Merge remote-tracking branch 'origin/main' into pr-2508

# Conflicts: # packages/lib/translations/de/web.po # packages/lib/translations/en/web.po # packages/lib/translations/es/web.po # packages/lib/translations/fr/web.po # packages/lib/translations/it/web.po # packages/lib/translations/ja/web.po # packages/lib/translations/ko/web.po # packages/lib/translations/nl/web.po # packages/lib/translations/pl/web.po # packages/lib/translations/pt-BR/web.po # packages/lib/translations/zh/web.po
chore: merge main, resolve biome formatting conflicts
2026-06-27 14:50:50 +10:00 · 2026-05-14 15:44:01 +00:00 · 2026-05-12 12:12:37 +00:00 · 2026-02-17 00:57:07 +00:00 · 2026-02-16 20:25:03 +00:00 · 2026-02-16 18:40:23 +00:00
598 changed files with 8539 additions and 39964 deletions
@@ -1,122 +0,0 @@
---
-date: 2026-05-28
-title: Custom Brand Logo Url
---
-
-# Problem
-
-`brandingUrl` (the configured "Brand Website") is persisted and editable in branding
-settings, but historically it was never consumed anywhere. It flowed into the database,
-the settings form, and the admin read-only view, but never affected any rendered output.
-
-We want `brandingUrl` to actually do something, with deliberately different behavior per
-surface.
-
-# Relationship we're going for
-
-`brandingUrl` is an **email-only** linking concept. It is intentionally **not** used on
-in-app signing surfaces.
-
-| Surface | Custom branding logo configured | `brandingUrl` behavior |
-| --- | --- | --- |
-| Transactional emails (logo) | Logo shown | Logo links to `brandingUrl` when it is a safe http(s) URL; otherwise plain image |
-| Transactional emails (footer) | n/a | `brandingUrl` rendered as a link in the footer when it is a safe http(s) URL |
-| Signing pages (V1 + V2, normal + direct-template) | Logo shown | Ignored — logo is a plain image with no link |
-| Signing pages (no custom logo) | Documenso fallback shown | Fallback keeps its internal `/` link |
-| Embedded signing | Logo shown | Ignored (logo not linked) |
-| Embedded authoring/editor | Logo shown | Ignored |
-| Settings / admin branding previews | n/a | Unchanged (display only) |
-
-Rationale:
-
- On signing pages the recipient is mid-task; sending them off to an external marketing
-  site via the logo is undesirable, so the custom logo is a plain image there.
- In emails the logo and a footer link to the brand's own site are a normal, expected
-  pattern and reinforce that the email is legitimately from that brand.
-
-# Decisions
-
-## Scope
-
- Use `brandingUrl` only in transactional email rendering:
-  - The shared email logo component links the custom branding logo to `brandingUrl`.
-  - The shared email footer renders `brandingUrl` as a link.
- On signing surfaces, render a configured custom branding logo as a plain image with no
-  link wrapper. Leave the Documenso fallback logo's internal `/` link untouched.
- Do not change embedded signing, embedded authoring/editor, or settings/admin previews.
- No Prisma schema or database migration. `brandingUrl` already exists and is editable.
-
-## URL safety
-
-Rendering must be defensive because old/imported data can bypass the branding form's URL
-validation. Only treat the stored value as a usable Brand Website when it parses as an
-absolute `http:` or `https:` URL.
-
- Empty, missing, invalid, relative, or non-http(s) values are treated as "no Brand
-  Website" and produce a plain logo / no footer link.
- Do not mutate stored settings or run a cleanup migration.
- Factored into a single shared helper so both email logo and footer apply identical rules:
-  - `packages/email/utils/branding-url.ts` -> `getSafeBrandingUrl(value): string | null`.
-
-## Email rendering
-
- New shared component `packages/email/template-components/template-branding-logo.tsx`
-  (`TemplateBrandingLogo`) renders either:
-  - the custom branding logo, wrapped in a `Link` to the safe `brandingUrl` with
-    `target="_blank"` when one exists, or a plain `Img` when not; or
-  - the Documenso fallback logo (`/static/logo.png`) when custom branding is disabled or
-    no logo is set.
- This component replaced the duplicated `brandingEnabled && brandingLogo ? <Img/> : <fallback/>`
-  ternary that was copy-pasted across all transactional email templates.
- `packages/email/template-components/template-footer.tsx` renders `brandingUrl` as a
-  footer link (via `getSafeBrandingUrl`) when branding is enabled and the URL is safe.
-
-The branding context already exposes `brandingUrl` (`packages/email/providers/branding.tsx`),
-populated by `teamGlobalSettingsToBranding` / `organisationGlobalSettingsToBranding`
-(which spread `...settings`), so no additional plumbing into the email branding context was
-required.
-
-## Signing rendering
-
- `apps/remix/app/components/general/document-signing/document-signing-page-view-v1.tsx`:
-  custom logo renders as a bare `<img>`. `brandingUrl` is not read; the local branding type
-  and loader payload no longer carry it.
- `apps/remix/app/components/general/envelope-signing/envelope-signer-header.tsx` (V2,
-  shared by normal and direct-template signing): custom logo renders as a bare `<img>`; the
-  Documenso fallback keeps its `<Link to="/">`.
- `apps/remix/app/routes/_recipient+/sign.$token+/_index.tsx`: V1 loader branding payload no
-  longer includes `brandingUrl`.
- `packages/lib/server-only/envelope/get-envelope-for-recipient-signing.ts` and
-  `get-envelope-for-direct-template-signing.ts`: `brandingUrl` removed from the V2
-  `EnvelopeForSigningResponse.settings` schema/payload since it is not consumed there.
-
-# History
-
-An earlier iteration of this plan wired `brandingUrl` into the in-app signing pages so a
-custom logo linked to the Brand Website (external `<a target="_blank">`, internal `/`
-fallback otherwise) and added `brandingUrl` to the V1/V2 signing payloads. That direction
-was reversed: signing-page logos are now plain images and `brandingUrl` is email-only. The
-signing payload additions were removed.
-
-# Test coverage
-
-`packages/app-tests/e2e/signing-branding.spec.ts`:
-
- V1 normal `/sign/:token`: custom logo is a plain image, not inside a link, and no
-  `brandingUrl` link is present.
- V2 normal `/sign/:token` and V2 direct-template: same plain-image assertions.
- V2 with no custom logo: Documenso fallback still links to `/`.
- Embedded signing: no custom-logo Brand Website link is rendered.
-
-# Acceptance criteria
-
- A custom branding logo on any signing surface (V1, V2 normal, V2 direct-template, embedded)
-  renders as a plain image with no link, and `brandingUrl` is never rendered as a link there.
- Documenso fallback logos continue linking to `/`.
- In transactional emails, when a custom logo and a safe `brandingUrl` are configured, the
-  email logo links to `brandingUrl` (new tab) and the footer shows the Brand Website link.
- In transactional emails, when `brandingUrl` is empty/invalid/relative/non-http(s), the logo
-  is a plain image and no footer Brand Website link is shown.
- URL safety is enforced through the single shared `getSafeBrandingUrl` helper.
- Settings/admin branding previews are unchanged.
- No schema or migration changes.
@@ -48,7 +48,7 @@ NEXT_PRIVATE_DATABASE_URL="postgres://documenso:password@127.0.0.1:54320/documen
 NEXT_PRIVATE_DIRECT_DATABASE_URL="postgres://documenso:password@127.0.0.1:54320/documenso"

 # [[SIGNING]]
-# The transport to use for document signing. Available options: local (default) | gcloud-hsm | csc
+# The transport to use for document signing. Available options: local (default) | gcloud-hsm
 NEXT_PRIVATE_SIGNING_TRANSPORT="local"
 # OPTIONAL: The passphrase to use for the local file-based signing transport.
 NEXT_PRIVATE_SIGNING_PASSPHRASE=
@@ -70,14 +70,6 @@ NEXT_PRIVATE_SIGNING_GCLOUD_HSM_CERT_CHAIN_FILE_PATH=
 NEXT_PRIVATE_SIGNING_GCLOUD_HSM_CERT_CHAIN_CONTENTS=
 # OPTIONAL: The Google Secret Manager path to retrieve the certificate for the gcloud-hsm signing transport.
 NEXT_PRIVATE_SIGNING_GCLOUD_HSM_SECRET_MANAGER_CERT_PATH=
-# OPTIONAL: The base URL of the Cloud Signature Consortium (CSC) provider for the csc signing transport.
-NEXT_PRIVATE_SIGNING_CSC_PROVIDER_BASE_URL=
-# OPTIONAL: The OAuth client ID registered with the CSC provider for the csc signing transport.
-NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_ID=
-# OPTIONAL: The OAuth client secret registered with the CSC provider for the csc signing transport.
-NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_SECRET=
-# OPTIONAL: Default signature level for envelopes created on a CSC instance when the caller doesn't specify one. Available options: AES (default) | QES. Explicit AES/QES requests always pass through unchanged.
-NEXT_PRIVATE_SIGNING_CSC_SIGNATURE_LEVEL=
 # OPTIONAL: Comma-separated list of timestamp authority URLs for PDF signing (enables LTV and archival timestamps).
 NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY=
 # OPTIONAL: Contact info to embed in PDF signatures. Defaults to the webapp URL.
@@ -103,7 +95,7 @@ NEXT_PRIVATE_UPLOAD_ACCESS_KEY_ID="documenso"
 NEXT_PRIVATE_UPLOAD_SECRET_ACCESS_KEY="password"

 # [[SMTP]]
-# OPTIONAL: Defines the transport to use for sending emails. Available options: smtp-auth (default) | smtp-api | resend | mailchannels
+# OPTIONAL: Defines the transport to use for sending emails. Available options: smtp-auth (default) | smtp-api | mailchannels
 NEXT_PRIVATE_SMTP_TRANSPORT="smtp-auth"
 # OPTIONAL: Defines the host to use for sending emails.
 NEXT_PRIVATE_SMTP_HOST="127.0.0.1"
@@ -34,7 +34,7 @@ body:
      label: Browser [e.g., Chrome, Firefox]
  - type: input
    attributes:
-      label: Version [e.g., 2.13.0]
+      label: Version [e.g., 2.0.1]
  - type: checkboxes
    attributes:
      label: Please check the boxes that apply to this issue report.
@@ -44,3 +44,4 @@ body:
        - label: I have included relevant environment information.
        - label: I have included any relevant screenshots.
        - label: I understand that this is a voluntary contribution and that there is no guarantee of resolution.
+        - label: I want to work on creating a PR for this issue if approved
@@ -1,11 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: Security vulnerability
-    url: https://github.com/documenso/documenso/security/advisories/new
-    about: Please report security vulnerabilities privately via GitHub Security Advisories. Do not open a public issue.
-  - name: Questions & Discussions
-    url: https://github.com/documenso/documenso/discussions
-    about: Ask questions, share ideas, and discuss Documenso with the community.
-  - name: Discord
-    url: https://documen.so/discord
-    about: Chat with the community and the team.
@@ -33,3 +33,4 @@ body:
        - label: I have explained the use case or scenario for this feature.
        - label: I have included any relevant technical details or design suggestions.
        - label: I understand that this is a suggestion and that there is no guarantee of implementation.
+        - label: I want to work on creating a PR for this issue if approved
@@ -15,6 +15,17 @@ body:
      description: 'Are there any additional context or information that might be relevant to the improvement suggestion.'
    validations:
      required: false
+  - type: dropdown
+    id: assignee
+    attributes:
+      label: 'Do you want to work on this improvement?'
+      multiple: false
+      options:
+        - 'No'
+        - 'Yes'
+      default: 0
+    validations:
+      required: true
  - type: checkboxes
    attributes:
      label: 'Please check the boxes that apply to this improvement suggestion.'
@@ -1,14 +1,3 @@
-<!--
-  We are no longer accepting external pull requests.
-
-  Aside from a small group of trusted contributors we reach out to directly,
-  new external PRs will usually be closed with a request to open an issue instead.
-  This is a security decision. See https://documenso.com/blog/why-we-re-pausing-external-pull-requests
-
-  If you're a trusted contributor or maintainer, continue below.
-  Otherwise, please open a detailed issue: https://github.com/documenso/documenso/issues/new/choose
-->
-
 ## Description

 <!--- Describe the changes introduced by this pull request. -->
@@ -0,0 +1,40 @@
+---
+name: Test Addition
+about: Submit a new test, either unit or end-to-end (E2E), for review and inclusion
+---
+
+## Description
+
+<!--- Provide a clear and concise description of the new test you are adding. -->
+<!--- Explain the purpose of the test and what it aims to validate. -->
+
+## Related Issue
+
+<!--- If this test addition is related to a specific issue, reference it here using #issue_number. -->
+<!--- For example, "Fixes #123" or "Addresses #456". -->
+
+## Test Details
+
+<!--- Describe the details of the test you're adding. -->
+<!--- Include information about inputs, expected outputs, and any specific scenarios. -->
+
+- Test Name: Name of the test
+- Type: [Unit / E2E]
+- Description: Brief description of what the test checks
+- Inputs: What inputs the test uses (if applicable)
+- Expected Output: What output or behavior the test expects
+
+## Checklist
+
+<!--- Please check the boxes that apply to this pull request. -->
+<!--- You can add or remove items as needed. -->
+
+- [ ] I have written the new test and ensured it works as intended.
+- [ ] I have added necessary documentation to explain the purpose of the test.
+- [ ] I have followed the project's testing guidelines and coding style.
+- [ ] I have addressed any review feedback from previous submissions, if applicable.
+
+## Additional Notes
+
+<!--- Provide any additional context or notes for the reviewers. -->
+<!--- This might include explanations about the testing approach or any potential concerns. -->
@@ -1,10 +1,13 @@
 name: 'Welcome New Contributors'

 on:
+  pull_request:
+    types: ['opened']
  issues:
    types: ['opened']

 permissions:
+  pull-requests: write
  issues: write

 jobs:
@@ -17,7 +20,10 @@ jobs:
      - uses: actions/first-interaction@v1
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          pr-message: |
+            Thank you for creating your first Pull Request and for being a part of the open signing revolution! 💚🚀
+            <br /> Feel free to hop into our community in [Discord](https://documen.so/discord)
          issue-message: |
            Thank you for opening your first issue and for being a part of the open signing revolution!
-            <br /> One of our team members will review it and get back to you as soon as possible 💚
+            <br /> One of our team members will review it and get back to you as soon as it possible 💚
            <br /> Meanwhile, please feel free to hop into our community in [Discord](https://documen.so/discord)
@@ -0,0 +1,62 @@
+name: 'Issue Assignee Check'
+
+on:
+  issues:
+    types: ['assigned']
+
+permissions:
+  issues: write
+
+jobs:
+  countIssues:
+    if: ${{ github.event.issue.assignee }} && github.event.action == 'assigned' && github.event.sender.type == 'User'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+
+      - name: Install Octokit
+        run: npm install @octokit/rest@18
+
+      - name: Check Assigned User's Issue Count
+        id: parse-comment
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const { Octokit } = require("@octokit/rest");
+            const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
+
+            const username = context.payload.issue.assignee.login;
+            console.log(`Username Extracted: ${username}`);
+
+            const { data: issues } = await octokit.issues.listForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              assignee: username,
+              state: 'open'
+            });
+
+            const issueCount = issues.length;
+            console.log(`Issue Count For ${username}: ${issueCount}`);
+
+            if (issueCount > 3) {
+              let issueCountMessage = `### 🚨 Documenso Police 🚨`;
+              issueCountMessage += `\n@${username} has ${issueCount} open issues assigned already. Consider whether this issue should be assigned to them or left open for another contributor.`;
+
+              await octokit.request('POST /repos/{owner}/{repo}/issues/{issue_number}/comments', {
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                body: issueCountMessage,
+                headers: {
+                  'Authorization': `token ${{ secrets.GITHUB_TOKEN }}`,
+                }
+              });
+            }
@@ -0,0 +1,63 @@
+name: 'PR Review Reminder'
+
+on:
+  pull_request:
+    types: ['opened', 'ready_for_review']
+
+permissions:
+  pull-requests: write
+
+jobs:
+  checkPRs:
+    if: ${{ github.event.pull_request.user.login }} && github.event.action == ('opened' || 'ready_for_review')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+
+      - name: Install Octokit
+        run: npm install @octokit/rest@18
+
+      - name: Check user's PRs awaiting review
+        id: parse-prs
+        uses: actions/github-script@v5
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const { Octokit } = require("@octokit/rest");
+            const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
+
+            const username = context.payload.pull_request.user.login;
+            console.log(`Username Extracted: ${username}`);
+
+            const { data: pullRequests } = await octokit.pulls.list({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              state: 'open',
+              sort: 'created',
+              direction: 'asc',
+            });
+
+            const userPullRequests = pullRequests.filter(pr => pr.user.login === username && (pr.state === 'open' || pr.state === 'ready_for_review'));
+            const prCount = userPullRequests.length;
+            console.log(`PR Count for ${username}: ${prCount}`);
+
+            if (prCount > 3) {
+              let prReminderMessage = `🚨 @${username} has ${prCount} pull requests awaiting review. Please consider reviewing them when possible. 🚨`;
+
+              await octokit.request('POST /repos/{owner}/{repo}/issues/{issue_number}/comments', {
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.payload.pull_request.number,
+                body: prReminderMessage,
+                headers: {
+                  'Authorization': `token ${{ secrets.GITHUB_TOKEN }}`,
+                }
+              });
+            }
@@ -16,6 +16,24 @@ jobs:
    name: Validate PR title
    runs-on: ubuntu-latest
    steps:
+      - name: Check PR creator's previous activity
+        id: check_activity
+        run: |
+          CREATOR=$(curl -s "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}" | jq -r '.user.login')
+          ACTIVITY=$(curl -s "https://api.github.com/search/commits?q=author:${CREATOR}+repo:${{ github.repository }}" | jq -r '.total_count')
+          if [ "$ACTIVITY" -eq 0 ]; then
+            echo "::set-output name=is_new::true"
+          else
+            echo "::set-output name=is_new::false"
+          fi
+
+      - name: Count PRs created by user
+        id: count_prs
+        run: |
+          CREATOR=$(curl -s "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}" | jq -r '.user.login')
+          PR_COUNT=$(curl -s "https://api.github.com/search/issues?q=type:pr+is:open+author:${CREATOR}+repo:${{ github.repository }}" | jq -r '.total_count')
+          echo "::set-output name=pr_count::$PR_COUNT"
+
      - uses: amannn/action-semantic-pull-request@v5
        id: lint_pr_title
        env:
@@ -26,6 +44,8 @@ jobs:
        with:
          header: pr-title-lint-error
          message: |
+            Hey There! and thank you for opening this pull request! 📝👋🏼
+
            We require pull request titles to follow the [Conventional Commits Spec](https://www.conventionalcommits.org/en/v1.0.0/) and it looks like your proposed title needs to be adjusted.

            Details:
@@ -33,3 +53,10 @@ jobs:
            ```
            ${{ steps.lint_pr_title.outputs.error_message }}
            ```
+
+      - if: ${{ steps.lint_pr_title.outputs.error_message == null && steps.check_activity.outputs.is_new == 'false' && steps.count_prs.outputs.pr_count < 2}}
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr-title-lint-error
+          message: |
+            Thank you for following the naming conventions for pull request titles! 💚🚀
@@ -21,4 +21,4 @@ jobs:
          stale-pr-message: 'This PR has not seen activitiy for a while. It will be closed in 30 days unless further activity is detected.'
          close-pr-message: 'This PR has been closed because of inactivity.'
          exempt-pr-labels: 'WIP,on-hold,needs review'
-          exempt-issue-labels: 'WIP,on-hold,needs review,roadmap,status: assigned,status: triage'
+          exempt-issue-labels: 'WIP,on-hold,needs review,roadmap,assigned,needs triage'
@@ -31,7 +31,8 @@ vscode:
  extensions:
    - aaron-bond.better-comments
    - bradlc.vscode-tailwindcss
-    - biomejs.biome
+    - dbaeumer.vscode-eslint
+    - esbenp.prettier-vscode
    - mikestead.dotenv
    - unifiedjs.vscode-mdx
    - GitHub.vscode-pull-request-github
@@ -29,6 +29,6 @@
    "editor.defaultFormatter": "biomejs.biome"
  },
  "[json]": {
-    "editor.defaultFormatter": "vscode.json-language-features"
+    "editor.defaultFormatter": "biomejs.biome"
  }
 }
@@ -1,14 +1,7 @@
-# Report security vulnerabilities privately via GitHub Security Advisories (preferred).
-Contact: https://github.com/documenso/documenso/security/advisories/new
-
-# Alternatively, report critical issues privately by email.
-Contact: mailto:security@documenso.com
-
-# Security policy
-Policy: https://github.com/documenso/documenso/security/policy
-
-# General (non-security) issues
+# General Issues
 Contact: https://github.com/documenso/documenso/issues/new?assignees=&labels=bug&projects=&template=bug-report.yml

+# Report critical issues privately to let us take appropriate action before publishing.
+Contact: mailto:security@documenso.com
 Preferred-Languages: en
-Canonical: https://documenso.com/.well-known/security.txt
+Canonical: https://documenso.com/.well-known/security.txt
@@ -1,31 +1,13 @@
 # Contributing to Documenso

-> **We are no longer accepting external pull requests.**
->
-> Aside from a small group of trusted contributors we reach out to directly, we no longer merge external PRs. New pull requests will usually be closed with a request to open an issue instead. This is a security decision, not a judgement on your work. Read [Why We're Pausing External Pull Requests](https://documenso.com/blog/why-we-re-pausing-external-pull-requests) for the full reasoning.
->
-> Documenso stays open source. You can still read, audit, run, and fork the code. The best way to contribute is through detailed issues.
+If you plan to contribute to Documenso, please take a moment to feel awesome ✨ People like you are what open source is about ♥. Any contributions, no matter how big or small, are highly appreciated.

-## How to contribute now
+## Before getting started

-The most useful contribution is a detailed issue. Treat it like a spec. The more detail, the better:
-
- The problem you're trying to solve, and who it affects
- How you expect the feature or change to behave
- Edge cases, constraints, and anything you've already considered
- Examples, mockups, or references where they help
-
-Before opening an issue, search [existing issues](https://github.com/documenso/documenso/issues) and [discussions](https://github.com/documenso/documenso/discussions) for related items. If a proposal is detailed and fits where Documenso is heading, we'll pick it up and build against it.
-
-For security vulnerabilities, do not open a public issue. Follow our [Security Policy](./SECURITY.md) instead.
-
---
-
-The sections below are for trusted contributors working with us directly, and for anyone running Documenso locally or maintaining a fork.
-
-## English only PRs and Issues
-
-Please write all issues, pull requests, and related comments in English so maintainers and the wider contributor community can follow the discussion.
+- Before jumping into a PR be sure to search [existing PRs](https://github.com/documenso/documenso/pulls) or [issues](https://github.com/documenso/documenso/issues) for an open or closed item that relates to your submission.
+- Select an issue from [here](https://github.com/documenso/documenso/issues) or create a new one
+- Consider the results from the discussion on the issue
+- Accept the [Contributor License Agreement](https://documen.so/cla) to ensure we can accept your contributions.

 ## Taking issues

@@ -51,18 +51,16 @@ Join us in creating the next generation of open trust infrastructure.

 ## Community and Next Steps 🎯

- Try Documenso by self-hosting it or signing up at [documenso.com](https://documenso.com).
+- Check out the first source code release in this repository and test it.
 - Tell us what you think in the [Discussions](https://github.com/documenso/documenso/discussions).
- Join the [Discord server](https://documen.so/discord) for any questions and getting to know other community members.
+- Join the [Discord server](https://documen.so/discord) for any questions and getting to know to other community members.
 - ⭐ the repository to help us raise awareness.
- Open detailed [issues](https://github.com/documenso/documenso/issues) to report bugs or propose features.
+- Spread the word on Twitter that Documenso is working towards a more open signing tool.
+- Fix or create [issues](https://github.com/documenso/documenso/issues), that are needed for the first production release.

 ## Contributing

-> **Note**: We no longer accept external pull requests, aside from a small group of trusted contributors we reach out to directly. The best way to contribute is through detailed issues. Read [Why We're Pausing External Pull Requests](https://documenso.com/blog/why-we-re-pausing-external-pull-requests) for the reasoning.
-
- Documenso stays open source. You can read, audit, run, and fork the code.
- To report issues or propose changes, see our [contribution guide](https://github.com/documenso/documenso/blob/main/CONTRIBUTING.md).
+- To contribute, please see our [contribution guide](https://github.com/documenso/documenso/blob/main/CONTRIBUTING.md).

 ## Contact us

@@ -83,21 +81,17 @@ Contact us if you are interested in our Enterprise plan for large organizations
  <a href=""><img src="" alt=""></a>
 </p>

- [TypeScript](https://www.typescriptlang.org/) - Language
- [React Router v7](https://reactrouter.com/) - Framework
- [Hono](https://hono.dev/) - Server
+- [Typescript](https://www.typescriptlang.org/) - Language
+- [ReactRouter](https://reactrouter.com/) - Framework
 - [Prisma](https://www.prisma.io/) - ORM
- [Tailwind CSS](https://tailwindcss.com/) - CSS
- [shadcn/ui](https://ui.shadcn.com/) + [Radix UI](https://www.radix-ui.com/) - Component Library
+- [Tailwind](https://tailwindcss.com/) - CSS
+- [shadcn/ui](https://ui.shadcn.com/) - Component Library
 - [react-email](https://react.email/) - Email Templates
- [Lingui](https://lingui.dev/) - Internationalization
 - [tRPC](https://trpc.io/) - API
- [@libpdf/core](https://www.npmjs.com/package/@libpdf/core) - PDF Signatures
- [pdf.js](https://mozilla.github.io/pdf.js/) - Viewing PDFs
- [@cantoo/pdf-lib](https://github.com/cantoo-scribe/pdf-lib) - PDF manipulation
+- [@documenso/pdf-sign](https://www.npmjs.com/package/@documenso/pdf-sign) - PDF Signatures (launching soon)
+- [React-PDF](https://github.com/wojtekmaj/react-pdf) - Viewing PDFs
+- [PDF-Lib](https://github.com/Hopding/pdf-lib) - PDF manipulation
 - [Stripe](https://stripe.com/) - Payments
- [Biome](https://biomejs.dev/) - Linting & Formatting
- [Playwright](https://playwright.dev/) - E2E Testing

 <!-- - Support for [opensignpdf (requires Java on server)](https://github.com/open-pdf-sign) is currently planned. -->

@@ -188,7 +182,7 @@ For full instructions, requirements, and configuration details, see the [Self Ho

 #### Railway

-[![Deploy on Railway](https://railway.com/button.svg)](https://railway.com/deploy/DjrRRX?referralCode=EZR3s0&utm_medium=integration&utm_source=template&utm_campaign=generic)
+[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/bG6D4p)

 #### Render

@@ -202,10 +196,6 @@ For full instructions, requirements, and configuration details, see the [Self Ho

 [![Deploy on Elestio](https://elest.io/images/logos/deploy-to-elestio-btn.png)](https://elest.io/open-source/documenso)

-## Security
-
-If you believe you have found a security vulnerability in Documenso, please report it through our [Security Policy](https://github.com/documenso/documenso/security/policy). We prioritize private reports via [GitHub Security Advisories](https://github.com/documenso/documenso/security/advisories/new). See [SECURITY.md](./SECURITY.md) for scope and details.
-
 ## Troubleshooting

 For troubleshooting self-hosted deployments, see the [Troubleshooting guide](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) and [Tips & Common Pitfalls](https://docs.documenso.com/docs/self-hosting/getting-started/tips).
@@ -1,38 +0,0 @@
-# Security Policy
-
-We take the security of Documenso seriously. As a platform trusted with legally binding documents, the safety of the project and the people who rely on it is a priority for us. We're grateful to the security researchers who help keep it that way. If you've found an issue, we'd genuinely like to hear about it.
-
-## Reporting a Vulnerability
-
-Report security vulnerabilities privately. Do not open a public issue, discussion, or pull request for security reports.
-
-We accept reports through two channels, in order of preference:
-
-1. **GitHub Security Advisories (preferred)**. Use the [private vulnerability reporting form](https://github.com/documenso/documenso/security/advisories/new). This is our primary channel and lets us triage and work with you on a fix.
-2. **Email**. If you cannot use GitHub Security Advisories, email [security@documenso.com](mailto:security@documenso.com).
-
-Include the affected version, a clear description, steps to reproduce, and the potential impact.
-
-## Triage and Response
-
-We triage reports as we have availability. We read every report we receive, and we appreciate the time and effort it takes to put one together.
-
-We also run [Codex](https://openai.com/codex/) security analysis across the codebase. If Codex has already reported the issue you're sending us, we may close your report as a duplicate. Please don't take this as a reflection on your work; it just means our automated tooling happened to surface the same thing first.
-
-## Scope
-
-This policy covers vulnerabilities in the Documenso application code in this repository.
-
-The items below are out of scope and will not be accepted. They are deployment, infrastructure, and configuration concerns that belong with the operator's firewall, network, and environment setup, not the application:
-
- Server-Side Request Forgery (SSRF) and related network-egress concerns
- DNS rebinding and other DNS-level issues
- Rate limiting, denial of service, and volumetric attacks
- TLS and certificate configuration, HTTP security headers, and other reverse-proxy or web-server configuration
- Findings that depend on insecure self-hosted infrastructure or misconfiguration
-
-If you're unsure whether something is in scope, report it privately anyway and we'll happily take a look.
-
-## Supported Versions
-
-Security fixes are applied to the latest release. Run the most recent version of Documenso.
@@ -1,9 +1,67 @@
-# Signing Certificate
+# Creating your own signing certificate

-Documenso needs a signing certificate to digitally sign documents. For full, up-to-date instructions on generating, converting, and configuring a certificate, see the official documentation:
+For the digital signature of your documents you need a signing certificate in .p12 format (public and private key). You can buy one (not recommended for dev) or use the steps to create a self-signed one:

- [Signing Certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate): Overview and all certificate options
- [Local Certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate/local): Generate a self-signed `.p12` certificate with OpenSSL
- [Google Cloud HSM](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate/google-cloud-hsm): Sign using Google Cloud KMS
+1. Generate a private key using the OpenSSL command. You can run the following command to generate a 2048-bit RSA key:

-For deploying Documenso with Docker, see the [Docker Deployment](https://docs.documenso.com/docs/self-hosting/deployment/docker) and [Docker Compose](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) guides.
+   `openssl genrsa -out private.key 2048`
+
+2. Generate a self-signed certificate using the private key. You can run the following command to generate a self-signed certificate:
+
+   `openssl req -new -x509 -key private.key -out certificate.crt -days 365`
+
+   This will prompt you to enter some information, such as the Common Name (CN) for the certificate. Make sure you enter the correct information. The `-days` parameter sets the number of days for which the certificate is valid.
+
+3. Combine the private key and the self-signed certificate to create the p12 certificate. You can run the following commands to do this:
+
+   ```bash
+   # Set certificate password securely (won't appear in command history)
+   read -s -p "Enter certificate password: " CERT_PASS
+   echo
+   
+   # Create the p12 certificate using the environment variable
+   openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt \
+       -password env:CERT_PASS \
+       -keypbe PBE-SHA1-3DES \
+       -certpbe PBE-SHA1-3DES \
+       -macalg sha1
+   ```
+
+4. **IMPORTANT**: A certificate password is required to prevent signing failures. Make sure to use a strong password (minimum 4 characters) when prompted. Certificates without passwords will cause "Failed to get private key bags" errors during document signing.
+
+5. Place the certificate `/apps/remix/resources/certificate.p12` (If the path does not exist, it needs to be created)
+
+## Docker
+
+> We are still working on the publishing of docker images, in the meantime you can follow the steps below to create a production ready docker image.
+
+Want to create a production ready docker image? Follow these steps:
+
+- cd into `docker` directory
+- Make `build.sh` executable by running `chmod +x build.sh`
+- Run `./build.sh` to start building the docker image.
+- Publish the image to your docker registry of choice (or) If you prefer running the image from local, run the below command
+
+```
+docker run -d --restart=unless-stopped -p 3000:3000 -v documenso:/app/data --name documenso documenso:latest
+```
+
+Command Breakdown:
+
+- `-d` - Let's you run the container in background
+- `-p` - Passes down which ports to use. First half is the host port, Second half is the app port. You can change the first half anything you want and reverse proxy to that port.
+- `-v` - Volume let's you persist the data
+- `--name` - Name of the container
+- `documenso:latest` - Image you have built
+
+## Deployment
+
+We support a variety of deployment methods, and are actively working on adding more. Stay tuned for updates!
+
+## Railway
+
+[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/DjrRRX)
+
+## Render
+
+[![Deploy to Render](https://render.com/images/deploy-to-render-button.svg)](https://render.com/deploy?repo=https://github.com/documenso/documenso)
@@ -1,16 +1,45 @@
-# @documenso/docs
+# docs

-The Documenso documentation site, built with [Next.js](https://nextjs.org/) and [Fumadocs](https://fumadocs.dev/). Published at [docs.documenso.com](https://docs.documenso.com).
+This is a Next.js application generated with
+[Create Fumadocs](https://github.com/fuma-nama/fumadocs).

-Content lives under `content/docs/` as MDX. See [WRITING_STYLE.md](../../WRITING_STYLE.md) for the documentation writing conventions.
+Run development server:

 ```bash
-# From the monorepo root
-npm run dev --filter=@documenso/docs
+npm run dev
+# or
+pnpm dev
+# or
+yarn dev
 ```

-## Structure
+Open http://localhost:3000 with your browser to see the result.

- `content/docs/`: Documentation pages (MDX).
- `lib/source.ts`: Content source adapter.
- `lib/layout.shared.tsx`: Shared layout options.
+## Explore
+
+In the project, you can see:
+
+- `lib/source.ts`: Code for content source adapter, [`loader()`](https://fumadocs.dev/docs/headless/source-api) provides the interface to access your content.
+- `lib/layout.shared.tsx`: Shared options for layouts, optional but preferred to keep.
+
+| Route                     | Description                                            |
+| ------------------------- | ------------------------------------------------------ |
+| `app/(home)`              | The route group for your landing page and other pages. |
+| `app/docs`                | The documentation layout and pages.                    |
+| `app/api/search/route.ts` | The Route Handler for search.                          |
+
+### Fumadocs MDX
+
+A `source.config.ts` config file has been included, you can customise different options like frontmatter schema.
+
+Read the [Introduction](https://fumadocs.dev/docs/mdx) for further details.
+
+## Learn More
+
+To learn more about Next.js and Fumadocs, take a look at the following
+resources:
+
+- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js
+  features and API.
+- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
+- [Fumadocs](https://fumadocs.dev) - learn about Fumadocs
@@ -12,7 +12,7 @@ import { Callout } from 'fumadocs-ui/components/callout';
 | 21 CFR Part 11 | Compliant (Enterprise) |
 | SOC 2          | Compliant              |
 | ISO 27001      | Planned                |
-| HIPAA          | Compliant (Enterprise) |
+| HIPAA          | Planned                |

 ## 21 CFR Part 11

@@ -97,12 +97,12 @@ Documenso implements digital signatures with the following characteristics:
 - **Timestamps**: RFC 3161 timestamps can be applied to signatures
 - **Signature visualization**: Signed documents include visual signature representations

-For specific implementation details and configuration options, refer to the [signing certificates](/docs/concepts/signing-certificates) documentation.
+For specific implementation details and configuration options, refer to the [signing certificates](/signing-certificates/overview) documentation.

 Self-hosted deployments can configure their own signing certificates and timestamp authorities to meet specific compliance requirements.

 ## Related

- [E-Sign Compliance](/docs/compliance/esign) - Legal frameworks for electronic signatures
- [Signing Certificates](/docs/concepts/signing-certificates) - Certificate configuration
- [Signing Workflow](/docs/concepts/signing-workflow) - Document activity and audit trail
+- [Legal Validity](/compliance/legal-validity) - Legal frameworks for electronic signatures
+- [Signing Certificates Overview](/signing-certificates/overview) - Certificate configuration
+- [Audit Log](/features/audit-log) - Document activity tracking
@@ -167,5 +167,5 @@ To enable sequential signing:

 ## Related

- [Add Recipients](/docs/users/documents/add-recipients) - How to add recipients to a document
- [Field Types](/docs/concepts/field-types) - Learn about the different field types you can assign to recipients
+- [Add Recipients](/users/documents/add-recipients) - How to add recipients to a document
+- [Field Types](/concepts/field-types) - Learn about the different field types you can assign to recipients
@@ -1,45 +0,0 @@
---
-title: Common Errors
-description: A comprehensive troubleshooting matrix for Documenso API and Webhook integration errors.
---
-
-This guide provides a comprehensive troubleshooting matrix for the standard error codes returned by the Documenso API. Use this reference to diagnose and resolve integration issues related to envelopes, recipients, and webhooks.
-
-## Application Error Codes
-
-| Error Code | Description | Recommended Action |
-| :--- | :--- | :--- |
-| `ALREADY_EXISTS` | The resource you are attempting to create already exists. | Verify if the entity (e.g., user, envelope, webhook) has already been instantiated. Use a `PUT` or `PATCH` request to update the existing resource instead of `POST`. |
-| `EXPIRED_CODE` | The provided access code or token has expired. | Generate a new access code or request a new invitation link before retrying the request. |
-| `INVALID_BODY` | The request payload is malformed. | Inspect your JSON payload structure. Ensure it strictly adheres to the expected schema and that no required fields are missing. |
-| `INVALID_REQUEST` | The overall request is malformed or invalid. | Review your API call parameters, including the URL, query parameters, and headers. Correct the request syntax. |
-| `RECIPIENT_EXPIRED` | The signing link or recipient access has expired. | Generate and resend a new invitation to the affected recipient. |
-| `LIMIT_EXCEEDED` | Your account usage quota has been exceeded. | Check your current plan limits. Upgrade your subscription or wait until your billing cycle renews. |
-| `NOT_FOUND` | The requested resource could not be found (404). | Verify the resource ID (envelope, document, webhook) passed in the URL. Ensure the resource has not been deleted. |
-| `NOT_IMPLEMENTED` | The requested feature is not currently supported by the server. | Consult the API documentation to verify available methods. Do not use this endpoint at this time. |
-| `NOT_SETUP` | The required configuration for this action is incomplete. | Access your account or integration settings and complete the necessary configuration before retrying. |
-| `INVALID_CAPTCHA` | Security token (Captcha) validation failed. | Ensure the Captcha token is correctly generated on the client side and transmitted without alteration in your request. |
-| `UNAUTHORIZED` | Missing or invalid authentication (401). | Verify that your API key is correct, active, and properly formatted in the `Authorization` header (e.g., `Bearer <YOUR_API_KEY>`). |
-| `FORBIDDEN` | Access to the resource is denied (403). | Ensure your API key or user account has the necessary permissions and roles to execute this specific action. |
-| `UNKNOWN_ERROR` | An unexpected internal server error occurred (500). | Retry the request later. If the issue persists, contact technical support with your request payload and the timestamp of the incident. |
-| `RETRY_EXCEPTION` | The operation failed temporarily but can be retried. | Implement an automatic retry logic in your integration, ideally using an exponential backoff strategy. |
-| `SCHEMA_FAILED` | Strict data schema validation failed. | Verify that the data types sent (string, number, boolean) exactly match the OpenAPI specification. |
-| `TOO_MANY_REQUESTS` | Rate limit exceeded (429). | Reduce the frequency of your API calls. Implement rate-limiting handling based on the response headers. |
-| `TWO_FACTOR_AUTH_FAILED` | Two-factor authentication (2FA) failed. | Verify the provided 2FA code. Ensure it was entered correctly and has not expired. |
-| `WEBHOOK_INVALID_REQUEST` | The webhook-related request is invalid. | Check your receiving endpoint configuration. Ensure the URL is correct and that your server accepts `POST` requests from Documenso. |
-
-## Envelope State Errors
-
-The following errors occur when attempting to perform actions on an envelope that are incompatible with its current state.
-
-| Error Code | Description | Recommended Action |
-| :--- | :--- | :--- |
-| `ENVELOPE_DRAFT` | The action cannot be performed because the envelope is still in a draft state. | Finalize the envelope configuration and transition it to the `PENDING` (sent) state before attempting this operation. |
-| `ENVELOPE_COMPLETED` | The action cannot be performed because the envelope is already completed. | No further modifications (e.g., adding signers, modifying documents) can be made to an envelope once the signing process is finished. |
-| `ENVELOPE_REJECTED` | The action cannot be performed because the envelope was rejected by a recipient. | The signing flow is permanently halted. Create a new envelope if you wish to resubmit the document. |
-| `ENVELOPE_LEGACY` | The action cannot be performed because the envelope uses an obsolete format. | This envelope was created with a legacy version of the system. Recreate the envelope using the current API version to interact with it. |
-
-## See Also
-
- [Documents API](/docs/developers/api/documents)
- [Webhooks](/docs/developers/webhooks)
@@ -1,14 +1,4 @@
 {
  "title": "API Reference",
-  "pages": [
-    "documents",
-    "recipients",
-    "fields",
-    "templates",
-    "teams",
-    "rate-limits",
-    "versioning",
-    "developer-mode",
-    "common-errors"
-  ]
+  "pages": ["documents", "recipients", "fields", "templates", "teams", "rate-limits", "versioning", "developer-mode"]
 }
@@ -1,81 +0,0 @@
---
-title: iframe
-description: Embed the signing experience directly in your application using an iframe.
---
-
-import { Callout } from 'fumadocs-ui/components/callout';
-import { Step, Steps } from 'fumadocs-ui/components/steps';
-import { Tab, Tabs } from 'fumadocs-ui/components/tabs';
-
-<Callout type="warn" title="iframes are not recommended">
-  Embedding via iframe is not recommended. We strongly recommend using the [official SDKs](/docs/developers/embedding/sdks) instead.
-</Callout>
-
-### Basic iframe Embedding
-
-```html
-<iframe
-  src="https://app.documenso.com/embed/sign/abc123xyz"
-  width="100%"
-  height="800"
-  frameborder="0"
-  allow="clipboard-write"
-></iframe>
-```
-
-<Callout title="Use the correct embed URL">
-  The URL you embed depends on the embed mode you’re using (for example direct links vs sign-token embeds). Use the
-  embed URL provided by Documenso for your flow.
-</Callout>
-
-### iframe Customization
-
-You can customize the embedded signing experience by passing **encoded options in the iframe URL fragment** (everything
-after `#`).
-
-Documenso expects the fragment to be **base64** of:
-
- `encodeURIComponent(JSON.stringify(options))`
-
-#### Supported options
-
-| Option | Type | Description |
-| ------ | ---- | ----------- |
-| `name` | `string` | Prefill signer name. |
-| `email` | `string` | Prefill signer email. |
-| `lockName` | `boolean` | Lock the name field (prevents editing). |
-| `lockEmail` | `boolean` | Lock the email field (prevents editing). |
-| `language` | `string` | Force the embed language (e.g. `en`). |
-| `darkModeDisabled` | `boolean` | Disable dark mode behavior. |
-| `allowDocumentRejection` | `boolean` | Allow or disallow document rejection. |
-| `css` | `string` | Inject custom CSS into the embed. |
-| `cssVars` | `object` | Override embed CSS variables (see the CSS Variables page). |
-
-#### Example
-
-```ts
-const buildEmbedSrc = (host: string, token: string) => {
-  const options = {
-    name: 'Ada Lovelace',
-    email: 'ada@example.com',
-    lockName: true,
-    lockEmail: true,
-    language: 'en',
-    darkModeDisabled: false,
-    allowDocumentRejection: true,
-    css: ':root { --radius: 12px; }',
-    cssVars: {},
-  };
-
-  const encodedOptions = btoa(encodeURIComponent(JSON.stringify(options)));
-
-  return `${new URL(`/embed/sign/${token}`, host).toString()}#${encodedOptions}`;
-};
-```
-
-A complete example can be found in the [Embeds repository](https://github.com/documenso/embeds/blob/main/packages/mitosis/src/sign-document.lite.tsx).
-
-<Callout type="info" title="Why use the URL fragment?">
-  The fragment is **not sent to the server** as part of the HTTP request, but it is available to the embedded app in
-  the browser. This makes it a convenient way to pass client-side configuration without changing the base embed URL.
-</Callout>
@@ -1,4 +1,4 @@
 {
  "title": "Embedding",
-  "pages": ["sdks", "direct-links", "css-variables", "editor", "iframe"]
+  "pages": ["sdks", "direct-links", "css-variables", "editor"]
 }
@@ -73,14 +73,14 @@ Include the token in the `Authorization` header of your HTTP requests.
 ### cURL

 ```bash
-curl https://app.documenso.com/api/v2/document \
+curl https://app.documenso.com/api/v2/documents \
  -H "Authorization: api_xxxxxxxxxxxxxxxx"
 ```

 ### JavaScript / TypeScript

 ```typescript
-const response = await fetch('https://app.documenso.com/api/v2/document', {
+const response = await fetch('https://app.documenso.com/api/v2/documents', {
  method: 'GET',
  headers: {
    Authorization: 'api_xxxxxxxxxxxxxxxx',
@@ -15,17 +15,16 @@ Pick the one that fits your needs the best.

 ## Tech Stack

- [TypeScript](https://www.typescriptlang.org/) - Language
- [React Router v7](https://reactrouter.com/) - Framework
- [Hono](https://hono.dev/) - Server
+- [Typescript](https://www.typescriptlang.org/) - Language
+- [React Router](https://reactrouter.com/) - Framework
 - [Prisma](https://www.prisma.io/) - ORM
- [Tailwind CSS](https://tailwindcss.com/) - CSS
- [shadcn/ui](https://ui.shadcn.com/) + [Radix UI](https://www.radix-ui.com/) - Component Library
+- [Tailwind](https://tailwindcss.com/) - CSS
+- [shadcn/ui](https://ui.shadcn.com/) - Component Library
 - [react-email](https://react.email/) - Email Templates
- [Lingui](https://lingui.dev/) - Internationalization
 - [tRPC](https://trpc.io/) - API
- [@libpdf/core](https://www.npmjs.com/package/@libpdf/core) - PDF Signing and Manipulation
- [pdf.js](https://mozilla.github.io/pdf.js/) - Viewing PDFs
+- [@documenso/pdf-sign](https://www.npmjs.com/package/@documenso/pdf-sign) - PDF Signatures
+- [React-PDF](https://github.com/wojtekmaj/react-pdf) - Viewing PDFs
+- [PDF-Lib](https://github.com/Hopding/pdf-lib) - PDF manipulation
 - [Stripe](https://stripe.com/) - Payments

 <div className="mt-16 flex items-center justify-center gap-4">
@@ -8,7 +8,6 @@
    "privacy",
    "terms",
    "security",
-    "verify-email",
    "support"
  ]
 }
@@ -1,68 +0,0 @@
---
-title: Verifying Emails from Documenso
-description: How to confirm that an email is genuinely from Documenso, and what to do if you receive a suspicious message.
---
-
-import { Callout } from 'fumadocs-ui/components/callout';
-
-## Check the Sender Domain
-
-All email sent by Documenso originates from one of the following domains. If you receive an email claiming to be from Documenso and the sender address does not end in one of these domains, treat it as suspicious.
-
-| Domain                   | Used for                                                       |
-| ------------------------ | -------------------------------------------------------------- |
-| `app.documenso.com`      | Transactional email                                            |
-| `documensomail.com`      | Transactional email                                            |
-| `documensoemail.com`     | Transactional email                                            |
-| Custom domain            | [Enterprise organisations](/docs/users/organisations/email-domains) using a custom email domain |
-
-Typical sender addresses include:
-
- `noreply@app.documenso.com`
- `noreply@free.documensomail.com`
- `noreply@send.documensoemail.com`
-
-<Callout type="warn">
-  A misspelling such as `documenso-email.com`, `documensoemaiI.com` (capital i instead of l), or any other variation is not a Documenso domain.
-</Callout>
-
-## Types of Email Documenso Sends
-
-Documenso sends email only for the following purposes:
-
- **Account verification** — confirming your email address when you sign up or change it
- **Password reset** — a link to reset your password that you requested
- **Document invitations** — notifying you that a document has been shared with you to sign, approve, or view
- **Signing reminders** — follow-up reminders for pending document actions
- **Completed document notifications** — confirmation that all parties have signed a document
- **Team invitations** — inviting you to join an organisation or team
-
-## What Documenso Will Never Do
-
- Ask for your password via email
- Send you an attachment and ask you to open it to verify your identity
- Ask you to confirm payment details or billing information over email
- Send unsolicited marketing emails if you have not opted in
-
-## How to Tell If an Email Is Legitimate
-
-1. **Check the sender address** — the domain must be `documenso.com` or `documensomail.com`
-2. **Look at the link destination** — hover over any link before clicking; it should point to `app.documenso.com`
-3. **Watch for urgency or threats** — legitimate Documenso emails do not threaten account suspension to pressure you into clicking a link immediately
-4. **Verify the action yourself** — if in doubt, log in to [app.documenso.com](https://app.documenso.com) directly (not via the email link) and check whether the document or notification exists there
-
-## Report a Suspicious Email
-
-If you receive an email that appears to impersonate Documenso:
-
-1. Do not click any links or download any attachments
-2. Forward the email as an attachment to **support@documenso.com**
-3. Delete the email from your inbox
-
-You can also report phishing emails directly to your email provider using their built-in reporting tools.
-
-## Related
-
- [Security Policy](/docs/policies/security) — Documenso's security practices and vulnerability disclosure process
- [Create an Account](/docs/users/getting-started/create-account) — What to expect during sign-up
- [Security Settings](/docs/users/settings/security) — Enable two-factor authentication and manage sessions
@@ -278,9 +278,7 @@ Test your email configuration by creating an account or resetting a password. Th

 ### Using a Test SMTP Server

-For development or testing, use a local SMTP server like [Inbucket](https://www.inbucket.org/), [Mailpit](https://github.com/axllent/mailpit), or [Mailhog](https://github.com/mailhog/MailHog). The default development setup (`docker/development/compose.yml`) already runs Inbucket, with its web UI on port 9000 and SMTP on port 2500.
-
-To run one standalone instead:
+For development or testing, use a local SMTP server like [Mailhog](https://github.com/mailhog/MailHog) or [Mailpit](https://github.com/axllent/mailpit):

 ```bash
 # Using Docker
@@ -86,21 +86,6 @@ Callback URL: `https://<your-domain>/api/auth/callback/microsoft`
 | `NEXT_PRIVATE_OIDC_SKIP_VERIFY`    | `false` | Skip email verification for OIDC accounts          |
 | `NEXT_PRIVATE_OIDC_PROMPT`         | `login` | OIDC prompt parameter. Set to empty string to omit |

-### Webhooks
-
-| Variable                                | Default | Description                                                              |
-| --------------------------------------- | ------- | ------------------------------------------------------------------------ |
-| `NEXT_PRIVATE_WEBHOOK_SSRF_BYPASS_HOSTS` | -       | Comma-separated hostnames or IPs allowed to resolve to private addresses |
-
-Before delivering a webhook, Documenso checks whether the target resolves to a
-private or loopback address and blocks it if so. This check is best-effort and
-fails open. Use `NEXT_PRIVATE_WEBHOOK_SSRF_BYPASS_HOSTS` to allow specific
-internal hosts, for example when delivering to a service on your own network:
-
-```bash
-NEXT_PRIVATE_WEBHOOK_SSRF_BYPASS_HOSTS="hooks.internal.example,10.0.0.5"
-```
-
 ---

 ## Email Configuration
@@ -201,9 +186,9 @@ Documenso requires a certificate to digitally sign documents.

 ### Transport Selection

-| Variable                         | Description                                       | Default |
-| -------------------------------- | ------------------------------------------------- | ------- |
-| `NEXT_PRIVATE_SIGNING_TRANSPORT` | Signing backend: `local`, `gcloud-hsm`, or `csc`  | `local` |
+| Variable                         | Description                              | Default |
+| -------------------------------- | ---------------------------------------- | ------- |
+| `NEXT_PRIVATE_SIGNING_TRANSPORT` | Signing backend: `local` or `gcloud-hsm` | `local` |

 ### Local Signing

@@ -225,36 +210,11 @@ Documenso requires a certificate to digitally sign documents.
 | `NEXT_PRIVATE_SIGNING_GCLOUD_HSM_CERT_CHAIN_CONTENTS`          | Base64-encoded certificate chain                     |
 | `NEXT_PRIVATE_SIGNING_GCLOUD_HSM_SECRET_MANAGER_CERT_PATH`     | Google Secret Manager path for certificate retrieval |

-### Cloud Signature Consortium (CSC)
-
-Routes signing through a third-party Trust Service Provider for Advanced and Qualified Electronic Signatures (AES/QES). Instance-wide; set `NEXT_PRIVATE_SIGNING_TRANSPORT=csc` to enable. See [CSC (AES / QES)](/docs/self-hosting/configuration/signing-certificate/csc-qes) for the full setup walkthrough.
-
-CSC mode requires an active [Enterprise Edition](/docs/policies/enterprise-edition) license. Without a valid license, the instance will refuse to start in `csc` mode.
-
-| Variable                                       | Description                                                                                                                | Default |
-| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `NEXT_PRIVATE_SIGNING_CSC_PROVIDER_BASE_URL`   | Base URL of the CSC provider's API                                                                                         |         |
-| `NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_ID`     | OAuth client ID registered with the CSC provider                                                                           |         |
-| `NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_SECRET` | OAuth client secret registered with the CSC provider                                                                       |         |
-| `NEXT_PRIVATE_SIGNING_CSC_SIGNATURE_LEVEL`     | Default legal tier for new envelopes when the caller doesn't specify one. `AES` or `QES`. Explicit requests pass through.  | `AES`   |
-
-The OAuth callback URL registered with the CSC provider is fixed at `${NEXT_PUBLIC_WEBAPP_URL}/api/csc/oauth/callback` — register this exact URL with the TSP.
-
-#### Derived Public Variables
-
-The following client-visible variable is **derived automatically** from the private transport at server startup. Do not set it manually — any value set in the environment is overwritten on boot.
-
-| Variable                              | Derived from                                       | Value                                             |
-| ------------------------------------- | -------------------------------------------------- | ------------------------------------------------- |
-| `NEXT_PUBLIC_SIGNING_TRANSPORT_IS_CSC` | `NEXT_PRIVATE_SIGNING_TRANSPORT === 'csc'`        | `'true'` when CSC mode is active, else `'false'` |
-
-The authoring UI uses this flag to gate features that AES/QES envelopes cannot support (parallel signing, assistant role, dictate next signer). Deriving it from the private transport prevents the client-side flag from drifting from the real server-side configuration.
-
 ### Signature Options

 | Variable                                    | Description                                                 | Default    |
 | ------------------------------------------- | ----------------------------------------------------------- | ---------- |
-| `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY`  | Comma-separated timestamp authority URLs for LTV signatures. Optional for `local` / `gcloud-hsm` (signatures omit the timestamp when unset). **Required** when `NEXT_PRIVATE_SIGNING_TRANSPORT=csc` — the instance refuses to start without it. See [CSC (AES / QES)](/docs/self-hosting/configuration/signing-certificate/csc-qes#timestamp-authority-resolution). |            |
+| `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY`  | Comma-separated timestamp authority URLs for LTV signatures |            |
 | `NEXT_PUBLIC_SIGNING_CONTACT_INFO`          | Contact info embedded in PDF signatures                     | Webapp URL |
 | `NEXT_PRIVATE_USE_LEGACY_SIGNING_SUBFILTER` | Use `adbe.pkcs7.detached` instead of `ETSI.CAdES.detached`  | `false`    |

@@ -1,213 +0,0 @@
---
-title: CSC (AES / QES)
-description: Configure Cloud Signature Consortium signing for Advanced and Qualified Electronic Signatures via a third-party Trust Service Provider.
---
-
-import { Callout } from 'fumadocs-ui/components/callout';
-import { Step, Steps } from 'fumadocs-ui/components/steps';
-
-The `csc` signing transport routes signatures through a third-party Trust Service Provider (TSP) using the [Cloud Signature Consortium API v1.0.4.0](https://cloudsignatureconsortium.org/). Each recipient authenticates directly with the TSP (Strong Customer Authentication) and the TSP returns a per-recipient signature bound to the document hash. Documenso assembles the resulting PAdES signature inside the PDF.
-
-This transport enables **Advanced Electronic Signatures (AES)** and **Qualified Electronic Signatures (QES)** under eIDAS. See [Signature Levels](/docs/compliance/signature-levels) for the legal framework.
-
-<Callout type="warn">
-  CSC mode is **instance-wide**: one CSC provider per Documenso install. All envelopes created
-  while the instance runs in `csc` mode use AES or QES. Switching `NEXT_PRIVATE_SIGNING_TRANSPORT`
-  is a one-way operational migration — see [Switching Transports](#switching-transports).
-</Callout>
-
-<Callout type="warn">
-  CSC mode requires an active [Enterprise Edition](/docs/policies/enterprise-edition) license. The
-  instance refuses to start in `csc` mode without it.
-</Callout>
-
-## Prerequisites
-
-{/* prettier-ignore */}
-<Steps>
-<Step>
-
-### A TSP account
-
-Establish a relationship with a CSC-compatible Trust Service Provider. The TSP issues qualified or advanced certificates to your signers, holds the private keys in its HSM, and exposes a CSC v1.0.4.0-compliant API.
-
-</Step>
-<Step>
-
-### OAuth client credentials
-
-Register Documenso as an OAuth client with the TSP. You will receive a client ID and client secret, and must supply Documenso's callback URL when registering:
-
-```
-${NEXT_PUBLIC_WEBAPP_URL}/api/csc/oauth/callback
-```
-
-The callback URL is fixed — Documenso derives it from `NEXT_PUBLIC_WEBAPP_URL` and the route mount path. There is no env var to override it; ensuring the registered URL matches your instance's webapp URL exactly is the operator's responsibility.
-
-</Step>
-<Step>
-
-### Enterprise Edition license
-
-CSC mode is gated by the `instanceCscSigning` license flag. Without a valid Enterprise license, the transport refuses to start (`CSC_UNLICENSED`).
-
-</Step>
-<Step>
-
-### S3 storage (strongly recommended)
-
-CSC produces multiple `DocumentData` rows per envelope item (one per recipient signature, plus the materialised and source rows). Database-backed storage base64-inflates each row by ~33% and is impractical at meaningful PDF sizes. Configure [S3 storage](/docs/self-hosting/configuration/storage) before enabling CSC.
-
-</Step>
-</Steps>
-
-## Environment Variables
-
-| Variable                                       | Description                                                                                                                       | Default |
-| ---------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `NEXT_PRIVATE_SIGNING_TRANSPORT`               | Set to `csc`                                                                                                                      |         |
-| `NEXT_PRIVATE_SIGNING_CSC_PROVIDER_BASE_URL`   | Base URL of the CSC provider's API                                                                                                |         |
-| `NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_ID`     | OAuth client ID registered with the CSC provider                                                                                  |         |
-| `NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_SECRET` | OAuth client secret registered with the CSC provider                                                                              |         |
-| `NEXT_PRIVATE_SIGNING_CSC_SIGNATURE_LEVEL`     | Default legal tier for new envelopes when the caller does not specify one. `AES` or `QES`. Explicit requests always pass through. | `AES`   |
-| `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY`     | **Required.** Comma-separated RFC 3161 TSA URLs. Always used for B-LTA archival timestamps at seal time, and also serves as the B-T sign-time fallback when the TSP does not expose `signatures/timestamp`. The instance refuses to start in CSC mode without it. See [Timestamp Authority Resolution](#timestamp-authority-resolution). |         |
-
-<Callout type="info">
-  `NEXT_PUBLIC_SIGNING_TRANSPORT_IS_CSC` is set automatically from
-  `NEXT_PRIVATE_SIGNING_TRANSPORT` at server startup. Do not set it manually — see
-  [Environment Variables](/docs/self-hosting/configuration/environment#derived-public-variables).
-</Callout>
-
-## Configuration Example
-
-```bash
-NEXT_PRIVATE_SIGNING_TRANSPORT=csc
-NEXT_PRIVATE_SIGNING_CSC_PROVIDER_BASE_URL=https://api.example-tsp.com/csc/v1
-NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_ID=documenso-prod
-NEXT_PRIVATE_SIGNING_CSC_OAUTH_CLIENT_SECRET=...
-NEXT_PRIVATE_SIGNING_CSC_SIGNATURE_LEVEL=QES
-NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY=http://timestamp.example.com
-```
-
-Register `${NEXT_PUBLIC_WEBAPP_URL}/api/csc/oauth/callback` (e.g. `https://sign.example.com/api/csc/oauth/callback`) as the OAuth callback URL with the TSP.
-
-## Default Signature Level
-
-`NEXT_PRIVATE_SIGNING_CSC_SIGNATURE_LEVEL` selects the legal tier applied to envelopes that do not specify one explicitly. It is a default, not a capability gate: callers may still create AES or QES envelopes explicitly regardless of this setting.
-
-| Configured value | Caller passes nothing | Caller passes `AES` | Caller passes `QES` |
-| ---------------- | --------------------- | ------------------- | ------------------- |
-| `AES` (default)  | Envelope is `AES`     | Envelope is `AES`   | Envelope is `QES`   |
-| `QES`            | Envelope is `QES`     | Envelope is `AES`   | Envelope is `QES`   |
-
-Any value other than `AES` or `QES` causes the instance to refuse to start. This prevents silent qualified-to-advanced downgrades from a typo.
-
-## Timestamp Authority Resolution
-
-AES/QES envelopes use TSA-attested timestamps in two distinct phases. Resolution differs per phase.
-
-### Sign time — PAdES B-T per recipient
-
-Each recipient's CMS embeds a signature timestamp (CMS unsigned attribute) so proven time is bound to the recipient's signature itself. Resolution order:
-
-1. If the TSP advertises `signatures/timestamp` in its `info` response (CSC §11.10), the TSP endpoint is used. The call is authorised with **this recipient's** service-scope bearer token — the same one authorising the `signatures/signHash` call alongside it.
-2. Otherwise, the first URL from `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY` is used (RFC 3161 over HTTP).
-
-Selection is made at boot from the discovered transport, not at runtime; there is no try-then-fall-through. If the chosen source fails, the recipient's sign attempt fails.
-
-### Seal time — PAdES B-LTA archival
-
-The seal-document job emits a single archival `/DocTimeStamp` over the fully-signed envelope (plus DSS for the existing signatures and the timestamp's own chain). This phase is **env-only**: the first URL from `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY` is always used.
-
-The archival anchor is the operator's long-term trust anchor and SHOULD point at a dedicated qualified archival TSA (e.g. DigiCert) independent of the per-recipient TSP. We deliberately do not fall back to the TSP at seal time: archive longevity should not be coupled to a TSP that may rotate or revoke, and the seal-document job has no recipient context to carry a service-scope bearer.
-
-### Boot-time guard
-
-The instance refuses to start in CSC mode unless `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY` is set (`CSC_PROVIDER_NO_TSA` at transport construction). The env var is required unconditionally — even when the TSP advertises its own `signatures/timestamp`, seal-time B-LTA archival uses the env TSA. Catching this at boot prevents the failure mode where an envelope signs successfully at B-T and then hangs in `WAITING_FOR_SIGNATURE_COMPLETION` when the seal job throws.
-
-## Switching Transports
-
-`NEXT_PRIVATE_SIGNING_TRANSPORT` is a one-way operational migration. Existing envelopes route per the `signatureLevel` column they were created with — the runtime branching looks at the envelope, not the env var. After a switch:
-
- Envelopes already at `SES` continue to use the new transport for sealing, but the new transport's signer must produce SES-compatible signatures (only `local` and `gcloud-hsm` qualify).
- Envelopes already at `AES` / `QES` will fail at sign or seal time if the new transport is not `csc`.
-
-Plan migrations during a quiet window with no in-flight envelopes.
-
-## Behavioural Notes
-
-CSC mode changes a number of envelope-authoring behaviours that operators should communicate to users.
-
-### Mutation lock at distribution
-
-For AES/QES envelopes, all authoring routes refuse mutations once the envelope leaves DRAFT. This locks the PDF before any recipient begins Strong Customer Authentication, closing the PDF-swap window that would otherwise allow an owner to replace the PDF between view and sign and break the legal "what you see is what you sign" guarantee.
-
-In practice: edit envelope, recipients, fields, and items freely while DRAFT; once sent, no changes are accepted (including from the API).
-
-### Sequential signing only
-
-Parallel signing produces conflicting incremental updates over the same base PDF, breaking the per-recipient `/ByteRange` invariant. The signing order is forced to `SEQUENTIAL` on AES/QES envelopes — at the schema layer, at send time, and in the UI (the parallel-signing toggle is hidden).
-
-### Assistant role and Dictate Next Signer disabled
-
-Both features modify the recipient set after the envelope is sent, which is incompatible with the AES/QES mutation lock. They are hidden in the UI and rejected at the server schema layer.
-
-### Sidecar PDFs at download
-
-The signed PDF must remain byte-identical to what each recipient's TSP signature authorised — Documenso cannot decorate it after signing. Audit logs and the Certificate of Completion are generated on demand and delivered as separate PDFs:
-
- `GET /sign/{token}/download` returns the signed PDF only (or a ZIP for multi-item envelopes).
- `GET /sign/{token}/download?version=bundle` returns a ZIP containing the signed PDFs, audit log PDF, and Certificate of Completion.
- The completion email attaches all three.
-
-## Recipient Flow
-
-For context when supporting end users, here is what a recipient experiences on an AES/QES envelope:
-
-1. Opens the email link, lands on the signing page.
-2. Documenso redirects to the TSP for Strong Customer Authentication (first visit only; cached for the session lifetime).
-3. Fills fields as normal.
-4. Clicks Sign → redirected to the TSP for a second authentication round (issues a per-document Signature Activation Data token).
-5. Returns to Documenso; the signing call completes within ~15 seconds.
-6. Sees the standard completion screen.
-
-If the TSP returns no eligible credentials for the recipient (e.g. they have not enrolled), they see a blocking page directing them to enrol with the TSP and retry.
-
-## Error Codes
-
-CSC-specific error codes surfaced through the standard error channels:
-
-| Code                       | Meaning                                          | Recovery                                                                |
-| -------------------------- | ------------------------------------------------ | ----------------------------------------------------------------------- |
-| `CSC_UNLICENSED`           | License flag absent at transport-create          | Operator: enable Enterprise Edition, restart                            |
-| `CSC_PROVIDER_INFO_FAILED` | `info` discovery failed at startup               | Operator: check TSP availability and `NEXT_PRIVATE_SIGNING_CSC_PROVIDER_BASE_URL` |
-| `CSC_PROVIDER_NO_TSA`      | `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY` is unset | Operator: configure `NEXT_PRIVATE_SIGNING_TIMESTAMP_AUTHORITY`        |
-| `CSC_CREDENTIAL_LIST_EMPTY`| TSP returned no credentials for the user         | Recipient: enrol with the TSP                                           |
-| `CSC_CERT_INVALID`         | Certificate refused at credential validation     | Recipient: contact the TSP                                              |
-| `CSC_ALGORITHM_REFUSED`    | Signature algorithm fails policy                 | Operator/recipient: TSP does not meet policy (see below)                |
-| `CSC_SAD_EXPIRED_PRE_SIGN` | Signature Activation Data expired before signing | Recipient: retry from Sign                                              |
-| `CSC_TSP_TIMEOUT`          | 15-second synchronous timeout reached            | Recipient: retry (idempotent — the TSP enforces single-use SAD binding) |
-| `CSC_EMBED_FAILED`         | Sign-time digest diverged from prep capture      | Recipient: retry from Sign                                              |
-| `CSC_BASE_DOCUMENT_MUTATED`| Document data changed between prep and sign      | Operator: investigate (structural guard violation)                      |
-| `CSC_INSTANCE_MODE_MISMATCH`| Envelope created with wrong level for transport | Caller: use a level matching the instance transport                     |
-| `CSC_REQUEST_FAILED`       | TSP HTTP transport failure — network error, non-2xx, or malformed response | Operator: check TSP availability; carries the TSP HTTP status and error in the message |
-
-## Algorithm Policy
-
-Documenso refuses TSP credentials that do not meet the following minimums, at the OAuth callback boundary and again at sign time:
-
-| Class | Allowed                            | Refused                                                |
-| ----- | ---------------------------------- | ------------------------------------------------------ |
-| RSA   | `key.len >= 2048`                  | Missing `key.len`, `key.len < 2048`                    |
-| ECDSA | P-256, P-384, P-521                | Missing `key.curve`, P-192, P-224, other curves        |
-| Hash  | SHA-256, SHA-384, SHA-512          | SHA-1, MD5                                             |
-| Other | —                                  | DSA                                                    |
-
-This is the union of CSC v1.0.4.0 §11.5 requirements and current cryptographic guidance.
-
-## Related
-
- [Signature Levels](/docs/compliance/signature-levels) — AES / QES legal framework
- [Signing Certificate](/docs/self-hosting/configuration/signing-certificate) — overview of all signing transports
- [Environment Variables](/docs/self-hosting/configuration/environment) — full env reference
- [Enterprise Edition](/docs/policies/enterprise-edition) — license requirements
@@ -24,11 +24,6 @@ Self-hosted Documenso instances require a signing certificate. You can generate
    description="Hardware-based key protection with Google Cloud KMS."
    href="/docs/self-hosting/configuration/signing-certificate/google-cloud-hsm"
  />
-  <Card
-    title="CSC (AES / QES)"
-    description="Route signing through a third-party Trust Service Provider for Advanced and Qualified Electronic Signatures."
-    href="/docs/self-hosting/configuration/signing-certificate/csc-qes"
-  />
  <Card
    title="Timestamp Server"
    description="Add trusted timestamps and customise signature appearance."
@@ -43,7 +38,7 @@ Self-hosted Documenso instances require a signing certificate. You can generate

 ## Certificate Options

-<Tabs items={['Self-Signed', 'CA-Issued', 'Google Cloud HSM', 'CSC (AES / QES)']}>
+<Tabs items={['Self-Signed', 'CA-Issued', 'Google Cloud HSM']}>
 <Tab value="Self-Signed">

 A self-signed certificate is sufficient for most use cases where your industry has no special signing regulations.
@@ -84,18 +79,6 @@ For organisations requiring hardware-based key protection, Documenso supports Go

 See [Google Cloud HSM](/docs/self-hosting/configuration/signing-certificate/google-cloud-hsm) for setup instructions.

-</Tab>
-<Tab value="CSC (AES / QES)">
-
-For Advanced and Qualified Electronic Signatures under eIDAS, Documenso integrates with third-party Trust Service Providers via the Cloud Signature Consortium API. Each recipient authenticates directly with the TSP, which holds the private key and issues the signature.
-
- Per-recipient identity verification by an accredited TSP
- Legally equivalent to a handwritten signature within the EU (QES)
- Requires an [Enterprise Edition](/docs/policies/enterprise-edition) license
- Instance-wide setting; one CSC provider per Documenso install
-
-See [CSC (AES / QES)](/docs/self-hosting/configuration/signing-certificate/csc-qes) for setup instructions.
-
 </Tab>
 </Tabs>

@@ -1,4 +1,4 @@
 {
  "title": "Signing Certificate",
-  "pages": ["...index", "local", "google-cloud-hsm", "csc-qes", "timestamp-server", "troubleshooting"]
+  "pages": ["...index", "local", "google-cloud-hsm", "timestamp-server", "troubleshooting"]
 }
@@ -1,6 +1,6 @@
 ---
 title: Storage Configuration
-description: Configure file storage for uploaded documents and signed PDFs using database storage (default), S3-compatible object storage, or Azure Blob Storage.
+description: Configure file storage for uploaded documents and signed PDFs using database storage (default) or S3-compatible object storage.
 ---

 import { Accordion, Accordions } from 'fumadocs-ui/components/accordion';
@@ -10,11 +10,10 @@ import { Tab, Tabs } from 'fumadocs-ui/components/tabs';

 ## Storage Options

-| Backend      | Best For                                | Scalability | Configuration |
-| ------------ | --------------------------------------- | ----------- | ------------- |
-| `database`   | Small deployments, simplicity           | Limited     | None required |
-| `s3`         | Production, large files, backups        | High        | Required      |
-| `azure-blob` | Production on Azure, native Blob access | High        | Required      |
+| Backend    | Best For                         | Scalability | Configuration |
+| ---------- | -------------------------------- | ----------- | ------------- |
+| `database` | Small deployments, simplicity    | Limited     | None required |
+| `s3`       | Production, large files, backups | High        | Required      |

 Select the storage backend with the `NEXT_PUBLIC_UPLOAD_TRANSPORT` environment variable:

@@ -24,9 +23,6 @@ NEXT_PUBLIC_UPLOAD_TRANSPORT=database

 # S3-compatible storage
 NEXT_PUBLIC_UPLOAD_TRANSPORT=s3
-
-# Azure Blob Storage (native)
-NEXT_PUBLIC_UPLOAD_TRANSPORT=azure-blob
 ```

 ---
@@ -287,111 +283,6 @@ NEXT_PRIVATE_UPLOAD_REGION=us-east-1

 ---

-## Azure Blob Storage
-
-Azure Blob Storage is supported as a native transport (not S3-compatible). Documenso uses the official `@azure/storage-blob` SDK and signs SAS URLs with the Storage Account key for browser uploads and downloads.
-
-### Required Variables
-
-| Variable                                | Description                                       |
-| --------------------------------------- | ------------------------------------------------- |
-| `NEXT_PUBLIC_UPLOAD_TRANSPORT`          | Set to `azure-blob`                               |
-| `NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_NAME` | Azure Storage Account name                        |
-| `NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_KEY`  | Azure Storage Account access key                  |
-| `NEXT_PRIVATE_UPLOAD_AZURE_CONTAINER`    | Container name where uploads are stored          |
-
-### Optional Variables
-
-| Variable                            | Description                                                                                                                  | Default                                       |
-| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- |
-| `NEXT_PRIVATE_UPLOAD_AZURE_ENDPOINT` | Custom Blob endpoint URL. Useful for local development against Azurite (for example `http://127.0.0.1:10000`).               | `https://<account>.blob.core.windows.net`     |
-
-### Azure Setup
-
-{/* prettier-ignore */}
-<Steps>
-<Step>
-### Create a Storage Account and Container
-
-Create a Storage Account in the Azure Portal or via the Azure CLI, then create a container inside it:
-
-```bash
-az storage account create \
-  --name yourstorageaccount \
-  --resource-group your-rg \
-  --location eastus \
-  --sku Standard_LRS
-
-az storage container create \
-  --name documenso-documents \
-  --account-name yourstorageaccount
-```
-
-</Step>
-<Step>
-### Configure CORS on the container
-
-The browser uploads documents directly to Azure Blob using a SAS URL, and downloads them the same way, so the Storage Account needs CORS rules that allow your application origin:
-
-```bash
-az storage cors add \
-  --services b \
-  --methods GET PUT \
-  --origins https://your-documenso-domain.com \
-  --allowed-headers "Content-Type" "x-ms-blob-type" "Authorization" \
-  --exposed-headers "*" \
-  --max-age 3600 \
-  --account-name yourstorageaccount
-```
-
-</Step>
-<Step>
-### Configure Environment Variables
-
-```bash
-NEXT_PUBLIC_UPLOAD_TRANSPORT=azure-blob
-NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_NAME=yourstorageaccount
-NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_KEY=your-account-key
-NEXT_PRIVATE_UPLOAD_AZURE_CONTAINER=documenso-documents
-```
-
-</Step>
-</Steps>
-
-### Local Development with Azurite
-
-Azurite is the official Azure Storage emulator. It supports the Blob REST API with account-key authentication.
-
-```bash
-docker run -d --name azurite \
-  -p 10000:10000 -p 10001:10001 -p 10002:10002 \
-  mcr.microsoft.com/azure-storage/azurite
-```
-
-Create the container against the well-known development account:
-
-```bash
-az storage container create \
-  --name documenso-documents \
-  --connection-string "DefaultEndpointsProtocol=http;AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;BlobEndpoint=http://127.0.0.1:10000/devstoreaccount1;"
-```
-
-Configure environment variables to point at the emulator:
-
-```bash
-NEXT_PUBLIC_UPLOAD_TRANSPORT=azure-blob
-NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_NAME=devstoreaccount1
-NEXT_PRIVATE_UPLOAD_AZURE_ACCOUNT_KEY=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==
-NEXT_PRIVATE_UPLOAD_AZURE_CONTAINER=documenso-documents
-NEXT_PRIVATE_UPLOAD_AZURE_ENDPOINT=http://127.0.0.1:10000
-```
-
-<Callout type="info">
-  The Azurite key shown above is the public well-known development key, published by Microsoft for emulator use. Never reuse it in production.
-</Callout>
-
---
-
 ## CloudFront CDN (Optional)

 Use Amazon CloudFront to serve documents with lower latency and reduced S3 costs. CloudFront integration uses signed URLs for secure access.
@@ -235,7 +235,7 @@ spec:
 ```

 <Callout type="info">
-  Pin to a specific image tag (e.g., `documenso/documenso:<version>`) in production instead of `latest`
+  Pin to a specific image tag (e.g., `documenso/documenso:1.5.0`) in production instead of `latest`
  to ensure predictable deployments.
 </Callout>

@@ -14,8 +14,8 @@ import { Step, Steps } from 'fumadocs-ui/components/steps';

 ## Prerequisites

- Node.js 22 or later
- npm 11 or later
+- Node.js 20 or later
+- npm
 - PostgreSQL 14 or later
 - A Linux server (for systemd service setup)

@@ -24,7 +24,7 @@ Before deploying, you need:

 The fastest way to deploy Documenso on Railway is using the official template:

-[![Deploy on Railway](https://railway.com/button.svg)](https://railway.com/deploy/DjrRRX?referralCode=EZR3s0&utm_medium=integration&utm_source=template&utm_campaign=generic)
+[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/bG6D4p)

 This template automatically provisions:

@@ -124,16 +124,12 @@ docker compose -f docker/development/compose.yml exec database \

 The quick start setup runs the following containers:

-| Container   | Purpose                              | Port                          |
-| ----------- | ------------------------------------ | ----------------------------- |
-| `documenso` | Main application                     | 3000                          |
-| `database`  | PostgreSQL database                  | 54320                         |
-| `inbucket`  | Local email testing server           | 9000 (web UI), 2500 (SMTP)    |
-| `redis`     | Cache and background job queue       | 63790                         |
-| `minio`     | S3-compatible storage                | 9002 (API), 9001 (console)    |
-| `gotenberg` | Document conversion (optional)       | 3005                          |
-
-The local email server is [Inbucket](https://www.inbucket.org/). Open its web UI at [http://localhost:9000](http://localhost:9000) to view emails Documenso sends during development. For your own deployment you can use any SMTP-compatible mailserver, such as Inbucket, [Mailpit](https://github.com/axllent/mailpit), or [Mailhog](https://github.com/mailhog/MailHog).
+| Container   | Purpose                          | Port  |
+| ----------- | -------------------------------- | ----- |
+| `documenso` | Main application                 | 3000  |
+| `database`  | PostgreSQL database              | 54320 |
+| `maildev`   | Local email testing server       | 2500  |
+| `minio`     | S3-compatible storage (optional) | 9000  |

 ## Useful Commands

@@ -141,8 +141,8 @@ If building from source (not using Docker images):

 | Requirement | Version |
 | ----------- | ------- |
-| Node.js     | 22+     |
-| npm         | 11+     |
+| Node.js     | 18+     |
+| npm         | 8+      |

 ---

@@ -169,7 +169,7 @@ Documenso runs on:
 | MySQL/MariaDB  | PostgreSQL-specific features required |
 | SQLite         | Not suitable for production workloads |
 | MongoDB        | Relational database required          |
-| Node.js < 22   | Modern JavaScript features required   |
+| Node.js < 18   | Modern JavaScript features required   |

 ---

@@ -92,7 +92,7 @@ Use a specific version tag in production:

 ```bash
 # Good — predictable, reproducible
-docker pull documenso/documenso:<version>
+docker pull documenso/documenso:1.8.0

 # Risky — may pull breaking changes
 docker pull documenso/documenso:latest
@@ -27,14 +27,6 @@ import { Callout } from 'fumadocs-ui/components/callout';
  Please see all the [requirements](/docs/self-hosting/getting-started/requirements) before proceeding.
 </Callout>

-<Callout type="warn">
-  **You are responsible for your own network security.** Documenso applies best-effort, non-exhaustive
-  checks to outbound requests such as webhooks, but these are not a complete SSRF mitigation and they
-  fail open. A self-hosted instance can reach internal addresses on your network. Restricting outbound
-  traffic, egress filtering, and blocking access to internal services and cloud metadata endpoints is
-  your responsibility through your firewall and network configuration.
-</Callout>
-
 ---

 ## Deployment Options
@@ -165,10 +165,10 @@ See [Backups](/docs/self-hosting/maintenance/backups) for automated backup strat
 ### Pull the new image

 ```bash
-docker pull documenso/documenso:<version>
+docker pull documenso/documenso:1.6.0
 ```

-Replace `<version>` with your target version.
+Replace `1.6.0` with your target version.

 </Step>
 <Step>
@@ -189,7 +189,7 @@ docker run -d \
  -p 3000:3000 \
  --env-file .env \
  -v /path/to/cert.p12:/opt/documenso/cert.p12:ro \
-  documenso/documenso:<version>
+  documenso/documenso:1.6.0
 ```

 </Step>
@@ -223,14 +223,14 @@ Edit `compose.yml` or your `.env` file to specify the new version:
 ```yaml
 services:
  documenso:
-    image: documenso/documenso:<version>
+    image: documenso/documenso:1.6.0
 ```

 Or if using environment variable substitution:

 ```bash
 # In .env
-DOCUMENSO_VERSION=<version>
+DOCUMENSO_VERSION=1.6.0
 ```

 ```yaml
@@ -283,7 +283,7 @@ Edit the deployment directly:

 ```bash
 kubectl set image deployment/documenso \
-  documenso=documenso/documenso:<version> \
+  documenso=documenso/documenso:1.6.0 \
  -n documenso
 ```

@@ -295,7 +295,7 @@ spec:
    spec:
      containers:
        - name: documenso
-          image: documenso/documenso:<version>
+          image: documenso/documenso:1.6.0
 ```

 Then apply:
@@ -421,12 +421,12 @@ To run migrations manually before upgrading:

 ```bash
 # Pull the new image
-docker pull documenso/documenso:<version>
+docker pull documenso/documenso:1.6.0

 # Run migrations only
 docker run --rm \
  -e NEXT_PRIVATE_DATABASE_URL="postgresql://user:password@host:5432/documenso" \
-  documenso/documenso:<version> \
+  documenso/documenso:1.6.0 \
  npx prisma migrate deploy
 ```

@@ -516,7 +516,7 @@ docker run -d \
  -p 3000:3000 \
  --env-file .env \
  -v /path/to/cert.p12:/opt/documenso/cert.p12:ro \
-  documenso/documenso:<previous-version>
+  documenso/documenso:1.5.0
 ```

 </Tab>
@@ -39,11 +39,7 @@ Navigate to [documen.so/free](https://documen.so/free) to create a free account.

 Provide your name, email address, and create a password. Alternatively, sign up with Google for faster access.

-<img 
-  src="/get-started-images/documenso-registration-form.webp" 
-  alt="Documenso registration form with name, email, and password fields"
-  style={{width: '500px', height: '650px', objectFit: 'contain' }}
-/>
+{/* TODO: Add screenshot of registration form */}

 </Step>

@@ -7,14 +7,14 @@ import { Callout } from 'fumadocs-ui/components/callout';
 import { Step, Steps } from 'fumadocs-ui/components/steps';

 <Callout type="error">
-  Account deletion is permanent and irreversible. Your account, signatures, and personal data will be
-  permanently removed, and any active subscription will be cancelled. How your organisations and
-  documents are handled is explained below.
+  Account deletion is permanent and irreversible. All documents, signatures, templates, and account
+  data will be permanently removed. Any active subscription will be cancelled.
 </Callout>

 ## Before Deleting

 - Download any documents you need to keep
+- Cancel any active subscriptions
 - Disable two-factor authentication (required before deletion)

 ## Delete Your Account
@@ -36,31 +36,6 @@ import { Step, Steps } from 'fumadocs-ui/components/steps';
  If you have two-factor authentication enabled, you must disable it before deleting your account.
 </Callout>

-## What Happens to Your Organisations
-
-When you delete your account, the organisations you **own** are permanently deleted along with all of
-their teams. If an owned organisation has an active subscription, it is scheduled for cancellation at
-the end of the current billing period.
-
-Organisations that you are only a **member** of are not deleted. You are simply removed from them, and
-the organisation continues to operate as normal.
-
-## What Happens to Your Documents
-
-The way your documents and templates are handled depends on whether you owned the organisation they
-belong to:
-
- **Organisations you owned** — Completed and in-progress documents are retained in an anonymized form
-  (reassigned to an internal system account) so the other parties keep their records. Draft documents
-  and templates are permanently removed.
- **Organisations you were a member of** — Your documents and templates are transferred to the
-  organisation owner, so they remain accessible to the organisation after you leave.
-
-<Callout type="warn">
-  Documents that are retained in anonymized form are no longer associated with your account and cannot
-  be recovered or accessed by you after deletion. Download anything you need to keep beforehand.
-</Callout>
-
 ---

 ## See Also
@@ -16,7 +16,7 @@
    "fumadocs-ui": "16.5.0",
    "lucide-react": "^0.563.0",
    "mermaid": "^11.12.2",
-    "next": "16.2.6",
+    "next": "16.2.4",
    "next-plausible": "^3.12.5",
    "next-themes": "^0.4.6",
    "react": "^19.2.4",
@@ -29,7 +29,7 @@
    "@types/node": "^25.1.0",
    "@types/react": "^19.2.10",
    "@types/react-dom": "^19.2.3",
-    "postcss": "^8.5.14",
+    "postcss": "^8.5.6",
    "tailwindcss": "^4.1.18",
    "typescript": "^5.9.3"
  }
@@ -12,7 +12,7 @@
  "dependencies": {
    "@documenso/prisma": "*",
    "luxon": "^3.7.2",
-    "next": "16.2.6"
+    "next": "16.2.4"
  },
  "devDependencies": {
    "@types/node": "^20",
@@ -73,12 +73,5 @@ if [ -z "$NEXT_PRIVATE_STRIPE_WEBHOOK_SECRET" ]; then
  echo "╚═════════════════════════════════════════════════════════════════════╝"
 fi

-NEXT_PUBLIC_WEBAPP_URL=$(load_env_var "NEXT_PUBLIC_WEBAPP_URL")
-
-if [ -z "$NEXT_PUBLIC_WEBAPP_URL" ]; then
-  NEXT_PUBLIC_WEBAPP_URL="http://localhost:3000"
-  echo "[INFO]: NEXT_PUBLIC_WEBAPP_URL not set, defaulting to $NEXT_PUBLIC_WEBAPP_URL"
-fi
-
 echo "[INFO]: Starting Stripe webhook listener..."
-stripe listen --api-key "$NEXT_PRIVATE_STRIPE_API_KEY" --forward-to "$NEXT_PUBLIC_WEBAPP_URL/api/stripe/webhook"
+stripe listen --api-key "$NEXT_PRIVATE_STRIPE_API_KEY" --forward-to http://localhost:3000/api/stripe/webhook
@@ -0,0 +1,22 @@
+FROM node:20-alpine AS development-dependencies-env
+COPY . /app
+WORKDIR /app
+RUN npm ci
+
+FROM node:20-alpine AS production-dependencies-env
+COPY ./package.json package-lock.json /app/
+WORKDIR /app
+RUN npm ci --omit=dev
+
+FROM node:20-alpine AS build-env
+COPY . /app/
+COPY --from=development-dependencies-env /app/node_modules /app/node_modules
+WORKDIR /app
+RUN npm run build
+
+FROM node:20-alpine
+COPY ./package.json package-lock.json /app/
+COPY --from=production-dependencies-env /app/node_modules /app/node_modules
+COPY --from=build-env /app/build /app/build
+WORKDIR /app
+CMD ["npm", "run", "start"]
@@ -1,14 +1,100 @@
-# @documenso/remix
+# Welcome to React Router!

-The main Documenso web application. Built with [React Router v7](https://reactrouter.com/) and served by a [Hono](https://hono.dev/) server.
+A modern, production-ready template for building full-stack React applications using React Router.

-This package is part of the Documenso monorepo and is not meant to be run standalone. Use the root scripts instead.
+[![Open in StackBlitz](https://developer.stackblitz.com/img/open_in_stackblitz.svg)](https://stackblitz.com/github/remix-run/react-router-templates/tree/main/default)

- Local development: see the [root README](../../README.md) and the [Local Development docs](https://docs.documenso.com/docs/developers/local-development).
- Self-hosting and deployment: see the [Self-Hosting docs](https://docs.documenso.com/docs/self-hosting).
- Architecture overview: see [ARCHITECTURE.md](../../ARCHITECTURE.md).
+## Features
+
+- 🚀 Server-side rendering
+- ⚡️ Hot Module Replacement (HMR)
+- 📦 Asset bundling and optimization
+- 🔄 Data loading and mutations
+- 🔒 TypeScript by default
+- 🎉 TailwindCSS for styling
+- 📖 [React Router docs](https://reactrouter.com/)
+
+## Getting Started
+
+### Installation
+
+Install the dependencies:
+
+```bash
+npm install
+```
+
+### Development
+
+Start the development server with HMR:

 ```bash
-# From the monorepo root
 npm run dev
 ```
+
+Your application will be available at `http://localhost:5173`.
+
+## Building for Production
+
+Create a production build:
+
+```bash
+npm run build
+```
+
+## Deployment
+
+### Docker Deployment
+
+This template includes three Dockerfiles optimized for different package managers:
+
+- `Dockerfile` - for npm
+- `Dockerfile.pnpm` - for pnpm
+- `Dockerfile.bun` - for bun
+
+To build and run using Docker:
+
+```bash
+# For npm
+docker build -t my-app .
+
+# For pnpm
+docker build -f Dockerfile.pnpm -t my-app .
+
+# For bun
+docker build -f Dockerfile.bun -t my-app .
+
+# Run the container
+docker run -p 3000:3000 my-app
+```
+
+The containerized application can be deployed to any platform that supports Docker, including:
+
+- AWS ECS
+- Google Cloud Run
+- Azure Container Apps
+- Digital Ocean App Platform
+- Fly.io
+- Railway
+
+### DIY Deployment
+
+If you're familiar with deploying Node applications, the built-in app server is production-ready.
+
+Make sure to deploy the output of `npm run build`
+
+```
+├── package.json
+├── package-lock.json (or pnpm-lock.yaml, or bun.lockb)
+├── build/
+│   ├── client/    # Static assets
+│   └── server/    # Server-side code
+```
+
+## Styling
+
+This template comes with [Tailwind CSS](https://tailwindcss.com/) already configured for a simple default starting experience. You can use whatever CSS framework you prefer.
+
+---
+
+Built with ❤️ using React Router.
@@ -1,155 +0,0 @@
-import { AppError } from '@documenso/lib/errors/app-error';
-import { trpc } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import { Checkbox } from '@documenso/ui/primitives/checkbox';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { Form, FormControl, FormField, FormItem } from '@documenso/ui/primitives/form/form';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useEffect, useState } from 'react';
-import { useForm } from 'react-hook-form';
-import { useNavigate } from 'react-router';
-import { z } from 'zod';
-
-export type AdminOrganisationSyncSubscriptionDialogProps = {
-  organisationId: string;
-  trigger?: React.ReactNode;
-};
-
-const ZAdminOrganisationSyncSubscriptionFormSchema = z.object({
-  syncClaims: z.boolean(),
-});
-
-type TAdminOrganisationSyncSubscriptionFormSchema = z.infer<typeof ZAdminOrganisationSyncSubscriptionFormSchema>;
-
-export const AdminOrganisationSyncSubscriptionDialog = ({
-  organisationId,
-  trigger,
-}: AdminOrganisationSyncSubscriptionDialogProps) => {
-  const [open, setOpen] = useState(false);
-
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const navigate = useNavigate();
-
-  const form = useForm<TAdminOrganisationSyncSubscriptionFormSchema>({
-    resolver: zodResolver(ZAdminOrganisationSyncSubscriptionFormSchema),
-    defaultValues: {
-      syncClaims: false,
-    },
-  });
-
-  const { mutateAsync: syncSubscription } = trpc.admin.organisation.subscription.sync.useMutation();
-
-  const onFormSubmit = async (values: TAdminOrganisationSyncSubscriptionFormSchema) => {
-    try {
-      await syncSubscription({
-        organisationId,
-        syncClaims: values.syncClaims,
-      });
-
-      toast({
-        title: t`Subscription synced`,
-        description: t`The organisation subscription has been synced with Stripe.`,
-        duration: 5000,
-      });
-
-      await navigate(0);
-
-      setOpen(false);
-    } catch (err) {
-      const error = AppError.parseError(err);
-
-      console.error(error);
-
-      toast({
-        title: t`Failed to sync subscription`,
-        description: error.message,
-        variant: 'destructive',
-        duration: 10000,
-      });
-    }
-  };
-
-  useEffect(() => {
-    if (!open) {
-      form.reset();
-    }
-  }, [open, form]);
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !form.formState.isSubmitting && setOpen(value)}>
-      <DialogTrigger asChild>
-        {trigger ?? (
-          <Button variant="outline">
-            <Trans>Sync Stripe subscription</Trans>
-          </Button>
-        )}
-      </DialogTrigger>
-
-      <DialogContent position="center">
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Sync Stripe subscription</Trans>
-          </DialogTitle>
-
-          <DialogDescription>
-            <Trans>Fetch the latest subscription data from Stripe and apply it to this organisation.</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <Form {...form}>
-          <form onSubmit={form.handleSubmit(onFormSubmit)}>
-            <fieldset className="flex h-full flex-col space-y-4" disabled={form.formState.isSubmitting}>
-              <FormField
-                control={form.control}
-                name="syncClaims"
-                render={({ field }) => (
-                  <FormItem className="flex flex-row items-center space-x-3 space-y-0">
-                    <FormControl>
-                      <Checkbox
-                        id="admin-sync-subscription-sync-claims"
-                        checked={field.value}
-                        onCheckedChange={field.onChange}
-                      />
-                    </FormControl>
-
-                    <label
-                      htmlFor="admin-sync-subscription-sync-claims"
-                      className="font-normal text-muted-foreground text-sm leading-snug"
-                    >
-                      <Trans>
-                        Sync claims. This will overwrite the current claim with the one resolved from the Stripe
-                        subscription.
-                      </Trans>
-                    </label>
-                  </FormItem>
-                )}
-              />
-
-              <DialogFooter>
-                <Button type="button" variant="secondary" onClick={() => setOpen(false)}>
-                  <Trans>Cancel</Trans>
-                </Button>
-
-                <Button type="submit" loading={form.formState.isSubmitting}>
-                  <Trans>Sync</Trans>
-                </Button>
-              </DialogFooter>
-            </fieldset>
-          </form>
-        </Form>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -67,7 +67,7 @@ export const AdminSwapSubscriptionDialog = ({

  const selectedOrg = eligibleOrgs.find((org) => org.id === selectedOrgId);

-  const { mutateAsync: swapSubscription } = trpc.admin.organisation.subscription.swap.useMutation();
+  const { mutateAsync: swapSubscription } = trpc.admin.organisation.swapSubscription.useMutation();

  const onSubmit = async () => {
    if (!selectedOrgId) {
@@ -1,152 +0,0 @@
-import { AppError } from '@documenso/lib/errors/app-error';
-import { trpc } from '@documenso/trpc/react';
-import { ZCreateUserRequestSchema } from '@documenso/trpc/server/admin-router/create-user.types';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from '@documenso/ui/primitives/form/form';
-import { Input } from '@documenso/ui/primitives/input';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { Trans, useLingui } from '@lingui/react/macro';
-import type * as DialogPrimitive from '@radix-ui/react-dialog';
-import { useEffect, useState } from 'react';
-import { useForm } from 'react-hook-form';
-import { useNavigate } from 'react-router';
-import type { z } from 'zod';
-
-export type AdminUserCreateDialogProps = {
-  trigger?: React.ReactNode;
-} & Omit<DialogPrimitive.DialogProps, 'children'>;
-
-const ZFormSchema = ZCreateUserRequestSchema;
-
-type TFormSchema = z.infer<typeof ZFormSchema>;
-
-export const AdminUserCreateDialog = ({ trigger, ...props }: AdminUserCreateDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const [open, setOpen] = useState(false);
-
-  const navigate = useNavigate();
-
-  const form = useForm<TFormSchema>({
-    resolver: zodResolver(ZFormSchema),
-    defaultValues: {
-      email: '',
-      name: '',
-    },
-  });
-
-  const { mutateAsync: createUser } = trpc.admin.user.create.useMutation();
-
-  const onFormSubmit = async (data: TFormSchema) => {
-    try {
-      const result = await createUser(data);
-
-      await navigate(`/admin/users/${result.userId}`);
-
-      setOpen(false);
-
-      toast({
-        title: t`Success`,
-        description: t`User created and welcome email sent`,
-        duration: 5000,
-      });
-    } catch (err) {
-      const error = AppError.parseError(err);
-
-      console.error(error);
-
-      toast({
-        title: t`An error occurred`,
-        description: error.message || t`We encountered an error while creating the user. Please try again later.`,
-        variant: 'destructive',
-      });
-    }
-  };
-
-  useEffect(() => {
-    form.reset();
-  }, [open, form]);
-
-  return (
-    <Dialog {...props} open={open} onOpenChange={(value) => !form.formState.isSubmitting && setOpen(value)}>
-      <DialogTrigger onClick={(e) => e.stopPropagation()} asChild={true}>
-        {trigger ?? (
-          <Button className="flex-shrink-0" variant="secondary">
-            <Trans>Create User</Trans>
-          </Button>
-        )}
-      </DialogTrigger>
-
-      <DialogContent position="center">
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Create User</Trans>
-          </DialogTitle>
-
-          <DialogDescription>
-            <Trans>Create a new user. A welcome email will be sent with a link to set their password.</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <Form {...form}>
-          <form onSubmit={form.handleSubmit(onFormSubmit)}>
-            <fieldset className="flex h-full flex-col space-y-4" disabled={form.formState.isSubmitting}>
-              <FormField
-                control={form.control}
-                name="email"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel required>
-                      <Trans>Email</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input {...field} type="email" />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              <FormField
-                control={form.control}
-                name="name"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel required>
-                      <Trans>Name</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input {...field} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              <DialogFooter>
-                <Button type="button" variant="secondary" onClick={() => setOpen(false)}>
-                  <Trans>Cancel</Trans>
-                </Button>
-
-                <Button type="submit" data-testid="dialog-create-user-button" loading={form.formState.isSubmitting}>
-                  <Trans>Create</Trans>
-                </Button>
-              </DialogFooter>
-            </fieldset>
-          </form>
-        </Form>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -2,7 +2,6 @@ import type { TLicenseClaim } from '@documenso/lib/types/license';
 import { trpc } from '@documenso/trpc/react';
 import type { TFindSubscriptionClaimsResponse } from '@documenso/trpc/server/admin-router/find-subscription-claims.types';
 import { Button } from '@documenso/ui/primitives/button';
-import { Checkbox } from '@documenso/ui/primitives/checkbox';
 import {
  Dialog,
  DialogContent,
@@ -29,7 +28,6 @@ export const ClaimUpdateDialog = ({ claim, trigger, licenseFlags }: ClaimUpdateD
  const { toast } = useToast();

  const [open, setOpen] = useState(false);
-  const [backportEmailTransport, setBackportEmailTransport] = useState(false);

  const { mutateAsync: updateClaim, isPending } = trpc.admin.claims.update.useMutation({
    onSuccess: () => {
@@ -69,33 +67,19 @@ export const ClaimUpdateDialog = ({ claim, trigger, licenseFlags }: ClaimUpdateD
            await updateClaim({
              id: claim.id,
              data,
-              backportEmailTransport,
            })
          }
          licenseFlags={licenseFlags}
          formSubmitTrigger={
-            <>
-              <div className="flex items-center space-x-2">
-                <Checkbox
-                  id="backport-email-transport"
-                  checked={backportEmailTransport}
-                  onCheckedChange={(checked) => setBackportEmailTransport(checked === true)}
-                />
-                <label htmlFor="backport-email-transport" className="text-muted-foreground text-sm">
-                  <Trans>Backport email transport</Trans>
-                </label>
-              </div>
+            <DialogFooter>
+              <Button type="button" variant="outline" onClick={() => setOpen(false)} disabled={isPending}>
+                <Trans>Cancel</Trans>
+              </Button>

-              <DialogFooter>
-                <Button type="button" variant="outline" onClick={() => setOpen(false)} disabled={isPending}>
-                  <Trans>Cancel</Trans>
-                </Button>
-
-                <Button type="submit" loading={isPending}>
-                  <Trans>Update Claim</Trans>
-                </Button>
-              </DialogFooter>
-            </>
+              <Button type="submit" loading={isPending}>
+                <Trans>Update Claim</Trans>
+              </Button>
+            </DialogFooter>
          }
        />
      </DialogContent>
@@ -0,0 +1,243 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { FolderType } from '@documenso/lib/types/folder-type';
+import { formatDocumentsPath } from '@documenso/lib/utils/teams';
+import { trpc } from '@documenso/trpc/react';
+import { Button } from '@documenso/ui/primitives/button';
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from '@documenso/ui/primitives/dialog';
+import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from '@documenso/ui/primitives/form/form';
+import { Input } from '@documenso/ui/primitives/input';
+import { useToast } from '@documenso/ui/primitives/use-toast';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { msg } from '@lingui/core/macro';
+import { useLingui } from '@lingui/react';
+import { Trans } from '@lingui/react/macro';
+import type * as DialogPrimitive from '@radix-ui/react-dialog';
+import { FolderIcon, HomeIcon, Loader2, Search } from 'lucide-react';
+import { useEffect, useState } from 'react';
+import { useForm } from 'react-hook-form';
+import { useNavigate } from 'react-router';
+import { z } from 'zod';
+
+import { useCurrentTeam } from '~/providers/team';
+
+export type DocumentMoveToFolderDialogProps = {
+  documentId: number;
+  open: boolean;
+  onOpenChange: (open: boolean) => void;
+  currentFolderId?: string;
+} & Omit<DialogPrimitive.DialogProps, 'children'>;
+
+const ZMoveDocumentFormSchema = z.object({
+  folderId: z.string().nullable().optional(),
+});
+
+type TMoveDocumentFormSchema = z.infer<typeof ZMoveDocumentFormSchema>;
+
+export const DocumentMoveToFolderDialog = ({
+  documentId,
+  open,
+  onOpenChange,
+  currentFolderId,
+  ...props
+}: DocumentMoveToFolderDialogProps) => {
+  const { _ } = useLingui();
+  const { toast } = useToast();
+
+  const navigate = useNavigate();
+  const team = useCurrentTeam();
+
+  const [searchTerm, setSearchTerm] = useState('');
+
+  const form = useForm<TMoveDocumentFormSchema>({
+    resolver: zodResolver(ZMoveDocumentFormSchema),
+    defaultValues: {
+      folderId: currentFolderId,
+    },
+  });
+
+  const { data: folders, isLoading: isFoldersLoading } = trpc.folder.findFoldersInternal.useQuery(
+    {
+      parentId: currentFolderId,
+      type: FolderType.DOCUMENT,
+    },
+    {
+      enabled: open,
+    },
+  );
+
+  const { mutateAsync: updateDocument } = trpc.document.update.useMutation();
+
+  useEffect(() => {
+    if (!open) {
+      form.reset();
+      setSearchTerm('');
+    } else {
+      form.reset({ folderId: currentFolderId });
+    }
+  }, [open, currentFolderId, form]);
+
+  const onSubmit = async (data: TMoveDocumentFormSchema) => {
+    try {
+      await updateDocument({
+        documentId,
+        data: {
+          folderId: data.folderId ?? null,
+        },
+      });
+
+      const documentsPath = formatDocumentsPath(team.url);
+
+      if (data.folderId) {
+        await navigate(`${documentsPath}/f/${data.folderId}`);
+      } else {
+        await navigate(documentsPath);
+      }
+
+      toast({
+        title: _(msg`Document moved`),
+        description: _(msg`The document has been moved successfully.`),
+        variant: 'default',
+      });
+
+      onOpenChange(false);
+    } catch (err) {
+      const error = AppError.parseError(err);
+
+      if (error.code === AppErrorCode.NOT_FOUND) {
+        toast({
+          title: _(msg`Error`),
+          description: _(msg`The folder you are trying to move the document to does not exist.`),
+          variant: 'destructive',
+        });
+
+        return;
+      }
+
+      if (error.code === AppErrorCode.UNAUTHORIZED) {
+        toast({
+          title: _(msg`Error`),
+          description: _(msg`You are not allowed to move this document.`),
+          variant: 'destructive',
+        });
+
+        return;
+      }
+
+      toast({
+        title: _(msg`Error`),
+        description: _(msg`An error occurred while moving the document.`),
+        variant: 'destructive',
+      });
+    }
+  };
+
+  const filteredFolders = folders?.data.filter((folder) =>
+    folder.name.toLowerCase().includes(searchTerm.toLowerCase()),
+  );
+
+  return (
+    <Dialog {...props} open={open} onOpenChange={onOpenChange}>
+      <DialogContent>
+        <DialogHeader>
+          <DialogTitle>
+            <Trans>Move Document to Folder</Trans>
+          </DialogTitle>
+
+          <DialogDescription>
+            <Trans>Select a folder to move this document to.</Trans>
+          </DialogDescription>
+        </DialogHeader>
+
+        <div className="relative">
+          <Search className="absolute top-3 left-2 h-4 w-4 text-muted-foreground" />
+          <Input
+            placeholder={_(msg`Search folders...`)}
+            value={searchTerm}
+            onChange={(e) => setSearchTerm(e.target.value)}
+            className="pl-8"
+          />
+        </div>
+
+        <Form {...form}>
+          <form onSubmit={form.handleSubmit(onSubmit)} className="flex flex-col gap-y-4">
+            <FormField
+              control={form.control}
+              name="folderId"
+              render={({ field }) => (
+                <FormItem>
+                  <FormLabel>
+                    <Trans>Folder</Trans>
+                  </FormLabel>
+
+                  <FormControl>
+                    <div className="max-h-96 space-y-2 overflow-y-auto">
+                      {isFoldersLoading ? (
+                        <div className="flex h-10 items-center justify-center">
+                          <Loader2 className="h-4 w-4 animate-spin" />
+                        </div>
+                      ) : (
+                        <>
+                          <Button
+                            type="button"
+                            variant={field.value === null ? 'default' : 'outline'}
+                            className="w-full justify-start"
+                            onClick={() => field.onChange(null)}
+                            disabled={currentFolderId === null}
+                          >
+                            <HomeIcon className="mr-2 h-4 w-4" />
+                            <Trans>Home (No Folder)</Trans>
+                          </Button>
+
+                          {filteredFolders?.map((folder) => (
+                            <Button
+                              key={folder.id}
+                              type="button"
+                              variant={field.value === folder.id ? 'default' : 'outline'}
+                              className="w-full justify-start"
+                              onClick={() => field.onChange(folder.id)}
+                              disabled={currentFolderId === folder.id}
+                            >
+                              <FolderIcon className="mr-2 h-4 w-4" />
+                              {folder.name}
+                            </Button>
+                          ))}
+
+                          {searchTerm && filteredFolders?.length === 0 && (
+                            <div className="px-2 py-2 text-center text-muted-foreground text-sm">
+                              <Trans>No folders found</Trans>
+                            </div>
+                          )}
+                        </>
+                      )}
+                    </div>
+                  </FormControl>
+                  <FormMessage />
+                </FormItem>
+              )}
+            />
+
+            <DialogFooter>
+              <Button type="button" variant="secondary" onClick={() => onOpenChange(false)}>
+                <Trans>Cancel</Trans>
+              </Button>
+
+              <Button
+                type="submit"
+                disabled={isFoldersLoading || form.formState.isSubmitting || currentFolderId === null}
+              >
+                <Trans>Move</Trans>
+              </Button>
+            </DialogFooter>
+          </form>
+        </Form>
+      </DialogContent>
+    </Dialog>
+  );
+};
@@ -0,0 +1,198 @@
+import { useSession } from '@documenso/lib/client-only/providers/session';
+import { getRecipientType } from '@documenso/lib/client-only/recipient-type';
+import type { TRecipientLite } from '@documenso/lib/types/recipient';
+import { recipientAbbreviation } from '@documenso/lib/utils/recipient-formatter';
+import type { Document } from '@documenso/prisma/types/document-legacy-schema';
+import { trpc as trpcReact } from '@documenso/trpc/react';
+import { cn } from '@documenso/ui/lib/utils';
+import { Button } from '@documenso/ui/primitives/button';
+import { Checkbox } from '@documenso/ui/primitives/checkbox';
+import {
+  Dialog,
+  DialogClose,
+  DialogContent,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+  DialogTrigger,
+} from '@documenso/ui/primitives/dialog';
+import { DropdownMenuItem } from '@documenso/ui/primitives/dropdown-menu';
+import { Form, FormControl, FormField, FormItem, FormLabel } from '@documenso/ui/primitives/form/form';
+import { useToast } from '@documenso/ui/primitives/use-toast';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { msg } from '@lingui/core/macro';
+import { useLingui } from '@lingui/react';
+import { Trans } from '@lingui/react/macro';
+import { SigningStatus, type Team, type User } from '@prisma/client';
+import { History } from 'lucide-react';
+import { useState } from 'react';
+import { useForm, useWatch } from 'react-hook-form';
+import * as z from 'zod';
+
+import { useCurrentTeam } from '~/providers/team';
+
+import { StackAvatar } from '../general/stack-avatar';
+
+const FORM_ID = 'resend-email';
+
+export type DocumentResendDialogProps = {
+  document: Pick<Document, 'id' | 'userId' | 'teamId' | 'status'> & {
+    user: Pick<User, 'id' | 'name' | 'email'>;
+    recipients: TRecipientLite[];
+    team: Pick<Team, 'id' | 'url'> | null;
+  };
+  recipients: TRecipientLite[];
+};
+
+export const ZResendDocumentFormSchema = z.object({
+  recipients: z.array(z.number()).min(1, {
+    message: 'You must select at least one item.',
+  }),
+});
+
+export type TResendDocumentFormSchema = z.infer<typeof ZResendDocumentFormSchema>;
+
+export const DocumentResendDialog = ({ document, recipients }: DocumentResendDialogProps) => {
+  const { user } = useSession();
+  const team = useCurrentTeam();
+
+  const { toast } = useToast();
+  const { _ } = useLingui();
+
+  const [isOpen, setIsOpen] = useState(false);
+  const isOwner = document.userId === user.id;
+  const isCurrentTeamDocument = team && document.team?.url === team.url;
+
+  const isDisabled =
+    (!isOwner && !isCurrentTeamDocument) ||
+    document.status !== 'PENDING' ||
+    !recipients.some((r) => r.signingStatus === SigningStatus.NOT_SIGNED);
+
+  const { mutateAsync: resendDocument } = trpcReact.document.redistribute.useMutation();
+
+  const form = useForm<TResendDocumentFormSchema>({
+    resolver: zodResolver(ZResendDocumentFormSchema),
+    defaultValues: {
+      recipients: [],
+    },
+  });
+
+  const {
+    handleSubmit,
+    formState: { isSubmitting },
+  } = form;
+
+  const selectedRecipients = useWatch({
+    control: form.control,
+    name: 'recipients',
+  });
+
+  const onFormSubmit = async ({ recipients }: TResendDocumentFormSchema) => {
+    try {
+      await resendDocument({ documentId: document.id, recipients });
+
+      toast({
+        title: _(msg`Document re-sent`),
+        description: _(msg`Your document has been re-sent successfully.`),
+        duration: 5000,
+      });
+
+      setIsOpen(false);
+    } catch (err) {
+      toast({
+        title: _(msg`Something went wrong`),
+        description: _(msg`This document could not be re-sent at this time. Please try again.`),
+        variant: 'destructive',
+        duration: 7500,
+      });
+    }
+  };
+
+  return (
+    <Dialog open={isOpen} onOpenChange={setIsOpen}>
+      <DialogTrigger asChild>
+        <DropdownMenuItem disabled={isDisabled} onSelect={(e) => e.preventDefault()}>
+          <History className="mr-2 h-4 w-4" />
+          <Trans>Resend</Trans>
+        </DropdownMenuItem>
+      </DialogTrigger>
+
+      <DialogContent className="sm:max-w-sm" hideClose>
+        <DialogHeader>
+          <DialogTitle asChild>
+            <h1 className="text-center text-xl">
+              <Trans>Who do you want to remind?</Trans>
+            </h1>
+          </DialogTitle>
+        </DialogHeader>
+
+        <Form {...form}>
+          <form id={FORM_ID} onSubmit={handleSubmit(onFormSubmit)} className="px-3">
+            <FormField
+              control={form.control}
+              name="recipients"
+              render={({ field: { value, onChange } }) => (
+                <>
+                  {recipients.map((recipient) => (
+                    <FormItem key={recipient.id} className="flex flex-row items-center justify-between gap-x-3">
+                      <FormLabel
+                        className={cn('my-2 flex items-center gap-2 font-normal', {
+                          'opacity-50': !value.includes(recipient.id),
+                        })}
+                      >
+                        <StackAvatar
+                          key={recipient.id}
+                          type={getRecipientType(recipient)}
+                          fallbackText={recipientAbbreviation(recipient)}
+                        />
+                        {recipient.email}
+                      </FormLabel>
+
+                      <FormControl>
+                        <Checkbox
+                          className="h-5 w-5 rounded-full border border-neutral-400"
+                          value={recipient.id}
+                          checked={value.includes(recipient.id)}
+                          onCheckedChange={(checked: boolean) =>
+                            checked
+                              ? onChange([...value, recipient.id])
+                              : onChange(value.filter((v) => v !== recipient.id))
+                          }
+                        />
+                      </FormControl>
+                    </FormItem>
+                  ))}
+                </>
+              )}
+            />
+          </form>
+        </Form>
+
+        <DialogFooter>
+          <div className="flex w-full flex-1 flex-nowrap gap-4">
+            <DialogClose asChild>
+              <Button
+                type="button"
+                className="flex-1 bg-black/5 hover:bg-black/10 dark:bg-muted dark:hover:bg-muted/80"
+                variant="secondary"
+                disabled={isSubmitting}
+              >
+                <Trans>Cancel</Trans>
+              </Button>
+            </DialogClose>
+
+            <Button
+              className="flex-1"
+              loading={isSubmitting}
+              type="submit"
+              form={FORM_ID}
+              disabled={isSubmitting || selectedRecipients.length === 0}
+            >
+              <Trans>Send reminder</Trans>
+            </Button>
+          </div>
+        </DialogFooter>
+      </DialogContent>
+    </Dialog>
+  );
+};
@@ -1,95 +0,0 @@
-import { trpc } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useState } from 'react';
-
-import {
-  EmailTransportForm,
-  type EmailTransportFormValues,
-  emailTransportFormToConfig,
-} from '../forms/email-transport-form';
-
-export type EmailTransportCreateDialogProps = {
-  trigger?: React.ReactNode;
-};
-
-export const EmailTransportCreateDialog = ({ trigger }: EmailTransportCreateDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const [open, setOpen] = useState(false);
-
-  const { mutateAsync: createTransport, isPending } = trpc.admin.emailTransport.create.useMutation({
-    onSuccess: () => {
-      toast({
-        title: t`Transport created.`,
-      });
-
-      setOpen(false);
-    },
-    onError: (error) => {
-      toast({
-        title: t`Failed to create transport.`,
-        description: error.message,
-        variant: 'destructive',
-      });
-    },
-  });
-
-  const onFormSubmit = async (values: EmailTransportFormValues) => {
-    await createTransport({
-      name: values.name,
-      fromName: values.fromName,
-      fromAddress: values.fromAddress,
-      config: emailTransportFormToConfig(values),
-    });
-  };
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !isPending && setOpen(value)}>
-      <DialogTrigger onClick={(e) => e.stopPropagation()} asChild>
-        {trigger ?? (
-          <Button className="flex-shrink-0">
-            <Trans>Add transport</Trans>
-          </Button>
-        )}
-      </DialogTrigger>
-
-      <DialogContent className="scrollbar-hidden max-h-[90vh] overflow-y-auto sm:max-w-md">
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Add Email Transport</Trans>
-          </DialogTitle>
-          <DialogDescription>
-            <Trans>Fill in the details to create a new email transport.</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <EmailTransportForm
-          onFormSubmit={onFormSubmit}
-          formSubmitTrigger={
-            <DialogFooter>
-              <Button type="button" variant="outline" onClick={() => setOpen(false)} disabled={isPending}>
-                <Trans>Cancel</Trans>
-              </Button>
-
-              <Button type="submit" loading={isPending}>
-                <Trans>Create</Trans>
-              </Button>
-            </DialogFooter>
-          }
-        />
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -1,114 +0,0 @@
-import { trpc } from '@documenso/trpc/react';
-import { Alert, AlertDescription } from '@documenso/ui/primitives/alert';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { Plural, Trans, useLingui } from '@lingui/react/macro';
-import { useState } from 'react';
-
-export type EmailTransportDeleteDialogProps = {
-  transportId: string;
-  transportName: string;
-  subscriptionClaimCount: number;
-  organisationClaimCount: number;
-  trigger: React.ReactNode;
-};
-
-export const EmailTransportDeleteDialog = ({
-  transportId,
-  transportName,
-  subscriptionClaimCount,
-  organisationClaimCount,
-  trigger,
-}: EmailTransportDeleteDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const [open, setOpen] = useState(false);
-
-  const isInUse = subscriptionClaimCount + organisationClaimCount > 0;
-
-  const { mutateAsync: deleteTransport, isPending } = trpc.admin.emailTransport.delete.useMutation({
-    onSuccess: () => {
-      toast({
-        title: t`Transport deleted.`,
-      });
-
-      setOpen(false);
-    },
-    onError: () => {
-      toast({
-        title: t`Failed to delete transport.`,
-        variant: 'destructive',
-      });
-    },
-  });
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !isPending && setOpen(value)}>
-      <DialogTrigger asChild onClick={(e) => e.stopPropagation()}>
-        {trigger}
-      </DialogTrigger>
-
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Delete Email Transport</Trans>
-          </DialogTitle>
-          <DialogDescription>
-            <Trans>Are you sure you want to delete the following transport?</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <Alert variant="neutral">
-          <AlertDescription className="text-center font-semibold">{transportName}</AlertDescription>
-        </Alert>
-
-        {isInUse && (
-          <Alert variant="destructive">
-            <AlertDescription>
-              <Trans>Warning, this email transport is currently being used by:</Trans>
-
-              <ul className="mt-2 list-disc pl-5">
-                {subscriptionClaimCount > 0 && (
-                  <li>
-                    <Plural value={subscriptionClaimCount} one="# Subscription claim" other="# Subscription claims" />
-                  </li>
-                )}
-
-                {organisationClaimCount > 0 && (
-                  <li>
-                    <Plural value={organisationClaimCount} one="# Organisation claim" other="# Organisation claims" />
-                  </li>
-                )}
-              </ul>
-            </AlertDescription>
-          </Alert>
-        )}
-
-        <DialogFooter>
-          <Button type="button" variant="secondary" onClick={() => setOpen(false)} disabled={isPending}>
-            <Trans>Cancel</Trans>
-          </Button>
-
-          <Button
-            type="submit"
-            variant="destructive"
-            loading={isPending}
-            onClick={async () => deleteTransport({ id: transportId })}
-          >
-            <Trans>Delete</Trans>
-          </Button>
-        </DialogFooter>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -1,126 +0,0 @@
-import { trpc } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from '@documenso/ui/primitives/form/form';
-import { Input } from '@documenso/ui/primitives/input';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useEffect, useState } from 'react';
-import { useForm } from 'react-hook-form';
-import { z } from 'zod';
-
-const ZSendTestEmailFormSchema = z.object({
-  to: z.string().email(),
-});
-
-type TSendTestEmailFormSchema = z.infer<typeof ZSendTestEmailFormSchema>;
-
-export type EmailTransportSendTestDialogProps = {
-  transportId: string;
-  trigger: React.ReactNode;
-};
-
-export const EmailTransportSendTestDialog = ({ transportId, trigger }: EmailTransportSendTestDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const [open, setOpen] = useState(false);
-
-  const { mutateAsync: sendTest } = trpc.admin.emailTransport.sendTest.useMutation({
-    onSuccess: () => {
-      toast({
-        title: t`Test email sent.`,
-      });
-      setOpen(false);
-    },
-    onError: (error) => {
-      toast({
-        title: t`Test failed.`,
-        description: error.message,
-        variant: 'destructive',
-      });
-    },
-  });
-
-  const form = useForm<TSendTestEmailFormSchema>({
-    resolver: zodResolver(ZSendTestEmailFormSchema),
-    defaultValues: {
-      to: '',
-    },
-  });
-
-  const onFormSubmit = async ({ to }: TSendTestEmailFormSchema) => {
-    await sendTest({ id: transportId, to });
-  };
-
-  useEffect(() => {
-    if (!open) {
-      form.reset();
-    }
-  }, [open, form]);
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !form.formState.isSubmitting && setOpen(value)}>
-      <DialogTrigger asChild onClick={(e) => e.stopPropagation()}>
-        {trigger}
-      </DialogTrigger>
-
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Send Test Email</Trans>
-          </DialogTitle>
-          <DialogDescription>
-            <Trans>Send a test email using this transport to verify the configuration.</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <Form {...form}>
-          <form onSubmit={form.handleSubmit(onFormSubmit)}>
-            <fieldset disabled={form.formState.isSubmitting} className="space-y-4">
-              <FormField
-                control={form.control}
-                name="to"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel required>
-                      <Trans>Email</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input type="email" placeholder={t`test@example.com`} {...field} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              <DialogFooter>
-                <Button
-                  type="button"
-                  variant="secondary"
-                  onClick={() => setOpen(false)}
-                  disabled={form.formState.isSubmitting}
-                >
-                  <Trans>Cancel</Trans>
-                </Button>
-
-                <Button type="submit" loading={form.formState.isSubmitting}>
-                  <Trans>Send</Trans>
-                </Button>
-              </DialogFooter>
-            </fieldset>
-          </form>
-        </Form>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -1,104 +0,0 @@
-import { trpc } from '@documenso/trpc/react';
-import type { TFindEmailTransportsResponse } from '@documenso/trpc/server/admin-router/email-transport/find-email-transports.types';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useState } from 'react';
-
-import {
-  EmailTransportForm,
-  type EmailTransportFormValues,
-  emailTransportFormToConfig,
-} from '../forms/email-transport-form';
-
-export type EmailTransportUpdateDialogProps = {
-  transport: TFindEmailTransportsResponse['data'][number];
-  trigger: React.ReactNode;
-};
-
-export const EmailTransportUpdateDialog = ({ transport, trigger }: EmailTransportUpdateDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const [open, setOpen] = useState(false);
-
-  const { mutateAsync: updateTransport, isPending } = trpc.admin.emailTransport.update.useMutation();
-
-  const onFormSubmit = async (values: EmailTransportFormValues) => {
-    try {
-      await updateTransport({
-        id: transport.id,
-        data: {
-          name: values.name,
-          fromName: values.fromName,
-          fromAddress: values.fromAddress,
-          config: emailTransportFormToConfig(values),
-        },
-      });
-
-      toast({
-        title: t`Transport updated.`,
-      });
-
-      setOpen(false);
-    } catch {
-      toast({
-        title: t`Failed to save transport.`,
-        variant: 'destructive',
-      });
-    }
-  };
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !isPending && setOpen(value)}>
-      <DialogTrigger asChild onClick={(e) => e.stopPropagation()}>
-        {trigger}
-      </DialogTrigger>
-
-      <DialogContent className="scrollbar-hidden max-h-[90vh] overflow-y-auto sm:max-w-md">
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Edit Email Transport</Trans>
-          </DialogTitle>
-          <DialogDescription>
-            <Trans>Modify the details of the email transport.</Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <EmailTransportForm
-          isEdit
-          defaultValues={{
-            // Pre-fill the non-secret connection settings; secrets stay blank
-            // and are preserved on save unless re-entered.
-            ...(transport.config ?? {}),
-            name: transport.name,
-            fromName: transport.fromName,
-            fromAddress: transport.fromAddress,
-            type: transport.type,
-          }}
-          onFormSubmit={onFormSubmit}
-          formSubmitTrigger={
-            <DialogFooter>
-              <Button type="button" variant="outline" onClick={() => setOpen(false)} disabled={isPending}>
-                <Trans>Cancel</Trans>
-              </Button>
-
-              <Button type="submit" loading={isPending}>
-                <Trans>Save changes</Trans>
-              </Button>
-            </DialogFooter>
-          }
-        />
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -1,134 +0,0 @@
-import { trpc as trpcReact } from '@documenso/trpc/react';
-import { Alert, AlertDescription } from '@documenso/ui/primitives/alert';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogClose,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from '@documenso/ui/primitives/dialog';
-import { Label } from '@documenso/ui/primitives/label';
-import { Textarea } from '@documenso/ui/primitives/textarea';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useEffect, useState } from 'react';
-
-export type EnvelopeCancelDialogProps = {
-  id: string;
-  title: string;
-  trigger?: React.ReactNode;
-  onCancel?: () => Promise<void> | void;
-};
-
-export const EnvelopeCancelDialog = ({ id, title, trigger, onCancel }: EnvelopeCancelDialogProps) => {
-  const { toast } = useToast();
-  const { t } = useLingui();
-  const trpcUtils = trpcReact.useUtils();
-
-  const [open, setOpen] = useState(false);
-  const [reason, setReason] = useState('');
-
-  const { mutateAsync: cancelEnvelope, isPending } = trpcReact.envelope.cancel.useMutation({
-    onSuccess: async () => {
-      toast({
-        title: t`Document cancelled`,
-        description: t`"${title}" has been successfully cancelled`,
-        duration: 5000,
-      });
-
-      await trpcUtils.document.findDocumentsInternal.invalidate();
-
-      await onCancel?.();
-
-      setOpen(false);
-    },
-    onError: () => {
-      toast({
-        title: t`Something went wrong`,
-        description: t`This document could not be cancelled at this time. Please try again.`,
-        variant: 'destructive',
-        duration: 7500,
-      });
-    },
-  });
-
-  useEffect(() => {
-    if (open) {
-      setReason('');
-    }
-  }, [open]);
-
-  return (
-    <Dialog open={open} onOpenChange={(value) => !isPending && setOpen(value)}>
-      <DialogTrigger asChild>{trigger}</DialogTrigger>
-
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Are you sure?</Trans>
-          </DialogTitle>
-
-          <DialogDescription>
-            <Trans>
-              You are about to cancel <strong>"{title}"</strong>
-            </Trans>
-          </DialogDescription>
-        </DialogHeader>
-
-        <Alert variant="warning" className="-mt-1">
-          <AlertDescription>
-            <p>
-              <Trans>Once confirmed, the following will occur:</Trans>
-            </p>
-
-            <ul className="mt-0.5 list-inside list-disc">
-              <li>
-                <Trans>The document signing process will be stopped</Trans>
-              </li>
-              <li>
-                <Trans>Recipients will be notified that the document was cancelled</Trans>
-              </li>
-              <li>
-                <Trans>The document will remain in your dashboard marked as Cancelled</Trans>
-              </li>
-            </ul>
-          </AlertDescription>
-        </Alert>
-
-        <div className="flex flex-col gap-2">
-          <Label htmlFor="cancel-reason">
-            <Trans>Reason (optional)</Trans>
-          </Label>
-
-          <Textarea
-            id="cancel-reason"
-            value={reason}
-            onChange={(event) => setReason(event.target.value)}
-            placeholder={t`Add an optional reason for cancelling this document`}
-          />
-        </div>
-
-        <DialogFooter>
-          <DialogClose asChild>
-            <Button type="button" variant="secondary" disabled={isPending}>
-              <Trans>Cancel</Trans>
-            </Button>
-          </DialogClose>
-
-          <Button
-            type="button"
-            loading={isPending}
-            onClick={() => void cancelEnvelope({ envelopeId: id, reason: reason || undefined })}
-            variant="destructive"
-          >
-            <Trans>Cancel document</Trans>
-          </Button>
-        </DialogFooter>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -166,7 +166,7 @@ export const EnvelopeDeleteDialog = ({
                  </ul>
                </AlertDescription>
              ))
-              .with(P.union(DocumentStatus.COMPLETED, DocumentStatus.REJECTED, DocumentStatus.CANCELLED), () => (
+              .with(P.union(DocumentStatus.COMPLETED, DocumentStatus.REJECTED), () => (
                <AlertDescription>
                  <p>
                    <Trans>By deleting this document, the following will occur:</Trans>
@@ -1,15 +1,13 @@
 import { useCurrentEnvelopeEditor } from '@documenso/lib/client-only/providers/envelope-editor-provider';
 import { useCurrentOrganisation } from '@documenso/lib/client-only/providers/organisation';
 import { DO_NOT_INVALIDATE_QUERY_ON_MUTATION } from '@documenso/lib/constants/trpc';
-import { AppError } from '@documenso/lib/errors/app-error';
 import { extractDocumentAuthMethods } from '@documenso/lib/utils/document-auth';
-import { hasOverlappingFields } from '@documenso/lib/utils/fields-overlap';
 import { getRecipientsWithMissingFields } from '@documenso/lib/utils/recipients';
 import { zEmail } from '@documenso/lib/utils/zod';
 import { trpc, trpc as trpcReact } from '@documenso/trpc/react';
 import { DocumentSendEmailMessageHelper } from '@documenso/ui/components/document/document-send-email-message-helper';
 import { cn } from '@documenso/ui/lib/utils';
-import { Alert, AlertDescription, AlertTitle } from '@documenso/ui/primitives/alert';
+import { Alert, AlertDescription } from '@documenso/ui/primitives/alert';
 import { Button } from '@documenso/ui/primitives/button';
 import {
  Dialog,
@@ -33,13 +31,12 @@ import { zodResolver } from '@hookform/resolvers/zod';
 import { Trans, useLingui } from '@lingui/react/macro';
 import { DocumentDistributionMethod, DocumentStatus, EnvelopeType } from '@prisma/client';
 import { AnimatePresence, motion } from 'framer-motion';
-import { AlertTriangleIcon, InfoIcon } from 'lucide-react';
+import { InfoIcon } from 'lucide-react';
 import { useEffect, useMemo, useState } from 'react';
 import { useForm } from 'react-hook-form';
 import { useNavigate } from 'react-router';
 import { match } from 'ts-pattern';
 import * as z from 'zod';
-import { getDistributeErrorMessage } from '~/utils/toast-error-messages';

 export type EnvelopeDistributeDialogProps = {
  onDistribute?: () => Promise<void>;
@@ -69,7 +66,7 @@ export const EnvelopeDistributeDialog = ({
  const { envelope, syncEnvelope, isAutosaving, autosaveError } = useCurrentEnvelopeEditor();

  const { toast } = useToast();
-  const { t, i18n } = useLingui();
+  const { t } = useLingui();
  const navigate = useNavigate();

  const [isOpen, setIsOpen] = useState(false);
@@ -139,27 +136,6 @@ export const EnvelopeDistributeDialog = ({
    });
  }, [recipientsWithIndex, envelope.authOptions]);

-  /**
-   * Whether any fields significantly overlap each other. This is surfaced as a
-   * non-blocking warning since overlapping fields still allow sending, but can
-   * complicate the signing process or cause fields to behave unexpectedly.
-   */
-  const hasOverlappingEnvelopeFields = useMemo(
-    () =>
-      hasOverlappingFields(
-        envelope.fields.map((field) => ({
-          id: field.id,
-          envelopeItemId: field.envelopeItemId,
-          page: field.page,
-          positionX: Number(field.positionX),
-          positionY: Number(field.positionY),
-          width: Number(field.width),
-          height: Number(field.height),
-        })),
-      ),
-    [envelope.fields],
-  );
-
  const invalidEnvelopeCode = useMemo(() => {
    if (recipientsMissingSignatureFields.length > 0) {
      return 'MISSING_SIGNATURES';
@@ -198,13 +174,9 @@ export const EnvelopeDistributeDialog = ({

      setIsOpen(false);
    } catch (err) {
-      const error = AppError.parseError(err);
-
-      const errorMessage = getDistributeErrorMessage(error.code);
-
      toast({
-        title: i18n._(errorMessage.title),
-        description: i18n._(errorMessage.description),
+        title: t`Something went wrong`,
+        description: t`This envelope could not be distributed at this time. Please try again.`,
        variant: 'destructive',
        duration: 7500,
      });
@@ -228,11 +200,6 @@ export const EnvelopeDistributeDialog = ({
  };

  useEffect(() => {
-    // Default the distribution method tab to the envelope's configured setting.
-    if (isOpen && envelope.documentMeta) {
-      setValue('meta.distributionMethod', envelope.documentMeta.distributionMethod);
-    }
-
    // Resync the whole envelope if the envelope is mid saving.
    if (isOpen && (isAutosaving || autosaveError)) {
      void handleSync();
@@ -262,24 +229,6 @@ export const EnvelopeDistributeDialog = ({
          <Form {...form}>
            <form onSubmit={handleSubmit(onFormSubmit)}>
              <fieldset disabled={isSubmitting}>
-                {hasOverlappingEnvelopeFields && (
-                  <Alert variant="warning" className="mb-4 flex flex-row items-start gap-3">
-                    <AlertTriangleIcon className="mt-0.5 h-5 w-5 flex-shrink-0" />
-
-                    <div className="flex flex-col gap-1">
-                      <AlertTitle>
-                        <Trans>Overlapping fields detected</Trans>
-                      </AlertTitle>
-                      <AlertDescription>
-                        <Trans>
-                          Some fields are placed on top of each other. This may complicate the signing process or cause
-                          fields to not work as expected.
-                        </Trans>
-                      </AlertDescription>
-                    </div>
-                  </Alert>
-                )}
-
                <Tabs
                  onValueChange={(value) =>
                    // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
@@ -1,7 +1,6 @@
 import { formatDocumentsPath, formatTemplatesPath } from '@documenso/lib/utils/teams';
 import { trpc } from '@documenso/trpc/react';
 import { Button } from '@documenso/ui/primitives/button';
-import { Checkbox } from '@documenso/ui/primitives/checkbox';
 import {
  Dialog,
  DialogClose,
@@ -12,12 +11,10 @@ import {
  DialogTitle,
  DialogTrigger,
 } from '@documenso/ui/primitives/dialog';
-import { Label } from '@documenso/ui/primitives/label';
 import { useToast } from '@documenso/ui/primitives/use-toast';
 import { Trans, useLingui } from '@lingui/react/macro';
 import { EnvelopeType } from '@prisma/client';
 import { useState } from 'react';
-import { Controller, useForm } from 'react-hook-form';
 import { useNavigate } from 'react-router';

 import { useCurrentTeam } from '~/providers/team';
@@ -40,15 +37,6 @@ export const EnvelopeDuplicateDialog = ({ envelopeId, envelopeType, trigger }: E

  const isDocument = envelopeType === EnvelopeType.DOCUMENT;

-  const form = useForm({
-    defaultValues: {
-      includeRecipients: true,
-      includeFields: true,
-    },
-  });
-
-  const includeRecipients = form.watch('includeRecipients');
-
  const { mutateAsync: duplicateEnvelope, isPending: isDuplicating } = trpc.envelope.duplicate.useMutation({
    onSuccess: async ({ id }) => {
      toast({
@@ -67,14 +55,8 @@ export const EnvelopeDuplicateDialog = ({ envelopeId, envelopeType, trigger }: E
  });

  const onDuplicate = async () => {
-    const { includeRecipients, includeFields } = form.getValues();
-
    try {
-      await duplicateEnvelope({
-        envelopeId,
-        includeRecipients,
-        includeFields: includeRecipients && includeFields,
-      });
+      await duplicateEnvelope({ envelopeId });
    } catch {
      toast({
        title: t`Something went wrong`,
@@ -88,20 +70,7 @@ export const EnvelopeDuplicateDialog = ({ envelopeId, envelopeType, trigger }: E
  };

  return (
-    <Dialog
-      open={open}
-      onOpenChange={(value) => {
-        if (isDuplicating) {
-          return;
-        }
-
-        setOpen(value);
-
-        if (!value) {
-          form.reset();
-        }
-      }}
-    >
+    <Dialog open={open} onOpenChange={(value) => !isDuplicating && setOpen(value)}>
      {trigger && <DialogTrigger asChild>{trigger}</DialogTrigger>}

      <DialogContent>
@@ -118,49 +87,6 @@ export const EnvelopeDuplicateDialog = ({ envelopeId, envelopeType, trigger }: E
          </DialogDescription>
        </DialogHeader>

-        <div className="space-y-4">
-          <Controller
-            control={form.control}
-            name="includeRecipients"
-            render={({ field }) => (
-              <div className="flex items-center space-x-2">
-                <Checkbox
-                  id="envelopeDuplicateIncludeRecipients"
-                  checked={field.value}
-                  onCheckedChange={(checked) => {
-                    field.onChange(checked === true);
-
-                    if (!checked) {
-                      form.setValue('includeFields', false);
-                    }
-                  }}
-                />
-                <Label htmlFor="envelopeDuplicateIncludeRecipients">
-                  <Trans>Include Recipients</Trans>
-                </Label>
-              </div>
-            )}
-          />
-
-          <Controller
-            control={form.control}
-            name="includeFields"
-            render={({ field }) => (
-              <div className="flex items-center space-x-2">
-                <Checkbox
-                  id="envelopeDuplicateIncludeFields"
-                  checked={field.value}
-                  disabled={!includeRecipients}
-                  onCheckedChange={(checked) => field.onChange(checked === true)}
-                />
-                <Label htmlFor="envelopeDuplicateIncludeFields" className={!includeRecipients ? 'opacity-50' : ''}>
-                  <Trans>Include Fields</Trans>
-                </Label>
-              </div>
-            )}
-          />
-        </div>
-
        <DialogFooter>
          <DialogClose asChild>
            <Button type="button" variant="secondary" disabled={isDuplicating}>
@@ -1,5 +1,4 @@
 import { getRecipientType } from '@documenso/lib/client-only/recipient-type';
-import { AppError } from '@documenso/lib/errors/app-error';
 import type { TEnvelope } from '@documenso/lib/types/envelope';
 import type { TEnvelopeRecipientLite } from '@documenso/lib/types/recipient';
 import { recipientAbbreviation } from '@documenso/lib/utils/recipient-formatter';
@@ -25,16 +24,14 @@ import { Trans, useLingui } from '@lingui/react/macro';
 import { DocumentStatus, EnvelopeType, SigningStatus } from '@prisma/client';
 import { useEffect, useState } from 'react';
 import { useForm } from 'react-hook-form';
-import { match } from 'ts-pattern';
 import * as z from 'zod';
-import { getDistributeErrorMessage } from '~/utils/toast-error-messages';
+
 import { StackAvatar } from '../general/stack-avatar';

 export type EnvelopeRedistributeDialogProps = {
-  envelope: Pick<TEnvelope, 'id' | 'status' | 'type'> & {
+  envelope: Pick<TEnvelope, 'id' | 'userId' | 'teamId' | 'status' | 'type' | 'documentMeta'> & {
    recipients: TEnvelopeRecipientLite[];
  };
-  envelopeType?: EnvelopeType;
  trigger?: React.ReactNode;
 };

@@ -46,11 +43,11 @@ export const ZEnvelopeRedistributeFormSchema = z.object({

 export type TEnvelopeRedistributeFormSchema = z.infer<typeof ZEnvelopeRedistributeFormSchema>;

-export const EnvelopeRedistributeDialog = ({ envelope, envelopeType, trigger }: EnvelopeRedistributeDialogProps) => {
+export const EnvelopeRedistributeDialog = ({ envelope, trigger }: EnvelopeRedistributeDialogProps) => {
  const recipients = envelope.recipients;

  const { toast } = useToast();
-  const { t, i18n } = useLingui();
+  const { t } = useLingui();

  const [isOpen, setIsOpen] = useState(false);

@@ -72,34 +69,17 @@ export const EnvelopeRedistributeDialog = ({ envelope, envelopeType, trigger }:
    try {
      await redistributeEnvelope({ envelopeId: envelope.id, recipients });

-      const successMessage = match(envelopeType)
-        .with(EnvelopeType.DOCUMENT, () => ({
-          title: t`Document resent`,
-          description: t`Your document has been resent successfully.`,
-        }))
-        .with(EnvelopeType.TEMPLATE, () => ({
-          title: t`Template resent`,
-          description: t`Your template has been resent successfully.`,
-        }))
-        .otherwise(() => ({
-          title: t`Envelope resent`,
-          description: t`Your envelope has been resent successfully.`,
-        }));
-
      toast({
-        title: successMessage.title,
-        description: successMessage.description,
+        title: t`Envelope resent`,
+        description: t`Your envelope has been resent successfully.`,
        duration: 5000,
      });

      setIsOpen(false);
    } catch (err) {
-      const error = AppError.parseError(err);
-      const errorMessage = getDistributeErrorMessage(error.code);
-
      toast({
-        title: i18n._(errorMessage.title),
-        description: i18n._(errorMessage.description),
+        title: t`Something went wrong`,
+        description: t`This envelope could not be resent at this time. Please try again.`,
        variant: 'destructive',
        duration: 7500,
      });
@@ -1,159 +0,0 @@
-import { trpc } from '@documenso/trpc/react';
-import { Alert, AlertDescription } from '@documenso/ui/primitives/alert';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-} from '@documenso/ui/primitives/dialog';
-import { Label } from '@documenso/ui/primitives/label';
-import { Textarea } from '@documenso/ui/primitives/textarea';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { plural } from '@lingui/core/macro';
-import { Plural, Trans, useLingui } from '@lingui/react/macro';
-import type * as DialogPrimitive from '@radix-ui/react-dialog';
-import { useEffect, useState } from 'react';
-
-export type EnvelopesBulkCancelDialogProps = {
-  envelopeIds: string[];
-  open: boolean;
-  onOpenChange: (open: boolean) => void;
-  onSuccess?: () => void;
-} & Omit<DialogPrimitive.DialogProps, 'children'>;
-
-export const EnvelopesBulkCancelDialog = ({
-  envelopeIds,
-  open,
-  onOpenChange,
-  onSuccess,
-  ...props
-}: EnvelopesBulkCancelDialogProps) => {
-  const { t } = useLingui();
-  const { toast } = useToast();
-
-  const trpcUtils = trpc.useUtils();
-
-  const [reason, setReason] = useState('');
-
-  useEffect(() => {
-    if (open) {
-      setReason('');
-    }
-  }, [open]);
-
-  const { mutateAsync: bulkCancelEnvelopes, isPending } = trpc.envelope.bulk.cancel.useMutation({
-    onSuccess: async (result) => {
-      await trpcUtils.document.findDocumentsInternal.invalidate();
-
-      if (result.failedIds.length > 0) {
-        toast({
-          title: t`Documents partially cancelled`,
-          description: t`${plural(result.cancelledCount, {
-            one: '# document cancelled.',
-            other: '# documents cancelled.',
-          })} ${plural(result.failedIds.length, {
-            one: '# document could not be cancelled.',
-            other: '# documents could not be cancelled.',
-          })}`,
-          variant: 'destructive',
-        });
-      } else {
-        toast({
-          title: t`Documents cancelled`,
-          description: plural(result.cancelledCount, {
-            one: '# document has been cancelled.',
-            other: '# documents have been cancelled.',
-          }),
-          variant: 'default',
-        });
-      }
-
-      onSuccess?.();
-      onOpenChange(false);
-    },
-    onError: () => {
-      toast({
-        title: t`Error`,
-        description: t`An error occurred while cancelling the documents.`,
-        variant: 'destructive',
-      });
-    },
-  });
-
-  return (
-    <Dialog {...props} open={open} onOpenChange={onOpenChange}>
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>
-            <Trans>Cancel Documents</Trans>
-          </DialogTitle>
-
-          <DialogDescription>
-            <Plural
-              value={envelopeIds.length}
-              one="You are about to cancel the selected document."
-              other="You are about to cancel # documents."
-            />
-          </DialogDescription>
-        </DialogHeader>
-
-        <Alert variant="warning">
-          <AlertDescription>
-            <p>
-              <Trans>Only pending documents you have permission to manage will be cancelled.</Trans>
-            </p>
-
-            <p className="mt-1">
-              <Trans>Once confirmed, the following will occur:</Trans>
-            </p>
-
-            <ul className="mt-0.5 list-inside list-disc">
-              <li>
-                <Trans>The document signing process will be stopped</Trans>
-              </li>
-              <li>
-                <Trans>Recipients will be notified that the document was cancelled</Trans>
-              </li>
-              <li>
-                <Trans>The documents will remain in your dashboard marked as Cancelled</Trans>
-              </li>
-            </ul>
-          </AlertDescription>
-        </Alert>
-
-        <div className="flex flex-col gap-2">
-          <Label htmlFor="bulk-cancel-reason">
-            <Trans>Reason (optional)</Trans>
-          </Label>
-
-          <Textarea
-            id="bulk-cancel-reason"
-            value={reason}
-            onChange={(event) => setReason(event.target.value)}
-            placeholder={t`Add an optional reason for cancelling these documents`}
-          />
-        </div>
-
-        <DialogFooter>
-          <Button type="button" variant="secondary" onClick={() => onOpenChange(false)} disabled={isPending}>
-            <Trans>Cancel</Trans>
-          </Button>
-
-          <Button
-            onClick={(e) => {
-              e.preventDefault();
-              void bulkCancelEnvelopes({ envelopeIds, reason: reason || undefined });
-            }}
-            loading={isPending}
-            variant="destructive"
-          >
-            <Trans>Cancel documents</Trans>
-          </Button>
-        </DialogFooter>
-      </DialogContent>
-    </Dialog>
-  );
-};
@@ -28,7 +28,7 @@ export type EnvelopesBulkMoveDialogProps = {
  open: boolean;
  onOpenChange: (open: boolean) => void;
  currentFolderId?: string;
-  onSuccess?: (folderId: string | null) => Promise<void> | void;
+  onSuccess?: () => void;
 } & Omit<DialogPrimitive.DialogProps, 'children'>;

 const ZBulkMoveFormSchema = z.object({
@@ -99,12 +99,11 @@ export const EnvelopesBulkMoveDialog = ({
        await trpcUtils.template.findTemplates.invalidate();
      }

-      await onSuccess?.(data.folderId);
-
      toast({
        description: t`Selected items have been moved.`,
      });

+      onSuccess?.();
      onOpenChange(false);
    } catch (err) {
      const error = AppError.parseError(err);
@@ -222,7 +222,7 @@ export const ManagePublicTemplateDialog = ({
            .with({ currentStep: 'SELECT_TEMPLATE' }, () => (
              <DialogContent>
                <DialogHeader>
-                  <DialogTitle className="w-full max-w-full whitespace-pre-line break-words">
+                  <DialogTitle>
                    {team?.name ? (
                      <Trans>{team.name} direct signing templates</Trans>
                    ) : (
@@ -16,17 +16,6 @@ import { msg } from '@lingui/core/macro';
 import { useLingui } from '@lingui/react';
 import { Trans } from '@lingui/react/macro';
 import { useState } from 'react';
-import { match } from 'ts-pattern';
-
-/**
- * The reason a team member cannot be removed from the team. When set, the delete
- * dialog explains the reason instead of offering a confirm button.
- */
-export type TeamMemberDeleteDisableReason =
-  | 'TEAM_OWNER'
-  | 'HIGHER_ROLE'
-  | 'INHERIT_MEMBER_ENABLED'
-  | 'INHERITED_MEMBER';

 export type TeamMemberDeleteDialogProps = {
  teamId: number;
@@ -34,7 +23,7 @@ export type TeamMemberDeleteDialogProps = {
  memberId: string;
  memberName: string;
  memberEmail: string;
-  disableReason?: TeamMemberDeleteDisableReason | null;
+  isInheritMemberEnabled: boolean | null;
  trigger?: React.ReactNode;
 };

@@ -45,7 +34,7 @@ export const TeamMemberDeleteDialog = ({
  memberId,
  memberName,
  memberEmail,
-  disableReason,
+  isInheritMemberEnabled,
 }: TeamMemberDeleteDialogProps) => {
  const [open, setOpen] = useState(false);

@@ -97,19 +86,10 @@ export const TeamMemberDeleteDialog = ({
          </DialogDescription>
        </DialogHeader>

-        {disableReason ? (
+        {isInheritMemberEnabled ? (
          <Alert variant="neutral">
            <AlertDescription>
-              {match(disableReason)
-                .with('TEAM_OWNER', () => <Trans>You cannot remove the organisation owner from the team.</Trans>)
-                .with('HIGHER_ROLE', () => <Trans>You cannot remove a member with a role higher than your own.</Trans>)
-                .with('INHERIT_MEMBER_ENABLED', () => (
-                  <Trans>You cannot remove members from this team while the inherit member feature is enabled.</Trans>
-                ))
-                .with('INHERITED_MEMBER', () => (
-                  <Trans>This member is inherited from a group and cannot be removed from the team directly.</Trans>
-                ))
-                .exhaustive()}
+              <Trans>You cannot remove members from this team if the inherit member feature is enabled.</Trans>
            </AlertDescription>
          </Alert>
        ) : (
@@ -129,10 +109,11 @@ export const TeamMemberDeleteDialog = ({
              <Trans>Close</Trans>
            </Button>

-            {!disableReason && (
+            {!isInheritMemberEnabled && (
              <Button
                type="submit"
                variant="destructive"
+                disabled={Boolean(isInheritMemberEnabled)}
                loading={isDeletingTeamMember}
                onClick={async () => deleteTeamMember({ teamId, memberId })}
              >
@@ -0,0 +1,232 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { FolderType } from '@documenso/lib/types/folder-type';
+import { formatTemplatesPath } from '@documenso/lib/utils/teams';
+import { trpc } from '@documenso/trpc/react';
+import { Button } from '@documenso/ui/primitives/button';
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from '@documenso/ui/primitives/dialog';
+import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from '@documenso/ui/primitives/form/form';
+import { Input } from '@documenso/ui/primitives/input';
+import { useToast } from '@documenso/ui/primitives/use-toast';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { msg } from '@lingui/core/macro';
+import { useLingui } from '@lingui/react';
+import { Trans } from '@lingui/react/macro';
+import type * as DialogPrimitive from '@radix-ui/react-dialog';
+import { FolderIcon, HomeIcon, Loader2, Search } from 'lucide-react';
+import { useEffect, useState } from 'react';
+import { useForm } from 'react-hook-form';
+import { useNavigate } from 'react-router';
+import { z } from 'zod';
+
+import { useCurrentTeam } from '~/providers/team';
+
+export type TemplateMoveToFolderDialogProps = {
+  templateId: number;
+  templateTitle: string;
+  isOpen: boolean;
+  onOpenChange: (open: boolean) => void;
+  currentFolderId?: string | null;
+} & Omit<DialogPrimitive.DialogProps, 'children'>;
+
+const ZMoveTemplateFormSchema = z.object({
+  folderId: z.string().nullable().optional(),
+});
+
+type TMoveTemplateFormSchema = z.infer<typeof ZMoveTemplateFormSchema>;
+
+export function TemplateMoveToFolderDialog({
+  templateId,
+  templateTitle,
+  isOpen,
+  onOpenChange,
+  currentFolderId,
+  ...props
+}: TemplateMoveToFolderDialogProps) {
+  const { _ } = useLingui();
+  const { toast } = useToast();
+
+  const navigate = useNavigate();
+  const team = useCurrentTeam();
+
+  const [searchTerm, setSearchTerm] = useState('');
+
+  const form = useForm<TMoveTemplateFormSchema>({
+    resolver: zodResolver(ZMoveTemplateFormSchema),
+    defaultValues: {
+      folderId: currentFolderId ?? null,
+    },
+  });
+
+  const { data: folders, isLoading: isFoldersLoading } = trpc.folder.findFoldersInternal.useQuery(
+    {
+      parentId: currentFolderId ?? null,
+      type: FolderType.TEMPLATE,
+    },
+    {
+      enabled: isOpen,
+    },
+  );
+
+  const { mutateAsync: updateTemplate } = trpc.template.updateTemplate.useMutation();
+
+  useEffect(() => {
+    if (!isOpen) {
+      form.reset();
+      setSearchTerm('');
+    } else {
+      form.reset({ folderId: currentFolderId ?? null });
+    }
+  }, [isOpen, currentFolderId, form]);
+
+  const onSubmit = async (data: TMoveTemplateFormSchema) => {
+    try {
+      await updateTemplate({
+        templateId,
+        data: {
+          folderId: data.folderId ?? null,
+        },
+      });
+
+      toast({
+        title: _(msg`Template moved`),
+        description: _(msg`The template has been moved successfully.`),
+        variant: 'default',
+      });
+
+      onOpenChange(false);
+
+      const templatesPath = formatTemplatesPath(team.url);
+
+      if (data.folderId) {
+        void navigate(`${templatesPath}/f/${data.folderId}`);
+      } else {
+        void navigate(templatesPath);
+      }
+    } catch (err) {
+      const error = AppError.parseError(err);
+
+      if (error.code === AppErrorCode.NOT_FOUND) {
+        toast({
+          title: _(msg`Error`),
+          description: _(msg`The folder you are trying to move the template to does not exist.`),
+          variant: 'destructive',
+        });
+
+        return;
+      }
+
+      toast({
+        title: _(msg`Error`),
+        description: _(msg`An error occurred while moving the template.`),
+        variant: 'destructive',
+      });
+    }
+  };
+
+  const filteredFolders = folders?.data?.filter((folder) =>
+    folder.name.toLowerCase().includes(searchTerm.toLowerCase()),
+  );
+
+  return (
+    <Dialog {...props} open={isOpen} onOpenChange={onOpenChange}>
+      <DialogContent>
+        <DialogHeader>
+          <DialogTitle>
+            <Trans>Move Template to Folder</Trans>
+          </DialogTitle>
+
+          <DialogDescription>
+            <Trans>Move &quot;{templateTitle}&quot; to a folder</Trans>
+          </DialogDescription>
+        </DialogHeader>
+
+        <div className="relative">
+          <Search className="absolute top-3 left-2 h-4 w-4 text-muted-foreground" />
+          <Input
+            placeholder={_(msg`Search folders...`)}
+            value={searchTerm}
+            onChange={(e) => setSearchTerm(e.target.value)}
+            className="pl-8"
+          />
+        </div>
+
+        <Form {...form}>
+          <form onSubmit={form.handleSubmit(onSubmit)} className="mt-4 flex flex-col gap-y-4">
+            <FormField
+              control={form.control}
+              name="folderId"
+              render={({ field }) => (
+                <FormItem>
+                  <FormLabel>
+                    <Trans>Folder</Trans>
+                  </FormLabel>
+
+                  <FormControl>
+                    <div className="max-h-96 space-y-2 overflow-y-auto">
+                      {isFoldersLoading ? (
+                        <div className="flex h-10 items-center justify-center">
+                          <Loader2 className="h-4 w-4 animate-spin" />
+                        </div>
+                      ) : (
+                        <>
+                          <Button
+                            type="button"
+                            variant={field.value === null ? 'default' : 'outline'}
+                            className="w-full justify-start"
+                            onClick={() => field.onChange(null)}
+                            disabled={currentFolderId === null}
+                          >
+                            <HomeIcon className="mr-2 h-4 w-4" />
+                            <Trans>Home (No Folder)</Trans>
+                          </Button>
+
+                          {filteredFolders?.map((folder) => (
+                            <Button
+                              key={folder.id}
+                              type="button"
+                              variant={field.value === folder.id ? 'default' : 'outline'}
+                              className="w-full justify-start"
+                              onClick={() => field.onChange(folder.id)}
+                              disabled={currentFolderId === folder.id}
+                            >
+                              <FolderIcon className="mr-2 h-4 w-4" />
+                              {folder.name}
+                            </Button>
+                          ))}
+
+                          {searchTerm && filteredFolders?.length === 0 && (
+                            <div className="px-2 py-2 text-center text-muted-foreground text-sm">
+                              <Trans>No folders found</Trans>
+                            </div>
+                          )}
+                        </>
+                      )}
+                    </div>
+                  </FormControl>
+                  <FormMessage />
+                </FormItem>
+              )}
+            />
+
+            <DialogFooter>
+              <Button type="button" variant="secondary" onClick={() => onOpenChange(false)}>
+                <Trans>Cancel</Trans>
+              </Button>
+
+              <Button type="submit" disabled={isFoldersLoading || form.formState.isSubmitting}>
+                <Trans>Move</Trans>
+              </Button>
+            </DialogFooter>
+          </form>
+        </Form>
+      </DialogContent>
+    </Dialog>
+  );
+}
@@ -4,7 +4,7 @@ import {
  TEMPLATE_RECIPIENT_NAME_PLACEHOLDER_REGEX,
 } from '@documenso/lib/constants/template';
 import { DO_NOT_INVALIDATE_QUERY_ON_MUTATION, SKIP_QUERY_BATCH_META } from '@documenso/lib/constants/trpc';
-import { AppError } from '@documenso/lib/errors/app-error';
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
 import { type TRecipientLite, ZRecipientEmailSchema } from '@documenso/lib/types/recipient';
 import { putPdfFile } from '@documenso/lib/universal/upload/put-file';
 import { trpc } from '@documenso/trpc/react';
@@ -35,8 +35,8 @@ import { FileTextIcon, InfoIcon, Plus, UploadCloudIcon, X } from 'lucide-react';
 import { useEffect, useState } from 'react';
 import { useFieldArray, useForm } from 'react-hook-form';
 import { useNavigate } from 'react-router';
+import { match } from 'ts-pattern';
 import * as z from 'zod';
-import { getTemplateUseErrorMessage } from '~/utils/toast-error-messages';

 const ZAddRecipientsForNewDocumentSchema = z.object({
  distributeDocument: z.boolean(),
@@ -180,11 +180,22 @@ export function TemplateUseDialog({
      await navigate(documentPath);
    } catch (err) {
      const error = AppError.parseError(err);
-      const errorMessage = getTemplateUseErrorMessage(error.code);
+
+      const errorMessage = match(error.code)
+        .with('DOCUMENT_SEND_FAILED', () => msg`The document was created but could not be sent to recipients.`)
+        .with(
+          AppErrorCode.INVALID_BODY,
+          AppErrorCode.INVALID_REQUEST,
+          () =>
+            msg`The document could not be created because of missing or invalid information. Please review the template's recipients and fields.`,
+        )
+        .with(AppErrorCode.NOT_FOUND, () => msg`The template or one of its recipients could not be found.`)
+        .with(AppErrorCode.LIMIT_EXCEEDED, () => msg`You have reached your document limit for this plan.`)
+        .otherwise(() => msg`An error occurred while creating document from template.`);

      toast({
-        title: _(errorMessage.title),
-        description: _(errorMessage.description),
+        title: _(msg`Error`),
+        description: _(errorMessage),
        variant: 'destructive',
      });
    }
@@ -3,7 +3,6 @@ import { DEFAULT_DOCUMENT_DATE_FORMAT } from '@documenso/lib/constants/date-form
 import { APP_I18N_OPTIONS } from '@documenso/lib/constants/i18n';
 import { PDF_VIEWER_PAGE_SELECTOR } from '@documenso/lib/constants/pdf-viewer';
 import { DEFAULT_DOCUMENT_TIME_ZONE } from '@documenso/lib/constants/time-zones';
-import { AppError } from '@documenso/lib/errors/app-error';
 import { ZDirectTemplateEmbedDataSchema } from '@documenso/lib/types/embed-direct-template-schema';
 import { isFieldUnsignedAndRequired, isRequiredField } from '@documenso/lib/utils/advanced-fields-helpers';
 import { getDocumentDataUrlForPdfViewer } from '@documenso/lib/utils/envelope-download';
@@ -43,7 +42,6 @@ import { useSearchParams } from 'react-router';
 import { BrandingLogo } from '~/components/general/branding-logo';
 import PDFViewerLazy from '~/components/general/pdf-viewer/pdf-viewer-lazy';
 import { injectCss } from '~/utils/css-vars';
-import { getDirectTemplateErrorMessage } from '~/utils/toast-error-messages';

 import type { DirectTemplateLocalField } from '../general/direct-template/direct-template-signing-form';
 import { DocumentSigningAttachmentsPopover } from '../general/document-signing/document-signing-attachments-popover';
@@ -261,12 +259,9 @@ export const EmbedDirectTemplateClientPage = ({
        );
      }

-      const error = AppError.parseError(err);
-      const errorMessage = getDirectTemplateErrorMessage(error.code);
-
      toast({
-        title: _(errorMessage.title),
-        description: _(errorMessage.description),
+        title: _(msg`Something went wrong`),
+        description: _(msg`We were unable to submit this document at this time. Please try again later.`),
        variant: 'destructive',
      });
    }
@@ -116,12 +116,11 @@ export const EditorFieldDropdownForm = ({
    }

    const newValues = [...currentValues];
-    const removedValue = currentValues[index].value;
    newValues.splice(index, 1);

    form.setValue('values', newValues);

-    if (form.getValues('defaultValue') === removedValue) {
+    if (form.getValues('defaultValue') === newValues[index].value) {
      form.setValue('defaultValue', undefined);
    }
  };
@@ -1,317 +0,0 @@
-import {
-  Form,
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@documenso/ui/primitives/form/form';
-import { Input } from '@documenso/ui/primitives/input';
-import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from '@documenso/ui/primitives/select';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { Trans, useLingui } from '@lingui/react/macro';
-import { useForm } from 'react-hook-form';
-import { z } from 'zod';
-
-const ZEmailTransportFormSchema = z.object({
-  name: z.string().min(1),
-  fromName: z.string().min(1),
-  fromAddress: z.string().email(),
-  type: z.enum(['SMTP_AUTH', 'SMTP_API', 'RESEND', 'MAILCHANNELS']),
-  host: z.string().optional(),
-  port: z.coerce.number().int().positive().optional(),
-  secure: z.boolean().optional(),
-  ignoreTLS: z.boolean().optional(),
-  username: z.string().optional(),
-  password: z.string().optional(),
-  service: z.string().optional(),
-  apiKey: z.string().optional(),
-  apiKeyUser: z.string().optional(),
-  endpoint: z.string().optional(),
-});
-
-export type EmailTransportFormValues = z.infer<typeof ZEmailTransportFormSchema>;
-
-type EmailTransportFormProps = {
-  defaultValues?: Partial<EmailTransportFormValues>;
-  isEdit?: boolean;
-  onFormSubmit: (values: EmailTransportFormValues) => Promise<void>;
-  formSubmitTrigger?: React.ReactNode;
-};
-
-export const EmailTransportForm = ({
-  defaultValues,
-  isEdit = false,
-  onFormSubmit,
-  formSubmitTrigger,
-}: EmailTransportFormProps) => {
-  const { t } = useLingui();
-
-  const form = useForm<EmailTransportFormValues>({
-    resolver: zodResolver(ZEmailTransportFormSchema),
-    defaultValues: {
-      name: '',
-      fromName: '',
-      fromAddress: '',
-      type: 'SMTP_AUTH',
-      secure: false,
-      ignoreTLS: false,
-      ...defaultValues,
-    },
-  });
-
-  const type = form.watch('type');
-  const secretPlaceholder = isEdit ? t`Leave blank to keep current` : undefined;
-
-  return (
-    <Form {...form}>
-      <form onSubmit={form.handleSubmit(onFormSubmit)}>
-        <fieldset disabled={form.formState.isSubmitting} className="space-y-4">
-          <FormField
-            control={form.control}
-            name="name"
-            render={({ field }) => (
-              <FormItem>
-                <FormLabel>
-                  <Trans>Name</Trans>
-                </FormLabel>
-                <FormControl>
-                  <Input placeholder={t`e.g. Resend (free plans)`} {...field} />
-                </FormControl>
-                <FormMessage />
-              </FormItem>
-            )}
-          />
-
-          <div className="grid grid-cols-2 gap-4">
-            <FormField
-              control={form.control}
-              name="fromName"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>From name</Trans>
-                  </FormLabel>
-                  <FormControl>
-                    <Input {...field} />
-                  </FormControl>
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-
-            <FormField
-              control={form.control}
-              name="fromAddress"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>From address</Trans>
-                  </FormLabel>
-                  <FormControl>
-                    <Input type="email" {...field} />
-                  </FormControl>
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          </div>
-
-          <FormField
-            control={form.control}
-            name="type"
-            render={({ field }) => (
-              <FormItem>
-                <FormLabel>
-                  <Trans>Transport type</Trans>
-                </FormLabel>
-                <Select value={field.value} onValueChange={field.onChange} disabled={isEdit}>
-                  <FormControl>
-                    <SelectTrigger>
-                      <SelectValue />
-                    </SelectTrigger>
-                  </FormControl>
-                  <SelectContent>
-                    <SelectItem value="SMTP_AUTH">SMTP (auth)</SelectItem>
-                    <SelectItem value="SMTP_API">SMTP (api)</SelectItem>
-                    <SelectItem value="RESEND">Resend</SelectItem>
-                    <SelectItem value="MAILCHANNELS">MailChannels</SelectItem>
-                  </SelectContent>
-                </Select>
-                {isEdit && (
-                  <FormDescription>
-                    <Trans>Transport type cannot be changed after creation.</Trans>
-                  </FormDescription>
-                )}
-                <FormMessage />
-              </FormItem>
-            )}
-          />
-
-          {(type === 'SMTP_AUTH' || type === 'SMTP_API') && (
-            <div className="grid grid-cols-2 gap-4">
-              <FormField
-                control={form.control}
-                name="host"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Host</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input {...field} value={field.value ?? ''} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-              <FormField
-                control={form.control}
-                name="port"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Port</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input type="number" {...field} value={field.value ?? ''} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-            </div>
-          )}
-
-          {type === 'SMTP_AUTH' && (
-            <>
-              <FormField
-                control={form.control}
-                name="username"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Username</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input {...field} value={field.value ?? ''} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-              <FormField
-                control={form.control}
-                name="password"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Password</Trans>
-                    </FormLabel>
-                    <FormControl>
-                      <Input type="password" placeholder={secretPlaceholder} {...field} value={field.value ?? ''} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-            </>
-          )}
-
-          {type === 'SMTP_API' && (
-            <FormField
-              control={form.control}
-              name="apiKey"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>API key</Trans>
-                  </FormLabel>
-                  <FormControl>
-                    <Input type="password" placeholder={secretPlaceholder} {...field} value={field.value ?? ''} />
-                  </FormControl>
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          )}
-
-          {(type === 'RESEND' || type === 'MAILCHANNELS') && (
-            <FormField
-              control={form.control}
-              name="apiKey"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>API key</Trans>
-                  </FormLabel>
-                  <FormControl>
-                    <Input type="password" placeholder={secretPlaceholder} {...field} value={field.value ?? ''} />
-                  </FormControl>
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          )}
-
-          {type === 'MAILCHANNELS' && (
-            <FormField
-              control={form.control}
-              name="endpoint"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>Endpoint (optional)</Trans>
-                  </FormLabel>
-                  <FormControl>
-                    <Input {...field} value={field.value ?? ''} />
-                  </FormControl>
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          )}
-
-          {formSubmitTrigger}
-        </fieldset>
-      </form>
-    </Form>
-  );
-};
-
-/**
- * Maps flat form values to the tRPC `config` discriminated union.
- */
-export const emailTransportFormToConfig = (values: EmailTransportFormValues) => {
-  switch (values.type) {
-    case 'SMTP_AUTH':
-      return {
-        type: 'SMTP_AUTH' as const,
-        host: values.host ?? '',
-        port: values.port ?? 587,
-        secure: values.secure ?? false,
-        ignoreTLS: values.ignoreTLS ?? false,
-        username: values.username || undefined,
-        password: values.password || undefined,
-        service: values.service || undefined,
-      };
-    case 'SMTP_API':
-      return {
-        type: 'SMTP_API' as const,
-        host: values.host ?? '',
-        port: values.port ?? 587,
-        secure: values.secure ?? false,
-        apiKey: values.apiKey || '',
-        apiKeyUser: values.apiKeyUser || undefined,
-      };
-    case 'RESEND':
-      return { type: 'RESEND' as const, apiKey: values.apiKey || '' };
-    case 'MAILCHANNELS':
-      return {
-        type: 'MAILCHANNELS' as const,
-        apiKey: values.apiKey || '',
-        endpoint: values.endpoint || undefined,
-      };
-  }
-};
@@ -197,9 +197,7 @@ export const PublicProfileForm = ({ className, profile, onProfileUpdate }: Publi

              return (
                <FormItem>
-                  <FormLabel>
-                    <Trans>Bio</Trans>
-                  </FormLabel>
+                  <FormLabel>Bio</FormLabel>
                  <FormControl>
                    <Textarea {...field} placeholder={_(msg`Write a description to display on your public profile`)} />
                  </FormControl>
@@ -1,49 +0,0 @@
-import { Select, SelectContent, SelectTrigger, SelectValue } from '@documenso/ui/primitives/select';
-import type React from 'react';
-import { useMemo } from 'react';
-import { useLocation, useNavigate, useSearchParams } from 'react-router';
-
-export type SearchParamSelector = {
-  paramKey: string;
-  isValueValid: (value: unknown) => boolean;
-  children: React.ReactNode;
-};
-
-export const SearchParamSelector = ({ children, paramKey, isValueValid }: SearchParamSelector) => {
-  const { pathname } = useLocation();
-  const [searchParams] = useSearchParams();
-
-  const navigate = useNavigate();
-
-  const value = useMemo(() => {
-    const p = searchParams?.get(paramKey) ?? 'all';
-
-    return isValueValid(p) ? p : 'all';
-  }, [searchParams]);
-
-  const onValueChange = (newValue: string) => {
-    if (!pathname) {
-      return;
-    }
-
-    const params = new URLSearchParams(searchParams?.toString());
-
-    params.set(paramKey, newValue);
-
-    if (newValue === '' || newValue === 'all') {
-      params.delete(paramKey);
-    }
-
-    void navigate(`${pathname}?${params.toString()}`, { preventScrollReset: true });
-  };
-
-  return (
-    <Select defaultValue={value} onValueChange={onValueChange}>
-      <SelectTrigger className="max-w-[200px] text-muted-foreground">
-        <SelectValue />
-      </SelectTrigger>
-
-      <SelectContent position="popper">{children}</SelectContent>
-    </Select>
-  );
-};
@@ -89,6 +89,7 @@ export const SignInForm = ({
  const turnstileSiteKey = env('NEXT_PUBLIC_TURNSTILE_SITE_KEY');
  const turnstileRef = useRef<TurnstileInstance>(null);
  const twoFactorTurnstileRef = useRef<TurnstileInstance>(null);
+  const [captchaToken, setCaptchaToken] = useState<string | null>(null);

  const [isPasskeyLoading, setIsPasskeyLoading] = useState(false);

@@ -196,31 +197,13 @@ export const SignInForm = ({
  };

  const onFormSubmit = async ({ email, password, totpCode, backupCode }: TSignInFormSchema) => {
-    const $turnstile = isTwoFactorAuthenticationDialogOpen ? twoFactorTurnstileRef.current : turnstileRef.current;
-
    try {
-      let token: string | undefined;
-
-      if (turnstileSiteKey) {
-        token = await $turnstile?.getResponsePromise(3000).catch((_err) => undefined);
-
-        if (!token) {
-          toast({
-            title: _(msg`Human verification required`),
-            description: _(msg`Please complete the CAPTCHA challenge before signing in.`),
-            variant: 'destructive',
-          });
-
-          return;
-        }
-      }
-
      await authClient.emailPassword.signIn({
        email,
        password,
        totpCode,
        backupCode,
-        captchaToken: token ?? undefined,
+        captchaToken: captchaToken ?? undefined,
        redirectPath,
      });
    } catch (err) {
@@ -231,6 +214,10 @@ export const SignInForm = ({
      if (error.code === 'TWO_FACTOR_MISSING_CREDENTIALS') {
        setIsTwoFactorAuthenticationDialogOpen(true);

+        // Turnstile tokens are single-use. Clear the consumed one so the
+        // dialog's fresh widget mounts cleanly and the dialog can't be
+        // submitted with the stale token before a new one is issued.
+        setCaptchaToken(null);
        return;
      }

@@ -260,7 +247,8 @@ export const SignInForm = ({
        variant: 'destructive',
      });

-      $turnstile?.reset();
+      turnstileRef.current?.reset();
+      setCaptchaToken(null);
    }
  };

@@ -370,9 +358,11 @@ export const SignInForm = ({
            <Turnstile
              ref={turnstileRef}
              siteKey={turnstileSiteKey}
+              onSuccess={setCaptchaToken}
+              onExpire={() => setCaptchaToken(null)}
              options={{
                size: 'flexible',
-                appearance: 'always',
+                appearance: 'interaction-only',
              }}
            />
          )}
@@ -509,9 +499,11 @@ export const SignInForm = ({
                  <Turnstile
                    ref={twoFactorTurnstileRef}
                    siteKey={turnstileSiteKey}
+                    onSuccess={setCaptchaToken}
+                    onExpire={() => setCaptchaToken(null)}
                    options={{
                      size: 'flexible',
-                      appearance: 'always',
+                      appearance: 'interaction-only',
                    }}
                  />
                </div>
@@ -526,7 +518,7 @@ export const SignInForm = ({
                  )}
                </Button>

-                <Button type="submit" loading={isSubmitting}>
+                <Button type="submit" loading={isSubmitting} disabled={Boolean(turnstileSiteKey) && !captchaToken}>
                  {isSubmitting ? <Trans>Signing in...</Trans> : <Trans>Sign In</Trans>}
                </Button>
              </DialogFooter>
@@ -20,7 +20,7 @@ import { useLingui } from '@lingui/react';
 import { Trans } from '@lingui/react/macro';
 import type { TurnstileInstance } from '@marsidev/react-turnstile';
 import { Turnstile } from '@marsidev/react-turnstile';
-import { useEffect, useRef } from 'react';
+import { useEffect, useRef, useState } from 'react';
 import { useForm } from 'react-hook-form';
 import { FaIdCardClip } from 'react-icons/fa6';
 import { FcGoogle } from 'react-icons/fc';
@@ -49,7 +49,6 @@ export const ZSignUpFormSchema = z

 export const SIGNUP_ERROR_MESSAGES: Record<string, MessageDescriptor> = {
  SIGNUP_DISABLED: msg`Signup is currently disabled or not available for your email domain.`,
-  SIGNUP_DISPOSABLE_EMAIL: msg`Disposable email addresses are not allowed. Please sign up with a permanent email address.`,
  [AppErrorCode.ALREADY_EXISTS]: msg`We were unable to create your account. If you already have an account, try signing in instead.`,
  [AppErrorCode.INVALID_REQUEST]: msg`We were unable to create your account. Please review the information you provided and try again.`,
 };
@@ -87,6 +86,8 @@ export const SignUpForm = ({
  const turnstileSiteKey = env('NEXT_PUBLIC_TURNSTILE_SITE_KEY');
  const turnstileRef = useRef<TurnstileInstance>(null);

+  const [captchaToken, setCaptchaToken] = useState<string | null>(null);
+
  const hasSocialAuthEnabled = isGoogleSignupEnabled || isMicrosoftSignupEnabled || isOidcSignupEnabled;

  const form = useForm<TSignUpFormSchema>({
@@ -104,28 +105,12 @@ export const SignUpForm = ({

  const onFormSubmit = async ({ name, email, password, signature }: TSignUpFormSchema) => {
    try {
-      let token: string | undefined;
-
-      if (turnstileSiteKey) {
-        token = await turnstileRef.current?.getResponsePromise(3000).catch((_err) => undefined);
-
-        if (!token) {
-          toast({
-            title: _(msg`Human verification required`),
-            description: _(msg`Please complete the CAPTCHA challenge before signing in.`),
-            variant: 'destructive',
-          });
-
-          return;
-        }
-      }
-
      await authClient.emailPassword.signUp({
        name,
        email,
        password,
        signature,
-        captchaToken: token ?? undefined,
+        captchaToken: captchaToken ?? undefined,
      });

      await navigate(returnTo ? returnTo : '/unverified-account');
@@ -155,6 +140,7 @@ export const SignUpForm = ({
      });

      turnstileRef.current?.reset();
+      setCaptchaToken(null);
    }
  };

@@ -330,9 +316,11 @@ export const SignUpForm = ({
                <Turnstile
                  ref={turnstileRef}
                  siteKey={turnstileSiteKey}
+                  onSuccess={setCaptchaToken}
+                  onExpire={() => setCaptchaToken(null)}
                  options={{
                    size: 'flexible',
-                    appearance: 'always',
+                    appearance: 'interaction-only',
                  }}
                />
              )}
@@ -1,6 +1,5 @@
 import type { TLicenseClaim } from '@documenso/lib/types/license';
 import { SUBSCRIPTION_CLAIM_FEATURE_FLAGS } from '@documenso/lib/types/subscription';
-import { trpc } from '@documenso/trpc/react';
 import { ZCreateSubscriptionClaimRequestSchema } from '@documenso/trpc/server/admin-router/create-subscription-claim.types';
 import { Alert, AlertDescription } from '@documenso/ui/primitives/alert';
 import { Checkbox } from '@documenso/ui/primitives/checkbox';
@@ -14,7 +13,6 @@ import {
  FormMessage,
 } from '@documenso/ui/primitives/form/form';
 import { Input } from '@documenso/ui/primitives/input';
-import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from '@documenso/ui/primitives/select';
 import { zodResolver } from '@hookform/resolvers/zod';
 import { Trans, useLingui } from '@lingui/react/macro';
 import type { SubscriptionClaim } from '@prisma/client';
@@ -22,8 +20,6 @@ import { useForm } from 'react-hook-form';
 import { Link } from 'react-router';
 import type { z } from 'zod';

-import { ClaimLimitFields } from '../general/claim-limit-fields';
-
 export type SubscriptionClaimFormValues = z.infer<typeof ZCreateSubscriptionClaimRequestSchema>;

 type SubscriptionClaimFormProps = {
@@ -53,22 +49,10 @@ export const SubscriptionClaimForm = ({
      teamCount: subscriptionClaim.teamCount,
      memberCount: subscriptionClaim.memberCount,
      envelopeItemCount: subscriptionClaim.envelopeItemCount,
-      recipientCount: subscriptionClaim.recipientCount,
      flags: subscriptionClaim.flags,
-      documentRateLimits: subscriptionClaim.documentRateLimits,
-      documentQuota: subscriptionClaim.documentQuota,
-      emailRateLimits: subscriptionClaim.emailRateLimits,
-      emailQuota: subscriptionClaim.emailQuota,
-      apiRateLimits: subscriptionClaim.apiRateLimits,
-      apiQuota: subscriptionClaim.apiQuota,
-      emailTransportId: subscriptionClaim.emailTransportId ?? null,
    },
  });

-  const { data: transportsData } = trpc.admin.emailTransport.find.useQuery({ perPage: 100 });
-  const transports = transportsData?.data ?? [];
-  const NONE_VALUE = '__none__';
-
  return (
    <Form {...form}>
      <form onSubmit={form.handleSubmit(onFormSubmit)}>
@@ -161,30 +145,6 @@ export const SubscriptionClaimForm = ({
            )}
          />

-          <FormField
-            control={form.control}
-            name="recipientCount"
-            render={({ field }) => (
-              <FormItem>
-                <FormLabel>
-                  <Trans>Recipient Count</Trans>
-                </FormLabel>
-                <FormControl>
-                  <Input
-                    type="number"
-                    min={0}
-                    {...field}
-                    onChange={(e) => field.onChange(parseInt(e.target.value, 10) || 0)}
-                  />
-                </FormControl>
-                <FormDescription>
-                  <Trans>Maximum number of recipients per document allowed. 0 = Unlimited</Trans>
-                </FormDescription>
-                <FormMessage />
-              </FormItem>
-            )}
-          />
-
          <div>
            <FormLabel>
              <Trans>Feature Flags</Trans>
@@ -243,42 +203,6 @@ export const SubscriptionClaimForm = ({
            )}
          </div>

-          <ClaimLimitFields control={form.control} disabled={form.formState.isSubmitting} />
-
-          <FormField
-            control={form.control}
-            name="emailTransportId"
-            render={({ field }) => (
-              <FormItem>
-                <FormLabel>
-                  <Trans>Email transport</Trans>
-                </FormLabel>
-                <Select
-                  value={field.value ?? NONE_VALUE}
-                  onValueChange={(value) => field.onChange(value === NONE_VALUE ? null : value)}
-                >
-                  <FormControl>
-                    <SelectTrigger>
-                      <SelectValue placeholder={t`Default (system mailer)`} />
-                    </SelectTrigger>
-                  </FormControl>
-                  <SelectContent>
-                    <SelectItem value={NONE_VALUE}>{t`Default (system mailer)`}</SelectItem>
-                    {transports.map((transport) => (
-                      <SelectItem key={transport.id} value={transport.id}>
-                        {transport.name}
-                      </SelectItem>
-                    ))}
-                  </SelectContent>
-                </Select>
-                <FormDescription>
-                  <Trans>Plans without a transport use the system default mailer.</Trans>
-                </FormDescription>
-                <FormMessage />
-              </FormItem>
-            )}
-          />
-
          {formSubmitTrigger}
        </fieldset>
      </form>
@@ -1,171 +0,0 @@
-import {
-  SITE_SETTINGS_EMAIL_BLOCKLIST_ID,
-  type TSiteSettingsEmailBlocklistSchema,
-} from '@documenso/lib/server-only/site-settings/schemas/email-blocklist';
-import { trpc as trpcReact } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Form,
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@documenso/ui/primitives/form/form';
-import { Switch } from '@documenso/ui/primitives/switch';
-import { Textarea } from '@documenso/ui/primitives/textarea';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { msg } from '@lingui/core/macro';
-import { useLingui } from '@lingui/react';
-import { Trans } from '@lingui/react/macro';
-import { useForm } from 'react-hook-form';
-import { useRevalidator } from 'react-router';
-import { z } from 'zod';
-
-const ZEmailBlocklistFormSchema = z.object({
-  enabled: z.boolean(),
-  domains: z.string(),
-});
-
-type TEmailBlocklistFormSchema = z.infer<typeof ZEmailBlocklistFormSchema>;
-
-/**
- * Splits a comma-separated string into a normalised list of domains.
- * Normalisation (trim, lowercase, strip leading "@", dedupe) is applied
- * server-side by the schema as well — this is for display consistency.
- */
-const parseDomainsInput = (value: string): string[] => {
-  return Array.from(
-    new Set(
-      value
-        .split(',')
-        .map((entry) => entry.trim().toLowerCase().replace(/^@/, ''))
-        .filter((entry) => entry.length > 0),
-    ),
-  );
-};
-
-type AdminEmailBlocklistSectionProps = {
-  emailBlocklist: TSiteSettingsEmailBlocklistSchema | undefined;
-};
-
-export const AdminEmailBlocklistSection = ({ emailBlocklist }: AdminEmailBlocklistSectionProps) => {
-  const { toast } = useToast();
-  const { _ } = useLingui();
-  const { revalidate } = useRevalidator();
-
-  const form = useForm<TEmailBlocklistFormSchema>({
-    resolver: zodResolver(ZEmailBlocklistFormSchema),
-    defaultValues: {
-      enabled: emailBlocklist?.enabled ?? false,
-      domains: (emailBlocklist?.data?.domains ?? []).join(', '),
-    },
-  });
-
-  const enabled = form.watch('enabled');
-
-  const { mutateAsync: updateSiteSetting, isPending: isUpdateSiteSettingLoading } =
-    trpcReact.admin.updateSiteSetting.useMutation();
-
-  const onBlocklistUpdate = async ({ enabled, domains }: TEmailBlocklistFormSchema) => {
-    try {
-      const parsedDomains = parseDomainsInput(domains);
-
-      await updateSiteSetting({
-        id: SITE_SETTINGS_EMAIL_BLOCKLIST_ID,
-        enabled,
-        data: {
-          domains: parsedDomains,
-        },
-      });
-
-      // Reflect the normalised value back in the form.
-      form.reset({
-        enabled,
-        domains: parsedDomains.join(', '),
-      });
-
-      toast({
-        title: _(msg`Email Blocklist Updated`),
-        description: _(msg`The email blocklist has been updated successfully.`),
-        duration: 5000,
-      });
-
-      await revalidate();
-    } catch (err) {
-      toast({
-        title: _(msg`An unknown error occurred`),
-        variant: 'destructive',
-        description: _(
-          msg`We encountered an unknown error while attempting to update the email blocklist. Please try again later.`,
-        ),
-      });
-    }
-  };
-
-  return (
-    <div>
-      <h2 className="font-semibold">
-        <Trans>Email Blocklist</Trans>
-      </h2>
-      <p className="mt-2 text-muted-foreground text-sm">
-        <Trans>
-          Block signups from additional email domains on top of the bundled disposable email list. Subdomains are
-          matched automatically (e.g. blocking "bad.com" also blocks "foo.bad.com").
-        </Trans>
-      </p>
-
-      <Form {...form}>
-        <form className="mt-4 flex flex-col rounded-md" onSubmit={form.handleSubmit(onBlocklistUpdate)}>
-          <FormField
-            control={form.control}
-            name="enabled"
-            render={({ field }) => (
-              <FormItem>
-                <FormLabel>
-                  <Trans>Enabled</Trans>
-                </FormLabel>
-
-                <FormControl>
-                  <div>
-                    <Switch checked={field.value} onCheckedChange={field.onChange} />
-                  </div>
-                </FormControl>
-              </FormItem>
-            )}
-          />
-
-          <fieldset className="mt-4" disabled={!enabled} aria-disabled={!enabled}>
-            <FormField
-              control={form.control}
-              name="domains"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>Blocked Domains</Trans>
-                  </FormLabel>
-
-                  <FormControl>
-                    <Textarea className="h-32 resize-none" placeholder="bad.com, spam.net, throwaway.io" {...field} />
-                  </FormControl>
-
-                  <FormDescription>
-                    <Trans>Comma-separated list of email domains to block from signing up.</Trans>
-                  </FormDescription>
-
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          </fieldset>
-
-          <Button type="submit" loading={isUpdateSiteSettingLoading} className="mt-4 justify-end self-end">
-            <Trans>Update Blocklist</Trans>
-          </Button>
-        </form>
-      </Form>
-    </div>
-  );
-};
@@ -1,197 +0,0 @@
-import {
-  SITE_SETTINGS_BANNER_ID,
-  type TSiteSettingsBannerSchema,
-  ZSiteSettingsBannerSchema,
-} from '@documenso/lib/server-only/site-settings/schemas/banner';
-import { trpc as trpcReact } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import { ColorPicker } from '@documenso/ui/primitives/color-picker';
-import {
-  Form,
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@documenso/ui/primitives/form/form';
-import { Switch } from '@documenso/ui/primitives/switch';
-import { Textarea } from '@documenso/ui/primitives/textarea';
-import { useToast } from '@documenso/ui/primitives/use-toast';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { msg } from '@lingui/core/macro';
-import { useLingui } from '@lingui/react';
-import { Trans } from '@lingui/react/macro';
-import { useForm } from 'react-hook-form';
-import { useRevalidator } from 'react-router';
-import type { z } from 'zod';
-
-import { useCspNonce } from '~/utils/nonce';
-
-const ZBannerFormSchema = ZSiteSettingsBannerSchema;
-
-type TBannerFormSchema = z.infer<typeof ZBannerFormSchema>;
-
-type AdminSiteBannerSectionProps = {
-  banner: TSiteSettingsBannerSchema | undefined;
-};
-
-export const AdminSiteBannerSection = ({ banner }: AdminSiteBannerSectionProps) => {
-  const nonce = useCspNonce();
-
-  const { toast } = useToast();
-  const { _ } = useLingui();
-  const { revalidate } = useRevalidator();
-
-  const form = useForm<TBannerFormSchema>({
-    resolver: zodResolver(ZBannerFormSchema),
-    defaultValues: {
-      id: SITE_SETTINGS_BANNER_ID,
-      enabled: banner?.enabled ?? false,
-      data: {
-        content: banner?.data?.content ?? '',
-        bgColor: banner?.data?.bgColor ?? '#000000',
-        textColor: banner?.data?.textColor ?? '#FFFFFF',
-      },
-    },
-  });
-
-  const enabled = form.watch('enabled');
-
-  const { mutateAsync: updateSiteSetting, isPending: isUpdateSiteSettingLoading } =
-    trpcReact.admin.updateSiteSetting.useMutation();
-
-  const onBannerUpdate = async ({ id, enabled, data }: TBannerFormSchema) => {
-    try {
-      await updateSiteSetting({
-        id,
-        enabled,
-        data,
-      });
-
-      toast({
-        title: _(msg`Banner Updated`),
-        description: _(msg`Your banner has been updated successfully.`),
-        duration: 5000,
-      });
-
-      await revalidate();
-    } catch (err) {
-      toast({
-        title: _(msg`An unknown error occurred`),
-        variant: 'destructive',
-        description: _(
-          msg`We encountered an unknown error while attempting to update the banner. Please try again later.`,
-        ),
-      });
-    }
-  };
-
-  return (
-    <div>
-      <h2 className="font-semibold">
-        <Trans>Site Banner</Trans>
-      </h2>
-      <p className="mt-2 text-muted-foreground text-sm">
-        <Trans>
-          The site banner is a message that is shown at the top of the site. It can be used to display important
-          information to your users.
-        </Trans>
-      </p>
-
-      <Form {...form}>
-        <form className="mt-4 flex flex-col rounded-md" onSubmit={form.handleSubmit(onBannerUpdate)}>
-          <div className="mt-4 flex flex-col gap-4 md:flex-row">
-            <FormField
-              control={form.control}
-              name="enabled"
-              render={({ field }) => (
-                <FormItem className="flex-1">
-                  <FormLabel>
-                    <Trans>Enabled</Trans>
-                  </FormLabel>
-
-                  <FormControl>
-                    <div>
-                      <Switch checked={field.value} onCheckedChange={field.onChange} />
-                    </div>
-                  </FormControl>
-                </FormItem>
-              )}
-            />
-
-            <fieldset className="flex flex-col gap-4 md:flex-row" disabled={!enabled} aria-disabled={!enabled}>
-              <FormField
-                control={form.control}
-                name="data.bgColor"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Background Color</Trans>
-                    </FormLabel>
-
-                    <FormControl>
-                      <div>
-                        <ColorPicker {...field} nonce={nonce} />
-                      </div>
-                    </FormControl>
-
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              <FormField
-                control={form.control}
-                name="data.textColor"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>
-                      <Trans>Text Color</Trans>
-                    </FormLabel>
-
-                    <FormControl>
-                      <div>
-                        <ColorPicker {...field} nonce={nonce} />
-                      </div>
-                    </FormControl>
-
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-            </fieldset>
-          </div>
-
-          <fieldset disabled={!enabled} aria-disabled={!enabled}>
-            <FormField
-              control={form.control}
-              name="data.content"
-              render={({ field }) => (
-                <FormItem>
-                  <FormLabel>
-                    <Trans>Content</Trans>
-                  </FormLabel>
-
-                  <FormControl>
-                    <Textarea className="h-32 resize-none" {...field} />
-                  </FormControl>
-
-                  <FormDescription>
-                    <Trans>The content to show in the banner, HTML is allowed</Trans>
-                  </FormDescription>
-
-                  <FormMessage />
-                </FormItem>
-              )}
-            />
-          </fieldset>
-
-          <Button type="submit" loading={isUpdateSiteSettingLoading} className="mt-4 justify-end self-end">
-            <Trans>Update Banner</Trans>
-          </Button>
-        </form>
-      </Form>
-    </div>
-  );
-};
@@ -54,6 +54,7 @@ export const BillingPlans = ({ plans }: BillingPlansProps) => {
      if (plan[interval] && plan[interval].isVisibleInApp) {
        prices.push({
          ...plan[interval],
+          memberCount: plan.memberCount,
          claim: plan.id,
        });
      }
@@ -119,7 +120,12 @@ export const BillingPlans = ({ plans }: BillingPlansProps) => {
                    <Trans>Subscribe</Trans>
                  </IndividualPersonalLayoutCheckoutButton>
                ) : (
-                  <BillingDialog priceId={price.id} planName={price.product.name} claim={price.claim} />
+                  <BillingDialog
+                    priceId={price.id}
+                    planName={price.product.name}
+                    memberCount={price.memberCount}
+                    claim={price.claim}
+                  />
                )}
              </CardContent>
            </MotionCard>
@@ -130,7 +136,16 @@ export const BillingPlans = ({ plans }: BillingPlansProps) => {
  );
 };

-const BillingDialog = ({ priceId, planName, claim }: { priceId: string; planName: string; claim: string }) => {
+const BillingDialog = ({
+  priceId,
+  planName,
+  claim,
+}: {
+  priceId: string;
+  planName: string;
+  memberCount: number;
+  claim: string;
+}) => {
  const [isOpen, setIsOpen] = useState(false);

  const { t } = useLingui();
@@ -1,7 +1,6 @@
 import { authClient } from '@documenso/auth/client';
 import { useAnalytics } from '@documenso/lib/client-only/hooks/use-analytics';
 import { AppError } from '@documenso/lib/errors/app-error';
-import { env } from '@documenso/lib/utils/env';
 import { zEmail } from '@documenso/lib/utils/zod';
 import { ZPasswordSchema } from '@documenso/trpc/server/auth-router/schema';
 import { Button } from '@documenso/ui/primitives/button';
@@ -13,9 +12,6 @@ import { zodResolver } from '@hookform/resolvers/zod';
 import { msg } from '@lingui/core/macro';
 import { useLingui } from '@lingui/react';
 import { Trans } from '@lingui/react/macro';
-import type { TurnstileInstance } from '@marsidev/react-turnstile';
-import { Turnstile } from '@marsidev/react-turnstile';
-import { useRef } from 'react';
 import { useForm } from 'react-hook-form';
 import { useNavigate } from 'react-router';
 import { z } from 'zod';
@@ -54,9 +50,6 @@ export const ClaimAccount = ({ defaultName, defaultEmail }: ClaimAccountProps) =
  const analytics = useAnalytics();
  const navigate = useNavigate();

-  const turnstileSiteKey = env('NEXT_PUBLIC_TURNSTILE_SITE_KEY');
-  const turnstileRef = useRef<TurnstileInstance>(null);
-
  const form = useForm<TClaimAccountFormSchema>({
    values: {
      name: defaultName ?? '',
@@ -68,28 +61,7 @@ export const ClaimAccount = ({ defaultName, defaultEmail }: ClaimAccountProps) =

  const onFormSubmit = async ({ name, email, password }: TClaimAccountFormSchema) => {
    try {
-      let token: string | undefined;
-
-      if (turnstileSiteKey) {
-        token = await turnstileRef.current?.getResponsePromise(3000).catch((_err) => undefined);
-
-        if (!token) {
-          toast({
-            title: _(msg`Human verification required`),
-            description: _(msg`Please complete the CAPTCHA challenge before signing in.`),
-            variant: 'destructive',
-          });
-
-          return;
-        }
-      }
-
-      await authClient.emailPassword.signUp({
-        name,
-        email,
-        password,
-        captchaToken: token ?? undefined,
-      });
+      await authClient.emailPassword.signUp({ name, email, password });

      await navigate(`/unverified-account`);

@@ -115,8 +87,6 @@ export const ClaimAccount = ({ defaultName, defaultEmail }: ClaimAccountProps) =
        description: _(errorMessage),
        variant: 'destructive',
      });
-
-      turnstileRef.current?.reset();
    }
  };

@@ -171,19 +141,6 @@ export const ClaimAccount = ({ defaultName, defaultEmail }: ClaimAccountProps) =
              )}
            />

-            {turnstileSiteKey && (
-              <div className="mt-4">
-                <Turnstile
-                  ref={turnstileRef}
-                  siteKey={turnstileSiteKey}
-                  options={{
-                    size: 'flexible',
-                    appearance: 'always',
-                  }}
-                />
-              </div>
-            )}
-
            <Button type="submit" className="mt-6 w-full" loading={form.formState.isSubmitting}>
              <Trans>Claim account</Trans>
            </Button>
@@ -1,97 +0,0 @@
-import {
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@documenso/ui/primitives/form/form';
-import { Input } from '@documenso/ui/primitives/input';
-import { Trans, useLingui } from '@lingui/react/macro';
-import type { ReactNode } from 'react';
-import type { Control, FieldValues, Path } from 'react-hook-form';
-
-import { RateLimitArrayInput } from './rate-limit-array-input';
-
-type ClaimLimitFieldsProps<T extends FieldValues> = {
-  control: Control<T>;
-  /** e.g. '' for the claim form, 'claims.' for the org admin form. */
-  prefix?: string;
-  disabled?: boolean;
-};
-
-export const ClaimLimitFields = <T extends FieldValues>({
-  control,
-  prefix = '',
-  disabled,
-}: ClaimLimitFieldsProps<T>) => {
-  const { t } = useLingui();
-
-  // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
-  const name = (key: string) => `${prefix}${key}` as Path<T>;
-
-  const renderQuotaField = (key: string, label: ReactNode, description: ReactNode) => (
-    <FormField
-      control={control}
-      name={name(key)}
-      render={({ field }) => (
-        <FormItem>
-          <FormLabel>{label}</FormLabel>
-          <FormControl>
-            <Input
-              type="number"
-              min={0}
-              disabled={disabled}
-              value={field.value === null || field.value === undefined ? '' : field.value}
-              placeholder={t`Unlimited`}
-              onChange={(e) => field.onChange(e.target.value === '' ? null : parseInt(e.target.value, 10))}
-            />
-          </FormControl>
-          <FormDescription>{description}</FormDescription>
-          <FormMessage />
-        </FormItem>
-      )}
-    />
-  );
-
-  const renderRateLimitField = (key: string, label: ReactNode) => (
-    <FormField
-      control={control}
-      name={name(key)}
-      render={({ field }) => (
-        <FormItem>
-          <FormLabel>{label}</FormLabel>
-          <FormControl>
-            <RateLimitArrayInput value={field.value ?? []} onChange={field.onChange} disabled={disabled} />
-          </FormControl>
-          <FormMessage />
-        </FormItem>
-      )}
-    />
-  );
-
-  return (
-    <div className="space-y-4 rounded-md border p-4">
-      <FormLabel>
-        <Trans>Limits</Trans>
-      </FormLabel>
-
-      {renderQuotaField(
-        'documentQuota',
-        <Trans>Monthly document quota</Trans>,
-        <Trans>Empty = Unlimited, 0 = Blocked</Trans>,
-      )}
-      {renderRateLimitField('documentRateLimits', <Trans>Document rate limits</Trans>)}
-
-      {renderQuotaField(
-        'emailQuota',
-        <Trans>Monthly email quota</Trans>,
-        <Trans>Empty = Unlimited, 0 = Blocked</Trans>,
-      )}
-      {renderRateLimitField('emailRateLimits', <Trans>Email rate limits</Trans>)}
-
-      {renderQuotaField('apiQuota', <Trans>Monthly API quota</Trans>, <Trans>Empty = Unlimited, 0 = Blocked</Trans>)}
-      {renderRateLimitField('apiRateLimits', <Trans>API rate limits</Trans>)}
-    </div>
-  );
-};
@@ -1,5 +1,4 @@
 import { RECIPIENT_ROLES_DESCRIPTION } from '@documenso/lib/constants/recipient-roles';
-import { AppError } from '@documenso/lib/errors/app-error';
 import type { TTemplate } from '@documenso/lib/types/template';
 import { isRequiredField } from '@documenso/lib/utils/advanced-fields-helpers';
 import { getDocumentDataUrlForPdfViewer } from '@documenso/lib/utils/envelope-download';
@@ -13,12 +12,11 @@ import { msg } from '@lingui/core/macro';
 import { useLingui } from '@lingui/react';
 import type { Field, Recipient } from '@prisma/client';
 import { useState } from 'react';
-import { useSearchParams } from 'react-router';
+import { useNavigate, useSearchParams } from 'react-router';

 import { useRequiredDocumentSigningAuthContext } from '~/components/general/document-signing/document-signing-auth-provider';
 import { useRequiredDocumentSigningContext } from '~/components/general/document-signing/document-signing-provider';
 import PDFViewerLazy from '~/components/general/pdf-viewer/pdf-viewer-lazy';
-import { getDirectTemplateErrorMessage } from '~/utils/toast-error-messages';

 import { DirectTemplateConfigureForm, type TDirectTemplateConfigureFormSchema } from './direct-template-configure-form';
 import { type DirectTemplateLocalField, DirectTemplateSigningForm } from './direct-template-signing-form';
@@ -37,6 +35,7 @@ export const DirectTemplatePageView = ({
  directTemplateRecipient,
  directTemplateToken,
 }: DirectTemplatePageViewProps) => {
+  const navigate = useNavigate();
  const [searchParams] = useSearchParams();

  const { _ } = useLingui();
@@ -118,15 +117,12 @@ export const DirectTemplatePageView = ({
      if (redirectUrl) {
        window.location.href = redirectUrl;
      } else {
-        window.location.href = `/sign/${token}/complete`;
+        await navigate(`/sign/${token}/complete`);
      }
    } catch (err) {
-      const error = AppError.parseError(err);
-      const errorMessage = getDirectTemplateErrorMessage(error.code);
-
      toast({
-        title: _(errorMessage.title),
-        description: _(errorMessage.description),
+        title: _(msg`Something went wrong`),
+        description: _(msg`We were unable to submit this document at this time. Please try again later.`),
        variant: 'destructive',
      });

@@ -1,68 +0,0 @@
-import { AppErrorCode } from '@documenso/lib/errors/app-error';
-import { Button } from '@documenso/ui/primitives/button';
-import { Trans } from '@lingui/react/macro';
-import { AlertTriangleIcon } from 'lucide-react';
-
-export type CscRecipientBlockedPageProps = {
-  code: string;
-  recipientToken: string;
-};
-
-/**
- * Terminal page rendered when the service-scope CSC OAuth callback surfaces a
- * hard error the recipient can't resolve themselves (empty credential list,
- * invalid cert, refused algorithm). The blocking-error cookie is read +
- * cleared by the loader; this page only renders the message + retry CTA.
- *
- * The retry link kicks a fresh service-scope OAuth round-trip — useful when
- * the TSP-side issue is transient (e.g. the recipient's admin has since
- * provisioned a credential).
- */
-export const CscRecipientBlockedPage = ({ code, recipientToken }: CscRecipientBlockedPageProps) => {
-  const retryUrl = `/api/csc/oauth/authorize?scope=service&token=${encodeURIComponent(recipientToken)}`;
-
-  return (
-    <div className="-mx-4 flex max-w-[100vw] flex-col items-center overflow-x-hidden px-4 pt-16 md:-mx-8 md:px-8 lg:pt-16 xl:pt-24">
-      <AlertTriangleIcon className="h-12 w-12 text-destructive" />
-
-      <h2 className="mt-6 max-w-[35ch] text-center font-semibold text-2xl leading-normal md:text-3xl lg:text-4xl">
-        {code === AppErrorCode.CSC_CREDENTIAL_LIST_EMPTY ? (
-          <Trans>No signing credentials available</Trans>
-        ) : code === AppErrorCode.CSC_CERT_INVALID ? (
-          <Trans>Signing certificate is invalid</Trans>
-        ) : code === AppErrorCode.CSC_ALGORITHM_REFUSED ? (
-          <Trans>Signing algorithm is not supported</Trans>
-        ) : (
-          <Trans>Unable to start the signing flow</Trans>
-        )}
-      </h2>
-
-      <p className="mt-2.5 max-w-[60ch] text-center font-medium text-muted-foreground/60 text-sm md:text-base">
-        {code === AppErrorCode.CSC_CREDENTIAL_LIST_EMPTY ? (
-          <Trans>
-            Your signing provider returned no usable credentials for this account. Contact your administrator or signing
-            provider for assistance.
-          </Trans>
-        ) : code === AppErrorCode.CSC_CERT_INVALID ? (
-          <Trans>
-            Your signing certificate is invalid, expired, or missing a required key. Contact your administrator or
-            signing provider for assistance.
-          </Trans>
-        ) : code === AppErrorCode.CSC_ALGORITHM_REFUSED ? (
-          <Trans>
-            Your signing provider does not advertise a signing algorithm this document accepts. Contact your
-            administrator or signing provider for assistance.
-          </Trans>
-        ) : (
-          <Trans>Something went wrong while preparing the remote signature. Please try again.</Trans>
-        )}
-      </p>
-
-      <Button asChild className="mt-8">
-        <a href={retryUrl}>
-          <Trans>Try again</Trans>
-        </a>
-      </Button>
-    </div>
-  );
-};
@@ -1,105 +0,0 @@
-import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
-import { trpc } from '@documenso/trpc/react';
-import { Button } from '@documenso/ui/primitives/button';
-import { Trans } from '@lingui/react/macro';
-import { AlertTriangleIcon, Loader2Icon } from 'lucide-react';
-import { useEffect, useRef, useState } from 'react';
-
-export type CscRecipientSigningInProgressPageProps = {
-  sessionId: string;
-  recipientToken: string;
-};
-
-/**
- * Rendered when the credential-scope OAuth callback has attached a SAD to the
- * server-side `CscSession` and set the `csc_sad_session` cookie. The page
- * auto-fires `enterprise.csc.signEnvelope` on mount and navigates to the
- * completion page on success. On failure, it surfaces an error message and
- * a retry CTA pointing at a fresh credential-scope OAuth round-trip.
- */
-export const CscRecipientSigningInProgressPage = ({
-  sessionId,
-  recipientToken,
-}: CscRecipientSigningInProgressPageProps) => {
-  const { mutateAsync: signEnvelope } = trpc.enterprise.csc.signEnvelope.useMutation();
-
-  const [error, setError] = useState<string | null>(null);
-
-  // Ref rather than state for the fire-once guard. Refs mutate synchronously,
-  // so React StrictMode's double-invoke of the effect sees the updated value
-  // on the second pass and short-circuits. A useState guard would still let
-  // the second effect fire because the queued setState from the first run
-  // hasn't been committed yet when the second one reads it — that double-fire
-  // races two signEnvelope calls; whichever loses sees the SAD already
-  // consumed and flashes "Signing failed" before the winning call's
-  // navigation kicks in.
-  const hasFiredRef = useRef(false);
-
-  useEffect(() => {
-    if (hasFiredRef.current) {
-      return;
-    }
-
-    hasFiredRef.current = true;
-
-    const run = async () => {
-      try {
-        await signEnvelope({ sessionId, recipientToken });
-
-        window.location.href = `/sign/${recipientToken}/complete`;
-      } catch (err) {
-        const parsed = AppError.parseError(err);
-        setError(parsed.code || AppErrorCode.UNKNOWN_ERROR);
-      }
-    };
-
-    void run();
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, []);
-
-  const retryUrl = `/api/csc/oauth/authorize?scope=credential&session=${encodeURIComponent(sessionId)}`;
-
-  return (
-    <div className="-mx-4 flex max-w-[100vw] flex-col items-center overflow-x-hidden px-4 pt-16 md:-mx-8 md:px-8 lg:pt-16 xl:pt-24">
-      {error ? (
-        <>
-          <AlertTriangleIcon className="h-12 w-12 text-destructive" />
-
-          <h2 className="mt-6 max-w-[35ch] text-center font-semibold text-2xl leading-normal md:text-3xl lg:text-4xl">
-            <Trans>Signing failed</Trans>
-          </h2>
-
-          <p className="mt-2.5 max-w-[60ch] text-center font-medium text-muted-foreground/60 text-sm md:text-base">
-            {error === AppErrorCode.CSC_TSP_TIMEOUT ? (
-              <Trans>The signing provider did not respond in time. Please retry.</Trans>
-            ) : error === AppErrorCode.CSC_SAD_EXPIRED_PRE_SIGN ? (
-              <Trans>
-                Your signing authorisation expired before the signature could be applied. Please reauthorise to retry.
-              </Trans>
-            ) : (
-              <Trans>Something went wrong while applying your signature. Please retry.</Trans>
-            )}
-          </p>
-
-          <Button asChild className="mt-8">
-            <a href={retryUrl}>
-              <Trans>Reauthorise and retry</Trans>
-            </a>
-          </Button>
-        </>
-      ) : (
-        <>
-          <Loader2Icon className="h-12 w-12 animate-spin text-primary" />
-
-          <h2 className="mt-6 max-w-[35ch] text-center font-semibold text-2xl leading-normal md:text-3xl lg:text-4xl">
-            <Trans>Applying your signature</Trans>
-          </h2>
-
-          <p className="mt-2.5 max-w-[60ch] text-center font-medium text-muted-foreground/60 text-sm md:text-base">
-            <Trans>Please don't close this tab. The signing provider is finalising your signature.</Trans>
-          </p>
-        </>
-      )}
-    </div>
-  );
-};
@@ -97,7 +97,7 @@ export const DocumentSigningMobileWidget = () => {
                  layoutId="document-signing-mobile-widget-progress-bar"
                  className="absolute inset-y-0 left-0 bg-primary"
                  style={{
-                    width: `${requiredRecipientFields.length === 0 ? 100 : 100 - (100 / requiredRecipientFields.length) * (recipientFieldsRemaining.length ?? 0)}%`,
+                    width: `${100 - (100 / requiredRecipientFields.length) * (recipientFieldsRemaining.length ?? 0)}%`,
                  }}
                />
              </div>
@@ -27,6 +27,7 @@ import type { Field } from '@prisma/client';
 import { FieldType, RecipientRole } from '@prisma/client';
 import { LucideChevronDown, LucideChevronUp } from 'lucide-react';
 import { useMemo, useState } from 'react';
+import { useNavigate } from 'react-router';
 import { match, P } from 'ts-pattern';

 import { DocumentSigningAttachmentsPopover } from '~/components/general/document-signing/document-signing-attachments-popover';
@@ -49,11 +50,6 @@ import { useRequiredDocumentSigningAuthContext } from './document-signing-auth-p
 import { DocumentSigningCompleteDialog } from './document-signing-complete-dialog';
 import { DocumentSigningRecipientProvider } from './document-signing-recipient-provider';

-type DocumentSigningBranding = {
-  brandingEnabled: boolean;
-  brandingLogo: string;
-};
-
 export type DocumentSigningPageViewV1Props = {
  recipient: RecipientWithFields;
  document: DocumentAndSender;
@@ -61,7 +57,6 @@ export type DocumentSigningPageViewV1Props = {
  completedFields: CompletedField[];
  isRecipientsTurn: boolean;
  allRecipients?: RecipientWithFields[];
-  branding: DocumentSigningBranding;
  includeSenderDetails: boolean;
 };

@@ -73,7 +68,6 @@ export const DocumentSigningPageViewV1 = ({
  isRecipientsTurn,
  allRecipients = [],
  includeSenderDetails,
-  branding,
 }: DocumentSigningPageViewV1Props) => {
  const { documentData, documentMeta } = document;

@@ -83,6 +77,7 @@ export const DocumentSigningPageViewV1 = ({
    ? authUser.twoFactorEnabled && authUser.email === recipient.email
    : false;

+  const navigate = useNavigate();
  const analytics = useAnalytics();

  const [selectedSignerId, setSelectedSignerId] = useState<number | null>(allRecipients?.[0]?.id);
@@ -127,7 +122,7 @@ export const DocumentSigningPageViewV1 = ({
    if (documentMeta?.redirectUrl) {
      window.location.href = documentMeta.redirectUrl;
    } else {
-      window.location.href = `/sign/${recipient.token}/complete`;
+      await navigate(`/sign/${recipient.token}/complete`);
    }
  };

@@ -147,7 +142,7 @@ export const DocumentSigningPageViewV1 = ({
      return undefined;
    }

-    const sortedRecipients = [...allRecipients].sort((a, b) => {
+    const sortedRecipients = allRecipients.sort((a, b) => {
      // Sort by signingOrder first (nulls last), then by id
      if (a.signingOrder === null && b.signingOrder === null) {
        return a.id - b.id;
@@ -173,12 +168,10 @@ export const DocumentSigningPageViewV1 = ({
  const pendingFields = fieldsRequiringValidation.filter((field) => !field.inserted);
  const hasPendingFields = pendingFields.length > 0;

-  const hasCustomBrandingLogo = branding.brandingEnabled && Boolean(branding.brandingLogo);
-
  return (
    <DocumentSigningRecipientProvider recipient={recipient} targetSigner={targetSigner}>
      <div className="mx-auto w-full max-w-screen-xl sm:px-6">
-        {hasCustomBrandingLogo && (
+        {document.team.teamGlobalSettings.brandingEnabled && document.team.teamGlobalSettings.brandingLogo && (
          <img
            src={`/api/branding/logo/team/${document.teamId}`}
            alt={`${document.team.name}'s Logo`}
@@ -150,7 +150,7 @@ export const DocumentSigningPageViewV2 = () => {
                  layoutId="document-flow-container-step"
                  className="absolute inset-y-0 left-0 bg-primary"
                  style={{
-                    width: `${requiredRecipientFields.length === 0 ? 100 : 100 - (100 / requiredRecipientFields.length) * (recipientFieldsRemaining.length ?? 0)}%`,
+                    width: `${100 - (100 / requiredRecipientFields.length) * (recipientFieldsRemaining.length ?? 0)}%`,
                  }}
                />
              </div>
@@ -17,7 +17,7 @@ import { msg } from '@lingui/core/macro';
 import { Trans, useLingui } from '@lingui/react/macro';
 import { useEffect, useState } from 'react';
 import { useForm } from 'react-hook-form';
-import { useSearchParams } from 'react-router';
+import { useNavigate, useSearchParams } from 'react-router';
 import { z } from 'zod';

 const ZRejectDocumentFormSchema = z.object({
@@ -41,6 +41,7 @@ export function DocumentSigningRejectDialog({
 }: DocumentSigningRejectDialogProps) {
  const { t } = useLingui();
  const { toast } = useToast();
+  const navigate = useNavigate();
  const [searchParams] = useSearchParams();

  const [isOpen, setIsOpen] = useState(false);
@@ -73,7 +74,7 @@ export function DocumentSigningRejectDialog({
      if (onRejected) {
        await onRejected(reason);
      } else {
-        window.location.href = `/sign/${token}/rejected`;
+        await navigate(`/sign/${token}/rejected`);
      }
    } catch (err) {
      toast({
@@ -294,7 +294,7 @@ export const EnvelopeSigningProvider = ({
      return null;
    }

-    const sortedRecipients = [...envelope.recipients].sort((a, b) => {
+    const sortedRecipients = envelope.recipients.sort((a, b) => {
      // Sort by signingOrder first (nulls last), then by id
      if (a.signingOrder === null && b.signingOrder === null) {
        return a.id - b.id;
@@ -11,10 +11,10 @@ import { DownloadIcon } from 'lucide-react';

 export type DocumentAuditLogDownloadButtonProps = {
  className?: string;
-  envelopeId: string;
+  documentId: number;
 };

-export const DocumentAuditLogDownloadButton = ({ className, envelopeId }: DocumentAuditLogDownloadButtonProps) => {
+export const DocumentAuditLogDownloadButton = ({ className, documentId }: DocumentAuditLogDownloadButtonProps) => {
  const { toast } = useToast();
  const { _ } = useLingui();

@@ -22,7 +22,7 @@ export const DocumentAuditLogDownloadButton = ({ className, envelopeId }: Docume

  const onDownloadAuditLogsClick = async () => {
    try {
-      const { data, envelopeTitle } = await downloadAuditLogs({ envelopeId });
+      const { data, envelopeTitle } = await downloadAuditLogs({ documentId });

      const buffer = new Uint8Array(base64.decode(data));
      const blob = new Blob([buffer], { type: 'application/pdf' });
@@ -13,13 +13,13 @@ import { DownloadIcon } from 'lucide-react';

 export type DocumentCertificateDownloadButtonProps = {
  className?: string;
-  envelopeId: string;
+  documentId: number;
  documentStatus: DocumentStatus;
 };

 export const DocumentCertificateDownloadButton = ({
  className,
-  envelopeId,
+  documentId,
  documentStatus,
 }: DocumentCertificateDownloadButtonProps) => {
  const { toast } = useToast();
@@ -29,7 +29,7 @@ export const DocumentCertificateDownloadButton = ({

  const onDownloadCertificatesClick = async () => {
    try {
-      const { data, envelopeTitle } = await downloadCertificate({ envelopeId });
+      const { data, envelopeTitle } = await downloadCertificate({ documentId });

      const buffer = new Uint8Array(base64.decode(data));
      const blob = new Blob([buffer], { type: 'application/pdf' });
@@ -1,7 +1,6 @@
 import { DocumentSignatureType } from '@documenso/lib/constants/document';
 import { isValidLanguageCode } from '@documenso/lib/constants/i18n';
 import { DO_NOT_INVALIDATE_QUERY_ON_MUTATION, SKIP_QUERY_BATCH_META } from '@documenso/lib/constants/trpc';
-import { AppError } from '@documenso/lib/errors/app-error';
 import type { TDocument } from '@documenso/lib/types/document';
 import { ZDocumentAccessAuthTypesSchema } from '@documenso/lib/types/document-auth';
 import { getDocumentDataUrlForPdfViewer } from '@documenso/lib/utils/envelope-download';
@@ -26,9 +25,9 @@ import { DocumentDistributionMethod, DocumentStatus } from '@prisma/client';
 import { useEffect, useState } from 'react';
 import { useNavigate, useSearchParams } from 'react-router';
 import { z } from 'zod';
+
 import PDFViewerLazy from '~/components/general/pdf-viewer/pdf-viewer-lazy';
 import { useCurrentTeam } from '~/providers/team';
-import { getDistributeErrorMessage } from '~/utils/toast-error-messages';

 export type DocumentEditFormProps = {
  className?: string;
@@ -388,12 +387,9 @@ export const DocumentEditForm = ({ className, initialDocument, documentRootPath
    } catch (err) {
      console.error(err);

-      const error = AppError.parseError(err);
-      const errorMessage = getDistributeErrorMessage(error.code);
-
      toast({
-        title: _(errorMessage.title),
-        description: _(errorMessage.description),
+        title: _(msg`Error`),
+        description: _(msg`An error occurred while sending the document.`),
        variant: 'destructive',
      });
    }
@@ -38,7 +38,7 @@ export const DocumentPageViewButton = ({ envelope }: DocumentPageViewButtonProps
  })
    .with({ isRecipient: true, isPending: true, isSigned: false }, () => (
      <Button className="w-full" asChild>
-        <a href={`/sign/${recipient?.token}`}>
+        <Link to={`/sign/${recipient?.token}`}>
          {match(role)
            .with(RecipientRole.SIGNER, () => (
              <>
@@ -58,7 +58,7 @@ export const DocumentPageViewButton = ({ envelope }: DocumentPageViewButtonProps
                <Trans>View</Trans>
              </>
            ))}
-        </a>
+        </Link>
      </Button>
    ))
    .with({ isComplete: false }, () => (
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
ephraimduncan	ef4384423d	Merge remote-tracking branch 'origin/main' into pr-2508 # Conflicts: # packages/lib/translations/de/web.po # packages/lib/translations/en/web.po # packages/lib/translations/es/web.po # packages/lib/translations/fr/web.po # packages/lib/translations/it/web.po # packages/lib/translations/ja/web.po # packages/lib/translations/ko/web.po # packages/lib/translations/nl/web.po # packages/lib/translations/pl/web.po # packages/lib/translations/pt-BR/web.po # packages/lib/translations/zh/web.po	2026-05-14 15:44:01 +00:00
ephraimduncan	db7ffc7461	chore: merge main, resolve biome formatting conflicts Reconcile toolbar-filters changes with main's Kysely-based query rewrite and biome reformatting. Notable: - find-documents.ts: rebase on main's Kysely impl while preserving PR semantics (status[] / source[] filters via OR-of-predicates, period 'all' bypass). - get-stats.ts: skip period filter when 'all'. - find-templates.ts: preserve PR templateType array + query filter on top of main's where/include structure. - find-documents-internal: drop preloaded team plumbing (main resolves team internally) and switch appMetaTags to msg`...`. - Restore packages/lib/translations/ from HEAD (autogenerated).	2026-05-12 12:12:37 +00:00
ephraimduncan	1c12aed35e	refactor: simplify template type filter to single-value enum The type filter schema used comma-separated array parsing which was unnecessary for a single-select faceted filter. Moved URL param parsing to the client with parseToStringArray and simplified the tRPC schema to a plain optional TemplateType enum.	2026-02-17 00:57:07 +00:00
ephraimduncan	921e0a0de6	perf: reduce rerenders and async waterfalls in document tables Parallelize user + team lookups in findDocuments via Promise.all, dedupe redundant getTeamById call in the internal TRPC route, stabilize useUpdateSearchParams callback with useCallback + refs, memoize parsed search params in toolbar components, fix stale columns memo deps in template documents table, and use replace:true for search/filter URL updates to avoid history spam.	2026-02-16 20:25:03 +00:00
ephraimduncan	335fee09a9	feat: add faceted table toolbars and multi-value filters Consolidating document and template filtering into shared faceted toolbars makes filtering easier to discover and use. Supporting comma-separated query params enables multi-select filters across UI, server queries, and E2E coverage.	2026-02-16 18:40:23 +00:00