diff --git a/README.md b/README.md
index 6a7c1ac..2c64044 100644
--- a/README.md
+++ b/README.md
@@ -68,6 +68,9 @@ GOOGLE_CLIENT_SECRET="your-google-client-secret"
 
 # Redis (optional, for SSE transport support)
 REDIS_URL="rediss://user:pass@host:6379"
+
+# Admin access (for analytics dashboard)
+ADMIN_EMAIL="admin@gmail.com"
 ```
 
 #### Setting up Google OAuth:
@@ -89,6 +92,29 @@ pnpm prisma generate
 pnpm prisma db push
 ```
 
+#### Database Schema Overview
+
+The application uses PostgreSQL with the following main components:
+
+**Core OAuth 2.1 Tables:**
+- `User` - User accounts with Google OAuth authentication
+- `Account` - OAuth provider account linkages  
+- `Session` - User session management
+- `Client` - Registered OAuth clients with PKCE support
+- `AccessToken`, `AuthCode`, `RefreshToken` - OAuth 2.1 tokens
+
+**Analytics & Security Tables:**
+- `AnalyticsRequest` - Request tracking with **14-day TTL**
+- `AnalyticsSecurity` - Security events with **14-day TTL**
+- `MCPServer` - MCP server registry
+
+**Data Retention (TTL - Time To Live):**
+- Analytics data automatically expires after **14 days**
+- Database-level TTL using PostgreSQL `INTERVAL` defaults
+- Automatic cleanup via API endpoint `/api/cleanup`
+- Manual cleanup: `POST /api/cleanup`
+- Status monitoring: `GET /api/cleanup`
+
 ### 5. Start Development Server
 
 ```bash
@@ -184,6 +210,9 @@ Add to your `settings.json`:
 - **Authorization**: `GET /oauth/authorize`
 - **MCP HTTP**: `GET|POST /mcp/mcp`
 - **MCP SSE**: `GET /mcp/sse`
+- **Data Cleanup**: `POST /api/cleanup` - Manually trigger TTL cleanup
+- **Cleanup Status**: `GET /api/cleanup` - Check TTL status and expired records
+- **Security Analytics**: Analytics dashboard with real-time threat detection
 
 ## Project Structure
 
@@ -198,8 +227,11 @@ app/
 └── prisma.ts                   # Prisma client
 
 prisma/
-├── schema.prisma              # Database schema
+├── schema.prisma              # Database schema with TTL support
 └── migrations/                # Database migrations
+
+generated/
+└── prisma/                    # Generated Prisma client (custom location)
 ```
 
 ## Development Scripts
@@ -223,8 +255,157 @@ pnpm prisma studio          # Open Prisma Studio
 # Database management
 brew services start postgresql@14    # Start PostgreSQL
 brew services stop postgresql@14     # Stop PostgreSQL
+
+# Data cleanup (TTL management)
+curl -X POST http://localhost:3000/api/cleanup    # Manual cleanup
+curl http://localhost:3000/api/cleanup            # Check cleanup status
+```
+
+## Security Monitoring & Threat Detection
+
+This MCP OAuth server implements comprehensive security monitoring based on OAuth 2.1 and MCP specification requirements. The system automatically detects and records security threats in real-time.
+
+### **OAuth & MCP Security Threats Detected**
+
+#### **Critical Threats (Risk Score 90-95)**
+
+**1. Token Audience Validation Failures**
+- **Detection**: Access tokens used across multiple MCP server boundaries
+- **Based on**: RFC 8707 Resource Indicators, RFC 9728 Protected Resource Metadata
+- **Risk**: Token reuse attacks, confused deputy vulnerabilities
+- **Recorded**: MCP server IDs, endpoints, token usage patterns
+
+**2. PKCE Bypass Attempts**
+- **Detection**: OAuth authorization code flows without PKCE protection
+- **Based on**: OAuth 2.1 Section 7.5.2 mandatory PKCE requirements
+- **Risk**: Authorization code interception attacks
+- **Recorded**: Grant types, PKCE usage patterns, client behaviors
+
+**3. OAuth Privilege Escalation**
+- **Detection**: Users requesting elevated scopes beyond historical patterns
+- **Based on**: OAuth scope analysis and permission escalation patterns
+- **Risk**: Unauthorized access to sensitive resources
+- **Recorded**: Current vs historical scopes, elevated scope patterns, user behavior
+
+**4. Token Passthrough Violations**
+- **Detection**: Rapid cross-service access suggesting token forwarding
+- **Based on**: MCP security best practices against confused deputy attacks
+- **Risk**: Tokens used for unintended services
+- **Recorded**: Cross-server access patterns, timing analysis, resource boundaries
+
+#### **High Risk Threats (Risk Score 70-85)**
+
+**5. Missing Resource Parameters**
+- **Detection**: OAuth requests without proper resource identification
+- **Based on**: RFC 8707 Resource Indicators requirements
+- **Risk**: Tokens not bound to intended resources
+- **Recorded**: Missing redirect URIs, grant type violations
+
+**6. Scope Explosion Attacks**
+- **Detection**: Unusual number of new OAuth scopes requested simultaneously
+- **Based on**: Permission escalation analysis
+- **Risk**: Bulk privilege escalation attempts
+- **Recorded**: New scope counts, scope patterns, user history
+
+#### **Medium Risk Threats (Risk Score 50-70)**
+
+**7. Rate Limiting Violations**
+- **Detection**: >30 requests per minute from single IP
+- **Risk**: DoS attacks, API abuse
+- **Recorded**: Request rates, IP patterns, endpoint targeting
+
+**8. Brute Force Attempts**
+- **Detection**: Multiple authentication failures from same IP
+- **Risk**: Credential guessing attacks
+- **Recorded**: Failure counts, IP addresses, timing patterns
+
+**9. Suspicious User Agents**
+- **Detection**: Non-human user agents (bots, scrapers) without MCP identification
+- **Risk**: Automated attacks, scraping attempts
+- **Recorded**: User agent strings, access patterns
+
+**10. Token Reuse Detection**
+- **Detection**: Same token used from different IP addresses within short timeframe
+- **Risk**: Credential theft, session hijacking
+- **Recorded**: IP changes, timing analysis, token patterns
+
+### **Data Recording & Analytics**
+
+#### **Analytics Tables Structure**
+
+**AnalyticsRequest Table:**
+```sql
+- timestamp, endpoint, method, statusCode, responseTime
+- userId, clientId, mcpServerId (foreign keys)
+- OAuth-specific: oauthGrantType, tokenScopes, usePKCE, redirectUri
+- MCP-specific: mcpMethod, toolName
+- Security context: ipAddress, userAgent, organization, ssoProvider
+- Geographic: country, city (async populated)
+- TTL: expiresAt (14-day auto-cleanup)
 ```
 
+**AnalyticsSecurity Table:**
+```sql
+- timestamp, eventType (enum), severity, riskScore (0-100)
+- userId, clientId, mcpServerId (foreign keys)
+- Context: ipAddress, userAgent, endpoint, organization
+- Incident management: resolved, resolvedAt, resolvedBy
+- Details: JSON field with structured threat data
+- TTL: expiresAt (14-day auto-cleanup)
+```
+
+#### **Security Event Types**
+- `AUTH_FAILURE` - Authentication failures
+- `INVALID_TOKEN` - Token validation failures
+- `SUSPICIOUS_ACTIVITY` - Anomalous behavior patterns
+- `RATE_LIMIT_EXCEEDED` - API rate limit violations
+- `UNAUTHORIZED_ACCESS` - Access control violations
+- `TOKEN_REUSE` - Token reuse across IPs
+- `UNUSUAL_LOCATION` - Geographic anomalies
+- `PRIVILEGE_ESCALATION` - Scope/permission escalation
+- `MALFORMED_REQUEST` - Malformed OAuth/MCP requests
+- `BRUTE_FORCE_ATTEMPT` - Credential brute force
+- `OAUTH_INVALID_CLIENT` - Invalid OAuth clients
+- `OAUTH_INVALID_GRANT` - Invalid OAuth grants
+- `OAUTH_INVALID_SCOPE` - Invalid OAuth scopes
+
+#### **Real-Time Threat Analysis**
+
+**Risk Scoring Algorithm:**
+- **Critical (90-100)**: Immediate security response required
+- **High (70-89)**: Investigation and monitoring needed  
+- **Medium (50-69)**: Automated monitoring and logging
+- **Low (20-49)**: Basic logging only
+- **Informational (0-19)**: Filtered out of security analytics
+
+**Filtering & Display:**
+- Security dashboard shows only meaningful threats (risk score ≥ 50)
+- Privilege escalations filtered to high-risk only (≥ 70)
+- Organization-level aggregation for enterprise visibility
+- 14-day retention with automatic cleanup
+
+### **Compliance & Standards**
+
+The security monitoring system ensures compliance with:
+- **OAuth 2.1** IETF Draft (draft-ietf-oauth-v2-1-12)
+- **RFC 8707** Resource Indicators for OAuth 2.0
+- **RFC 9728** OAuth 2.0 Protected Resource Metadata  
+- **RFC 8414** OAuth 2.0 Authorization Server Metadata
+- **MCP Security Best Practices** (2025-06-18 specification)
+
+### **Enterprise Integration**
+
+**SIEM Integration Ready:**
+- Structured JSON logging for security events
+- Risk scoring for automated response systems
+- Geographic and organizational context
+- Real-time alerting for critical events
+
+**Monitoring Endpoints:**
+- `/api/cleanup` - Security data management
+- Analytics dashboard - Real-time threat visualization
+- Prisma Studio - Direct database investigation
+
 ## Deployment to Vercel
 
 1. Push your code to GitHub
@@ -240,6 +421,7 @@ Make sure to set these in your Vercel dashboard:
 - `GOOGLE_CLIENT_ID`
 - `GOOGLE_CLIENT_SECRET`
 - `REDIS_URL` (optional, for SSE support)
+- `ADMIN_EMAIL` (required for analytics dashboard access)
 
 ## Contributing
 
diff --git a/app/analytics/analytics-client.tsx b/app/analytics/analytics-client.tsx
new file mode 100644
index 0000000..343582c
--- /dev/null
+++ b/app/analytics/analytics-client.tsx
@@ -0,0 +1,533 @@
+"use client"
+
+import { useState, useEffect, useCallback } from "react"
+import { Button } from "@/components/ui/button"
+import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select"
+import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card"
+import { Badge } from "@/components/ui/badge"
+import { Collapsible, CollapsibleContent, CollapsibleTrigger } from "@/components/ui/collapsible"
+import {
+  SecurityPanel,
+  LoadingSkeleton,
+  DashboardHeader,
+  OAuthOverview,
+  OAuthClientActivity,
+  TokenExpiration,
+  ToolUsagePanel,
+  GrantTypeChart,
+  ToolResponseAreaChart
+} from "@/components/analytics"
+import {
+  BarChart3,
+  Activity,
+  AlertTriangle,
+  Zap,
+  ChevronDown,
+  ChevronUp,
+  Shield,
+  TrendingUp,
+  Users
+} from "lucide-react"
+
+export default function AnalyticsClient() {
+  const [data, setData] = useState<{
+    performance?: {
+      totalRequests: number
+      avgResponseTime: number
+      p95ResponseTime: number
+      errorRate: number
+    }
+    oauth?: {
+      totalUsers: number
+      activeUsers: number
+      totalClients: number
+      activeClients: number
+      activeTokens: number
+      recentAuthorizations: number
+      tokenRefreshRate: number
+      pkceAdoption: number
+      userActivity?: string
+      clientActivity?: string
+      clients?: {
+        name: string
+        clientId: string
+        uniqueUsers: number
+        activeTokens: number
+        recentRequests: number
+        lastActivity: string
+        userNames: string
+        status: string
+      }[]
+      expiringTokens?: {
+        clientName: string
+        tokenCount: number
+        hoursUntilExpiry: number
+      }[]
+      grantTypes?: {
+        type: string
+        count: number
+        percentage: number
+      }[]
+    }
+    toolUsage?: {
+      tools: {
+        toolName: string
+        mcpMethod: string
+        usageCount: number
+        uniqueUsers: number
+        avgResponseTime?: number
+      }[]
+      geographic: {
+        country: string
+        city?: string
+        count: number
+        percentage: number
+      }[]
+      timeSeries?: {
+        hour: string
+        toolName: string
+        avgResponseTime: number
+        callCount: number
+        p95ResponseTime: number
+        p50ResponseTime: number
+      }[]
+      totalCalls: number
+      activeUsers: number
+    }
+    topEndpoints?: { endpoint: string; count: number }[]
+    geography?: { country: string; count: number }[]
+    security?: {
+      eventCount: number
+      events?: { timestamp: string; eventType: string; ipAddress: string; clientId?: string; details: string }[]
+      eventsByOrganization?: {
+        organization: string
+        eventType: string
+        severity: string
+        eventCount: number
+        avgRiskScore: number
+      }[]
+      privilegeEscalations?: {
+        userName: string
+        userEmail: string
+        eventType: string
+        riskScore: number
+        timestamp: string
+        details: Record<string, unknown>
+      }[]
+      totalEvents: number
+      criticalEvents: number
+      highRiskEvents: number
+      resolvedEvents: number
+      averageRiskScore: number
+    }
+    enterprise?: {
+      usersByMCPServer?: { userName: string; userEmail: string; mcpServerName: string; mcpServerIdentifier: string }[]
+      toolUsage?: { toolName: string; mcpMethod: string; usageCount: number; uniqueUsers: number }[]
+    }
+    lastUpdated?: string
+    timeRange?: string
+  } | null>(null)
+
+  const [loading, setLoading] = useState(true)
+  const [error, setError] = useState<string | null>(null)
+  const [timeRange, setTimeRange] = useState("24")
+  const [refreshing, setRefreshing] = useState(false)
+  const [generatingEvents, setGeneratingEvents] = useState(false)
+  const [expandedSections, setExpandedSections] = useState({
+    oauth: true,
+    security: false,
+    tools: false
+  })
+
+  const fetchAnalytics = useCallback(async (showRefreshLoader = false) => {
+    try {
+      if (showRefreshLoader) {
+        setRefreshing(true)
+      } else {
+        setLoading(true)
+      }
+      const response = await fetch(`/api/analytics?hours=${timeRange}`, {
+        credentials: 'include'
+      })
+      if (!response.ok) {
+        const errorData = await response.json()
+        throw new Error(errorData.error || "Failed to fetch analytics")
+      }
+      const analyticsData = await response.json()
+      setData(analyticsData)
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "An error occurred")
+    } finally {
+      setLoading(false)
+      setRefreshing(false)
+    }
+  }, [timeRange])
+
+  const generateTestEvents = async () => {
+    try {
+      setGeneratingEvents(true)
+      // Use the SecurityMonitor directly for more realistic threat detection
+      const response = await fetch("/api/analytics/generate-threats", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ 
+          runDetection: true,
+          mockScenarios: [
+            "privilege_escalation",
+            "token_reuse", 
+            "rate_limit_exceeded",
+            "oauth_pkce_bypass"
+          ]
+        }),
+      })
+      
+      if (!response.ok) {
+        throw new Error("Failed to generate threats")
+      }
+      
+      const result = await response.json()
+      alert(`Generated ${result.threatsDetected || 0} realistic security threats using SecurityMonitor! Refresh to see them.`)
+    } catch (error) {
+      console.error("Failed to generate test events:", error)
+      alert("Failed to generate test events")
+    } finally {
+      setGeneratingEvents(false)
+    }
+  }
+
+  useEffect(() => {
+    fetchAnalytics()
+  }, [timeRange, fetchAnalytics])
+
+
+  const getHealthStatus = () => {
+    if (!data?.performance && !data?.oauth) return { status: "unknown", color: "bg-muted" }
+    
+    let criticalIssues = 0
+    let warningIssues = 0
+    
+    // Check performance health
+    if (data?.performance) {
+      const { errorRate, avgResponseTime } = data.performance
+      if (errorRate > 5 || avgResponseTime > 1000) criticalIssues++
+      else if (errorRate > 1 || avgResponseTime > 500) warningIssues++
+    }
+    
+    
+    // Check PKCE adoption
+    if (data?.oauth && data.oauth.pkceAdoption < 50) warningIssues++
+    
+    if (criticalIssues > 0) return { status: "critical", color: "bg-destructive" }
+    if (warningIssues > 0) return { status: "warning", color: "bg-secondary-300" }
+    return { status: "healthy", color: "bg-primary-300" }
+  }
+
+  if (loading) {
+    return <LoadingSkeleton />
+  }
+
+  if (error) {
+    return (
+      <div className="min-h-screen bg-background flex items-center justify-center p-6">
+        <div className="bg-background border border-destructive rounded-lg shadow-lg p-8 max-w-md w-full text-center space-y-6">
+          <AlertTriangle className="w-16 h-16 text-destructive mx-auto" />
+          <div className="space-y-3">
+            <h2 className="text-xl font-bold text-foreground">Dashboard Error</h2>
+            <p className="text-muted-foreground">{error}</p>
+          </div>
+          <Button onClick={() => fetchAnalytics()} className="w-full" disabled={loading}>
+            <Activity className={`w-4 h-4 mr-2 ${loading ? 'animate-spin' : ''}`} />
+            {loading ? 'Connecting...' : 'Retry Connection'}
+          </Button>
+        </div>
+      </div>
+    )
+  }
+
+  if (!data) {
+    return (
+      <div className="min-h-screen bg-background flex items-center justify-center p-6">
+        <div className="bg-background border border-border rounded-lg shadow-lg p-8 max-w-md w-full text-center space-y-6">
+          <BarChart3 className="w-16 h-16 text-muted-foreground mx-auto" />
+          <div className="space-y-3">
+            <h3 className="text-xl font-semibold text-foreground">No Data Available</h3>
+            <p className="text-muted-foreground">No analytics data found for the selected period.</p>
+          </div>
+        </div>
+      </div>
+    )
+  }
+
+  const healthStatus = getHealthStatus()
+
+  const toggleSection = (section: keyof typeof expandedSections) => {
+    setExpandedSections(prev => ({
+      ...prev,
+      [section]: !prev[section]
+    }))
+  }
+
+  const getAlertSummary = () => {
+    const alerts = []
+    
+    
+    if (data?.performance) {
+      const { errorRate, avgResponseTime } = data.performance
+      if (errorRate > 5) alerts.push({ type: 'critical', message: `${errorRate}% error rate` })
+      if (avgResponseTime > 1000) alerts.push({ type: 'warning', message: `${avgResponseTime}ms avg response time` })
+    }
+    
+    if (data?.oauth && data.oauth.pkceAdoption < 50) {
+      alerts.push({ type: 'warning', message: `${data.oauth.pkceAdoption}% PKCE adoption` })
+    }
+    
+    return alerts
+  }
+
+  return (
+    <main className="min-h-screen bg-background" aria-labelledby="dashboard-title">
+      {/* Dashboard Header */}
+      <DashboardHeader
+        title="Remote MCP Analytics"
+        lastUpdated={data.lastUpdated}
+        timeRange={data.timeRange}
+        status={healthStatus.status as "healthy" | "warning" | "critical"}
+        serverName={data.enterprise?.usersByMCPServer?.[0]?.mcpServerName}
+        serverUrl={data.enterprise?.usersByMCPServer?.[0]?.mcpServerIdentifier}
+      >
+        <label htmlFor="time-range-select" className="sr-only">
+          Time Range
+        </label>
+        <Select value={timeRange} onValueChange={setTimeRange}>
+          <SelectTrigger id="time-range-select" className="w-[180px]">
+            <SelectValue />
+          </SelectTrigger>
+          <SelectContent>
+            <SelectItem value="1">Last 1 hour</SelectItem>
+            <SelectItem value="6">Last 6 hours</SelectItem>
+            <SelectItem value="24">Last 24 hours</SelectItem>
+            <SelectItem value="72">Last 3 days</SelectItem>
+            <SelectItem value="168">Last 7 days</SelectItem>
+          </SelectContent>
+        </Select>
+        <Button onClick={() => fetchAnalytics(true)} size="default" disabled={refreshing}>
+          <Activity className={`w-4 h-4 mr-2 ${refreshing ? 'animate-spin' : ''}`} />
+          {refreshing ? 'Refreshing...' : 'Refresh'}
+        </Button>
+        <Button
+          onClick={generateTestEvents}
+          variant="outline"
+          size="default"
+          className="text-destructive border-destructive/20 hover:bg-destructive/10"
+          disabled={generatingEvents}
+        >
+          <Zap className={`w-4 h-4 mr-2 ${generatingEvents ? 'animate-spin' : ''}`} />
+          {generatingEvents ? 'Generating...' : 'Generate Test Events'}
+        </Button>
+      </DashboardHeader>
+
+      <div className="container mx-auto px-6 py-6 max-w-7xl space-y-6">
+
+        {/* Priority Alert Bar */}
+        {data && getAlertSummary().length > 0 && (
+          <Card className="border-destructive/20 bg-destructive/5">
+            <CardHeader className="pb-3">
+              <div className="flex items-center gap-2">
+                <AlertTriangle className="w-5 h-5 text-destructive" />
+                <CardTitle className="text-lg text-destructive">Active Alerts</CardTitle>
+              </div>
+            </CardHeader>
+            <CardContent>
+              <div className="flex flex-wrap gap-2">
+                {getAlertSummary().map((alert, index) => (
+                  <Badge 
+                    key={index}
+                    variant={alert.type === 'critical' ? 'destructive' : 'secondary'}
+                    className="text-xs"
+                  >
+                    {alert.message}
+                  </Badge>
+                ))}
+              </div>
+            </CardContent>
+          </Card>
+        )}
+
+        {/* Section 1: OAuth Information */}
+        <Collapsible open={expandedSections.oauth} onOpenChange={() => toggleSection('oauth')}>
+          <Card className="border-primary-300 dark:border-primary-600">
+            <CollapsibleTrigger asChild>
+              <CardHeader className="cursor-pointer hover:bg-muted/50 transition-colors">
+                <div className="flex items-center justify-between">
+                  <div className="flex items-center gap-3">
+                    <div className="p-2 bg-primary-600/10 rounded-lg">
+                      <Users className="w-5 h-5 text-primary-600" />
+                    </div>
+                    <div>
+                      <CardTitle className="text-xl">OAuth Metrics</CardTitle>
+                      <CardDescription>Authentication and client management</CardDescription>
+                    </div>
+                  </div>
+                  <div className="flex items-center gap-2">
+                    {data?.oauth && (
+                      <Badge variant="outline" className="text-xs">
+                        {data.oauth.activeUsers} active users
+                      </Badge>
+                    )}
+                    {expandedSections.oauth ? (
+                      <ChevronUp className="w-4 h-4" />
+                    ) : (
+                      <ChevronDown className="w-4 h-4" />
+                    )}
+                  </div>
+                </div>
+              </CardHeader>
+            </CollapsibleTrigger>
+            <CollapsibleContent>
+              <CardContent className="pt-0 space-y-4">
+                {data?.oauth && (
+                  <OAuthOverview
+                    totalUsers={data.oauth.totalUsers}
+                    activeUsers={data.oauth.activeUsers}
+                    totalClients={data.oauth.totalClients}
+                    activeTokens={data.oauth.activeTokens}
+                    recentAuthorizations={data.oauth.recentAuthorizations}
+                    tokenRefreshRate={data.oauth.tokenRefreshRate}
+                    userActivity={data.oauth.userActivity}
+                  />
+                )}
+                <div className="grid grid-cols-1 lg:grid-cols-3 gap-4">
+                  <OAuthClientActivity 
+                    clients={data?.oauth?.clients || []}
+                    title="Client Activity"
+                    maxItems={6}
+                  />
+                  <TokenExpiration expiringTokens={data?.oauth?.expiringTokens || []} />
+                  {data?.oauth?.grantTypes && data.oauth.grantTypes.length > 0 && (
+                    <GrantTypeChart grantTypes={data.oauth.grantTypes} />
+                  )}
+                </div>
+              </CardContent>
+            </CollapsibleContent>
+          </Card>
+        </Collapsible>
+
+        {/* Section 2: Security */}
+        <Collapsible open={expandedSections.security} onOpenChange={() => toggleSection('security')}>
+          <Card className="border-destructive/20 dark:border-destructive/40">
+            <CollapsibleTrigger asChild>
+              <CardHeader className="cursor-pointer hover:bg-muted/50 transition-colors">
+                <div className="flex items-center justify-between">
+                  <div className="flex items-center gap-3">
+                    <div className="p-2 bg-destructive/10 rounded-lg">
+                      <Shield className="w-5 h-5 text-destructive" />
+                    </div>
+                    <div>
+                      <CardTitle className="text-xl">Security Overview</CardTitle>
+                      <CardDescription>Critical security events and monitoring</CardDescription>
+                    </div>
+                  </div>
+                  <div className="flex items-center gap-2">
+                    {data?.security && (
+                      <Badge variant="outline" className="text-xs">
+                        {data.security.totalEvents} events
+                      </Badge>
+                    )}
+                    {expandedSections.security ? (
+                      <ChevronUp className="w-4 h-4" />
+                    ) : (
+                      <ChevronDown className="w-4 h-4" />
+                    )}
+                  </div>
+                </div>
+              </CardHeader>
+            </CollapsibleTrigger>
+            <CollapsibleContent>
+              <CardContent className="pt-0">
+                {/* Real-time Security Analytics Panel with comprehensive threat detection */}
+                <SecurityPanel 
+                  securityData={data?.security ? {
+                    totalEvents: data.security.totalEvents,
+                    eventsByOrganization: data.security.eventsByOrganization || [],
+                    privilegeEscalations: data.security.privilegeEscalations || [],
+                    criticalEvents: data.security.criticalEvents,
+                    highRiskEvents: data.security.highRiskEvents,
+                    resolvedEvents: data.security.resolvedEvents,
+                    averageRiskScore: data.security.averageRiskScore
+                  } : undefined}
+                />
+              </CardContent>
+            </CollapsibleContent>
+          </Card>
+        </Collapsible>
+
+        {/* Section 3: MCP Tools & Performance */}
+        <Collapsible open={expandedSections.tools} onOpenChange={() => toggleSection('tools')}>
+          <Card className="border-secondary-300 dark:border-secondary-600">
+            <CollapsibleTrigger asChild>
+              <CardHeader className="cursor-pointer hover:bg-muted/50 transition-colors">
+                <div className="flex items-center justify-between">
+                  <div className="flex items-center gap-3">
+                    <div className="p-2 bg-secondary-600/10 rounded-lg">
+                      <TrendingUp className="w-5 h-5 text-secondary-600" />
+                    </div>
+                    <div>
+                      <CardTitle className="text-xl">Performance & Tools</CardTitle>
+                      <CardDescription>Tool usage and response metrics</CardDescription>
+                    </div>
+                  </div>
+                  <div className="flex items-center gap-2">
+                    {data?.toolUsage && (
+                      <Badge variant="outline" className="text-xs">
+                        {data.toolUsage.totalCalls} calls
+                      </Badge>
+                    )}
+                    {expandedSections.tools ? (
+                      <ChevronUp className="w-4 h-4" />
+                    ) : (
+                      <ChevronDown className="w-4 h-4" />
+                    )}
+                  </div>
+                </div>
+              </CardHeader>
+            </CollapsibleTrigger>
+            <CollapsibleContent>
+              <CardContent className="pt-0">
+                {data?.toolUsage && (
+                  <div className="space-y-6">
+                    {/* Tool Usage Panel - Handles overview, tools list, and geographic data */}
+                    <ToolUsagePanel
+                      toolUsage={data.toolUsage.tools}
+                      geographicUsage={data.toolUsage.geographic}
+                      totalCalls={data.toolUsage.totalCalls}
+                      activeUsers={data.toolUsage.activeUsers}
+                    />
+                    
+                    {/* Time Series Charts */}
+                    {data.toolUsage.timeSeries && data.toolUsage.timeSeries.length > 0 && (
+                      <div className="grid grid-cols-1 lg:grid-cols-2 gap-4">
+                        <ToolResponseAreaChart 
+                          data={data.toolUsage.timeSeries}
+                          hoursBack={parseInt(timeRange)}
+                          title="Response Times (Last 12 Hours)"
+                          icon={TrendingUp}
+                        />
+                        <ToolResponseAreaChart 
+                          data={data.toolUsage.timeSeries.slice(-12)}
+                          hoursBack={12}
+                          title="Recent Response Times"
+                          description="Response times over the last 12 hours"
+                          icon={Activity}
+                        />
+                      </div>
+                    )}
+                  </div>
+                )}
+              </CardContent>
+            </CollapsibleContent>
+          </Card>
+        </Collapsible>
+      </div>
+    </main>
+  )
+}
\ No newline at end of file
diff --git a/app/analytics/page.tsx b/app/analytics/page.tsx
index aaadf7b..ab04cf3 100644
--- a/app/analytics/page.tsx
+++ b/app/analytics/page.tsx
@@ -1,309 +1,52 @@
-"use client"
-
-import { useState, useEffect, useCallback } from "react"
+import { auth } from '@/app/auth'
 import { Button } from "@/components/ui/button"
-import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select"
-import {
-  MetricCard,
-  DataTable,
-  SecurityPanel,
-  LoadingSkeleton,
-  DashboardHeader,
-  StatusBadge
-} from "@/components/analytics"
-import {
-  BarChart3,
-  Globe,
-  Users,
-  Activity,
-  Clock,
-  AlertTriangle,
-  CheckCircle,
-  TrendingUp,
-  Server,
-  Zap,
-} from "lucide-react"
-
-export default function AnalyticsPage() {
-  const [data, setData] = useState<{
-    performance?: {
-      totalRequests: number
-      avgResponseTime: number
-      p95ResponseTime: number
-      errorRate: number
-    }
-    topEndpoints?: { endpoint: string; count: number }[]
-    geography?: { country: string; count: number }[]
-    security?: {
-      eventCount: number
-      events?: { timestamp: string; eventType: string; ipAddress: string; clientId?: string; details: string }[]
-      byOrganization?: {
-        organization: string
-        eventType: string
-        severity: string
-        eventCount: number
-        avgRiskScore: number
-      }[]
-      privilegeEscalations?: {
-        userName: string
-        userEmail: string
-        eventType: string
-        riskScore: number
-        timestamp: string
-        details: Record<string, unknown>
-      }[]
-    }
-    enterprise?: {
-      usersByMCPServer?: { userName: string; userEmail: string; mcpServerName: string; mcpServerIdentifier: string }[]
-      toolUsage?: { toolName: string; mcpMethod: string; usageCount: number; uniqueUsers: number }[]
-    }
-    lastUpdated?: string
-    timeRange?: string
-  } | null>(null)
-
-  const [loading, setLoading] = useState(true)
-  const [error, setError] = useState<string | null>(null)
-  const [timeRange, setTimeRange] = useState("24")
-
-  const fetchAnalytics = useCallback(async () => {
-    try {
-      setLoading(true)
-      const response = await fetch(`/api/analytics?hours=${timeRange}`)
-      if (!response.ok) {
-        throw new Error("Failed to fetch analytics")
-      }
-      const analyticsData = await response.json()
-      setData(analyticsData)
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "An error occurred")
-    } finally {
-      setLoading(false)
-    }
-  }, [timeRange])
-
-  const generateTestEvents = async () => {
-    try {
-      const eventTypes = ["AUTH_FAILURE", "INVALID_TOKEN", "SUSPICIOUS_ACTIVITY", "RATE_LIMIT_EXCEEDED"]
-      for (const eventType of eventTypes) {
-        await fetch("/api/test/security-events", {
-          method: "POST",
-          headers: { "Content-Type": "application/json" },
-          body: JSON.stringify({ eventType, count: 2 }),
-        })
-      }
-      alert("Test security events generated! Refresh data in 30 seconds to see them.")
-    } catch (error) {
-      console.error("Failed to generate test events:", error)
-      alert("Failed to generate test events")
-    }
-  }
-
-  useEffect(() => {
-    fetchAnalytics()
-  }, [timeRange, fetchAnalytics])
+import { AlertTriangle } from "lucide-react"
+import AnalyticsClient from './analytics-client'
+import { redirect } from 'next/navigation'
 
+export default async function AnalyticsPage() {
+  const session = await auth()
 
-  const getHealthStatus = () => {
-    if (!data?.performance) return { status: "unknown", color: "bg-muted" }
-    const { errorRate, avgResponseTime } = data.performance
-    if (errorRate > 5 || avgResponseTime > 1000) return { status: "critical", color: "bg-destructive" }
-    if (errorRate > 1 || avgResponseTime > 500) return { status: "warning", color: "bg-yellow-500" }
-    return { status: "healthy", color: "bg-green-500" }
+  // Check if user is authenticated
+  if (!session || !session.user) {
+    redirect('/api/auth/signin')
   }
 
-  if (loading) {
-    return <LoadingSkeleton />
-  }
-
-  if (error) {
+  // Check if user is admin
+  const adminEmail = process.env.ADMIN_EMAIL
+  const userEmail = session.user.email
+  
+  if (!adminEmail) {
     return (
       <div className="min-h-screen bg-background flex items-center justify-center p-6">
         <div className="bg-background border border-destructive rounded-lg shadow-lg p-8 max-w-md w-full text-center space-y-6">
           <AlertTriangle className="w-16 h-16 text-destructive mx-auto" />
           <div className="space-y-3">
-            <h2 className="text-xl font-bold text-foreground">Dashboard Error</h2>
-            <p className="text-muted-foreground">{error}</p>
+            <h2 className="text-xl font-bold text-foreground">Configuration Error</h2>
+            <p className="text-muted-foreground">Admin email not configured. Please contact your system administrator.</p>
           </div>
-          <Button onClick={fetchAnalytics} className="w-full">
-            <Activity className="w-4 h-4 mr-2" />
-            Retry Connection
-          </Button>
         </div>
       </div>
     )
   }
 
-  if (!data) {
+  if (userEmail !== adminEmail) {
     return (
       <div className="min-h-screen bg-background flex items-center justify-center p-6">
-        <div className="bg-background border border-border rounded-lg shadow-lg p-8 max-w-md w-full text-center space-y-6">
-          <BarChart3 className="w-16 h-16 text-muted-foreground mx-auto" />
+        <div className="bg-background border border-destructive rounded-lg shadow-lg p-8 max-w-md w-full text-center space-y-6">
+          <AlertTriangle className="w-16 h-16 text-destructive mx-auto" />
           <div className="space-y-3">
-            <h3 className="text-xl font-semibold text-foreground">No Data Available</h3>
-            <p className="text-muted-foreground">No analytics data found for the selected period.</p>
+            <h2 className="text-xl font-bold text-foreground">Access Denied</h2>
+            <p className="text-muted-foreground">You don&apos;t have permission to access this page. Admin access required.</p>
           </div>
+          <Button onClick={() => window.location.href = '/'} className="w-full">
+            Return to Home
+          </Button>
         </div>
       </div>
     )
   }
 
-  const healthStatus = getHealthStatus()
-
-  return (
-    <main className="min-h-screen bg-background" aria-labelledby="dashboard-title">
-      {/* Dashboard Header */}
-      <DashboardHeader
-        title="MCP OAuth Analytics"
-        lastUpdated={data.lastUpdated}
-        timeRange={data.timeRange}
-        status={healthStatus.status as "healthy" | "warning" | "critical"}
-        serverName={data.enterprise?.usersByMCPServer?.[0]?.mcpServerName}
-        serverUrl={data.enterprise?.usersByMCPServer?.[0]?.mcpServerIdentifier}
-      >
-        <StatusBadge status={healthStatus.status as "healthy" | "warning" | "critical"} />
-        <label htmlFor="time-range-select" className="sr-only">
-          Time Range
-        </label>
-        <Select value={timeRange} onValueChange={setTimeRange}>
-          <SelectTrigger id="time-range-select" className="w-[180px]">
-            <SelectValue />
-          </SelectTrigger>
-          <SelectContent>
-            <SelectItem value="1">Last 1 hour</SelectItem>
-            <SelectItem value="6">Last 6 hours</SelectItem>
-            <SelectItem value="24">Last 24 hours</SelectItem>
-            <SelectItem value="72">Last 3 days</SelectItem>
-            <SelectItem value="168">Last 7 days</SelectItem>
-          </SelectContent>
-        </Select>
-        <Button onClick={fetchAnalytics} size="default">
-          <Activity className="w-4 h-4 mr-2" />
-          Refresh
-        </Button>
-        <Button
-          onClick={generateTestEvents}
-          variant="outline"
-          size="default"
-          className="text-destructive border-destructive/20 hover:bg-destructive/10"
-        >
-          <Zap className="w-4 h-4 mr-2" />
-          Generate Test Events
-        </Button>
-      </DashboardHeader>
-
-      <div className="container mx-auto px-6 py-8 max-w-7xl space-y-8">
-
-        {/* Performance Overview */}
-        {data.performance && (
-          <section aria-labelledby="performance-title" className="space-y-6">
-            <h2 id="performance-title" className="sr-only">
-              Performance Overview
-            </h2>
-            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
-              <MetricCard
-                title="Total Requests"
-                value={data.performance.totalRequests.toLocaleString()}
-                icon={BarChart3}
-                variant="primary"
-                change="+12.5%"
-                changeType="positive"
-                subtitle="vs last period"
-              />
-              <MetricCard
-                title="Avg Response"
-                value={`${data.performance.avgResponseTime}ms`}
-                icon={Clock}
-                variant="primary"
-                change={data.performance.avgResponseTime < 200 ? "-8%" : "+15%"}
-                changeType={data.performance.avgResponseTime < 200 ? "positive" : "negative"}
-                subtitle="response time"
-              />
-              <MetricCard
-                title="P95 Response"
-                value={`${data.performance.p95ResponseTime}ms`}
-                icon={TrendingUp}
-                variant="secondary"
-                change="+3.2%"
-                changeType="neutral"
-                subtitle="95th percentile"
-              />
-              <MetricCard
-                title="Error Rate"
-                value={`${data.performance.errorRate}%`}
-                icon={data.performance.errorRate > 5 ? AlertTriangle : CheckCircle}
-                variant="secondary"
-                change={data.performance.errorRate > 5 ? "+2.1%" : "-0.5%"}
-                changeType={data.performance.errorRate > 5 ? "negative" : "positive"}
-                subtitle="error percentage"
-              />
-            </div>
-          </section>
-        )}
-
-        {/* Main Content Grid */}
-        <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
-          {/* Left Column - Endpoints & Geography */}
-          <div className="space-y-8">
-            {/* Top Endpoints */}
-            {data.topEndpoints && data.topEndpoints.length > 0 && (
-              <DataTable
-                title="Popular Endpoints"
-                icon={Server}
-                data={data.topEndpoints.map(endpoint => ({
-                  primary: endpoint.endpoint,
-                  value: endpoint.count
-                }))}
-                emptyMessage="No endpoint data available"
-              />
-            )}
-
-            {/* Geographic Distribution */}
-            {data.geography && data.geography.length > 0 && (
-              <DataTable
-                title="Geographic Distribution"
-                icon={Globe}
-                data={data.geography.map(country => ({
-                  primary: country.country,
-                  value: country.count
-                }))}
-                emptyMessage="No geographic data available"
-              />
-            )}
-          </div>
-
-          {/* Middle Column - Enterprise Analytics */}
-          <div className="space-y-8">
-
-
-            {/* Tool Usage */}
-            {data.enterprise?.toolUsage && data.enterprise.toolUsage.length > 0 && (
-              <DataTable
-                title="Popular Tools"
-                icon={Activity}
-                data={data.enterprise.toolUsage.map(tool => ({
-                  primary: tool.toolName,
-                  secondary: tool.mcpMethod,
-                  value: `${tool.usageCount} calls`,
-                  badge: `${tool.uniqueUsers} users`
-                }))}
-                emptyMessage="No tool usage data available"
-                maxItems={4}
-              />
-            )}
-          </div>
-
-          {/* Right Column - Security */}
-          <div className="space-y-8">
-            {data.security && (
-              <SecurityPanel
-                eventCount={data.security.eventCount || 0}
-                byOrganization={data.security.byOrganization}
-                privilegeEscalations={data.security.privilegeEscalations}
-              />
-            )}
-          </div>
-        </div>
-      </div>
-    </main>
-  )
+  // User is authenticated and is admin, render the analytics dashboard
+  return <AnalyticsClient />
 }
diff --git a/app/api/analytics/generate-threats/route.ts b/app/api/analytics/generate-threats/route.ts
new file mode 100644
index 0000000..3d03cb4
--- /dev/null
+++ b/app/api/analytics/generate-threats/route.ts
@@ -0,0 +1,191 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { securityMonitor } from '@/lib/security-monitor';
+import { prisma } from '@/app/prisma';
+
+export async function POST(request: NextRequest) {
+  try {
+    const { runDetection, mockScenarios } = await request.json();
+    
+    if (!runDetection) {
+      return NextResponse.json({ 
+        error: 'Detection not enabled' 
+      }, { status: 400 });
+    }
+
+    // Get real database entities for realistic context
+    const recentUser = await prisma.user.findFirst({
+      select: { id: true }
+    });
+    
+    const recentClient = await prisma.client.findFirst({
+      orderBy: { createdAt: 'desc' },
+      select: { id: true }
+    });
+    
+    const recentMCPServer = await prisma.mCPServer.findFirst({
+      select: { id: true }
+    });
+
+    // Create realistic security context for threat detection
+    const mockContext = {
+      userId: recentUser?.id,
+      clientId: recentClient?.id,
+      ipAddress: request.headers.get('x-forwarded-for') || '192.168.1.100',
+      userAgent: request.headers.get('user-agent') || 'curl/7.68.0', // Suspicious user agent
+      endpoint: '/mcp/sse',
+      organization: 'Test Organization',
+      ssoProvider: 'google',
+      mcpServerId: recentMCPServer?.id
+    };
+
+    let totalThreats = 0;
+
+    // Run different threat scenarios based on mockScenarios
+    for (const scenario of mockScenarios || []) {
+      const contextForScenario = { ...mockContext };
+      
+      switch (scenario) {
+        case 'privilege_escalation':
+          // Create analytics requests with escalating scopes to trigger privilege escalation detection
+          if (mockContext.userId) {
+            await prisma.analyticsRequest.createMany({
+              data: [
+                {
+                  timestamp: new Date(Date.now() - 5 * 60 * 1000), // 5 minutes ago
+                  endpoint: '/oauth/token',
+                  method: 'POST',
+                  statusCode: 200,
+                  responseTime: 150,
+                  userId: mockContext.userId,
+                  clientId: mockContext.clientId,
+                  mcpServerId: mockContext.mcpServerId,
+                  ipAddress: mockContext.ipAddress,
+                  userAgent: mockContext.userAgent,
+                  scopes: ['read', 'write'] // Historical scopes
+                },
+                {
+                  timestamp: new Date(), // Now with elevated scopes
+                  endpoint: '/oauth/token',
+                  method: 'POST',
+                  statusCode: 200,
+                  responseTime: 180,
+                  userId: mockContext.userId,
+                  clientId: mockContext.clientId,
+                  mcpServerId: mockContext.mcpServerId,
+                  ipAddress: mockContext.ipAddress,
+                  userAgent: mockContext.userAgent,
+                  scopes: ['read', 'write', 'admin', 'delete'] // New elevated scopes
+                }
+              ]
+            });
+          }
+          break;
+
+        case 'token_reuse':
+          // Create requests from different IPs to trigger token reuse detection
+          if (mockContext.userId) {
+            await prisma.analyticsRequest.createMany({
+              data: [
+                {
+                  timestamp: new Date(Date.now() - 2 * 60 * 1000), // 2 minutes ago
+                  endpoint: '/mcp/sse',
+                  method: 'POST',
+                  statusCode: 200,
+                  responseTime: 120,
+                  userId: mockContext.userId,
+                  clientId: mockContext.clientId,
+                  mcpServerId: mockContext.mcpServerId,
+                  ipAddress: '10.0.0.50', // Different IP
+                  userAgent: mockContext.userAgent,
+                  scopes: ['read']
+                }
+              ]
+            });
+          }
+          contextForScenario.ipAddress = '192.168.1.100'; // Current IP different from above
+          break;
+
+        case 'rate_limit_exceeded':
+          // Create many recent requests to trigger rate limiting
+          if (mockContext.userId) {
+            const requests = Array.from({ length: 35 }, (_, i) => ({
+              timestamp: new Date(Date.now() - (35 - i) * 1000), // Spread over last 35 seconds
+              endpoint: '/mcp/sse',
+              method: 'POST',
+              statusCode: 200,
+              responseTime: 100 + Math.random() * 50,
+              userId: mockContext.userId,
+              clientId: mockContext.clientId,
+              mcpServerId: mockContext.mcpServerId,
+              ipAddress: mockContext.ipAddress,
+              userAgent: mockContext.userAgent,
+              scopes: ['read']
+            }));
+            
+            await prisma.analyticsRequest.createMany({ data: requests });
+          }
+          break;
+
+        case 'oauth_pkce_bypass':
+          // Create OAuth requests without PKCE to trigger bypass detection
+          if (mockContext.userId) {
+            await prisma.analyticsRequest.createMany({
+              data: Array.from({ length: 3 }, (_, i) => ({
+                timestamp: new Date(Date.now() - (3 - i) * 60 * 1000),
+                endpoint: '/oauth/authorize',
+                method: 'POST',
+                statusCode: 200,
+                responseTime: 200,
+                userId: mockContext.userId,
+                clientId: mockContext.clientId,
+                mcpServerId: mockContext.mcpServerId,
+                ipAddress: mockContext.ipAddress,
+                userAgent: mockContext.userAgent,
+                oauthGrantType: 'authorization_code',
+                usePKCE: false, // PKCE bypass
+                scopes: ['read']
+              }))
+            });
+          }
+          break;
+      }
+
+      // Run SecurityMonitor threat detection with the configured context
+      const detectedThreats = await securityMonitor.detectThreats(contextForScenario, request);
+      
+      // Log the detected threats
+      if (detectedThreats.length > 0) {
+        await securityMonitor.logSecurityEvents(detectedThreats, contextForScenario);
+        totalThreats += detectedThreats.length;
+      }
+    }
+
+    return NextResponse.json({ 
+      success: true,
+      message: `SecurityMonitor detected and logged ${totalThreats} realistic threats`,
+      threatsDetected: totalThreats,
+      scenarios: mockScenarios
+    });
+
+  } catch (error) {
+    console.error('SecurityMonitor threat generation error:', error);
+    return NextResponse.json({ 
+      error: 'Failed to generate threats using SecurityMonitor',
+      details: error instanceof Error ? error.message : 'Unknown error'
+    }, { status: 500 });
+  }
+}
+
+export async function GET() {
+  return NextResponse.json({
+    message: 'SecurityMonitor Threat Generator API',
+    usage: 'POST with { "runDetection": true, "mockScenarios": ["privilege_escalation", "token_reuse"] }',
+    availableScenarios: [
+      'privilege_escalation',   // OAuth scope escalation detection
+      'token_reuse',           // Cross-IP token usage detection  
+      'rate_limit_exceeded',   // API abuse detection
+      'oauth_pkce_bypass'      // PKCE bypass detection
+    ],
+    description: 'Uses real SecurityMonitor detection logic with mock data scenarios'
+  });
+}
\ No newline at end of file
diff --git a/app/api/analytics/route.ts b/app/api/analytics/route.ts
index 1373fbb..0d513b9 100644
--- a/app/api/analytics/route.ts
+++ b/app/api/analytics/route.ts
@@ -1,9 +1,10 @@
 import { NextRequest, NextResponse } from 'next/server';
-import { analyticsDB } from '@/lib/analytics-db';
+import { analyticsDB, getSecurityAnalytics } from '@/lib/analytics-db';
 import { auth } from '@/app/auth';
 
 export async function GET(request: NextRequest) {
   try {
+    // console.log('Request:', request);
     // Authentication check
     const session = await auth();
     if (!session) {
@@ -14,7 +15,7 @@ export async function GET(request: NextRequest) {
     const { searchParams } = new URL(request.url);
     const hours = parseInt(searchParams.get('hours') || '24');
     
-    return getEnhancedAnalytics(hours);
+    return await getEnhancedAnalytics(hours);
   } catch (error) {
     console.error('Analytics API error:', error);
     return NextResponse.json(
@@ -32,36 +33,64 @@ async function getEnhancedAnalytics(hours = 24) {
       return NextResponse.json({ error: 'Hours must be between 1 and 168' }, { status: 400 });
     }
 
+    // Calculate date range for security analytics
+    const startDate = new Date(Date.now() - hours * 60 * 60 * 1000);
+    const endDate = new Date();
+
     // Efficient parallel queries for enhanced analytics
     const [
       performance, 
       endpoints, 
       geography, 
-      securityEvents, 
+      securityAnalytics,
       usersByMCP, 
-      securityByOrg, 
-      privilegeEscalations, 
-      toolUsage
+      toolUsage,
+      toolGeography,
+      toolResponseTimeSeries,
+      oauthMetrics,
+      oauthClientActivity,
+      expiringTokens,
+      grantTypeDistribution,
+      oauthSecurityEvents
     ] = await Promise.all([
       analyticsDB.getPerformanceMetrics(hours),
       analyticsDB.getTopEndpoints(hours, 10),
       analyticsDB.getGeographyStats(hours),
-      analyticsDB.getSecurityEvents(hours),
+      getSecurityAnalytics(startDate, endDate),
       analyticsDB.getUsersByMCPServer(hours),
-      analyticsDB.getSecurityEventsByOrganization(hours),
-      analyticsDB.getUserPrivilegeEscalations(168), // Last 7 days
-      analyticsDB.getMCPToolUsage(hours)
+      analyticsDB.getMCPToolUsage(hours),
+      analyticsDB.getToolGeographyStats(hours),
+      analyticsDB.getToolResponseTimeTimeSeries(hours),
+      analyticsDB.getOAuthMetrics(hours),
+      analyticsDB.getOAuthClientActivity(hours, 6),
+      analyticsDB.getExpiringTokens(24),
+      analyticsDB.getGrantTypeDistribution(hours),
+      analyticsDB.getOAuthSecurityEvents(hours)
     ]);
 
     const data = {
       performance,
       topEndpoints: endpoints,
       geography,
+      oauth: {
+        ...oauthMetrics,
+        clients: oauthClientActivity,
+        expiringTokens,
+        grantTypes: grantTypeDistribution
+      },
+      oauthSecurity: oauthSecurityEvents,
+      toolUsage: {
+        tools: toolUsage,
+        geographic: toolGeography,
+        timeSeries: toolResponseTimeSeries,
+        totalCalls: toolUsage.reduce((sum, tool) => sum + tool.usageCount, 0),
+        activeUsers: toolUsage.reduce((sum, tool) => sum + tool.uniqueUsers, 0)
+      },
       security: {
-        events: securityEvents,
-        eventCount: securityEvents.length,
-        byOrganization: securityByOrg,
-        privilegeEscalations
+        ...securityAnalytics,
+        // Include basic security events for the SecurityPanel component
+        events: await analyticsDB.getSecurityEvents(hours),
+        eventCount: securityAnalytics.totalEvents
       },
       enterprise: {
         usersByMCPServer: usersByMCP,
diff --git a/app/api/analytics/security/route.ts b/app/api/analytics/security/route.ts
index 67be4ec..6ce7f22 100644
--- a/app/api/analytics/security/route.ts
+++ b/app/api/analytics/security/route.ts
@@ -1,5 +1,37 @@
 import { NextRequest, NextResponse } from 'next/server';
-import { analyticsDB } from '@/lib/analytics-db';
+import { analyticsDB, getSecurityAnalytics } from '@/lib/analytics-db';
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url);
+    const days = parseInt(searchParams.get('days') || '30');
+    
+    // Calculate date range
+    const endDate = new Date();
+    const startDate = new Date(endDate.getTime() - days * 24 * 60 * 60 * 1000);
+    
+    const analytics = await getSecurityAnalytics(startDate, endDate);
+    
+    return NextResponse.json({
+      success: true,
+      data: analytics,
+      timeRange: {
+        startDate: startDate.toISOString(),
+        endDate: endDate.toISOString(),
+        days
+      }
+    });
+  } catch (error) {
+    console.error('Security analytics API error:', error);
+    return NextResponse.json(
+      { 
+        error: 'Failed to fetch security analytics',
+        details: error instanceof Error ? error.message : 'Unknown error'
+      },
+      { status: 500 }
+    );
+  }
+}
 
 export async function POST(request: NextRequest) {
   try {
diff --git a/app/api/cleanup/route.ts b/app/api/cleanup/route.ts
new file mode 100644
index 0000000..f25a363
--- /dev/null
+++ b/app/api/cleanup/route.ts
@@ -0,0 +1,48 @@
+import { NextResponse } from 'next/server';
+import { cleanupExpiredData, getTTLStatus } from '@/app/prisma';
+
+export async function POST() {
+  try {
+    const result = await cleanupExpiredData();
+    
+    if (result.success) {
+      return NextResponse.json({
+        message: 'Cleanup completed successfully',
+        deletedCount: result.deletedCount
+      });
+    } else {
+      return NextResponse.json(
+        { error: 'Cleanup failed', details: result.error },
+        { status: 500 }
+      );
+    }
+  } catch (error) {
+    return NextResponse.json(
+      { error: 'Internal server error', details: (error as Error).message },
+      { status: 500 }
+    );
+  }
+}
+
+export async function GET() {
+  try {
+    const status = await getTTLStatus();
+    
+    if (status.error) {
+      return NextResponse.json(
+        { error: 'Failed to get TTL status', details: status.error },
+        { status: 500 }
+      );
+    }
+    
+    return NextResponse.json({
+      message: 'TTL status retrieved successfully',
+      data: status
+    });
+  } catch (error) {
+    return NextResponse.json(
+      { error: 'Internal server error', details: (error as Error).message },
+      { status: 500 }
+    );
+  }
+}
\ No newline at end of file
diff --git a/app/api/oauth/register/route.ts b/app/api/oauth/register/route.ts
index 7da1fb4..31027c1 100644
--- a/app/api/oauth/register/route.ts
+++ b/app/api/oauth/register/route.ts
@@ -2,6 +2,7 @@ import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
 import { prisma } from '@/app/prisma';
 import { randomBytes } from 'crypto';
+import { analyticsDB } from '@/lib/analytics-db';
 
 export async function POST(request: NextRequest) {
   const body = await request.json();
@@ -33,6 +34,29 @@ export async function POST(request: NextRequest) {
       },
     });
 
+    // Log client registration analytics
+    try {
+      const ip = request.headers.get('x-forwarded-for')?.split(',')[0] || 
+                 request.headers.get('x-real-ip') || 
+                 '127.0.0.1';
+      
+      await analyticsDB.logRequest({
+        timestamp: new Date(),
+        endpoint: '/api/oauth/register',
+        method: request.method,
+        statusCode: 200,
+        responseTime: 0,
+        clientId: newClient.id,
+        ipAddress: ip,
+        userAgent: request.headers.get('user-agent') || '',
+        oauthGrantType: 'client_registration',
+        tokenScopes: [],
+        redirectUri: redirect_uris[0] // First redirect URI
+      });
+    } catch (analyticsError) {
+      console.warn('Failed to log client registration analytics:', analyticsError);
+    }
+
     const response = NextResponse.json({
       client_id: newClient.clientId,
       client_secret: clientSecret, // This is the only time the secret is sent
diff --git a/app/api/oauth/token/route.ts b/app/api/oauth/token/route.ts
index 9e6af79..bb6d7fa 100644
--- a/app/api/oauth/token/route.ts
+++ b/app/api/oauth/token/route.ts
@@ -2,6 +2,7 @@ import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
 import { prisma } from '@/app/prisma';
 import { randomBytes } from 'crypto';
+import { analyticsDB } from '@/lib/analytics-db';
 
 // Type for client object
 interface ClientType {
@@ -19,6 +20,33 @@ function getCorsHeaders() {
   };
 }
 
+// Helper function to log OAuth analytics
+async function logOAuthAnalytics(request: NextRequest, grantType: string, clientId: string, userId?: string, scopes?: string[], usePKCE?: boolean, redirectUri?: string) {
+  try {
+    const ip = request.headers.get('x-forwarded-for')?.split(',')[0] || 
+               request.headers.get('x-real-ip') || 
+               '127.0.0.1';
+    
+    await analyticsDB.logRequest({
+      timestamp: new Date(),
+      endpoint: '/api/oauth/token',
+      method: request.method,
+      statusCode: 200,
+      responseTime: 0, // Will be updated by middleware
+      clientId,
+      userId,
+      ipAddress: ip,
+      userAgent: request.headers.get('user-agent') || '',
+      oauthGrantType: grantType,
+      tokenScopes: scopes || [],
+      usePKCE,
+      redirectUri
+    });
+  } catch (error) {
+    console.warn('Failed to log OAuth analytics:', error);
+  }
+}
+
 // Helper function to create access and refresh tokens
 async function createTokens(clientId: string, userId: string, resource?: string) {
   const accessToken = randomBytes(32).toString('hex');
@@ -58,6 +86,7 @@ async function createTokens(clientId: string, userId: string, resource?: string)
 
 // Handle refresh token grant
 async function handleRefreshTokenGrant(
+  request: NextRequest,
   refreshTokenValue: string, 
   client: ClientType, 
   clientSecret: string | undefined, 
@@ -118,6 +147,9 @@ async function handleRefreshTokenGrant(
   // Create new tokens
   const tokens = await createTokens(client.id, refreshTokenRecord.userId, tokenResource);
 
+  // Log analytics for refresh token grant
+  await logOAuthAnalytics(request, 'refresh_token', client.id, refreshTokenRecord.userId);
+
   console.log('[RefreshToken] Tokens refreshed successfully');
   return NextResponse.json(tokens, { headers: getCorsHeaders() });
 }
@@ -185,7 +217,7 @@ export async function POST(request: NextRequest) {
 
     // Handle refresh token grant
     if (grant_type === 'refresh_token') {
-      return await handleRefreshTokenGrant(refresh_token!, client, client_secret ?? undefined, resource);
+      return await handleRefreshTokenGrant(request, refresh_token!, client, client_secret ?? undefined, resource);
     }
 
     // Continue with authorization code grant (existing logic)
@@ -259,6 +291,17 @@ export async function POST(request: NextRequest) {
       resource || authCode.resource || undefined
     );
 
+    // Log analytics for authorization code grant
+    await logOAuthAnalytics(
+      request, 
+      'authorization_code', 
+      client.id, 
+      authCode.userId,
+      [], // Scopes would be extracted from auth code in full implementation
+      !!authCode.codeChallenge,
+      authCode.redirectUri
+    );
+
     console.log("Access token and refresh token created.");
 
     return NextResponse.json(tokens, {
diff --git a/app/api/test/security-events/route.ts b/app/api/test/security-events/route.ts
index 190dd01..3ac2a8c 100644
--- a/app/api/test/security-events/route.ts
+++ b/app/api/test/security-events/route.ts
@@ -6,17 +6,18 @@ export async function POST(request: NextRequest) {
   try {
     const { eventType, count = 1 } = await request.json();
     
+    // Only include event types that we actually detect in security-monitor.ts
     const validEventTypes = [
-      'AUTH_FAILURE',
-      'INVALID_TOKEN', 
-      'SUSPICIOUS_ACTIVITY',
-      'RATE_LIMIT_EXCEEDED',
-      'UNAUTHORIZED_ACCESS',
-      'TOKEN_REUSE',
-      'UNUSUAL_LOCATION',
-      'PRIVILEGE_ESCALATION',
-      'MALFORMED_REQUEST',
-      'BRUTE_FORCE_ATTEMPT'
+      'AUTH_FAILURE',           // logAuthFailure()
+      'INVALID_TOKEN',          // logInvalidToken() & checkTokenAudienceViolation()
+      'SUSPICIOUS_ACTIVITY',    // checkSuspiciousUserAgent() & checkTokenPassthrough()
+      'RATE_LIMIT_EXCEEDED',    // checkRateLimit()
+      'TOKEN_REUSE',            // checkTokenReuse()
+      'UNUSUAL_LOCATION',       // checkUnusualLocation() (currently disabled)
+      'PRIVILEGE_ESCALATION',   // checkPrivilegeEscalation()
+      'BRUTE_FORCE_ATTEMPT',    // checkBruteForce()
+      'OAUTH_INVALID_CLIENT',   // checkPKCEBypass()
+      'OAUTH_INVALID_GRANT'     // checkMissingResourceParameter()
     ];
 
     if (!validEventTypes.includes(eventType)) {
@@ -54,13 +55,14 @@ export async function POST(request: NextRequest) {
     const events = [];
     for (let i = 0; i < count; i++) {
       const mockEvent = {
-        eventType: eventType as 'AUTH_FAILURE' | 'INVALID_TOKEN' | 'SUSPICIOUS_ACTIVITY' | 'RATE_LIMIT_EXCEEDED' | 'UNAUTHORIZED_ACCESS' | 'TOKEN_REUSE' | 'UNUSUAL_LOCATION' | 'PRIVILEGE_ESCALATION' | 'MALFORMED_REQUEST' | 'BRUTE_FORCE_ATTEMPT',
+        eventType: eventType as 'AUTH_FAILURE' | 'INVALID_TOKEN' | 'SUSPICIOUS_ACTIVITY' | 'RATE_LIMIT_EXCEEDED' | 'TOKEN_REUSE' | 'UNUSUAL_LOCATION' | 'PRIVILEGE_ESCALATION' | 'BRUTE_FORCE_ATTEMPT' | 'OAUTH_INVALID_CLIENT' | 'OAUTH_INVALID_GRANT',
         severity: getSeverityForEventType(eventType),
         details: {
           test: true,
           eventNumber: i + 1,
           timestamp: new Date(),
-          description: getDescriptionForEventType(eventType)
+          description: getDescriptionForEventType(eventType),
+          ...getRealisticDetailsForEventType(eventType, i)
         },
         riskScore: getRiskScoreForEventType(eventType)
       };
@@ -87,16 +89,19 @@ export async function POST(request: NextRequest) {
 function getSeverityForEventType(eventType: string): 'low' | 'medium' | 'high' | 'critical' {
   switch (eventType) {
     case 'PRIVILEGE_ESCALATION':
-    case 'BRUTE_FORCE_ATTEMPT':
+    case 'OAUTH_INVALID_CLIENT':        // PKCE bypass - critical OAuth 2.1 violation
       return 'critical';
     case 'TOKEN_REUSE':
-    case 'UNUSUAL_LOCATION':
-    case 'UNAUTHORIZED_ACCESS':
+    case 'BRUTE_FORCE_ATTEMPT':
+    case 'OAUTH_INVALID_GRANT':         // Missing resource parameter - high risk
       return 'high';
     case 'RATE_LIMIT_EXCEEDED':
-    case 'INVALID_TOKEN':
+    case 'INVALID_TOKEN':               // Token audience violations
     case 'AUTH_FAILURE':
+    case 'UNUSUAL_LOCATION':
       return 'medium';
+    case 'SUSPICIOUS_ACTIVITY':         // User agent detection & token passthrough
+      return 'low';
     default:
       return 'low';
   }
@@ -104,33 +109,138 @@ function getSeverityForEventType(eventType: string): 'low' | 'medium' | 'high' |
 
 function getRiskScoreForEventType(eventType: string): number {
   switch (eventType) {
-    case 'PRIVILEGE_ESCALATION': return 95;
-    case 'BRUTE_FORCE_ATTEMPT': return 90;
-    case 'TOKEN_REUSE': return 85;
-    case 'UNUSUAL_LOCATION': return 70;
-    case 'UNAUTHORIZED_ACCESS': return 75;
-    case 'RATE_LIMIT_EXCEEDED': return 60;
-    case 'INVALID_TOKEN': return 50;
-    case 'AUTH_FAILURE': return 45;
-    case 'SUSPICIOUS_ACTIVITY': return 40;
-    case 'MALFORMED_REQUEST': return 30;
+    case 'PRIVILEGE_ESCALATION': return 95;       // Critical - elevated scope access
+    case 'INVALID_TOKEN': return 95;              // Critical - token audience violations
+    case 'OAUTH_INVALID_CLIENT': return 90;       // Critical - PKCE bypass
+    case 'BRUTE_FORCE_ATTEMPT': return 90;        // High - credential attacks
+    case 'TOKEN_REUSE': return 85;                // High - token theft
+    case 'SUSPICIOUS_ACTIVITY': return 85;        // High - token passthrough (when from that)
+    case 'OAUTH_INVALID_GRANT': return 80;        // High - missing resource parameter
+    case 'UNUSUAL_LOCATION': return 60;           // Medium - geographic anomaly (disabled)
+    case 'RATE_LIMIT_EXCEEDED': return 60;        // Medium - API abuse
+    case 'AUTH_FAILURE': return 50;               // Medium - auth issues
     default: return 25;
   }
 }
 
 function getDescriptionForEventType(eventType: string): string {
   switch (eventType) {
-    case 'AUTH_FAILURE': return 'Test authentication failure event';
-    case 'INVALID_TOKEN': return 'Test invalid token usage';
-    case 'SUSPICIOUS_ACTIVITY': return 'Test suspicious activity detection';
-    case 'RATE_LIMIT_EXCEEDED': return 'Test rate limiting trigger';
-    case 'UNAUTHORIZED_ACCESS': return 'Test unauthorized access attempt';
-    case 'TOKEN_REUSE': return 'Test token reuse from different IP';
-    case 'UNUSUAL_LOCATION': return 'Test unusual geographic location';
-    case 'PRIVILEGE_ESCALATION': return 'Test privilege escalation attempt';
-    case 'MALFORMED_REQUEST': return 'Test malformed request detection';
-    case 'BRUTE_FORCE_ATTEMPT': return 'Test brute force attack simulation';
-    default: return 'Test security event';
+    case 'AUTH_FAILURE': return 'Authentication failure event - failed login attempt';
+    case 'INVALID_TOKEN': return 'Token audience validation failure - token used across MCP server boundaries';
+    case 'SUSPICIOUS_ACTIVITY': return 'Suspicious user agent detected or rapid cross-server access pattern (token passthrough)';
+    case 'RATE_LIMIT_EXCEEDED': return 'Rate limit exceeded - more than 30 requests per minute from single IP';
+    case 'TOKEN_REUSE': return 'Token reuse detection - same token used from different IP addresses';
+    case 'UNUSUAL_LOCATION': return 'Unusual geographic location access (currently disabled in demo)';
+    case 'PRIVILEGE_ESCALATION': return 'OAuth privilege escalation - user requesting elevated scopes beyond historical patterns';
+    case 'BRUTE_FORCE_ATTEMPT': return 'Brute force attack - multiple authentication failures from same IP';
+    case 'OAUTH_INVALID_CLIENT': return 'OAuth PKCE bypass attempt - authorization code flow without PKCE protection';
+    case 'OAUTH_INVALID_GRANT': return 'OAuth missing resource parameter - requests without proper redirect URI/resource identification';
+    default: return 'Security event';
+  }
+}
+
+function getRealisticDetailsForEventType(eventType: string, index: number): Record<string, unknown> {
+  const baseIP = `192.168.1.${100 + index}`;
+  const userAgents = [
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
+    'curl/7.68.0',
+    'python-requests/2.28.1',
+    'PostmanRuntime/7.29.2'
+  ];
+
+  switch (eventType) {
+    case 'AUTH_FAILURE':
+      return {
+        reason: 'Invalid credentials provided',
+        attemptedUsername: `user${index}@example.com`,
+        failureCount: Math.floor(Math.random() * 5) + 1
+      };
+
+    case 'INVALID_TOKEN':
+      return {
+        mcpServers: [`server-${index}-a`, `server-${index}-b`],
+        currentEndpoint: '/mcp/sse',
+        reason: 'Access token used across multiple MCP server boundaries (audience violation)'
+      };
+
+    case 'SUSPICIOUS_ACTIVITY':
+      return Math.random() > 0.5 ? {
+        // User agent detection
+        userAgent: userAgents[1], // curl
+        detectedPattern: 'curl',
+        reason: 'Non-human user agent detected'
+      } : {
+        // Token passthrough
+        serverChanges: [
+          { fromServer: `server-${index}-1`, toServer: `server-${index}-2`, timeDiffMs: 2000 }
+        ],
+        reason: 'Rapid cross-MCP server access pattern suggests potential token passthrough'
+      };
+
+    case 'RATE_LIMIT_EXCEEDED':
+      return {
+        requestCount: 35 + Math.floor(Math.random() * 10),
+        limit: 30,
+        timeWindow: 60000,
+        endpoint: '/mcp/sse'
+      };
+
+    case 'TOKEN_REUSE':
+      return {
+        currentIP: baseIP,
+        previousIP: `10.0.0.${50 + index}`,
+        timeDifference: Math.floor(Math.random() * 300000), // Up to 5 minutes
+        reason: 'Same token used from different IP addresses'
+      };
+
+    case 'UNUSUAL_LOCATION':
+      return {
+        currentLocation: { country: 'Unknown' },
+        previousLocations: [
+          { country: 'United States', city: 'San Francisco' },
+          { country: 'United States', city: 'New York' }
+        ],
+        reason: 'Access from unusual geographic location'
+      };
+
+    case 'PRIVILEGE_ESCALATION':
+      return Math.random() > 0.5 ? {
+        // Elevated scopes
+        currentScopes: ['read', 'write', 'admin', 'delete'],
+        newElevatedScopes: ['admin', 'delete'],
+        historicalScopeCount: 2,
+        reason: 'User attempting to access elevated OAuth scopes not previously granted'
+      } : {
+        // Scope explosion
+        currentScopes: ['read', 'write', 'manage', 'config', 'system'],
+        newScopes: ['manage', 'config', 'system'],
+        historicalScopeCount: 2,
+        reason: 'Unusual number of new OAuth scopes requested'
+      };
+
+    case 'BRUTE_FORCE_ATTEMPT':
+      return {
+        failedAttempts: 5 + Math.floor(Math.random() * 5),
+        timeWindow: '15 minutes',
+        reason: 'Multiple authentication failures from same IP'
+      };
+
+    case 'OAUTH_INVALID_CLIENT':
+      return {
+        nonPKCECount: Math.floor(Math.random() * 3) + 1,
+        totalRequests: Math.floor(Math.random() * 5) + 2,
+        reason: 'Authorization code flow without PKCE protection (OAuth 2.1 violation)'
+      };
+
+    case 'OAUTH_INVALID_GRANT':
+      return {
+        missingRedirectCount: Math.floor(Math.random() * 2) + 1,
+        grantTypes: ['authorization_code', 'refresh_token'][Math.floor(Math.random() * 2)],
+        reason: 'OAuth requests missing required redirect URI (potential resource parameter missing)'
+      };
+
+    default:
+      return {};
   }
 }
 
@@ -139,16 +249,16 @@ export async function GET() {
     message: 'Security Event Generator API',
     usage: 'POST with { "eventType": "AUTH_FAILURE", "count": 5 }',
     availableEventTypes: [
-      'AUTH_FAILURE',
-      'INVALID_TOKEN',
-      'SUSPICIOUS_ACTIVITY', 
-      'RATE_LIMIT_EXCEEDED',
-      'UNAUTHORIZED_ACCESS',
-      'TOKEN_REUSE',
-      'UNUSUAL_LOCATION',
-      'PRIVILEGE_ESCALATION',
-      'MALFORMED_REQUEST',
-      'BRUTE_FORCE_ATTEMPT'
+      'AUTH_FAILURE',           // Authentication failures
+      'INVALID_TOKEN',          // Token audience violations (critical)
+      'SUSPICIOUS_ACTIVITY',    // User agent detection & token passthrough
+      'RATE_LIMIT_EXCEEDED',    // API abuse detection
+      'TOKEN_REUSE',            // Cross-IP token usage
+      'UNUSUAL_LOCATION',       // Geographic anomalies (disabled)
+      'PRIVILEGE_ESCALATION',   // OAuth scope escalation (critical)
+      'BRUTE_FORCE_ATTEMPT',    // Credential attacks
+      'OAUTH_INVALID_CLIENT',   // PKCE bypass attempts (critical)
+      'OAUTH_INVALID_GRANT'     // Missing resource parameters
     ]
   });
 }
\ No newline at end of file
diff --git a/app/globals.css b/app/globals.css
index c041672..048f0d2 100644
--- a/app/globals.css
+++ b/app/globals.css
@@ -32,6 +32,10 @@
   --secondary-foreground: oklch(1 0 0);
   --destructive: oklch(0.58 0.245 27);
   --ring: var(--primary-600);
+  --popover: var(--background);
+  --popover-foreground: var(--foreground);
+  --accent: var(--muted);
+  --accent-foreground: var(--foreground);
   
   /* Layout */
   --radius: 0.5rem;
@@ -45,6 +49,10 @@
   --border: var(--base-800);
   --input: var(--base-800);
   --destructive: oklch(0.70 0.191 22);
+  --popover: var(--background);
+  --popover-foreground: var(--foreground);
+  --accent: var(--muted);
+  --accent-foreground: var(--foreground);
 }
 
 @theme {
@@ -78,6 +86,10 @@
   --color-secondary-foreground: var(--secondary-foreground);
   --color-destructive: var(--destructive);
   --color-ring: var(--ring);
+  --color-popover: var(--popover);
+  --color-popover-foreground: var(--popover-foreground);
+  --color-accent: var(--accent);
+  --color-accent-foreground: var(--accent-foreground);
 
   --radius-sm: calc(var(--radius) - 2px);
   --radius-md: var(--radius);
diff --git a/app/mcp/[transport]/route.ts b/app/mcp/[transport]/route.ts
index 2517de7..e6ea07f 100644
--- a/app/mcp/[transport]/route.ts
+++ b/app/mcp/[transport]/route.ts
@@ -180,6 +180,7 @@ async function logEnhancedAnalytics(
           toolName = params.name;
         }
       }
+      console.log('[MCP Analytics] Extracted:', { mcpMethod, toolName, hasParams: !!requestBody.params });
     }
     
     // Get or create MCP server registration
@@ -255,8 +256,8 @@ async function logEnhancedAnalytics(
         'Content-Type': 'application/json',
       },
       body: JSON.stringify(analyticsData)
-    }).catch(() => {
-      // Silent fail - analytics shouldn't break MCP requests
+    }).catch((error) => {
+      console.warn('Analytics collection failed:', error, 'Data:', analyticsData);
     });
     
   } catch (error) {
diff --git a/app/oauth/authorize/page.tsx b/app/oauth/authorize/page.tsx
index 395003d..e6c786a 100644
--- a/app/oauth/authorize/page.tsx
+++ b/app/oauth/authorize/page.tsx
@@ -162,28 +162,29 @@ export default async function AuthorizePage({
   }
 
   return (
-    <main className="flex items-center justify-center h-screen bg-gray-50">
-      <div className="bg-white p-8 rounded-lg shadow-md max-w-sm w-full">
-        <h1 className="text-xl font-semibold mb-4 text-center">
-          Authorize Application
-        </h1>
-        <div className="text-center">
-          <p className="mb-2">
-            The application{' '}
-            <strong className="font-medium">{client.name}</strong> is
-            requesting access to your account.
-          </p>
-          <p className="text-sm text-gray-600">
-            Do you want to grant access?
-          </p>
-        </div>
-        <form action={handleConsent} className="mt-6">
-          <div className="flex justify-center gap-4">
+    <div className="min-h-screen bg-gradient-to-br from-base-50 via-primary-100 to-secondary-300 dark:from-base-950 dark:via-base-800 dark:to-base-800 flex items-center justify-center">
+      <div className="w-full max-w-md">
+        <div className="bg-background border border-border rounded-xl shadow-lg p-8 space-y-6">
+          <div className="text-center">
+            <h1 className="text-2xl font-bold text-foreground mb-2">
+              Authorize Application
+            </h1>
+            <p className="text-muted-foreground mb-4">
+              The application{' '}
+              <strong className="font-medium text-foreground">{client.name}</strong> is
+              requesting access to your account.
+            </p>
+            <p className="text-sm text-muted-foreground">
+              Do you want to grant access?
+            </p>
+          </div>
+          
+          <form action={handleConsent} className="space-y-4">
             <button
               type="submit"
               name="consent"
               value="allow"
-              className="px-4 py-2 bg-blue-600 text-white rounded-md hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-opacity-50"
+              className="w-full bg-primary hover:bg-primary-800 text-primary-foreground px-4 py-2 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:ring-opacity-50 transition-colors"
             >
               Allow
             </button>
@@ -191,13 +192,13 @@ export default async function AuthorizePage({
               type="submit"
               name="consent"
               value="deny"
-              className="px-4 py-2 bg-gray-200 text-gray-800 rounded-md hover:bg-gray-300 focus:outline-none focus:ring-2 focus:ring-gray-400 focus:ring-opacity-50"
+              className="w-full border border-border text-foreground hover:bg-muted px-4 py-2 rounded-md focus:outline-none focus:ring-2 focus:ring-border focus:ring-opacity-50 transition-colors"
             >
               Deny
             </button>
-          </div>
-        </form>
+          </form>
+        </div>
       </div>
-    </main>
+    </div>
   );
 } 
diff --git a/app/page.tsx b/app/page.tsx
index 9e76e1b..c158f58 100644
--- a/app/page.tsx
+++ b/app/page.tsx
@@ -5,6 +5,10 @@ import { BarChart3, LogOut, LogIn } from "lucide-react";
 
 export default async function Home() {
   const session = await auth();
+  
+  // Check if user is admin
+  const adminEmail = process.env.ADMIN_EMAIL;
+  const isAdmin = session?.user?.email === adminEmail;
 
   return (
     <div className="min-h-screen bg-gradient-to-br from-base-50 via-primary-100 to-secondary-300 dark:from-base-950 dark:via-base-800 dark:to-base-800 flex items-center justify-center">
@@ -17,15 +21,23 @@ export default async function Home() {
             </div>
             
             <div className="space-y-4">
-              <Link href="/analytics" className="block">
-                <Button className="w-full bg-primary hover:bg-primary-800 text-primary-foreground">
-                  <BarChart3 className="w-5 h-5 mr-2" />
-                  View Analytics Dashboard
-                </Button>
-              </Link>
+              {isAdmin ? (
+                <Link href="/analytics" className="block">
+                  <Button className="w-full bg-primary hover:bg-primary-800 text-primary-foreground">
+                    <BarChart3 className="w-5 h-5 mr-2" />
+                    View Analytics Dashboard
+                  </Button>
+                </Link>
+              ) : (
+                <div className="bg-muted/50 border border-border rounded-lg p-4 text-center">
+                  <p className="text-sm text-muted-foreground">
+                    Analytics dashboard is only available to administrators.
+                  </p>
+                </div>
+              )}
               
               <form action={async () => { 'use server'; await signOut(); }}>
-                <Button variant="outline" className="w-full border-destructive/20 text-destructive hover:bg-destructive/10">
+                <Button type="submit" variant="outline" className="w-full border-destructive/20 text-destructive hover:bg-destructive/10">
                   <LogOut className="w-4 h-4 mr-2" />
                   Sign Out
                 </Button>
diff --git a/app/prisma.ts b/app/prisma.ts
index 41bd73a..3cd3cd5 100644
--- a/app/prisma.ts
+++ b/app/prisma.ts
@@ -17,6 +17,84 @@ const prisma = global.prisma || new PrismaClient({
 
 if (process.env.NODE_ENV !== 'production') global.prisma = prisma;
 
+// TTL Cleanup function - removes data older than 14 days
+export async function cleanupExpiredData() {
+  const now = new Date();
+  
+  try {
+    const result = await prisma.$transaction([
+      // Cleanup expired analytics requests
+      prisma.analyticsRequest.deleteMany({
+        where: { expiresAt: { lt: now } }
+      }),
+      
+      // Cleanup expired security events
+      prisma.analyticsSecurity.deleteMany({
+        where: { expiresAt: { lt: now } }
+      }),
+      
+      // Cleanup expired OAuth tokens
+      prisma.accessToken.deleteMany({
+        where: { expiresAt: { lt: now } }
+      }),
+      
+      prisma.authCode.deleteMany({
+        where: { expiresAt: { lt: now } }
+      }),
+      
+      prisma.refreshToken.deleteMany({
+        where: { expiresAt: { lt: now } }
+      })
+    ]);
+    
+    const totalDeleted = result.reduce((sum, res) => sum + res.count, 0);
+    
+    console.log(`TTL Cleanup completed: ${totalDeleted} records deleted`);
+    return { success: true, deletedCount: totalDeleted };
+  } catch (error) {
+    console.error('TTL Cleanup failed:', error);
+    return { success: false, error: (error as Error).message };
+  }
+}
+
+// Get TTL status for monitoring
+export async function getTTLStatus() {
+  const now = new Date();
+  const oneDayFromNow = new Date(now.getTime() + 24 * 60 * 60 * 1000);
+  
+  try {
+    const [expiredAnalytics, expiringSoonAnalytics, expiredSecurity, expiringSoonSecurity] = await Promise.all([
+      prisma.analyticsRequest.count({
+        where: { expiresAt: { lt: now } }
+      }),
+      prisma.analyticsRequest.count({
+        where: { expiresAt: { lt: oneDayFromNow, gte: now } }
+      }),
+      prisma.analyticsSecurity.count({
+        where: { expiresAt: { lt: now } }
+      }),
+      prisma.analyticsSecurity.count({
+        where: { expiresAt: { lt: oneDayFromNow, gte: now } }
+      })
+    ]);
+    
+    return {
+      analyticsRequests: {
+        expired: expiredAnalytics,
+        expiringSoon: expiringSoonAnalytics
+      },
+      securityEvents: {
+        expired: expiredSecurity,
+        expiringSoon: expiringSoonSecurity
+      },
+      timestamp: now
+    };
+  } catch (error) {
+    console.error('Failed to get TTL status:', error);
+    return { error: (error as Error).message };
+  }
+}
+
 export { prisma };
 
 declare global {
diff --git a/components/analytics/analytics-pie-chart.tsx b/components/analytics/analytics-pie-chart.tsx
new file mode 100644
index 0000000..929bd50
--- /dev/null
+++ b/components/analytics/analytics-pie-chart.tsx
@@ -0,0 +1,119 @@
+"use client"
+
+import type React from "react"
+import { Pie, PieChart, Cell } from "recharts"
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from "@/components/ui/card"
+import {
+  ChartConfig,
+  ChartContainer,
+  ChartLegend,
+} from "@/components/ui/chart"
+
+interface PieChartData {
+  name: string
+  value: number
+  percentage?: number
+  fill?: string
+}
+
+interface AnalyticsPieChartProps {
+  title: string
+  description?: string
+  data: PieChartData[]
+  dataKey?: string
+  nameKey?: string
+  className?: string
+  config?: ChartConfig
+  icon?: React.ComponentType<{ className?: string }>
+}
+
+// Default color palette using your globals.css colors
+const defaultColors = [
+  "var(--primary-600)",     // Main primary color
+  "var(--secondary-600)",   // Secondary color  
+  "var(--primary-300)",     // Lighter primary
+  "var(--secondary-300)",   // Lighter secondary
+  "var(--primary-800)",     // Darker primary
+  "var(--secondary-800)",   // Darker secondary
+  "var(--base-600)",        // Neutral
+  "var(--base-400)"         // Light neutral
+]
+
+export function AnalyticsPieChart({
+  title,
+  description,
+  data,
+  dataKey = "value",
+  nameKey = "name",
+  className,
+  config,
+  icon: Icon
+}: AnalyticsPieChartProps) {
+  
+  // Add colors to data if not provided
+  const chartData = data.map((item, index) => ({
+    ...item,
+    fill: item.fill || defaultColors[index % defaultColors.length]
+  }))
+
+  // Generate config if not provided
+  const chartConfig = config || chartData.reduce((acc, item, index) => {
+    const key = item.name.toLowerCase().replace(/[^a-z0-9]/g, '')
+    acc[key] = {
+      label: item.name,
+      color: item.fill || defaultColors[index % defaultColors.length]
+    }
+    return acc
+  }, {} as ChartConfig)
+
+  return (
+    <Card className={`flex flex-col ${className}`}>
+      <CardHeader className="pb-0">
+        <div className="flex items-start justify-between">
+          <div className="space-y-1">
+            <CardTitle className="text-lg font-semibold text-foreground">{title}</CardTitle>
+            {description && (
+              <CardDescription className="text-sm text-muted-foreground">{description}</CardDescription>
+            )}
+          </div>
+          {/* Icon Container - Design System: spacing.3, borderRadius.xl, semantic colors */}
+          {Icon && (
+            <div className="p-3 rounded-xl bg-secondary-300 text-secondary-600" aria-hidden="true">
+              <Icon className="w-6 h-6" />
+            </div>
+          )}
+        </div>
+      </CardHeader>
+      <CardContent className="flex-1 pb-0">
+        <ChartContainer
+          config={chartConfig}
+          className="mx-auto aspect-square max-h-[300px]"
+        >
+          <PieChart>
+            <Pie 
+              data={chartData} 
+              dataKey={dataKey}
+              nameKey={nameKey}
+              cx="50%" 
+              cy="50%" 
+              outerRadius={80}
+            >
+              {chartData.map((entry, index) => (
+                <Cell key={`cell-${index}`} fill={entry.fill} />
+              ))}
+            </Pie>
+            <ChartLegend
+              className="-translate-y-2 flex-wrap gap-2 *:basis-1/4 *:justify-center"
+            />
+          </PieChart>
+        </ChartContainer>
+      </CardContent>
+    </Card>
+  )
+}
\ No newline at end of file
diff --git a/components/analytics/dashboard-header.tsx b/components/analytics/dashboard-header.tsx
index 049a4b7..2d3ad6f 100644
--- a/components/analytics/dashboard-header.tsx
+++ b/components/analytics/dashboard-header.tsx
@@ -20,31 +20,19 @@ interface DashboardHeaderProps {
   className?: string
 }
 
-function getStatusColor(status: string) {
-  switch (status) {
-    case "healthy":
-      return "bg-green-500"
-    case "warning":
-      return "bg-yellow-500"
-    case "critical":
-      return "bg-destructive"
-    default:
-      return "bg-base-400"
-  }
-}
 
 function getStatusBadge(status: string) {
   const baseClasses = "inline-flex items-center px-3 py-1 rounded-full text-sm font-medium"
   
   switch (status) {
     case "healthy":
-      return cn(baseClasses, "bg-green-500 text-white")
+      return cn(baseClasses, "bg-primary-600 text-primary-foreground")
     case "warning":
-      return cn(baseClasses, "bg-yellow-500 text-white")
+      return cn(baseClasses, "bg-secondary-600 text-secondary-foreground")
     case "critical":
-      return cn(baseClasses, "bg-destructive text-white")
+      return cn(baseClasses, "bg-destructive text-primary-foreground")
     default:
-      return cn(baseClasses, "bg-base-400 text-white")
+      return cn(baseClasses, "bg-base-400 text-primary-foreground")
   }
 }
 
@@ -53,7 +41,6 @@ export function DashboardHeader({
   subtitle,
   lastUpdated,
   timeRange,
-  status = "unknown",
   serverName,
   serverUrl,
   children,
@@ -67,17 +54,17 @@ export function DashboardHeader({
       )}
       role="banner"
     >
-      <div className="container mx-auto px-6 py-6">
-        <div className="flex flex-col lg:flex-row lg:items-center lg:justify-between gap-6">
-          <div className="space-y-4">
-            {/* Title - Design System: fontSize.3xl, fontWeight.bold, color.foreground */}
-            <h1 className="text-3xl font-bold text-foreground" id="dashboard-main-title">
+      <div className="container mx-auto px-6 py-4 max-w-7xl">
+        <div className="flex flex-col lg:flex-row lg:items-center lg:justify-between gap-4">
+          <div className="space-y-2">
+            {/* Title - Design System: fontSize.2xl, fontWeight.bold, color.foreground */}
+            <h1 className="text-2xl font-bold text-foreground" id="dashboard-main-title">
               {title}
             </h1>
             
             {/* Subtitle */}
             {subtitle && (
-              <p className="text-lg text-muted-foreground" aria-describedby="dashboard-main-title">
+              <p className="text-base text-muted-foreground" aria-describedby="dashboard-main-title">
                 {subtitle}
               </p>
             )}
@@ -86,14 +73,14 @@ export function DashboardHeader({
             
             {/* Status and Meta Information */}
             <div 
-              className="flex flex-wrap items-center gap-6 text-sm text-muted-foreground"
+              className="flex flex-wrap items-center gap-2 text-xs text-muted-foreground"
               role="group"
               aria-label="Dashboard status and metadata"
             >
               {/* Last Updated */}
               {lastUpdated && (
                 <div className="flex items-center gap-2">
-                  <Clock className="w-4 h-4" aria-hidden="true" />
+                  <Clock className="w-3 h-3" aria-hidden="true" />
                   <span aria-label={`Last updated ${new Date(lastUpdated).toLocaleString()}`}>
                     Last updated: {new Date(lastUpdated).toLocaleString()}
                   </span>
@@ -103,7 +90,7 @@ export function DashboardHeader({
               {/* Time Range */}
               {timeRange && (
                 <div className="flex items-center gap-2">
-                  <Activity className="w-4 h-4" aria-hidden="true" />
+                  <Activity className="w-3 h-3" aria-hidden="true" />
                   <span aria-label={`Time range ${timeRange}`}>
                     Time Range: {timeRange}
                   </span>
@@ -113,7 +100,7 @@ export function DashboardHeader({
               {/* MCP Server Info */}
               {serverName && (
                 <div className="flex items-center gap-2">
-                  <Server className="w-4 h-4" aria-hidden="true" />
+                  <Server className="w-3 h-3" aria-hidden="true" />
                   <TooltipProvider>
                     <Tooltip>
                       <TooltipTrigger asChild>
@@ -148,7 +135,7 @@ export function DashboardHeader({
           {/* Controls */}
           {children && (
             <div 
-              className="flex flex-wrap items-center gap-3"
+              className="flex flex-wrap items-center gap-2"
               role="group"
               aria-label="Dashboard controls"
             >
diff --git a/components/analytics/data-table.tsx b/components/analytics/data-table.tsx
index 2c41418..eb5adcb 100644
--- a/components/analytics/data-table.tsx
+++ b/components/analytics/data-table.tsx
@@ -1,5 +1,6 @@
 import type React from "react"
 import { cn } from "@/lib/utils"
+import { Badge } from "@/components/ui/badge"
 
 interface DataTableItem {
   primary: string
@@ -11,6 +12,7 @@ interface DataTableItem {
 
 interface DataTableProps {
   title: string
+  subtitle?: string
   icon: React.ComponentType<{ className?: string }>
   data: DataTableItem[]
   emptyMessage?: string
@@ -20,6 +22,7 @@ interface DataTableProps {
 
 export function DataTable({ 
   title, 
+  subtitle,
   icon: Icon, 
   data, 
   emptyMessage = "No data available",
@@ -35,15 +38,26 @@ export function DataTable({
     >
       {/* Header - Design System: spacing.6, typography.lg */}
       <div className="p-6 pb-4">
-        <h3 
-          className="flex items-center gap-3 text-lg font-semibold text-foreground"
-          id={`table-title-${title.replace(/\s+/g, '-').toLowerCase()}`}
-        >
-          <div className="p-2 bg-muted rounded-lg" aria-hidden="true">
-            <Icon className="w-5 h-5 text-muted-foreground" />
+        <div className="flex items-start justify-between">
+          <div className="space-y-1">
+            <h3 
+              className="text-lg font-semibold text-foreground"
+              id={`table-title-${title.replace(/\s+/g, '-').toLowerCase()}`}
+            >
+              {title}
+            </h3>
+            {/* Subtitle - Design System: fontSize.sm, color.muted-foreground */}
+            {subtitle && (
+              <p className="text-sm text-muted-foreground">
+                {subtitle}
+              </p>
+            )}
           </div>
-          {title}
-        </h3>
+          {/* Icon Container - Design System: spacing.3, borderRadius.xl, semantic colors */}
+          <div className="p-3 rounded-xl bg-secondary-300 text-secondary-600" aria-hidden="true">
+            <Icon className="w-6 h-6" />
+          </div>
+        </div>
       </div>
 
       {/* Content */}
@@ -70,10 +84,10 @@ export function DataTable({
                 aria-label={`Rank ${index + 1}: ${item.primary}${item.secondary ? `, ${item.secondary}` : ''}, value: ${item.value}${item.badge ? `, ${item.badge}` : ''}`}
               >
                 <div className="flex-1 min-w-0">
-                  <div className="flex items-center gap-3">
+                  <div className="flex items-start gap-3">
                     {/* Rank - Design System: fontSize.xs, spacing.2 */}
                     <span 
-                      className="text-xs font-medium text-muted-foreground bg-background px-2 py-1 rounded border"
+                      className="text-xs font-medium text-muted-foreground bg-background px-2 py-1 rounded border shrink-0 mt-0.5"
                       aria-label={`Rank ${index + 1}`}
                     >
                       #{index + 1}
@@ -81,14 +95,14 @@ export function DataTable({
 
                     <div className="min-w-0 flex-1">
                       {/* Primary Text - Design System: fontWeight.medium, color.foreground */}
-                      <p className="font-medium text-foreground truncate" title={item.primary}>
+                      <p className="font-medium text-foreground leading-tight" title={item.primary}>
                         {item.primary}
                       </p>
 
                       {/* Secondary Text - Design System: fontSize.sm, color.muted-foreground, fontFamily.mono */}
                       {item.secondary && (
                         <p 
-                          className="text-sm text-muted-foreground truncate font-mono" 
+                          className="text-sm text-muted-foreground mt-1 leading-tight break-words" 
                           title={item.secondary}
                           aria-label={`Secondary info: ${item.secondary}`}
                         >
@@ -99,19 +113,20 @@ export function DataTable({
                   </div>
                 </div>
 
-                <div className="flex items-center gap-3 ml-4">
-                  {/* Badge - Design System: fontSize.xs */}
+                <div className="flex flex-col items-end gap-2 ml-4 shrink-0">
+                  {/* Badge - Design System: using proper Badge component */}
                   {item.badge && (
-                    <span 
-                      className="text-xs bg-muted border text-muted-foreground px-2 py-1 rounded"
+                    <Badge 
+                      variant={item.badgeVariant || "outline"} 
+                      className="text-xs whitespace-nowrap"
                       aria-label={`Badge: ${item.badge}`}
                     >
                       {item.badge}
-                    </span>
+                    </Badge>
                   )}
 
                   {/* Value - Design System: fontWeight.semibold, color.foreground */}
-                  <span className="font-semibold text-foreground" aria-label={`Value: ${item.value}`}>
+                  <span className="font-semibold text-foreground text-lg whitespace-nowrap" aria-label={`Value: ${item.value}`}>
                     {item.value}
                   </span>
                 </div>
diff --git a/components/analytics/grant-type-chart.tsx b/components/analytics/grant-type-chart.tsx
new file mode 100644
index 0000000..7726f63
--- /dev/null
+++ b/components/analytics/grant-type-chart.tsx
@@ -0,0 +1,93 @@
+"use client"
+
+import { TrendingUp } from "lucide-react"
+import { AnalyticsPieChart } from "./analytics-pie-chart"
+
+interface GrantType {
+  type: string
+  count: number
+  percentage: number
+}
+
+interface GrantTypeChartProps {
+  grantTypes: GrantType[]
+  className?: string
+}
+
+export function GrantTypeChart({ grantTypes, className }: GrantTypeChartProps) {
+  // Color mapping for grant types
+  const getGrantTypeColor = (type: string) => {
+    switch (type) {
+      case 'authorization_code':
+        return "var(--primary-600)"
+      case 'refresh_token':
+        return "var(--secondary-600)"
+      case 'client_credentials':
+        return "var(--primary-300)"
+      case 'client_registration':
+        return "var(--secondary-300)"
+      case 'device_code':
+        return "var(--base-600)"
+      default:
+        return "var(--base-400)"
+    }
+  }
+
+  // Transform grant type data for the pie chart - key is using the original type
+  const chartData = grantTypes.map(grant => ({
+    grantType: grant.type, // Keep original for config key
+    name: formatGrantTypeName(grant.type), // Display name
+    value: grant.count,
+    percentage: grant.percentage,
+    fill: getGrantTypeColor(grant.type)
+  }))
+
+  // Custom config for grant types - keys must match data keys
+  const grantTypeConfig = grantTypes.reduce((config, grant) => {
+    config[grant.type] = {
+      label: formatGrantTypeName(grant.type),
+      color: getGrantTypeColor(grant.type)
+    }
+    return config
+  }, {} as Record<string, { label: string; color: string }>)
+
+  // Add the main data key config
+  grantTypeConfig.value = {
+    label: "Count",
+    color: "transparent" // Not used for pie charts
+  }
+
+  return (
+    <AnalyticsPieChart
+      title="OAuth Grant Types"
+      description="OAuth 2.1 grant types distribution"
+      data={chartData}
+      config={grantTypeConfig}
+      nameKey="grantType" // This should match the data key for legend mapping
+      icon={TrendingUp}
+      className={className}
+    />
+  )
+}
+
+// Helper function to format grant type names for display
+function formatGrantTypeName(type: string): string {
+  switch (type) {
+    case 'authorization_code':
+      return 'AuthZ Code'
+    case 'refresh_token':
+      return 'Refresh Token'
+    case 'client_credentials':
+      return 'Client Cred'
+    case 'client_registration':
+      return 'Client Rego'
+    case 'device_code':
+      return 'Device Code'
+    default:
+      // Fallback: capitalize and replace underscores
+      return type
+        .split('_')
+        .map(word => word.charAt(0).toUpperCase() + word.slice(1))
+        .join(' ')
+  }
+}
\ No newline at end of file
diff --git a/components/analytics/index.ts b/components/analytics/index.ts
index 409d27f..46bda25 100644
--- a/components/analytics/index.ts
+++ b/components/analytics/index.ts
@@ -2,4 +2,11 @@ export { MetricCard } from "./metric-card"
 export { DataTable } from "./data-table"
 export { SecurityPanel } from "./security-panel"
 export { LoadingSkeleton, MetricCardSkeleton, DataTableSkeleton } from "./loading-skeleton"
-export { DashboardHeader, StatusBadge } from "./dashboard-header"
\ No newline at end of file
+export { DashboardHeader, StatusBadge } from "./dashboard-header"
+export { OAuthOverview } from "./oauth-overview"
+export { OAuthSecurityPanel } from "./oauth-security-panel"
+export { OAuthClientActivity, TokenExpiration, GrantTypeDistribution } from "./oauth-client-activity"
+export { ToolUsagePanel } from "./tool-usage-panel"
+export { AnalyticsPieChart } from "./analytics-pie-chart"
+export { GrantTypeChart } from "./grant-type-chart"
+export { ToolResponseAreaChart } from "./tool-response-area-chart"
\ No newline at end of file
diff --git a/components/analytics/loading-skeleton.tsx b/components/analytics/loading-skeleton.tsx
index d058b7b..3dd1680 100644
--- a/components/analytics/loading-skeleton.tsx
+++ b/components/analytics/loading-skeleton.tsx
@@ -4,171 +4,183 @@ interface LoadingSkeletonProps {
   className?: string
 }
 
+export function MetricCardSkeleton() {
+  return (
+    <div className="p-6 bg-muted/5 rounded-lg border border-border">
+      <div className="space-y-4">
+        <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+        <div className="h-8 bg-muted rounded w-24 animate-pulse"></div>
+        <div className="h-4 bg-muted rounded w-full animate-pulse"></div>
+      </div>
+    </div>
+  )
+}
+
+export function DataTableSkeleton() {
+  return (
+    <div className="bg-background border border-border rounded-lg shadow-sm">
+      <div className="p-6 pb-4">
+        <div className="flex items-start justify-between">
+          <div className="space-y-1">
+            <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+            <div className="h-4 bg-muted rounded w-48 animate-pulse"></div>
+          </div>
+          <div className="p-3 rounded-xl bg-muted animate-pulse">
+            <div className="w-6 h-6"></div>
+          </div>
+        </div>
+      </div>
+      <div className="px-6 pb-6">
+        {[...Array(5)].map((_, i) => (
+          <div key={i} className="py-3 space-y-2">
+            <div className="h-5 bg-muted rounded w-full animate-pulse"></div>
+            <div className="h-4 bg-muted rounded w-1/2 animate-pulse"></div>
+          </div>
+        ))}
+      </div>
+    </div>
+  )
+}
+
 export function LoadingSkeleton({ className }: LoadingSkeletonProps) {
   return (
-    <div className={cn("min-h-screen bg-muted/30", className)}>
+    <main className={cn("min-h-screen bg-background", className)} aria-labelledby="dashboard-title">
       {/* Header Skeleton */}
-      <div className="bg-background border-b border-border sticky top-0 z-10">
+      <div className="bg-background border-b border-border">
         <div className="container mx-auto px-6 py-6">
           <div className="flex justify-between items-center">
             <div className="space-y-3">
-              {/* Title Skeleton - Design System: height 2rem, width 16rem */}
               <div className="h-8 bg-muted rounded-lg w-64 animate-pulse"></div>
               <div className="h-4 bg-muted rounded w-48 animate-pulse"></div>
             </div>
             <div className="flex gap-3">
-              <div className="h-9 bg-muted rounded w-32 animate-pulse"></div>
+              <div className="h-9 bg-muted rounded w-[180px] animate-pulse"></div>
               <div className="h-9 bg-muted rounded w-24 animate-pulse"></div>
+              <div className="h-9 bg-muted rounded w-36 animate-pulse"></div>
             </div>
           </div>
         </div>
       </div>
 
-      <div className="container mx-auto px-6 py-8 space-y-8">
-        {/* Metrics Skeleton - Design System: patterns.cardGrid */}
-        <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
-          {[...Array(4)].map((_, i) => (
-            <div key={i} className="bg-background border border-border rounded-lg p-6 shadow-sm">
-              <div className="flex justify-between items-start">
-                <div className="space-y-3">
-                  <div className="h-4 bg-muted rounded w-24 animate-pulse"></div>
-                  <div className="h-8 bg-muted rounded w-16 animate-pulse"></div>
-                  <div className="h-3 bg-muted rounded w-20 animate-pulse"></div>
+      <div className="container mx-auto px-6 py-6 max-w-7xl space-y-6">
+        {/* Priority Alert Bar Skeleton */}
+        <div className="border border-destructive/20 bg-destructive/5 rounded-lg p-4">
+          <div className="flex items-center gap-2 pb-3">
+            <div className="h-5 w-5 bg-muted rounded animate-pulse"></div>
+            <div className="h-5 bg-muted rounded w-24 animate-pulse"></div>
+          </div>
+          <div className="flex flex-wrap gap-2">
+            {[...Array(3)].map((_, i) => (
+              <div key={i} className="h-5 bg-muted rounded w-32 animate-pulse"></div>
+            ))}
+          </div>
+        </div>
+
+        {/* OAuth Metrics Section */}
+        <div className="border border-primary-300 dark:border-primary-600 rounded-lg">
+          <div className="p-6 cursor-pointer hover:bg-muted/50 transition-colors">
+            <div className="flex items-center justify-between">
+              <div className="flex items-center gap-3">
+                <div className="p-2 bg-primary-600/10 rounded-lg">
+                  <div className="h-5 w-5 bg-muted rounded animate-pulse"></div>
                 </div>
-                <div className="h-12 w-12 bg-muted rounded-xl animate-pulse"></div>
+                <div>
+                  <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+                  <div className="h-4 bg-muted rounded w-48 mt-1 animate-pulse"></div>
+                </div>
+              </div>
+              <div className="flex items-center gap-2">
+                <div className="h-5 bg-muted rounded w-24 animate-pulse"></div>
+                <div className="h-4 w-4 bg-muted rounded animate-pulse"></div>
               </div>
             </div>
-          ))}
+          </div>
+          <div className="px-6 pb-6">
+            <div className="grid grid-cols-1 lg:grid-cols-3 gap-4">
+              {[...Array(3)].map((_, i) => (
+                <div key={i} className="p-6 bg-muted/5 rounded-lg border border-border">
+                  <div className="space-y-4">
+                    <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+                    <div className="h-8 bg-muted rounded w-24 animate-pulse"></div>
+                    <div className="h-4 bg-muted rounded w-full animate-pulse"></div>
+                  </div>
+                </div>
+              ))}
+            </div>
+          </div>
         </div>
 
-        {/* Content Grid Skeleton - Design System: patterns.contentGrid */}
-        <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
-          {/* Left Column */}
-          <div className="space-y-8">
-            <div className="bg-background border border-border rounded-lg shadow-sm p-6">
-              <div className="flex items-center gap-3 mb-6">
-                <div className="h-8 w-8 bg-muted rounded-lg animate-pulse"></div>
-                <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+        {/* Security Overview Section */}
+        <div className="border border-destructive/20 dark:border-destructive/40 rounded-lg">
+          <div className="p-6 cursor-pointer hover:bg-muted/50 transition-colors">
+            <div className="flex items-center justify-between">
+              <div className="flex items-center gap-3">
+                <div className="p-2 bg-destructive/10 rounded-lg">
+                  <div className="h-5 w-5 bg-muted rounded animate-pulse"></div>
+                </div>
+                <div>
+                  <div className="h-6 bg-muted rounded w-36 animate-pulse"></div>
+                  <div className="h-4 bg-muted rounded w-52 mt-1 animate-pulse"></div>
+                </div>
               </div>
-              <div className="space-y-4">
-                {[...Array(3)].map((_, i) => (
-                  <div key={i} className="flex items-center justify-between p-4 bg-muted/50 rounded-lg">
-                    <div className="flex items-center gap-3">
-                      <div className="h-6 w-8 bg-muted rounded animate-pulse"></div>
-                      <div className="h-4 bg-muted rounded w-32 animate-pulse"></div>
-                    </div>
-                    <div className="h-4 bg-muted rounded w-12 animate-pulse"></div>
-                  </div>
-                ))}
+              <div className="flex items-center gap-2">
+                <div className="h-5 bg-muted rounded w-20 animate-pulse"></div>
+                <div className="h-4 w-4 bg-muted rounded animate-pulse"></div>
               </div>
             </div>
           </div>
-
-          {/* Middle Column */}
-          <div className="space-y-8">
-            <div className="bg-background border border-border rounded-lg shadow-sm p-6">
-              <div className="flex items-center gap-3 mb-6">
-                <div className="h-8 w-8 bg-muted rounded-lg animate-pulse"></div>
-                <div className="h-6 bg-muted rounded w-40 animate-pulse"></div>
-              </div>
-              <div className="space-y-4">
-                {[...Array(4)].map((_, i) => (
-                  <div key={i} className="p-4 bg-muted/50 rounded-lg">
-                    <div className="flex justify-between items-start mb-3">
-                      <div className="space-y-2">
-                        <div className="h-4 bg-muted rounded w-28 animate-pulse"></div>
-                        <div className="h-3 bg-muted rounded w-36 animate-pulse"></div>
-                      </div>
-                      <div className="space-y-2">
-                        <div className="h-3 bg-muted rounded w-20 animate-pulse"></div>
-                        <div className="h-3 bg-muted rounded w-16 animate-pulse"></div>
-                      </div>
+          <div className="px-6 pb-6">
+            <div className="grid grid-cols-1 lg:grid-cols-2 gap-4">
+              {[...Array(2)].map((_, i) => (
+                <div key={i} className="p-6 bg-muted/5 rounded-lg border border-border">
+                  <div className="space-y-4">
+                    <div className="h-6 bg-muted rounded w-36 animate-pulse"></div>
+                    <div className="grid grid-cols-2 gap-4">
+                      <div className="h-20 bg-muted rounded animate-pulse"></div>
+                      <div className="h-20 bg-muted rounded animate-pulse"></div>
                     </div>
                   </div>
-                ))}
-              </div>
+                </div>
+              ))}
             </div>
           </div>
+        </div>
 
-          {/* Right Column */}
-          <div className="space-y-8">
-            <div className="bg-background border border-border rounded-lg shadow-sm p-6">
-              <div className="flex items-center gap-3 mb-6">
-                <div className="h-8 w-8 bg-muted rounded-lg animate-pulse"></div>
-                <div className="h-6 bg-muted rounded w-36 animate-pulse"></div>
-              </div>
-              
-              {/* Security Overview Skeleton */}
-              <div className="p-6 bg-muted/50 rounded-lg mb-6">
-                <div className="flex items-center justify-between">
-                  <div className="space-y-2">
-                    <div className="h-4 bg-muted rounded w-32 animate-pulse"></div>
-                    <div className="h-8 bg-muted rounded w-16 animate-pulse"></div>
-                  </div>
-                  <div className="h-10 w-10 bg-muted rounded-full animate-pulse"></div>
+        {/* Performance & Tools Section */}
+        <div className="border border-secondary-300 dark:border-secondary-600 rounded-lg">
+          <div className="p-6 cursor-pointer hover:bg-muted/50 transition-colors">
+            <div className="flex items-center justify-between">
+              <div className="flex items-center gap-3">
+                <div className="p-2 bg-secondary-600/10 rounded-lg">
+                  <div className="h-5 w-5 bg-muted rounded animate-pulse"></div>
+                </div>
+                <div>
+                  <div className="h-6 bg-muted rounded w-40 animate-pulse"></div>
+                  <div className="h-4 bg-muted rounded w-44 mt-1 animate-pulse"></div>
                 </div>
               </div>
-
-              {/* Security Events Skeleton */}
-              <div className="space-y-4">
-                {[...Array(2)].map((_, i) => (
-                  <div key={i} className="p-4 bg-muted/50 rounded-lg border">
-                    <div className="flex justify-between items-start mb-3">
-                      <div className="h-4 bg-muted rounded w-24 animate-pulse"></div>
-                      <div className="h-5 bg-muted rounded w-16 animate-pulse"></div>
-                    </div>
-                    <div className="flex justify-between items-center">
-                      <div className="h-6 bg-muted rounded w-28 animate-pulse"></div>
-                      <div className="space-y-1">
-                        <div className="h-3 bg-muted rounded w-16 animate-pulse"></div>
-                        <div className="h-3 bg-muted rounded w-12 animate-pulse"></div>
-                      </div>
-                    </div>
-                  </div>
-                ))}
+              <div className="flex items-center gap-2">
+                <div className="h-5 bg-muted rounded w-20 animate-pulse"></div>
+                <div className="h-4 w-4 bg-muted rounded animate-pulse"></div>
               </div>
             </div>
           </div>
+          <div className="px-6 pb-6">
+            <div className="grid grid-cols-1 lg:grid-cols-2 gap-4">
+              {[...Array(2)].map((_, i) => (
+                <div key={i} className="p-6 bg-muted/5 rounded-lg border border-border">
+                  <div className="space-y-4">
+                    <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
+                    <div className="h-[200px] bg-muted rounded animate-pulse"></div>
+                  </div>
+                </div>
+              ))}
+            </div>
+          </div>
         </div>
       </div>
-    </div>
-  )
-}
-
-// Skeleton for individual components
-export function MetricCardSkeleton({ className }: { className?: string }) {
-  return (
-    <div className={cn("bg-background border border-border rounded-lg p-6 shadow-sm", className)}>
-      <div className="flex justify-between items-start">
-        <div className="space-y-3">
-          <div className="h-4 bg-muted rounded w-24 animate-pulse"></div>
-          <div className="h-8 bg-muted rounded w-16 animate-pulse"></div>
-          <div className="h-3 bg-muted rounded w-20 animate-pulse"></div>
-        </div>
-        <div className="h-12 w-12 bg-muted rounded-xl animate-pulse"></div>
-      </div>
-    </div>
+    </main>
   )
 }
 
-export function DataTableSkeleton({ className }: { className?: string }) {
-  return (
-    <div className={cn("bg-background border border-border rounded-lg shadow-sm p-6", className)}>
-      <div className="flex items-center gap-3 mb-6">
-        <div className="h-8 w-8 bg-muted rounded-lg animate-pulse"></div>
-        <div className="h-6 bg-muted rounded w-32 animate-pulse"></div>
-      </div>
-      <div className="space-y-4">
-        {[...Array(5)].map((_, i) => (
-          <div key={i} className="flex items-center justify-between p-4 bg-muted/50 rounded-lg">
-            <div className="flex items-center gap-3">
-              <div className="h-6 w-8 bg-muted rounded animate-pulse"></div>
-              <div className="h-4 bg-muted rounded w-32 animate-pulse"></div>
-            </div>
-            <div className="h-4 bg-muted rounded w-12 animate-pulse"></div>
-          </div>
-        ))}
-      </div>
-    </div>
-  )
-}
\ No newline at end of file
+// Remove unused component exports since they're not used in the main page
\ No newline at end of file
diff --git a/components/analytics/metric-card.tsx b/components/analytics/metric-card.tsx
index d63a3c8..622ef36 100644
--- a/components/analytics/metric-card.tsx
+++ b/components/analytics/metric-card.tsx
@@ -1,5 +1,6 @@
 import type React from "react"
 import { cn } from "@/lib/utils"
+import { Badge } from "@/components/ui/badge"
 
 interface MetricCardProps {
   title: string
@@ -28,10 +29,10 @@ export function MetricCard({
     secondary: "bg-secondary-300 text-secondary-600",
   }
 
-  const changeColors = {
-    positive: "text-primary-600 bg-primary-100",
-    negative: "text-destructive bg-muted",
-    neutral: "text-muted-foreground bg-muted",
+  const changeBadgeVariant = {
+    positive: "secondary" as const,
+    negative: "destructive" as const,
+    neutral: "outline" as const,
   }
 
   return (
@@ -67,17 +68,15 @@ export function MetricCard({
             )}
           </div>
 
-          {/* Change Indicator - Design System: fontSize.xs, semantic colors */}
+          {/* Change Indicator - Using Badge component */}
           {change && (
-            <div
-              className={cn(
-                "inline-flex items-center px-2 py-1 rounded-full text-xs font-medium",
-                changeColors[changeType]
-              )}
+            <Badge
+              variant={changeBadgeVariant[changeType]}
+              className="text-xs font-medium"
               aria-label={`Change indicator: ${change}, ${changeType} trend`}
             >
               {change}
-            </div>
+            </Badge>
           )}
         </div>
 
diff --git a/components/analytics/oauth-client-activity.tsx b/components/analytics/oauth-client-activity.tsx
new file mode 100644
index 0000000..1ca6309
--- /dev/null
+++ b/components/analytics/oauth-client-activity.tsx
@@ -0,0 +1,131 @@
+import type React from "react"
+import { TrendingUp, Users, Key } from "lucide-react"
+import { DataTable } from "./data-table"
+
+interface OAuthClient {
+  name: string
+  clientId: string
+  uniqueUsers: number
+  activeTokens: number
+  recentRequests: number
+  lastActivity: string
+  userNames: string
+  status: string
+}
+
+interface OAuthClientActivityProps {
+  clients: OAuthClient[]
+  title?: string
+  maxItems?: number
+}
+
+export function OAuthClientActivity({ 
+  clients, 
+  title = "Client Activity",
+  maxItems = 6 
+}: OAuthClientActivityProps) {
+  const formatData = (clients: OAuthClient[]) => {
+    return clients.slice(0, maxItems).map(client => ({
+      primary: client.name,
+      secondary: `${client.uniqueUsers} user${client.uniqueUsers !== 1 ? 's' : ''} • ${client.userNames}`,
+      value: `${client.recentRequests} requests`,
+      badge: client.status,
+      badgeVariant: (client.status === "Active" ? "default" : "outline") as "default" | "outline"
+    }))
+  }
+
+  return (
+    <DataTable
+      title={title}
+      subtitle="OAuth clients with active user sessions"
+      icon={Users}
+      data={formatData(clients)}
+      emptyMessage="No active clients"
+      maxItems={maxItems}
+    />
+  )
+}
+
+interface TokenExpirationProps {
+  expiringTokens: {
+    clientName: string
+    tokenCount: number
+    hoursUntilExpiry: number
+  }[]
+}
+
+export function TokenExpiration({ expiringTokens }: TokenExpirationProps) {
+  const formatTimeRemaining = (hours: number) => {
+    if (hours < 1) {
+      const minutes = Math.floor(hours * 60)
+      const seconds = Math.floor((hours * 60 - minutes) * 60)
+      return `${minutes}m ${seconds}s remaining`
+    } else if (hours < 24) {
+      const wholeHours = Math.floor(hours)
+      const minutes = Math.floor((hours - wholeHours) * 60)
+      return `${wholeHours}h ${minutes}m remaining`
+    } else {
+      const days = Math.floor(hours / 24)
+      const remainingHours = Math.floor(hours % 24)
+      return `${days}d ${remainingHours}h remaining`
+    }
+  }
+
+  const getBadgeText = (hours: number) => {
+    if (hours < 0.5) return "About to expire"
+    if (hours < 1) return "Expiring soon"
+    if (hours < 24) return "Expires today"
+    return "Active"
+  }
+
+  const formatData = (tokens: typeof expiringTokens) => {
+    return tokens.map(token => ({
+      primary: token.clientName,
+      secondary: formatTimeRemaining(token.hoursUntilExpiry),
+      value: `${token.tokenCount} tokens`,
+      badge: getBadgeText(token.hoursUntilExpiry),
+      badgeVariant: (token.hoursUntilExpiry < 1 ? "destructive" : token.hoursUntilExpiry < 24 ? "outline" : "default") as "destructive" | "outline" | "default"
+    }))
+  }
+
+  return (
+    <DataTable
+      title="Token Expiration"
+      subtitle="Access tokens nearing expiration"
+      icon={Key}
+      data={formatData(expiringTokens)}
+      emptyMessage="No expiring tokens"
+      maxItems={5}
+    />
+  )
+}
+
+interface GrantTypeDistributionProps {
+  grantTypes: {
+    type: string
+    count: number
+    percentage: number
+  }[]
+}
+
+export function GrantTypeDistribution({ grantTypes }: GrantTypeDistributionProps) {
+  const formatData = (grants: typeof grantTypes) => {
+    return grants.map(grant => ({
+      primary: grant.type.replace('_', ' ').replace(/\b\w/g, l => l.toUpperCase()),
+      secondary: `${grant.percentage}% of total`,
+      value: grant.count.toLocaleString(),
+      badge: grant.type === 'authorization_code' ? "Standard" : grant.type === 'refresh_token' ? "Refresh" : "Other",
+      badgeVariant: (grant.type === 'authorization_code' ? "default" : "outline") as "default" | "outline"
+    }))
+  }
+
+  return (
+    <DataTable
+      title="Grant Type Usage"
+      icon={TrendingUp}
+      data={formatData(grantTypes)}
+      emptyMessage="No grant data available"
+      maxItems={4}
+    />
+  )
+}
\ No newline at end of file
diff --git a/components/analytics/oauth-overview.tsx b/components/analytics/oauth-overview.tsx
new file mode 100644
index 0000000..4e74087
--- /dev/null
+++ b/components/analytics/oauth-overview.tsx
@@ -0,0 +1,71 @@
+import type React from "react"
+import { Key, Users, RefreshCw, UserCheck } from "lucide-react"
+import { MetricCard } from "./metric-card"
+
+interface OAuthOverviewProps {
+  totalUsers: number
+  activeUsers: number
+  totalClients: number
+  activeTokens: number
+  recentAuthorizations: number
+  tokenRefreshRate: number
+  userActivity?: string
+}
+
+export function OAuthOverview({
+  totalUsers,
+  activeUsers,
+  totalClients,
+  activeTokens,
+  recentAuthorizations,
+  tokenRefreshRate,
+  userActivity
+}: OAuthOverviewProps) {
+  const userActivityRate = totalUsers > 0 ? Math.round((activeUsers / totalUsers) * 100) : 0;
+  
+  return (
+    <section aria-labelledby="oauth-overview-title" className="space-y-6">
+      <h2 id="oauth-overview-title" className="sr-only">
+        MCP OAuth Server Overview
+      </h2>
+      <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-6">
+        <MetricCard
+          title="Total Users"
+          value={totalUsers.toLocaleString()}
+          icon={Users}
+          variant="secondary"
+          change={userActivity}
+          changeType={userActivityRate >= 70 ? "positive" : userActivityRate >= 30 ? "neutral" : "negative"}
+          subtitle="authorized MCP access"
+        />
+        <MetricCard
+          title="Active Users"
+          value={activeUsers.toLocaleString()}
+          icon={UserCheck}
+          variant="secondary"
+          change={`${userActivityRate}% active`}
+          changeType={userActivityRate >= 70 ? "positive" : userActivityRate >= 30 ? "neutral" : "negative"}
+          subtitle="with valid tokens"
+        />
+        <MetricCard
+          title="Active Tokens"
+          value={activeTokens.toLocaleString()}
+          icon={Key}
+          variant="secondary"
+          change={`${totalClients} clients`}
+          changeType="neutral"
+          subtitle="valid access tokens"
+        />
+        <MetricCard
+          title="Recent Authorizations"
+          value={recentAuthorizations.toLocaleString()}
+          icon={RefreshCw}
+          variant="secondary"
+          change={`${Math.round(tokenRefreshRate * 100) / 100}/h refreshes`}
+          changeType={recentAuthorizations > 0 ? "positive" : "neutral"}
+          subtitle="new OAuth flows"
+        />
+      </div>
+    </section>
+  )
+}
\ No newline at end of file
diff --git a/components/analytics/oauth-security-panel.tsx b/components/analytics/oauth-security-panel.tsx
new file mode 100644
index 0000000..0996c52
--- /dev/null
+++ b/components/analytics/oauth-security-panel.tsx
@@ -0,0 +1,178 @@
+import type React from "react"
+import { CheckCircle, AlertTriangle, Shield, ShieldCheck, ShieldX } from "lucide-react"
+import { cn } from "@/lib/utils"
+import { Badge } from "@/components/ui/badge"
+import {
+  Accordion,
+  AccordionContent,
+  AccordionItem,
+  AccordionTrigger,
+} from "@/components/ui/accordion"
+
+interface OAuthSecurityEvent {
+  clientName: string
+  clientId: string
+  eventType: string
+  severity: string
+  count: number
+  lastOccurred: string
+}
+
+interface OAuthSecurityPanelProps {
+  totalEvents: number
+  oauthEvents?: OAuthSecurityEvent[]
+  invalidClientAttempts?: number
+  invalidGrantAttempts?: number
+  unauthorizedScopes?: number
+}
+
+export function OAuthSecurityPanel({
+  totalEvents,
+  oauthEvents = [],
+  invalidClientAttempts = 0,
+  invalidGrantAttempts = 0,
+  unauthorizedScopes = 0
+}: OAuthSecurityPanelProps) {
+  const hasSecurityIssues = totalEvents > 0 || invalidClientAttempts > 0 || invalidGrantAttempts > 0 || unauthorizedScopes > 0
+  
+  const getEventIcon = (eventType: string) => {
+    switch (eventType.toLowerCase()) {
+      case 'oauth_invalid_client':
+        return <ShieldX className="w-4 h-4 text-destructive" />
+      case 'oauth_invalid_grant':
+        return <AlertTriangle className="w-4 h-4 text-secondary-600" />
+      case 'oauth_invalid_scope':
+        return <Shield className="w-4 h-4 text-primary-600" />
+      default:
+        return <AlertTriangle className="w-4 h-4 text-muted-foreground" />
+    }
+  }
+
+  const getSeverityBadgeVariant = (severity: string) => {
+    switch (severity.toLowerCase()) {
+      case 'critical':
+      case 'high':
+        return 'destructive'
+      case 'medium':
+        return 'secondary'
+      case 'low':
+        return 'default'
+      default:
+        return 'outline'
+    }
+  }
+
+  return (
+    <div className="bg-background border border-border rounded-lg shadow-sm h-full flex flex-col">
+      <div className="p-4 space-y-4 flex-1">
+        {/* Header */}
+        <div className="flex items-center justify-between gap-2">
+          <div className="flex items-center gap-2 min-w-0">
+            <div className={cn(
+              "p-1.5 rounded-full shrink-0",
+              hasSecurityIssues ? "bg-destructive/10" : "bg-primary-100"
+            )}>
+              {hasSecurityIssues ? (
+                <Shield className="w-4 h-4 text-destructive" />
+              ) : (
+                <ShieldCheck className="w-4 h-4 text-primary-600" />
+              )}
+            </div>
+            <div className="min-w-0">
+              <h3 className="text-base font-semibold text-foreground truncate">OAuth Security</h3>
+              <p className="text-xs text-muted-foreground truncate">
+                {hasSecurityIssues 
+                  ? `${totalEvents} security events detected`
+                  : "All OAuth flows secure"
+                }
+              </p>
+            </div>
+          </div>
+          
+          {/* Status Badge */}
+          <Badge variant={hasSecurityIssues ? "destructive" : "default"} className="gap-1.5 whitespace-nowrap">
+            {hasSecurityIssues ? (
+              <>
+                <AlertTriangle className="w-3 h-3" />
+                Issues
+              </>
+            ) : (
+              <>
+                <CheckCircle className="w-3 h-3" />
+                Secure
+              </>
+            )}
+          </Badge>
+        </div>
+
+        {/* Quick Stats */}
+        {hasSecurityIssues && (
+          <div className="grid grid-cols-3 gap-2 p-3 bg-muted/50 rounded-lg">
+            <div className="text-center">
+              <div className="text-base font-semibold text-foreground">{invalidClientAttempts}</div>
+              <div className="text-xs text-muted-foreground">Invalid Clients</div>
+            </div>
+            <div className="text-center">
+              <div className="text-base font-semibold text-foreground">{invalidGrantAttempts}</div>
+              <div className="text-xs text-muted-foreground">Invalid Grants</div>
+            </div>
+            <div className="text-center">
+              <div className="text-base font-semibold text-foreground">{unauthorizedScopes}</div>
+              <div className="text-xs text-muted-foreground">Scope Issues</div>
+            </div>
+          </div>
+        )}
+
+        {/* Events Details */}
+        {oauthEvents.length > 0 && (
+          <Accordion type="single" collapsible className="w-full">
+            <AccordionItem value="oauth-events" className="border-border">
+              <AccordionTrigger className="text-sm font-medium text-foreground hover:no-underline py-2">
+                <div className="flex items-center gap-2">
+                  <Shield className="w-4 h-4" />
+                  Security Events ({oauthEvents.length})
+                </div>
+              </AccordionTrigger>
+              <AccordionContent>
+                <div className="space-y-2">
+                  {oauthEvents.map((event, index) => (
+                    <div key={index} className="flex items-start gap-2 p-2 bg-muted/30 rounded-lg">
+                      {getEventIcon(event.eventType)}
+                      <div className="flex-1 min-w-0">
+                        <div className="flex items-center gap-1.5 flex-wrap">
+                          <span className="font-medium text-xs text-foreground truncate">
+                            {event.clientName}
+                          </span>
+                          <Badge variant={getSeverityBadgeVariant(event.severity)} className="text-xs">
+                            {event.severity}
+                          </Badge>
+                        </div>
+                        <div className="text-xs text-muted-foreground">
+                          {event.eventType.replace('OAUTH_', '').replace('_', ' ').toLowerCase()}
+                        </div>
+                        <div className="text-xs text-muted-foreground mt-0.5">
+                          {event.count} occurrences • Last: {event.lastOccurred}
+                        </div>
+                      </div>
+                    </div>
+                  ))}
+                </div>
+              </AccordionContent>
+            </AccordionItem>
+          </Accordion>
+        )}
+
+        {/* All Clear State */}
+        {!hasSecurityIssues && (
+          <div className="text-center py-4">
+            <ShieldCheck className="w-10 h-10 text-primary-600 mx-auto mb-2" />
+            <h4 className="font-medium text-sm text-foreground">OAuth Security All Clear</h4>
+            <p className="text-xs text-muted-foreground">
+              No security events detected
+            </p>
+          </div>
+        )}
+      </div>
+    </div>
+  )
+}
\ No newline at end of file
diff --git a/components/analytics/security-panel.tsx b/components/analytics/security-panel.tsx
index 8609f33..e80ef9f 100644
--- a/components/analytics/security-panel.tsx
+++ b/components/analytics/security-panel.tsx
@@ -1,6 +1,8 @@
 import type React from "react"
-import { CheckCircle, AlertTriangle, Shield, Users, TrendingUp } from "lucide-react"
+import { CheckCircle, AlertTriangle, Shield, TrendingUp, RefreshCw, Clock } from "lucide-react"
 import { cn } from "@/lib/utils"
+import { useState, useEffect } from "react"
+import { Badge } from "@/components/ui/badge"
 import {
   Accordion,
   AccordionContent,
@@ -25,222 +27,509 @@ interface PrivilegeEscalation {
   details: Record<string, unknown>
 }
 
+interface SecurityAnalytics {
+  totalEvents: number
+  eventsByOrganization: SecurityEventsByOrg[]
+  privilegeEscalations: PrivilegeEscalation[]
+  criticalEvents: number
+  highRiskEvents: number
+  resolvedEvents: number
+  averageRiskScore: number
+}
+
 interface SecurityPanelProps {
-  eventCount: number
-  byOrganization?: SecurityEventsByOrg[]
-  privilegeEscalations?: PrivilegeEscalation[]
   className?: string
+  securityData?: SecurityAnalytics
 }
 
-function getSeverityColor(severity: string) {
+function getSeverityBadgeVariant(severity: string): "default" | "secondary" | "destructive" | "outline" {
   switch (severity.toLowerCase()) {
     case "low":
-      return "bg-background text-green-600 border-green-500/20"
+      return "outline"
     case "medium":
-      return "bg-background text-yellow-600 border-yellow-500/20"
+      return "secondary"
     case "high":
-      return "bg-background text-orange-600 border-orange-500/20"
+      return "destructive"
     case "critical":
-      return "bg-background text-destructive border-destructive/20"
+      return "destructive"
     default:
-      return "bg-background text-muted-foreground border-border"
+      return "outline"
   }
 }
 
-export function SecurityPanel({
-  eventCount,
-  byOrganization = [],
-  privilegeEscalations = [],
-  className
-}: SecurityPanelProps) {
-  const isSecure = eventCount === 0
-  const hasSecurityEvents = byOrganization.length > 0
-  const hasPrivilegeEscalations = privilegeEscalations.length > 0
+export function SecurityPanel({ className, securityData }: SecurityPanelProps) {
+  const [analytics, setAnalytics] = useState<SecurityAnalytics | null>(securityData || null)
+  const [loading, setLoading] = useState(!securityData)
+  const [error, setError] = useState<string | null>(null)
+  const [lastUpdated, setLastUpdated] = useState<Date | null>(securityData ? new Date() : null)
+
+  const fetchSecurityAnalytics = async () => {
+    try {
+      setLoading(true)
+      setError(null)
+      
+      const response = await fetch('/api/analytics/security?days=30')
+      if (!response.ok) {
+        throw new Error('Failed to fetch security analytics')
+      }
+      
+      const result = await response.json()
+      if (result.success) {
+        setAnalytics(result.data)
+        setLastUpdated(new Date())
+      } else {
+        throw new Error(result.error || 'Unknown error')
+      }
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Unknown error')
+      console.error('Security analytics fetch error:', err)
+    } finally {
+      setLoading(false)
+    }
+  }
+
+  useEffect(() => {
+    if (securityData) {
+      setAnalytics(securityData)
+      setLastUpdated(new Date())
+      setLoading(false)
+      setError(null)
+    } else {
+      fetchSecurityAnalytics()
+    }
+    // Refresh every 5 minutes only if no prefetched data
+    if (!securityData) {
+      const interval = setInterval(fetchSecurityAnalytics, 5 * 60 * 1000)
+      return () => clearInterval(interval)
+    }
+  }, [securityData])
+
+  const isSecure = analytics?.totalEvents === 0
+  const hasSecurityEvents = (analytics?.eventsByOrganization.length || 0) > 0
+  const hasPrivilegeEscalations = (analytics?.privilegeEscalations.length || 0) > 0
+
+  if (loading && !analytics) {
+    return (
+      <div className={className}>
+        <div className="flex items-center justify-between mb-6">
+          <div className="flex items-center gap-2 text-xs text-muted-foreground">
+            <RefreshCw className="w-3 h-3 animate-spin" />
+            <span>Loading security analytics...</span>
+          </div>
+          {lastUpdated && (
+            <div className="flex items-center gap-2 text-xs text-muted-foreground">
+              <Clock className="w-3 h-3" />
+              <span>Updated {lastUpdated.toLocaleTimeString()}</span>
+            </div>
+          )}
+        </div>
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+          {[1, 2, 3].map((i) => (
+            <div key={i} className="bg-background border border-border rounded-lg shadow-sm p-6">
+              <div className="animate-pulse">
+                <div className="h-4 bg-muted rounded w-3/4 mb-2"></div>
+                <div className="h-3 bg-muted rounded w-1/2 mb-4"></div>
+                <div className="h-20 bg-muted rounded"></div>
+              </div>
+            </div>
+          ))}
+        </div>
+      </div>
+    )
+  }
+
+  if (error) {
+    return (
+      <div className={className}>
+        <div className="flex items-center justify-between mb-6">
+          <div className="flex items-center gap-2 text-xs text-destructive">
+            <span>Error: {error}</span>
+            <button 
+              onClick={fetchSecurityAnalytics}
+              className="ml-2 px-2 py-1 text-xs bg-primary text-primary-foreground rounded hover:bg-primary/90"
+            >
+              Retry
+            </button>
+          </div>
+          {lastUpdated && (
+            <div className="flex items-center gap-2 text-xs text-muted-foreground">
+              <Clock className="w-3 h-3" />
+              <span>Updated {lastUpdated.toLocaleTimeString()}</span>
+            </div>
+          )}
+        </div>
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+          {[1, 2, 3].map((i) => (
+            <div key={i} className="bg-background border border-destructive/20 rounded-lg shadow-sm p-6">
+              <div className="text-center text-destructive">
+                <Shield className="w-8 h-8 mx-auto mb-2" />
+                <div className="text-sm">Failed to load</div>
+              </div>
+            </div>
+          ))}
+        </div>
+      </div>
+    )
+  }
 
   return (
-    <section 
-      className={cn("bg-background border border-border rounded-lg shadow-sm", className)}
+    <div 
+      className={className}
       aria-labelledby="security-monitor-title"
       role="region"
     >
-      {/* Header */}
-      <div className="p-6 pb-4">
-        <h3 
-          className="flex items-center gap-3 text-lg font-semibold text-foreground"
-          id="security-monitor-title"
-        >
-          <div className="p-2 bg-muted rounded-lg" aria-hidden="true">
-            <Shield className="w-5 h-5 text-destructive" />
-          </div>
-          Security Monitor
-        </h3>
+      {/* Header with refresh functionality */}
+      <div className="flex items-center justify-between mb-6">
+        <div className="flex items-center gap-2 text-xs text-muted-foreground">
+          {/* <span>Security data</span> */}
+        </div>
+        <div className="flex items-center gap-2 text-xs text-muted-foreground">
+          {lastUpdated && (
+            <>
+              <Clock className="w-3 h-3" />
+              <span>Updated {lastUpdated.toLocaleTimeString()}</span>
+            </>
+          )}
+          <button 
+            onClick={fetchSecurityAnalytics}
+            className="p-1 hover:bg-muted rounded"
+            disabled={loading}
+          >
+            <RefreshCw className={cn("w-3 h-3", loading && "animate-spin")} />
+          </button>
+        </div>
       </div>
 
-      <div className="px-6 pb-6 space-y-6">
-        {/* Security Overview - Always visible */}
-        <div 
-          className={cn(
-            "p-6 rounded-lg border",
-            isSecure 
-              ? "bg-muted border-border" 
-              : "bg-muted border-border"
-          )}
-          role="status"
-          aria-live="polite"
-          aria-label={`Security status: ${isSecure ? 'secure' : 'alert'}, ${eventCount} security events`}
-        >
-          <div className="flex items-center justify-between">
-            <div className="space-y-2">
-              <p className="text-base text-muted-foreground" id="security-events-label">
-                Total Security Events
-              </p>
-              <p 
-                className="text-3xl font-bold text-foreground"
-                aria-labelledby="security-events-label"
+      <div className="space-y-6">
+        {/* Three Cards Layout */}
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+          
+          {/* Card 1: Security Overview */}
+          <div className="bg-background border border-border rounded-lg shadow-sm p-6">
+            <div className="flex items-start justify-between mb-6">
+              <div className="space-y-1">
+                <h3 className="text-lg font-semibold text-foreground">Security Overview</h3>
+                <p className="text-sm text-muted-foreground">
+                  {analytics?.totalEvents || 0} total events • {analytics?.averageRiskScore || 0} avg risk
+                </p>
+              </div>
+              <div className="p-3 rounded-xl bg-secondary-300 text-secondary-600" aria-hidden="true">
+              <Shield className="w-6 h-6" />
+              </div>
+            </div>
+            
+            {/* Status and Key Metrics */}
+            <div className="space-y-4">
+              <div 
+                className={cn(
+                  "p-4 rounded-lg border text-center",
+                  isSecure 
+                    ? "bg-primary/5 border-primary/20" 
+                    : "bg-destructive/5 border-destructive/20"
+                )}
+                role="status"
+                aria-live="polite"
               >
-                {eventCount}
-              </p>
+                {isSecure ? (
+                  <CheckCircle className="w-8 h-8 text-primary mx-auto mb-2" />
+                ) : (
+                  <AlertTriangle className="w-8 h-8 text-destructive mx-auto mb-2" />
+                )}
+                <div className={cn(
+                  "text-sm font-medium mb-1",
+                  isSecure ? "text-primary" : "text-destructive"
+                )}>
+                  {isSecure ? "All Systems Secure" : "Security Alerts"}
+                </div>
+                <div className="text-xs text-muted-foreground">
+                  {isSecure ? "No threats detected" : `${analytics?.totalEvents || 0} events require attention`}
+                </div>
+              </div>
+
+              <div className="grid grid-cols-2 gap-3">
+                          <div className="text-center p-3 bg-muted/50 rounded-lg">
+            <div className="text-lg font-bold text-destructive">{analytics?.criticalEvents || 0}</div>
+            <div className="text-xs text-muted-foreground">Critical</div>
+          </div>
+          <div className="text-center p-3 bg-muted/50 rounded-lg">
+                              <div className="text-lg font-bold text-secondary">{analytics?.highRiskEvents || 0}</div>
+            <div className="text-xs text-muted-foreground">High Risk</div>
+          </div>
+              </div>
             </div>
-            {isSecure ? (
-              <CheckCircle 
-                className="w-10 h-10 text-green-500" 
-                aria-label="Secure status indicator"
-              />
-            ) : (
-              <AlertTriangle 
-                className="w-10 h-10 text-destructive" 
-                aria-label="Security alert indicator"
-              />
-            )}
           </div>
-        </div>
 
-        {/* Accordion for detailed security information */}
-        {(hasSecurityEvents || hasPrivilegeEscalations || isSecure) && (
-          <Accordion type="single" collapsible className="space-y-2">
+          {/* Card 2: Recent Security Events */}
+          <div className="bg-background border border-border rounded-lg shadow-sm p-6">
+            <div className="flex items-start justify-between mb-6">
+              <div className="space-y-1">
+                <h3 className="text-lg font-semibold text-foreground">Recent Events</h3>
+                <p className="text-sm text-muted-foreground">
+                  Latest security incidents
+                </p>
+              </div>
+              <div className="p-3 rounded-xl bg-secondary-300 text-secondary-600" aria-hidden="true">
+              <AlertTriangle className="w-6 h-6" />
+              </div>
+            </div>
             
-            {/* Security Events Accordion Item */}
-            {hasSecurityEvents && (
-              <AccordionItem
-                value="security-events"
-                className="border border-border rounded-lg overflow-hidden"
-              >
-                <AccordionTrigger className="px-4 py-3 hover:no-underline hover:bg-muted/50">
-                  <div className="flex items-center gap-3">
-                    <AlertTriangle className="w-5 h-5 text-destructive" />
-                    <span className="text-base font-semibold text-foreground">
-                      Security Events ({byOrganization.length})
-                    </span>
-                  </div>
-                </AccordionTrigger>
-                <AccordionContent className="px-4 pb-4">
-                  <div className="space-y-3">
-                    {byOrganization.slice(0, 4).map((item, index) => (
-                      <div
-                        key={index}
-                        className="p-4 bg-muted rounded-lg border border-border space-y-3"
+            <div className="space-y-3 max-h-60 overflow-y-auto">
+              {hasSecurityEvents ? (
+                analytics?.eventsByOrganization.slice(0, 3).map((item, index) => (
+                  <div key={index} className="p-3 bg-muted/30 rounded-lg border">
+                    <div className="flex justify-between items-start gap-2 mb-2">
+                      <span className="text-sm font-medium text-foreground truncate">
+                        {item.organization || 'Unknown Org'}
+                      </span>
+                      <Badge
+                        variant={getSeverityBadgeVariant(item.severity)}
+                        className="text-xs"
                       >
-                        <div className="flex justify-between items-start gap-4">
-                          <p className="font-medium text-base text-foreground">{item.organization}</p>
-                          <span className={cn(
-                            "px-2 py-1 rounded text-xs font-medium border",
-                            getSeverityColor(item.severity)
-                          )}>
-                            {item.severity}
-                          </span>
+                        {item.severity}
+                      </Badge>
+                    </div>
+                    <div className="flex justify-between items-center text-xs text-muted-foreground">
+                      <Badge variant="outline" className="font-mono text-xs">
+                        {item.eventType}
+                      </Badge>
+                      <div className="text-right">
+                        <div>{item.eventCount} events</div>
+                        <div>Risk: {item.avgRiskScore}</div>
+                      </div>
+                    </div>
+                  </div>
+                ))
+              ) : (
+                <div className="text-center py-8 text-muted-foreground">
+                  <Shield className="w-8 h-8 mx-auto mb-2 text-primary" />
+                  <div className="text-sm">No recent events</div>
+                  <div className="text-xs">System is secure</div>
+                </div>
+              )}
+            </div>
+          </div>
+
+          {/* Card 3: Privilege Escalations */}
+          <div className="bg-background border border-border rounded-lg shadow-sm p-6">
+            <div className="flex items-start justify-between mb-6">
+              <div className="space-y-1">
+                <h3 className="text-lg font-semibold text-foreground">Privilege Escalations</h3>
+                <p className="text-sm text-muted-foreground">
+                  Critical security escalation attempts
+                </p>
+              </div>
+              <div className="p-3 rounded-xl bg-secondary-300 text-secondary-600" aria-hidden="true">
+              <TrendingUp className="w-6 h-6" />
+              </div>
+            </div>
+            
+            <div className="space-y-3 max-h-60 overflow-y-auto">
+              {hasPrivilegeEscalations ? (
+                analytics?.privilegeEscalations.slice(0, 3).map((item, index) => (
+                  <div key={index} className="p-3 bg-muted/30 rounded-lg border">
+                    <div className="flex justify-between items-start gap-2 mb-2">
+                      <div className="min-w-0 flex-1">
+                        <div className="text-sm font-medium text-foreground truncate">
+                          {item.userName}
                         </div>
-                        <div className="flex justify-between items-center text-sm text-muted-foreground">
-                          <span className="font-mono bg-background px-3 py-2 rounded border">
-                            {item.eventType}
-                          </span>
-                          <div className="text-right space-y-1">
-                            <div>{item.eventCount} events</div>
-                            <div>Risk: {item.avgRiskScore}</div>
-                          </div>
+                        <div className="text-xs text-muted-foreground font-mono truncate">
+                          {item.userEmail}
                         </div>
                       </div>
-                    ))}
+                      <div className="text-right text-xs">
+                        <div className="font-semibold text-destructive">Risk: {item.riskScore}</div>
+                        <div className="text-muted-foreground">{new Date(item.timestamp).toLocaleDateString()}</div>
+                      </div>
+                    </div>
                   </div>
-                </AccordionContent>
-              </AccordionItem>
-            )}
-
-            {/* Privilege Escalations Accordion Item */}
-            {hasPrivilegeEscalations && (
-              <AccordionItem
-                value="privilege-escalations"
-                className="border border-border rounded-lg overflow-hidden"
-              >
-                <AccordionTrigger className="px-4 py-3 hover:no-underline hover:bg-muted/50">
-                  <div className="flex items-center gap-3">
-                    <TrendingUp className="w-5 h-5 text-orange-600" />
-                    <span className="text-base font-semibold text-foreground">
-                      Privilege Escalations ({privilegeEscalations.length})
-                    </span>
+                ))
+              ) : (
+                <div className="text-center py-8 text-muted-foreground">
+                  <CheckCircle className="w-8 h-8 mx-auto mb-2 text-primary" />
+                  <div className="text-sm">No escalations</div>
+                  <div className="text-xs">Permissions secure</div>
+                </div>
+              )}
+            </div>
+          </div>
+        </div>
+
+        {/* Full-Width Collapsible Data Table */}
+        <Accordion type="single" collapsible className="w-full">
+          <AccordionItem
+            value="detailed-security-data"
+            className="border border-border rounded-lg overflow-hidden"
+          >
+            <AccordionTrigger className="px-6 py-4 hover:no-underline hover:bg-muted/50">
+              <div className="flex items-center gap-3">
+                <Shield className="w-5 h-5 text-destructive" />
+                <span className="text-lg font-semibold text-foreground">
+                  Detailed Security Data
+                </span>
+                <span className="text-sm text-muted-foreground ml-2">
+                  ({(analytics?.eventsByOrganization.length || 0) + (analytics?.privilegeEscalations.length || 0)} total records)
+                </span>
+              </div>
+            </AccordionTrigger>
+            <AccordionContent className="px-6 pb-6">
+              <div className="space-y-6">
+                
+                {/* Security Events Table */}
+                {hasSecurityEvents && (
+                  <div>
+                    <h4 className="text-base font-semibold text-foreground mb-4 flex items-center gap-2">
+                      <AlertTriangle className="w-4 h-4 text-destructive" />
+                      Security Events by Organization ({analytics?.eventsByOrganization.length || 0})
+                    </h4>
+                    <div className="overflow-x-auto">
+                      <table className="w-full border border-border rounded-lg overflow-hidden">
+                        <thead className="bg-muted/30">
+                          <tr>
+                            <th className="text-left p-3 text-sm font-semibold text-foreground border-b">Organization</th>
+                            <th className="text-left p-3 text-sm font-semibold text-foreground border-b">Event Type</th>
+                            <th className="text-left p-3 text-sm font-semibold text-foreground border-b">Severity</th>
+                            <th className="text-right p-3 text-sm font-semibold text-foreground border-b">Event Count</th>
+                            <th className="text-right p-3 text-sm font-semibold text-foreground border-b">Avg Risk Score</th>
+                          </tr>
+                        </thead>
+                        <tbody>
+                          {analytics?.eventsByOrganization.map((item, index) => (
+                            <tr key={index} className="border-b border-border hover:bg-muted/20">
+                              <td className="p-3 text-sm text-foreground font-medium">
+                                {item.organization || 'Unknown Organization'}
+                              </td>
+                              <td className="p-3 text-sm text-muted-foreground">
+                                <Badge variant="outline" className="font-mono text-xs">
+                                  {item.eventType}
+                                </Badge>
+                              </td>
+                              <td className="p-3">
+                                <Badge
+                                  variant={getSeverityBadgeVariant(item.severity)}
+                                  className="text-xs"
+                                >
+                                  {item.severity}
+                                </Badge>
+                              </td>
+                              <td className="p-3 text-sm text-foreground font-medium text-right">
+                                {item.eventCount}
+                              </td>
+                              <td className="p-3 text-sm text-foreground font-medium text-right">
+                                <Badge
+                                  variant={
+                                    item.avgRiskScore >= 90 ? "destructive" :
+                                    item.avgRiskScore >= 70 ? "secondary" :
+                                    item.avgRiskScore >= 50 ? "outline" :
+                                    "default"
+                                  }
+                                  className="text-xs"
+                                >
+                                  {item.avgRiskScore}
+                                </Badge>
+                              </td>
+                            </tr>
+                          ))}
+                        </tbody>
+                      </table>
+                    </div>
                   </div>
-                </AccordionTrigger>
-                <AccordionContent className="px-4 pb-4">
-                  <div className="space-y-3">
-                    {privilegeEscalations.slice(0, 3).map((item, index) => (
-                      <div key={index} className="p-4 bg-muted rounded-lg border border-border">
-                        <div className="flex justify-between items-start gap-6">
-                          <div className="min-w-0 flex-1 space-y-2">
-                            <p className="font-medium text-base text-foreground truncate">{item.userName}</p>
-                            <p className="text-sm text-muted-foreground font-mono truncate">{item.userEmail}</p>
-                          </div>
-                          <div className="text-right text-sm text-muted-foreground space-y-1 shrink-0">
-                            <div className="font-semibold">Risk: {item.riskScore}</div>
-                            <div>{new Date(item.timestamp).toLocaleDateString()}</div>
+                )}
+
+                {/* Privilege Escalations Table */}
+                {hasPrivilegeEscalations && (
+                  <div>
+                    <h4 className="text-base font-semibold text-foreground mb-4 flex items-center gap-2">
+                      <TrendingUp className="w-4 h-4 text-destructive" />
+                      Privilege Escalation Incidents ({analytics?.privilegeEscalations.length || 0})
+                    </h4>
+                    <div className="space-y-4">
+                      {analytics?.privilegeEscalations.map((item, index) => (
+                        <div key={index} className="border border-border rounded-lg overflow-hidden">
+                          {/* Main row with key information */}
+                          <div className="p-4 bg-muted/20 border-b">
+                            <div className="grid grid-cols-1 md:grid-cols-4 gap-4 items-center">
+                              <div className="min-w-0">
+                                <div className="text-sm font-medium text-foreground truncate">
+                                  {item.userName}
+                                </div>
+                                <div className="text-xs text-muted-foreground font-mono truncate">
+                                  {item.userEmail}
+                                </div>
+                              </div>
+                              <div className="text-sm text-muted-foreground">
+                                <Badge variant="outline" className="font-mono text-xs">
+                                  {item.eventType}
+                                </Badge>
+                              </div>
+                              <div className="text-sm">
+                                <Badge
+                                  variant={
+                                    item.riskScore >= 90 ? "destructive" :
+                                    item.riskScore >= 70 ? "secondary" :
+                                    item.riskScore >= 50 ? "outline" :
+                                    "default"
+                                  }
+                                  className="text-xs"
+                                >
+                                  Risk: {item.riskScore}
+                                </Badge>
+                              </div>
+                              <div className="text-sm text-muted-foreground text-right">
+                                {new Date(item.timestamp).toLocaleString()}
+                              </div>
+                            </div>
                           </div>
+                          
+                          {/* Details section */}
+                          {item.details && (
+                            <div className="p-4 bg-background">
+                              <h5 className="text-sm font-semibold text-foreground mb-3">Event Details</h5>
+                              <div className="space-y-3">
+                                
+                                
+                                
+                              </div>
+                            </div>
+                          )}
                         </div>
-                      </div>
-                    ))}
-                  </div>
-                </AccordionContent>
-              </AccordionItem>
-            )}
-
-            {/* All Clear Accordion Item */}
-            {isSecure && (
-              <AccordionItem
-                value="all-clear"
-                className="border border-border rounded-lg overflow-hidden"
-              >
-                <AccordionTrigger className="px-4 py-3 hover:no-underline hover:bg-muted/50">
-                  <div className="flex items-center gap-3">
-                    <CheckCircle className="w-5 h-5 text-green-500" />
-                    <span className="text-base font-semibold text-foreground">
-                      Security Status Details
-                    </span>
+                      ))}
+                    </div>
                   </div>
-                </AccordionTrigger>
-                <AccordionContent className="px-4 pb-4">
-                  <div className="text-center py-6 space-y-4">
-                    <CheckCircle 
-                      className="w-12 h-12 text-green-500 mx-auto" 
-                      aria-hidden="true"
-                    />
+                )}
+
+                {/* All Clear State */}
+                {isSecure && (
+                  <div className="text-center py-12 space-y-4">
+                    <CheckCircle className="w-16 h-16 text-primary mx-auto" />
                     <div className="space-y-2">
-                      <p className="text-base text-green-600 font-medium">All Systems Secure</p>
-                      <p className="text-sm text-muted-foreground">
-                        No security events or privilege escalations detected in the selected time period.
+                      <h4 className="text-lg font-semibold text-primary">All Systems Secure</h4>
+                      <p className="text-sm text-muted-foreground max-w-md mx-auto">
+                        No security events or privilege escalations detected in the selected time period. 
+                        Your OAuth and MCP infrastructure is operating securely.
                       </p>
-                      <div className="mt-4 p-3 bg-muted rounded-lg border">
-                        <p className="text-xs text-muted-foreground">
-                          ✓ No unauthorized access attempts<br/>
-                          ✓ No suspicious activities detected<br/>
-                          ✓ All authentication events normal
-                        </p>
+                                              <div className="mt-6 grid grid-cols-1 md:grid-cols-3 gap-4 max-w-2xl mx-auto">
+                        <div className="p-4 bg-primary/5 border border-primary/20 rounded-lg">
+                          <div className="text-xs text-primary font-medium">OAuth Security</div>
+                          <div className="text-sm text-muted-foreground mt-1">No invalid tokens or grants</div>
+                        </div>
+                        <div className="p-4 bg-primary/5 border border-primary/20 rounded-lg">
+                          <div className="text-xs text-primary font-medium">Access Control</div>
+                          <div className="text-sm text-muted-foreground mt-1">No privilege escalations</div>
+                        </div>
+                        <div className="p-4 bg-primary/5 border border-primary/20 rounded-lg">
+                          <div className="text-xs text-primary font-medium">MCP Protocol</div>
+                          <div className="text-sm text-muted-foreground mt-1">All connections secure</div>
+                        </div>
                       </div>
                     </div>
                   </div>
-                </AccordionContent>
-              </AccordionItem>
-            )}
+                )}
 
-          </Accordion>
-        )}
+              </div>
+            </AccordionContent>
+          </AccordionItem>
+        </Accordion>
       </div>
-    </section>
+    </div>
   )
 }
\ No newline at end of file
diff --git a/components/analytics/tool-response-area-chart.tsx b/components/analytics/tool-response-area-chart.tsx
new file mode 100644
index 0000000..e47ffef
--- /dev/null
+++ b/components/analytics/tool-response-area-chart.tsx
@@ -0,0 +1,237 @@
+"use client"
+
+import type React from "react"
+import { TrendingUp, TrendingDown, Minus, LineChart } from "lucide-react"
+import { Area, AreaChart, CartesianGrid, XAxis, YAxis } from "recharts"
+
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardFooter,
+  CardHeader,
+  CardTitle,
+} from "@/components/ui/card"
+import {
+  ChartConfig,
+  ChartContainer,
+  ChartTooltip,
+  ChartTooltipContent,
+} from "@/components/ui/chart"
+
+interface TimeSeriesData {
+  hour: string
+  toolName: string
+  avgResponseTime: number
+  callCount: number
+  p95ResponseTime: number
+  p50ResponseTime: number
+}
+
+interface ToolResponseAreaChartProps {
+  data: TimeSeriesData[]
+  title?: string
+  description?: string
+  className?: string
+  hoursBack?: number
+  icon?: React.ElementType
+}
+
+// Color mapping for different tools using globals.css colors
+const getToolColor = (toolName: string, index: number) => {
+  const colors = [
+    "var(--primary-600)",     // Main primary
+    "var(--secondary-600)",   // Secondary  
+    "var(--primary-300)",     // Lighter primary
+    "var(--secondary-300)",   // Lighter secondary
+    "var(--primary-800)",     // Darker primary
+    "var(--secondary-800)",   // Darker secondary
+    "var(--base-600)",        // Neutral
+    "var(--base-400)"         // Light neutral
+  ]
+  return colors[index % colors.length]
+}
+
+export function ToolResponseAreaChart({ 
+  data, 
+  title = "Tool Response Times",
+  description = "Average response times over the last 24 hours",
+  className,
+  hoursBack = 24,
+  icon: Icon = LineChart
+}: ToolResponseAreaChartProps) {
+  
+  // Transform data for stacked area chart
+  // Group by hour and create tools as columns
+  const hoursMap = new Map<string, Record<string, number | string>>()
+  const toolNames = new Set<string>()
+  
+  // Process data to extract unique tools and hours
+  data.forEach(item => {
+    toolNames.add(item.toolName)
+    const hourKey = new Date(item.hour).toLocaleTimeString('en-US', { 
+      hour: '2-digit', 
+      minute: '2-digit',
+      hour12: false 
+    })
+    
+    if (!hoursMap.has(hourKey)) {
+      hoursMap.set(hourKey, { hour: hourKey })
+    }
+    
+    const hourData = hoursMap.get(hourKey)
+    if (hourData) {
+      hourData[item.toolName] = item.avgResponseTime
+    }
+  })
+  
+  // Convert to array and fill missing values with 0
+  const chartData = Array.from(hoursMap.values()).map(hourData => {
+    const result = { ...hourData }
+    toolNames.forEach(toolName => {
+      if (!(toolName in result)) {
+        result[toolName] = 0
+      }
+    })
+    return result
+  }).sort((a, b) => String(a.hour).localeCompare(String(b.hour)))
+  
+  // Generate chart config for all tools
+  const chartConfig: ChartConfig = {}
+  Array.from(toolNames).forEach((toolName, index) => {
+    const color = getToolColor(toolName, index)
+    chartConfig[toolName] = {
+      label: formatToolName(toolName),
+      color: color
+    }
+  })
+  
+  // Calculate performance trend
+  const recentData = chartData.slice(-6) // Last 6 hours
+  const earlierData = chartData.slice(0, 6) // First 6 hours
+  
+  const recentAvg = recentData.length > 0 
+    ? recentData.reduce((sum, item) => {
+        const toolValues = Array.from(toolNames).map(tool => Number(item[tool]) || 0)
+        return sum + toolValues.reduce((a, b) => a + b, 0) / toolValues.length
+      }, 0) / recentData.length
+    : 0
+    
+  const earlierAvg = earlierData.length > 0
+    ? earlierData.reduce((sum, item) => {
+        const toolValues = Array.from(toolNames).map(tool => Number(item[tool]) || 0)
+        return sum + toolValues.reduce((a, b) => a + b, 0) / toolValues.length
+      }, 0) / earlierData.length
+    : 0
+  
+  const trendPercentage = earlierAvg > 0 
+    ? Math.round(((recentAvg - earlierAvg) / earlierAvg) * 100)
+    : 0
+    
+  const getTrendIcon = () => {
+    if (trendPercentage > 5) return <TrendingUp className="h-4 w-4 text-destructive" />
+    if (trendPercentage < -5) return <TrendingDown className="h-4 w-4 text-primary-600" />
+    return <Minus className="h-4 w-4 text-muted-foreground" />
+  }
+  
+  const getTrendText = () => {
+    if (trendPercentage > 5) return `Response times up ${trendPercentage}%`
+    if (trendPercentage < -5) return `Response times down ${Math.abs(trendPercentage)}%`
+    return "Response times stable"
+  }
+
+  return (
+    <Card className={`flex flex-col ${className}`}>
+      <CardHeader className="pb-0">
+        <div className="flex items-start justify-between">
+          <div className="space-y-1">
+            <CardTitle className="text-lg font-semibold text-foreground">{title}</CardTitle>
+            {description && (
+              <CardDescription className="text-sm text-muted-foreground">{description}</CardDescription>
+            )}
+          </div>
+          {/* Icon Container - Design System: spacing.3, borderRadius.xl, semantic colors */}
+          {Icon && (
+            <div className="p-3 rounded-xl bg-primary-100 text-primary-600" aria-hidden="true">
+              <Icon className="w-6 h-6" />
+            </div>
+          )}
+        </div>
+      </CardHeader>
+      <CardContent>
+        <ChartContainer config={chartConfig}>
+          <AreaChart
+            accessibilityLayer
+            data={chartData}
+            margin={{
+              left: 12,
+              right: 12,
+              top: 12,
+              bottom: 12
+            }}
+          >
+            <CartesianGrid vertical={false} strokeDasharray="3 3" />
+            <XAxis
+              dataKey="hour"
+              tickLine={false}
+              axisLine={false}
+              tickMargin={8}
+              interval="preserveStartEnd"
+              tick={{ fontSize: 12 }}
+            />
+            <YAxis
+              tickLine={false}
+              axisLine={false}
+              tickMargin={8}
+              tick={{ fontSize: 12 }}
+              label={{ value: 'Response Time (ms)', angle: -90, position: 'insideLeft' }}
+            />
+            <ChartTooltip
+              cursor={false}
+              content={<ChartTooltipContent 
+                indicator="dot" 
+                labelFormatter={(value) => `Time: ${value}`}
+                formatter={(value, name) => [
+                  `${Math.round(Number(value))}ms `,
+                  chartConfig[name as string]?.label || name
+                ]}
+              />}
+            />
+            {Array.from(toolNames).map((toolName, index) => (
+              <Area
+                key={toolName}
+                dataKey={toolName}
+                type="monotone"
+                fill={getToolColor(toolName, index)}
+                fillOpacity={0.4}
+                stroke={getToolColor(toolName, index)}
+                strokeWidth={2}
+                stackId="a"
+              />
+            ))}
+          </AreaChart>
+        </ChartContainer>
+      </CardContent>
+      <CardFooter>
+        <div className="flex w-full items-start gap-2 text-sm">
+          <div className="grid gap-2">
+            <div className="flex items-center gap-2 leading-none font-medium">
+              {getTrendText()} {getTrendIcon()}
+            </div>
+            <div className="text-muted-foreground flex items-center gap-2 leading-none">
+              Based on last {hoursBack} hours • {toolNames.size} tools tracked
+            </div>
+          </div>
+        </div>
+      </CardFooter>
+    </Card>
+  )
+}
+
+// Helper function to format tool names for display
+function formatToolName(toolName: string): string {
+  return toolName
+    .split('_')
+    .map(word => word.charAt(0).toUpperCase() + word.slice(1))
+    .join(' ')
+}
\ No newline at end of file
diff --git a/components/analytics/tool-usage-panel.tsx b/components/analytics/tool-usage-panel.tsx
new file mode 100644
index 0000000..2b1e305
--- /dev/null
+++ b/components/analytics/tool-usage-panel.tsx
@@ -0,0 +1,169 @@
+import type React from "react"
+import { Wrench, MapPin, TrendingUp } from "lucide-react"
+import { DataTable } from "./data-table"
+
+interface ToolUsage {
+  toolName: string
+  mcpMethod: string
+  usageCount: number
+  uniqueUsers: number
+  avgResponseTime?: number
+  maxResponseTime?: number
+  minResponseTime?: number
+  errorCount?: number
+  errorRate?: number
+}
+
+interface GeographicUsage {
+  country: string
+  city?: string
+  count: number
+  percentage: number
+}
+
+interface ToolUsagePanelProps {
+  toolUsage: ToolUsage[]
+  geographicUsage: GeographicUsage[]
+  totalCalls?: number
+  activeUsers?: number
+}
+
+export function ToolUsagePanel({ 
+  toolUsage, 
+  geographicUsage,
+  totalCalls = 0,
+  activeUsers = 0
+}: ToolUsagePanelProps) {
+  const formatToolData = (tools: ToolUsage[]) => {
+    return tools.map(tool => {
+      const responseTime = tool.avgResponseTime || 0;
+      const errorRate = tool.errorRate || 0;
+      
+      // Determine badge variant based on performance
+      let badgeVariant: "destructive" | "outline" | "secondary" | "default" = "secondary";
+      let badgeText = `${responseTime}ms`;
+      
+      if (responseTime > 1000) {
+        badgeVariant = "destructive";
+        badgeText = `SLOW (${responseTime}ms)`;
+      } else if (responseTime > 500) {
+        badgeVariant = "outline";
+      } else if (errorRate > 0.1) {
+        badgeVariant = "destructive";
+        badgeText = `${errorRate.toFixed(1)}% errors`;
+      }
+
+      return {
+        primary: tool.toolName,
+        secondary: `${tool.mcpMethod} • ${tool.usageCount} calls`,
+        value: `${tool.uniqueUsers} users`,
+        badge: badgeText,
+        badgeVariant: badgeVariant
+      };
+    });
+  }
+
+  const formatGeoData = (geo: GeographicUsage[]) => {
+    return geo.map(location => {
+      // Determine badge variant based on percentage
+      let badgeVariant: "destructive" | "outline" | "secondary" | "default" = "outline";
+      
+      if (location.percentage >= 50) {
+        badgeVariant = "default"; // Primary for high usage
+      } else if (location.percentage >= 20) {
+        badgeVariant = "secondary"; // Secondary for medium usage
+      }
+
+      return {
+        primary: location.country,
+        secondary: location.city || "Multiple cities",
+        value: `${location.count.toLocaleString()} calls`,
+        badge: `${location.percentage.toFixed(1)}%`,
+        badgeVariant: badgeVariant
+      };
+    });
+  }
+
+  return (
+    <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+      
+      {/* Card 1: Tool Usage Overview */}
+      <div className="bg-background border border-border rounded-lg shadow-sm p-6">
+        <div className="flex items-start justify-between mb-6">
+          <div className="space-y-1">
+            <h3 className="text-lg font-semibold text-foreground">Tool Usage Overview</h3>
+            <p className="text-sm text-muted-foreground">
+              {totalCalls.toLocaleString()} total calls by {activeUsers} active users
+            </p>
+          </div>
+          {/* Icon Container - Design System: spacing.3, borderRadius.xl, semantic colors */}
+          <div className="p-3 rounded-xl bg-primary-100 text-primary-600" aria-hidden="true">
+            <Wrench className="w-6 h-6" />
+          </div>
+        </div>
+        
+        {/* Quick Stats */}
+        <div className="grid grid-cols-2 gap-4">
+          <div className="text-center p-4 bg-muted/50 rounded-lg">
+            <div className="text-2xl font-bold text-foreground">{toolUsage.length}</div>
+            <div className="text-sm text-muted-foreground">Active Tools</div>
+          </div>
+          <div className="text-center p-4 bg-muted/50 rounded-lg">
+            <div className="text-2xl font-bold text-foreground">
+              {Math.round(totalCalls / (activeUsers || 1))}
+            </div>
+            <div className="text-sm text-muted-foreground">Calls per User</div>
+          </div>
+        </div>
+      </div>
+
+      {/* Card 2: Popular Tools */}
+      <DataTable
+        title="Most Used Tools"
+        icon={TrendingUp}
+        data={toolUsage.length > 0 ? formatToolData(toolUsage) : []}
+        emptyMessage="No tool usage data available"
+        maxItems={5}
+      />
+
+      {/* Card 3: Geographic Distribution */}
+      <DataTable
+        title="Usage by Location"
+        icon={MapPin}
+        data={geographicUsage.length > 0 ? formatGeoData(geographicUsage) : []}
+        emptyMessage="No geographic data available"
+        maxItems={5}
+      />
+
+      {/* Performance Insights */}
+      {/* <div className="bg-background border border-border rounded-lg shadow-sm p-6">
+        <div className="flex items-center gap-3 mb-4">
+          <div className="p-2 rounded-full bg-primary-100">
+            <Clock className="w-5 h-5 text-primary-600" />
+          </div>
+          <div>
+            <h4 className="font-semibold text-foreground">Performance Insights</h4>
+            <p className="text-sm text-muted-foreground">Tool response times and efficiency</p>
+          </div>
+        </div>
+        
+        <div className="space-y-3">
+          {toolUsage.slice(0, 3).map((tool, index) => (
+            <div key={index} className="flex items-center justify-between p-3 bg-muted/30 rounded-lg">
+              <div>
+                <div className="font-medium text-sm text-foreground">{tool.toolName}</div>
+                <div className="text-xs text-muted-foreground">{tool.mcpMethod}</div>
+              </div>
+              <div className="text-right">
+                <div className="font-medium text-sm text-foreground">
+                  {tool.avgResponseTime ? `${tool.avgResponseTime}ms` : 'N/A'}
+                </div>
+                <div className="text-xs text-muted-foreground">avg response</div>
+              </div>
+            </div>
+          ))}
+        </div>
+      </div> */}
+    </div>
+  )
+}
\ No newline at end of file
diff --git a/components/ui/chart.tsx b/components/ui/chart.tsx
new file mode 100644
index 0000000..b770cde
--- /dev/null
+++ b/components/ui/chart.tsx
@@ -0,0 +1,370 @@
+"use client"
+
+import * as React from "react"
+import * as RechartsPrimitive from "recharts"
+
+import { cn } from "@/lib/utils"
+
+// Format: { THEME_NAME: CSS_SELECTOR }
+const THEMES = { light: "", dark: ".dark" } as const
+
+export type ChartConfig = {
+  [k in string]: {
+    label?: React.ReactNode
+    icon?: React.ComponentType
+  } & (
+    | { color?: string; theme?: never }
+    | { color?: never; theme: Record<keyof typeof THEMES, string> }
+  )
+}
+
+type ChartContextProps = {
+  config: ChartConfig
+}
+
+const ChartContext = React.createContext<ChartContextProps | null>(null)
+
+function useChart() {
+  const context = React.useContext(ChartContext)
+
+  if (!context) {
+    throw new Error("useChart must be used within a <ChartContainer />")
+  }
+
+  return context
+}
+
+function ChartContainer({
+  id,
+  className,
+  children,
+  config,
+  ...props
+}: React.ComponentProps<"div"> & {
+  config: ChartConfig
+  children: React.ComponentProps<
+    typeof RechartsPrimitive.ResponsiveContainer
+  >["children"]
+}) {
+  const uniqueId = React.useId()
+  const chartId = `chart-${id || uniqueId.replace(/:/g, "")}`
+
+  return (
+    <ChartContext.Provider value={{ config }}>
+      <div
+        data-slot="chart"
+        data-chart={chartId}
+        className={cn(
+          "[&_.recharts-cartesian-axis-tick_text]:fill-muted-foreground [&_.recharts-cartesian-grid_line[stroke='#ccc']]:stroke-border/50 [&_.recharts-curve.recharts-tooltip-cursor]:stroke-border [&_.recharts-polar-grid_[stroke='#ccc']]:stroke-border [&_.recharts-radial-bar-background-sector]:fill-muted [&_.recharts-rectangle.recharts-tooltip-cursor]:fill-muted [&_.recharts-reference-line_[stroke='#ccc']]:stroke-border flex aspect-video justify-center text-xs [&_.recharts-dot[stroke='#fff']]:stroke-transparent [&_.recharts-layer]:outline-hidden [&_.recharts-sector]:outline-hidden [&_.recharts-sector[stroke='#fff']]:stroke-transparent [&_.recharts-surface]:outline-hidden",
+          className
+        )}
+        {...props}
+      >
+        <ChartStyle id={chartId} config={config} />
+        <RechartsPrimitive.ResponsiveContainer>
+          {children}
+        </RechartsPrimitive.ResponsiveContainer>
+      </div>
+    </ChartContext.Provider>
+  )
+}
+
+const ChartStyle = ({ id, config }: { id: string; config: ChartConfig }) => {
+  const colorConfig = Object.entries(config).filter(
+    ([, config]) => config.theme || config.color
+  )
+
+  if (!colorConfig.length) {
+    return null
+  }
+
+  return (
+    <style
+      dangerouslySetInnerHTML={{
+        __html: Object.entries(THEMES)
+          .map(
+            ([theme, prefix]) => `
+${prefix} [data-chart=${id}] {
+${colorConfig
+  .map(([key, itemConfig]) => {
+    const color =
+      itemConfig.theme?.[theme as keyof typeof itemConfig.theme] ||
+      itemConfig.color
+    return color ? `  --color-${key}: ${color};` : null
+  })
+  .join("\n")}
+}
+`
+          )
+          .join("\n"),
+      }}
+    />
+  )
+}
+
+const ChartTooltip = RechartsPrimitive.Tooltip
+
+function ChartTooltipContent({
+  active,
+  payload,
+  className,
+  indicator = "dot",
+  hideLabel = false,
+  hideIndicator = false,
+  label,
+  labelFormatter,
+  labelClassName,
+  formatter,
+  color,
+  nameKey,
+  labelKey,
+}: React.ComponentProps<typeof RechartsPrimitive.Tooltip> &
+  React.ComponentProps<"div"> & {
+    hideLabel?: boolean
+    hideIndicator?: boolean
+    indicator?: "line" | "dot" | "dashed"
+    nameKey?: string
+    labelKey?: string
+    payload?: Array<{
+      value: number | string
+      name?: string
+      dataKey?: string
+      color?: string
+      payload?: Record<string, unknown>
+    }>
+    active?: boolean
+    label?: string | number
+    labelFormatter?: (value: unknown, payload: unknown[]) => React.ReactNode
+    formatter?: (value: unknown, name: string, props: unknown, index: number, payload: unknown) => React.ReactNode
+  }) {
+  const { config } = useChart()
+
+  const tooltipLabel = React.useMemo(() => {
+    if (hideLabel || !payload?.length) {
+      return null
+    }
+
+    const [item] = payload
+    const key = `${labelKey || item?.dataKey || item?.name || "value"}`
+    const itemConfig = getPayloadConfigFromPayload(config, item, key)
+    const value =
+      !labelKey && typeof label === "string"
+        ? config[label as keyof typeof config]?.label || label
+        : itemConfig?.label
+
+    if (labelFormatter) {
+      return (
+        <div className={cn("font-medium", labelClassName)}>
+          {labelFormatter(value, payload)}
+        </div>
+      )
+    }
+
+    if (!value) {
+      return null
+    }
+
+    return <div className={cn("font-medium", labelClassName)}>{value}</div>
+  }, [
+    label,
+    labelFormatter,
+    payload,
+    hideLabel,
+    labelClassName,
+    config,
+    labelKey,
+  ])
+
+  if (!active || !payload?.length) {
+    return null
+  }
+
+  const nestLabel = payload.length === 1 && indicator !== "dot"
+
+  return (
+    <div
+      className={cn(
+        "border-border/50 bg-background grid min-w-[8rem] items-start gap-1.5 rounded-lg border px-2.5 py-1.5 text-xs shadow-xl",
+        className
+      )}
+    >
+      {!nestLabel ? tooltipLabel : null}
+      <div className="grid gap-1.5">
+        {payload.map((item, index) => {
+          const key = `${nameKey || item.name || item.dataKey || "value"}`
+          const itemConfig = getPayloadConfigFromPayload(config, item, key)
+          const indicatorColor = color || item.payload?.fill || item.color
+
+          return (
+            <div
+              key={item.dataKey}
+              className={cn(
+                "[&>svg]:text-muted-foreground flex w-full flex-wrap items-stretch gap-2 [&>svg]:h-2.5 [&>svg]:w-2.5",
+                indicator === "dot" && "items-center"
+              )}
+            >
+              {formatter && item?.value !== undefined && item.name ? (
+                formatter(item.value, item.name, item, index, item.payload)
+              ) : (
+                <>
+                  {itemConfig?.icon ? (
+                    <itemConfig.icon />
+                  ) : (
+                    !hideIndicator && (
+                      <div
+                        className={cn(
+                          "shrink-0 rounded-[2px] border-(--color-border) bg-(--color-bg)",
+                          {
+                            "h-2.5 w-2.5": indicator === "dot",
+                            "w-1": indicator === "line",
+                            "w-0 border-[1.5px] border-dashed bg-transparent":
+                              indicator === "dashed",
+                            "my-0.5": nestLabel && indicator === "dashed",
+                          }
+                        )}
+                        style={
+                          {
+                            "--color-bg": indicatorColor,
+                            "--color-border": indicatorColor,
+                          } as React.CSSProperties
+                        }
+                      />
+                    )
+                  )}
+                  <div
+                    className={cn(
+                      "flex flex-1 justify-between leading-none",
+                      nestLabel ? "items-end" : "items-center"
+                    )}
+                  >
+                    <div className="grid gap-1.5">
+                      {nestLabel ? tooltipLabel : null}
+                      <span className="text-muted-foreground">
+                        {itemConfig?.label || item.name}
+                      </span>
+                    </div>
+                    {item.value && (
+                      <span className="text-foreground font-mono font-medium tabular-nums">
+                        {item.value.toLocaleString()}
+                      </span>
+                    )}
+                  </div>
+                </>
+              )}
+            </div>
+          )
+        })}
+      </div>
+    </div>
+  )
+}
+
+const ChartLegend = RechartsPrimitive.Legend
+
+function ChartLegendContent({
+  className,
+  hideIcon = false,
+  payload,
+  verticalAlign = "bottom",
+  nameKey,
+}: React.ComponentProps<"div"> & {
+    hideIcon?: boolean
+    nameKey?: string
+    payload?: Array<{
+      value: string | number
+      type?: string
+      color?: string
+      dataKey?: string
+    }>
+    verticalAlign?: "top" | "middle" | "bottom"
+  }) {
+  const { config } = useChart()
+
+  if (!payload?.length) {
+    return null
+  }
+
+  return (
+    <div
+      className={cn(
+        "flex items-center justify-center gap-4",
+        verticalAlign === "top" ? "pb-3" : "pt-3",
+        className
+      )}
+    >
+      {payload.map((item) => {
+        const key = `${nameKey || item.dataKey || "value"}`
+        const itemConfig = getPayloadConfigFromPayload(config, item, key)
+
+        return (
+          <div
+            key={item.value}
+            className={cn(
+              "[&>svg]:text-muted-foreground flex items-center gap-1.5 [&>svg]:h-3 [&>svg]:w-3"
+            )}
+          >
+            {itemConfig?.icon && !hideIcon ? (
+              <itemConfig.icon />
+            ) : (
+              <div
+                className="h-2 w-2 shrink-0 rounded-[2px]"
+                style={{
+                  backgroundColor: item.color,
+                }}
+              />
+            )}
+            {itemConfig?.label}
+          </div>
+        )
+      })}
+    </div>
+  )
+}
+
+// Helper to extract item config from a payload.
+function getPayloadConfigFromPayload(
+  config: ChartConfig,
+  payload: unknown,
+  key: string
+) {
+  if (typeof payload !== "object" || payload === null) {
+    return undefined
+  }
+
+  const payloadPayload =
+    "payload" in payload &&
+    typeof payload.payload === "object" &&
+    payload.payload !== null
+      ? payload.payload
+      : undefined
+
+  let configLabelKey: string = key
+
+  if (
+    key in payload &&
+    typeof payload[key as keyof typeof payload] === "string"
+  ) {
+    configLabelKey = payload[key as keyof typeof payload] as string
+  } else if (
+    payloadPayload &&
+    key in payloadPayload &&
+    typeof payloadPayload[key as keyof typeof payloadPayload] === "string"
+  ) {
+    configLabelKey = payloadPayload[
+      key as keyof typeof payloadPayload
+    ] as string
+  }
+
+  return configLabelKey in config
+    ? config[configLabelKey]
+    : config[key as keyof typeof config]
+}
+
+export {
+  ChartContainer,
+  ChartTooltip,
+  ChartTooltipContent,
+  ChartLegend,
+  ChartLegendContent,
+  ChartStyle,
+}
diff --git a/components/ui/collapsible.tsx b/components/ui/collapsible.tsx
new file mode 100644
index 0000000..ae9fad0
--- /dev/null
+++ b/components/ui/collapsible.tsx
@@ -0,0 +1,33 @@
+"use client"
+
+import * as CollapsiblePrimitive from "@radix-ui/react-collapsible"
+
+function Collapsible({
+  ...props
+}: React.ComponentProps<typeof CollapsiblePrimitive.Root>) {
+  return <CollapsiblePrimitive.Root data-slot="collapsible" {...props} />
+}
+
+function CollapsibleTrigger({
+  ...props
+}: React.ComponentProps<typeof CollapsiblePrimitive.CollapsibleTrigger>) {
+  return (
+    <CollapsiblePrimitive.CollapsibleTrigger
+      data-slot="collapsible-trigger"
+      {...props}
+    />
+  )
+}
+
+function CollapsibleContent({
+  ...props
+}: React.ComponentProps<typeof CollapsiblePrimitive.CollapsibleContent>) {
+  return (
+    <CollapsiblePrimitive.CollapsibleContent
+      data-slot="collapsible-content"
+      {...props}
+    />
+  )
+}
+
+export { Collapsible, CollapsibleTrigger, CollapsibleContent }
diff --git a/generated/prisma/edge.js b/generated/prisma/edge.js
index 71fd578..ec05859 100644
--- a/generated/prisma/edge.js
+++ b/generated/prisma/edge.js
@@ -189,6 +189,7 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   method: 'method',
   statusCode: 'statusCode',
   responseTime: 'responseTime',
+  expiresAt: 'expiresAt',
   clientId: 'clientId',
   userId: 'userId',
   mcpServerId: 'mcpServerId',
@@ -203,7 +204,11 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   clientType: 'clientType',
   platform: 'platform',
   mcpMethod: 'mcpMethod',
-  toolName: 'toolName'
+  toolName: 'toolName',
+  oauthGrantType: 'oauthGrantType',
+  tokenScopes: 'tokenScopes',
+  usePKCE: 'usePKCE',
+  redirectUri: 'redirectUri'
 };
 
 exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
@@ -211,6 +216,7 @@ exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
   timestamp: 'timestamp',
   eventType: 'eventType',
   severity: 'severity',
+  expiresAt: 'expiresAt',
   userId: 'userId',
   clientId: 'clientId',
   mcpServerId: 'mcpServerId',
@@ -262,7 +268,10 @@ exports.SecurityEventType = exports.$Enums.SecurityEventType = {
   UNUSUAL_LOCATION: 'UNUSUAL_LOCATION',
   PRIVILEGE_ESCALATION: 'PRIVILEGE_ESCALATION',
   MALFORMED_REQUEST: 'MALFORMED_REQUEST',
-  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT'
+  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT',
+  OAUTH_INVALID_CLIENT: 'OAUTH_INVALID_CLIENT',
+  OAUTH_INVALID_GRANT: 'OAUTH_INVALID_GRANT',
+  OAUTH_INVALID_SCOPE: 'OAUTH_INVALID_SCOPE'
 };
 
 exports.Prisma.ModelName = {
@@ -326,13 +335,13 @@ const config = {
       }
     }
   },
-  "inlineSchema": "generator client {\n  provider   = \"prisma-client-js\"\n  output     = \"../generated/prisma\"\n  engineType = \"library\"\n}\n\ndatasource db {\n  provider = \"postgresql\"\n  url      = env(\"DATABASE_URL\")\n}\n\nmodel User {\n  id            String         @id @default(cuid())\n  name          String?\n  email         String?        @unique\n  emailVerified DateTime?\n  image         String?\n  accounts      Account[]\n  sessions      Session[]\n  clients       Client[]\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n}\n\nmodel Account {\n  id                String  @id @default(cuid())\n  userId            String\n  type              String\n  provider          String\n  providerAccountId String\n  refresh_token     String? @db.Text\n  access_token      String? @db.Text\n  expires_at        Int?\n  token_type        String?\n  scope             String?\n  id_token          String? @db.Text\n  session_state     String?\n\n  user User @relation(fields: [userId], references: [id], onDelete: Cascade)\n\n  @@unique([provider, providerAccountId])\n}\n\nmodel Session {\n  id           String   @id @default(cuid())\n  sessionToken String   @unique\n  userId       String\n  expires      DateTime\n  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n}\n\nmodel VerificationToken {\n  identifier String\n  token      String\n  expires    DateTime\n\n  @@unique([identifier, token])\n}\n\nmodel Client {\n  id            String         @id @default(cuid())\n  clientId      String         @unique @default(cuid())\n  clientSecret  String\n  name          String\n  redirectUris  String[]\n  userId        String?\n  user          User?          @relation(fields: [userId], references: [id], onDelete: Cascade)\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n}\n\nmodel AccessToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel AuthCode {\n  id                  String   @id @default(cuid())\n  code                String   @unique\n  expiresAt           DateTime\n  clientId            String\n  client              Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId              String\n  user                User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  redirectUri         String\n  codeChallenge       String?\n  codeChallengeMethod String?\n  resource            String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel RefreshToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\n// Enhanced Analytics Schema for Enterprise MCP\nmodel MCPServer {\n  id          String  @id @default(cuid())\n  name        String // \"CRM Server\", \"Finance API\", etc\n  identifier  String  @unique // mcp://crm.company.com\n  description String?\n  version     String?\n\n  // Relations\n  requests       AnalyticsRequest[]\n  securityEvents AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n\n  @@index([identifier])\n}\n\nmodel AnalyticsRequest {\n  id           String   @id @default(cuid())\n  timestamp    DateTime @default(now())\n  endpoint     String // /mcp/sse, /mcp/mcp, etc\n  method       String // GET, POST, etc\n  statusCode   Int\n  responseTime Int // milliseconds\n\n  // Enhanced client/user tracking with proper relations\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Enterprise SSO context\n  ssoProvider  String? // \"google\", \"azure-ad\", \"okta\"\n  userRole     String? // from JWT claims\n  scopes       String[] // OAuth scopes used\n  organization String? // from SSO claims\n\n  // Request metadata\n  ipAddress String\n  userAgent String @db.Text\n\n  // Geographic data (optional, populated async)\n  country String?\n  city    String?\n\n  // Derived fields for performance\n  clientType String? // mcp-client, browser, etc\n  platform   String? // windows, macos, linux\n\n  // MCP-specific tracking\n  mcpMethod String? // \"tools/list\", \"tools/call\", etc\n  toolName  String? // specific tool being called\n\n  // Indexes for fast queries\n  @@index([timestamp])\n  @@index([endpoint])\n  @@index([clientId])\n  @@index([userId])\n  @@index([mcpServerId])\n  @@index([statusCode])\n  @@index([timestamp, endpoint])\n  @@index([timestamp, clientId])\n  @@index([timestamp, userId])\n  @@index([organization])\n  @@index([ssoProvider])\n}\n\nenum SecurityEventType {\n  AUTH_FAILURE\n  INVALID_TOKEN\n  SUSPICIOUS_ACTIVITY\n  RATE_LIMIT_EXCEEDED\n  UNAUTHORIZED_ACCESS\n  TOKEN_REUSE\n  UNUSUAL_LOCATION\n  PRIVILEGE_ESCALATION\n  MALFORMED_REQUEST\n  BRUTE_FORCE_ATTEMPT\n}\n\nmodel AnalyticsSecurity {\n  id        String            @id @default(cuid())\n  timestamp DateTime          @default(now())\n  eventType SecurityEventType\n  severity  String // \"low\", \"medium\", \"high\", \"critical\"\n\n  // Enhanced context\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Request context\n  ipAddress String\n  userAgent String  @db.Text\n  endpoint  String? // endpoint where event occurred\n\n  // Geographic tracking\n  country String?\n  city    String?\n\n  // Enterprise context\n  organization String?\n  ssoProvider  String?\n\n  // Structured event details\n  details Json // structured data instead of text\n\n  // Risk scoring\n  riskScore  Int       @default(0) // 0-100\n  resolved   Boolean   @default(false)\n  resolvedAt DateTime?\n  resolvedBy String? // admin who resolved\n\n  // Indexes for security queries\n  @@index([timestamp])\n  @@index([eventType])\n  @@index([severity])\n  @@index([ipAddress])\n  @@index([userId])\n  @@index([clientId])\n  @@index([mcpServerId])\n  @@index([timestamp, eventType])\n  @@index([timestamp, severity])\n  @@index([organization])\n  @@index([resolved])\n  @@index([riskScore])\n}\n",
-  "inlineSchemaHash": "6e39df96fa8b453ddd2f6ebcd37a5f7e6bec7c4c4ce65c34bece574730aeca32",
+  "inlineSchema": "generator client {\n  provider   = \"prisma-client-js\"\n  output     = \"../generated/prisma\"\n  engineType = \"library\"\n}\n\ndatasource db {\n  provider = \"postgresql\"\n  url      = env(\"DATABASE_URL\")\n}\n\nmodel User {\n  id            String         @id @default(cuid())\n  name          String?\n  email         String?        @unique\n  emailVerified DateTime?\n  image         String?\n  accounts      Account[]\n  sessions      Session[]\n  clients       Client[]\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n}\n\nmodel Account {\n  id                String  @id @default(cuid())\n  userId            String\n  type              String\n  provider          String\n  providerAccountId String\n  refresh_token     String? @db.Text\n  access_token      String? @db.Text\n  expires_at        Int?\n  token_type        String?\n  scope             String?\n  id_token          String? @db.Text\n  session_state     String?\n\n  user User @relation(fields: [userId], references: [id], onDelete: Cascade)\n\n  @@unique([provider, providerAccountId])\n}\n\nmodel Session {\n  id           String   @id @default(cuid())\n  sessionToken String   @unique\n  userId       String\n  expires      DateTime\n  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n}\n\nmodel VerificationToken {\n  identifier String\n  token      String\n  expires    DateTime\n\n  @@unique([identifier, token])\n}\n\nmodel Client {\n  id            String         @id @default(cuid())\n  clientId      String         @unique @default(cuid())\n  clientSecret  String\n  name          String\n  redirectUris  String[]\n  userId        String?\n  user          User?          @relation(fields: [userId], references: [id], onDelete: Cascade)\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n}\n\nmodel AccessToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel AuthCode {\n  id                  String   @id @default(cuid())\n  code                String   @unique\n  expiresAt           DateTime\n  clientId            String\n  client              Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId              String\n  user                User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  redirectUri         String\n  codeChallenge       String?\n  codeChallengeMethod String?\n  resource            String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel RefreshToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\n// Enhanced Analytics Schema for Enterprise MCP\nmodel MCPServer {\n  id          String  @id @default(cuid())\n  name        String // \"CRM Server\", \"Finance API\", etc\n  identifier  String  @unique // mcp://crm.company.com\n  description String?\n  version     String?\n\n  // Relations\n  requests       AnalyticsRequest[]\n  securityEvents AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n\n  @@index([identifier])\n}\n\nmodel AnalyticsRequest {\n  id           String   @id @default(cuid())\n  timestamp    DateTime @default(now())\n  endpoint     String // /mcp/sse, /mcp/mcp, etc\n  method       String // GET, POST, etc\n  statusCode   Int\n  responseTime Int // milliseconds\n\n  // TTL field - automatically set to 14 days from creation\n  expiresAt DateTime @default(dbgenerated(\"NOW() + INTERVAL '14 days'\"))\n\n  // Enhanced client/user tracking with proper relations\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Enterprise SSO context\n  ssoProvider  String? // \"google\", \"azure-ad\", \"okta\"\n  userRole     String? // from JWT claims\n  scopes       String[] // OAuth scopes used\n  organization String? // from SSO claims\n\n  // Request metadata\n  ipAddress String\n  userAgent String @db.Text\n\n  // Geographic data (optional, populated async)\n  country String?\n  city    String?\n\n  // Derived fields for performance\n  clientType String? // mcp-client, browser, etc\n  platform   String? // windows, macos, linux\n\n  // MCP-specific tracking\n  mcpMethod String? // \"tools/list\", \"tools/call\", etc\n  toolName  String? // specific tool being called\n\n  // OAuth-specific tracking\n  oauthGrantType String? // \"authorization_code\", \"refresh_token\", \"client_credentials\"\n  tokenScopes    String[] // OAuth scopes granted/requested\n  usePKCE        Boolean? // Whether PKCE was used in this flow\n  redirectUri    String? // OAuth redirect URI used\n\n  // Indexes for fast queries\n  @@index([timestamp])\n  @@index([endpoint])\n  @@index([clientId])\n  @@index([userId])\n  @@index([mcpServerId])\n  @@index([statusCode])\n  @@index([timestamp, endpoint])\n  @@index([timestamp, clientId])\n  @@index([timestamp, userId])\n  @@index([organization])\n  @@index([ssoProvider])\n  @@index([oauthGrantType])\n  @@index([usePKCE])\n  @@index([expiresAt])\n}\n\nenum SecurityEventType {\n  AUTH_FAILURE\n  INVALID_TOKEN\n  SUSPICIOUS_ACTIVITY\n  RATE_LIMIT_EXCEEDED\n  UNAUTHORIZED_ACCESS\n  TOKEN_REUSE\n  UNUSUAL_LOCATION\n  PRIVILEGE_ESCALATION\n  MALFORMED_REQUEST\n  BRUTE_FORCE_ATTEMPT\n  OAUTH_INVALID_CLIENT\n  OAUTH_INVALID_GRANT\n  OAUTH_INVALID_SCOPE\n}\n\nmodel AnalyticsSecurity {\n  id        String            @id @default(cuid())\n  timestamp DateTime          @default(now())\n  eventType SecurityEventType\n  severity  String // \"low\", \"medium\", \"high\", \"critical\"\n\n  // TTL field - automatically set to 14 days from creation\n  expiresAt DateTime @default(dbgenerated(\"NOW() + INTERVAL '14 days'\"))\n\n  // Enhanced context\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Request context\n  ipAddress String\n  userAgent String  @db.Text\n  endpoint  String? // endpoint where event occurred\n\n  // Geographic tracking\n  country String?\n  city    String?\n\n  // Enterprise context\n  organization String?\n  ssoProvider  String?\n\n  // Structured event details\n  details Json // structured data instead of text\n\n  // Risk scoring\n  riskScore  Int       @default(0) // 0-100\n  resolved   Boolean   @default(false)\n  resolvedAt DateTime?\n  resolvedBy String? // admin who resolved\n\n  // Indexes for security queries\n  @@index([timestamp])\n  @@index([eventType])\n  @@index([severity])\n  @@index([ipAddress])\n  @@index([userId])\n  @@index([clientId])\n  @@index([mcpServerId])\n  @@index([timestamp, eventType])\n  @@index([timestamp, severity])\n  @@index([organization])\n  @@index([resolved])\n  @@index([riskScore])\n  @@index([expiresAt])\n}\n",
+  "inlineSchemaHash": "5a9b45bfbe4a1dcef69adb98c31bd3ac4bd2580e153982df5607e9ed04e71ed1",
   "copyEngine": false
 }
 config.dirname = '/'
 
-config.runtimeDataModel = JSON.parse("{\"models\":{\"User\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"email\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"emailVerified\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"image\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accounts\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Account\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessions\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Session\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clients\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"Account\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"provider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"providerAccountId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refresh_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"access_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires_at\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token_type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scope\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"id_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"session_state\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"provider\",\"providerAccountId\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"provider\",\"providerAccountId\"]}],\"isGenerated\":false},\"Session\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessionToken\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"VerificationToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"identifier\",\"token\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"identifier\",\"token\"]}],\"isGenerated\":false},\"Client\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientSecret\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUris\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AccessToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AuthCode\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"code\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallenge\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallengeMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"RefreshToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"MCPServer\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"description\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"version\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"requests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsRequest\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"method\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"statusCode\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"responseTime\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userRole\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"platform\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"toolName\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsSecurity\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"eventType\",\"kind\":\"enum\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"SecurityEventType\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"severity\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"details\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Json\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"riskScore\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Int\",\"nativeType\":null,\"default\":0,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolved\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Boolean\",\"nativeType\":null,\"default\":false,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedBy\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false}},\"enums\":{\"SecurityEventType\":{\"values\":[{\"name\":\"AUTH_FAILURE\",\"dbName\":null},{\"name\":\"INVALID_TOKEN\",\"dbName\":null},{\"name\":\"SUSPICIOUS_ACTIVITY\",\"dbName\":null},{\"name\":\"RATE_LIMIT_EXCEEDED\",\"dbName\":null},{\"name\":\"UNAUTHORIZED_ACCESS\",\"dbName\":null},{\"name\":\"TOKEN_REUSE\",\"dbName\":null},{\"name\":\"UNUSUAL_LOCATION\",\"dbName\":null},{\"name\":\"PRIVILEGE_ESCALATION\",\"dbName\":null},{\"name\":\"MALFORMED_REQUEST\",\"dbName\":null},{\"name\":\"BRUTE_FORCE_ATTEMPT\",\"dbName\":null}],\"dbName\":null}},\"types\":{}}")
+config.runtimeDataModel = JSON.parse("{\"models\":{\"User\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"email\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"emailVerified\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"image\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accounts\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Account\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessions\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Session\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clients\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"Account\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"provider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"providerAccountId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refresh_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"access_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires_at\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token_type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scope\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"id_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"session_state\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"provider\",\"providerAccountId\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"provider\",\"providerAccountId\"]}],\"isGenerated\":false},\"Session\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessionToken\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"VerificationToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"identifier\",\"token\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"identifier\",\"token\"]}],\"isGenerated\":false},\"Client\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientSecret\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUris\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AccessToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AuthCode\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"code\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallenge\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallengeMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"RefreshToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"MCPServer\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"description\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"version\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"requests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsRequest\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"method\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"statusCode\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"responseTime\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"dbgenerated\",\"args\":[\"NOW() + INTERVAL '14 days'\"]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userRole\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"platform\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"toolName\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"oauthGrantType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"tokenScopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"usePKCE\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Boolean\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsSecurity\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"eventType\",\"kind\":\"enum\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"SecurityEventType\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"severity\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"dbgenerated\",\"args\":[\"NOW() + INTERVAL '14 days'\"]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"details\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Json\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"riskScore\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Int\",\"nativeType\":null,\"default\":0,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolved\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Boolean\",\"nativeType\":null,\"default\":false,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedBy\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false}},\"enums\":{\"SecurityEventType\":{\"values\":[{\"name\":\"AUTH_FAILURE\",\"dbName\":null},{\"name\":\"INVALID_TOKEN\",\"dbName\":null},{\"name\":\"SUSPICIOUS_ACTIVITY\",\"dbName\":null},{\"name\":\"RATE_LIMIT_EXCEEDED\",\"dbName\":null},{\"name\":\"UNAUTHORIZED_ACCESS\",\"dbName\":null},{\"name\":\"TOKEN_REUSE\",\"dbName\":null},{\"name\":\"UNUSUAL_LOCATION\",\"dbName\":null},{\"name\":\"PRIVILEGE_ESCALATION\",\"dbName\":null},{\"name\":\"MALFORMED_REQUEST\",\"dbName\":null},{\"name\":\"BRUTE_FORCE_ATTEMPT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_CLIENT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_GRANT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_SCOPE\",\"dbName\":null}],\"dbName\":null}},\"types\":{}}")
 defineDmmfProperty(exports.Prisma, config.runtimeDataModel)
 config.engineWasm = undefined
 config.compilerWasm = undefined
diff --git a/generated/prisma/index-browser.js b/generated/prisma/index-browser.js
index b515eaf..bf5d12d 100644
--- a/generated/prisma/index-browser.js
+++ b/generated/prisma/index-browser.js
@@ -217,6 +217,7 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   method: 'method',
   statusCode: 'statusCode',
   responseTime: 'responseTime',
+  expiresAt: 'expiresAt',
   clientId: 'clientId',
   userId: 'userId',
   mcpServerId: 'mcpServerId',
@@ -231,7 +232,11 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   clientType: 'clientType',
   platform: 'platform',
   mcpMethod: 'mcpMethod',
-  toolName: 'toolName'
+  toolName: 'toolName',
+  oauthGrantType: 'oauthGrantType',
+  tokenScopes: 'tokenScopes',
+  usePKCE: 'usePKCE',
+  redirectUri: 'redirectUri'
 };
 
 exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
@@ -239,6 +244,7 @@ exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
   timestamp: 'timestamp',
   eventType: 'eventType',
   severity: 'severity',
+  expiresAt: 'expiresAt',
   userId: 'userId',
   clientId: 'clientId',
   mcpServerId: 'mcpServerId',
@@ -290,7 +296,10 @@ exports.SecurityEventType = exports.$Enums.SecurityEventType = {
   UNUSUAL_LOCATION: 'UNUSUAL_LOCATION',
   PRIVILEGE_ESCALATION: 'PRIVILEGE_ESCALATION',
   MALFORMED_REQUEST: 'MALFORMED_REQUEST',
-  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT'
+  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT',
+  OAUTH_INVALID_CLIENT: 'OAUTH_INVALID_CLIENT',
+  OAUTH_INVALID_GRANT: 'OAUTH_INVALID_GRANT',
+  OAUTH_INVALID_SCOPE: 'OAUTH_INVALID_SCOPE'
 };
 
 exports.Prisma.ModelName = {
diff --git a/generated/prisma/index.d.ts b/generated/prisma/index.d.ts
index 2b3d243..1604456 100644
--- a/generated/prisma/index.d.ts
+++ b/generated/prisma/index.d.ts
@@ -83,7 +83,10 @@ export namespace $Enums {
   UNUSUAL_LOCATION: 'UNUSUAL_LOCATION',
   PRIVILEGE_ESCALATION: 'PRIVILEGE_ESCALATION',
   MALFORMED_REQUEST: 'MALFORMED_REQUEST',
-  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT'
+  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT',
+  OAUTH_INVALID_CLIENT: 'OAUTH_INVALID_CLIENT',
+  OAUTH_INVALID_GRANT: 'OAUTH_INVALID_GRANT',
+  OAUTH_INVALID_SCOPE: 'OAUTH_INVALID_SCOPE'
 };
 
 export type SecurityEventType = (typeof SecurityEventType)[keyof typeof SecurityEventType]
@@ -12189,6 +12192,7 @@ export namespace Prisma {
     method: string | null
     statusCode: number | null
     responseTime: number | null
+    expiresAt: Date | null
     clientId: string | null
     userId: string | null
     mcpServerId: string | null
@@ -12203,6 +12207,9 @@ export namespace Prisma {
     platform: string | null
     mcpMethod: string | null
     toolName: string | null
+    oauthGrantType: string | null
+    usePKCE: boolean | null
+    redirectUri: string | null
   }
 
   export type AnalyticsRequestMaxAggregateOutputType = {
@@ -12212,6 +12219,7 @@ export namespace Prisma {
     method: string | null
     statusCode: number | null
     responseTime: number | null
+    expiresAt: Date | null
     clientId: string | null
     userId: string | null
     mcpServerId: string | null
@@ -12226,6 +12234,9 @@ export namespace Prisma {
     platform: string | null
     mcpMethod: string | null
     toolName: string | null
+    oauthGrantType: string | null
+    usePKCE: boolean | null
+    redirectUri: string | null
   }
 
   export type AnalyticsRequestCountAggregateOutputType = {
@@ -12235,6 +12246,7 @@ export namespace Prisma {
     method: number
     statusCode: number
     responseTime: number
+    expiresAt: number
     clientId: number
     userId: number
     mcpServerId: number
@@ -12250,6 +12262,10 @@ export namespace Prisma {
     platform: number
     mcpMethod: number
     toolName: number
+    oauthGrantType: number
+    tokenScopes: number
+    usePKCE: number
+    redirectUri: number
     _all: number
   }
 
@@ -12271,6 +12287,7 @@ export namespace Prisma {
     method?: true
     statusCode?: true
     responseTime?: true
+    expiresAt?: true
     clientId?: true
     userId?: true
     mcpServerId?: true
@@ -12285,6 +12302,9 @@ export namespace Prisma {
     platform?: true
     mcpMethod?: true
     toolName?: true
+    oauthGrantType?: true
+    usePKCE?: true
+    redirectUri?: true
   }
 
   export type AnalyticsRequestMaxAggregateInputType = {
@@ -12294,6 +12314,7 @@ export namespace Prisma {
     method?: true
     statusCode?: true
     responseTime?: true
+    expiresAt?: true
     clientId?: true
     userId?: true
     mcpServerId?: true
@@ -12308,6 +12329,9 @@ export namespace Prisma {
     platform?: true
     mcpMethod?: true
     toolName?: true
+    oauthGrantType?: true
+    usePKCE?: true
+    redirectUri?: true
   }
 
   export type AnalyticsRequestCountAggregateInputType = {
@@ -12317,6 +12341,7 @@ export namespace Prisma {
     method?: true
     statusCode?: true
     responseTime?: true
+    expiresAt?: true
     clientId?: true
     userId?: true
     mcpServerId?: true
@@ -12332,6 +12357,10 @@ export namespace Prisma {
     platform?: true
     mcpMethod?: true
     toolName?: true
+    oauthGrantType?: true
+    tokenScopes?: true
+    usePKCE?: true
+    redirectUri?: true
     _all?: true
   }
 
@@ -12428,6 +12457,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt: Date
     clientId: string | null
     userId: string | null
     mcpServerId: string | null
@@ -12443,6 +12473,10 @@ export namespace Prisma {
     platform: string | null
     mcpMethod: string | null
     toolName: string | null
+    oauthGrantType: string | null
+    tokenScopes: string[]
+    usePKCE: boolean | null
+    redirectUri: string | null
     _count: AnalyticsRequestCountAggregateOutputType | null
     _avg: AnalyticsRequestAvgAggregateOutputType | null
     _sum: AnalyticsRequestSumAggregateOutputType | null
@@ -12471,6 +12505,7 @@ export namespace Prisma {
     method?: boolean
     statusCode?: boolean
     responseTime?: boolean
+    expiresAt?: boolean
     clientId?: boolean
     userId?: boolean
     mcpServerId?: boolean
@@ -12486,6 +12521,10 @@ export namespace Prisma {
     platform?: boolean
     mcpMethod?: boolean
     toolName?: boolean
+    oauthGrantType?: boolean
+    tokenScopes?: boolean
+    usePKCE?: boolean
+    redirectUri?: boolean
     client?: boolean | AnalyticsRequest$clientArgs<ExtArgs>
     user?: boolean | AnalyticsRequest$userArgs<ExtArgs>
     mcpServer?: boolean | AnalyticsRequest$mcpServerArgs<ExtArgs>
@@ -12498,6 +12537,7 @@ export namespace Prisma {
     method?: boolean
     statusCode?: boolean
     responseTime?: boolean
+    expiresAt?: boolean
     clientId?: boolean
     userId?: boolean
     mcpServerId?: boolean
@@ -12513,6 +12553,10 @@ export namespace Prisma {
     platform?: boolean
     mcpMethod?: boolean
     toolName?: boolean
+    oauthGrantType?: boolean
+    tokenScopes?: boolean
+    usePKCE?: boolean
+    redirectUri?: boolean
     client?: boolean | AnalyticsRequest$clientArgs<ExtArgs>
     user?: boolean | AnalyticsRequest$userArgs<ExtArgs>
     mcpServer?: boolean | AnalyticsRequest$mcpServerArgs<ExtArgs>
@@ -12525,6 +12569,7 @@ export namespace Prisma {
     method?: boolean
     statusCode?: boolean
     responseTime?: boolean
+    expiresAt?: boolean
     clientId?: boolean
     userId?: boolean
     mcpServerId?: boolean
@@ -12540,6 +12585,10 @@ export namespace Prisma {
     platform?: boolean
     mcpMethod?: boolean
     toolName?: boolean
+    oauthGrantType?: boolean
+    tokenScopes?: boolean
+    usePKCE?: boolean
+    redirectUri?: boolean
     client?: boolean | AnalyticsRequest$clientArgs<ExtArgs>
     user?: boolean | AnalyticsRequest$userArgs<ExtArgs>
     mcpServer?: boolean | AnalyticsRequest$mcpServerArgs<ExtArgs>
@@ -12552,6 +12601,7 @@ export namespace Prisma {
     method?: boolean
     statusCode?: boolean
     responseTime?: boolean
+    expiresAt?: boolean
     clientId?: boolean
     userId?: boolean
     mcpServerId?: boolean
@@ -12567,9 +12617,13 @@ export namespace Prisma {
     platform?: boolean
     mcpMethod?: boolean
     toolName?: boolean
+    oauthGrantType?: boolean
+    tokenScopes?: boolean
+    usePKCE?: boolean
+    redirectUri?: boolean
   }
 
-  export type AnalyticsRequestOmit<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = $Extensions.GetOmit<"id" | "timestamp" | "endpoint" | "method" | "statusCode" | "responseTime" | "clientId" | "userId" | "mcpServerId" | "ssoProvider" | "userRole" | "scopes" | "organization" | "ipAddress" | "userAgent" | "country" | "city" | "clientType" | "platform" | "mcpMethod" | "toolName", ExtArgs["result"]["analyticsRequest"]>
+  export type AnalyticsRequestOmit<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = $Extensions.GetOmit<"id" | "timestamp" | "endpoint" | "method" | "statusCode" | "responseTime" | "expiresAt" | "clientId" | "userId" | "mcpServerId" | "ssoProvider" | "userRole" | "scopes" | "organization" | "ipAddress" | "userAgent" | "country" | "city" | "clientType" | "platform" | "mcpMethod" | "toolName" | "oauthGrantType" | "tokenScopes" | "usePKCE" | "redirectUri", ExtArgs["result"]["analyticsRequest"]>
   export type AnalyticsRequestInclude<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = {
     client?: boolean | AnalyticsRequest$clientArgs<ExtArgs>
     user?: boolean | AnalyticsRequest$userArgs<ExtArgs>
@@ -12600,6 +12654,7 @@ export namespace Prisma {
       method: string
       statusCode: number
       responseTime: number
+      expiresAt: Date
       clientId: string | null
       userId: string | null
       mcpServerId: string | null
@@ -12615,6 +12670,10 @@ export namespace Prisma {
       platform: string | null
       mcpMethod: string | null
       toolName: string | null
+      oauthGrantType: string | null
+      tokenScopes: string[]
+      usePKCE: boolean | null
+      redirectUri: string | null
     }, ExtArgs["result"]["analyticsRequest"]>
     composites: {}
   }
@@ -13047,6 +13106,7 @@ export namespace Prisma {
     readonly method: FieldRef<"AnalyticsRequest", 'String'>
     readonly statusCode: FieldRef<"AnalyticsRequest", 'Int'>
     readonly responseTime: FieldRef<"AnalyticsRequest", 'Int'>
+    readonly expiresAt: FieldRef<"AnalyticsRequest", 'DateTime'>
     readonly clientId: FieldRef<"AnalyticsRequest", 'String'>
     readonly userId: FieldRef<"AnalyticsRequest", 'String'>
     readonly mcpServerId: FieldRef<"AnalyticsRequest", 'String'>
@@ -13062,6 +13122,10 @@ export namespace Prisma {
     readonly platform: FieldRef<"AnalyticsRequest", 'String'>
     readonly mcpMethod: FieldRef<"AnalyticsRequest", 'String'>
     readonly toolName: FieldRef<"AnalyticsRequest", 'String'>
+    readonly oauthGrantType: FieldRef<"AnalyticsRequest", 'String'>
+    readonly tokenScopes: FieldRef<"AnalyticsRequest", 'String[]'>
+    readonly usePKCE: FieldRef<"AnalyticsRequest", 'Boolean'>
+    readonly redirectUri: FieldRef<"AnalyticsRequest", 'String'>
   }
     
 
@@ -13558,6 +13622,7 @@ export namespace Prisma {
     timestamp: Date | null
     eventType: $Enums.SecurityEventType | null
     severity: string | null
+    expiresAt: Date | null
     userId: string | null
     clientId: string | null
     mcpServerId: string | null
@@ -13579,6 +13644,7 @@ export namespace Prisma {
     timestamp: Date | null
     eventType: $Enums.SecurityEventType | null
     severity: string | null
+    expiresAt: Date | null
     userId: string | null
     clientId: string | null
     mcpServerId: string | null
@@ -13600,6 +13666,7 @@ export namespace Prisma {
     timestamp: number
     eventType: number
     severity: number
+    expiresAt: number
     userId: number
     clientId: number
     mcpServerId: number
@@ -13632,6 +13699,7 @@ export namespace Prisma {
     timestamp?: true
     eventType?: true
     severity?: true
+    expiresAt?: true
     userId?: true
     clientId?: true
     mcpServerId?: true
@@ -13653,6 +13721,7 @@ export namespace Prisma {
     timestamp?: true
     eventType?: true
     severity?: true
+    expiresAt?: true
     userId?: true
     clientId?: true
     mcpServerId?: true
@@ -13674,6 +13743,7 @@ export namespace Prisma {
     timestamp?: true
     eventType?: true
     severity?: true
+    expiresAt?: true
     userId?: true
     clientId?: true
     mcpServerId?: true
@@ -13783,6 +13853,7 @@ export namespace Prisma {
     timestamp: Date
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt: Date
     userId: string | null
     clientId: string | null
     mcpServerId: string | null
@@ -13824,6 +13895,7 @@ export namespace Prisma {
     timestamp?: boolean
     eventType?: boolean
     severity?: boolean
+    expiresAt?: boolean
     userId?: boolean
     clientId?: boolean
     mcpServerId?: boolean
@@ -13849,6 +13921,7 @@ export namespace Prisma {
     timestamp?: boolean
     eventType?: boolean
     severity?: boolean
+    expiresAt?: boolean
     userId?: boolean
     clientId?: boolean
     mcpServerId?: boolean
@@ -13874,6 +13947,7 @@ export namespace Prisma {
     timestamp?: boolean
     eventType?: boolean
     severity?: boolean
+    expiresAt?: boolean
     userId?: boolean
     clientId?: boolean
     mcpServerId?: boolean
@@ -13899,6 +13973,7 @@ export namespace Prisma {
     timestamp?: boolean
     eventType?: boolean
     severity?: boolean
+    expiresAt?: boolean
     userId?: boolean
     clientId?: boolean
     mcpServerId?: boolean
@@ -13916,7 +13991,7 @@ export namespace Prisma {
     resolvedBy?: boolean
   }
 
-  export type AnalyticsSecurityOmit<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = $Extensions.GetOmit<"id" | "timestamp" | "eventType" | "severity" | "userId" | "clientId" | "mcpServerId" | "ipAddress" | "userAgent" | "endpoint" | "country" | "city" | "organization" | "ssoProvider" | "details" | "riskScore" | "resolved" | "resolvedAt" | "resolvedBy", ExtArgs["result"]["analyticsSecurity"]>
+  export type AnalyticsSecurityOmit<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = $Extensions.GetOmit<"id" | "timestamp" | "eventType" | "severity" | "expiresAt" | "userId" | "clientId" | "mcpServerId" | "ipAddress" | "userAgent" | "endpoint" | "country" | "city" | "organization" | "ssoProvider" | "details" | "riskScore" | "resolved" | "resolvedAt" | "resolvedBy", ExtArgs["result"]["analyticsSecurity"]>
   export type AnalyticsSecurityInclude<ExtArgs extends $Extensions.InternalArgs = $Extensions.DefaultArgs> = {
     user?: boolean | AnalyticsSecurity$userArgs<ExtArgs>
     client?: boolean | AnalyticsSecurity$clientArgs<ExtArgs>
@@ -13945,6 +14020,7 @@ export namespace Prisma {
       timestamp: Date
       eventType: $Enums.SecurityEventType
       severity: string
+      expiresAt: Date
       userId: string | null
       clientId: string | null
       mcpServerId: string | null
@@ -14390,6 +14466,7 @@ export namespace Prisma {
     readonly timestamp: FieldRef<"AnalyticsSecurity", 'DateTime'>
     readonly eventType: FieldRef<"AnalyticsSecurity", 'SecurityEventType'>
     readonly severity: FieldRef<"AnalyticsSecurity", 'String'>
+    readonly expiresAt: FieldRef<"AnalyticsSecurity", 'DateTime'>
     readonly userId: FieldRef<"AnalyticsSecurity", 'String'>
     readonly clientId: FieldRef<"AnalyticsSecurity", 'String'>
     readonly mcpServerId: FieldRef<"AnalyticsSecurity", 'String'>
@@ -15014,6 +15091,7 @@ export namespace Prisma {
     method: 'method',
     statusCode: 'statusCode',
     responseTime: 'responseTime',
+    expiresAt: 'expiresAt',
     clientId: 'clientId',
     userId: 'userId',
     mcpServerId: 'mcpServerId',
@@ -15028,7 +15106,11 @@ export namespace Prisma {
     clientType: 'clientType',
     platform: 'platform',
     mcpMethod: 'mcpMethod',
-    toolName: 'toolName'
+    toolName: 'toolName',
+    oauthGrantType: 'oauthGrantType',
+    tokenScopes: 'tokenScopes',
+    usePKCE: 'usePKCE',
+    redirectUri: 'redirectUri'
   };
 
   export type AnalyticsRequestScalarFieldEnum = (typeof AnalyticsRequestScalarFieldEnum)[keyof typeof AnalyticsRequestScalarFieldEnum]
@@ -15039,6 +15121,7 @@ export namespace Prisma {
     timestamp: 'timestamp',
     eventType: 'eventType',
     severity: 'severity',
+    expiresAt: 'expiresAt',
     userId: 'userId',
     clientId: 'clientId',
     mcpServerId: 'mcpServerId',
@@ -15146,6 +15229,13 @@ export namespace Prisma {
     
 
 
+  /**
+   * Reference to a field of type 'Boolean'
+   */
+  export type BooleanFieldRefInput<$PrismaModel> = FieldRefInputType<$PrismaModel, 'Boolean'>
+    
+
+
   /**
    * Reference to a field of type 'SecurityEventType'
    */
@@ -15174,13 +15264,6 @@ export namespace Prisma {
     
 
 
-  /**
-   * Reference to a field of type 'Boolean'
-   */
-  export type BooleanFieldRefInput<$PrismaModel> = FieldRefInputType<$PrismaModel, 'Boolean'>
-    
-
-
   /**
    * Reference to a field of type 'Float'
    */
@@ -15842,6 +15925,7 @@ export namespace Prisma {
     method?: StringFilter<"AnalyticsRequest"> | string
     statusCode?: IntFilter<"AnalyticsRequest"> | number
     responseTime?: IntFilter<"AnalyticsRequest"> | number
+    expiresAt?: DateTimeFilter<"AnalyticsRequest"> | Date | string
     clientId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     userId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsRequest"> | string | null
@@ -15857,6 +15941,10 @@ export namespace Prisma {
     platform?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpMethod?: StringNullableFilter<"AnalyticsRequest"> | string | null
     toolName?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    oauthGrantType?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    tokenScopes?: StringNullableListFilter<"AnalyticsRequest">
+    usePKCE?: BoolNullableFilter<"AnalyticsRequest"> | boolean | null
+    redirectUri?: StringNullableFilter<"AnalyticsRequest"> | string | null
     client?: XOR<ClientNullableScalarRelationFilter, ClientWhereInput> | null
     user?: XOR<UserNullableScalarRelationFilter, UserWhereInput> | null
     mcpServer?: XOR<MCPServerNullableScalarRelationFilter, MCPServerWhereInput> | null
@@ -15869,6 +15957,7 @@ export namespace Prisma {
     method?: SortOrder
     statusCode?: SortOrder
     responseTime?: SortOrder
+    expiresAt?: SortOrder
     clientId?: SortOrderInput | SortOrder
     userId?: SortOrderInput | SortOrder
     mcpServerId?: SortOrderInput | SortOrder
@@ -15884,6 +15973,10 @@ export namespace Prisma {
     platform?: SortOrderInput | SortOrder
     mcpMethod?: SortOrderInput | SortOrder
     toolName?: SortOrderInput | SortOrder
+    oauthGrantType?: SortOrderInput | SortOrder
+    tokenScopes?: SortOrder
+    usePKCE?: SortOrderInput | SortOrder
+    redirectUri?: SortOrderInput | SortOrder
     client?: ClientOrderByWithRelationInput
     user?: UserOrderByWithRelationInput
     mcpServer?: MCPServerOrderByWithRelationInput
@@ -15899,6 +15992,7 @@ export namespace Prisma {
     method?: StringFilter<"AnalyticsRequest"> | string
     statusCode?: IntFilter<"AnalyticsRequest"> | number
     responseTime?: IntFilter<"AnalyticsRequest"> | number
+    expiresAt?: DateTimeFilter<"AnalyticsRequest"> | Date | string
     clientId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     userId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsRequest"> | string | null
@@ -15914,6 +16008,10 @@ export namespace Prisma {
     platform?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpMethod?: StringNullableFilter<"AnalyticsRequest"> | string | null
     toolName?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    oauthGrantType?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    tokenScopes?: StringNullableListFilter<"AnalyticsRequest">
+    usePKCE?: BoolNullableFilter<"AnalyticsRequest"> | boolean | null
+    redirectUri?: StringNullableFilter<"AnalyticsRequest"> | string | null
     client?: XOR<ClientNullableScalarRelationFilter, ClientWhereInput> | null
     user?: XOR<UserNullableScalarRelationFilter, UserWhereInput> | null
     mcpServer?: XOR<MCPServerNullableScalarRelationFilter, MCPServerWhereInput> | null
@@ -15926,6 +16024,7 @@ export namespace Prisma {
     method?: SortOrder
     statusCode?: SortOrder
     responseTime?: SortOrder
+    expiresAt?: SortOrder
     clientId?: SortOrderInput | SortOrder
     userId?: SortOrderInput | SortOrder
     mcpServerId?: SortOrderInput | SortOrder
@@ -15941,6 +16040,10 @@ export namespace Prisma {
     platform?: SortOrderInput | SortOrder
     mcpMethod?: SortOrderInput | SortOrder
     toolName?: SortOrderInput | SortOrder
+    oauthGrantType?: SortOrderInput | SortOrder
+    tokenScopes?: SortOrder
+    usePKCE?: SortOrderInput | SortOrder
+    redirectUri?: SortOrderInput | SortOrder
     _count?: AnalyticsRequestCountOrderByAggregateInput
     _avg?: AnalyticsRequestAvgOrderByAggregateInput
     _max?: AnalyticsRequestMaxOrderByAggregateInput
@@ -15958,6 +16061,7 @@ export namespace Prisma {
     method?: StringWithAggregatesFilter<"AnalyticsRequest"> | string
     statusCode?: IntWithAggregatesFilter<"AnalyticsRequest"> | number
     responseTime?: IntWithAggregatesFilter<"AnalyticsRequest"> | number
+    expiresAt?: DateTimeWithAggregatesFilter<"AnalyticsRequest"> | Date | string
     clientId?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
     userId?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
     mcpServerId?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
@@ -15973,6 +16077,10 @@ export namespace Prisma {
     platform?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
     mcpMethod?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
     toolName?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
+    oauthGrantType?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
+    tokenScopes?: StringNullableListFilter<"AnalyticsRequest">
+    usePKCE?: BoolNullableWithAggregatesFilter<"AnalyticsRequest"> | boolean | null
+    redirectUri?: StringNullableWithAggregatesFilter<"AnalyticsRequest"> | string | null
   }
 
   export type AnalyticsSecurityWhereInput = {
@@ -15983,6 +16091,7 @@ export namespace Prisma {
     timestamp?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     eventType?: EnumSecurityEventTypeFilter<"AnalyticsSecurity"> | $Enums.SecurityEventType
     severity?: StringFilter<"AnalyticsSecurity"> | string
+    expiresAt?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     userId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     clientId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
@@ -16008,6 +16117,7 @@ export namespace Prisma {
     timestamp?: SortOrder
     eventType?: SortOrder
     severity?: SortOrder
+    expiresAt?: SortOrder
     userId?: SortOrderInput | SortOrder
     clientId?: SortOrderInput | SortOrder
     mcpServerId?: SortOrderInput | SortOrder
@@ -16036,6 +16146,7 @@ export namespace Prisma {
     timestamp?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     eventType?: EnumSecurityEventTypeFilter<"AnalyticsSecurity"> | $Enums.SecurityEventType
     severity?: StringFilter<"AnalyticsSecurity"> | string
+    expiresAt?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     userId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     clientId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
@@ -16061,6 +16172,7 @@ export namespace Prisma {
     timestamp?: SortOrder
     eventType?: SortOrder
     severity?: SortOrder
+    expiresAt?: SortOrder
     userId?: SortOrderInput | SortOrder
     clientId?: SortOrderInput | SortOrder
     mcpServerId?: SortOrderInput | SortOrder
@@ -16091,6 +16203,7 @@ export namespace Prisma {
     timestamp?: DateTimeWithAggregatesFilter<"AnalyticsSecurity"> | Date | string
     eventType?: EnumSecurityEventTypeWithAggregatesFilter<"AnalyticsSecurity"> | $Enums.SecurityEventType
     severity?: StringWithAggregatesFilter<"AnalyticsSecurity"> | string
+    expiresAt?: DateTimeWithAggregatesFilter<"AnalyticsSecurity"> | Date | string
     userId?: StringNullableWithAggregatesFilter<"AnalyticsSecurity"> | string | null
     clientId?: StringNullableWithAggregatesFilter<"AnalyticsSecurity"> | string | null
     mcpServerId?: StringNullableWithAggregatesFilter<"AnalyticsSecurity"> | string | null
@@ -16796,6 +16909,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     ssoProvider?: string | null
     userRole?: string | null
     scopes?: AnalyticsRequestCreatescopesInput | string[]
@@ -16808,6 +16922,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
     client?: ClientCreateNestedOneWithoutAnalyticsRequestsInput
     user?: UserCreateNestedOneWithoutAnalyticsRequestsInput
     mcpServer?: MCPServerCreateNestedOneWithoutRequestsInput
@@ -16820,6 +16938,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     userId?: string | null
     mcpServerId?: string | null
@@ -16835,6 +16954,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsRequestUpdateInput = {
@@ -16844,6 +16967,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
     userRole?: NullableStringFieldUpdateOperationsInput | string | null
     scopes?: AnalyticsRequestUpdatescopesInput | string[]
@@ -16856,6 +16980,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
     client?: ClientUpdateOneWithoutAnalyticsRequestsNestedInput
     user?: UserUpdateOneWithoutAnalyticsRequestsNestedInput
     mcpServer?: MCPServerUpdateOneWithoutRequestsNestedInput
@@ -16868,6 +16996,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
@@ -16883,6 +17012,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsRequestCreateManyInput = {
@@ -16892,6 +17025,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     userId?: string | null
     mcpServerId?: string | null
@@ -16907,6 +17041,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsRequestUpdateManyMutationInput = {
@@ -16916,6 +17054,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
     userRole?: NullableStringFieldUpdateOperationsInput | string | null
     scopes?: AnalyticsRequestUpdatescopesInput | string[]
@@ -16928,6 +17067,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsRequestUncheckedUpdateManyInput = {
@@ -16937,6 +17080,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
@@ -16952,6 +17096,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsSecurityCreateInput = {
@@ -16959,6 +17107,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     ipAddress: string
     userAgent: string
     endpoint?: string | null
@@ -16981,6 +17130,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     clientId?: string | null
     mcpServerId?: string | null
@@ -17003,6 +17153,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ipAddress?: StringFieldUpdateOperationsInput | string
     userAgent?: StringFieldUpdateOperationsInput | string
     endpoint?: NullableStringFieldUpdateOperationsInput | string | null
@@ -17025,6 +17176,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
@@ -17047,6 +17199,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     clientId?: string | null
     mcpServerId?: string | null
@@ -17069,6 +17222,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ipAddress?: StringFieldUpdateOperationsInput | string
     userAgent?: StringFieldUpdateOperationsInput | string
     endpoint?: NullableStringFieldUpdateOperationsInput | string | null
@@ -17088,6 +17242,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
@@ -17653,6 +17808,11 @@ export namespace Prisma {
     not?: NestedIntFilter<$PrismaModel> | number
   }
 
+  export type BoolNullableFilter<$PrismaModel = never> = {
+    equals?: boolean | BooleanFieldRefInput<$PrismaModel> | null
+    not?: NestedBoolNullableFilter<$PrismaModel> | boolean | null
+  }
+
   export type ClientNullableScalarRelationFilter = {
     is?: ClientWhereInput | null
     isNot?: ClientWhereInput | null
@@ -17670,6 +17830,7 @@ export namespace Prisma {
     method?: SortOrder
     statusCode?: SortOrder
     responseTime?: SortOrder
+    expiresAt?: SortOrder
     clientId?: SortOrder
     userId?: SortOrder
     mcpServerId?: SortOrder
@@ -17685,6 +17846,10 @@ export namespace Prisma {
     platform?: SortOrder
     mcpMethod?: SortOrder
     toolName?: SortOrder
+    oauthGrantType?: SortOrder
+    tokenScopes?: SortOrder
+    usePKCE?: SortOrder
+    redirectUri?: SortOrder
   }
 
   export type AnalyticsRequestAvgOrderByAggregateInput = {
@@ -17699,6 +17864,7 @@ export namespace Prisma {
     method?: SortOrder
     statusCode?: SortOrder
     responseTime?: SortOrder
+    expiresAt?: SortOrder
     clientId?: SortOrder
     userId?: SortOrder
     mcpServerId?: SortOrder
@@ -17713,6 +17879,9 @@ export namespace Prisma {
     platform?: SortOrder
     mcpMethod?: SortOrder
     toolName?: SortOrder
+    oauthGrantType?: SortOrder
+    usePKCE?: SortOrder
+    redirectUri?: SortOrder
   }
 
   export type AnalyticsRequestMinOrderByAggregateInput = {
@@ -17722,6 +17891,7 @@ export namespace Prisma {
     method?: SortOrder
     statusCode?: SortOrder
     responseTime?: SortOrder
+    expiresAt?: SortOrder
     clientId?: SortOrder
     userId?: SortOrder
     mcpServerId?: SortOrder
@@ -17736,6 +17906,9 @@ export namespace Prisma {
     platform?: SortOrder
     mcpMethod?: SortOrder
     toolName?: SortOrder
+    oauthGrantType?: SortOrder
+    usePKCE?: SortOrder
+    redirectUri?: SortOrder
   }
 
   export type AnalyticsRequestSumOrderByAggregateInput = {
@@ -17759,6 +17932,14 @@ export namespace Prisma {
     _max?: NestedIntFilter<$PrismaModel>
   }
 
+  export type BoolNullableWithAggregatesFilter<$PrismaModel = never> = {
+    equals?: boolean | BooleanFieldRefInput<$PrismaModel> | null
+    not?: NestedBoolNullableWithAggregatesFilter<$PrismaModel> | boolean | null
+    _count?: NestedIntNullableFilter<$PrismaModel>
+    _min?: NestedBoolNullableFilter<$PrismaModel>
+    _max?: NestedBoolNullableFilter<$PrismaModel>
+  }
+
   export type EnumSecurityEventTypeFilter<$PrismaModel = never> = {
     equals?: $Enums.SecurityEventType | EnumSecurityEventTypeFieldRefInput<$PrismaModel>
     in?: $Enums.SecurityEventType[] | ListEnumSecurityEventTypeFieldRefInput<$PrismaModel>
@@ -17799,6 +17980,7 @@ export namespace Prisma {
     timestamp?: SortOrder
     eventType?: SortOrder
     severity?: SortOrder
+    expiresAt?: SortOrder
     userId?: SortOrder
     clientId?: SortOrder
     mcpServerId?: SortOrder
@@ -17825,6 +18007,7 @@ export namespace Prisma {
     timestamp?: SortOrder
     eventType?: SortOrder
     severity?: SortOrder
+    expiresAt?: SortOrder
     userId?: SortOrder
     clientId?: SortOrder
     mcpServerId?: SortOrder
@@ -17846,6 +18029,7 @@ export namespace Prisma {
     timestamp?: SortOrder
     eventType?: SortOrder
     severity?: SortOrder
+    expiresAt?: SortOrder
     userId?: SortOrder
     clientId?: SortOrder
     mcpServerId?: SortOrder
@@ -18705,6 +18889,10 @@ export namespace Prisma {
     set: string[]
   }
 
+  export type AnalyticsRequestCreatetokenScopesInput = {
+    set: string[]
+  }
+
   export type ClientCreateNestedOneWithoutAnalyticsRequestsInput = {
     create?: XOR<ClientCreateWithoutAnalyticsRequestsInput, ClientUncheckedCreateWithoutAnalyticsRequestsInput>
     connectOrCreate?: ClientCreateOrConnectWithoutAnalyticsRequestsInput
@@ -18736,6 +18924,15 @@ export namespace Prisma {
     push?: string | string[]
   }
 
+  export type AnalyticsRequestUpdatetokenScopesInput = {
+    set?: string[]
+    push?: string | string[]
+  }
+
+  export type NullableBoolFieldUpdateOperationsInput = {
+    set?: boolean | null
+  }
+
   export type ClientUpdateOneWithoutAnalyticsRequestsNestedInput = {
     create?: XOR<ClientCreateWithoutAnalyticsRequestsInput, ClientUncheckedCreateWithoutAnalyticsRequestsInput>
     connectOrCreate?: ClientCreateOrConnectWithoutAnalyticsRequestsInput
@@ -18983,6 +19180,11 @@ export namespace Prisma {
     _max?: NestedDateTimeFilter<$PrismaModel>
   }
 
+  export type NestedBoolNullableFilter<$PrismaModel = never> = {
+    equals?: boolean | BooleanFieldRefInput<$PrismaModel> | null
+    not?: NestedBoolNullableFilter<$PrismaModel> | boolean | null
+  }
+
   export type NestedIntWithAggregatesFilter<$PrismaModel = never> = {
     equals?: number | IntFieldRefInput<$PrismaModel>
     in?: number[] | ListIntFieldRefInput<$PrismaModel>
@@ -19010,6 +19212,14 @@ export namespace Prisma {
     not?: NestedFloatFilter<$PrismaModel> | number
   }
 
+  export type NestedBoolNullableWithAggregatesFilter<$PrismaModel = never> = {
+    equals?: boolean | BooleanFieldRefInput<$PrismaModel> | null
+    not?: NestedBoolNullableWithAggregatesFilter<$PrismaModel> | boolean | null
+    _count?: NestedIntNullableFilter<$PrismaModel>
+    _min?: NestedBoolNullableFilter<$PrismaModel>
+    _max?: NestedBoolNullableFilter<$PrismaModel>
+  }
+
   export type NestedEnumSecurityEventTypeFilter<$PrismaModel = never> = {
     equals?: $Enums.SecurityEventType | EnumSecurityEventTypeFieldRefInput<$PrismaModel>
     in?: $Enums.SecurityEventType[] | ListEnumSecurityEventTypeFieldRefInput<$PrismaModel>
@@ -19260,6 +19470,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     ssoProvider?: string | null
     userRole?: string | null
     scopes?: AnalyticsRequestCreatescopesInput | string[]
@@ -19272,6 +19483,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
     client?: ClientCreateNestedOneWithoutAnalyticsRequestsInput
     mcpServer?: MCPServerCreateNestedOneWithoutRequestsInput
   }
@@ -19283,6 +19498,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     mcpServerId?: string | null
     ssoProvider?: string | null
@@ -19297,6 +19513,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsRequestCreateOrConnectWithoutUserInput = {
@@ -19314,6 +19534,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     ipAddress: string
     userAgent: string
     endpoint?: string | null
@@ -19335,6 +19556,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     clientId?: string | null
     mcpServerId?: string | null
     ipAddress: string
@@ -19567,6 +19789,7 @@ export namespace Prisma {
     method?: StringFilter<"AnalyticsRequest"> | string
     statusCode?: IntFilter<"AnalyticsRequest"> | number
     responseTime?: IntFilter<"AnalyticsRequest"> | number
+    expiresAt?: DateTimeFilter<"AnalyticsRequest"> | Date | string
     clientId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     userId?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsRequest"> | string | null
@@ -19582,6 +19805,10 @@ export namespace Prisma {
     platform?: StringNullableFilter<"AnalyticsRequest"> | string | null
     mcpMethod?: StringNullableFilter<"AnalyticsRequest"> | string | null
     toolName?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    oauthGrantType?: StringNullableFilter<"AnalyticsRequest"> | string | null
+    tokenScopes?: StringNullableListFilter<"AnalyticsRequest">
+    usePKCE?: BoolNullableFilter<"AnalyticsRequest"> | boolean | null
+    redirectUri?: StringNullableFilter<"AnalyticsRequest"> | string | null
   }
 
   export type AnalyticsSecurityUpsertWithWhereUniqueWithoutUserInput = {
@@ -19608,6 +19835,7 @@ export namespace Prisma {
     timestamp?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     eventType?: EnumSecurityEventTypeFilter<"AnalyticsSecurity"> | $Enums.SecurityEventType
     severity?: StringFilter<"AnalyticsSecurity"> | string
+    expiresAt?: DateTimeFilter<"AnalyticsSecurity"> | Date | string
     userId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     clientId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
     mcpServerId?: StringNullableFilter<"AnalyticsSecurity"> | string | null
@@ -19909,6 +20137,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     ssoProvider?: string | null
     userRole?: string | null
     scopes?: AnalyticsRequestCreatescopesInput | string[]
@@ -19921,6 +20150,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
     user?: UserCreateNestedOneWithoutAnalyticsRequestsInput
     mcpServer?: MCPServerCreateNestedOneWithoutRequestsInput
   }
@@ -19932,6 +20165,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     userId?: string | null
     mcpServerId?: string | null
     ssoProvider?: string | null
@@ -19946,6 +20180,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsRequestCreateOrConnectWithoutClientInput = {
@@ -19963,6 +20201,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     ipAddress: string
     userAgent: string
     endpoint?: string | null
@@ -19984,6 +20223,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     mcpServerId?: string | null
     ipAddress: string
@@ -20594,6 +20834,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     ssoProvider?: string | null
     userRole?: string | null
     scopes?: AnalyticsRequestCreatescopesInput | string[]
@@ -20606,6 +20847,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
     client?: ClientCreateNestedOneWithoutAnalyticsRequestsInput
     user?: UserCreateNestedOneWithoutAnalyticsRequestsInput
   }
@@ -20617,6 +20862,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     userId?: string | null
     ssoProvider?: string | null
@@ -20631,6 +20877,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsRequestCreateOrConnectWithoutMcpServerInput = {
@@ -20648,6 +20898,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     ipAddress: string
     userAgent: string
     endpoint?: string | null
@@ -20669,6 +20920,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     clientId?: string | null
     ipAddress: string
@@ -21218,6 +21470,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     mcpServerId?: string | null
     ssoProvider?: string | null
@@ -21232,6 +21485,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsSecurityCreateManyUserInput = {
@@ -21239,6 +21496,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     clientId?: string | null
     mcpServerId?: string | null
     ipAddress: string
@@ -21452,6 +21710,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
     userRole?: NullableStringFieldUpdateOperationsInput | string | null
     scopes?: AnalyticsRequestUpdatescopesInput | string[]
@@ -21464,6 +21723,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
     client?: ClientUpdateOneWithoutAnalyticsRequestsNestedInput
     mcpServer?: MCPServerUpdateOneWithoutRequestsNestedInput
   }
@@ -21475,6 +21738,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21489,6 +21753,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsRequestUncheckedUpdateManyWithoutUserInput = {
@@ -21498,6 +21766,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21512,6 +21781,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsSecurityUpdateWithoutUserInput = {
@@ -21519,6 +21792,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ipAddress?: StringFieldUpdateOperationsInput | string
     userAgent?: StringFieldUpdateOperationsInput | string
     endpoint?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21540,6 +21814,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
@@ -21561,6 +21836,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
@@ -21614,6 +21890,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     userId?: string | null
     mcpServerId?: string | null
     ssoProvider?: string | null
@@ -21628,6 +21905,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsSecurityCreateManyClientInput = {
@@ -21635,6 +21916,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     mcpServerId?: string | null
     ipAddress: string
@@ -21748,6 +22030,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
     userRole?: NullableStringFieldUpdateOperationsInput | string | null
     scopes?: AnalyticsRequestUpdatescopesInput | string[]
@@ -21760,6 +22043,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
     user?: UserUpdateOneWithoutAnalyticsRequestsNestedInput
     mcpServer?: MCPServerUpdateOneWithoutRequestsNestedInput
   }
@@ -21771,6 +22058,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21785,6 +22073,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsRequestUncheckedUpdateManyWithoutClientInput = {
@@ -21794,6 +22086,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21808,6 +22101,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsSecurityUpdateWithoutClientInput = {
@@ -21815,6 +22112,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ipAddress?: StringFieldUpdateOperationsInput | string
     userAgent?: StringFieldUpdateOperationsInput | string
     endpoint?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21836,6 +22134,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
@@ -21857,6 +22156,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     mcpServerId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
@@ -21880,6 +22180,7 @@ export namespace Prisma {
     method: string
     statusCode: number
     responseTime: number
+    expiresAt?: Date | string
     clientId?: string | null
     userId?: string | null
     ssoProvider?: string | null
@@ -21894,6 +22195,10 @@ export namespace Prisma {
     platform?: string | null
     mcpMethod?: string | null
     toolName?: string | null
+    oauthGrantType?: string | null
+    tokenScopes?: AnalyticsRequestCreatetokenScopesInput | string[]
+    usePKCE?: boolean | null
+    redirectUri?: string | null
   }
 
   export type AnalyticsSecurityCreateManyMcpServerInput = {
@@ -21901,6 +22206,7 @@ export namespace Prisma {
     timestamp?: Date | string
     eventType: $Enums.SecurityEventType
     severity: string
+    expiresAt?: Date | string
     userId?: string | null
     clientId?: string | null
     ipAddress: string
@@ -21924,6 +22230,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
     userRole?: NullableStringFieldUpdateOperationsInput | string | null
     scopes?: AnalyticsRequestUpdatescopesInput | string[]
@@ -21936,6 +22243,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
     client?: ClientUpdateOneWithoutAnalyticsRequestsNestedInput
     user?: UserUpdateOneWithoutAnalyticsRequestsNestedInput
   }
@@ -21947,6 +22258,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21961,6 +22273,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsRequestUncheckedUpdateManyWithoutMcpServerInput = {
@@ -21970,6 +22286,7 @@ export namespace Prisma {
     method?: StringFieldUpdateOperationsInput | string
     statusCode?: IntFieldUpdateOperationsInput | number
     responseTime?: IntFieldUpdateOperationsInput | number
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     ssoProvider?: NullableStringFieldUpdateOperationsInput | string | null
@@ -21984,6 +22301,10 @@ export namespace Prisma {
     platform?: NullableStringFieldUpdateOperationsInput | string | null
     mcpMethod?: NullableStringFieldUpdateOperationsInput | string | null
     toolName?: NullableStringFieldUpdateOperationsInput | string | null
+    oauthGrantType?: NullableStringFieldUpdateOperationsInput | string | null
+    tokenScopes?: AnalyticsRequestUpdatetokenScopesInput | string[]
+    usePKCE?: NullableBoolFieldUpdateOperationsInput | boolean | null
+    redirectUri?: NullableStringFieldUpdateOperationsInput | string | null
   }
 
   export type AnalyticsSecurityUpdateWithoutMcpServerInput = {
@@ -21991,6 +22312,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     ipAddress?: StringFieldUpdateOperationsInput | string
     userAgent?: StringFieldUpdateOperationsInput | string
     endpoint?: NullableStringFieldUpdateOperationsInput | string | null
@@ -22012,6 +22334,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
@@ -22033,6 +22356,7 @@ export namespace Prisma {
     timestamp?: DateTimeFieldUpdateOperationsInput | Date | string
     eventType?: EnumSecurityEventTypeFieldUpdateOperationsInput | $Enums.SecurityEventType
     severity?: StringFieldUpdateOperationsInput | string
+    expiresAt?: DateTimeFieldUpdateOperationsInput | Date | string
     userId?: NullableStringFieldUpdateOperationsInput | string | null
     clientId?: NullableStringFieldUpdateOperationsInput | string | null
     ipAddress?: StringFieldUpdateOperationsInput | string
diff --git a/generated/prisma/index.js b/generated/prisma/index.js
index 54d115a..031a4a1 100644
--- a/generated/prisma/index.js
+++ b/generated/prisma/index.js
@@ -190,6 +190,7 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   method: 'method',
   statusCode: 'statusCode',
   responseTime: 'responseTime',
+  expiresAt: 'expiresAt',
   clientId: 'clientId',
   userId: 'userId',
   mcpServerId: 'mcpServerId',
@@ -204,7 +205,11 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   clientType: 'clientType',
   platform: 'platform',
   mcpMethod: 'mcpMethod',
-  toolName: 'toolName'
+  toolName: 'toolName',
+  oauthGrantType: 'oauthGrantType',
+  tokenScopes: 'tokenScopes',
+  usePKCE: 'usePKCE',
+  redirectUri: 'redirectUri'
 };
 
 exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
@@ -212,6 +217,7 @@ exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
   timestamp: 'timestamp',
   eventType: 'eventType',
   severity: 'severity',
+  expiresAt: 'expiresAt',
   userId: 'userId',
   clientId: 'clientId',
   mcpServerId: 'mcpServerId',
@@ -263,7 +269,10 @@ exports.SecurityEventType = exports.$Enums.SecurityEventType = {
   UNUSUAL_LOCATION: 'UNUSUAL_LOCATION',
   PRIVILEGE_ESCALATION: 'PRIVILEGE_ESCALATION',
   MALFORMED_REQUEST: 'MALFORMED_REQUEST',
-  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT'
+  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT',
+  OAUTH_INVALID_CLIENT: 'OAUTH_INVALID_CLIENT',
+  OAUTH_INVALID_GRANT: 'OAUTH_INVALID_GRANT',
+  OAUTH_INVALID_SCOPE: 'OAUTH_INVALID_SCOPE'
 };
 
 exports.Prisma.ModelName = {
@@ -327,8 +336,8 @@ const config = {
       }
     }
   },
-  "inlineSchema": "generator client {\n  provider   = \"prisma-client-js\"\n  output     = \"../generated/prisma\"\n  engineType = \"library\"\n}\n\ndatasource db {\n  provider = \"postgresql\"\n  url      = env(\"DATABASE_URL\")\n}\n\nmodel User {\n  id            String         @id @default(cuid())\n  name          String?\n  email         String?        @unique\n  emailVerified DateTime?\n  image         String?\n  accounts      Account[]\n  sessions      Session[]\n  clients       Client[]\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n}\n\nmodel Account {\n  id                String  @id @default(cuid())\n  userId            String\n  type              String\n  provider          String\n  providerAccountId String\n  refresh_token     String? @db.Text\n  access_token      String? @db.Text\n  expires_at        Int?\n  token_type        String?\n  scope             String?\n  id_token          String? @db.Text\n  session_state     String?\n\n  user User @relation(fields: [userId], references: [id], onDelete: Cascade)\n\n  @@unique([provider, providerAccountId])\n}\n\nmodel Session {\n  id           String   @id @default(cuid())\n  sessionToken String   @unique\n  userId       String\n  expires      DateTime\n  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n}\n\nmodel VerificationToken {\n  identifier String\n  token      String\n  expires    DateTime\n\n  @@unique([identifier, token])\n}\n\nmodel Client {\n  id            String         @id @default(cuid())\n  clientId      String         @unique @default(cuid())\n  clientSecret  String\n  name          String\n  redirectUris  String[]\n  userId        String?\n  user          User?          @relation(fields: [userId], references: [id], onDelete: Cascade)\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n}\n\nmodel AccessToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel AuthCode {\n  id                  String   @id @default(cuid())\n  code                String   @unique\n  expiresAt           DateTime\n  clientId            String\n  client              Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId              String\n  user                User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  redirectUri         String\n  codeChallenge       String?\n  codeChallengeMethod String?\n  resource            String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel RefreshToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\n// Enhanced Analytics Schema for Enterprise MCP\nmodel MCPServer {\n  id          String  @id @default(cuid())\n  name        String // \"CRM Server\", \"Finance API\", etc\n  identifier  String  @unique // mcp://crm.company.com\n  description String?\n  version     String?\n\n  // Relations\n  requests       AnalyticsRequest[]\n  securityEvents AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n\n  @@index([identifier])\n}\n\nmodel AnalyticsRequest {\n  id           String   @id @default(cuid())\n  timestamp    DateTime @default(now())\n  endpoint     String // /mcp/sse, /mcp/mcp, etc\n  method       String // GET, POST, etc\n  statusCode   Int\n  responseTime Int // milliseconds\n\n  // Enhanced client/user tracking with proper relations\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Enterprise SSO context\n  ssoProvider  String? // \"google\", \"azure-ad\", \"okta\"\n  userRole     String? // from JWT claims\n  scopes       String[] // OAuth scopes used\n  organization String? // from SSO claims\n\n  // Request metadata\n  ipAddress String\n  userAgent String @db.Text\n\n  // Geographic data (optional, populated async)\n  country String?\n  city    String?\n\n  // Derived fields for performance\n  clientType String? // mcp-client, browser, etc\n  platform   String? // windows, macos, linux\n\n  // MCP-specific tracking\n  mcpMethod String? // \"tools/list\", \"tools/call\", etc\n  toolName  String? // specific tool being called\n\n  // Indexes for fast queries\n  @@index([timestamp])\n  @@index([endpoint])\n  @@index([clientId])\n  @@index([userId])\n  @@index([mcpServerId])\n  @@index([statusCode])\n  @@index([timestamp, endpoint])\n  @@index([timestamp, clientId])\n  @@index([timestamp, userId])\n  @@index([organization])\n  @@index([ssoProvider])\n}\n\nenum SecurityEventType {\n  AUTH_FAILURE\n  INVALID_TOKEN\n  SUSPICIOUS_ACTIVITY\n  RATE_LIMIT_EXCEEDED\n  UNAUTHORIZED_ACCESS\n  TOKEN_REUSE\n  UNUSUAL_LOCATION\n  PRIVILEGE_ESCALATION\n  MALFORMED_REQUEST\n  BRUTE_FORCE_ATTEMPT\n}\n\nmodel AnalyticsSecurity {\n  id        String            @id @default(cuid())\n  timestamp DateTime          @default(now())\n  eventType SecurityEventType\n  severity  String // \"low\", \"medium\", \"high\", \"critical\"\n\n  // Enhanced context\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Request context\n  ipAddress String\n  userAgent String  @db.Text\n  endpoint  String? // endpoint where event occurred\n\n  // Geographic tracking\n  country String?\n  city    String?\n\n  // Enterprise context\n  organization String?\n  ssoProvider  String?\n\n  // Structured event details\n  details Json // structured data instead of text\n\n  // Risk scoring\n  riskScore  Int       @default(0) // 0-100\n  resolved   Boolean   @default(false)\n  resolvedAt DateTime?\n  resolvedBy String? // admin who resolved\n\n  // Indexes for security queries\n  @@index([timestamp])\n  @@index([eventType])\n  @@index([severity])\n  @@index([ipAddress])\n  @@index([userId])\n  @@index([clientId])\n  @@index([mcpServerId])\n  @@index([timestamp, eventType])\n  @@index([timestamp, severity])\n  @@index([organization])\n  @@index([resolved])\n  @@index([riskScore])\n}\n",
-  "inlineSchemaHash": "6e39df96fa8b453ddd2f6ebcd37a5f7e6bec7c4c4ce65c34bece574730aeca32",
+  "inlineSchema": "generator client {\n  provider   = \"prisma-client-js\"\n  output     = \"../generated/prisma\"\n  engineType = \"library\"\n}\n\ndatasource db {\n  provider = \"postgresql\"\n  url      = env(\"DATABASE_URL\")\n}\n\nmodel User {\n  id            String         @id @default(cuid())\n  name          String?\n  email         String?        @unique\n  emailVerified DateTime?\n  image         String?\n  accounts      Account[]\n  sessions      Session[]\n  clients       Client[]\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n}\n\nmodel Account {\n  id                String  @id @default(cuid())\n  userId            String\n  type              String\n  provider          String\n  providerAccountId String\n  refresh_token     String? @db.Text\n  access_token      String? @db.Text\n  expires_at        Int?\n  token_type        String?\n  scope             String?\n  id_token          String? @db.Text\n  session_state     String?\n\n  user User @relation(fields: [userId], references: [id], onDelete: Cascade)\n\n  @@unique([provider, providerAccountId])\n}\n\nmodel Session {\n  id           String   @id @default(cuid())\n  sessionToken String   @unique\n  userId       String\n  expires      DateTime\n  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n}\n\nmodel VerificationToken {\n  identifier String\n  token      String\n  expires    DateTime\n\n  @@unique([identifier, token])\n}\n\nmodel Client {\n  id            String         @id @default(cuid())\n  clientId      String         @unique @default(cuid())\n  clientSecret  String\n  name          String\n  redirectUris  String[]\n  userId        String?\n  user          User?          @relation(fields: [userId], references: [id], onDelete: Cascade)\n  accessTokens  AccessToken[]\n  authCodes     AuthCode[]\n  refreshTokens RefreshToken[]\n\n  // Analytics relations\n  analyticsRequests AnalyticsRequest[]\n  securityEvents    AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n}\n\nmodel AccessToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel AuthCode {\n  id                  String   @id @default(cuid())\n  code                String   @unique\n  expiresAt           DateTime\n  clientId            String\n  client              Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId              String\n  user                User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  redirectUri         String\n  codeChallenge       String?\n  codeChallengeMethod String?\n  resource            String?\n\n  createdAt DateTime @default(now())\n}\n\nmodel RefreshToken {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  expiresAt DateTime\n  clientId  String\n  client    Client   @relation(fields: [clientId], references: [id], onDelete: Cascade)\n  userId    String\n  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n  resource  String?\n\n  createdAt DateTime @default(now())\n}\n\n// Enhanced Analytics Schema for Enterprise MCP\nmodel MCPServer {\n  id          String  @id @default(cuid())\n  name        String // \"CRM Server\", \"Finance API\", etc\n  identifier  String  @unique // mcp://crm.company.com\n  description String?\n  version     String?\n\n  // Relations\n  requests       AnalyticsRequest[]\n  securityEvents AnalyticsSecurity[]\n\n  createdAt DateTime @default(now())\n  updatedAt DateTime @updatedAt\n\n  @@index([identifier])\n}\n\nmodel AnalyticsRequest {\n  id           String   @id @default(cuid())\n  timestamp    DateTime @default(now())\n  endpoint     String // /mcp/sse, /mcp/mcp, etc\n  method       String // GET, POST, etc\n  statusCode   Int\n  responseTime Int // milliseconds\n\n  // TTL field - automatically set to 14 days from creation\n  expiresAt DateTime @default(dbgenerated(\"NOW() + INTERVAL '14 days'\"))\n\n  // Enhanced client/user tracking with proper relations\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Enterprise SSO context\n  ssoProvider  String? // \"google\", \"azure-ad\", \"okta\"\n  userRole     String? // from JWT claims\n  scopes       String[] // OAuth scopes used\n  organization String? // from SSO claims\n\n  // Request metadata\n  ipAddress String\n  userAgent String @db.Text\n\n  // Geographic data (optional, populated async)\n  country String?\n  city    String?\n\n  // Derived fields for performance\n  clientType String? // mcp-client, browser, etc\n  platform   String? // windows, macos, linux\n\n  // MCP-specific tracking\n  mcpMethod String? // \"tools/list\", \"tools/call\", etc\n  toolName  String? // specific tool being called\n\n  // OAuth-specific tracking\n  oauthGrantType String? // \"authorization_code\", \"refresh_token\", \"client_credentials\"\n  tokenScopes    String[] // OAuth scopes granted/requested\n  usePKCE        Boolean? // Whether PKCE was used in this flow\n  redirectUri    String? // OAuth redirect URI used\n\n  // Indexes for fast queries\n  @@index([timestamp])\n  @@index([endpoint])\n  @@index([clientId])\n  @@index([userId])\n  @@index([mcpServerId])\n  @@index([statusCode])\n  @@index([timestamp, endpoint])\n  @@index([timestamp, clientId])\n  @@index([timestamp, userId])\n  @@index([organization])\n  @@index([ssoProvider])\n  @@index([oauthGrantType])\n  @@index([usePKCE])\n  @@index([expiresAt])\n}\n\nenum SecurityEventType {\n  AUTH_FAILURE\n  INVALID_TOKEN\n  SUSPICIOUS_ACTIVITY\n  RATE_LIMIT_EXCEEDED\n  UNAUTHORIZED_ACCESS\n  TOKEN_REUSE\n  UNUSUAL_LOCATION\n  PRIVILEGE_ESCALATION\n  MALFORMED_REQUEST\n  BRUTE_FORCE_ATTEMPT\n  OAUTH_INVALID_CLIENT\n  OAUTH_INVALID_GRANT\n  OAUTH_INVALID_SCOPE\n}\n\nmodel AnalyticsSecurity {\n  id        String            @id @default(cuid())\n  timestamp DateTime          @default(now())\n  eventType SecurityEventType\n  severity  String // \"low\", \"medium\", \"high\", \"critical\"\n\n  // TTL field - automatically set to 14 days from creation\n  expiresAt DateTime @default(dbgenerated(\"NOW() + INTERVAL '14 days'\"))\n\n  // Enhanced context\n  userId   String?\n  user     User?   @relation(fields: [userId], references: [id])\n  clientId String?\n  client   Client? @relation(fields: [clientId], references: [id])\n\n  // MCP Server context\n  mcpServerId String?\n  mcpServer   MCPServer? @relation(fields: [mcpServerId], references: [id])\n\n  // Request context\n  ipAddress String\n  userAgent String  @db.Text\n  endpoint  String? // endpoint where event occurred\n\n  // Geographic tracking\n  country String?\n  city    String?\n\n  // Enterprise context\n  organization String?\n  ssoProvider  String?\n\n  // Structured event details\n  details Json // structured data instead of text\n\n  // Risk scoring\n  riskScore  Int       @default(0) // 0-100\n  resolved   Boolean   @default(false)\n  resolvedAt DateTime?\n  resolvedBy String? // admin who resolved\n\n  // Indexes for security queries\n  @@index([timestamp])\n  @@index([eventType])\n  @@index([severity])\n  @@index([ipAddress])\n  @@index([userId])\n  @@index([clientId])\n  @@index([mcpServerId])\n  @@index([timestamp, eventType])\n  @@index([timestamp, severity])\n  @@index([organization])\n  @@index([resolved])\n  @@index([riskScore])\n  @@index([expiresAt])\n}\n",
+  "inlineSchemaHash": "5a9b45bfbe4a1dcef69adb98c31bd3ac4bd2580e153982df5607e9ed04e71ed1",
   "copyEngine": false
 }
 
@@ -349,7 +358,7 @@ if (!fs.existsSync(path.join(__dirname, 'schema.prisma'))) {
   config.isBundled = true
 }
 
-config.runtimeDataModel = JSON.parse("{\"models\":{\"User\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"email\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"emailVerified\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"image\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accounts\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Account\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessions\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Session\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clients\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"Account\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"provider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"providerAccountId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refresh_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"access_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires_at\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token_type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scope\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"id_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"session_state\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"provider\",\"providerAccountId\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"provider\",\"providerAccountId\"]}],\"isGenerated\":false},\"Session\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessionToken\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"VerificationToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"identifier\",\"token\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"identifier\",\"token\"]}],\"isGenerated\":false},\"Client\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientSecret\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUris\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AccessToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AuthCode\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"code\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallenge\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallengeMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"RefreshToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"MCPServer\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"description\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"version\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"requests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsRequest\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"method\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"statusCode\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"responseTime\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userRole\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"platform\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"toolName\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsSecurity\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"eventType\",\"kind\":\"enum\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"SecurityEventType\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"severity\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"details\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Json\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"riskScore\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Int\",\"nativeType\":null,\"default\":0,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolved\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Boolean\",\"nativeType\":null,\"default\":false,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedBy\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false}},\"enums\":{\"SecurityEventType\":{\"values\":[{\"name\":\"AUTH_FAILURE\",\"dbName\":null},{\"name\":\"INVALID_TOKEN\",\"dbName\":null},{\"name\":\"SUSPICIOUS_ACTIVITY\",\"dbName\":null},{\"name\":\"RATE_LIMIT_EXCEEDED\",\"dbName\":null},{\"name\":\"UNAUTHORIZED_ACCESS\",\"dbName\":null},{\"name\":\"TOKEN_REUSE\",\"dbName\":null},{\"name\":\"UNUSUAL_LOCATION\",\"dbName\":null},{\"name\":\"PRIVILEGE_ESCALATION\",\"dbName\":null},{\"name\":\"MALFORMED_REQUEST\",\"dbName\":null},{\"name\":\"BRUTE_FORCE_ATTEMPT\",\"dbName\":null}],\"dbName\":null}},\"types\":{}}")
+config.runtimeDataModel = JSON.parse("{\"models\":{\"User\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"email\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"emailVerified\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"image\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accounts\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Account\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessions\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Session\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clients\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"Account\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"provider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"providerAccountId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refresh_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"access_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires_at\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token_type\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scope\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"id_token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"session_state\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccountToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"provider\",\"providerAccountId\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"provider\",\"providerAccountId\"]}],\"isGenerated\":false},\"Session\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"sessionToken\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"SessionToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"VerificationToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expires\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[[\"identifier\",\"token\"]],\"uniqueIndexes\":[{\"name\":null,\"fields\":[\"identifier\",\"token\"]}],\"isGenerated\":false},\"Client\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientSecret\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUris\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"ClientToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"accessTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AccessToken\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"authCodes\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AuthCode\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"refreshTokens\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"RefreshToken\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"analyticsRequests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AccessToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AccessTokenToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AccessTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AuthCode\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"code\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AuthCodeToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AuthCodeToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallenge\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"codeChallengeMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"RefreshToken\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"token\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"ClientToRefreshToken\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"RefreshTokenToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"relationOnDelete\":\"Cascade\",\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resource\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"MCPServer\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"name\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"identifier\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":true,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"description\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"version\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"requests\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsRequest\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"securityEvents\",\"kind\":\"object\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"AnalyticsSecurity\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[],\"relationToFields\":[],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"updatedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":true}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsRequest\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"method\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"statusCode\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"responseTime\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Int\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"dbgenerated\",\"args\":[\"NOW() + INTERVAL '14 days'\"]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsRequestToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userRole\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"scopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"platform\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpMethod\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"toolName\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"oauthGrantType\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"tokenScopes\",\"kind\":\"scalar\",\"isList\":true,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"usePKCE\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Boolean\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"redirectUri\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false},\"AnalyticsSecurity\":{\"dbName\":null,\"schema\":null,\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":true,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"String\",\"nativeType\":null,\"default\":{\"name\":\"cuid\",\"args\":[1]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"timestamp\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"now\",\"args\":[]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"eventType\",\"kind\":\"enum\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"SecurityEventType\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"severity\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"DateTime\",\"nativeType\":null,\"default\":{\"name\":\"dbgenerated\",\"args\":[\"NOW() + INTERVAL '14 days'\"]},\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"user\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"User\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToUser\",\"relationFromFields\":[\"userId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"clientId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"client\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Client\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToClient\",\"relationFromFields\":[\"clientId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServerId\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":true,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"mcpServer\",\"kind\":\"object\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"MCPServer\",\"nativeType\":null,\"relationName\":\"AnalyticsSecurityToMCPServer\",\"relationFromFields\":[\"mcpServerId\"],\"relationToFields\":[\"id\"],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ipAddress\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"userAgent\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":[\"Text\",[]],\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"endpoint\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"country\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"city\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"organization\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"ssoProvider\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"details\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"Json\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"riskScore\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Int\",\"nativeType\":null,\"default\":0,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolved\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":true,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":true,\"type\":\"Boolean\",\"nativeType\":null,\"default\":false,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedAt\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"DateTime\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false},{\"name\":\"resolvedBy\",\"kind\":\"scalar\",\"isList\":false,\"isRequired\":false,\"isUnique\":false,\"isId\":false,\"isReadOnly\":false,\"hasDefaultValue\":false,\"type\":\"String\",\"nativeType\":null,\"isGenerated\":false,\"isUpdatedAt\":false}],\"primaryKey\":null,\"uniqueFields\":[],\"uniqueIndexes\":[],\"isGenerated\":false}},\"enums\":{\"SecurityEventType\":{\"values\":[{\"name\":\"AUTH_FAILURE\",\"dbName\":null},{\"name\":\"INVALID_TOKEN\",\"dbName\":null},{\"name\":\"SUSPICIOUS_ACTIVITY\",\"dbName\":null},{\"name\":\"RATE_LIMIT_EXCEEDED\",\"dbName\":null},{\"name\":\"UNAUTHORIZED_ACCESS\",\"dbName\":null},{\"name\":\"TOKEN_REUSE\",\"dbName\":null},{\"name\":\"UNUSUAL_LOCATION\",\"dbName\":null},{\"name\":\"PRIVILEGE_ESCALATION\",\"dbName\":null},{\"name\":\"MALFORMED_REQUEST\",\"dbName\":null},{\"name\":\"BRUTE_FORCE_ATTEMPT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_CLIENT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_GRANT\",\"dbName\":null},{\"name\":\"OAUTH_INVALID_SCOPE\",\"dbName\":null}],\"dbName\":null}},\"types\":{}}")
 defineDmmfProperty(exports.Prisma, config.runtimeDataModel)
 config.engineWasm = undefined
 config.compilerWasm = undefined
diff --git a/generated/prisma/package.json b/generated/prisma/package.json
index 47c4492..30db4fb 100644
--- a/generated/prisma/package.json
+++ b/generated/prisma/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "prisma-client-d3edf3846df8439dc0e0852928dc811d60ec22548bdbcac4071a46d1df5cbed7",
+  "name": "prisma-client-daecebdee2016105671ff6bd33cc493be2c97b8b1836b6bc1a22deaf6ad69e88",
   "main": "index.js",
   "types": "index.d.ts",
   "browser": "index-browser.js",
diff --git a/generated/prisma/schema.prisma b/generated/prisma/schema.prisma
index fce58a3..9bc7980 100644
--- a/generated/prisma/schema.prisma
+++ b/generated/prisma/schema.prisma
@@ -150,6 +150,9 @@ model AnalyticsRequest {
   statusCode   Int
   responseTime Int // milliseconds
 
+  // TTL field - automatically set to 14 days from creation
+  expiresAt DateTime @default(dbgenerated("NOW() + INTERVAL '14 days'"))
+
   // Enhanced client/user tracking with proper relations
   clientId String?
   client   Client? @relation(fields: [clientId], references: [id])
@@ -182,6 +185,12 @@ model AnalyticsRequest {
   mcpMethod String? // "tools/list", "tools/call", etc
   toolName  String? // specific tool being called
 
+  // OAuth-specific tracking
+  oauthGrantType String? // "authorization_code", "refresh_token", "client_credentials"
+  tokenScopes    String[] // OAuth scopes granted/requested
+  usePKCE        Boolean? // Whether PKCE was used in this flow
+  redirectUri    String? // OAuth redirect URI used
+
   // Indexes for fast queries
   @@index([timestamp])
   @@index([endpoint])
@@ -194,6 +203,9 @@ model AnalyticsRequest {
   @@index([timestamp, userId])
   @@index([organization])
   @@index([ssoProvider])
+  @@index([oauthGrantType])
+  @@index([usePKCE])
+  @@index([expiresAt])
 }
 
 enum SecurityEventType {
@@ -207,6 +219,9 @@ enum SecurityEventType {
   PRIVILEGE_ESCALATION
   MALFORMED_REQUEST
   BRUTE_FORCE_ATTEMPT
+  OAUTH_INVALID_CLIENT
+  OAUTH_INVALID_GRANT
+  OAUTH_INVALID_SCOPE
 }
 
 model AnalyticsSecurity {
@@ -215,6 +230,9 @@ model AnalyticsSecurity {
   eventType SecurityEventType
   severity  String // "low", "medium", "high", "critical"
 
+  // TTL field - automatically set to 14 days from creation
+  expiresAt DateTime @default(dbgenerated("NOW() + INTERVAL '14 days'"))
+
   // Enhanced context
   userId   String?
   user     User?   @relation(fields: [userId], references: [id])
@@ -260,4 +278,5 @@ model AnalyticsSecurity {
   @@index([organization])
   @@index([resolved])
   @@index([riskScore])
+  @@index([expiresAt])
 }
diff --git a/generated/prisma/wasm.js b/generated/prisma/wasm.js
index b515eaf..bf5d12d 100644
--- a/generated/prisma/wasm.js
+++ b/generated/prisma/wasm.js
@@ -217,6 +217,7 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   method: 'method',
   statusCode: 'statusCode',
   responseTime: 'responseTime',
+  expiresAt: 'expiresAt',
   clientId: 'clientId',
   userId: 'userId',
   mcpServerId: 'mcpServerId',
@@ -231,7 +232,11 @@ exports.Prisma.AnalyticsRequestScalarFieldEnum = {
   clientType: 'clientType',
   platform: 'platform',
   mcpMethod: 'mcpMethod',
-  toolName: 'toolName'
+  toolName: 'toolName',
+  oauthGrantType: 'oauthGrantType',
+  tokenScopes: 'tokenScopes',
+  usePKCE: 'usePKCE',
+  redirectUri: 'redirectUri'
 };
 
 exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
@@ -239,6 +244,7 @@ exports.Prisma.AnalyticsSecurityScalarFieldEnum = {
   timestamp: 'timestamp',
   eventType: 'eventType',
   severity: 'severity',
+  expiresAt: 'expiresAt',
   userId: 'userId',
   clientId: 'clientId',
   mcpServerId: 'mcpServerId',
@@ -290,7 +296,10 @@ exports.SecurityEventType = exports.$Enums.SecurityEventType = {
   UNUSUAL_LOCATION: 'UNUSUAL_LOCATION',
   PRIVILEGE_ESCALATION: 'PRIVILEGE_ESCALATION',
   MALFORMED_REQUEST: 'MALFORMED_REQUEST',
-  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT'
+  BRUTE_FORCE_ATTEMPT: 'BRUTE_FORCE_ATTEMPT',
+  OAUTH_INVALID_CLIENT: 'OAUTH_INVALID_CLIENT',
+  OAUTH_INVALID_GRANT: 'OAUTH_INVALID_GRANT',
+  OAUTH_INVALID_SCOPE: 'OAUTH_INVALID_SCOPE'
 };
 
 exports.Prisma.ModelName = {
diff --git a/lib/analytics-db.ts b/lib/analytics-db.ts
index 4afdbc5..09b27a3 100644
--- a/lib/analytics-db.ts
+++ b/lib/analytics-db.ts
@@ -23,6 +23,10 @@ interface RequestAnalytics {
   platform?: string;
   mcpMethod?: string;
   toolName?: string;
+  oauthGrantType?: string;
+  tokenScopes?: string[];
+  usePKCE?: boolean;
+  redirectUri?: string;
 }
 
 interface SecurityEvent {
@@ -58,10 +62,22 @@ class OptimizedAnalyticsCollector {
       platform
     };
 
+    console.log('[Analytics DB] Logging request:', {
+      endpoint: data.endpoint,
+      mcpMethod: data.mcpMethod,
+      toolName: data.toolName,
+      ipAddress: data.ipAddress
+    });
+
     this.requestBatch.push(enrichedData);
     
+    // For debugging: flush immediately if it's an MCP tool call
+    if (data.mcpMethod || data.toolName) {
+      console.log('[Analytics DB] Flushing immediately for MCP tool call');
+      await this.flushRequests();
+    }
     // Flush if batch is full
-    if (this.requestBatch.length >= this.BATCH_SIZE) {
+    else if (this.requestBatch.length >= this.BATCH_SIZE) {
       await this.flushRequests();
     }
 
@@ -109,7 +125,11 @@ class OptimizedAnalyticsCollector {
             clientType: req.clientType,
             platform: req.platform,
             mcpMethod: req.mcpMethod,
-            toolName: req.toolName
+            toolName: req.toolName,
+            oauthGrantType: req.oauthGrantType,
+            tokenScopes: req.tokenScopes || [],
+            usePKCE: req.usePKCE,
+            redirectUri: req.redirectUri
           })),
           skipDuplicates: true
         });
@@ -210,8 +230,26 @@ class OptimizedAnalyticsCollector {
 
   // Async geography enrichment (non-blocking)
   private enrichGeographyAsync(ip: string) {
-    // Skip for localhost/private IPs
-    if (ip === '127.0.0.1' || ip === '::1' || ip.startsWith('192.168.') || ip.startsWith('10.')) {
+    // For development: Use mock data for localhost
+    if (ip === '127.0.0.1' || ip === '::1' || ip.startsWith('192.168.') || ip.startsWith('10.') || ip.startsWith('::ffff:127.0.0.1')) {
+      // Add mock geographic data for localhost in development
+      setTimeout(async () => {
+        try {
+          await prisma.analyticsRequest.updateMany({
+            where: {
+              ipAddress: ip,
+              country: null
+            },
+            data: {
+              country: 'United States',
+              city: 'San Francisco'
+            }
+          });
+          console.log('[Analytics] Added mock geographic data for localhost');
+        } catch (error) {
+          console.warn('Failed to update localhost geographic data:', error);
+        }
+      }, 100);
       return;
     }
 
@@ -397,6 +435,7 @@ class OptimizedAnalyticsCollector {
       FROM "AnalyticsSecurity"
       WHERE timestamp >= ${cutoff}
         AND organization IS NOT NULL
+        AND "riskScore" >= 50
       GROUP BY organization, "eventType", severity
       ORDER BY event_count DESC
     ` as Array<{
@@ -449,7 +488,11 @@ class OptimizedAnalyticsCollector {
         "toolName",
         "mcpMethod",
         COUNT(*) as usage_count,
-        COUNT(DISTINCT "userId") as unique_users
+        COUNT(DISTINCT "userId") as unique_users,
+        AVG("responseTime") as avg_response_time,
+        MAX("responseTime") as max_response_time,
+        MIN("responseTime") as min_response_time,
+        COUNT(CASE WHEN "statusCode" >= 400 THEN 1 END) as error_count
       FROM "AnalyticsRequest"
       WHERE timestamp >= ${cutoff}
         AND "toolName" IS NOT NULL
@@ -461,14 +504,353 @@ class OptimizedAnalyticsCollector {
       mcpMethod: string;
       usage_count: bigint;
       unique_users: bigint;
+      avg_response_time: number;
+      max_response_time: number;
+      min_response_time: number;
+      error_count: bigint;
     }>;
 
     return result.map(r => ({
       toolName: r.toolName,
       mcpMethod: r.mcpMethod,
       usageCount: Number(r.usage_count),
-      uniqueUsers: Number(r.unique_users)
+      uniqueUsers: Number(r.unique_users),
+      avgResponseTime: Math.round(Number(r.avg_response_time) || 0),
+      maxResponseTime: Math.round(Number(r.max_response_time) || 0),
+      minResponseTime: Math.round(Number(r.min_response_time) || 0),
+      errorCount: Number(r.error_count),
+      errorRate: Number(r.usage_count) > 0 ? Math.round((Number(r.error_count) / Number(r.usage_count)) * 100 * 100) / 100 : 0
+    }));
+  }
+
+  async getToolGeographyStats(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    const result = await prisma.$queryRaw`
+      SELECT 
+        country,
+        city,
+        COUNT(*) as count
+      FROM "AnalyticsRequest"
+      WHERE timestamp >= ${cutoff} 
+        AND country IS NOT NULL 
+        AND "toolName" IS NOT NULL
+      GROUP BY country, city
+      ORDER BY count DESC
+      LIMIT 15
+    ` as Array<{ 
+      country: string; 
+      city: string | null; 
+      count: bigint; 
+    }>;
+
+    const total = result.reduce((sum, r) => sum + Number(r.count), 0);
+
+    return result.map(r => ({
+      country: r.country,
+      city: r.city,
+      count: Number(r.count),
+      percentage: total > 0 ? Math.round((Number(r.count) / total) * 100 * 100) / 100 : 0
+    }));
+  }
+
+  async getToolResponseTimeTimeSeries(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    const result = await prisma.$queryRaw`
+      SELECT 
+        DATE_TRUNC('hour', timestamp) as hour,
+        "toolName",
+        AVG("responseTime") as avg_response_time,
+        COUNT(*) as call_count,
+        PERCENTILE_CONT(0.95) WITHIN GROUP (ORDER BY "responseTime") as p95_response_time,
+        PERCENTILE_CONT(0.50) WITHIN GROUP (ORDER BY "responseTime") as p50_response_time
+      FROM "AnalyticsRequest"
+      WHERE timestamp >= ${cutoff}
+        AND "toolName" IS NOT NULL
+        AND "statusCode" < 400
+      GROUP BY hour, "toolName"
+      ORDER BY hour, "toolName"
+    ` as Array<{
+      hour: Date;
+      toolName: string;
+      avg_response_time: number;
+      call_count: bigint;
+      p95_response_time: number;
+      p50_response_time: number;
+    }>;
+
+    return result.map(r => ({
+      hour: r.hour.toISOString(),
+      toolName: r.toolName,
+      avgResponseTime: Math.round(Number(r.avg_response_time) || 0),
+      callCount: Number(r.call_count),
+      p95ResponseTime: Math.round(Number(r.p95_response_time) || 0),
+      p50ResponseTime: Math.round(Number(r.p50_response_time) || 0)
+    }));
+  }
+
+  // OAuth Analytics Functions - Meaningful MCP Metrics
+  async getOAuthMetrics(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    const [userStats, clientStats, tokenStats, authActivity] = await Promise.all([
+      // Unique users who have authorized OAuth clients
+      prisma.$queryRaw<Array<{ total_users: bigint; active_users: bigint }>>`
+        SELECT 
+          COUNT(DISTINCT u.id) as total_users,
+          COUNT(DISTINCT CASE WHEN at."expiresAt" > NOW() THEN u.id END) as active_users
+        FROM "User" u
+        LEFT JOIN "AccessToken" at ON u.id = at."userId"
+        WHERE u.id IN (
+          SELECT DISTINCT "userId" FROM "AccessToken" 
+          UNION 
+          SELECT DISTINCT "userId" FROM "AuthCode"
+        )
+      `,
+      
+      // OAuth client statistics
+      prisma.$queryRaw<Array<{ 
+        total_clients: bigint; 
+        clients_with_active_tokens: bigint;
+      }>>`
+        SELECT 
+          COUNT(DISTINCT c.id) as total_clients,
+          COUNT(DISTINCT CASE WHEN at."expiresAt" > NOW() THEN c.id END) as clients_with_active_tokens
+        FROM "Client" c
+        LEFT JOIN "AccessToken" at ON c.id = at."clientId"
+      `,
+      
+      // Active token statistics  
+      prisma.$queryRaw<Array<{ active_tokens: bigint }>>`
+        SELECT COUNT(*) as active_tokens
+        FROM "AccessToken"
+        WHERE "expiresAt" > NOW()
+      `,
+      
+      // Recent OAuth authorization activity
+      prisma.$queryRaw<Array<{
+        recent_authorizations: bigint;
+        recent_token_refreshes: bigint;
+        pkce_usage: bigint;
+        total_oauth_requests: bigint;
+      }>>`
+        SELECT 
+          COUNT(CASE WHEN "oauthGrantType" = 'authorization_code' THEN 1 END) as recent_authorizations,
+          COUNT(CASE WHEN "oauthGrantType" = 'refresh_token' THEN 1 END) as recent_token_refreshes,
+          COUNT(CASE WHEN "usePKCE" = true THEN 1 END) as pkce_usage,
+          COUNT(*) as total_oauth_requests
+        FROM "AnalyticsRequest"
+        WHERE timestamp >= ${cutoff}
+          AND "oauthGrantType" IS NOT NULL
+      `
+    ]);
+
+    const userData = userStats[0];
+    const clientData = clientStats[0];
+    const tokenData = tokenStats[0];
+    const authData = authActivity[0];
+    
+    const totalUsers = Number(userData?.total_users || 0);
+    const activeUsers = Number(userData?.active_users || 0);
+    const totalClients = Number(clientData?.total_clients || 0);
+    const activeClients = Number(clientData?.clients_with_active_tokens || 0);
+    const activeTokenCount = Number(tokenData?.active_tokens || 0);
+    const recentAuthorizations = Number(authData?.recent_authorizations || 0);
+    const recentRefreshes = Number(authData?.recent_token_refreshes || 0);
+    const pkceUsage = Number(authData?.pkce_usage || 0);
+    const totalOAuthRequests = Number(authData?.total_oauth_requests || 0);
+    
+    const pkceAdoption = totalOAuthRequests > 0 ? (pkceUsage / totalOAuthRequests) * 100 : 0;
+
+    return {
+      // User metrics (most important for MCP)
+      totalUsers,
+      activeUsers,
+      userActivity: `${activeUsers}/${totalUsers} users active`,
+      
+      // Client metrics  
+      totalClients,
+      activeClients,
+      clientActivity: `${activeClients}/${totalClients} clients active`,
+      
+      // Token metrics
+      activeTokens: activeTokenCount,
+      recentAuthorizations,
+      tokenRefreshRate: recentRefreshes / hoursBack,
+      
+      // Security metrics
+      pkceAdoption: Math.round(pkceAdoption * 100) / 100
+    };
+  }
+
+  async getOAuthClientActivity(hoursBack = 24, limit = 10) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    // Get clients with active tokens and their user activity
+    const result = await prisma.$queryRaw<Array<{
+      client_name: string;
+      client_id: string;
+      unique_users: bigint;
+      active_tokens: bigint;
+      recent_requests: bigint;
+      last_activity: Date | null;
+      user_names: string;
+    }>>`
+      SELECT 
+        c.name as client_name,
+        c."clientId" as client_id,
+        COUNT(DISTINCT at."userId") as unique_users,
+        COUNT(CASE WHEN at."expiresAt" > NOW() THEN at.id END) as active_tokens,
+        COUNT(ar.id) as recent_requests,
+        MAX(ar.timestamp) as last_activity,
+        STRING_AGG(DISTINCT u.name, ', ') as user_names
+      FROM "Client" c
+      LEFT JOIN "AccessToken" at ON c.id = at."clientId"
+      LEFT JOIN "User" u ON at."userId" = u.id
+      LEFT JOIN "AnalyticsRequest" ar ON c.id = ar."clientId" AND ar.timestamp >= ${cutoff}
+      GROUP BY c.id, c.name, c."clientId"
+      HAVING COUNT(CASE WHEN at."expiresAt" > NOW() THEN at.id END) > 0  -- Only show clients with active tokens
+      ORDER BY active_tokens DESC, unique_users DESC, last_activity DESC NULLS LAST
+      LIMIT ${limit}
+    `;
+
+    return result.map(r => ({
+      name: r.client_name,
+      clientId: r.client_id,
+      uniqueUsers: Number(r.unique_users),
+      activeTokens: Number(r.active_tokens),
+      recentRequests: Number(r.recent_requests),
+      lastActivity: r.last_activity?.toISOString() || 'Never',
+      userNames: r.user_names || 'No users',
+      // Meaningful display instead of fake data
+      status: Number(r.active_tokens) > 0 ? 'Active' : 'Inactive'
+    }));
+  }
+
+  async getExpiringTokens(hoursAhead = 24) {
+    const cutoff = new Date(Date.now() + hoursAhead * 60 * 60 * 1000);
+
+    const result = await prisma.$queryRaw`
+      SELECT 
+        c.name as client_name,
+        COUNT(at.id) as token_count,
+        EXTRACT(EPOCH FROM (MIN(at."expiresAt") - NOW())) / 3600 as hours_until_expiry
+      FROM "AccessToken" at
+      JOIN "Client" c ON at."clientId" = c.id
+      WHERE at."expiresAt" <= ${cutoff} AND at."expiresAt" > NOW()
+      GROUP BY c.name
+      ORDER BY hours_until_expiry ASC
+      LIMIT 10
+    ` as Array<{
+      client_name: string;
+      token_count: bigint;
+      hours_until_expiry: number;
+    }>;
+
+    return result.map(r => ({
+      clientName: r.client_name,
+      tokenCount: Number(r.token_count),
+      hoursUntilExpiry: Math.round(r.hours_until_expiry * 100) / 100
+    }));
+  }
+
+  async getGrantTypeDistribution(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    const result = await prisma.$queryRaw`
+      SELECT 
+        "oauthGrantType" as grant_type,
+        COUNT(*) as count
+      FROM "AnalyticsRequest"
+      WHERE timestamp >= ${cutoff}
+        AND "oauthGrantType" IS NOT NULL
+      GROUP BY "oauthGrantType"
+      ORDER BY count DESC
+    ` as Array<{
+      grant_type: string;
+      count: bigint;
+    }>;
+
+    const total = result.reduce((sum, r) => sum + Number(r.count), 0);
+
+    return result.map(r => ({
+      type: r.grant_type,
+      count: Number(r.count),
+      percentage: total > 0 ? Math.round((Number(r.count) / total) * 100 * 100) / 100 : 0
+    }));
+  }
+
+  async getOAuthSecurityEvents(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 60 * 60 * 1000);
+
+    const [events, invalidClientAttempts, invalidGrantAttempts, unauthorizedScopes] = await Promise.all([
+      // OAuth-specific security events
+      prisma.$queryRaw<Array<{
+        client_name: string | null;
+        client_id: string;
+        event_type: string;
+        severity: string;
+        count: bigint;
+        last_occurred: Date;
+      }>>`
+        SELECT 
+          c.name as client_name,
+          s."clientId" as client_id,
+          s."eventType" as event_type,
+          s.severity,
+          COUNT(*) as count,
+          MAX(s.timestamp) as last_occurred
+        FROM "AnalyticsSecurity" s
+        LEFT JOIN "Client" c ON s."clientId" = c.id
+        WHERE s.timestamp >= ${cutoff}
+          AND s."clientId" IS NOT NULL
+        GROUP BY c.name, s."clientId", s."eventType", s.severity
+        ORDER BY count DESC, last_occurred DESC
+        LIMIT 20
+      `,
+
+      // Count invalid client attempts
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: cutoff },
+          eventType: { in: ['AUTH_FAILURE'] }
+        }
+      }),
+
+      // Count invalid grant attempts  
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: cutoff },
+          eventType: 'INVALID_TOKEN'
+        }
+      }),
+
+      // Count unauthorized scope requests
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: cutoff },
+          eventType: 'UNAUTHORIZED_ACCESS'
+        }
+      })
+    ]);
+
+    const mappedEvents = events.map(e => ({
+      clientName: e.client_name || 'Unknown Client',
+      clientId: e.client_id,
+      eventType: e.event_type,
+      severity: e.severity,
+      count: Number(e.count),
+      lastOccurred: e.last_occurred.toISOString()
     }));
+
+    return {
+      totalEvents: mappedEvents.reduce((sum, e) => sum + e.count, 0),
+      invalidClientAttempts,
+      invalidGrantAttempts,
+      unauthorizedScopes,
+      events: mappedEvents
+    };
   }
 
   // Cleanup old data to prevent database bloat
@@ -520,4 +902,129 @@ export const analyticsDB = new OptimizedAnalyticsCollector();
 // Note: Graceful shutdown removed for Edge Runtime compatibility
 // In production, implement cleanup in your deployment process
 
+// Security Panel Data Functions for meaningful threats only
+export interface SecurityEventsByOrg {
+  organization: string;
+  eventType: string;
+  severity: string;
+  eventCount: number;
+  avgRiskScore: number;
+}
+
+export interface PrivilegeEscalation {
+  userName: string;
+  userEmail: string;
+  eventType: string;
+  riskScore: number;
+  timestamp: string;
+  details: Record<string, unknown>;
+}
+
+export interface SecurityAnalytics {
+  totalEvents: number;
+  eventsByOrganization: SecurityEventsByOrg[];
+  privilegeEscalations: PrivilegeEscalation[];
+  criticalEvents: number;
+  highRiskEvents: number;
+  resolvedEvents: number;
+  averageRiskScore: number;
+}
+
+// Get security analytics for SecurityPanel component - only meaningful threats
+export async function getSecurityAnalytics(
+  startDate: Date = new Date(Date.now() - 30 * 24 * 60 * 60 * 1000), // Last 30 days
+  endDate: Date = new Date()
+): Promise<SecurityAnalytics> {
+  try {
+    // Get total event count (only meaningful threats with risk score >= 50)
+    const totalEvents = await prisma.analyticsSecurity.count({
+      where: {
+        timestamp: { gte: startDate, lte: endDate },
+        riskScore: { gte: 50 }
+      }
+    });
+
+    // Get events grouped by organization - using the existing function but filtered
+    const eventsByOrg = await analyticsDB.getSecurityEventsByOrganization(
+      Math.ceil((endDate.getTime() - startDate.getTime()) / (1000 * 60 * 60))
+    );
+
+    // Get privilege escalations with user details - only high risk
+    const privilegeEscalationData = await prisma.analyticsSecurity.findMany({
+      where: {
+        timestamp: { gte: startDate, lte: endDate },
+        eventType: 'PRIVILEGE_ESCALATION',
+        userId: { not: null },
+        riskScore: { gte: 70 } // Only high-risk privilege escalations
+      },
+      include: {
+        user: { select: { name: true, email: true } }
+      },
+      orderBy: { riskScore: 'desc' }
+    });
+
+    const privilegeEscalations: PrivilegeEscalation[] = privilegeEscalationData.map(event => ({
+      userName: event.user?.name || 'Unknown User',
+      userEmail: event.user?.email || 'unknown@example.com',
+      eventType: event.eventType,
+      riskScore: event.riskScore,
+      timestamp: event.timestamp.toISOString(),
+      details: event.details as Record<string, unknown>
+    }));
+
+    // Get additional statistics
+    const [criticalEvents, highRiskEvents, resolvedEvents, avgRiskScore] = await Promise.all([
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: startDate, lte: endDate },
+          severity: 'critical',
+          riskScore: { gte: 50 }
+        }
+      }),
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: startDate, lte: endDate },
+          riskScore: { gte: 70 }
+        }
+      }),
+      prisma.analyticsSecurity.count({
+        where: {
+          timestamp: { gte: startDate, lte: endDate },
+          resolved: true,
+          riskScore: { gte: 50 }
+        }
+      }),
+      prisma.analyticsSecurity.aggregate({
+        where: {
+          timestamp: { gte: startDate, lte: endDate },
+          riskScore: { gte: 50 }
+        },
+        _avg: { riskScore: true }
+      })
+    ]);
+
+    return {
+      totalEvents,
+      eventsByOrganization: eventsByOrg,
+      privilegeEscalations,
+      criticalEvents,
+      highRiskEvents,
+      resolvedEvents,
+      averageRiskScore: Math.round(avgRiskScore._avg.riskScore || 0)
+    };
+  } catch (error) {
+    console.error('Error fetching security analytics:', error);
+    // Return empty analytics on error
+    return {
+      totalEvents: 0,
+      eventsByOrganization: [],
+      privilegeEscalations: [],
+      criticalEvents: 0,
+      highRiskEvents: 0,
+      resolvedEvents: 0,
+      averageRiskScore: 0
+    };
+  }
+}
+
 export type { RequestAnalytics, SecurityEvent };
\ No newline at end of file
diff --git a/lib/security-monitor.ts b/lib/security-monitor.ts
index 8c80355..1ea3200 100644
--- a/lib/security-monitor.ts
+++ b/lib/security-monitor.ts
@@ -61,6 +61,10 @@ class SecurityMonitor {
     const bruteForceEvent = await this.checkBruteForce(context);
     if (bruteForceEvent) events.push(bruteForceEvent);
 
+    // 7. OAuth-specific threats
+    const oauthThreats = await this.checkOAuthThreats(context, request);
+    events.push(...oauthThreats);
+
     return events;
   }
 
@@ -195,38 +199,93 @@ class SecurityMonitor {
     return null;
   }
 
-  // Privilege escalation detection
+  // Real OAuth privilege escalation detection
   private async checkPrivilegeEscalation(context: SecurityContext): Promise<SecurityEvent | null> {
     if (!context.userId) return null;
 
-    // Check if user is trying to access resources above their usual scope
-    const recentScopes = await prisma.analyticsRequest.findMany({
+    // Get user's historical scopes from the last 30 days
+    const historicalScopes = await prisma.analyticsRequest.findMany({
+      where: {
+        userId: context.userId,
+        timestamp: {
+          gte: new Date(Date.now() - 30 * 24 * 60 * 60 * 1000) // Last 30 days
+        },
+        scopes: { isEmpty: false }
+      },
+      select: { scopes: true, timestamp: true },
+      orderBy: { timestamp: 'desc' },
+      take: 100
+    });
+
+    if (historicalScopes.length === 0) return null;
+
+    // Extract all historical scopes
+    const allHistoricalScopes = new Set<string>();
+    historicalScopes.forEach(record => {
+      record.scopes.forEach(scope => allHistoricalScopes.add(scope));
+    });
+
+    // Get current request scopes from context
+    const currentRequest = await prisma.analyticsRequest.findFirst({
       where: {
         userId: context.userId,
+        ipAddress: context.ipAddress,
         timestamp: {
-          gte: new Date(Date.now() - 24 * 60 * 60 * 1000) // Last 24 hours
+          gte: new Date(Date.now() - 5 * 60 * 1000) // Last 5 minutes
         }
       },
       select: { scopes: true },
-      take: 50
+      orderBy: { timestamp: 'desc' }
     });
 
-    // This would analyze scope patterns - simplified for demo
-    const hasUnusualScopes = false; // Implement scope analysis logic
+    if (!currentRequest?.scopes || currentRequest.scopes.length === 0) return null;
+
+    // Check for new elevated scopes
+    const newScopes = currentRequest.scopes.filter(scope => 
+      !allHistoricalScopes.has(scope)
+    );
 
-    if (hasUnusualScopes) {
+    // Define elevated scope patterns
+    const elevatedScopePatterns = [
+      'admin', 'write', 'delete', 'manage', 'owner', 'super',
+      'all', 'full', 'root', 'system', 'config'
+    ];
+
+    const newElevatedScopes = newScopes.filter(scope =>
+      elevatedScopePatterns.some(pattern => 
+        scope.toLowerCase().includes(pattern)
+      )
+    );
+
+    if (newElevatedScopes.length > 0) {
       return {
         eventType: SecurityEventType.PRIVILEGE_ESCALATION,
         severity: 'critical',
         details: {
-          currentScopes: [], // Would contain actual scopes
-          historicalScopes: recentScopes.filter(r => r.scopes).map(r => r.scopes),
-          reason: 'Attempt to access elevated privileges'
+          currentScopes: currentRequest.scopes,
+          newElevatedScopes,
+          historicalScopeCount: allHistoricalScopes.size,
+          reason: 'User attempting to access elevated OAuth scopes not previously granted'
         },
         riskScore: 95
       };
     }
 
+    // Check for scope explosion (too many new scopes at once)
+    if (newScopes.length >= 3) {
+      return {
+        eventType: SecurityEventType.PRIVILEGE_ESCALATION,
+        severity: 'high',
+        details: {
+          currentScopes: currentRequest.scopes,
+          newScopes,
+          historicalScopeCount: allHistoricalScopes.size,
+          reason: 'Unusual number of new OAuth scopes requested'
+        },
+        riskScore: 75
+      };
+    }
+
     return null;
   }
 
@@ -323,6 +382,190 @@ class SecurityMonitor {
     }], context);
   }
 
+  // OAuth-specific threat detection
+  private async checkOAuthThreats(context: SecurityContext, request?: NextRequest): Promise<SecurityEvent[]> {
+    const threats: SecurityEvent[] = [];
+
+    // 1. Token audience validation failures
+    const audienceEvent = await this.checkTokenAudienceViolation(context, request);
+    if (audienceEvent) threats.push(audienceEvent);
+
+    // 2. Missing/Invalid resource parameter
+    const resourceEvent = await this.checkMissingResourceParameter(context);
+    if (resourceEvent) threats.push(resourceEvent);
+
+    // 3. PKCE bypass attempts
+    const pkceEvent = await this.checkPKCEBypass(context);
+    if (pkceEvent) threats.push(pkceEvent);
+
+    // 4. Token passthrough violations
+    const passthroughEvent = await this.checkTokenPassthrough(context);
+    if (passthroughEvent) threats.push(passthroughEvent);
+
+    return threats;
+  }
+
+  // Check for token audience validation failures
+  private async checkTokenAudienceViolation(context: SecurityContext, request?: NextRequest): Promise<SecurityEvent | null> {
+    if (!request) return null;
+
+    const authHeader = request.headers.get('authorization');
+    if (!authHeader?.startsWith('Bearer ')) return null;
+
+    // Check if token is being used for wrong resource
+    const recentTokenUsage = await prisma.analyticsRequest.findMany({
+      where: {
+        userId: context.userId,
+        timestamp: {
+          gte: new Date(Date.now() - 10 * 60 * 1000) // Last 10 minutes
+        }
+      },
+      select: { endpoint: true, redirectUri: true, mcpServerId: true },
+      orderBy: { timestamp: 'desc' },
+      take: 10
+    });
+
+    // Check for token being used across different MCP servers (audience violation)
+    const uniqueServers = new Set(recentTokenUsage.map(r => r.mcpServerId).filter(Boolean));
+    
+    if (uniqueServers.size > 1) {
+      return {
+        eventType: SecurityEventType.INVALID_TOKEN,
+        severity: 'critical',
+        details: {
+          mcpServers: Array.from(uniqueServers),
+          currentEndpoint: context.endpoint,
+          reason: 'Access token used across multiple MCP server boundaries (audience violation)'
+        },
+        riskScore: 95
+      };
+    }
+
+    return null;
+  }
+
+  // Check for missing resource parameter in OAuth flows
+  private async checkMissingResourceParameter(context: SecurityContext): Promise<SecurityEvent | null> {
+    // Check OAuth authorization/token endpoints
+    if (!context.endpoint.includes('/oauth/') && !context.endpoint.includes('/token')) return null;
+
+    const recentOAuthRequests = await prisma.analyticsRequest.findMany({
+      where: {
+        userId: context.userId,
+        oauthGrantType: { not: null },
+        timestamp: {
+          gte: new Date(Date.now() - 5 * 60 * 1000) // Last 5 minutes
+        }
+      },
+      select: { redirectUri: true, oauthGrantType: true },
+      orderBy: { timestamp: 'desc' },
+      take: 5
+    });
+
+    // Check if recent OAuth requests are missing redirect URI (proxy for resource)
+    const missingRedirectRequests = recentOAuthRequests.filter(r => !r.redirectUri);
+    
+    if (missingRedirectRequests.length > 0) {
+      return {
+        eventType: SecurityEventType.OAUTH_INVALID_GRANT,
+        severity: 'high',
+        details: {
+          missingRedirectCount: missingRedirectRequests.length,
+          grantTypes: missingRedirectRequests.map(r => r.oauthGrantType),
+          reason: 'OAuth requests missing required redirect URI (potential resource parameter missing)'
+        },
+        riskScore: 80
+      };
+    }
+
+    return null;
+  }
+
+  // Check for PKCE bypass attempts
+  private async checkPKCEBypass(context: SecurityContext): Promise<SecurityEvent | null> {
+    const recentOAuthRequests = await prisma.analyticsRequest.findMany({
+      where: {
+        userId: context.userId,
+        oauthGrantType: 'authorization_code',
+        timestamp: {
+          gte: new Date(Date.now() - 15 * 60 * 1000) // Last 15 minutes
+        }
+      },
+      select: { usePKCE: true },
+      orderBy: { timestamp: 'desc' },
+      take: 10
+    });
+
+    // Check for authorization code flows without PKCE
+    const nonPKCERequests = recentOAuthRequests.filter(r => r.usePKCE === false);
+    
+    if (nonPKCERequests.length > 0) {
+      return {
+        eventType: SecurityEventType.OAUTH_INVALID_CLIENT,
+        severity: 'critical',
+        details: {
+          nonPKCECount: nonPKCERequests.length,
+          totalRequests: recentOAuthRequests.length,
+          reason: 'Authorization code flow without PKCE protection (OAuth 2.1 violation)'
+        },
+        riskScore: 90
+      };
+    }
+
+    return null;
+  }
+
+  // Check for token passthrough violations
+  private async checkTokenPassthrough(context: SecurityContext): Promise<SecurityEvent | null> {
+    if (!context.userId) return null;
+
+    // Look for patterns indicating token passthrough
+    const recentRequests = await prisma.analyticsRequest.findMany({
+      where: {
+        userId: context.userId,
+        timestamp: {
+          gte: new Date(Date.now() - 30 * 60 * 1000) // Last 30 minutes
+        }
+      },
+      select: { endpoint: true, mcpServerId: true, timestamp: true },
+      orderBy: { timestamp: 'desc' },
+      take: 20
+    });
+
+    // Check for rapid cross-service requests (potential token passthrough)
+    const serverChanges = [];
+    for (let i = 1; i < recentRequests.length; i++) {
+      const current = recentRequests[i-1];
+      const previous = recentRequests[i];
+      
+      if (current.mcpServerId !== previous.mcpServerId && 
+          current.mcpServerId && previous.mcpServerId) {
+        const timeDiff = current.timestamp.getTime() - previous.timestamp.getTime();
+        if (timeDiff < 5000) { // Less than 5 seconds apart
+          serverChanges.push({
+            fromServer: previous.mcpServerId,
+            toServer: current.mcpServerId,
+            timeDiffMs: timeDiff
+          });
+        }
+      }
+    }
+
+    if (serverChanges.length >= 2) {
+      return {
+        eventType: SecurityEventType.SUSPICIOUS_ACTIVITY,
+        severity: 'high',
+        details: {
+          serverChanges,
+          reason: 'Rapid cross-MCP server access pattern suggests potential token passthrough'
+        },
+        riskScore: 85
+      };
+    }
+
+    return null;
+  }
+
   // Utility functions (commented out to avoid unused warnings)
   // private hashToken(token: string): string {
   //   // Simple hash for demo - use proper crypto in production
diff --git a/middleware.ts b/middleware.ts
index cd157a4..c981ec9 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -25,8 +25,8 @@ export async function middleware(request: NextRequest) {
   const startTime = Date.now();
   const pathname = request.nextUrl.pathname;
   
-  // Only collect analytics for MCP endpoints
-  const shouldCollectAnalytics = pathname.startsWith('/mcp/');
+  // Collect analytics for MCP and OAuth endpoints
+  const shouldCollectAnalytics = pathname.startsWith('/mcp/') || pathname.startsWith('/api/oauth/');
   
   // Let the request proceed
   const response = NextResponse.next();
@@ -61,10 +61,31 @@ export async function middleware(request: NextRequest) {
         let mcpMethod: string | undefined;
         let toolName: string | undefined;
         
+        // OAuth-specific context
+        let oauthGrantType: string | undefined;
+        let tokenScopes: string[] = [];
+        let usePKCE: boolean | undefined;
+        let redirectUri: string | undefined;
+        
         // Extract from request path/body if available
         if (pathname.includes('/mcp/')) {
-          // This would be more sophisticated in practice
           mcpMethod = request.method === 'POST' ? 'tools/call' : 'tools/list';
+        } else if (pathname.includes('/oauth/')) {
+          // Extract OAuth-specific data from request
+          if (pathname.includes('/authorize')) {
+            const url = new URL(request.url);
+            oauthGrantType = 'authorization_code';
+            usePKCE = url.searchParams.has('code_challenge');
+            redirectUri = url.searchParams.get('redirect_uri') || undefined;
+            const scope = url.searchParams.get('scope');
+            if (scope) tokenScopes = scope.split(' ');
+          } else if (pathname.includes('/token')) {
+            const contentType = request.headers.get('content-type');
+            if (contentType?.includes('application/x-www-form-urlencoded')) {
+              // Would need to parse body for grant_type, but that's complex in middleware
+              // We'll set this in the OAuth route handlers instead
+            }
+          }
         }
         
         // Enhanced analytics data with enterprise context
@@ -84,7 +105,11 @@ export async function middleware(request: NextRequest) {
           ipAddress: ip,
           userAgent,
           mcpMethod,
-          toolName
+          toolName,
+          oauthGrantType,
+          tokenScopes,
+          usePKCE,
+          redirectUri
         };
 
         // Make a fetch call to our analytics API endpoint
@@ -142,7 +167,8 @@ export async function middleware(request: NextRequest) {
 
 export const config = {
   matcher: [
-    // Only match MCP endpoints for analytics collection
+    // Match MCP and OAuth endpoints for analytics collection
     '/mcp/:path*',
+    '/api/oauth/:path*',
   ],
 };
\ No newline at end of file
diff --git a/package.json b/package.json
index c402ea0..aa68849 100644
--- a/package.json
+++ b/package.json
@@ -15,6 +15,7 @@
     "@modelcontextprotocol/sdk": "^1.13.1",
     "@prisma/client": "^6.10.1",
     "@radix-ui/react-accordion": "^1.2.11",
+    "@radix-ui/react-collapsible": "^1.1.11",
     "@radix-ui/react-icons": "^1.3.2",
     "@radix-ui/react-select": "^2.2.5",
     "@radix-ui/react-slot": "^1.2.3",
@@ -32,6 +33,7 @@
     "prisma": "^6.10.1",
     "react": "^19.0.0",
     "react-dom": "^19.0.0",
+    "recharts": "^3.0.2",
     "tailwind-merge": "^3.3.1",
     "zod": "^3.25.67"
   },
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 5b08c30..bdcd1ff 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -23,6 +23,9 @@ importers:
       '@radix-ui/react-accordion':
         specifier: ^1.2.11
         version: 1.2.11(@types/react-dom@19.1.6(@types/react@19.1.8))(@types/react@19.1.8)(react-dom@19.1.0(react@19.1.0))(react@19.1.0)
+      '@radix-ui/react-collapsible':
+        specifier: ^1.1.11
+        version: 1.1.11(@types/react-dom@19.1.6(@types/react@19.1.8))(@types/react@19.1.8)(react-dom@19.1.0(react@19.1.0))(react@19.1.0)
       '@radix-ui/react-icons':
         specifier: ^1.3.2
         version: 1.3.2(react@19.1.0)
@@ -74,6 +77,9 @@ importers:
       react-dom:
         specifier: ^19.0.0
         version: 19.1.0(react@19.1.0)
+      recharts:
+        specifier: ^3.0.2
+        version: 3.0.2(@types/react@19.1.8)(react-dom@19.1.0(react@19.1.0))(react-is@16.13.1)(react@19.1.0)(redux@5.0.1)
       tailwind-merge:
         specifier: ^3.3.1
         version: 3.3.1
@@ -825,12 +831,29 @@ packages:
     peerDependencies:
       '@redis/client': ^1.0.0
 
+  '@reduxjs/toolkit@2.8.2':
+    resolution: {integrity: sha512-MYlOhQ0sLdw4ud48FoC5w0dH9VfWQjtCjreKwYTT3l+r427qYC5Y8PihNutepr8XrNaBUDQo9khWUwQxZaqt5A==}
+    peerDependencies:
+      react: ^16.9.0 || ^17.0.0 || ^18 || ^19
+      react-redux: ^7.2.1 || ^8.1.3 || ^9.0.0
+    peerDependenciesMeta:
+      react:
+        optional: true
+      react-redux:
+        optional: true
+
   '@rtsao/scc@1.1.0':
     resolution: {integrity: sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g==}
 
   '@rushstack/eslint-patch@1.12.0':
     resolution: {integrity: sha512-5EwMtOqvJMMa3HbmxLlF74e+3/HhwBTMcvt3nqVJgGCozO6hzIPOBlwm8mGVNR9SN2IJpxSnlxczyDjcn7qIyw==}
 
+  '@standard-schema/spec@1.0.0':
+    resolution: {integrity: sha512-m2bOd0f2RT9k8QJx1JN85cZYyH1RqFBdlwtkSlf4tBDYLCiiZnv1fIIwacK6cqwXavOydf0NPToMQgpKq+dVlA==}
+
+  '@standard-schema/utils@0.3.0':
+    resolution: {integrity: sha512-e7Mew686owMaPJVNNLs55PUvgz371nKgwsc4vxE49zsODpJEnxgxRo2y/OKrqueavXgZNMDVj3DdHFlaSAeU8g==}
+
   '@swc/counter@0.1.3':
     resolution: {integrity: sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==}
 
@@ -928,6 +951,33 @@ packages:
   '@tybys/wasm-util@0.9.0':
     resolution: {integrity: sha512-6+7nlbMVX/PVDCwaIQ8nTOPveOcFLSt8GcXdx8hD0bt39uWxYT88uXzqTd4fTvqta7oeUJqudepapKNt2DYJFw==}
 
+  '@types/d3-array@3.2.1':
+    resolution: {integrity: sha512-Y2Jn2idRrLzUfAKV2LyRImR+y4oa2AntrgID95SHJxuMUrkNXmanDSed71sRNZysveJVt1hLLemQZIady0FpEg==}
+
+  '@types/d3-color@3.1.3':
+    resolution: {integrity: sha512-iO90scth9WAbmgv7ogoq57O9YpKmFBbmoEoCHDB2xMBY0+/KVrqAaCDyCE16dUspeOvIxFFRI+0sEtqDqy2b4A==}
+
+  '@types/d3-ease@3.0.2':
+    resolution: {integrity: sha512-NcV1JjO5oDzoK26oMzbILE6HW7uVXOHLQvHshBUW4UMdZGfiY6v5BeQwh9a9tCzv+CeefZQHJt5SRgK154RtiA==}
+
+  '@types/d3-interpolate@3.0.4':
+    resolution: {integrity: sha512-mgLPETlrpVV1YRJIglr4Ez47g7Yxjl1lj7YKsiMCb27VJH9W8NVM6Bb9d8kkpG/uAQS5AmbA48q2IAolKKo1MA==}
+
+  '@types/d3-path@3.1.1':
+    resolution: {integrity: sha512-VMZBYyQvbGmWyWVea0EHs/BwLgxc+MKi1zLDCONksozI4YJMcTt8ZEuIR4Sb1MMTE8MMW49v0IwI5+b7RmfWlg==}
+
+  '@types/d3-scale@4.0.9':
+    resolution: {integrity: sha512-dLmtwB8zkAeO/juAMfnV+sItKjlsw2lKdZVVy6LRr0cBmegxSABiLEpGVmSJJ8O08i4+sGR6qQtb6WtuwJdvVw==}
+
+  '@types/d3-shape@3.1.7':
+    resolution: {integrity: sha512-VLvUQ33C+3J+8p+Daf+nYSOsjB4GXp19/S/aGo60m9h1v6XaxjiT82lKVWJCfzhtuZ3yD7i/TPeC/fuKLLOSmg==}
+
+  '@types/d3-time@3.0.4':
+    resolution: {integrity: sha512-yuzZug1nkAAaBlBBikKZTgzCeA+k1uy4ZFwWANOfKw5z5LRhV0gNA7gNkKm7HoK+HRN0wX3EkxGk0fpbWhmB7g==}
+
+  '@types/d3-timer@3.0.2':
+    resolution: {integrity: sha512-Ps3T8E8dZDam6fUyNiMkekK3XUsaUEik+idO9/YjPtfj2qruF8tFBXS7XhtE4iIXBLxhmLjP3SXpLhVf21I9Lw==}
+
   '@types/estree@1.0.8':
     resolution: {integrity: sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==}
 
@@ -948,6 +998,9 @@ packages:
   '@types/react@19.1.8':
     resolution: {integrity: sha512-AwAfQ2Wa5bCx9WP8nZL2uMZWod7J7/JSplxbTmBQ5ms6QpqNYm672H0Vu9ZVKVngQ+ii4R/byguVEUZQyeg44g==}
 
+  '@types/use-sync-external-store@0.0.6':
+    resolution: {integrity: sha512-zFDAD+tlpf2r4asuHEj0XH6pY6i0g5NeAHPn+15wk3BV6JA69eERFXC1gyGThDkVa1zCyKr5jox1+2LbV/AMLg==}
+
   '@typescript-eslint/eslint-plugin@8.35.0':
     resolution: {integrity: sha512-ijItUYaiWuce0N1SoSMrEd0b6b6lYkYt99pqCPfybd+HKVXtEvYhICfLdwp42MhiI5mp0oq7PKEL+g1cNiz/Eg==}
     engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0}
@@ -1325,6 +1378,50 @@ packages:
   csstype@3.1.3:
     resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==}
 
+  d3-array@3.2.4:
+    resolution: {integrity: sha512-tdQAmyA18i4J7wprpYq8ClcxZy3SC31QMeByyCFyRt7BVHdREQZ5lpzoe5mFEYZUWe+oq8HBvk9JjpibyEV4Jg==}
+    engines: {node: '>=12'}
+
+  d3-color@3.1.0:
+    resolution: {integrity: sha512-zg/chbXyeBtMQ1LbD/WSoW2DpC3I0mpmPdW+ynRTj/x2DAWYrIY7qeZIHidozwV24m4iavr15lNwIwLxRmOxhA==}
+    engines: {node: '>=12'}
+
+  d3-ease@3.0.1:
+    resolution: {integrity: sha512-wR/XK3D3XcLIZwpbvQwQ5fK+8Ykds1ip7A2Txe0yxncXSdq1L9skcG7blcedkOX+ZcgxGAmLX1FrRGbADwzi0w==}
+    engines: {node: '>=12'}
+
+  d3-format@3.1.0:
+    resolution: {integrity: sha512-YyUI6AEuY/Wpt8KWLgZHsIU86atmikuoOmCfommt0LYHiQSPjvX2AcFc38PX0CBpr2RCyZhjex+NS/LPOv6YqA==}
+    engines: {node: '>=12'}
+
+  d3-interpolate@3.0.1:
+    resolution: {integrity: sha512-3bYs1rOD33uo8aqJfKP3JWPAibgw8Zm2+L9vBKEHJ2Rg+viTR7o5Mmv5mZcieN+FRYaAOWX5SJATX6k1PWz72g==}
+    engines: {node: '>=12'}
+
+  d3-path@3.1.0:
+    resolution: {integrity: sha512-p3KP5HCf/bvjBSSKuXid6Zqijx7wIfNW+J/maPs+iwR35at5JCbLUT0LzF1cnjbCHWhqzQTIN2Jpe8pRebIEFQ==}
+    engines: {node: '>=12'}
+
+  d3-scale@4.0.2:
+    resolution: {integrity: sha512-GZW464g1SH7ag3Y7hXjf8RoUuAFIqklOAq3MRl4OaWabTFJY9PN/E1YklhXLh+OQ3fM9yS2nOkCoS+WLZ6kvxQ==}
+    engines: {node: '>=12'}
+
+  d3-shape@3.2.0:
+    resolution: {integrity: sha512-SaLBuwGm3MOViRq2ABk3eLoxwZELpH6zhl3FbAoJ7Vm1gofKx6El1Ib5z23NUEhF9AsGl7y+dzLe5Cw2AArGTA==}
+    engines: {node: '>=12'}
+
+  d3-time-format@4.1.0:
+    resolution: {integrity: sha512-dJxPBlzC7NugB2PDLwo9Q8JiTR3M3e4/XANkreKSUxF8vvXKqm1Yfq4Q5dl8budlunRVlUUaDUgFt7eA8D6NLg==}
+    engines: {node: '>=12'}
+
+  d3-time@3.1.0:
+    resolution: {integrity: sha512-VqKjzBLejbSMT4IgbmVgDjpkYrNWUYJnbCGo874u7MMKIWsILRX+OpX/gTk8MqjpT1A/c6HY2dCA77ZN0lkQ2Q==}
+    engines: {node: '>=12'}
+
+  d3-timer@3.0.1:
+    resolution: {integrity: sha512-ndfJ/JxxMd3nw31uyKoY2naivF+r29V+Lc0svZxe1JvvIRmi8hUsrMvdOwgS1o6uBHmiz91geQ0ylPP0aj1VUA==}
+    engines: {node: '>=12'}
+
   damerau-levenshtein@1.0.8:
     resolution: {integrity: sha512-sdQSFB7+llfUcQHUQO3+B8ERRj0Oa4w9POWMI/puGtuf7gFywGmkaLCElnudfTiKZV+NvHqL0ifzdrI8Ro7ESA==}
 
@@ -1357,6 +1454,9 @@ packages:
       supports-color:
         optional: true
 
+  decimal.js-light@2.5.1:
+    resolution: {integrity: sha512-qIMFpTMZmny+MMIitAB6D7iVPEorVw6YQRWkvarTkT4tBeSLLiHzcwj6q0MmYSFCiVpiqPJTJEYIrpcPzVEIvg==}
+
   deep-is@0.1.4:
     resolution: {integrity: sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==}
 
@@ -1436,6 +1536,9 @@ packages:
     resolution: {integrity: sha512-w+5mJ3GuFL+NjVtJlvydShqE1eN3h3PbI7/5LAsYJP/2qtuMXjfL2LpHSRqo4b4eSF5K/DH1JXKUAHSB2UW50g==}
     engines: {node: '>= 0.4'}
 
+  es-toolkit@1.39.5:
+    resolution: {integrity: sha512-z9V0qU4lx1TBXDNFWfAASWk6RNU6c6+TJBKE+FLIg8u0XJ6Yw58Hi0yX8ftEouj6p1QARRlXLFfHbIli93BdQQ==}
+
   escalade@3.2.0:
     resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==}
     engines: {node: '>=6'}
@@ -1567,6 +1670,9 @@ packages:
     resolution: {integrity: sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==}
     engines: {node: '>= 0.6'}
 
+  eventemitter3@5.0.1:
+    resolution: {integrity: sha512-GWkBvjiSZK87ELrYOSESUYeVIc9mvLLf/nXalMOS5dYrgZq9o5OVkbZAVM06CVxYsCwH9BDZFPlQTlPA1j4ahA==}
+
   eventsource-parser@3.0.3:
     resolution: {integrity: sha512-nVpZkTMM9rF6AQ9gPJpFsNAMt48wIzB5TQgiTLdHiuO8XEDhUgZEhqKlZWXbIzo9VmJ/HvysHqEaVeD5v9TPvA==}
     engines: {node: '>=20.0.0'}
@@ -1767,6 +1873,9 @@ packages:
     resolution: {integrity: sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==}
     engines: {node: '>= 4'}
 
+  immer@10.1.1:
+    resolution: {integrity: sha512-s2MPrmjovJcoMaHtx6K11Ra7oD05NT97w1IC5zpMkT6Atjr7H8LjaDd81iIxUYpMKSRRNMJE703M1Fhr/TctHw==}
+
   import-fresh@3.3.1:
     resolution: {integrity: sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==}
     engines: {node: '>=6'}
@@ -1782,6 +1891,10 @@ packages:
     resolution: {integrity: sha512-4gd7VpWNQNB4UKKCFFVcp1AVv+FMOgs9NKzjHKusc8jTMhd5eL1NqQqOpE0KzMds804/yHlglp3uxgluOqAPLw==}
     engines: {node: '>= 0.4'}
 
+  internmap@2.0.3:
+    resolution: {integrity: sha512-5Hh7Y1wQbvY5ooGgPbDaL5iYLAPzMTUrjMulskHLH6wnv/A+1q5rgEaiuqEjB+oxGXIVZs1FF+R/KPN3ZSQYYg==}
+    engines: {node: '>=12'}
+
   ipaddr.js@1.9.1:
     resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==}
     engines: {node: '>= 0.10'}
@@ -2341,6 +2454,18 @@ packages:
   react-is@16.13.1:
     resolution: {integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==}
 
+  react-redux@9.2.0:
+    resolution: {integrity: sha512-ROY9fvHhwOD9ySfrF0wmvu//bKCQ6AeZZq1nJNtbDC+kk5DuSuNX/n6YWYF/SYy7bSba4D4FSz8DJeKY/S/r+g==}
+    peerDependencies:
+      '@types/react': ^18.2.25 || ^19
+      react: ^18.0 || ^19
+      redux: ^5.0.0
+    peerDependenciesMeta:
+      '@types/react':
+        optional: true
+      redux:
+        optional: true
+
   react-remove-scroll-bar@2.3.8:
     resolution: {integrity: sha512-9r+yi9+mgU33AKcj6IbT9oRCO78WriSj6t/cF8DWBZJ9aOGPOTEDvdUDz1FwKim7QXWwmHqtdHnRJfhAxEG46Q==}
     engines: {node: '>=10'}
@@ -2375,9 +2500,25 @@ packages:
     resolution: {integrity: sha512-FS+XFBNvn3GTAWq26joslQgWNoFu08F4kl0J4CgdNKADkdSGXQyTCnKteIAJy96Br6YbpEU1LSzV5dYtjMkMDg==}
     engines: {node: '>=0.10.0'}
 
+  recharts@3.0.2:
+    resolution: {integrity: sha512-eDc3ile9qJU9Dp/EekSthQPhAVPG48/uM47jk+PF7VBQngxeW3cwQpPHb/GHC1uqwyCRWXcIrDzuHRVrnRryoQ==}
+    engines: {node: '>=18'}
+    peerDependencies:
+      react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0
+      react-dom: ^16.0.0 || ^17.0.0 || ^18.0.0 || ^19.0.0
+      react-is: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0
+
   redis@4.7.1:
     resolution: {integrity: sha512-S1bJDnqLftzHXHP8JsT5II/CtHWQrASX5K96REjWjlmWKrviSOLWmM7QnRLstAWsu1VBBV1ffV6DzCvxNP0UJQ==}
 
+  redux-thunk@3.1.0:
+    resolution: {integrity: sha512-NW2r5T6ksUKXCabzhL9z+h206HQw/NJkcLm1GPImRQ8IzfXwRGqjVhKJGauHirT0DAuyy6hjdnMZaRoAcy0Klw==}
+    peerDependencies:
+      redux: ^5.0.0
+
+  redux@5.0.1:
+    resolution: {integrity: sha512-M9/ELqF6fy8FwmkpnF0S3YKOqMyoWJ4+CS5Efg2ct3oY9daQvd/Pc71FpGZsVsbl3Cpb+IIcjBDUnnyBdQbq4w==}
+
   reflect.getprototypeof@1.0.10:
     resolution: {integrity: sha512-00o4I+DVrefhv+nX0ulyi3biSHCPDe+yLv5o/p6d/UVlirijB8E16FtfwSAi4g3tcqrQ4lRAqQSoFEZJehYEcw==}
     engines: {node: '>= 0.4'}
@@ -2386,6 +2527,9 @@ packages:
     resolution: {integrity: sha512-dYqgNSZbDwkaJ2ceRd9ojCGjBq+mOm9LmtXnAnEGyHhN/5R7iDW2TRw3h+o/jCFxus3P2LfWIIiwowAjANm7IA==}
     engines: {node: '>= 0.4'}
 
+  reselect@5.1.1:
+    resolution: {integrity: sha512-K/BG6eIky/SBpzfHZv/dd+9JBFiS4SWV7FIujVyJRux6e45+73RaUHXLmIR1f7WOMaQ0U1km6qwklRQxpJJY0w==}
+
   resolve-from@4.0.0:
     resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==}
     engines: {node: '>=4'}
@@ -2586,6 +2730,9 @@ packages:
     resolution: {integrity: sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==}
     engines: {node: '>=18'}
 
+  tiny-invariant@1.3.3:
+    resolution: {integrity: sha512-+FbBPE1o9QAYvviau/qC5SE3caw21q3xkvWKBtja5vgqOWIHHJ3ioaq1VPfn/Szqctz2bU/oYeKd9/z5BL+PVg==}
+
   tinyglobby@0.2.14:
     resolution: {integrity: sha512-tX5e7OM1HnYr2+a2C/4V0htOcSQcoSTH9KgJnVvNm5zm/cyEWKJ7j7YutsH9CxMdtOkkLFy2AHrMci9IM8IPZQ==}
     engines: {node: '>=12.0.0'}
@@ -2685,10 +2832,18 @@ packages:
       '@types/react':
         optional: true
 
+  use-sync-external-store@1.5.0:
+    resolution: {integrity: sha512-Rb46I4cGGVBmjamjphe8L/UnvJD+uPPtTkNvX5mZgqdbavhI4EbgIWJiIHXJ8bc/i9EQGPRh4DwEURJ552Do0A==}
+    peerDependencies:
+      react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0
+
   vary@1.1.2:
     resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==}
     engines: {node: '>= 0.8'}
 
+  victory-vendor@37.3.6:
+    resolution: {integrity: sha512-SbPDPdDBYp+5MJHhBCAyI7wKM3d5ivekigc2Dk2s7pgbZ9wIgIBYGVw4zGHBml/qTFbexrofXW6Gu4noGxrOwQ==}
+
   which-boxed-primitive@1.1.1:
     resolution: {integrity: sha512-TbX3mj8n0odCBFVlY8AxkqcHASw3L60jIuF8jFP78az3C2YhmGvqbHBpAjTRH2/xqYunrJ9g1jSyjCjpoWzIAA==}
     engines: {node: '>= 0.4'}
@@ -3373,10 +3528,26 @@ snapshots:
     dependencies:
       '@redis/client': 1.6.1
 
+  '@reduxjs/toolkit@2.8.2(react-redux@9.2.0(@types/react@19.1.8)(react@19.1.0)(redux@5.0.1))(react@19.1.0)':
+    dependencies:
+      '@standard-schema/spec': 1.0.0
+      '@standard-schema/utils': 0.3.0
+      immer: 10.1.1
+      redux: 5.0.1
+      redux-thunk: 3.1.0(redux@5.0.1)
+      reselect: 5.1.1
+    optionalDependencies:
+      react: 19.1.0
+      react-redux: 9.2.0(@types/react@19.1.8)(react@19.1.0)(redux@5.0.1)
+
   '@rtsao/scc@1.1.0': {}
 
   '@rushstack/eslint-patch@1.12.0': {}
 
+  '@standard-schema/spec@1.0.0': {}
+
+  '@standard-schema/utils@0.3.0': {}
+
   '@swc/counter@0.1.3': {}
 
   '@swc/helpers@0.5.15':
@@ -3460,6 +3631,30 @@ snapshots:
       tslib: 2.8.1
     optional: true
 
+  '@types/d3-array@3.2.1': {}
+
+  '@types/d3-color@3.1.3': {}
+
+  '@types/d3-ease@3.0.2': {}
+
+  '@types/d3-interpolate@3.0.4':
+    dependencies:
+      '@types/d3-color': 3.1.3
+
+  '@types/d3-path@3.1.1': {}
+
+  '@types/d3-scale@4.0.9':
+    dependencies:
+      '@types/d3-time': 3.0.4
+
+  '@types/d3-shape@3.1.7':
+    dependencies:
+      '@types/d3-path': 3.1.1
+
+  '@types/d3-time@3.0.4': {}
+
+  '@types/d3-timer@3.0.2': {}
+
   '@types/estree@1.0.8': {}
 
   '@types/json-schema@7.0.15': {}
@@ -3478,6 +3673,8 @@ snapshots:
     dependencies:
       csstype: 3.1.3
 
+  '@types/use-sync-external-store@0.0.6': {}
+
   '@typescript-eslint/eslint-plugin@8.35.0(@typescript-eslint/parser@8.35.0(eslint@9.30.0(jiti@2.4.2))(typescript@5.8.3))(eslint@9.30.0(jiti@2.4.2))(typescript@5.8.3)':
     dependencies:
       '@eslint-community/regexpp': 4.12.1
@@ -3884,6 +4081,44 @@ snapshots:
 
   csstype@3.1.3: {}
 
+  d3-array@3.2.4:
+    dependencies:
+      internmap: 2.0.3
+
+  d3-color@3.1.0: {}
+
+  d3-ease@3.0.1: {}
+
+  d3-format@3.1.0: {}
+
+  d3-interpolate@3.0.1:
+    dependencies:
+      d3-color: 3.1.0
+
+  d3-path@3.1.0: {}
+
+  d3-scale@4.0.2:
+    dependencies:
+      d3-array: 3.2.4
+      d3-format: 3.1.0
+      d3-interpolate: 3.0.1
+      d3-time: 3.1.0
+      d3-time-format: 4.1.0
+
+  d3-shape@3.2.0:
+    dependencies:
+      d3-path: 3.1.0
+
+  d3-time-format@4.1.0:
+    dependencies:
+      d3-time: 3.1.0
+
+  d3-time@3.1.0:
+    dependencies:
+      d3-array: 3.2.4
+
+  d3-timer@3.0.1: {}
+
   damerau-levenshtein@1.0.8: {}
 
   data-view-buffer@1.0.2:
@@ -3912,6 +4147,8 @@ snapshots:
     dependencies:
       ms: 2.1.3
 
+  decimal.js-light@2.5.1: {}
+
   deep-is@0.1.4: {}
 
   define-data-property@1.1.4:
@@ -4056,6 +4293,8 @@ snapshots:
       is-date-object: 1.1.0
       is-symbol: 1.1.1
 
+  es-toolkit@1.39.5: {}
+
   escalade@3.2.0: {}
 
   escape-html@1.0.3: {}
@@ -4261,6 +4500,8 @@ snapshots:
 
   etag@1.8.1: {}
 
+  eventemitter3@5.0.1: {}
+
   eventsource-parser@3.0.3: {}
 
   eventsource@3.0.7:
@@ -4487,6 +4728,8 @@ snapshots:
 
   ignore@7.0.5: {}
 
+  immer@10.1.1: {}
+
   import-fresh@3.3.1:
     dependencies:
       parent-module: 1.0.1
@@ -4502,6 +4745,8 @@ snapshots:
       hasown: 2.0.2
       side-channel: 1.1.0
 
+  internmap@2.0.3: {}
+
   ipaddr.js@1.9.1: {}
 
   is-array-buffer@3.0.5:
@@ -5002,6 +5247,15 @@ snapshots:
 
   react-is@16.13.1: {}
 
+  react-redux@9.2.0(@types/react@19.1.8)(react@19.1.0)(redux@5.0.1):
+    dependencies:
+      '@types/use-sync-external-store': 0.0.6
+      react: 19.1.0
+      use-sync-external-store: 1.5.0(react@19.1.0)
+    optionalDependencies:
+      '@types/react': 19.1.8
+      redux: 5.0.1
+
   react-remove-scroll-bar@2.3.8(@types/react@19.1.8)(react@19.1.0):
     dependencies:
       react: 19.1.0
@@ -5031,6 +5285,26 @@ snapshots:
 
   react@19.1.0: {}
 
+  recharts@3.0.2(@types/react@19.1.8)(react-dom@19.1.0(react@19.1.0))(react-is@16.13.1)(react@19.1.0)(redux@5.0.1):
+    dependencies:
+      '@reduxjs/toolkit': 2.8.2(react-redux@9.2.0(@types/react@19.1.8)(react@19.1.0)(redux@5.0.1))(react@19.1.0)
+      clsx: 2.1.1
+      decimal.js-light: 2.5.1
+      es-toolkit: 1.39.5
+      eventemitter3: 5.0.1
+      immer: 10.1.1
+      react: 19.1.0
+      react-dom: 19.1.0(react@19.1.0)
+      react-is: 16.13.1
+      react-redux: 9.2.0(@types/react@19.1.8)(react@19.1.0)(redux@5.0.1)
+      reselect: 5.1.1
+      tiny-invariant: 1.3.3
+      use-sync-external-store: 1.5.0(react@19.1.0)
+      victory-vendor: 37.3.6
+    transitivePeerDependencies:
+      - '@types/react'
+      - redux
+
   redis@4.7.1:
     dependencies:
       '@redis/bloom': 1.2.0(@redis/client@1.6.1)
@@ -5040,6 +5314,12 @@ snapshots:
       '@redis/search': 1.2.0(@redis/client@1.6.1)
       '@redis/time-series': 1.1.0(@redis/client@1.6.1)
 
+  redux-thunk@3.1.0(redux@5.0.1):
+    dependencies:
+      redux: 5.0.1
+
+  redux@5.0.1: {}
+
   reflect.getprototypeof@1.0.10:
     dependencies:
       call-bind: 1.0.8
@@ -5060,6 +5340,8 @@ snapshots:
       gopd: 1.2.0
       set-function-name: 2.0.2
 
+  reselect@5.1.1: {}
+
   resolve-from@4.0.0: {}
 
   resolve-pkg-maps@1.0.0: {}
@@ -5333,6 +5615,8 @@ snapshots:
       mkdirp: 3.0.1
       yallist: 5.0.0
 
+  tiny-invariant@1.3.3: {}
+
   tinyglobby@0.2.14:
     dependencies:
       fdir: 6.4.6(picomatch@4.0.2)
@@ -5464,8 +5748,29 @@ snapshots:
     optionalDependencies:
       '@types/react': 19.1.8
 
+  use-sync-external-store@1.5.0(react@19.1.0):
+    dependencies:
+      react: 19.1.0
+
   vary@1.1.2: {}
 
+  victory-vendor@37.3.6:
+    dependencies:
+      '@types/d3-array': 3.2.1
+      '@types/d3-ease': 3.0.2
+      '@types/d3-interpolate': 3.0.4
+      '@types/d3-scale': 4.0.9
+      '@types/d3-shape': 3.1.7
+      '@types/d3-time': 3.0.4
+      '@types/d3-timer': 3.0.2
+      d3-array: 3.2.4
+      d3-ease: 3.0.1
+      d3-interpolate: 3.0.1
+      d3-scale: 4.0.2
+      d3-shape: 3.2.0
+      d3-time: 3.1.0
+      d3-timer: 3.0.1
+
   which-boxed-primitive@1.1.1:
     dependencies:
       is-bigint: 1.1.0
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 2dbb78f..ad765a2 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -150,6 +150,9 @@ model AnalyticsRequest {
   statusCode   Int
   responseTime Int      // milliseconds
   
+  // TTL field - automatically set to 14 days from creation
+  expiresAt    DateTime @default(dbgenerated("NOW() + INTERVAL '14 days'"))
+  
   // Enhanced client/user tracking with proper relations
   clientId     String?
   client       Client?  @relation(fields: [clientId], references: [id])
@@ -182,6 +185,12 @@ model AnalyticsRequest {
   mcpMethod    String?  // "tools/list", "tools/call", etc
   toolName     String?  // specific tool being called
   
+  // OAuth-specific tracking
+  oauthGrantType String?  // "authorization_code", "refresh_token", "client_credentials"
+  tokenScopes    String[] // OAuth scopes granted/requested
+  usePKCE        Boolean? // Whether PKCE was used in this flow
+  redirectUri    String?  // OAuth redirect URI used
+  
   // Indexes for fast queries
   @@index([timestamp])
   @@index([endpoint])
@@ -194,6 +203,9 @@ model AnalyticsRequest {
   @@index([timestamp, userId])
   @@index([organization])
   @@index([ssoProvider])
+  @@index([oauthGrantType])
+  @@index([usePKCE])
+  @@index([expiresAt])
 }
 
 enum SecurityEventType {
@@ -207,6 +219,9 @@ enum SecurityEventType {
   PRIVILEGE_ESCALATION
   MALFORMED_REQUEST
   BRUTE_FORCE_ATTEMPT
+  OAUTH_INVALID_CLIENT
+  OAUTH_INVALID_GRANT
+  OAUTH_INVALID_SCOPE
 }
 
 model AnalyticsSecurity {
@@ -215,6 +230,9 @@ model AnalyticsSecurity {
   eventType  SecurityEventType
   severity   String   // "low", "medium", "high", "critical"
   
+  // TTL field - automatically set to 14 days from creation
+  expiresAt  DateTime @default(dbgenerated("NOW() + INTERVAL '14 days'"))
+  
   // Enhanced context
   userId     String?
   user       User?    @relation(fields: [userId], references: [id])
@@ -260,4 +278,5 @@ model AnalyticsSecurity {
   @@index([organization])
   @@index([resolved])
   @@index([riskScore])
+  @@index([expiresAt])
 }
diff --git a/test-chart.tsx b/test-chart.tsx
new file mode 100644
index 0000000..0519ecb
--- /dev/null
+++ b/test-chart.tsx
@@ -0,0 +1 @@
+ 
\ No newline at end of file