONFLICT (dataset_id, tag_id) DO NOTHING
+            """,
+            dataset_id,
+            tag_id,
+        )
+
+    async def remove_dataset_tag(self, dataset_id: UUID, tag_id: UUID) -> bool:
+        """Remove a tag from a dataset."""
+        result = await self.db.execute(
+            "DELETE FROM dataset_tags WHERE dataset_id = $1 AND tag_id = $2",
+            dataset_id,
+            tag_id,
+        )
+        return "DELETE 1" in result
+
+    async def get_dataset_tags(self, dataset_id: UUID) -> list[UUID]:
+        """Get all tags for a dataset."""
+        results = await self.db.fetch_all(
+            "SELECT tag_id FROM dataset_tags WHERE dataset_id = $1",
+            dataset_id,
+        )
+        return [row["tag_id"] for row in results]
+
+    async def get_datasets_by_tag(self, tag_id: UUID) -> list[UUID]:
+        """Get all datasets with a specific tag."""
+        results = await self.db.fetch_all(
+            "SELECT dataset_id FROM dataset_tags WHERE tag_id = $1",
+            tag_id,
+        )
+        return [row["dataset_id"] for row in results]
+
+    # =========================================================================
+    # Private Helper Methods
+    # =========================================================================
+
+    def _row_to_policy(self, row: dict[str, Any]) -> TeamPolicy:
+        """Convert a database row to a TeamPolicy."""
+        return TeamPolicy(
+            id=row["id"],
+            org_id=row["org_id"],
+            team_id=row["team_id"],
+            sources=row["sources"] or [],
+            default_action=PolicyAction(row["default_action"]),
+            auto_investigate_min_severity=row["auto_investigate_min_severity"],
+            review_required_max_severity=row["review_required_max_severity"],
+            is_active=row["is_active"],
+            created_at=row["created_at"],
+            updated_at=row["updated_at"],
+        )
+
+    def _row_to_override(self, row: dict[str, Any]) -> TeamPolicyOverride:
+        """Convert a database row to a TeamPolicyOverride."""
+        return TeamPolicyOverride(
+            id=row["id"],
+            org_id=row["org_id"],
+            team_id=row["team_id"],
+            dataset_id=row["dataset_id"],
+            tag_id=row["tag_id"],
+            default_action=PolicyAction(row["default_action"]) if row["default_action"] else None,
+            auto_investigate_min_severity=row["auto_investigate_min_severity"],
+            review_required_max_severity=row["review_required_max_severity"],
+            is_active=row["is_active"],
+            created_at=row["created_at"],
+            updated_at=row["updated_at"],
+        )
+
+    def _row_to_queue_limits(self, row: dict[str, Any]) -> TeamQueueLimits:
+        """Convert a database row to TeamQueueLimits."""
+        return TeamQueueLimits(
+            id=row["id"],
+            org_id=row["org_id"],
+            team_id=row["team_id"],
+            rate_limit_per_minute=row["rate_limit_per_minute"],
+            burst_size=row["burst_size"],
+            max_concurrent=row["max_concurrent"],
+            batch_size=row["batch_size"],
+            is_active=row["is_active"],
+            created_at=row["created_at"],
+            updated_at=row["updated_at"],
+        )
diff --git a/python-packages/dataing/src/dataing/adapters/queue/__init__.py b/python-packages/dataing/src/dataing/adapters/queue/__init__.py
new file mode 100644
index 000000000..cc23cffc9
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/queue/__init__.py
@@ -0,0 +1,29 @@
+"""Queue adapters for investigation job processing."""
+
+from dataing.adapters.queue.investigation_queue import (
+    InvestigationJob,
+    InvestigationQueue,
+    InvestigationQueueConfig,
+    JobStatus,
+)
+from dataing.adapters.queue.investigation_worker import (
+    InvestigationWorker,
+    WorkerConfig,
+    create_worker,
+)
+from dataing.adapters.queue.redis_rate_limiter import (
+    RateLimitResult,
+    RedisRateLimiter,
+)
+
+__all__ = [
+    "InvestigationJob",
+    "InvestigationQueue",
+    "InvestigationQueueConfig",
+    "InvestigationWorker",
+    "JobStatus",
+    "RateLimitResult",
+    "RedisRateLimiter",
+    "WorkerConfig",
+    "create_worker",
+]
diff --git a/python-packages/dataing/src/dataing/adapters/queue/investigation_queue.py b/python-packages/dataing/src/dataing/adapters/queue/investigation_queue.py
new file mode 100644
index 000000000..2eecd10a5
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/queue/investigation_queue.py
@@ -0,0 +1,355 @@
+"""Redis-backed investigation queue with per-team routing.
+
+This module provides a queue for investigation jobs with:
+- Per-team job queuing
+- Priority support
+- Retry handling with exponential backoff
+- Job status tracking
+"""
+
+from __future__ import annotations
+
+import json
+import time
+from dataclasses import dataclass, field
+from datetime import UTC, datetime
+from enum import Enum
+from typing import Any
+from uuid import UUID
+
+import structlog
+from redis.asyncio import Redis
+
+logger = structlog.get_logger()
+
+
+class JobStatus(str, Enum):
+    """Status of an investigation job."""
+
+    PENDING = "pending"
+    PROCESSING = "processing"
+    COMPLETED = "completed"
+    FAILED = "failed"
+    RETRYING = "retrying"
+
+
+@dataclass
+class InvestigationJob:
+    """An investigation job to be processed."""
+
+    job_id: str
+    team_id: UUID
+    tenant_id: UUID
+    issue_id: UUID
+    datasource_id: UUID
+    alert_data: dict[str, Any]
+    alert_summary: str
+    priority: int = 0  # Higher = more urgent
+    retry_count: int = 0
+    max_retries: int = 3
+    created_at: datetime = field(default_factory=lambda: datetime.now(UTC))
+    next_retry_at: datetime | None = None
+
+    def to_dict(self) -> dict[str, Any]:
+        """Serialize job to dictionary."""
+        return {
+            "job_id": self.job_id,
+            "team_id": str(self.team_id),
+            "tenant_id": str(self.tenant_id),
+            "issue_id": str(self.issue_id),
+            "datasource_id": str(self.datasource_id),
+            "alert_data": self.alert_data,
+            "alert_summary": self.alert_summary,
+            "priority": self.priority,
+            "retry_count": self.retry_count,
+            "max_retries": self.max_retries,
+            "created_at": self.created_at.isoformat(),
+            "next_retry_at": self.next_retry_at.isoformat() if self.next_retry_at else None,
+        }
+
+    @classmethod
+    def from_dict(cls, data: dict[str, Any]) -> InvestigationJob:
+        """Deserialize job from dictionary."""
+        return cls(
+            job_id=data["job_id"],
+            team_id=UUID(data["team_id"]),
+            tenant_id=UUID(data["tenant_id"]),
+            issue_id=UUID(data["issue_id"]),
+            datasource_id=UUID(data["datasource_id"]),
+            alert_data=data["alert_data"],
+            alert_summary=data["alert_summary"],
+            priority=data.get("priority", 0),
+            retry_count=data.get("retry_count", 0),
+            max_retries=data.get("max_retries", 3),
+            created_at=datetime.fromisoformat(data["created_at"]),
+            next_retry_at=(
+                datetime.fromisoformat(data["next_retry_at"]) if data.get("next_retry_at") else None
+            ),
+        )
+
+
+@dataclass
+class InvestigationQueueConfig:
+    """Configuration for the investigation queue."""
+
+    key_prefix: str = "dataing:investigation_queue"
+    default_batch_size: int = 5
+    max_retry_delay_seconds: int = 300  # 5 minutes max
+
+
+class InvestigationQueue:
+    """Redis-backed investigation queue with per-team routing."""
+
+    def __init__(
+        self,
+        redis: Redis,
+        config: InvestigationQueueConfig | None = None,
+    ) -> None:
+        """Initialize the investigation queue."""
+        self.redis = redis
+        self.config = config or InvestigationQueueConfig()
+
+    def _team_queue_key(self, team_id: UUID) -> str:
+        """Get the queue key for a team."""
+        return f"{self.config.key_prefix}:team:{team_id}"
+
+    def _job_key(self, job_id: str) -> str:
+        """Get the key for job data."""
+        return f"{self.config.key_prefix}:job:{job_id}"
+
+    def _status_key(self, job_id: str) -> str:
+        """Get the key for job status."""
+        return f"{self.config.key_prefix}:status:{job_id}"
+
+    def _retry_queue_key(self) -> str:
+        """Get the retry queue key (sorted set by retry time)."""
+        return f"{self.config.key_prefix}:retry"
+
+    def _teams_set_key(self) -> str:
+        """Get the key for tracking active teams."""
+        return f"{self.config.key_prefix}:teams"
+
+    async def enqueue(self, job: InvestigationJob) -> None:
+        """Add an investigation job to the team's queue.
+
+        Jobs are stored in a per-team list and sorted by priority.
+        """
+        team_queue_key = self._team_queue_key(job.team_id)
+        job_key = self._job_key(job.job_id)
+        status_key = self._status_key(job.job_id)
+
+        # Store job data
+        job_json = json.dumps(job.to_dict())
+        await self.redis.set(job_key, job_json)
+
+        # Set initial status
+        await self.redis.set(status_key, JobStatus.PENDING.value)
+
+        # Add to team queue (using sorted set with priority as score)
+        # Negative priority so higher priority jobs are first
+        await self.redis.zadd(team_queue_key, {job.job_id: -job.priority})
+
+        # Track this team
+        await self.redis.sadd(  # type: ignore[misc]
+            self._teams_set_key(), str(job.team_id)
+        )
+
+        logger.debug(
+            "job_enqueued",
+            job_id=job.job_id,
+            team_id=str(job.team_id),
+            priority=job.priority,
+        )
+
+    async def dequeue(
+        self,
+        team_id: UUID,
+        batch_size: int | None = None,
+    ) -> list[InvestigationJob]:
+        """Dequeue a batch of jobs for a team.
+
+        Returns up to batch_size jobs, marking them as processing.
+        """
+        if batch_size is None:
+            batch_size = self.config.default_batch_size
+
+        team_queue_key = self._team_queue_key(team_id)
+        jobs: list[InvestigationJob] = []
+
+        # Get job IDs from sorted set (highest priority first)
+        job_ids = await self.redis.zrange(team_queue_key, 0, batch_size - 1)
+
+        for job_id_bytes in job_ids:
+            job_id = job_id_bytes.decode() if isinstance(job_id_bytes, bytes) else job_id_bytes
+
+            # Get job data
+            job_key = self._job_key(job_id)
+            job_json = await self.redis.get(job_key)
+
+            if not job_json:
+                # Job data missing, remove from queue
+                await self.redis.zrem(team_queue_key, job_id)
+                continue
+
+            job_data = json.loads(job_json)
+            job = InvestigationJob.from_dict(job_data)
+
+            # Mark as processing
+            status_key = self._status_key(job_id)
+            await self.redis.set(status_key, JobStatus.PROCESSING.value)
+
+            # Remove from queue
+            await self.redis.zrem(team_queue_key, job_id)
+
+            jobs.append(job)
+
+        if jobs:
+            logger.debug(
+                "jobs_dequeued",
+                team_id=str(team_id),
+                count=len(jobs),
+            )
+
+        return jobs
+
+    async def complete(self, job_id: str) -> None:
+        """Mark a job as completed."""
+        status_key = self._status_key(job_id)
+        job_key = self._job_key(job_id)
+
+        await self.redis.set(status_key, JobStatus.COMPLETED.value)
+
+        # Clean up after a delay (optional: could keep for auditing)
+        await self.redis.expire(job_key, 3600)  # 1 hour
+        await self.redis.expire(status_key, 3600)
+
+        logger.debug("job_completed", job_id=job_id)
+
+    async def fail(self, job: InvestigationJob, error: str) -> None:
+        """Mark a job as failed. Will retry if retries remain."""
+        job_key = self._job_key(job.job_id)
+        status_key = self._status_key(job.job_id)
+
+        job.retry_count += 1
+
+        if job.retry_count <= job.max_retries:
+            # Calculate backoff delay (exponential: 2^n seconds, capped)
+            delay = min(
+                2**job.retry_count,
+                self.config.max_retry_delay_seconds,
+            )
+            job.next_retry_at = datetime.now(UTC).replace(microsecond=0) + __import__(
+                "datetime"
+            ).timedelta(seconds=delay)
+
+            # Update job data
+            job_json = json.dumps(job.to_dict())
+            await self.redis.set(job_key, job_json)
+
+            # Set status to retrying
+            await self.redis.set(status_key, JobStatus.RETRYING.value)
+
+            # Add to retry queue (sorted set by retry time)
+            retry_time = job.next_retry_at.timestamp()
+            await self.redis.zadd(self._retry_queue_key(), {job.job_id: retry_time})
+
+            logger.info(
+                "job_scheduled_for_retry",
+                job_id=job.job_id,
+                retry_count=job.retry_count,
+                next_retry_at=job.next_retry_at.isoformat(),
+                error=error,
+            )
+        else:
+            # Max retries exceeded
+            await self.redis.set(status_key, JobStatus.FAILED.value)
+            await self.redis.expire(job_key, 86400)  # Keep for 24 hours
+            await self.redis.expire(status_key, 86400)
+
+            logger.error(
+                "job_failed_permanently",
+                job_id=job.job_id,
+                retry_count=job.retry_count,
+                error=error,
+            )
+
+    async def process_retries(self) -> list[InvestigationJob]:
+        """Get jobs that are ready for retry and re-enqueue them.
+
+        Returns the jobs that were moved back to their team queues.
+        """
+        retry_queue_key = self._retry_queue_key()
+        now = time.time()
+
+        # Get jobs with retry time <= now
+        job_ids = await self.redis.zrangebyscore(retry_queue_key, 0, now)
+
+        jobs: list[InvestigationJob] = []
+        for job_id_bytes in job_ids:
+            job_id = job_id_bytes.decode() if isinstance(job_id_bytes, bytes) else job_id_bytes
+
+            # Get job data
+            job_key = self._job_key(job_id)
+            job_json = await self.redis.get(job_key)
+
+            if not job_json:
+                # Job data missing, remove from retry queue
+                await self.redis.zrem(retry_queue_key, job_id)
+                continue
+
+            job_data = json.loads(job_json)
+            job = InvestigationJob.from_dict(job_data)
+
+            # Remove from retry queue
+            await self.redis.zrem(retry_queue_key, job_id)
+
+            # Re-enqueue to team queue
+            team_queue_key = self._team_queue_key(job.team_id)
+            await self.redis.zadd(team_queue_key, {job.job_id: -job.priority})
+
+            # Update status
+            status_key = self._status_key(job.job_id)
+            await self.redis.set(status_key, JobStatus.PENDING.value)
+
+            jobs.append(job)
+
+            logger.debug(
+                "job_retry_requeued",
+                job_id=job.job_id,
+                team_id=str(job.team_id),
+            )
+
+        return jobs
+
+    async def get_status(self, job_id: str) -> JobStatus | None:
+        """Get the status of a job."""
+        status_key = self._status_key(job_id)
+        status = await self.redis.get(status_key)
+        if status:
+            status_str = status.decode() if isinstance(status, bytes) else status
+            return JobStatus(status_str)
+        return None
+
+    async def get_queue_length(self, team_id: UUID) -> int:
+        """Get the number of pending jobs for a team."""
+        team_queue_key = self._team_queue_key(team_id)
+        count: int = await self.redis.zcard(team_queue_key)
+        return count
+
+    async def get_active_teams(self) -> list[UUID]:
+        """Get list of teams with pending jobs."""
+        teams_key = self._teams_set_key()
+        team_ids: set[Any] = await self.redis.smembers(  # type: ignore[misc]
+            teams_key
+        )
+        return [UUID(t.decode() if isinstance(t, bytes) else t) for t in team_ids]
+
+    async def cleanup_empty_teams(self) -> None:
+        """Remove teams with no pending jobs from the active set."""
+        teams = await self.get_active_teams()
+        for team_id in teams:
+            queue_length: int = await self.redis.zcard(self._team_queue_key(team_id))
+            if queue_length == 0:
+                await self.redis.srem(  # type: ignore[misc]
+                    self._teams_set_key(), str(team_id)
+                )
diff --git a/python-packages/dataing/src/dataing/adapters/queue/investigation_worker.py b/python-packages/dataing/src/dataing/adapters/queue/investigation_worker.py
new file mode 100644
index 000000000..9afc8098a
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/queue/investigation_worker.py
@@ -0,0 +1,247 @@
+"""Investigation queue worker that processes jobs and starts Temporal workflows.
+
+This worker:
+- Polls teams with pending jobs
+- Respects per-team rate limits
+- Processes jobs in batches
+- Starts Temporal workflows for each job
+- Handles failures with retry
+"""
+
+from __future__ import annotations
+
+import asyncio
+from dataclasses import dataclass
+from typing import TYPE_CHECKING
+from uuid import UUID
+
+import structlog
+
+from dataing.adapters.queue.investigation_queue import (
+    InvestigationJob,
+    InvestigationQueue,
+)
+from dataing.adapters.queue.redis_rate_limiter import RedisRateLimiter
+from dataing.services.policy import PolicyService, QueueConfig
+
+if TYPE_CHECKING:
+    from redis.asyncio import Redis
+
+    from dataing.adapters.db.app_db import AppDatabase
+    from dataing.temporal.client import TemporalInvestigationClient
+
+logger = structlog.get_logger()
+
+
+@dataclass
+class WorkerConfig:
+    """Configuration for the investigation worker."""
+
+    poll_interval_seconds: float = 1.0
+    retry_poll_interval_seconds: float = 5.0
+    max_concurrent_teams: int = 10
+    default_batch_size: int = 5
+
+
+class InvestigationWorker:
+    """Worker that processes investigation jobs from the queue."""
+
+    def __init__(
+        self,
+        queue: InvestigationQueue,
+        rate_limiter: RedisRateLimiter,
+        temporal_client: TemporalInvestigationClient,
+        db: AppDatabase,
+        config: WorkerConfig | None = None,
+    ) -> None:
+        """Initialize the worker."""
+        self.queue = queue
+        self.rate_limiter = rate_limiter
+        self.temporal_client = temporal_client
+        self.db = db
+        self.config = config or WorkerConfig()
+        self._running = False
+        self._policy_service = PolicyService(db)
+        self._team_configs: dict[UUID, QueueConfig] = {}
+
+    async def _get_queue_config(self, team_id: UUID) -> QueueConfig:
+        """Get queue configuration for a team, with caching."""
+        if team_id not in self._team_configs:
+            config = await self._policy_service.get_queue_config(team_id)
+            self._team_configs[team_id] = config
+        return self._team_configs[team_id]
+
+    async def start(self) -> None:
+        """Start the worker loop."""
+        self._running = True
+        logger.info("investigation_worker_started")
+
+        # Start both the main loop and retry processor
+        await asyncio.gather(
+            self._main_loop(),
+            self._retry_loop(),
+        )
+
+    async def stop(self) -> None:
+        """Stop the worker loop."""
+        self._running = False
+        logger.info("investigation_worker_stopped")
+
+    async def _main_loop(self) -> None:
+        """Main worker loop that processes jobs."""
+        while self._running:
+            try:
+                # Get teams with pending jobs
+                teams = await self.queue.get_active_teams()
+
+                if teams:
+                    # Process teams concurrently, up to max_concurrent_teams
+                    tasks = []
+                    for team_id in teams[: self.config.max_concurrent_teams]:
+                        tasks.append(self._process_team(team_id))
+
+                    await asyncio.gather(*tasks, return_exceptions=True)
+
+                # Clean up teams with no jobs
+                await self.queue.cleanup_empty_teams()
+
+            except Exception as e:
+                logger.error("worker_loop_error", error=str(e))
+
+            await asyncio.sleep(self.config.poll_interval_seconds)
+
+    async def _retry_loop(self) -> None:
+        """Loop that re-queues jobs ready for retry."""
+        while self._running:
+            try:
+                jobs = await self.queue.process_retries()
+                if jobs:
+                    logger.debug("retries_processed", count=len(jobs))
+            except Exception as e:
+                logger.error("retry_loop_error", error=str(e))
+
+            await asyncio.sleep(self.config.retry_poll_interval_seconds)
+
+    async def _process_team(self, team_id: UUID) -> None:
+        """Process pending jobs for a team."""
+        config = await self._get_queue_config(team_id)
+
+        # Check rate limit
+        rate_result = await self.rate_limiter.check_and_consume(
+            team_id,
+            config,
+            tokens=config.batch_size,
+        )
+
+        if not rate_result.allowed:
+            logger.debug(
+                "team_rate_limited",
+                team_id=str(team_id),
+                retry_after=rate_result.retry_after,
+            )
+            return
+
+        # Dequeue jobs
+        jobs = await self.queue.dequeue(team_id, batch_size=config.batch_size)
+
+        if not jobs:
+            return
+
+        # Process jobs concurrently
+        tasks = []
+        for job in jobs:
+            tasks.append(self._process_job(job))
+
+        results = await asyncio.gather(*tasks, return_exceptions=True)
+
+        # Log results
+        successful = sum(1 for r in results if r is True)
+        failed = len(results) - successful
+
+        logger.info(
+            "team_jobs_processed",
+            team_id=str(team_id),
+            total=len(jobs),
+            successful=successful,
+            failed=failed,
+        )
+
+    async def _process_job(self, job: InvestigationJob) -> bool:
+        """Process a single investigation job.
+
+        Returns True if successful, False if failed.
+        """
+        try:
+            # Start Temporal workflow
+            await self.temporal_client.start_investigation(
+                investigation_id=job.job_id,
+                tenant_id=str(job.tenant_id),
+                datasource_id=str(job.datasource_id),
+                alert_data=job.alert_data,
+                alert_summary=job.alert_summary,
+            )
+
+            # Mark as completed
+            await self.queue.complete(job.job_id)
+
+            logger.info(
+                "job_workflow_started",
+                job_id=job.job_id,
+                team_id=str(job.team_id),
+            )
+
+            return True
+
+        except Exception as e:
+            error_msg = str(e)
+            logger.error(
+                "job_workflow_failed",
+                job_id=job.job_id,
+                team_id=str(job.team_id),
+                error=error_msg,
+            )
+
+            # Mark as failed (will retry if retries remain)
+            await self.queue.fail(job, error_msg)
+
+            return False
+
+    def clear_config_cache(self, team_id: UUID | None = None) -> None:
+        """Clear cached queue configurations.
+
+        Args:
+            team_id: Team to clear config for. If None, clears all.
+        """
+        if team_id:
+            self._team_configs.pop(team_id, None)
+        else:
+            self._team_configs.clear()
+
+
+async def create_worker(
+    redis: Redis,
+    temporal_client: TemporalInvestigationClient,
+    db: AppDatabase,
+    config: WorkerConfig | None = None,
+) -> InvestigationWorker:
+    """Create and configure an investigation worker.
+
+    Args:
+        redis: Redis client connection.
+        temporal_client: Temporal client for starting workflows.
+        db: Database connection.
+        config: Optional worker configuration.
+
+    Returns:
+        Configured InvestigationWorker.
+    """
+    queue = InvestigationQueue(redis)
+    rate_limiter = RedisRateLimiter(redis)
+
+    return InvestigationWorker(
+        queue=queue,
+        rate_limiter=rate_limiter,
+        temporal_client=temporal_client,
+        db=db,
+        config=config,
+    )
diff --git a/python-packages/dataing/src/dataing/adapters/queue/redis_rate_limiter.py b/python-packages/dataing/src/dataing/adapters/queue/redis_rate_limiter.py
new file mode 100644
index 000000000..c7859682f
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/queue/redis_rate_limiter.py
@@ -0,0 +1,177 @@
+"""Redis-backed rate limiter using sliding window algorithm.
+
+This module provides per-team rate limiting with:
+- Sliding window rate limiting
+- Configurable limits per team
+- Token bucket for burst handling
+"""
+
+from __future__ import annotations
+
+import time
+from dataclasses import dataclass
+from uuid import UUID
+
+import structlog
+from redis.asyncio import Redis
+
+from dataing.services.policy import QueueConfig
+
+logger = structlog.get_logger()
+
+# Lua script for atomic sliding window rate limiting
+RATE_LIMIT_SCRIPT = """
+local key = KEYS[1]
+local now = tonumber(ARGV[1])
+local window_size = tonumber(ARGV[2])
+local limit = tonumber(ARGV[3])
+local tokens = tonumber(ARGV[4])
+
+-- Remove old entries outside the window
+local window_start = now - window_size
+redis.call('ZREMRANGEBYSCORE', key, '-inf', window_start)
+
+-- Count current requests in window
+local current = redis.call('ZCARD', key)
+
+if current + tokens <= limit then
+    -- Add the new request(s)
+    for i = 1, tokens do
+        redis.call('ZADD', key, now, now .. ':' .. i .. ':' .. math.random(1000000))
+    end
+    -- Set expiry on the key
+    redis.call('EXPIRE', key, window_size + 1)
+    return {1, limit - current - tokens}  -- allowed, remaining
+else
+    return {0, 0}  -- denied, remaining
+end
+"""
+
+
+@dataclass
+class RateLimitResult:
+    """Result of a rate limit check."""
+
+    allowed: bool
+    remaining: int
+    limit: int
+    retry_after: float | None = None
+
+
+class RedisRateLimiter:
+    """Redis-backed rate limiter with sliding window algorithm."""
+
+    def __init__(
+        self,
+        redis: Redis,
+        key_prefix: str = "dataing:rate_limit",
+    ) -> None:
+        """Initialize the rate limiter."""
+        self.redis = redis
+        self.key_prefix = key_prefix
+        self._script_sha: str | None = None
+
+    async def _get_script_sha(self) -> str:
+        """Get or load the Lua script SHA."""
+        if self._script_sha is None:
+            self._script_sha = await self.redis.script_load(RATE_LIMIT_SCRIPT)
+        return self._script_sha
+
+    def _team_key(self, team_id: UUID) -> str:
+        """Get the rate limit key for a team."""
+        return f"{self.key_prefix}:team:{team_id}"
+
+    async def check_and_consume(
+        self,
+        team_id: UUID,
+        config: QueueConfig,
+        tokens: int = 1,
+    ) -> RateLimitResult:
+        """Check rate limit and consume tokens if allowed.
+
+        Args:
+            team_id: Team to check rate limit for.
+            config: Queue configuration with rate limits.
+            tokens: Number of tokens to consume (default 1).
+
+        Returns:
+            RateLimitResult indicating if the request is allowed.
+        """
+        key = self._team_key(team_id)
+        now = time.time()
+        window_size = 60  # 1 minute window
+        limit = config.rate_limit_per_minute
+
+        try:
+            script_sha = await self._get_script_sha()
+            result = await self.redis.evalsha(  # type: ignore[misc]
+                script_sha,
+                1,  # number of keys
+                key,  # KEYS[1]
+                str(now),  # ARGV[1]
+                str(window_size),  # ARGV[2]
+                str(limit),  # ARGV[3]
+                str(tokens),  # ARGV[4]
+            )
+
+            allowed = bool(result[0])
+            remaining = int(result[1])
+
+            if not allowed:
+                # Calculate retry_after based on oldest entry in window
+                oldest = await self.redis.zrange(key, 0, 0, withscores=True)
+                if oldest:
+                    oldest_time = oldest[0][1]
+                    retry_after = window_size - (now - oldest_time)
+                else:
+                    retry_after = window_size
+
+                logger.debug(
+                    "rate_limit_exceeded",
+                    team_id=str(team_id),
+                    limit=limit,
+                    retry_after=retry_after,
+                )
+
+                return RateLimitResult(
+                    allowed=False,
+                    remaining=0,
+                    limit=limit,
+                    retry_after=max(0, retry_after),
+                )
+
+            return RateLimitResult(
+                allowed=True,
+                remaining=remaining,
+                limit=limit,
+            )
+
+        except Exception as e:
+            # On Redis errors, allow the request (fail open)
+            logger.warning(
+                "rate_limit_check_failed",
+                team_id=str(team_id),
+                error=str(e),
+            )
+            return RateLimitResult(
+                allowed=True,
+                remaining=limit,
+                limit=limit,
+            )
+
+    async def get_remaining(self, team_id: UUID, config: QueueConfig) -> int:
+        """Get remaining rate limit tokens for a team."""
+        key = self._team_key(team_id)
+        now = time.time()
+        window_size = 60
+        window_start = now - window_size
+
+        # Count current requests in window
+        current: int = await self.redis.zcount(key, window_start, now)
+        return max(0, config.rate_limit_per_minute - current)
+
+    async def reset(self, team_id: UUID) -> None:
+        """Reset rate limit for a team."""
+        key = self._team_key(team_id)
+        await self.redis.delete(key)
+        logger.debug("rate_limit_reset", team_id=str(team_id))
diff --git a/python-packages/dataing/src/dataing/adapters/sse/__init__.py b/python-packages/dataing/src/dataing/adapters/sse/__init__.py
new file mode 100644
index 000000000..fed8673f8
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/sse/__init__.py
@@ -0,0 +1,13 @@
+"""SSE event store adapters."""
+
+from dataing.adapters.sse.redis_event_store import (
+    RedisSSEEventStore,
+    SSEEvent,
+    SSEEventStoreConfig,
+)
+
+__all__ = [
+    "RedisSSEEventStore",
+    "SSEEvent",
+    "SSEEventStoreConfig",
+]
diff --git a/python-packages/dataing/src/dataing/adapters/sse/redis_event_store.py b/python-packages/dataing/src/dataing/adapters/sse/redis_event_store.py
new file mode 100644
index 000000000..533ce5102
--- /dev/null
+++ b/python-packages/dataing/src/dataing/adapters/sse/redis_event_store.py
@@ -0,0 +1,453 @@
+"""Redis-backed SSE event store.
+
+This module provides persistent storage for SSE run events with:
+- Event storage with automatic sequencing
+- Metadata tracking per run
+- Configurable replay window with TTL
+- Atomic operations for concurrent access
+"""
+
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass, field
+from datetime import UTC, datetime
+from typing import Any
+
+import structlog
+from redis.asyncio import Redis
+
+logger = structlog.get_logger()
+
+
+@dataclass
+class SSEEvent:
+    """An SSE event."""
+
+    seq: int
+    event: str
+    run_id: str
+    data: dict[str, Any]
+    timestamp: str
+
+    def to_dict(self) -> dict[str, Any]:
+        """Serialize event to dictionary."""
+        return {
+            "seq": self.seq,
+            "event": self.event,
+            "run_id": self.run_id,
+            "data": self.data,
+            "timestamp": self.timestamp,
+        }
+
+    @classmethod
+    def from_dict(cls, data: dict[str, Any]) -> SSEEvent:
+        """Deserialize event from dictionary."""
+        return cls(
+            seq=data["seq"],
+            event=data["event"],
+            run_id=data["run_id"],
+            data=data["data"],
+            timestamp=data["timestamp"],
+        )
+
+
+@dataclass
+class SSEEventStoreConfig:
+    """Configuration for the SSE event store."""
+
+    key_prefix: str = "dataing:sse"
+    replay_window_seconds: int = 300  # 5 minutes
+    event_ttl_seconds: int = 3600  # 1 hour for events
+    metadata_ttl_seconds: int = 3600  # 1 hour for metadata
+
+
+@dataclass
+class RunMetadata:
+    """Metadata for a run."""
+
+    run_id: str
+    bundle_id: str | None = None
+    bundle_hash: str | None = None
+    status: str = "running"
+    goal: str | None = None
+    created_at: str = field(default_factory=lambda: datetime.now(UTC).isoformat())
+    completed_at: str | None = None
+    tenant_id: str | None = None
+
+    def to_dict(self) -> dict[str, Any]:
+        """Serialize metadata to dictionary."""
+        return {
+            "run_id": self.run_id,
+            "bundle_id": self.bundle_id,
+            "bundle_hash": self.bundle_hash,
+            "status": self.status,
+            "goal": self.goal,
+            "created_at": self.created_at,
+            "completed_at": self.completed_at,
+            "tenant_id": self.tenant_id,
+        }
+
+    @classmethod
+    def from_dict(cls, data: dict[str, Any]) -> RunMetadata:
+        """Deserialize metadata from dictionary."""
+        return cls(
+            run_id=data.get("run_id", ""),
+            bundle_id=data.get("bundle_id"),
+            bundle_hash=data.get("bundle_hash"),
+            status=data.get("status", "running"),
+            goal=data.get("goal"),
+            created_at=data.get("created_at", ""),
+            completed_at=data.get("completed_at"),
+            tenant_id=data.get("tenant_id"),
+        )
+
+
+class RedisSSEEventStore:
+    """Redis-backed SSE event store with replay support."""
+
+    def __init__(
+        self,
+        redis: Redis,
+        config: SSEEventStoreConfig | None = None,
+    ) -> None:
+        """Initialize the SSE event store."""
+        self.redis = redis
+        self.config = config or SSEEventStoreConfig()
+
+    def _events_key(self, run_id: str) -> str:
+        """Get the key for run events (sorted set by seq)."""
+        return f"{self.config.key_prefix}:events:{run_id}"
+
+    def _metadata_key(self, run_id: str) -> str:
+        """Get the key for run metadata (hash)."""
+        return f"{self.config.key_prefix}:metadata:{run_id}"
+
+    def _seq_key(self, run_id: str) -> str:
+        """Get the key for sequence counter."""
+        return f"{self.config.key_prefix}:seq:{run_id}"
+
+    async def store_event(
+        self,
+        run_id: str,
+        event_type: str,
+        data: dict[str, Any],
+    ) -> int:
+        """Store an event and return its sequence number.
+
+        Args:
+            run_id: The run ID.
+            event_type: The event type.
+            data: The event data.
+
+        Returns:
+            The sequence number of the stored event.
+        """
+        events_key = self._events_key(run_id)
+        seq_key = self._seq_key(run_id)
+
+        # Atomically increment sequence number
+        seq = await self.redis.incr(seq_key)
+
+        event = SSEEvent(
+            seq=seq,
+            event=event_type,
+            run_id=run_id,
+            data=data,
+            timestamp=datetime.now(UTC).isoformat(),
+        )
+
+        # Store event in sorted set (score = seq for ordering)
+        event_json = json.dumps(event.to_dict())
+        await self.redis.zadd(events_key, {event_json: seq})
+
+        # Set TTL on events
+        await self.redis.expire(events_key, self.config.event_ttl_seconds)
+        await self.redis.expire(seq_key, self.config.event_ttl_seconds)
+
+        logger.debug(
+            "sse_event_stored",
+            run_id=run_id,
+            event_type=event_type,
+            seq=seq,
+        )
+
+        seq_int: int = seq
+        return seq_int
+
+    async def get_events_after(
+        self,
+        run_id: str,
+        after_seq: int,
+    ) -> list[dict[str, Any]]:
+        """Get events after a sequence number.
+
+        Args:
+            run_id: The run ID.
+            after_seq: Return events with seq > after_seq.
+
+        Returns:
+            List of event dictionaries ordered by sequence.
+        """
+        events_key = self._events_key(run_id)
+
+        # Get events with score > after_seq (exclusive)
+        # zrangebyscore returns events ordered by score (seq)
+        event_jsons = await self.redis.zrangebyscore(
+            events_key,
+            min=f"({after_seq}",  # ( means exclusive
+            max="+inf",
+        )
+
+        events = []
+        for event_json in event_jsons:
+            event_str = event_json.decode() if isinstance(event_json, bytes) else event_json
+            events.append(json.loads(event_str))
+
+        return events
+
+    async def store_metadata(
+        self,
+        run_id: str,
+        metadata: RunMetadata,
+    ) -> None:
+        """Store run metadata.
+
+        Args:
+            run_id: The run ID.
+            metadata: The run metadata.
+        """
+        metadata_key = self._metadata_key(run_id)
+
+        # Store as hash fields
+        metadata_dict = metadata.to_dict()
+        # Convert None values to empty strings for Redis
+        redis_dict = {k: v if v is not None else "" for k, v in metadata_dict.items()}
+
+        await self.redis.hset(metadata_key, mapping=redis_dict)  # type: ignore[misc]
+        await self.redis.expire(metadata_key, self.config.metadata_ttl_seconds)
+
+        logger.debug("sse_metadata_stored", run_id=run_id, status=metadata.status)
+
+    async def get_metadata(self, run_id: str) -> RunMetadata | None:
+        """Get run metadata.
+
+        Args:
+            run_id: The run ID.
+
+        Returns:
+            The run metadata or None if not found.
+        """
+        metadata_key = self._metadata_key(run_id)
+
+        data: dict[bytes, bytes] = await self.redis.hgetall(metadata_key)  # type: ignore[misc]
+        if not data:
+            return None
+
+        # Decode bytes and convert empty strings back to None
+        decoded = {}
+        for k, v in data.items():
+            key = k.decode() if isinstance(k, bytes) else k
+            val = v.decode() if isinstance(v, bytes) else v
+            decoded[key] = val if val else None
+
+        return RunMetadata.from_dict(decoded)
+
+    async def update_status(
+        self,
+        run_id: str,
+        status: str,
+        completed_at: str | None = None,
+    ) -> None:
+        """Update run status.
+
+        Args:
+            run_id: The run ID.
+            status: The new status.
+            completed_at: Optional completion timestamp.
+        """
+        metadata_key = self._metadata_key(run_id)
+
+        updates: dict[str, str] = {"status": status}
+        if completed_at:
+            updates["completed_at"] = completed_at
+
+        await self.redis.hset(metadata_key, mapping=updates)  # type: ignore[misc]
+
+        logger.debug("sse_status_updated", run_id=run_id, status=status)
+
+    async def is_replay_window_expired(self, run_id: str) -> bool:
+        """Check if the replay window has expired for a run.
+
+        A run's replay window expires when:
+        1. The run is completed/failed, AND
+        2. More than replay_window_seconds have passed since completion
+
+        Args:
+            run_id: The run ID.
+
+        Returns:
+            True if replay window has expired.
+        """
+        metadata = await self.get_metadata(run_id)
+        if not metadata:
+            return True  # No metadata = expired
+
+        # If run is still active, window is not expired
+        if metadata.status not in ("completed", "failed", "cancelled"):
+            return False
+
+        # Check if completion time exceeds replay window
+        completed_at = metadata.completed_at
+        if not completed_at:
+            return False
+
+        try:
+            completed_dt = datetime.fromisoformat(completed_at)
+            elapsed = (datetime.now(UTC) - completed_dt).total_seconds()
+            return elapsed > self.config.replay_window_seconds
+        except (ValueError, TypeError):
+            return False
+
+    async def exists(self, run_id: str) -> bool:
+        """Check if a run exists in the store.
+
+        Args:
+            run_id: The run ID.
+
+        Returns:
+            True if the run exists.
+        """
+        metadata_key = self._metadata_key(run_id)
+        exists_result = await self.redis.exists(metadata_key)
+        return bool(exists_result)
+
+    async def get_latest_seq(self, run_id: str) -> int:
+        """Get the latest sequence number for a run.
+
+        Args:
+            run_id: The run ID.
+
+        Returns:
+            The latest sequence number or 0 if no events.
+        """
+        seq_key = self._seq_key(run_id)
+        seq = await self.redis.get(seq_key)
+        if seq:
+            return int(seq.decode() if isinstance(seq, bytes) else seq)
+        return 0
+
+    async def cleanup_run(self, run_id: str) -> None:
+        """Clean up all data for a run.
+
+        Args:
+            run_id: The run ID.
+        """
+        events_key = self._events_key(run_id)
+        metadata_key = self._metadata_key(run_id)
+        seq_key = self._seq_key(run_id)
+
+        await self.redis.delete(events_key, metadata_key, seq_key)
+
+        logger.debug("sse_run_cleaned_up", run_id=run_id)
+
+
+class InMemoryFallbackSSEEventStore:
+    """In-memory fallback when Redis is not available.
+
+    Provides the same interface as RedisSSEEventStore for local development.
+    """
+
+    def __init__(self, config: SSEEventStoreConfig | None = None) -> None:
+        """Initialize the in-memory store."""
+        self.config = config or SSEEventStoreConfig()
+        self._events: dict[str, list[dict[str, Any]]] = {}
+        self._metadata: dict[str, RunMetadata] = {}
+        self._seq: dict[str, int] = {}
+
+    async def store_event(
+        self,
+        run_id: str,
+        event_type: str,
+        data: dict[str, Any],
+    ) -> int:
+        """Store an event and return its sequence number."""
+        if run_id not in self._events:
+            self._events[run_id] = []
+            self._seq[run_id] = 0
+
+        self._seq[run_id] += 1
+        seq = self._seq[run_id]
+
+        event = SSEEvent(
+            seq=seq,
+            event=event_type,
+            run_id=run_id,
+            data=data,
+            timestamp=datetime.now(UTC).isoformat(),
+        )
+        self._events[run_id].append(event.to_dict())
+
+        return seq
+
+    async def get_events_after(
+        self,
+        run_id: str,
+        after_seq: int,
+    ) -> list[dict[str, Any]]:
+        """Get events after a sequence number."""
+        events = self._events.get(run_id, [])
+        return [e for e in events if e["seq"] > after_seq]
+
+    async def store_metadata(self, run_id: str, metadata: RunMetadata) -> None:
+        """Store run metadata."""
+        self._metadata[run_id] = metadata
+
+    async def get_metadata(self, run_id: str) -> RunMetadata | None:
+        """Get run metadata."""
+        return self._metadata.get(run_id)
+
+    async def update_status(
+        self,
+        run_id: str,
+        status: str,
+        completed_at: str | None = None,
+    ) -> None:
+        """Update run status."""
+        if run_id in self._metadata:
+            self._metadata[run_id].status = status
+            if completed_at:
+                self._metadata[run_id].completed_at = completed_at
+
+    async def is_replay_window_expired(self, run_id: str) -> bool:
+        """Check if the replay window has expired."""
+        metadata = self._metadata.get(run_id)
+        if not metadata:
+            return True
+
+        if metadata.status not in ("completed", "failed", "cancelled"):
+            return False
+
+        if not metadata.completed_at:
+            return False
+
+        try:
+            completed_dt = datetime.fromisoformat(metadata.completed_at)
+            elapsed = (datetime.now(UTC) - completed_dt).total_seconds()
+            return elapsed > self.config.replay_window_seconds
+        except (ValueError, TypeError):
+            return False
+
+    async def exists(self, run_id: str) -> bool:
+        """Check if a run exists."""
+        return run_id in self._metadata
+
+    async def get_latest_seq(self, run_id: str) -> int:
+        """Get the latest sequence number."""
+        return self._seq.get(run_id, 0)
+
+    async def cleanup_run(self, run_id: str) -> None:
+        """Clean up all data for a run."""
+        self._events.pop(run_id, None)
+        self._metadata.pop(run_id, None)
+        self._seq.pop(run_id, None)
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/middleware/__init__.py b/python-packages/dataing/src/dataing/entrypoints/api/middleware/__init__.py
index 2a21fda3f..a4d718df6 100644
--- a/python-packages/dataing/src/dataing/entrypoints/api/middleware/__init__.py
+++ b/python-packages/dataing/src/dataing/entrypoints/api/middleware/__init__.py
@@ -20,6 +20,10 @@
     verify_jwt,
 )
 from dataing.entrypoints.api.middleware.rate_limit import RateLimitMiddleware
+from dataing.entrypoints.api.middleware.redis_rate_limit import (
+    RedisRateLimitConfig,
+    RedisRateLimitMiddleware,
+)
 
 __all__ = [
     # API Key auth
@@ -38,4 +42,6 @@
     "RequireOwner",
     # Middleware
     "RateLimitMiddleware",
+    "RedisRateLimitMiddleware",
+    "RedisRateLimitConfig",
 ]
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/middleware/redis_rate_limit.py b/python-packages/dataing/src/dataing/entrypoints/api/middleware/redis_rate_limit.py
new file mode 100644
index 000000000..9abb0c178
--- /dev/null
+++ b/python-packages/dataing/src/dataing/entrypoints/api/middleware/redis_rate_limit.py
@@ -0,0 +1,242 @@
+"""Redis-backed rate limiting middleware.
+
+Provides distributed rate limiting using Redis sliding window algorithm.
+Falls back to in-memory limiting when Redis is unavailable.
+"""
+
+from __future__ import annotations
+
+import time
+from dataclasses import dataclass
+
+import structlog
+from redis.asyncio import Redis
+from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
+from starlette.requests import Request
+from starlette.responses import JSONResponse, Response
+from starlette.types import ASGIApp
+
+logger = structlog.get_logger()
+
+
+# Lua script for sliding window rate limiting
+# Returns [allowed (0/1), remaining_tokens]
+RATE_LIMIT_SCRIPT = """
+local key = KEYS[1]
+local now = tonumber(ARGV[1])
+local window_size = tonumber(ARGV[2])
+local limit = tonumber(ARGV[3])
+local tokens = tonumber(ARGV[4])
+
+-- Remove expired entries
+local window_start = now - window_size
+redis.call('ZREMRANGEBYSCORE', key, '-inf', window_start)
+
+-- Count current requests in window
+local current = redis.call('ZCARD', key)
+
+-- Check if we can allow this request
+if current + tokens <= limit then
+    -- Add new entries for each token consumed
+    for i = 1, tokens do
+        redis.call('ZADD', key, now, now .. ':' .. i .. ':' .. math.random(1000000))
+    end
+    -- Set expiry on the key
+    redis.call('EXPIRE', key, window_size + 1)
+    return {1, limit - current - tokens}
+else
+    return {0, 0}
+end
+"""
+
+
+@dataclass
+class RedisRateLimitConfig:
+    """Configuration for Redis rate limiting."""
+
+    requests_per_minute: int = 60
+    burst_size: int = 10
+    key_prefix: str = "dataing:api_rate_limit"
+    window_seconds: int = 60
+
+
+class RedisRateLimitMiddleware(BaseHTTPMiddleware):
+    """Rate limiting middleware using Redis sliding window algorithm.
+
+    Falls back to allowing requests if Redis is unavailable (fail-open).
+    """
+
+    def __init__(
+        self,
+        app: ASGIApp,
+        redis: Redis | None = None,
+        config: RedisRateLimitConfig | None = None,
+        enabled: bool = True,
+    ) -> None:
+        """Initialize Redis rate limit middleware.
+
+        Args:
+            app: The ASGI application.
+            redis: Optional Redis client. If None, rate limiting is disabled.
+            config: Rate limiting configuration.
+            enabled: Whether rate limiting is enabled.
+        """
+        super().__init__(app)
+        self.redis = redis
+        self.config = config or RedisRateLimitConfig()
+        self.enabled = enabled
+        self._script_sha: str | None = None
+
+    async def _ensure_script_loaded(self) -> str | None:
+        """Load the Lua script if not already loaded."""
+        if self._script_sha is None and self.redis is not None:
+            try:
+                self._script_sha = await self.redis.script_load(RATE_LIMIT_SCRIPT)
+            except Exception as e:
+                logger.warning("rate_limit_script_load_failed", error=str(e))
+                return None
+        return self._script_sha
+
+    def _get_identifier(self, request: Request) -> str:
+        """Get rate limit identifier from request.
+
+        Priority:
+        1. Tenant ID from auth context
+        2. API key (hashed)
+        3. Client IP address
+        """
+        # Try to get tenant ID from auth context
+        auth_context = getattr(request.state, "auth_context", None)
+        if auth_context:
+            tenant_id = getattr(auth_context, "tenant_id", None)
+            if tenant_id:
+                return f"tenant:{tenant_id}"
+
+        # Try to get API key from header
+        api_key = request.headers.get("x-api-key")
+        if api_key:
+            # Use first 8 chars of API key as identifier (don't store full key)
+            return f"key:{api_key[:8]}"
+
+        # Fall back to IP address
+        client_ip = request.client.host if request.client else "unknown"
+        return f"ip:{client_ip}"
+
+    def _get_key(self, identifier: str) -> str:
+        """Build Redis key for identifier."""
+        return f"{self.config.key_prefix}:{identifier}"
+
+    async def _check_rate_limit(self, identifier: str) -> tuple[bool, int, float | None]:
+        """Check rate limit for identifier.
+
+        Returns:
+            Tuple of (allowed, remaining, retry_after).
+        """
+        if self.redis is None:
+            # No Redis = allow all (disabled)
+            return True, self.config.requests_per_minute, None
+
+        script_sha = await self._ensure_script_loaded()
+        if script_sha is None:
+            # Script load failed = fail open
+            return True, self.config.requests_per_minute, None
+
+        key = self._get_key(identifier)
+        now = time.time()
+
+        try:
+            result = await self.redis.evalsha(  # type: ignore[misc]
+                script_sha,
+                1,  # number of keys
+                key,
+                str(now),
+                str(self.config.window_seconds),
+                str(self.config.requests_per_minute),
+                "1",  # consume 1 token
+            )
+
+            allowed = bool(result[0])
+            remaining = int(result[1])
+
+            if not allowed:
+                # Calculate retry_after based on oldest entry
+                oldest = await self.redis.zrange(key, 0, 0, withscores=True)
+                if oldest:
+                    oldest_time = oldest[0][1]
+                    retry_after = max(0, self.config.window_seconds - (now - oldest_time))
+                else:
+                    retry_after = float(self.config.window_seconds)
+                return False, 0, retry_after
+
+            return True, remaining, None
+
+        except Exception as e:
+            logger.warning("rate_limit_check_failed", error=str(e), identifier=identifier)
+            # Fail open on Redis errors
+            return True, self.config.requests_per_minute, None
+
+    async def dispatch(self, request: Request, call_next: RequestResponseEndpoint) -> Response:
+        """Process the request with rate limiting."""
+        if not self.enabled:
+            return await call_next(request)
+
+        # Skip rate limiting for health checks
+        if request.url.path in ["/health", "/healthz", "/ready"]:
+            return await call_next(request)
+
+        # Skip rate limiting for OPTIONS (CORS preflight)
+        if request.method == "OPTIONS":
+            return await call_next(request)
+
+        identifier = self._get_identifier(request)
+        allowed, remaining, retry_after = await self._check_rate_limit(identifier)
+
+        if not allowed:
+            logger.warning("api_rate_limit_exceeded", identifier=identifier)
+
+            retry_after_int = int(retry_after) if retry_after else self.config.window_seconds
+
+            return JSONResponse(
+                status_code=429,
+                content={
+                    "detail": "Rate limit exceeded. Please slow down.",
+                    "retry_after": retry_after_int,
+                },
+                headers={
+                    "Retry-After": str(retry_after_int),
+                    "X-RateLimit-Limit": str(self.config.requests_per_minute),
+                    "X-RateLimit-Remaining": "0",
+                    "X-RateLimit-Reset": str(retry_after_int),
+                },
+            )
+
+        response = await call_next(request)
+
+        # Add rate limit headers to successful responses
+        response.headers["X-RateLimit-Limit"] = str(self.config.requests_per_minute)
+        response.headers["X-RateLimit-Remaining"] = str(remaining)
+
+        return response
+
+    async def reset(self, identifier: str | None = None) -> None:
+        """Reset rate limit for an identifier or all.
+
+        Args:
+            identifier: Specific identifier to reset, or None for all.
+        """
+        if self.redis is None:
+            return
+
+        if identifier:
+            key = self._get_key(identifier)
+            await self.redis.delete(key)
+        else:
+            # Delete all rate limit keys (use with caution)
+            pattern = f"{self.config.key_prefix}:*"
+            cursor = 0
+            while True:
+                cursor, keys = await self.redis.scan(cursor, match=pattern, count=100)
+                if keys:
+                    await self.redis.delete(*keys)
+                if cursor == 0:
+                    break
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/routes/__init__.py b/python-packages/dataing/src/dataing/entrypoints/api/routes/__init__.py
index 6595d9f2a..f9c366164 100644
--- a/python-packages/dataing/src/dataing/entrypoints/api/routes/__init__.py
+++ b/python-packages/dataing/src/dataing/entrypoints/api/routes/__init__.py
@@ -5,6 +5,7 @@
 
 from fastapi import APIRouter
 
+from dataing.entrypoints.api.routes.analytics import router as analytics_router
 from dataing.entrypoints.api.routes.approvals import router as approvals_router
 from dataing.entrypoints.api.routes.asset_instances import router as asset_instances_router
 from dataing.entrypoints.api.routes.auth import router as auth_router
@@ -61,6 +62,7 @@
 api_router.include_router(users_router)
 api_router.include_router(dashboard_router)
 api_router.include_router(usage_router)
+api_router.include_router(analytics_router)  # Activation and weekly usage analytics
 api_router.include_router(lineage_router)
 api_router.include_router(bundles_router)  # Context bundles API
 api_router.include_router(runs_router)  # Runs API with SSE streaming
@@ -71,10 +73,9 @@
 api_router.include_router(comment_votes_router)
 api_router.include_router(sla_policies_router)  # SLA policy management
 api_router.include_router(integrations_router)  # Webhook integrations
-api_router.include_router(teams_router, prefix="/teams")
 
 # RBAC routes
-api_router.include_router(teams_router)
+api_router.include_router(teams_router)  # Teams + policies
 api_router.include_router(tags_router)
 api_router.include_router(permissions_router)
 api_router.include_router(investigation_tags_router)
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/routes/analytics.py b/python-packages/dataing/src/dataing/entrypoints/api/routes/analytics.py
new file mode 100644
index 000000000..037cb4aa9
--- /dev/null
+++ b/python-packages/dataing/src/dataing/entrypoints/api/routes/analytics.py
@@ -0,0 +1,225 @@
+r"""Analytics routes for activation and usage metrics.
+
+Endpoints:
+    GET /api/v1/analytics/weekly-usage
+        Query weekly usage statistics. Returns issues created, investigations
+        started/completed, issues resolved, active teams count, and resolution rate.
+        Supports filtering by team_id and configuring the number of weeks (1-52).
+
+    GET /api/v1/analytics/activation
+        Get activation status for the current tenant. Activation is defined as
+        creating an issue AND completing an investigation within 7 days of signup.
+
+    GET /api/v1/analytics/activation/funnel
+        Get aggregated activation funnel metrics across all tenants. Shows conversion
+        rates through the activation funnel.
+
+    POST /api/v1/analytics/refresh
+        Manually refresh the weekly usage statistics materialized view. Typically
+        called by a scheduled job but can be triggered manually.
+
+How to View Metrics:
+    1. API Queries:
+       curl -H "Authorization: Bearer <api_key>" \
+            "https://api.dataing.io/api/v1/analytics/weekly-usage?weeks=4"
+
+    2. Direct SQL Queries (for admins):
+       -- Weekly usage from materialized view
+       SELECT * FROM weekly_usage_stats
+       WHERE tenant_id = '<tenant-uuid>'
+       ORDER BY week_start DESC;
+
+       -- Activation funnel
+       SELECT * FROM tenant_activation
+       WHERE activated_at IS NOT NULL;
+
+       -- Raw events
+       SELECT event_type, COUNT(*), date_trunc('day', created_at) as day
+       FROM analytics_events
+       WHERE tenant_id = '<tenant-uuid>'
+       GROUP BY event_type, day
+       ORDER BY day DESC;
+"""
+
+from __future__ import annotations
+
+from datetime import datetime
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, Query
+from pydantic import BaseModel
+
+from dataing.adapters.db.app_db import AppDatabase
+from dataing.entrypoints.api.deps import get_app_db
+from dataing.entrypoints.api.middleware.auth import ApiKeyContext, verify_api_key
+from dataing.services.analytics import AnalyticsService
+
+router = APIRouter(prefix="/analytics", tags=["analytics"])
+
+# Annotated types for dependency injection
+AppDbDep = Annotated[AppDatabase, Depends(get_app_db)]
+AuthDep = Annotated[ApiKeyContext, Depends(verify_api_key)]
+
+
+class WeeklyUsageResponse(BaseModel):
+    """Weekly usage statistics response."""
+
+    week_start: datetime
+    issues_created: int
+    investigations_started: int
+    investigations_completed: int
+    issues_resolved: int
+    active_teams: int
+    resolution_rate: float
+
+
+class WeeklyUsageListResponse(BaseModel):
+    """List of weekly usage statistics."""
+
+    weeks: list[WeeklyUsageResponse]
+
+
+class ActivationStatusResponse(BaseModel):
+    """Activation status response."""
+
+    tenant_id: str
+    created_at: datetime
+    first_issue_at: datetime | None
+    first_investigation_at: datetime | None
+    activated_at: datetime | None
+    is_activated: bool
+    days_to_activation: int | None
+
+
+class ActivationFunnelResponse(BaseModel):
+    """Activation funnel statistics response."""
+
+    total_tenants: int
+    tenants_with_issue: int
+    tenants_with_investigation: int
+    tenants_activated: int
+    issue_rate: float
+    investigation_rate: float
+    activation_rate: float
+
+
+@router.get("/weekly-usage", response_model=WeeklyUsageListResponse)
+async def get_weekly_usage(
+    auth: AuthDep,
+    app_db: AppDbDep,
+    weeks: int = Query(default=4, ge=1, le=52, description="Number of weeks to return"),
+    team_id: str | None = Query(default=None, description="Filter by team ID"),
+) -> WeeklyUsageListResponse:
+    """Get weekly usage statistics for the current tenant.
+
+    Returns aggregated metrics per week including:
+    - Issues created
+    - Investigations started and completed
+    - Issues resolved
+    - Active teams count
+    - Issue resolution rate
+    """
+    from uuid import UUID
+
+    service = AnalyticsService(app_db)
+    team_uuid = UUID(team_id) if team_id else None
+    stats = await service.get_weekly_usage(auth.tenant_id, weeks, team_uuid)
+
+    return WeeklyUsageListResponse(
+        weeks=[
+            WeeklyUsageResponse(
+                week_start=s.week_start,
+                issues_created=s.issues_created,
+                investigations_started=s.investigations_started,
+                investigations_completed=s.investigations_completed,
+                issues_resolved=s.issues_resolved,
+                active_teams=s.active_teams,
+                resolution_rate=s.resolution_rate,
+            )
+            for s in stats
+        ]
+    )
+
+
+@router.get("/activation", response_model=ActivationStatusResponse)
+async def get_activation_status(
+    auth: AuthDep,
+    app_db: AppDbDep,
+) -> ActivationStatusResponse:
+    """Get activation status for the current tenant.
+
+    Activation is defined as having both:
+    - Created at least one issue
+    - Completed at least one investigation
+
+    Within the first 7 days of account creation.
+    """
+    service = AnalyticsService(app_db)
+    status = await service.get_activation_status(auth.tenant_id)
+
+    if not status:
+        return ActivationStatusResponse(
+            tenant_id=str(auth.tenant_id),
+            created_at=datetime.utcnow(),
+            first_issue_at=None,
+            first_investigation_at=None,
+            activated_at=None,
+            is_activated=False,
+            days_to_activation=None,
+        )
+
+    return ActivationStatusResponse(
+        tenant_id=str(status.tenant_id),
+        created_at=status.created_at,
+        first_issue_at=status.first_issue_at,
+        first_investigation_at=status.first_investigation_at,
+        activated_at=status.activated_at,
+        is_activated=status.is_activated,
+        days_to_activation=status.days_to_activation,
+    )
+
+
+@router.get("/activation/funnel", response_model=ActivationFunnelResponse)
+async def get_activation_funnel(
+    auth: AuthDep,
+    app_db: AppDbDep,
+    days: int = Query(default=90, ge=1, le=365, description="Look back period in days"),
+) -> ActivationFunnelResponse:
+    """Get activation funnel statistics.
+
+    Returns aggregated funnel metrics showing:
+    - Total tenants created in period
+    - Tenants that created at least one issue
+    - Tenants that completed at least one investigation
+    - Tenants that achieved activation
+
+    Note: This endpoint requires admin permissions in production.
+    """
+    from datetime import UTC, timedelta
+
+    service = AnalyticsService(app_db)
+    since = datetime.now(UTC) - timedelta(days=days)
+    funnel = await service.get_activation_funnel(since)
+
+    return ActivationFunnelResponse(
+        total_tenants=funnel.total_tenants,
+        tenants_with_issue=funnel.tenants_with_issue,
+        tenants_with_investigation=funnel.tenants_with_investigation,
+        tenants_activated=funnel.tenants_activated,
+        issue_rate=funnel.issue_rate,
+        investigation_rate=funnel.investigation_rate,
+        activation_rate=funnel.activation_rate,
+    )
+
+
+@router.post("/refresh", status_code=204)
+async def refresh_weekly_stats(
+    auth: AuthDep,
+    app_db: AppDbDep,
+) -> None:
+    """Refresh the weekly usage statistics materialized view.
+
+    This is typically called by a scheduled job but can be triggered manually.
+    """
+    service = AnalyticsService(app_db)
+    await service.refresh_weekly_stats()
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/routes/integrations.py b/python-packages/dataing/src/dataing/entrypoints/api/routes/integrations.py
index 2743d7a07..a8637c3c0 100644
--- a/python-packages/dataing/src/dataing/entrypoints/api/routes/integrations.py
+++ b/python-packages/dataing/src/dataing/entrypoints/api/routes/integrations.py
@@ -2,24 +2,30 @@
 
 This module provides a generic webhook endpoint for external integrations
 to create issues. Signature verification is used to authenticate requests.
+Policy evaluation determines the action taken: auto investigation, review, or issue-only.
 """
 
 from __future__ import annotations
 
 import hashlib
 import hmac
+import json
 import logging
 import os
-from typing import Annotated
-from uuid import UUID
+from datetime import UTC, datetime
+from typing import Annotated, Any
+from uuid import UUID, uuid4
 
 from fastapi import APIRouter, Depends, Header, HTTPException, Request, status
 from pydantic import BaseModel, Field
 
 from dataing.adapters.db.app_db import AppDatabase
+from dataing.adapters.db.team_policy_repository import PolicyAction, TeamPolicyRepository
 from dataing.core.json_utils import to_json_string
 from dataing.entrypoints.api.deps import get_app_db
 from dataing.entrypoints.api.middleware.auth import ApiKeyContext, verify_api_key
+from dataing.services.notification import NotificationEvent, NotificationService
+from dataing.services.policy import IssueContext, PolicyService
 
 logger = logging.getLogger(__name__)
 
@@ -56,6 +62,8 @@ class WebhookIssueResponse(BaseModel):
     number: int
     status: str
     created: bool  # True if newly created, False if deduplicated
+    policy_action: str | None = None  # auto, review, issue_only
+    investigation_id: UUID | None = None  # Set if auto investigation started
 
 
 # ============================================================================
@@ -250,9 +258,245 @@ async def receive_generic_webhook(
         f"provider={payload.source_provider}, tenant={auth.tenant_id}"
     )
 
+    # Evaluate policy for the created issue
+    policy_action, investigation_id = await _evaluate_and_apply_policy(
+        request=request,
+        db=db,
+        auth=auth,
+        issue_id=issue_id,
+        payload=payload,
+    )
+
     return WebhookIssueResponse(
         id=issue_id,
         number=row["number"],
         status=row["status"],
         created=True,
+        policy_action=policy_action,
+        investigation_id=investigation_id,
+    )
+
+
+async def _evaluate_and_apply_policy(
+    request: Request,
+    db: AppDatabase,
+    auth: ApiKeyContext,
+    issue_id: UUID,
+    payload: GenericWebhookPayload,
+) -> tuple[str | None, UUID | None]:
+    """Evaluate policy for an issue and apply the resulting action.
+
+    Returns:
+        Tuple of (policy_action, investigation_id).
+        investigation_id is set only for AUTO actions.
+    """
+    # Get the default team for this tenant
+    policy_repo = TeamPolicyRepository(db)
+    team_id = await policy_repo.get_default_team_for_tenant(auth.tenant_id)
+
+    if not team_id:
+        # No teams configured, default to issue-only
+        logger.debug(f"No team found for tenant={auth.tenant_id}, using issue_only")
+        return (PolicyAction.ISSUE_ONLY.value, None)
+
+    # Build issue context for policy evaluation
+    context = IssueContext(
+        team_id=team_id,
+        dataset_id=payload.dataset_id,
+        severity=payload.severity,
+        source=payload.source_provider,
+    )
+
+    # Evaluate policy
+    policy_service = PolicyService(db)
+    policy_result = await policy_service.evaluate(context)
+
+    logger.info(
+        f"Policy evaluated: issue={issue_id}, action={policy_result.action.value}, "
+        f"source={policy_result.source}"
+    )
+
+    # Record policy evaluation event
+    await db.execute(
+        """
+        INSERT INTO issue_events (issue_id, event_type, actor_user_id, payload)
+        VALUES ($1, 'policy_evaluated', NULL, $2)
+        """,
+        issue_id,
+        to_json_string(
+            {
+                "action": policy_result.action.value,
+                "source": policy_result.source,
+                "policy_id": (str(policy_result.policy_id) if policy_result.policy_id else None),
+                "override_id": (
+                    str(policy_result.override_id) if policy_result.override_id else None
+                ),
+            }
+        ),
+    )
+
+    investigation_id: UUID | None = None
+
+    if policy_result.action == PolicyAction.AUTO:
+        # Start auto investigation
+        investigation_id = await _start_auto_investigation(
+            request=request,
+            db=db,
+            auth=auth,
+            issue_id=issue_id,
+            payload=payload,
+        )
+
+    elif policy_result.action == PolicyAction.REVIEW:
+        # Send notification that review is required
+        await _send_review_notification(
+            db=db,
+            auth=auth,
+            issue_id=issue_id,
+            payload=payload,
+        )
+
+    # ISSUE_ONLY requires no additional action
+
+    return (policy_result.action.value, investigation_id)
+
+
+async def _start_auto_investigation(
+    request: Request,
+    db: AppDatabase,
+    auth: ApiKeyContext,
+    issue_id: UUID,
+    payload: GenericWebhookPayload,
+) -> UUID | None:
+    """Start an automatic investigation for an issue.
+
+    Returns:
+        Investigation ID if started successfully, None otherwise.
+    """
+    from dataing.entrypoints.api.deps import resolve_datasource_id
+    from dataing.temporal.client import TemporalInvestigationClient
+
+    # Get Temporal client
+    temporal_client: TemporalInvestigationClient | None = getattr(
+        request.app.state, "temporal_client", None
+    )
+
+    if temporal_client is None:
+        logger.warning(
+            f"Temporal not configured, cannot start auto investigation for issue={issue_id}"
+        )
+        return None
+
+    investigation_id = uuid4()
+    now = datetime.now(UTC)
+
+    # Resolve datasource
+    try:
+        datasource_id = await resolve_datasource_id(request, auth.tenant_id, explicit_id=None)
+    except ValueError:
+        # No default datasource, use placeholder
+        datasource_id = UUID("00000000-0000-0000-0000-000000000003")
+
+    # Build alert data
+    alert_data: dict[str, Any] = {
+        "dataset_ids": [payload.dataset_id] if payload.dataset_id else [],
+        "metric_spec": {
+            "metric_type": "description",
+            "expression": payload.title,
+            "display_name": "Integration Alert",
+            "columns_referenced": [],
+        },
+        "anomaly_type": "integration_alert",
+        "expected_value": 0.0,
+        "actual_value": 0.0,
+        "deviation_pct": 0.0,
+        "anomaly_date": now.date().isoformat(),
+        "severity": payload.severity or "medium",
+        "datasource_id": str(datasource_id),
+        "issue_id": str(issue_id),
+    }
+
+    try:
+        # Create investigation record (issue_id is stored in alert JSONB)
+        await db.execute(
+            """
+            INSERT INTO investigations (id, tenant_id, alert)
+            VALUES ($1, $2, $3)
+            """,
+            investigation_id,
+            auth.tenant_id,
+            json.dumps(alert_data),
+        )
+
+        # Start Temporal workflow
+        alert_summary = f"Auto investigation: {payload.title}"
+        await temporal_client.start_investigation(
+            investigation_id=str(investigation_id),
+            tenant_id=str(auth.tenant_id),
+            datasource_id=str(datasource_id),
+            alert_data=alert_data,
+            alert_summary=alert_summary,
+        )
+
+        # Record event on issue
+        await db.execute(
+            """
+            INSERT INTO issue_events (issue_id, event_type, actor_user_id, payload)
+            VALUES ($1, 'investigation_started', NULL, $2)
+            """,
+            issue_id,
+            to_json_string(
+                {
+                    "investigation_id": str(investigation_id),
+                    "trigger": "auto_policy",
+                }
+            ),
+        )
+
+        logger.info(
+            f"Auto investigation started: investigation={investigation_id}, issue={issue_id}"
+        )
+
+        return investigation_id
+
+    except Exception as e:
+        logger.error(f"Failed to start auto investigation for issue={issue_id}: {e}")
+        return None
+
+
+async def _send_review_notification(
+    db: AppDatabase,
+    auth: ApiKeyContext,
+    issue_id: UUID,
+    payload: GenericWebhookPayload,
+) -> None:
+    """Send notification that an issue requires review before investigation."""
+    notification_service = NotificationService(db)
+
+    await notification_service.notify(
+        NotificationEvent(
+            event_type="issue.review_required",
+            tenant_id=auth.tenant_id,
+            payload={
+                "issue_id": str(issue_id),
+                "title": payload.title,
+                "severity": payload.severity,
+                "dataset_id": payload.dataset_id,
+                "source_provider": payload.source_provider,
+            },
+        )
+    )
+
+    # Record event on issue
+    await db.execute(
+        """
+        INSERT INTO issue_events (issue_id, event_type, actor_user_id, payload)
+        VALUES ($1, 'review_requested', NULL, $2)
+        """,
+        issue_id,
+        to_json_string(
+            {
+                "trigger": "review_policy",
+            }
+        ),
     )
diff --git a/python-packages/dataing/src/dataing/entrypoints/api/routes/teams.py b/python-packages/dataing/src/dataing/entrypoints/api/routes/teams.py
index 1699a9b4f..ea02eab07 100644
--- a/python-packages/dataing/src/dataing/entrypoints/api/routes/teams.py
+++ b/python-packages/dataing/src/dataing/entrypoints/api/routes/teams.py
@@ -7,10 +7,14 @@
 from uuid import UUID
 
 from fastapi import APIRouter, Depends, HTTPException, Request, Response, status
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 from dataing.adapters.audit import audited
 from dataing.adapters.db.app_db import AppDatabase
+from dataing.adapters.db.team_policy_repository import (
+    PolicyAction,
+    TeamPolicyRepository,
+)
 from dataing.adapters.rbac import TeamsRepository
 from dataing.core.entitlements.features import Feature
 from dataing.entrypoints.api.deps import get_app_db
@@ -272,3 +276,406 @@ async def remove_team_member(
 
         await repo.remove_member(team_id, user_id)
         return Response(status_code=204)
+
+
+# =============================================================================
+# Team Policy Models
+# =============================================================================
+
+
+class TeamPolicyResponse(BaseModel):
+    """Team policy response."""
+
+    id: UUID
+    team_id: UUID
+    sources: list[str] = Field(default_factory=list)
+    default_action: str
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+    is_active: bool = True
+
+
+class TeamPolicyUpdate(BaseModel):
+    """Team policy update request."""
+
+    sources: list[str] | None = None
+    default_action: str | None = None
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+
+
+class TeamPolicyOverrideResponse(BaseModel):
+    """Team policy override response."""
+
+    id: UUID
+    team_id: UUID
+    dataset_id: str | None = None
+    tag_id: UUID | None = None
+    default_action: str | None = None
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+    is_active: bool = True
+
+
+class TeamPolicyOverrideCreate(BaseModel):
+    """Create a policy override."""
+
+    dataset_id: str | None = None
+    tag_id: UUID | None = None
+    default_action: str | None = None
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+
+
+class TeamPolicyOverrideUpdate(BaseModel):
+    """Update a policy override."""
+
+    default_action: str | None = None
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+
+
+class TeamQueueLimitsResponse(BaseModel):
+    """Team queue limits response."""
+
+    id: UUID
+    team_id: UUID
+    rate_limit_per_minute: int = 60
+    burst_size: int = 10
+    max_concurrent: int = 5
+    batch_size: int = 5
+    is_active: bool = True
+
+
+class TeamQueueLimitsUpdate(BaseModel):
+    """Team queue limits update request."""
+
+    rate_limit_per_minute: int | None = None
+    burst_size: int | None = None
+    max_concurrent: int | None = None
+    batch_size: int | None = None
+
+
+class TeamPolicyFullResponse(BaseModel):
+    """Full team policy response including overrides and queue limits."""
+
+    policy: TeamPolicyResponse | None = None
+    overrides: list[TeamPolicyOverrideResponse] = Field(default_factory=list)
+    queue_limits: TeamQueueLimitsResponse | None = None
+
+
+# =============================================================================
+# Team Policy Endpoints
+# =============================================================================
+
+
+@router.get("/{team_id}/policy", response_model=TeamPolicyFullResponse)
+async def get_team_policy(
+    team_id: UUID,
+    auth: AuthDep,
+    app_db: AppDbDep,
+) -> TeamPolicyFullResponse:
+    """Get the full policy configuration for a team.
+
+    Returns the team policy, all overrides, and queue limits.
+    """
+    async with app_db.acquire() as conn:
+        teams_repo = TeamsRepository(conn)
+        team = await teams_repo.get_by_id(team_id)
+
+        if not team or team.org_id != auth.tenant_id:
+            raise HTTPException(status_code=404, detail="Team not found")
+
+    policy_repo = TeamPolicyRepository(app_db)
+
+    # Get policy
+    policy = await policy_repo.get_policy_by_team(team_id)
+    policy_response = None
+    if policy:
+        policy_response = TeamPolicyResponse(
+            id=policy.id,
+            team_id=policy.team_id,
+            sources=policy.sources,
+            default_action=policy.default_action.value,
+            auto_investigate_min_severity=policy.auto_investigate_min_severity,
+            review_required_max_severity=policy.review_required_max_severity,
+            is_active=policy.is_active,
+        )
+
+    # Get overrides
+    overrides = await policy_repo.get_overrides_for_team(team_id)
+    override_responses = [
+        TeamPolicyOverrideResponse(
+            id=o.id,
+            team_id=o.team_id,
+            dataset_id=o.dataset_id,
+            tag_id=o.tag_id,
+            default_action=o.default_action.value if o.default_action else None,
+            auto_investigate_min_severity=o.auto_investigate_min_severity,
+            review_required_max_severity=o.review_required_max_severity,
+            is_active=o.is_active,
+        )
+        for o in overrides
+    ]
+
+    # Get queue limits
+    queue_limits = await policy_repo.get_queue_limits(team_id)
+    queue_response = None
+    if queue_limits:
+        queue_response = TeamQueueLimitsResponse(
+            id=queue_limits.id,
+            team_id=queue_limits.team_id,
+            rate_limit_per_minute=queue_limits.rate_limit_per_minute,
+            burst_size=queue_limits.burst_size,
+            max_concurrent=queue_limits.max_concurrent,
+            batch_size=queue_limits.batch_size,
+            is_active=queue_limits.is_active,
+        )
+
+    return TeamPolicyFullResponse(
+        policy=policy_response,
+        overrides=override_responses,
+        queue_limits=queue_response,
+    )
+
+
+@router.put("/{team_id}/policy", response_model=TeamPolicyResponse)
+@audited(action="team.policy_update", resource_type="team")
+async def update_team_policy(
+    request: Request,
+    team_id: UUID,
+    body: TeamPolicyUpdate,
+    auth: AdminScopeDep,
+    app_db: AppDbDep,
+) -> TeamPolicyResponse:
+    """Update or create the team policy.
+
+    Requires admin scope.
+    """
+    async with app_db.acquire() as conn:
+        teams_repo = TeamsRepository(conn)
+        team = await teams_repo.get_by_id(team_id)
+
+        if not team or team.org_id != auth.tenant_id:
+            raise HTTPException(status_code=404, detail="Team not found")
+
+    policy_repo = TeamPolicyRepository(app_db)
+
+    # Check if policy exists
+    existing = await policy_repo.get_policy_by_team(team_id)
+
+    if existing:
+        # Update existing policy
+        policy = await policy_repo.update_policy(
+            existing.id,
+            sources=body.sources,
+            default_action=PolicyAction(body.default_action) if body.default_action else None,
+            auto_investigate_min_severity=body.auto_investigate_min_severity,
+            review_required_max_severity=body.review_required_max_severity,
+        )
+    else:
+        # Create new policy
+        action = (
+            PolicyAction(body.default_action) if body.default_action else PolicyAction.ISSUE_ONLY
+        )
+        policy = await policy_repo.create_policy(
+            org_id=auth.tenant_id,
+            team_id=team_id,
+            sources=body.sources or [],
+            default_action=action,
+            auto_investigate_min_severity=body.auto_investigate_min_severity,
+            review_required_max_severity=body.review_required_max_severity,
+        )
+
+    if not policy:
+        raise HTTPException(status_code=500, detail="Failed to update policy")
+
+    return TeamPolicyResponse(
+        id=policy.id,
+        team_id=policy.team_id,
+        sources=policy.sources,
+        default_action=policy.default_action.value,
+        auto_investigate_min_severity=policy.auto_investigate_min_severity,
+        review_required_max_severity=policy.review_required_max_severity,
+        is_active=policy.is_active,
+    )
+
+
+@router.post("/{team_id}/policy/overrides", response_model=TeamPolicyOverrideResponse)
+@audited(action="team.policy_override_create", resource_type="team")
+async def create_policy_override(
+    request: Request,
+    team_id: UUID,
+    body: TeamPolicyOverrideCreate,
+    auth: AdminScopeDep,
+    app_db: AppDbDep,
+) -> TeamPolicyOverrideResponse:
+    """Create a policy override for a dataset or tag.
+
+    Requires admin scope.
+    """
+    async with app_db.acquire() as conn:
+        teams_repo = TeamsRepository(conn)
+        team = await teams_repo.get_by_id(team_id)
+
+        if not team or team.org_id != auth.tenant_id:
+            raise HTTPException(status_code=404, detail="Team not found")
+
+    if (body.dataset_id is None) == (body.tag_id is None):
+        raise HTTPException(
+            status_code=400,
+            detail="Exactly one of dataset_id or tag_id must be provided",
+        )
+
+    policy_repo = TeamPolicyRepository(app_db)
+
+    override = await policy_repo.create_override(
+        org_id=auth.tenant_id,
+        team_id=team_id,
+        dataset_id=body.dataset_id,
+        tag_id=body.tag_id,
+        default_action=PolicyAction(body.default_action) if body.default_action else None,
+        auto_investigate_min_severity=body.auto_investigate_min_severity,
+        review_required_max_severity=body.review_required_max_severity,
+    )
+
+    return TeamPolicyOverrideResponse(
+        id=override.id,
+        team_id=override.team_id,
+        dataset_id=override.dataset_id,
+        tag_id=override.tag_id,
+        default_action=override.default_action.value if override.default_action else None,
+        auto_investigate_min_severity=override.auto_investigate_min_severity,
+        review_required_max_severity=override.review_required_max_severity,
+        is_active=override.is_active,
+    )
+
+
+@router.put("/{team_id}/policy/overrides/{override_id}", response_model=TeamPolicyOverrideResponse)
+@audited(action="team.policy_override_update", resource_type="team")
+async def update_policy_override(
+    request: Request,
+    team_id: UUID,
+    override_id: UUID,
+    body: TeamPolicyOverrideUpdate,
+    auth: AdminScopeDep,
+    app_db: AppDbDep,
+) -> TeamPolicyOverrideResponse:
+    """Update a policy override.
+
+    Requires admin scope.
+    """
+    policy_repo = TeamPolicyRepository(app_db)
+
+    # Verify override exists and belongs to this team
+    existing = await policy_repo.get_override(override_id)
+    if not existing or existing.team_id != team_id:
+        raise HTTPException(status_code=404, detail="Override not found")
+
+    override = await policy_repo.update_override(
+        override_id,
+        default_action=PolicyAction(body.default_action) if body.default_action else None,
+        auto_investigate_min_severity=body.auto_investigate_min_severity,
+        review_required_max_severity=body.review_required_max_severity,
+    )
+
+    if not override:
+        raise HTTPException(status_code=500, detail="Failed to update override")
+
+    return TeamPolicyOverrideResponse(
+        id=override.id,
+        team_id=override.team_id,
+        dataset_id=override.dataset_id,
+        tag_id=override.tag_id,
+        default_action=override.default_action.value if override.default_action else None,
+        auto_investigate_min_severity=override.auto_investigate_min_severity,
+        review_required_max_severity=override.review_required_max_severity,
+        is_active=override.is_active,
+    )
+
+
+@router.delete(
+    "/{team_id}/policy/overrides/{override_id}",
+    status_code=status.HTTP_204_NO_CONTENT,
+    response_class=Response,
+)
+@audited(action="team.policy_override_delete", resource_type="team")
+async def delete_policy_override(
+    request: Request,
+    team_id: UUID,
+    override_id: UUID,
+    auth: AdminScopeDep,
+    app_db: AppDbDep,
+) -> Response:
+    """Delete a policy override.
+
+    Requires admin scope.
+    """
+    policy_repo = TeamPolicyRepository(app_db)
+
+    # Verify override exists and belongs to this team
+    existing = await policy_repo.get_override(override_id)
+    if not existing or existing.team_id != team_id:
+        raise HTTPException(status_code=404, detail="Override not found")
+
+    await policy_repo.delete_override(override_id)
+    return Response(status_code=204)
+
+
+@router.put("/{team_id}/policy/queue-limits", response_model=TeamQueueLimitsResponse)
+@audited(action="team.queue_limits_update", resource_type="team")
+async def update_queue_limits(
+    request: Request,
+    team_id: UUID,
+    body: TeamQueueLimitsUpdate,
+    auth: AdminScopeDep,
+    app_db: AppDbDep,
+) -> TeamQueueLimitsResponse:
+    """Update or create queue limits for a team.
+
+    Requires admin scope.
+    """
+    async with app_db.acquire() as conn:
+        teams_repo = TeamsRepository(conn)
+        team = await teams_repo.get_by_id(team_id)
+
+        if not team or team.org_id != auth.tenant_id:
+            raise HTTPException(status_code=404, detail="Team not found")
+
+    policy_repo = TeamPolicyRepository(app_db)
+
+    # Check if limits exist
+    existing = await policy_repo.get_queue_limits(team_id)
+
+    if existing:
+        # Update existing
+        limits = await policy_repo.update_queue_limits(
+            team_id,
+            rate_limit_per_minute=body.rate_limit_per_minute,
+            burst_size=body.burst_size,
+            max_concurrent=body.max_concurrent,
+            batch_size=body.batch_size,
+        )
+    else:
+        # Create new
+        limits = await policy_repo.create_queue_limits(
+            org_id=auth.tenant_id,
+            team_id=team_id,
+            rate_limit_per_minute=body.rate_limit_per_minute or 60,
+            burst_size=body.burst_size or 10,
+            max_concurrent=body.max_concurrent or 5,
+            batch_size=body.batch_size or 5,
+        )
+
+    if not limits:
+        raise HTTPException(status_code=500, detail="Failed to update queue limits")
+
+    return TeamQueueLimitsResponse(
+        id=limits.id,
+        team_id=limits.team_id,
+        rate_limit_per_minute=limits.rate_limit_per_minute,
+        burst_size=limits.burst_size,
+        max_concurrent=limits.max_concurrent,
+        batch_size=limits.batch_size,
+        is_active=limits.is_active,
+    )
diff --git a/python-packages/dataing/src/dataing/services/__init__.py b/python-packages/dataing/src/dataing/services/__init__.py
index ce8bcb5b6..a4d46980c 100644
--- a/python-packages/dataing/src/dataing/services/__init__.py
+++ b/python-packages/dataing/src/dataing/services/__init__.py
@@ -2,14 +2,26 @@
 
 from dataing.services.auth import AuthService
 from dataing.services.notification import NotificationService
+from dataing.services.policy import (
+    IssueContext,
+    PolicyResult,
+    PolicyService,
+    QueueConfig,
+    evaluate_policy_for_issue,
+)
 from dataing.services.sla import SLAService
 from dataing.services.tenant import TenantService
 from dataing.services.usage import UsageTracker
 
 __all__ = [
     "AuthService",
+    "IssueContext",
     "NotificationService",
+    "PolicyResult",
+    "PolicyService",
+    "QueueConfig",
     "SLAService",
     "TenantService",
     "UsageTracker",
+    "evaluate_policy_for_issue",
 ]
diff --git a/python-packages/dataing/src/dataing/services/analytics.py b/python-packages/dataing/src/dataing/services/analytics.py
new file mode 100644
index 000000000..f329b944a
--- /dev/null
+++ b/python-packages/dataing/src/dataing/services/analytics.py
@@ -0,0 +1,358 @@
+"""Analytics service for activation and usage tracking."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from datetime import UTC, datetime, timedelta
+from enum import Enum
+from typing import Any
+from uuid import UUID
+
+import structlog
+
+from dataing.adapters.db.app_db import AppDatabase
+
+logger = structlog.get_logger()
+
+
+class AnalyticsEventType(str, Enum):
+    """Types of analytics events."""
+
+    ISSUE_CREATED = "issue_created"
+    INVESTIGATION_STARTED = "investigation_started"
+    INVESTIGATION_COMPLETED = "investigation_completed"
+    ISSUE_RESOLVED = "issue_resolved"
+
+
+class EntityType(str, Enum):
+    """Types of entities for analytics events."""
+
+    ISSUE = "issue"
+    INVESTIGATION = "investigation"
+
+
+@dataclass
+class WeeklyUsageStats:
+    """Weekly usage statistics."""
+
+    week_start: datetime
+    issues_created: int
+    investigations_started: int
+    investigations_completed: int
+    issues_resolved: int
+    active_teams: int
+    resolution_rate: float  # issues_resolved / issues_created
+
+
+@dataclass
+class ActivationStatus:
+    """Tenant activation status."""
+
+    tenant_id: UUID
+    created_at: datetime
+    first_issue_at: datetime | None
+    first_investigation_at: datetime | None
+    activated_at: datetime | None
+    is_activated: bool
+    days_to_activation: int | None
+
+
+@dataclass
+class ActivationFunnelStats:
+    """Activation funnel statistics."""
+
+    total_tenants: int
+    tenants_with_issue: int
+    tenants_with_investigation: int
+    tenants_activated: int
+    issue_rate: float
+    investigation_rate: float
+    activation_rate: float
+
+
+class AnalyticsService:
+    """Service for recording and querying analytics events."""
+
+    def __init__(self, db: AppDatabase):
+        """Initialize the analytics service."""
+        self.db = db
+
+    async def record_event(
+        self,
+        tenant_id: UUID,
+        event_type: AnalyticsEventType,
+        entity_type: EntityType,
+        entity_id: UUID,
+        team_id: UUID | None = None,
+        payload: dict[str, Any] | None = None,
+    ) -> UUID | None:
+        """Record an analytics event.
+
+        Args:
+            tenant_id: Tenant ID.
+            event_type: Type of event.
+            entity_type: Type of entity.
+            entity_id: ID of the entity.
+            team_id: Optional team ID.
+            payload: Optional additional data.
+
+        Returns:
+            UUID of the created event.
+        """
+        result = await self.db.fetch_one(
+            """SELECT record_analytics_event($1, $2, $3, $4, $5, $6) as event_id""",
+            tenant_id,
+            team_id,
+            event_type.value,
+            entity_type.value,
+            entity_id,
+            payload or {},
+        )
+
+        event_id = result["event_id"] if result else None
+        logger.info(
+            "analytics_event_recorded",
+            event_id=str(event_id),
+            tenant_id=str(tenant_id),
+            event_type=event_type.value,
+            entity_type=entity_type.value,
+            entity_id=str(entity_id),
+        )
+
+        return event_id
+
+    async def get_weekly_usage(
+        self,
+        tenant_id: UUID,
+        weeks: int = 4,
+        team_id: UUID | None = None,
+    ) -> list[WeeklyUsageStats]:
+        """Get weekly usage statistics.
+
+        Args:
+            tenant_id: Tenant ID.
+            weeks: Number of weeks to return.
+            team_id: Optional team ID to filter by.
+
+        Returns:
+            List of weekly usage stats.
+        """
+        # First try materialized view, fallback to direct query
+        if team_id:
+            query = """
+                SELECT
+                    week_start,
+                    issues_created,
+                    investigations_started,
+                    investigations_completed,
+                    issues_resolved,
+                    active_teams
+                FROM weekly_usage_stats
+                WHERE tenant_id = $1 AND team_id = $2
+                  AND week_start >= NOW() - ($3 || ' weeks')::INTERVAL
+                ORDER BY week_start DESC
+            """
+            rows = await self.db.fetch_all(query, tenant_id, team_id, str(weeks))
+        else:
+            query = """
+                SELECT
+                    week_start,
+                    SUM(issues_created) as issues_created,
+                    SUM(investigations_started) as investigations_started,
+                    SUM(investigations_completed) as investigations_completed,
+                    SUM(issues_resolved) as issues_resolved,
+                    COUNT(DISTINCT team_id) as active_teams
+                FROM weekly_usage_stats
+                WHERE tenant_id = $1
+                  AND week_start >= NOW() - ($2 || ' weeks')::INTERVAL
+                GROUP BY week_start
+                ORDER BY week_start DESC
+            """
+            rows = await self.db.fetch_all(query, tenant_id, str(weeks))
+
+        # If materialized view is empty, query directly
+        if not rows:
+            rows = await self._query_weekly_usage_direct(tenant_id, weeks, team_id)
+
+        return [
+            WeeklyUsageStats(
+                week_start=row["week_start"],
+                issues_created=row["issues_created"] or 0,
+                investigations_started=row["investigations_started"] or 0,
+                investigations_completed=row["investigations_completed"] or 0,
+                issues_resolved=row["issues_resolved"] or 0,
+                active_teams=row["active_teams"] or 0,
+                resolution_rate=(
+                    (row["issues_resolved"] or 0) / (row["issues_created"] or 1)
+                    if row["issues_created"]
+                    else 0.0
+                ),
+            )
+            for row in rows
+        ]
+
+    async def _query_weekly_usage_direct(
+        self,
+        tenant_id: UUID,
+        weeks: int,
+        team_id: UUID | None = None,
+    ) -> list[dict[str, Any]]:
+        """Query weekly usage directly from analytics_events table."""
+        if team_id:
+            query = """
+                SELECT
+                    date_trunc('week', created_at) AS week_start,
+                    COUNT(*) FILTER (WHERE event_type = 'issue_created') AS issues_created,
+                    COUNT(*) FILTER (WHERE event_type = 'investigation_started')
+                        AS investigations_started,
+                    COUNT(*) FILTER (WHERE event_type = 'investigation_completed')
+                        AS investigations_completed,
+                    COUNT(*) FILTER (WHERE event_type = 'issue_resolved') AS issues_resolved,
+                    1 AS active_teams
+                FROM analytics_events
+                WHERE tenant_id = $1 AND team_id = $2
+                  AND created_at >= NOW() - ($3 || ' weeks')::INTERVAL
+                GROUP BY date_trunc('week', created_at)
+                ORDER BY week_start DESC
+            """
+            return await self.db.fetch_all(query, tenant_id, team_id, str(weeks))
+        else:
+            query = """
+                SELECT
+                    date_trunc('week', created_at) AS week_start,
+                    COUNT(*) FILTER (WHERE event_type = 'issue_created') AS issues_created,
+                    COUNT(*) FILTER (WHERE event_type = 'investigation_started')
+                        AS investigations_started,
+                    COUNT(*) FILTER (WHERE event_type = 'investigation_completed')
+                        AS investigations_completed,
+                    COUNT(*) FILTER (WHERE event_type = 'issue_resolved') AS issues_resolved,
+                    COUNT(DISTINCT team_id) AS active_teams
+                FROM analytics_events
+                WHERE tenant_id = $1
+                  AND created_at >= NOW() - ($2 || ' weeks')::INTERVAL
+                GROUP BY date_trunc('week', created_at)
+                ORDER BY week_start DESC
+            """
+            return await self.db.fetch_all(query, tenant_id, str(weeks))
+
+    async def get_activation_status(self, tenant_id: UUID) -> ActivationStatus | None:
+        """Get activation status for a tenant.
+
+        Args:
+            tenant_id: Tenant ID.
+
+        Returns:
+            Activation status or None if not tracked.
+        """
+        row = await self.db.fetch_one(
+            """
+            SELECT
+                ta.tenant_id,
+                ta.created_at,
+                ta.first_issue_at,
+                ta.first_investigation_at,
+                ta.activated_at
+            FROM tenant_activation ta
+            WHERE ta.tenant_id = $1
+            """,
+            tenant_id,
+        )
+
+        if not row:
+            # Check if tenant exists and create activation record
+            tenant = await self.db.fetch_one(
+                "SELECT id, created_at FROM tenants WHERE id = $1", tenant_id
+            )
+            if not tenant:
+                return None
+
+            await self.db.execute(
+                """
+                INSERT INTO tenant_activation (tenant_id, created_at, updated_at)
+                VALUES ($1, $2, NOW())
+                ON CONFLICT (tenant_id) DO NOTHING
+                """,
+                tenant_id,
+                tenant["created_at"],
+            )
+
+            return ActivationStatus(
+                tenant_id=tenant_id,
+                created_at=tenant["created_at"],
+                first_issue_at=None,
+                first_investigation_at=None,
+                activated_at=None,
+                is_activated=False,
+                days_to_activation=None,
+            )
+
+        is_activated = row["activated_at"] is not None
+        days_to_activation = None
+        if is_activated and row["created_at"]:
+            days_to_activation = (row["activated_at"] - row["created_at"]).days
+
+        return ActivationStatus(
+            tenant_id=row["tenant_id"],
+            created_at=row["created_at"],
+            first_issue_at=row["first_issue_at"],
+            first_investigation_at=row["first_investigation_at"],
+            activated_at=row["activated_at"],
+            is_activated=is_activated,
+            days_to_activation=days_to_activation,
+        )
+
+    async def get_activation_funnel(
+        self,
+        since: datetime | None = None,
+    ) -> ActivationFunnelStats:
+        """Get activation funnel statistics.
+
+        Args:
+            since: Only include tenants created since this date.
+
+        Returns:
+            Activation funnel statistics.
+        """
+        if since is None:
+            since = datetime.now(UTC) - timedelta(days=90)
+
+        row = await self.db.fetch_one(
+            """
+            SELECT
+                COUNT(*) as total_tenants,
+                COUNT(first_issue_at) as tenants_with_issue,
+                COUNT(first_investigation_at) as tenants_with_investigation,
+                COUNT(activated_at) as tenants_activated
+            FROM tenant_activation
+            WHERE created_at >= $1
+            """,
+            since,
+        )
+
+        if not row:
+            return ActivationFunnelStats(
+                total_tenants=0,
+                tenants_with_issue=0,
+                tenants_with_investigation=0,
+                tenants_activated=0,
+                issue_rate=0.0,
+                investigation_rate=0.0,
+                activation_rate=0.0,
+            )
+
+        total = row["total_tenants"] or 1  # Avoid division by zero
+
+        return ActivationFunnelStats(
+            total_tenants=row["total_tenants"],
+            tenants_with_issue=row["tenants_with_issue"],
+            tenants_with_investigation=row["tenants_with_investigation"],
+            tenants_activated=row["tenants_activated"],
+            issue_rate=row["tenants_with_issue"] / total,
+            investigation_rate=row["tenants_with_investigation"] / total,
+            activation_rate=row["tenants_activated"] / total,
+        )
+
+    async def refresh_weekly_stats(self) -> None:
+        """Refresh the weekly usage stats materialized view."""
+        await self.db.execute("SELECT refresh_weekly_usage_stats()")
+        logger.info("weekly_usage_stats_refreshed")
diff --git a/python-packages/dataing/src/dataing/services/policy.py b/python-packages/dataing/src/dataing/services/policy.py
new file mode 100644
index 000000000..636d014ca
--- /dev/null
+++ b/python-packages/dataing/src/dataing/services/policy.py
@@ -0,0 +1,330 @@
+"""Policy evaluation service for triage and investigation automation.
+
+This service resolves the effective action for an issue using team rules
+and dataset/tag overrides. It follows precedence: dataset overrides > team default.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import TYPE_CHECKING
+from uuid import UUID
+
+import structlog
+
+from dataing.adapters.db.team_policy_repository import (
+    PolicyAction,
+    TeamPolicy,
+    TeamPolicyOverride,
+    TeamPolicyRepository,
+    TeamQueueLimits,
+)
+
+if TYPE_CHECKING:
+    from dataing.adapters.db.app_db import AppDatabase
+
+logger = structlog.get_logger()
+
+
+@dataclass
+class QueueConfig:
+    """Queue configuration for rate limiting and concurrency."""
+
+    rate_limit_per_minute: int = 60
+    burst_size: int = 10
+    max_concurrent: int = 5
+    batch_size: int = 5
+
+    @classmethod
+    def from_limits(cls, limits: TeamQueueLimits | None) -> QueueConfig:
+        """Create QueueConfig from TeamQueueLimits or defaults."""
+        if limits is None:
+            return cls()
+        return cls(
+            rate_limit_per_minute=limits.rate_limit_per_minute,
+            burst_size=limits.burst_size,
+            max_concurrent=limits.max_concurrent,
+            batch_size=limits.batch_size,
+        )
+
+
+@dataclass
+class PolicyResult:
+    """Result of policy evaluation for an issue."""
+
+    action: PolicyAction
+    queue_config: QueueConfig
+    source: str  # "team_default", "dataset_override", "tag_override"
+    team_id: UUID
+    policy_id: UUID | None = None
+    override_id: UUID | None = None
+    auto_investigate_min_severity: str | None = None
+    review_required_max_severity: str | None = None
+    matched_tags: list[UUID] = field(default_factory=list)
+
+
+@dataclass
+class IssueContext:
+    """Context for evaluating policy against an issue."""
+
+    team_id: UUID
+    dataset_id: str | None = None
+    tag_ids: list[UUID] = field(default_factory=list)
+    severity: str | None = None
+    source: str | None = None  # e.g., "dbt", "airflow"
+
+
+class PolicyService:
+    """Service for evaluating team policies and resolving effective actions."""
+
+    def __init__(self, db: AppDatabase) -> None:
+        """Initialize the policy service."""
+        self.db = db
+        self.repo = TeamPolicyRepository(db)
+
+    async def evaluate(self, context: IssueContext) -> PolicyResult:
+        """Evaluate policy for an issue and return the effective action.
+
+        Precedence order (highest to lowest):
+        1. Dataset-specific override (if dataset_id matches)
+        2. Tag-specific override (if any tag_id matches)
+        3. Team default policy
+        4. System defaults
+
+        Args:
+            context: Issue context including team_id, dataset_id, and tag_ids.
+
+        Returns:
+            PolicyResult with the resolved action and queue configuration.
+        """
+        team_id = context.team_id
+
+        # Get team policy
+        policy = await self.repo.get_policy_by_team(team_id)
+
+        # Get queue limits
+        queue_limits = await self.repo.get_queue_limits(team_id)
+        queue_config = QueueConfig.from_limits(queue_limits)
+
+        # Check source filter (if policy has sources set, issue source must match)
+        if policy and policy.sources and context.source:
+            if context.source not in policy.sources:
+                logger.debug(
+                    "policy_source_mismatch",
+                    team_id=str(team_id),
+                    issue_source=context.source,
+                    policy_sources=policy.sources,
+                )
+                # Source doesn't match - use defaults
+                return self._default_result(team_id, queue_config)
+
+        # Try dataset-specific override first
+        if context.dataset_id:
+            override = await self.repo.get_override_for_dataset(team_id, context.dataset_id)
+            if override and override.is_active:
+                logger.debug(
+                    "policy_dataset_override_matched",
+                    team_id=str(team_id),
+                    dataset_id=context.dataset_id,
+                    override_id=str(override.id),
+                )
+                return self._result_from_override(
+                    override=override,
+                    base_policy=policy,
+                    queue_config=queue_config,
+                    source="dataset_override",
+                )
+
+        # Try tag-specific overrides
+        if context.tag_ids:
+            overrides = await self.repo.get_overrides_for_team(team_id)
+            tag_overrides = [o for o in overrides if o.tag_id in context.tag_ids]
+            if tag_overrides:
+                # Use the first matching tag override (could prioritize by severity later)
+                override = tag_overrides[0]
+                matched_tags = [o.tag_id for o in tag_overrides if o.tag_id]
+                logger.debug(
+                    "policy_tag_override_matched",
+                    team_id=str(team_id),
+                    tag_ids=[str(t) for t in matched_tags],
+                    override_id=str(override.id),
+                )
+                return self._result_from_override(
+                    override=override,
+                    base_policy=policy,
+                    queue_config=queue_config,
+                    source="tag_override",
+                    matched_tags=[t for t in matched_tags if t is not None],
+                )
+
+        # Fall back to team default policy
+        if policy and policy.is_active:
+            action = self._resolve_action_for_severity(
+                default_action=policy.default_action,
+                severity=context.severity,
+                auto_investigate_min_severity=policy.auto_investigate_min_severity,
+                review_required_max_severity=policy.review_required_max_severity,
+            )
+            logger.debug(
+                "policy_team_default_applied",
+                team_id=str(team_id),
+                policy_id=str(policy.id),
+                action=action.value,
+            )
+            return PolicyResult(
+                action=action,
+                queue_config=queue_config,
+                source="team_default",
+                team_id=team_id,
+                policy_id=policy.id,
+                auto_investigate_min_severity=policy.auto_investigate_min_severity,
+                review_required_max_severity=policy.review_required_max_severity,
+            )
+
+        # System defaults
+        return self._default_result(team_id, queue_config)
+
+    async def get_policy_for_team(self, team_id: UUID) -> TeamPolicy | None:
+        """Get the policy for a team."""
+        return await self.repo.get_policy_by_team(team_id)
+
+    async def get_overrides_for_team(self, team_id: UUID) -> list[TeamPolicyOverride]:
+        """Get all policy overrides for a team."""
+        return await self.repo.get_overrides_for_team(team_id)
+
+    async def get_queue_config(self, team_id: UUID) -> QueueConfig:
+        """Get the queue configuration for a team."""
+        limits = await self.repo.get_queue_limits(team_id)
+        return QueueConfig.from_limits(limits)
+
+    def _result_from_override(
+        self,
+        override: TeamPolicyOverride,
+        base_policy: TeamPolicy | None,
+        queue_config: QueueConfig,
+        source: str,
+        matched_tags: list[UUID] | None = None,
+    ) -> PolicyResult:
+        """Create a PolicyResult from an override, inheriting from base policy if needed."""
+        # Get action from override, or inherit from base policy
+        action = override.default_action
+        if action is None and base_policy:
+            action = base_policy.default_action
+        if action is None:
+            action = PolicyAction.ISSUE_ONLY
+
+        # Get severity settings - prefer override, fall back to policy
+        auto_min = override.auto_investigate_min_severity
+        if auto_min is None and base_policy:
+            auto_min = base_policy.auto_investigate_min_severity
+
+        review_max = override.review_required_max_severity
+        if review_max is None and base_policy:
+            review_max = base_policy.review_required_max_severity
+
+        return PolicyResult(
+            action=action,
+            queue_config=queue_config,
+            source=source,
+            team_id=override.team_id,
+            policy_id=base_policy.id if base_policy else None,
+            override_id=override.id,
+            auto_investigate_min_severity=auto_min,
+            review_required_max_severity=review_max,
+            matched_tags=matched_tags or [],
+        )
+
+    def _resolve_action_for_severity(
+        self,
+        default_action: PolicyAction,
+        severity: str | None,
+        auto_investigate_min_severity: str | None,
+        review_required_max_severity: str | None,
+    ) -> PolicyAction:
+        """Resolve the effective action based on severity settings.
+
+        Severity levels (low to high): info, low, medium, high, critical
+
+        Args:
+            default_action: The default action from policy.
+            severity: The issue's severity level.
+            auto_investigate_min_severity: Minimum severity for auto investigation.
+            review_required_max_severity: Maximum severity that requires review.
+
+        Returns:
+            The resolved PolicyAction.
+        """
+        if severity is None:
+            return default_action
+
+        severity_order = ["info", "low", "medium", "high", "critical"]
+
+        def severity_rank(s: str) -> int:
+            try:
+                return severity_order.index(s.lower())
+            except ValueError:
+                return -1
+
+        issue_rank = severity_rank(severity)
+        if issue_rank < 0:
+            return default_action
+
+        # Check if severity triggers auto-investigation
+        if auto_investigate_min_severity:
+            auto_rank = severity_rank(auto_investigate_min_severity)
+            if auto_rank >= 0 and issue_rank >= auto_rank:
+                return PolicyAction.AUTO
+
+        # Check if severity requires review
+        if review_required_max_severity:
+            review_rank = severity_rank(review_required_max_severity)
+            if review_rank >= 0 and issue_rank <= review_rank:
+                return PolicyAction.REVIEW
+
+        return default_action
+
+    def _default_result(self, team_id: UUID, queue_config: QueueConfig) -> PolicyResult:
+        """Create a default PolicyResult when no policy is configured."""
+        return PolicyResult(
+            action=PolicyAction.ISSUE_ONLY,
+            queue_config=queue_config,
+            source="system_default",
+            team_id=team_id,
+        )
+
+
+# Convenience functions for API layer
+
+
+async def evaluate_policy_for_issue(
+    db: AppDatabase,
+    team_id: UUID,
+    dataset_id: str | None = None,
+    tag_ids: list[UUID] | None = None,
+    severity: str | None = None,
+    source: str | None = None,
+) -> PolicyResult:
+    """Evaluate policy for an issue.
+
+    This is a convenience function for use in API routes.
+
+    Args:
+        db: Application database.
+        team_id: Team ID.
+        dataset_id: Optional dataset identifier.
+        tag_ids: Optional list of tag IDs.
+        severity: Optional severity level.
+        source: Optional issue source (e.g., "dbt", "airflow").
+
+    Returns:
+        PolicyResult with the resolved action.
+    """
+    service = PolicyService(db)
+    context = IssueContext(
+        team_id=team_id,
+        dataset_id=dataset_id,
+        tag_ids=tag_ids or [],
+        severity=severity,
+        source=source,
+    )
+    return await service.evaluate(context)
diff --git a/python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py b/python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py
new file mode 100644
index 000000000..597f74bae
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/db/test_team_policy_repository.py
@@ -0,0 +1,554 @@
+"""Unit tests for TeamPolicyRepository."""
+
+from __future__ import annotations
+
+import uuid
+from contextlib import asynccontextmanager
+from datetime import UTC, datetime
+from unittest.mock import AsyncMock, MagicMock
+
+import pytest
+
+from dataing.adapters.db.app_db import AppDatabase
+from dataing.adapters.db.team_policy_repository import (
+    PolicyAction,
+    TeamPolicy,
+    TeamPolicyOverride,
+    TeamPolicyRepository,
+    TeamQueueLimits,
+)
+
+
+class TestTeamPolicyRepository:
+    """Tests for TeamPolicyRepository."""
+
+    @pytest.fixture
+    def mock_conn(self) -> AsyncMock:
+        """Return a mock connection."""
+        return AsyncMock()
+
+    @pytest.fixture
+    def mock_db(self, mock_conn: AsyncMock) -> AppDatabase:
+        """Return an AppDatabase instance with a mocked pool."""
+        db = AppDatabase(dsn="postgresql://localhost/test")
+
+        mock_pool = MagicMock()
+
+        @asynccontextmanager
+        async def mock_acquire():
+            yield mock_conn
+
+        mock_pool.acquire = mock_acquire
+        mock_pool.close = AsyncMock()
+        db.pool = mock_pool
+        return db
+
+    @pytest.fixture
+    def repo(self, mock_db: AppDatabase) -> TeamPolicyRepository:
+        """Return a TeamPolicyRepository instance."""
+        return TeamPolicyRepository(mock_db)
+
+    @pytest.fixture
+    def sample_policy_row(self) -> dict:
+        """Return a sample policy row from the database."""
+        return {
+            "id": uuid.uuid4(),
+            "org_id": uuid.uuid4(),
+            "team_id": uuid.uuid4(),
+            "sources": ["dbt", "airflow"],
+            "default_action": "auto",
+            "auto_investigate_min_severity": "high",
+            "review_required_max_severity": "critical",
+            "is_active": True,
+            "created_at": datetime.now(UTC),
+            "updated_at": datetime.now(UTC),
+        }
+
+    @pytest.fixture
+    def sample_override_row(self) -> dict:
+        """Return a sample override row from the database."""
+        return {
+            "id": uuid.uuid4(),
+            "org_id": uuid.uuid4(),
+            "team_id": uuid.uuid4(),
+            "dataset_id": "prod.analytics.orders",
+            "tag_id": None,
+            "default_action": "review",
+            "auto_investigate_min_severity": None,
+            "review_required_max_severity": None,
+            "is_active": True,
+            "created_at": datetime.now(UTC),
+            "updated_at": datetime.now(UTC),
+        }
+
+    @pytest.fixture
+    def sample_queue_limits_row(self) -> dict:
+        """Return a sample queue limits row from the database."""
+        return {
+            "id": uuid.uuid4(),
+            "org_id": uuid.uuid4(),
+            "team_id": uuid.uuid4(),
+            "rate_limit_per_minute": 120,
+            "burst_size": 20,
+            "max_concurrent": 10,
+            "batch_size": 5,
+            "is_active": True,
+            "created_at": datetime.now(UTC),
+            "updated_at": datetime.now(UTC),
+        }
+
+    # =========================================================================
+    # Team Policy Tests
+    # =========================================================================
+
+    async def test_create_policy(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test creating a team policy."""
+        mock_conn.fetchrow.return_value = sample_policy_row
+
+        org_id = sample_policy_row["org_id"]
+        team_id = sample_policy_row["team_id"]
+
+        policy = await repo.create_policy(
+            org_id=org_id,
+            team_id=team_id,
+            sources=["dbt", "airflow"],
+            default_action=PolicyAction.AUTO,
+            auto_investigate_min_severity="high",
+        )
+
+        assert isinstance(policy, TeamPolicy)
+        assert policy.org_id == org_id
+        assert policy.team_id == team_id
+        assert policy.default_action == PolicyAction.AUTO
+        assert policy.sources == ["dbt", "airflow"]
+        mock_conn.fetchrow.assert_called_once()
+
+    async def test_get_policy(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test getting a team policy by ID."""
+        mock_conn.fetchrow.return_value = sample_policy_row
+
+        policy = await repo.get_policy(sample_policy_row["id"])
+
+        assert isinstance(policy, TeamPolicy)
+        assert policy.id == sample_policy_row["id"]
+        mock_conn.fetchrow.assert_called_once()
+
+    async def test_get_policy_not_found(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test getting a non-existent policy returns None."""
+        mock_conn.fetchrow.return_value = None
+
+        policy = await repo.get_policy(uuid.uuid4())
+
+        assert policy is None
+
+    async def test_get_policy_by_team(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test getting policy by team ID."""
+        mock_conn.fetchrow.return_value = sample_policy_row
+
+        policy = await repo.get_policy_by_team(sample_policy_row["team_id"])
+
+        assert isinstance(policy, TeamPolicy)
+        assert policy.team_id == sample_policy_row["team_id"]
+
+    async def test_list_policies(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test listing policies for an organization."""
+        mock_conn.fetch.return_value = [sample_policy_row]
+
+        policies = await repo.list_policies(sample_policy_row["org_id"])
+
+        assert len(policies) == 1
+        assert isinstance(policies[0], TeamPolicy)
+
+    async def test_update_policy(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test updating a team policy."""
+        updated_row = {**sample_policy_row, "default_action": "review"}
+        mock_conn.fetchrow.return_value = updated_row
+
+        policy = await repo.update_policy(
+            sample_policy_row["id"],
+            default_action=PolicyAction.REVIEW,
+        )
+
+        assert policy is not None
+        assert policy.default_action == PolicyAction.REVIEW
+
+    async def test_update_policy_no_changes(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_policy_row: dict,
+    ) -> None:
+        """Test updating a policy with no changes returns existing policy."""
+        mock_conn.fetchrow.return_value = sample_policy_row
+
+        policy = await repo.update_policy(sample_policy_row["id"])
+
+        assert policy is not None
+        # Should call get_policy instead of update
+        mock_conn.fetchrow.assert_called_once()
+
+    async def test_delete_policy(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test deleting a team policy."""
+        mock_conn.execute.return_value = "DELETE 1"
+
+        result = await repo.delete_policy(uuid.uuid4())
+
+        assert result is True
+
+    async def test_delete_policy_not_found(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test deleting a non-existent policy returns False."""
+        mock_conn.execute.return_value = "DELETE 0"
+
+        result = await repo.delete_policy(uuid.uuid4())
+
+        assert result is False
+
+    # =========================================================================
+    # Policy Override Tests
+    # =========================================================================
+
+    async def test_create_override_with_dataset(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_override_row: dict,
+    ) -> None:
+        """Test creating an override for a dataset."""
+        mock_conn.fetchrow.return_value = sample_override_row
+
+        override = await repo.create_override(
+            org_id=sample_override_row["org_id"],
+            team_id=sample_override_row["team_id"],
+            dataset_id="prod.analytics.orders",
+            default_action=PolicyAction.REVIEW,
+        )
+
+        assert isinstance(override, TeamPolicyOverride)
+        assert override.dataset_id == "prod.analytics.orders"
+        assert override.tag_id is None
+
+    async def test_create_override_with_tag(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test creating an override for a tag."""
+        tag_id = uuid.uuid4()
+        override_row = {
+            "id": uuid.uuid4(),
+            "org_id": uuid.uuid4(),
+            "team_id": uuid.uuid4(),
+            "dataset_id": None,
+            "tag_id": tag_id,
+            "default_action": "issue_only",
+            "auto_investigate_min_severity": None,
+            "review_required_max_severity": None,
+            "is_active": True,
+            "created_at": datetime.now(UTC),
+            "updated_at": datetime.now(UTC),
+        }
+        mock_conn.fetchrow.return_value = override_row
+
+        override = await repo.create_override(
+            org_id=override_row["org_id"],
+            team_id=override_row["team_id"],
+            tag_id=tag_id,
+            default_action=PolicyAction.ISSUE_ONLY,
+        )
+
+        assert isinstance(override, TeamPolicyOverride)
+        assert override.tag_id == tag_id
+        assert override.dataset_id is None
+
+    async def test_create_override_requires_one_selector(
+        self,
+        repo: TeamPolicyRepository,
+    ) -> None:
+        """Test that exactly one of dataset_id or tag_id must be set."""
+        with pytest.raises(ValueError, match="Exactly one"):
+            await repo.create_override(
+                org_id=uuid.uuid4(),
+                team_id=uuid.uuid4(),
+                # Neither dataset_id nor tag_id provided
+            )
+
+        with pytest.raises(ValueError, match="Exactly one"):
+            await repo.create_override(
+                org_id=uuid.uuid4(),
+                team_id=uuid.uuid4(),
+                dataset_id="some.dataset",
+                tag_id=uuid.uuid4(),  # Both provided
+            )
+
+    async def test_get_override(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_override_row: dict,
+    ) -> None:
+        """Test getting an override by ID."""
+        mock_conn.fetchrow.return_value = sample_override_row
+
+        override = await repo.get_override(sample_override_row["id"])
+
+        assert isinstance(override, TeamPolicyOverride)
+        assert override.id == sample_override_row["id"]
+
+    async def test_get_overrides_for_team(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_override_row: dict,
+    ) -> None:
+        """Test getting all overrides for a team."""
+        mock_conn.fetch.return_value = [sample_override_row]
+
+        overrides = await repo.get_overrides_for_team(sample_override_row["team_id"])
+
+        assert len(overrides) == 1
+        assert isinstance(overrides[0], TeamPolicyOverride)
+
+    async def test_get_override_for_dataset(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_override_row: dict,
+    ) -> None:
+        """Test getting override for a specific dataset."""
+        mock_conn.fetchrow.return_value = sample_override_row
+
+        override = await repo.get_override_for_dataset(
+            team_id=sample_override_row["team_id"],
+            dataset_id="prod.analytics.orders",
+        )
+
+        assert override is not None
+        assert override.dataset_id == "prod.analytics.orders"
+
+    async def test_update_override(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_override_row: dict,
+    ) -> None:
+        """Test updating a policy override."""
+        updated_row = {**sample_override_row, "default_action": "auto"}
+        mock_conn.fetchrow.return_value = updated_row
+
+        override = await repo.update_override(
+            sample_override_row["id"],
+            default_action=PolicyAction.AUTO,
+        )
+
+        assert override is not None
+        assert override.default_action == PolicyAction.AUTO
+
+    async def test_delete_override(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test deleting a policy override."""
+        mock_conn.execute.return_value = "DELETE 1"
+
+        result = await repo.delete_override(uuid.uuid4())
+
+        assert result is True
+
+    # =========================================================================
+    # Queue Limits Tests
+    # =========================================================================
+
+    async def test_create_queue_limits(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_queue_limits_row: dict,
+    ) -> None:
+        """Test creating queue limits for a team."""
+        mock_conn.fetchrow.return_value = sample_queue_limits_row
+
+        limits = await repo.create_queue_limits(
+            org_id=sample_queue_limits_row["org_id"],
+            team_id=sample_queue_limits_row["team_id"],
+            rate_limit_per_minute=120,
+            burst_size=20,
+            max_concurrent=10,
+        )
+
+        assert isinstance(limits, TeamQueueLimits)
+        assert limits.rate_limit_per_minute == 120
+        assert limits.burst_size == 20
+        assert limits.max_concurrent == 10
+
+    async def test_get_queue_limits(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_queue_limits_row: dict,
+    ) -> None:
+        """Test getting queue limits for a team."""
+        mock_conn.fetchrow.return_value = sample_queue_limits_row
+
+        limits = await repo.get_queue_limits(sample_queue_limits_row["team_id"])
+
+        assert isinstance(limits, TeamQueueLimits)
+        assert limits.team_id == sample_queue_limits_row["team_id"]
+
+    async def test_get_queue_limits_not_found(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test getting queue limits when none exist."""
+        mock_conn.fetchrow.return_value = None
+
+        limits = await repo.get_queue_limits(uuid.uuid4())
+
+        assert limits is None
+
+    async def test_update_queue_limits(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+        sample_queue_limits_row: dict,
+    ) -> None:
+        """Test updating queue limits."""
+        updated_row = {**sample_queue_limits_row, "rate_limit_per_minute": 200}
+        mock_conn.fetchrow.return_value = updated_row
+
+        limits = await repo.update_queue_limits(
+            team_id=sample_queue_limits_row["team_id"],
+            rate_limit_per_minute=200,
+        )
+
+        assert limits is not None
+        assert limits.rate_limit_per_minute == 200
+
+    # =========================================================================
+    # Dataset Tags Tests
+    # =========================================================================
+
+    async def test_add_dataset_tag(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test adding a tag to a dataset."""
+        mock_conn.execute.return_value = "INSERT 0 1"
+
+        dataset_id = uuid.uuid4()
+        tag_id = uuid.uuid4()
+
+        await repo.add_dataset_tag(dataset_id, tag_id)
+
+        mock_conn.execute.assert_called_once()
+
+    async def test_remove_dataset_tag(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test removing a tag from a dataset."""
+        mock_conn.execute.return_value = "DELETE 1"
+
+        result = await repo.remove_dataset_tag(uuid.uuid4(), uuid.uuid4())
+
+        assert result is True
+
+    async def test_remove_dataset_tag_not_found(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test removing a non-existent tag returns False."""
+        mock_conn.execute.return_value = "DELETE 0"
+
+        result = await repo.remove_dataset_tag(uuid.uuid4(), uuid.uuid4())
+
+        assert result is False
+
+    async def test_get_dataset_tags(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test getting all tags for a dataset."""
+        tag1 = uuid.uuid4()
+        tag2 = uuid.uuid4()
+        mock_conn.fetch.return_value = [{"tag_id": tag1}, {"tag_id": tag2}]
+
+        tags = await repo.get_dataset_tags(uuid.uuid4())
+
+        assert len(tags) == 2
+        assert tag1 in tags
+        assert tag2 in tags
+
+    async def test_get_datasets_by_tag(
+        self,
+        repo: TeamPolicyRepository,
+        mock_conn: AsyncMock,
+    ) -> None:
+        """Test getting all datasets with a specific tag."""
+        ds1 = uuid.uuid4()
+        ds2 = uuid.uuid4()
+        mock_conn.fetch.return_value = [{"dataset_id": ds1}, {"dataset_id": ds2}]
+
+        datasets = await repo.get_datasets_by_tag(uuid.uuid4())
+
+        assert len(datasets) == 2
+        assert ds1 in datasets
+        assert ds2 in datasets
+
+
+class TestPolicyAction:
+    """Tests for PolicyAction enum."""
+
+    def test_policy_action_values(self) -> None:
+        """Test PolicyAction enum has expected values."""
+        assert PolicyAction.AUTO.value == "auto"
+        assert PolicyAction.REVIEW.value == "review"
+        assert PolicyAction.ISSUE_ONLY.value == "issue_only"
+
+    def test_policy_action_from_string(self) -> None:
+        """Test creating PolicyAction from string value."""
+        assert PolicyAction("auto") == PolicyAction.AUTO
+        assert PolicyAction("review") == PolicyAction.REVIEW
+        assert PolicyAction("issue_only") == PolicyAction.ISSUE_ONLY
diff --git a/python-packages/dataing/tests/unit/adapters/queue/__init__.py b/python-packages/dataing/tests/unit/adapters/queue/__init__.py
new file mode 100644
index 000000000..76b0cfe77
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/queue/__init__.py
@@ -0,0 +1 @@
+"""Queue adapter tests."""
diff --git a/python-packages/dataing/tests/unit/adapters/queue/test_investigation_queue.py b/python-packages/dataing/tests/unit/adapters/queue/test_investigation_queue.py
new file mode 100644
index 000000000..fcdde7f14
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/queue/test_investigation_queue.py
@@ -0,0 +1,268 @@
+"""Unit tests for InvestigationQueue."""
+
+from __future__ import annotations
+
+import uuid
+from datetime import UTC, datetime
+from unittest.mock import AsyncMock
+
+import pytest
+
+from dataing.adapters.queue.investigation_queue import (
+    InvestigationJob,
+    InvestigationQueue,
+    InvestigationQueueConfig,
+    JobStatus,
+)
+
+
+class TestInvestigationJob:
+    """Tests for InvestigationJob."""
+
+    def test_job_to_dict(self) -> None:
+        """Test job serialization."""
+        job = InvestigationJob(
+            job_id="job-123",
+            team_id=uuid.uuid4(),
+            tenant_id=uuid.uuid4(),
+            issue_id=uuid.uuid4(),
+            datasource_id=uuid.uuid4(),
+            alert_data={"type": "test"},
+            alert_summary="Test alert",
+            priority=5,
+        )
+
+        data = job.to_dict()
+
+        assert data["job_id"] == "job-123"
+        assert data["priority"] == 5
+        assert data["alert_data"] == {"type": "test"}
+        assert data["retry_count"] == 0
+
+    def test_job_from_dict(self) -> None:
+        """Test job deserialization."""
+        team_id = uuid.uuid4()
+        tenant_id = uuid.uuid4()
+        issue_id = uuid.uuid4()
+        datasource_id = uuid.uuid4()
+        now = datetime.now(UTC)
+
+        data = {
+            "job_id": "job-456",
+            "team_id": str(team_id),
+            "tenant_id": str(tenant_id),
+            "issue_id": str(issue_id),
+            "datasource_id": str(datasource_id),
+            "alert_data": {"severity": "high"},
+            "alert_summary": "High severity alert",
+            "priority": 10,
+            "retry_count": 2,
+            "max_retries": 5,
+            "created_at": now.isoformat(),
+            "next_retry_at": None,
+        }
+
+        job = InvestigationJob.from_dict(data)
+
+        assert job.job_id == "job-456"
+        assert job.team_id == team_id
+        assert job.priority == 10
+        assert job.retry_count == 2
+
+    def test_job_defaults(self) -> None:
+        """Test job default values."""
+        job = InvestigationJob(
+            job_id="job-789",
+            team_id=uuid.uuid4(),
+            tenant_id=uuid.uuid4(),
+            issue_id=uuid.uuid4(),
+            datasource_id=uuid.uuid4(),
+            alert_data={},
+            alert_summary="",
+        )
+
+        assert job.priority == 0
+        assert job.retry_count == 0
+        assert job.max_retries == 3
+
+
+class TestInvestigationQueue:
+    """Tests for InvestigationQueue."""
+
+    @pytest.fixture
+    def mock_redis(self) -> AsyncMock:
+        """Create a mock Redis client."""
+        mock = AsyncMock()
+        # Set up default return values
+        mock.set = AsyncMock()
+        mock.get = AsyncMock(return_value=None)
+        mock.zadd = AsyncMock()
+        mock.zrange = AsyncMock(return_value=[])
+        mock.zrem = AsyncMock()
+        mock.sadd = AsyncMock()
+        mock.smembers = AsyncMock(return_value=set())
+        mock.zcard = AsyncMock(return_value=0)
+        mock.srem = AsyncMock()
+        mock.expire = AsyncMock()
+        mock.delete = AsyncMock()
+        return mock
+
+    @pytest.fixture
+    def queue(self, mock_redis: AsyncMock) -> InvestigationQueue:
+        """Create a queue with mock Redis."""
+        return InvestigationQueue(mock_redis, InvestigationQueueConfig())
+
+    @pytest.fixture
+    def sample_job(self) -> InvestigationJob:
+        """Create a sample job."""
+        return InvestigationJob(
+            job_id="test-job-1",
+            team_id=uuid.uuid4(),
+            tenant_id=uuid.uuid4(),
+            issue_id=uuid.uuid4(),
+            datasource_id=uuid.uuid4(),
+            alert_data={"test": "data"},
+            alert_summary="Test alert",
+            priority=5,
+        )
+
+    async def test_enqueue_stores_job(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock, sample_job: InvestigationJob
+    ) -> None:
+        """Test that enqueue stores job data."""
+        await queue.enqueue(sample_job)
+
+        # Verify job data was stored
+        mock_redis.set.assert_called()
+        # Verify status was set to pending
+        calls = mock_redis.set.call_args_list
+        assert any(JobStatus.PENDING.value in str(call) for call in calls)
+        # Verify added to team queue
+        mock_redis.zadd.assert_called()
+        # Verify team tracked
+        mock_redis.sadd.assert_called()
+
+    async def test_dequeue_returns_jobs(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock, sample_job: InvestigationJob
+    ) -> None:
+        """Test that dequeue returns jobs."""
+        import json
+
+        # Set up mock to return job
+        mock_redis.zrange.return_value = [sample_job.job_id]
+        mock_redis.get.return_value = json.dumps(sample_job.to_dict())
+
+        jobs = await queue.dequeue(sample_job.team_id, batch_size=1)
+
+        assert len(jobs) == 1
+        assert jobs[0].job_id == sample_job.job_id
+        # Verify job was removed from queue
+        mock_redis.zrem.assert_called()
+
+    async def test_dequeue_marks_as_processing(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock, sample_job: InvestigationJob
+    ) -> None:
+        """Test that dequeue marks jobs as processing."""
+        import json
+
+        mock_redis.zrange.return_value = [sample_job.job_id]
+        mock_redis.get.return_value = json.dumps(sample_job.to_dict())
+
+        await queue.dequeue(sample_job.team_id, batch_size=1)
+
+        # Verify status was set to processing
+        calls = mock_redis.set.call_args_list
+        assert any(JobStatus.PROCESSING.value in str(call) for call in calls)
+
+    async def test_complete_marks_job_done(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock
+    ) -> None:
+        """Test that complete marks job as completed."""
+        await queue.complete("test-job")
+
+        # Verify status was set to completed
+        calls = mock_redis.set.call_args_list
+        assert any(JobStatus.COMPLETED.value in str(call) for call in calls)
+        # Verify expiry was set
+        mock_redis.expire.assert_called()
+
+    async def test_fail_retries_job(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock, sample_job: InvestigationJob
+    ) -> None:
+        """Test that fail schedules retry when retries remain."""
+        import json
+
+        mock_redis.get.return_value = json.dumps(sample_job.to_dict())
+
+        await queue.fail(sample_job, "Test error")
+
+        # Verify retry count incremented
+        assert sample_job.retry_count == 1
+        # Verify status set to retrying
+        calls = mock_redis.set.call_args_list
+        assert any(JobStatus.RETRYING.value in str(call) for call in calls)
+        # Verify added to retry queue
+        mock_redis.zadd.assert_called()
+
+    async def test_fail_permanent_after_max_retries(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock, sample_job: InvestigationJob
+    ) -> None:
+        """Test that fail marks as failed after max retries."""
+        sample_job.retry_count = sample_job.max_retries
+
+        await queue.fail(sample_job, "Final error")
+
+        # Verify status set to failed
+        calls = mock_redis.set.call_args_list
+        assert any(JobStatus.FAILED.value in str(call) for call in calls)
+
+    async def test_get_status(self, queue: InvestigationQueue, mock_redis: AsyncMock) -> None:
+        """Test getting job status."""
+        mock_redis.get.return_value = JobStatus.PROCESSING.value
+
+        status = await queue.get_status("test-job")
+
+        assert status == JobStatus.PROCESSING
+
+    async def test_get_status_not_found(
+        self, queue: InvestigationQueue, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting status for nonexistent job."""
+        mock_redis.get.return_value = None
+
+        status = await queue.get_status("nonexistent")
+
+        assert status is None
+
+    async def test_get_queue_length(self, queue: InvestigationQueue, mock_redis: AsyncMock) -> None:
+        """Test getting queue length for a team."""
+        mock_redis.zcard.return_value = 5
+        team_id = uuid.uuid4()
+
+        length = await queue.get_queue_length(team_id)
+
+        assert length == 5
+
+    async def test_get_active_teams(self, queue: InvestigationQueue, mock_redis: AsyncMock) -> None:
+        """Test getting active teams."""
+        team1 = uuid.uuid4()
+        team2 = uuid.uuid4()
+        mock_redis.smembers.return_value = {str(team1), str(team2)}
+
+        teams = await queue.get_active_teams()
+
+        assert len(teams) == 2
+        assert team1 in teams
+        assert team2 in teams
+
+
+class TestJobStatus:
+    """Tests for JobStatus enum."""
+
+    def test_status_values(self) -> None:
+        """Test status enum values."""
+        assert JobStatus.PENDING.value == "pending"
+        assert JobStatus.PROCESSING.value == "processing"
+        assert JobStatus.COMPLETED.value == "completed"
+        assert JobStatus.FAILED.value == "failed"
+        assert JobStatus.RETRYING.value == "retrying"
diff --git a/python-packages/dataing/tests/unit/adapters/queue/test_redis_rate_limiter.py b/python-packages/dataing/tests/unit/adapters/queue/test_redis_rate_limiter.py
new file mode 100644
index 000000000..3127a35a8
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/queue/test_redis_rate_limiter.py
@@ -0,0 +1,203 @@
+"""Unit tests for RedisRateLimiter."""
+
+from __future__ import annotations
+
+import uuid
+from unittest.mock import AsyncMock
+
+import pytest
+
+from dataing.adapters.queue.redis_rate_limiter import RateLimitResult, RedisRateLimiter
+from dataing.services.policy import QueueConfig
+
+
+class TestRateLimitResult:
+    """Tests for RateLimitResult."""
+
+    def test_allowed_result(self) -> None:
+        """Test allowed rate limit result."""
+        result = RateLimitResult(
+            allowed=True,
+            remaining=50,
+            limit=60,
+        )
+
+        assert result.allowed is True
+        assert result.remaining == 50
+        assert result.limit == 60
+        assert result.retry_after is None
+
+    def test_denied_result(self) -> None:
+        """Test denied rate limit result."""
+        result = RateLimitResult(
+            allowed=False,
+            remaining=0,
+            limit=60,
+            retry_after=30.0,
+        )
+
+        assert result.allowed is False
+        assert result.remaining == 0
+        assert result.retry_after == 30.0
+
+
+class TestRedisRateLimiter:
+    """Tests for RedisRateLimiter."""
+
+    @pytest.fixture
+    def mock_redis(self) -> AsyncMock:
+        """Create a mock Redis client."""
+        mock = AsyncMock()
+        mock.script_load = AsyncMock(return_value="script-sha-123")
+        mock.evalsha = AsyncMock(return_value=[1, 59])  # allowed, remaining
+        mock.zrange = AsyncMock(return_value=[])
+        mock.zcount = AsyncMock(return_value=0)
+        mock.delete = AsyncMock()
+        return mock
+
+    @pytest.fixture
+    def rate_limiter(self, mock_redis: AsyncMock) -> RedisRateLimiter:
+        """Create a rate limiter with mock Redis."""
+        return RedisRateLimiter(mock_redis)
+
+    @pytest.fixture
+    def queue_config(self) -> QueueConfig:
+        """Create a queue configuration."""
+        return QueueConfig(
+            rate_limit_per_minute=60,
+            burst_size=10,
+            max_concurrent=5,
+            batch_size=5,
+        )
+
+    async def test_check_and_consume_allowed(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test rate limit check when allowed."""
+        mock_redis.evalsha.return_value = [1, 55]  # allowed, 55 remaining
+        team_id = uuid.uuid4()
+
+        result = await rate_limiter.check_and_consume(team_id, queue_config, tokens=5)
+
+        assert result.allowed is True
+        assert result.remaining == 55
+        assert result.limit == 60
+
+    async def test_check_and_consume_denied(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test rate limit check when denied."""
+        mock_redis.evalsha.return_value = [0, 0]  # denied
+        mock_redis.zrange.return_value = []
+        team_id = uuid.uuid4()
+
+        result = await rate_limiter.check_and_consume(team_id, queue_config, tokens=5)
+
+        assert result.allowed is False
+        assert result.remaining == 0
+        assert result.retry_after is not None
+        assert result.retry_after >= 0
+
+    async def test_check_and_consume_loads_script(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test that rate limiter loads Lua script."""
+        team_id = uuid.uuid4()
+
+        await rate_limiter.check_and_consume(team_id, queue_config)
+
+        mock_redis.script_load.assert_called_once()
+
+    async def test_check_and_consume_reuses_script(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test that rate limiter reuses loaded script."""
+        team_id = uuid.uuid4()
+
+        # First call loads script
+        await rate_limiter.check_and_consume(team_id, queue_config)
+        # Second call should reuse
+        await rate_limiter.check_and_consume(team_id, queue_config)
+
+        # Script should only be loaded once
+        assert mock_redis.script_load.call_count == 1
+
+    async def test_check_and_consume_fails_open(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test that rate limiter fails open on Redis errors."""
+        mock_redis.evalsha.side_effect = Exception("Redis error")
+        team_id = uuid.uuid4()
+
+        result = await rate_limiter.check_and_consume(team_id, queue_config)
+
+        # Should allow request when Redis fails
+        assert result.allowed is True
+        assert result.remaining == queue_config.rate_limit_per_minute
+
+    async def test_get_remaining(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test getting remaining tokens."""
+        mock_redis.zcount.return_value = 10  # 10 requests in window
+        team_id = uuid.uuid4()
+
+        remaining = await rate_limiter.get_remaining(team_id, queue_config)
+
+        assert remaining == 50  # 60 - 10
+
+    async def test_get_remaining_at_limit(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+        queue_config: QueueConfig,
+    ) -> None:
+        """Test getting remaining when at limit."""
+        mock_redis.zcount.return_value = 70  # Over limit
+        team_id = uuid.uuid4()
+
+        remaining = await rate_limiter.get_remaining(team_id, queue_config)
+
+        assert remaining == 0  # Can't go negative
+
+    async def test_reset(
+        self,
+        rate_limiter: RedisRateLimiter,
+        mock_redis: AsyncMock,
+    ) -> None:
+        """Test resetting rate limit for a team."""
+        team_id = uuid.uuid4()
+
+        await rate_limiter.reset(team_id)
+
+        mock_redis.delete.assert_called_once()
+
+    async def test_team_key_format(
+        self,
+        rate_limiter: RedisRateLimiter,
+    ) -> None:
+        """Test that team keys are formatted correctly."""
+        team_id = uuid.uuid4()
+
+        key = rate_limiter._team_key(team_id)
+
+        assert str(team_id) in key
+        assert "rate_limit" in key
diff --git a/python-packages/dataing/tests/unit/adapters/sse/__init__.py b/python-packages/dataing/tests/unit/adapters/sse/__init__.py
new file mode 100644
index 000000000..c883b7ff5
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/sse/__init__.py
@@ -0,0 +1 @@
+"""SSE adapter tests."""
diff --git a/python-packages/dataing/tests/unit/adapters/sse/test_redis_event_store.py b/python-packages/dataing/tests/unit/adapters/sse/test_redis_event_store.py
new file mode 100644
index 000000000..d124b6dc8
--- /dev/null
+++ b/python-packages/dataing/tests/unit/adapters/sse/test_redis_event_store.py
@@ -0,0 +1,399 @@
+"""Unit tests for RedisSSEEventStore."""
+
+from __future__ import annotations
+
+import json
+from datetime import UTC, datetime, timedelta
+from unittest.mock import AsyncMock
+
+import pytest
+
+from dataing.adapters.sse.redis_event_store import (
+    InMemoryFallbackSSEEventStore,
+    RedisSSEEventStore,
+    RunMetadata,
+    SSEEvent,
+    SSEEventStoreConfig,
+)
+
+
+class TestSSEEvent:
+    """Tests for SSEEvent."""
+
+    def test_event_to_dict(self) -> None:
+        """Test event serialization."""
+        event = SSEEvent(
+            seq=1,
+            event="run_started",
+            run_id="test-run-1",
+            data={"goal": "test goal"},
+            timestamp="2024-01-01T00:00:00+00:00",
+        )
+
+        data = event.to_dict()
+
+        assert data["seq"] == 1
+        assert data["event"] == "run_started"
+        assert data["run_id"] == "test-run-1"
+        assert data["data"] == {"goal": "test goal"}
+
+    def test_event_from_dict(self) -> None:
+        """Test event deserialization."""
+        data = {
+            "seq": 2,
+            "event": "run_completed",
+            "run_id": "test-run-2",
+            "data": {"result": "success"},
+            "timestamp": "2024-01-01T00:00:00+00:00",
+        }
+
+        event = SSEEvent.from_dict(data)
+
+        assert event.seq == 2
+        assert event.event == "run_completed"
+        assert event.run_id == "test-run-2"
+
+
+class TestRunMetadata:
+    """Tests for RunMetadata."""
+
+    def test_metadata_to_dict(self) -> None:
+        """Test metadata serialization."""
+        metadata = RunMetadata(
+            run_id="test-run",
+            bundle_id="bundle-1",
+            bundle_hash="hash123",
+            status="running",
+            goal="test goal",
+            tenant_id="tenant-1",
+        )
+
+        data = metadata.to_dict()
+
+        assert data["run_id"] == "test-run"
+        assert data["bundle_id"] == "bundle-1"
+        assert data["status"] == "running"
+
+    def test_metadata_from_dict(self) -> None:
+        """Test metadata deserialization."""
+        data = {
+            "run_id": "test-run",
+            "bundle_id": "bundle-1",
+            "bundle_hash": "hash123",
+            "status": "completed",
+            "goal": "test goal",
+            "created_at": "2024-01-01T00:00:00",
+            "completed_at": "2024-01-01T00:01:00",
+            "tenant_id": "tenant-1",
+        }
+
+        metadata = RunMetadata.from_dict(data)
+
+        assert metadata.run_id == "test-run"
+        assert metadata.status == "completed"
+        assert metadata.completed_at == "2024-01-01T00:01:00"
+
+
+class TestRedisSSEEventStore:
+    """Tests for RedisSSEEventStore."""
+
+    @pytest.fixture
+    def mock_redis(self) -> AsyncMock:
+        """Create a mock Redis client."""
+        mock = AsyncMock()
+        mock.incr = AsyncMock(return_value=1)
+        mock.zadd = AsyncMock()
+        mock.zrangebyscore = AsyncMock(return_value=[])
+        mock.expire = AsyncMock()
+        mock.hset = AsyncMock()
+        mock.hgetall = AsyncMock(return_value={})
+        mock.exists = AsyncMock(return_value=0)
+        mock.get = AsyncMock(return_value=None)
+        mock.delete = AsyncMock()
+        return mock
+
+    @pytest.fixture
+    def event_store(self, mock_redis: AsyncMock) -> RedisSSEEventStore:
+        """Create an event store with mock Redis."""
+        return RedisSSEEventStore(mock_redis, SSEEventStoreConfig())
+
+    async def test_store_event(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test storing an event."""
+        seq = await event_store.store_event(
+            run_id="test-run",
+            event_type="run_started",
+            data={"goal": "test"},
+        )
+
+        assert seq == 1
+        mock_redis.incr.assert_called()
+        mock_redis.zadd.assert_called()
+        mock_redis.expire.assert_called()
+
+    async def test_store_event_increments_seq(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test that storing events increments sequence."""
+        mock_redis.incr.side_effect = [1, 2, 3]
+
+        seq1 = await event_store.store_event("run-1", "event1", {})
+        seq2 = await event_store.store_event("run-1", "event2", {})
+        seq3 = await event_store.store_event("run-1", "event3", {})
+
+        assert seq1 == 1
+        assert seq2 == 2
+        assert seq3 == 3
+
+    async def test_get_events_after(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting events after a sequence."""
+        event1 = {"seq": 2, "event": "progress", "run_id": "run-1", "data": {}, "timestamp": ""}
+        event2 = {"seq": 3, "event": "completed", "run_id": "run-1", "data": {}, "timestamp": ""}
+        mock_redis.zrangebyscore.return_value = [
+            json.dumps(event1).encode(),
+            json.dumps(event2).encode(),
+        ]
+
+        events = await event_store.get_events_after("run-1", after_seq=1)
+
+        assert len(events) == 2
+        assert events[0]["seq"] == 2
+        assert events[1]["seq"] == 3
+
+    async def test_get_events_after_empty(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting events when none exist after sequence."""
+        mock_redis.zrangebyscore.return_value = []
+
+        events = await event_store.get_events_after("run-1", after_seq=10)
+
+        assert events == []
+
+    async def test_store_metadata(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test storing run metadata."""
+        metadata = RunMetadata(
+            run_id="test-run",
+            status="running",
+            goal="test goal",
+        )
+
+        await event_store.store_metadata("test-run", metadata)
+
+        mock_redis.hset.assert_called()
+        mock_redis.expire.assert_called()
+
+    async def test_get_metadata(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting run metadata."""
+        mock_redis.hgetall.return_value = {
+            b"run_id": b"test-run",
+            b"status": b"completed",
+            b"goal": b"test goal",
+            b"created_at": b"2024-01-01T00:00:00",
+            b"completed_at": b"",
+            b"bundle_id": b"",
+            b"bundle_hash": b"",
+            b"tenant_id": b"",
+        }
+
+        metadata = await event_store.get_metadata("test-run")
+
+        assert metadata is not None
+        assert metadata.run_id == "test-run"
+        assert metadata.status == "completed"
+
+    async def test_get_metadata_not_found(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting metadata for nonexistent run."""
+        mock_redis.hgetall.return_value = {}
+
+        metadata = await event_store.get_metadata("nonexistent")
+
+        assert metadata is None
+
+    async def test_update_status(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test updating run status."""
+        await event_store.update_status("test-run", "completed", "2024-01-01T00:00:00")
+
+        mock_redis.hset.assert_called()
+
+    async def test_is_replay_window_expired_no_metadata(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test replay window check when no metadata exists."""
+        mock_redis.hgetall.return_value = {}
+
+        expired = await event_store.is_replay_window_expired("test-run")
+
+        assert expired is True
+
+    async def test_is_replay_window_expired_still_running(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test replay window for still-running job."""
+        mock_redis.hgetall.return_value = {
+            b"run_id": b"test-run",
+            b"status": b"running",
+            b"completed_at": b"",
+            b"created_at": b"",
+            b"goal": b"",
+            b"bundle_id": b"",
+            b"bundle_hash": b"",
+            b"tenant_id": b"",
+        }
+
+        expired = await event_store.is_replay_window_expired("test-run")
+
+        assert expired is False
+
+    async def test_is_replay_window_expired_recently_completed(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test replay window for recently completed job."""
+        recent_time = datetime.now(UTC).isoformat()
+        mock_redis.hgetall.return_value = {
+            b"run_id": b"test-run",
+            b"status": b"completed",
+            b"completed_at": recent_time.encode(),
+            b"created_at": b"",
+            b"goal": b"",
+            b"bundle_id": b"",
+            b"bundle_hash": b"",
+            b"tenant_id": b"",
+        }
+
+        expired = await event_store.is_replay_window_expired("test-run")
+
+        assert expired is False
+
+    async def test_is_replay_window_expired_old_completion(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test replay window for job completed long ago."""
+        old_time = (datetime.now(UTC) - timedelta(minutes=10)).isoformat()
+        mock_redis.hgetall.return_value = {
+            b"run_id": b"test-run",
+            b"status": b"completed",
+            b"completed_at": old_time.encode(),
+            b"created_at": b"",
+            b"goal": b"",
+            b"bundle_id": b"",
+            b"bundle_hash": b"",
+            b"tenant_id": b"",
+        }
+
+        expired = await event_store.is_replay_window_expired("test-run")
+
+        assert expired is True
+
+    async def test_exists(self, event_store: RedisSSEEventStore, mock_redis: AsyncMock) -> None:
+        """Test checking if run exists."""
+        mock_redis.exists.return_value = 1
+
+        exists = await event_store.exists("test-run")
+
+        assert exists is True
+
+    async def test_not_exists(self, event_store: RedisSSEEventStore, mock_redis: AsyncMock) -> None:
+        """Test checking if run does not exist."""
+        mock_redis.exists.return_value = 0
+
+        exists = await event_store.exists("nonexistent")
+
+        assert exists is False
+
+    async def test_get_latest_seq(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting latest sequence number."""
+        mock_redis.get.return_value = b"5"
+
+        seq = await event_store.get_latest_seq("test-run")
+
+        assert seq == 5
+
+    async def test_get_latest_seq_not_found(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test getting latest sequence when no events."""
+        mock_redis.get.return_value = None
+
+        seq = await event_store.get_latest_seq("nonexistent")
+
+        assert seq == 0
+
+    async def test_cleanup_run(
+        self, event_store: RedisSSEEventStore, mock_redis: AsyncMock
+    ) -> None:
+        """Test cleaning up run data."""
+        await event_store.cleanup_run("test-run")
+
+        mock_redis.delete.assert_called()
+
+
+class TestInMemoryFallbackSSEEventStore:
+    """Tests for InMemoryFallbackSSEEventStore."""
+
+    @pytest.fixture
+    def store(self) -> InMemoryFallbackSSEEventStore:
+        """Create an in-memory store."""
+        return InMemoryFallbackSSEEventStore()
+
+    async def test_store_and_retrieve_events(self, store: InMemoryFallbackSSEEventStore) -> None:
+        """Test storing and retrieving events."""
+        seq1 = await store.store_event("run-1", "started", {"goal": "test"})
+        seq2 = await store.store_event("run-1", "progress", {"step": 1})
+        seq3 = await store.store_event("run-1", "completed", {})
+
+        assert seq1 == 1
+        assert seq2 == 2
+        assert seq3 == 3
+
+        events = await store.get_events_after("run-1", 0)
+        assert len(events) == 3
+
+        events = await store.get_events_after("run-1", 2)
+        assert len(events) == 1
+        assert events[0]["seq"] == 3
+
+    async def test_store_and_retrieve_metadata(self, store: InMemoryFallbackSSEEventStore) -> None:
+        """Test storing and retrieving metadata."""
+        metadata = RunMetadata(run_id="run-1", status="running")
+        await store.store_metadata("run-1", metadata)
+
+        retrieved = await store.get_metadata("run-1")
+        assert retrieved is not None
+        assert retrieved.status == "running"
+
+    async def test_update_status(self, store: InMemoryFallbackSSEEventStore) -> None:
+        """Test updating status."""
+        metadata = RunMetadata(run_id="run-1", status="running")
+        await store.store_metadata("run-1", metadata)
+
+        await store.update_status("run-1", "completed", "2024-01-01T00:00:00")
+
+        retrieved = await store.get_metadata("run-1")
+        assert retrieved is not None
+        assert retrieved.status == "completed"
+        assert retrieved.completed_at == "2024-01-01T00:00:00"
+
+    async def test_cleanup(self, store: InMemoryFallbackSSEEventStore) -> None:
+        """Test cleanup."""
+        await store.store_event("run-1", "started", {})
+        metadata = RunMetadata(run_id="run-1", status="running")
+        await store.store_metadata("run-1", metadata)
+
+        await store.cleanup_run("run-1")
+
+        assert await store.exists("run-1") is False
+        assert await store.get_latest_seq("run-1") == 0
diff --git a/python-packages/dataing/tests/unit/api/test_integrations_routes.py b/python-packages/dataing/tests/unit/api/test_integrations_routes.py
index 3273ae01e..2c7c60b07 100644
--- a/python-packages/dataing/tests/unit/api/test_integrations_routes.py
+++ b/python-packages/dataing/tests/unit/api/test_integrations_routes.py
@@ -1,7 +1,10 @@
 """Unit tests for Integrations API routes (CE)."""
 
+from __future__ import annotations
+
 import hashlib
 import hmac
+from unittest.mock import AsyncMock, MagicMock
 from uuid import uuid4
 
 import pytest
@@ -148,3 +151,294 @@ def test_deduplicated_response(self) -> None:
         )
         assert response.created is False
         assert response.status == "in_progress"
+
+    def test_response_with_policy_action(self) -> None:
+        """Test response with policy action."""
+        inv_id = uuid4()
+        response = WebhookIssueResponse(
+            id=uuid4(),
+            number=789,
+            status="open",
+            created=True,
+            policy_action="auto",
+            investigation_id=inv_id,
+        )
+        assert response.policy_action == "auto"
+        assert response.investigation_id == inv_id
+
+    def test_response_without_policy_action(self) -> None:
+        """Test response without policy action (deduplicated)."""
+        response = WebhookIssueResponse(
+            id=uuid4(),
+            number=789,
+            status="open",
+            created=False,
+        )
+        assert response.policy_action is None
+        assert response.investigation_id is None
+
+
+class TestEvaluateAndApplyPolicy:
+    """Tests for _evaluate_and_apply_policy function."""
+
+    @pytest.fixture
+    def mock_db(self) -> AsyncMock:
+        """Create mock database."""
+        from unittest.mock import AsyncMock
+
+        return AsyncMock()
+
+    @pytest.fixture
+    def mock_request(self) -> MagicMock:
+        """Create mock request."""
+        from unittest.mock import MagicMock
+
+        mock = MagicMock()
+        mock.app.state.temporal_client = None
+        return mock
+
+    @pytest.fixture
+    def mock_auth(self) -> MagicMock:
+        """Create mock auth context."""
+        from unittest.mock import MagicMock
+
+        mock = MagicMock()
+        mock.tenant_id = uuid4()
+        return mock
+
+    @pytest.fixture
+    def sample_payload(self) -> GenericWebhookPayload:
+        """Create sample payload."""
+        return GenericWebhookPayload(
+            title="Test Issue",
+            severity="high",
+            dataset_id="prod.orders",
+            source_provider="dbt",
+        )
+
+    async def test_no_team_returns_issue_only(
+        self,
+        mock_db: AsyncMock,
+        mock_request: MagicMock,
+        mock_auth: MagicMock,
+        sample_payload: GenericWebhookPayload,
+    ) -> None:
+        """Test that no team defaults to issue_only."""
+        from unittest.mock import AsyncMock, patch
+
+        from dataing.entrypoints.api.routes.integrations import _evaluate_and_apply_policy
+
+        # Mock no team found
+        with patch("dataing.entrypoints.api.routes.integrations.TeamPolicyRepository") as MockRepo:
+            mock_repo = MockRepo.return_value
+            mock_repo.get_default_team_for_tenant = AsyncMock(return_value=None)
+
+            action, inv_id = await _evaluate_and_apply_policy(
+                request=mock_request,
+                db=mock_db,
+                auth=mock_auth,
+                issue_id=uuid4(),
+                payload=sample_payload,
+            )
+
+            assert action == "issue_only"
+            assert inv_id is None
+
+    async def test_review_action_sends_notification(
+        self,
+        mock_db: AsyncMock,
+        mock_request: MagicMock,
+        mock_auth: MagicMock,
+        sample_payload: GenericWebhookPayload,
+    ) -> None:
+        """Test that review action sends notification."""
+        from unittest.mock import AsyncMock, patch
+
+        from dataing.adapters.db.team_policy_repository import PolicyAction
+        from dataing.entrypoints.api.routes.integrations import _evaluate_and_apply_policy
+        from dataing.services.policy import PolicyResult, QueueConfig
+
+        team_id = uuid4()
+
+        with (
+            patch("dataing.entrypoints.api.routes.integrations.TeamPolicyRepository") as MockRepo,
+            patch("dataing.entrypoints.api.routes.integrations.PolicyService") as MockPolicyService,
+            patch(
+                "dataing.entrypoints.api.routes.integrations.NotificationService"
+            ) as MockNotifService,
+        ):
+            mock_repo = MockRepo.return_value
+            mock_repo.get_default_team_for_tenant = AsyncMock(return_value=team_id)
+
+            mock_policy_svc = MockPolicyService.return_value
+            mock_policy_svc.evaluate = AsyncMock(
+                return_value=PolicyResult(
+                    action=PolicyAction.REVIEW,
+                    queue_config=QueueConfig(),
+                    source="team_default",
+                    team_id=team_id,
+                )
+            )
+
+            mock_notif = MockNotifService.return_value
+            mock_notif.notify = AsyncMock()
+
+            mock_db.execute = AsyncMock()
+
+            action, inv_id = await _evaluate_and_apply_policy(
+                request=mock_request,
+                db=mock_db,
+                auth=mock_auth,
+                issue_id=uuid4(),
+                payload=sample_payload,
+            )
+
+            assert action == "review"
+            assert inv_id is None
+            mock_notif.notify.assert_called_once()
+
+    async def test_issue_only_action_no_investigation(
+        self,
+        mock_db: AsyncMock,
+        mock_request: MagicMock,
+        mock_auth: MagicMock,
+        sample_payload: GenericWebhookPayload,
+    ) -> None:
+        """Test that issue_only action does not start investigation."""
+        from unittest.mock import AsyncMock, patch
+
+        from dataing.adapters.db.team_policy_repository import PolicyAction
+        from dataing.entrypoints.api.routes.integrations import _evaluate_and_apply_policy
+        from dataing.services.policy import PolicyResult, QueueConfig
+
+        team_id = uuid4()
+
+        with (
+            patch("dataing.entrypoints.api.routes.integrations.TeamPolicyRepository") as MockRepo,
+            patch("dataing.entrypoints.api.routes.integrations.PolicyService") as MockPolicyService,
+        ):
+            mock_repo = MockRepo.return_value
+            mock_repo.get_default_team_for_tenant = AsyncMock(return_value=team_id)
+
+            mock_policy_svc = MockPolicyService.return_value
+            mock_policy_svc.evaluate = AsyncMock(
+                return_value=PolicyResult(
+                    action=PolicyAction.ISSUE_ONLY,
+                    queue_config=QueueConfig(),
+                    source="system_default",
+                    team_id=team_id,
+                )
+            )
+
+            mock_db.execute = AsyncMock()
+
+            action, inv_id = await _evaluate_and_apply_policy(
+                request=mock_request,
+                db=mock_db,
+                auth=mock_auth,
+                issue_id=uuid4(),
+                payload=sample_payload,
+            )
+
+            assert action == "issue_only"
+            assert inv_id is None
+
+    async def test_auto_action_starts_investigation_when_temporal_available(
+        self,
+        mock_db: AsyncMock,
+        mock_auth: MagicMock,
+        sample_payload: GenericWebhookPayload,
+    ) -> None:
+        """Test that auto action starts investigation when Temporal is available."""
+        from unittest.mock import AsyncMock, MagicMock, patch
+
+        from dataing.adapters.db.team_policy_repository import PolicyAction
+        from dataing.entrypoints.api.routes.integrations import _evaluate_and_apply_policy
+        from dataing.services.policy import PolicyResult, QueueConfig
+
+        team_id = uuid4()
+
+        # Create mock request with Temporal client
+        mock_request = MagicMock()
+        mock_temporal = AsyncMock()
+        mock_temporal.start_investigation = AsyncMock()
+        mock_request.app.state.temporal_client = mock_temporal
+
+        with (
+            patch("dataing.entrypoints.api.routes.integrations.TeamPolicyRepository") as MockRepo,
+            patch("dataing.entrypoints.api.routes.integrations.PolicyService") as MockPolicyService,
+            patch("dataing.entrypoints.api.deps.resolve_datasource_id") as mock_resolve_ds,
+        ):
+            mock_repo = MockRepo.return_value
+            mock_repo.get_default_team_for_tenant = AsyncMock(return_value=team_id)
+
+            mock_policy_svc = MockPolicyService.return_value
+            mock_policy_svc.evaluate = AsyncMock(
+                return_value=PolicyResult(
+                    action=PolicyAction.AUTO,
+                    queue_config=QueueConfig(),
+                    source="team_default",
+                    team_id=team_id,
+                )
+            )
+
+            mock_resolve_ds.return_value = uuid4()
+            mock_db.execute = AsyncMock()
+
+            action, inv_id = await _evaluate_and_apply_policy(
+                request=mock_request,
+                db=mock_db,
+                auth=mock_auth,
+                issue_id=uuid4(),
+                payload=sample_payload,
+            )
+
+            assert action == "auto"
+            assert inv_id is not None
+            mock_temporal.start_investigation.assert_called_once()
+
+    async def test_auto_action_without_temporal_returns_none_investigation(
+        self,
+        mock_db: AsyncMock,
+        mock_request: MagicMock,
+        mock_auth: MagicMock,
+        sample_payload: GenericWebhookPayload,
+    ) -> None:
+        """Test that auto action without Temporal returns None investigation_id."""
+        from unittest.mock import AsyncMock, patch
+
+        from dataing.adapters.db.team_policy_repository import PolicyAction
+        from dataing.entrypoints.api.routes.integrations import _evaluate_and_apply_policy
+        from dataing.services.policy import PolicyResult, QueueConfig
+
+        team_id = uuid4()
+
+        with (
+            patch("dataing.entrypoints.api.routes.integrations.TeamPolicyRepository") as MockRepo,
+            patch("dataing.entrypoints.api.routes.integrations.PolicyService") as MockPolicyService,
+        ):
+            mock_repo = MockRepo.return_value
+            mock_repo.get_default_team_for_tenant = AsyncMock(return_value=team_id)
+
+            mock_policy_svc = MockPolicyService.return_value
+            mock_policy_svc.evaluate = AsyncMock(
+                return_value=PolicyResult(
+                    action=PolicyAction.AUTO,
+                    queue_config=QueueConfig(),
+                    source="team_default",
+                    team_id=team_id,
+                )
+            )
+
+            mock_db.execute = AsyncMock()
+
+            action, inv_id = await _evaluate_and_apply_policy(
+                request=mock_request,
+                db=mock_db,
+                auth=mock_auth,
+                issue_id=uuid4(),
+                payload=sample_payload,
+            )
+
+            assert action == "auto"
+            assert inv_id is None  # No Temporal configured
diff --git a/python-packages/dataing/tests/unit/middleware/test_redis_rate_limit.py b/python-packages/dataing/tests/unit/middleware/test_redis_rate_limit.py
new file mode 100644
index 000000000..ec2ae17cd
--- /dev/null
+++ b/python-packages/dataing/tests/unit/middleware/test_redis_rate_limit.py
@@ -0,0 +1,299 @@
+"""Unit tests for RedisRateLimitMiddleware."""
+
+from __future__ import annotations
+
+from unittest.mock import AsyncMock, MagicMock
+
+import pytest
+from starlette.applications import Starlette
+from starlette.requests import Request
+from starlette.responses import JSONResponse, Response
+from starlette.routing import Route
+from starlette.testclient import TestClient
+
+from dataing.entrypoints.api.middleware.redis_rate_limit import (
+    RedisRateLimitConfig,
+    RedisRateLimitMiddleware,
+)
+
+
+class TestRedisRateLimitConfig:
+    """Tests for RedisRateLimitConfig."""
+
+    def test_default_config(self) -> None:
+        """Test default configuration values."""
+        config = RedisRateLimitConfig()
+
+        assert config.requests_per_minute == 60
+        assert config.burst_size == 10
+        assert config.key_prefix == "dataing:api_rate_limit"
+        assert config.window_seconds == 60
+
+    def test_custom_config(self) -> None:
+        """Test custom configuration values."""
+        config = RedisRateLimitConfig(
+            requests_per_minute=100,
+            burst_size=20,
+            key_prefix="custom:prefix",
+            window_seconds=120,
+        )
+
+        assert config.requests_per_minute == 100
+        assert config.burst_size == 20
+        assert config.key_prefix == "custom:prefix"
+        assert config.window_seconds == 120
+
+
+class TestRedisRateLimitMiddleware:
+    """Tests for RedisRateLimitMiddleware."""
+
+    @pytest.fixture
+    def mock_redis(self) -> AsyncMock:
+        """Create a mock Redis client."""
+        mock = AsyncMock()
+        mock.script_load = AsyncMock(return_value="script-sha-123")
+        mock.evalsha = AsyncMock(return_value=[1, 59])  # allowed, remaining
+        mock.zrange = AsyncMock(return_value=[])
+        mock.delete = AsyncMock()
+        mock.scan = AsyncMock(return_value=(0, []))
+        return mock
+
+    def test_middleware_disabled(self) -> None:
+        """Test that disabled middleware passes requests through."""
+
+        async def homepage(request: Request) -> Response:
+            return JSONResponse({"status": "ok"})
+
+        app = Starlette(routes=[Route("/", homepage)])
+        app.add_middleware(RedisRateLimitMiddleware, redis=None, enabled=False)
+
+        client = TestClient(app)
+        response = client.get("/")
+
+        assert response.status_code == 200
+        assert response.json() == {"status": "ok"}
+
+    def test_middleware_no_redis_allows_all(self) -> None:
+        """Test that middleware without Redis allows all requests."""
+
+        async def homepage(request: Request) -> Response:
+            return JSONResponse({"status": "ok"})
+
+        app = Starlette(routes=[Route("/", homepage)])
+        app.add_middleware(RedisRateLimitMiddleware, redis=None, enabled=True)
+
+        client = TestClient(app)
+        response = client.get("/")
+
+        assert response.status_code == 200
+        assert "X-RateLimit-Limit" in response.headers
+
+    def test_health_check_not_rate_limited(self) -> None:
+        """Test that health check endpoints are not rate limited."""
+
+        async def health(request: Request) -> Response:
+            return JSONResponse({"status": "healthy"})
+
+        app = Starlette(routes=[Route("/health", health)])
+        # Use a mock that would reject requests
+        mock_redis = AsyncMock()
+        mock_redis.script_load = AsyncMock(return_value="sha")
+        mock_redis.evalsha = AsyncMock(return_value=[0, 0])  # denied
+        app.add_middleware(RedisRateLimitMiddleware, redis=mock_redis, enabled=True)
+
+        client = TestClient(app)
+        response = client.get("/health")
+
+        assert response.status_code == 200
+
+    def test_get_identifier_from_tenant(self, mock_redis: AsyncMock) -> None:
+        """Test identifier extraction from tenant context."""
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        request = MagicMock(spec=Request)
+        request.state = MagicMock()
+        request.state.auth_context = MagicMock()
+        request.state.auth_context.tenant_id = "tenant-123"
+        request.headers = {}
+        request.client = MagicMock()
+        request.client.host = "127.0.0.1"
+
+        identifier = middleware._get_identifier(request)
+
+        assert identifier == "tenant:tenant-123"
+
+    def test_get_identifier_from_api_key(self, mock_redis: AsyncMock) -> None:
+        """Test identifier extraction from API key."""
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        request = MagicMock(spec=Request)
+        request.state = MagicMock()
+        request.state.auth_context = None
+        request.headers = {"x-api-key": "abcd1234xyz"}
+        request.client = MagicMock()
+        request.client.host = "127.0.0.1"
+
+        identifier = middleware._get_identifier(request)
+
+        assert identifier == "key:abcd1234"
+
+    def test_get_identifier_from_ip(self, mock_redis: AsyncMock) -> None:
+        """Test identifier extraction from IP address."""
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        request = MagicMock(spec=Request)
+        request.state = MagicMock()
+        request.state.auth_context = None
+        request.headers = {}
+        request.client = MagicMock()
+        request.client.host = "192.168.1.1"
+
+        identifier = middleware._get_identifier(request)
+
+        assert identifier == "ip:192.168.1.1"
+
+    async def test_check_rate_limit_allowed(self, mock_redis: AsyncMock) -> None:
+        """Test rate limit check when allowed."""
+        mock_redis.evalsha.return_value = [1, 55]  # allowed, 55 remaining
+
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        allowed, remaining, retry_after = await middleware._check_rate_limit("tenant:test")
+
+        assert allowed is True
+        assert remaining == 55
+        assert retry_after is None
+
+    async def test_check_rate_limit_denied(self, mock_redis: AsyncMock) -> None:
+        """Test rate limit check when denied."""
+        mock_redis.evalsha.return_value = [0, 0]  # denied
+        mock_redis.zrange.return_value = []
+
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        allowed, remaining, retry_after = await middleware._check_rate_limit("tenant:test")
+
+        assert allowed is False
+        assert remaining == 0
+        assert retry_after is not None
+        assert retry_after >= 0
+
+    async def test_check_rate_limit_redis_error_fails_open(self, mock_redis: AsyncMock) -> None:
+        """Test that rate limiter fails open on Redis errors."""
+        mock_redis.evalsha.side_effect = Exception("Redis connection error")
+
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        allowed, remaining, retry_after = await middleware._check_rate_limit("tenant:test")
+
+        assert allowed is True  # Fail open
+        assert remaining == 60  # Default limit
+
+    async def test_reset_specific_identifier(self, mock_redis: AsyncMock) -> None:
+        """Test resetting rate limit for specific identifier."""
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        await middleware.reset("tenant:test")
+
+        mock_redis.delete.assert_called_once()
+
+    async def test_reset_all(self, mock_redis: AsyncMock) -> None:
+        """Test resetting all rate limits."""
+        mock_redis.scan.return_value = (0, [b"key1", b"key2"])
+
+        middleware = RedisRateLimitMiddleware(
+            app=MagicMock(),
+            redis=mock_redis,
+        )
+
+        await middleware.reset(None)
+
+        mock_redis.scan.assert_called()
+
+
+class TestRateLimitIntegration:
+    """Integration tests for rate limiting."""
+
+    def test_rate_limit_exceeded_returns_429(self) -> None:
+        """Test that exceeding rate limit returns 429."""
+
+        async def homepage(request: Request) -> Response:
+            return JSONResponse({"status": "ok"})
+
+        mock_redis = AsyncMock()
+        mock_redis.script_load = AsyncMock(return_value="sha")
+        mock_redis.evalsha = AsyncMock(return_value=[0, 0])  # denied
+        mock_redis.zrange = AsyncMock(return_value=[])
+
+        app = Starlette(routes=[Route("/api/test", homepage)])
+        app.add_middleware(RedisRateLimitMiddleware, redis=mock_redis, enabled=True)
+
+        client = TestClient(app)
+        response = client.get("/api/test")
+
+        assert response.status_code == 429
+        assert "Rate limit exceeded" in response.json()["detail"]
+        assert "Retry-After" in response.headers
+        assert "X-RateLimit-Limit" in response.headers
+        assert "X-RateLimit-Remaining" in response.headers
+
+    def test_successful_request_includes_headers(self) -> None:
+        """Test that successful requests include rate limit headers."""
+
+        async def homepage(request: Request) -> Response:
+            return JSONResponse({"status": "ok"})
+
+        mock_redis = AsyncMock()
+        mock_redis.script_load = AsyncMock(return_value="sha")
+        mock_redis.evalsha = AsyncMock(return_value=[1, 50])  # allowed, 50 remaining
+
+        app = Starlette(routes=[Route("/api/test", homepage)])
+        app.add_middleware(RedisRateLimitMiddleware, redis=mock_redis, enabled=True)
+
+        client = TestClient(app)
+        response = client.get("/api/test")
+
+        assert response.status_code == 200
+        assert response.headers["X-RateLimit-Limit"] == "60"
+        assert response.headers["X-RateLimit-Remaining"] == "50"
+
+    def test_options_request_not_rate_limited(self) -> None:
+        """Test that OPTIONS requests are not rate limited."""
+
+        async def homepage(request: Request) -> Response:
+            return Response(status_code=200)
+
+        # Use a mock that would reject requests
+        mock_redis = AsyncMock()
+        mock_redis.script_load = AsyncMock(return_value="sha")
+        mock_redis.evalsha = AsyncMock(return_value=[0, 0])  # denied
+
+        app = Starlette(routes=[Route("/api/test", homepage, methods=["GET", "OPTIONS"])])
+        app.add_middleware(RedisRateLimitMiddleware, redis=mock_redis, enabled=True)
+
+        client = TestClient(app)
+        response = client.options("/api/test")
+
+        # OPTIONS should pass through without rate limiting
+        assert response.status_code == 200
diff --git a/python-packages/dataing/tests/unit/services/test_analytics.py b/python-packages/dataing/tests/unit/services/test_analytics.py
new file mode 100644
index 000000000..18ede9fe4
--- /dev/null
+++ b/python-packages/dataing/tests/unit/services/test_analytics.py
@@ -0,0 +1,296 @@
+"""Unit tests for AnalyticsService."""
+
+from __future__ import annotations
+
+from datetime import UTC, datetime, timedelta
+from unittest.mock import AsyncMock
+from uuid import uuid4
+
+import pytest
+
+from dataing.services.analytics import (
+    ActivationFunnelStats,
+    ActivationStatus,
+    AnalyticsEventType,
+    AnalyticsService,
+    EntityType,
+    WeeklyUsageStats,
+)
+
+
+class TestAnalyticsEventType:
+    """Tests for AnalyticsEventType enum."""
+
+    def test_event_types(self) -> None:
+        """Test all event types are defined."""
+        assert AnalyticsEventType.ISSUE_CREATED.value == "issue_created"
+        assert AnalyticsEventType.INVESTIGATION_STARTED.value == "investigation_started"
+        assert AnalyticsEventType.INVESTIGATION_COMPLETED.value == "investigation_completed"
+        assert AnalyticsEventType.ISSUE_RESOLVED.value == "issue_resolved"
+
+
+class TestEntityType:
+    """Tests for EntityType enum."""
+
+    def test_entity_types(self) -> None:
+        """Test all entity types are defined."""
+        assert EntityType.ISSUE.value == "issue"
+        assert EntityType.INVESTIGATION.value == "investigation"
+
+
+class TestAnalyticsService:
+    """Tests for AnalyticsService."""
+
+    @pytest.fixture
+    def mock_db(self) -> AsyncMock:
+        """Create a mock database."""
+        mock = AsyncMock()
+        mock.fetch_one = AsyncMock(return_value={"event_id": uuid4()})
+        mock.fetch_all = AsyncMock(return_value=[])
+        mock.execute = AsyncMock()
+        return mock
+
+    @pytest.fixture
+    def service(self, mock_db: AsyncMock) -> AnalyticsService:
+        """Create an analytics service with mock DB."""
+        return AnalyticsService(mock_db)
+
+    async def test_record_event(self, service: AnalyticsService, mock_db: AsyncMock) -> None:
+        """Test recording an analytics event."""
+        tenant_id = uuid4()
+        entity_id = uuid4()
+        team_id = uuid4()
+        expected_event_id = uuid4()
+        mock_db.fetch_one.return_value = {"event_id": expected_event_id}
+
+        event_id = await service.record_event(
+            tenant_id=tenant_id,
+            event_type=AnalyticsEventType.ISSUE_CREATED,
+            entity_type=EntityType.ISSUE,
+            entity_id=entity_id,
+            team_id=team_id,
+            payload={"title": "Test Issue"},
+        )
+
+        assert event_id == expected_event_id
+        mock_db.fetch_one.assert_called_once()
+
+    async def test_record_event_without_team(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test recording event without team ID."""
+        tenant_id = uuid4()
+        entity_id = uuid4()
+
+        await service.record_event(
+            tenant_id=tenant_id,
+            event_type=AnalyticsEventType.INVESTIGATION_STARTED,
+            entity_type=EntityType.INVESTIGATION,
+            entity_id=entity_id,
+        )
+
+        mock_db.fetch_one.assert_called_once()
+
+    async def test_get_weekly_usage_empty(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting weekly usage with no data."""
+        mock_db.fetch_all.return_value = []
+        tenant_id = uuid4()
+
+        stats = await service.get_weekly_usage(tenant_id, weeks=4)
+
+        assert stats == []
+
+    async def test_get_weekly_usage_with_data(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting weekly usage with data."""
+        week_start = datetime.now(UTC) - timedelta(days=7)
+        mock_db.fetch_all.return_value = [
+            {
+                "week_start": week_start,
+                "issues_created": 10,
+                "investigations_started": 5,
+                "investigations_completed": 4,
+                "issues_resolved": 8,
+                "active_teams": 3,
+            }
+        ]
+        tenant_id = uuid4()
+
+        stats = await service.get_weekly_usage(tenant_id, weeks=4)
+
+        assert len(stats) == 1
+        assert stats[0].issues_created == 10
+        assert stats[0].investigations_started == 5
+        assert stats[0].investigations_completed == 4
+        assert stats[0].issues_resolved == 8
+        assert stats[0].active_teams == 3
+        assert stats[0].resolution_rate == 0.8
+
+    async def test_get_weekly_usage_by_team(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting weekly usage filtered by team."""
+        tenant_id = uuid4()
+        team_id = uuid4()
+        mock_db.fetch_all.return_value = []
+
+        await service.get_weekly_usage(tenant_id, weeks=4, team_id=team_id)
+
+        # Verify the query included team filter
+        mock_db.fetch_all.assert_called()
+
+    async def test_get_activation_status_not_found(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting activation status for nonexistent tenant."""
+        mock_db.fetch_one.side_effect = [None, None]  # No activation, no tenant
+        tenant_id = uuid4()
+
+        status = await service.get_activation_status(tenant_id)
+
+        assert status is None
+
+    async def test_get_activation_status_new_tenant(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting activation status for new tenant."""
+        tenant_id = uuid4()
+        created_at = datetime.now(UTC) - timedelta(days=2)
+        mock_db.fetch_one.side_effect = [
+            None,  # No activation record yet
+            {"id": tenant_id, "created_at": created_at},  # Tenant exists
+        ]
+
+        status = await service.get_activation_status(tenant_id)
+
+        assert status is not None
+        assert status.tenant_id == tenant_id
+        assert status.is_activated is False
+        assert status.first_issue_at is None
+        assert status.first_investigation_at is None
+
+    async def test_get_activation_status_activated(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting activation status for activated tenant."""
+        tenant_id = uuid4()
+        created_at = datetime.now(UTC) - timedelta(days=10)
+        activated_at = created_at + timedelta(days=5)
+        mock_db.fetch_one.return_value = {
+            "tenant_id": tenant_id,
+            "created_at": created_at,
+            "first_issue_at": created_at + timedelta(days=1),
+            "first_investigation_at": created_at + timedelta(days=3),
+            "activated_at": activated_at,
+        }
+
+        status = await service.get_activation_status(tenant_id)
+
+        assert status is not None
+        assert status.is_activated is True
+        assert status.days_to_activation == 5
+
+    async def test_get_activation_funnel_empty(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting activation funnel with no tenants."""
+        mock_db.fetch_one.return_value = {
+            "total_tenants": 0,
+            "tenants_with_issue": 0,
+            "tenants_with_investigation": 0,
+            "tenants_activated": 0,
+        }
+
+        funnel = await service.get_activation_funnel()
+
+        assert funnel.total_tenants == 0
+        assert funnel.issue_rate == 0.0
+        assert funnel.activation_rate == 0.0
+
+    async def test_get_activation_funnel_with_data(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test getting activation funnel with data."""
+        mock_db.fetch_one.return_value = {
+            "total_tenants": 100,
+            "tenants_with_issue": 80,
+            "tenants_with_investigation": 60,
+            "tenants_activated": 50,
+        }
+
+        funnel = await service.get_activation_funnel()
+
+        assert funnel.total_tenants == 100
+        assert funnel.tenants_with_issue == 80
+        assert funnel.issue_rate == 0.8
+        assert funnel.investigation_rate == 0.6
+        assert funnel.activation_rate == 0.5
+
+    async def test_refresh_weekly_stats(
+        self, service: AnalyticsService, mock_db: AsyncMock
+    ) -> None:
+        """Test refreshing weekly stats materialized view."""
+        await service.refresh_weekly_stats()
+
+        mock_db.execute.assert_called_once_with("SELECT refresh_weekly_usage_stats()")
+
+
+class TestWeeklyUsageStats:
+    """Tests for WeeklyUsageStats dataclass."""
+
+    def test_resolution_rate_calculation(self) -> None:
+        """Test resolution rate is calculated correctly."""
+        stats = WeeklyUsageStats(
+            week_start=datetime.now(UTC),
+            issues_created=10,
+            investigations_started=5,
+            investigations_completed=4,
+            issues_resolved=8,
+            active_teams=3,
+            resolution_rate=0.8,
+        )
+
+        assert stats.resolution_rate == 0.8
+
+
+class TestActivationStatus:
+    """Tests for ActivationStatus dataclass."""
+
+    def test_activated_status(self) -> None:
+        """Test activated status fields."""
+        now = datetime.now(UTC)
+        status = ActivationStatus(
+            tenant_id=uuid4(),
+            created_at=now - timedelta(days=10),
+            first_issue_at=now - timedelta(days=8),
+            first_investigation_at=now - timedelta(days=7),
+            activated_at=now - timedelta(days=7),
+            is_activated=True,
+            days_to_activation=3,
+        )
+
+        assert status.is_activated is True
+        assert status.days_to_activation == 3
+
+
+class TestActivationFunnelStats:
+    """Tests for ActivationFunnelStats dataclass."""
+
+    def test_funnel_rates(self) -> None:
+        """Test funnel rate fields."""
+        funnel = ActivationFunnelStats(
+            total_tenants=100,
+            tenants_with_issue=80,
+            tenants_with_investigation=60,
+            tenants_activated=50,
+            issue_rate=0.8,
+            investigation_rate=0.6,
+            activation_rate=0.5,
+        )
+
+        assert funnel.issue_rate == 0.8
+        assert funnel.investigation_rate == 0.6
+        assert funnel.activation_rate == 0.5
diff --git a/python-packages/dataing/tests/unit/services/test_policy.py b/python-packages/dataing/tests/unit/services/test_policy.py
new file mode 100644
index 000000000..f20625f20
--- /dev/null
+++ b/python-packages/dataing/tests/unit/services/test_policy.py
@@ -0,0 +1,515 @@
+"""Unit tests for PolicyService."""
+
+from __future__ import annotations
+
+import uuid
+from datetime import UTC, datetime
+from unittest.mock import AsyncMock, patch
+
+import pytest
+
+from dataing.adapters.db.team_policy_repository import (
+    PolicyAction,
+    TeamPolicy,
+    TeamPolicyOverride,
+    TeamQueueLimits,
+)
+from dataing.services.policy import (
+    IssueContext,
+    PolicyResult,
+    PolicyService,
+    QueueConfig,
+    evaluate_policy_for_issue,
+)
+
+
+class TestQueueConfig:
+    """Tests for QueueConfig."""
+
+    def test_defaults(self) -> None:
+        """Test QueueConfig default values."""
+        config = QueueConfig()
+        assert config.rate_limit_per_minute == 60
+        assert config.burst_size == 10
+        assert config.max_concurrent == 5
+        assert config.batch_size == 5
+
+    def test_from_limits(self) -> None:
+        """Test creating QueueConfig from TeamQueueLimits."""
+        limits = TeamQueueLimits(
+            id=uuid.uuid4(),
+            org_id=uuid.uuid4(),
+            team_id=uuid.uuid4(),
+            rate_limit_per_minute=120,
+            burst_size=20,
+            max_concurrent=10,
+            batch_size=8,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+        config = QueueConfig.from_limits(limits)
+
+        assert config.rate_limit_per_minute == 120
+        assert config.burst_size == 20
+        assert config.max_concurrent == 10
+        assert config.batch_size == 8
+
+    def test_from_limits_none(self) -> None:
+        """Test creating QueueConfig from None returns defaults."""
+        config = QueueConfig.from_limits(None)
+        assert config.rate_limit_per_minute == 60
+        assert config.burst_size == 10
+
+
+class TestPolicyService:
+    """Tests for PolicyService."""
+
+    @pytest.fixture
+    def mock_db(self) -> AsyncMock:
+        """Return a mock database."""
+        return AsyncMock()
+
+    @pytest.fixture
+    def mock_repo(self) -> AsyncMock:
+        """Return a mock TeamPolicyRepository."""
+        return AsyncMock()
+
+    @pytest.fixture
+    def service(self, mock_db: AsyncMock, mock_repo: AsyncMock) -> PolicyService:
+        """Return a PolicyService with mocked repository."""
+        svc = PolicyService(mock_db)
+        svc.repo = mock_repo
+        return svc
+
+    @pytest.fixture
+    def team_id(self) -> uuid.UUID:
+        """Return a team ID for testing."""
+        return uuid.uuid4()
+
+    @pytest.fixture
+    def sample_policy(self, team_id: uuid.UUID) -> TeamPolicy:
+        """Return a sample team policy."""
+        return TeamPolicy(
+            id=uuid.uuid4(),
+            org_id=uuid.uuid4(),
+            team_id=team_id,
+            sources=["dbt", "airflow"],
+            default_action=PolicyAction.REVIEW,
+            auto_investigate_min_severity="high",
+            review_required_max_severity="medium",
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+    @pytest.fixture
+    def sample_queue_limits(self, team_id: uuid.UUID) -> TeamQueueLimits:
+        """Return sample queue limits."""
+        return TeamQueueLimits(
+            id=uuid.uuid4(),
+            org_id=uuid.uuid4(),
+            team_id=team_id,
+            rate_limit_per_minute=100,
+            burst_size=15,
+            max_concurrent=8,
+            batch_size=5,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+    # =========================================================================
+    # Team Default Policy Tests
+    # =========================================================================
+
+    async def test_evaluate_team_default_policy(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+        sample_queue_limits: TeamQueueLimits,
+    ) -> None:
+        """Test evaluation returns team default policy when no overrides match."""
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = sample_queue_limits
+        mock_repo.get_override_for_dataset.return_value = None
+        mock_repo.get_overrides_for_team.return_value = []
+
+        context = IssueContext(team_id=team_id, source="dbt")
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.REVIEW
+        assert result.source == "team_default"
+        assert result.policy_id == sample_policy.id
+        assert result.queue_config.rate_limit_per_minute == 100
+
+    async def test_evaluate_no_policy_returns_defaults(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+    ) -> None:
+        """Test evaluation returns system defaults when no policy exists."""
+        mock_repo.get_policy_by_team.return_value = None
+        mock_repo.get_queue_limits.return_value = None
+
+        context = IssueContext(team_id=team_id)
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.ISSUE_ONLY
+        assert result.source == "system_default"
+        assert result.queue_config.rate_limit_per_minute == 60
+
+    async def test_evaluate_source_mismatch_returns_defaults(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that source mismatch returns defaults."""
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+
+        # Policy requires "dbt" or "airflow", but issue is from "snowflake"
+        context = IssueContext(team_id=team_id, source="snowflake")
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.ISSUE_ONLY
+        assert result.source == "system_default"
+
+    # =========================================================================
+    # Dataset Override Tests
+    # =========================================================================
+
+    async def test_evaluate_dataset_override(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+        sample_queue_limits: TeamQueueLimits,
+    ) -> None:
+        """Test that dataset override takes precedence over team default."""
+        override = TeamPolicyOverride(
+            id=uuid.uuid4(),
+            org_id=sample_policy.org_id,
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            tag_id=None,
+            default_action=PolicyAction.AUTO,
+            auto_investigate_min_severity=None,
+            review_required_max_severity=None,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = sample_queue_limits
+        mock_repo.get_override_for_dataset.return_value = override
+
+        context = IssueContext(
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.AUTO
+        assert result.source == "dataset_override"
+        assert result.override_id == override.id
+
+    async def test_evaluate_dataset_override_inherits_severity(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that dataset override inherits severity settings from policy."""
+        override = TeamPolicyOverride(
+            id=uuid.uuid4(),
+            org_id=sample_policy.org_id,
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            tag_id=None,
+            default_action=None,  # Inherit from policy
+            auto_investigate_min_severity=None,  # Inherit from policy
+            review_required_max_severity=None,  # Inherit from policy
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+        mock_repo.get_override_for_dataset.return_value = override
+
+        context = IssueContext(
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        assert result.action == sample_policy.default_action
+        assert result.auto_investigate_min_severity == sample_policy.auto_investigate_min_severity
+
+    # =========================================================================
+    # Tag Override Tests
+    # =========================================================================
+
+    async def test_evaluate_tag_override(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that tag override is applied when tag matches."""
+        tag_id = uuid.uuid4()
+        override = TeamPolicyOverride(
+            id=uuid.uuid4(),
+            org_id=sample_policy.org_id,
+            team_id=team_id,
+            dataset_id=None,
+            tag_id=tag_id,
+            default_action=PolicyAction.ISSUE_ONLY,
+            auto_investigate_min_severity=None,
+            review_required_max_severity=None,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+        mock_repo.get_override_for_dataset.return_value = None
+        mock_repo.get_overrides_for_team.return_value = [override]
+
+        context = IssueContext(
+            team_id=team_id,
+            tag_ids=[tag_id],
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.ISSUE_ONLY
+        assert result.source == "tag_override"
+        assert result.override_id == override.id
+        assert tag_id in result.matched_tags
+
+    async def test_evaluate_dataset_override_beats_tag_override(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that dataset override takes precedence over tag override."""
+        tag_id = uuid.uuid4()
+        tag_override = TeamPolicyOverride(
+            id=uuid.uuid4(),
+            org_id=sample_policy.org_id,
+            team_id=team_id,
+            dataset_id=None,
+            tag_id=tag_id,
+            default_action=PolicyAction.ISSUE_ONLY,
+            auto_investigate_min_severity=None,
+            review_required_max_severity=None,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+        dataset_override = TeamPolicyOverride(
+            id=uuid.uuid4(),
+            org_id=sample_policy.org_id,
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            tag_id=None,
+            default_action=PolicyAction.AUTO,
+            auto_investigate_min_severity=None,
+            review_required_max_severity=None,
+            is_active=True,
+            created_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+        mock_repo.get_override_for_dataset.return_value = dataset_override
+        mock_repo.get_overrides_for_team.return_value = [tag_override]
+
+        context = IssueContext(
+            team_id=team_id,
+            dataset_id="prod.analytics.orders",
+            tag_ids=[tag_id],
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        # Dataset override should win
+        assert result.action == PolicyAction.AUTO
+        assert result.source == "dataset_override"
+
+    # =========================================================================
+    # Severity-Based Action Tests
+    # =========================================================================
+
+    async def test_evaluate_severity_triggers_auto(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that high severity triggers auto investigation."""
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+        mock_repo.get_override_for_dataset.return_value = None
+        mock_repo.get_overrides_for_team.return_value = []
+
+        context = IssueContext(
+            team_id=team_id,
+            severity="critical",  # Above "high" threshold
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.AUTO
+
+    async def test_evaluate_severity_requires_review(
+        self,
+        service: PolicyService,
+        mock_repo: AsyncMock,
+        team_id: uuid.UUID,
+        sample_policy: TeamPolicy,
+    ) -> None:
+        """Test that low severity requires review."""
+        mock_repo.get_policy_by_team.return_value = sample_policy
+        mock_repo.get_queue_limits.return_value = None
+        mock_repo.get_override_for_dataset.return_value = None
+        mock_repo.get_overrides_for_team.return_value = []
+
+        context = IssueContext(
+            team_id=team_id,
+            severity="low",  # Below "medium" threshold
+            source="dbt",
+        )
+        result = await service.evaluate(context)
+
+        assert result.action == PolicyAction.REVIEW
+
+    # =========================================================================
+    # Helper Method Tests
+    # =========================================================================
+
+    def test_resolve_action_for_severity_auto(self, service: PolicyService) -> None:
+        """Test severity resolution for auto investigation."""
+        action = service._resolve_action_for_severity(
+            default_action=PolicyAction.ISSUE_ONLY,
+            severity="high",
+            auto_investigate_min_severity="high",
+            review_required_max_severity=None,
+        )
+        assert action == PolicyAction.AUTO
+
+    def test_resolve_action_for_severity_review(self, service: PolicyService) -> None:
+        """Test severity resolution for review."""
+        action = service._resolve_action_for_severity(
+            default_action=PolicyAction.ISSUE_ONLY,
+            severity="low",
+            auto_investigate_min_severity=None,
+            review_required_max_severity="medium",
+        )
+        assert action == PolicyAction.REVIEW
+
+    def test_resolve_action_for_severity_default(self, service: PolicyService) -> None:
+        """Test severity resolution returns default when no thresholds match."""
+        action = service._resolve_action_for_severity(
+            default_action=PolicyAction.ISSUE_ONLY,
+            severity="medium",
+            auto_investigate_min_severity="critical",
+            review_required_max_severity="low",
+        )
+        assert action == PolicyAction.ISSUE_ONLY
+
+    def test_resolve_action_for_severity_unknown(self, service: PolicyService) -> None:
+        """Test severity resolution with unknown severity returns default."""
+        action = service._resolve_action_for_severity(
+            default_action=PolicyAction.REVIEW,
+            severity="unknown",
+            auto_investigate_min_severity="high",
+            review_required_max_severity="medium",
+        )
+        assert action == PolicyAction.REVIEW
+
+
+class TestEvaluatePolicyForIssue:
+    """Tests for the convenience function."""
+
+    async def test_evaluate_policy_for_issue(self) -> None:
+        """Test the convenience function creates service and evaluates."""
+        mock_db = AsyncMock()
+        team_id = uuid.uuid4()
+
+        with patch("dataing.services.policy.PolicyService") as MockService:
+            mock_service = MockService.return_value
+            # Use AsyncMock for async method
+            mock_service.evaluate = AsyncMock(
+                return_value=PolicyResult(
+                    action=PolicyAction.AUTO,
+                    queue_config=QueueConfig(),
+                    source="team_default",
+                    team_id=team_id,
+                )
+            )
+
+            result = await evaluate_policy_for_issue(
+                db=mock_db,
+                team_id=team_id,
+                dataset_id="test.dataset",
+                severity="high",
+            )
+
+            assert result.action == PolicyAction.AUTO
+            mock_service.evaluate.assert_called_once()
+
+
+class TestIssueContext:
+    """Tests for IssueContext."""
+
+    def test_issue_context_defaults(self) -> None:
+        """Test IssueContext default values."""
+        team_id = uuid.uuid4()
+        context = IssueContext(team_id=team_id)
+
+        assert context.team_id == team_id
+        assert context.dataset_id is None
+        assert context.tag_ids == []
+        assert context.severity is None
+        assert context.source is None
+
+    def test_issue_context_full(self) -> None:
+        """Test IssueContext with all fields."""
+        team_id = uuid.uuid4()
+        tag1 = uuid.uuid4()
+        tag2 = uuid.uuid4()
+
+        context = IssueContext(
+            team_id=team_id,
+            dataset_id="prod.orders",
+            tag_ids=[tag1, tag2],
+            severity="high",
+            source="dbt",
+        )
+
+        assert context.team_id == team_id
+        assert context.dataset_id == "prod.orders"
+        assert len(context.tag_ids) == 2
+        assert context.severity == "high"
+        assert context.source == "dbt"