chore: v3 api post survey

chore: update openapi example
chore: always use language maps, allow filtering multiple languages
2026-05-20 19:48:52 -05:00 · 2026-05-20 16:33:33 +00:00 · 2026-05-18 17:08:53 +00:00 · 2026-05-18 17:05:44 +00:00 · 2026-05-18 16:53:47 +00:00 · 2026-05-18 16:43:07 +00:00
110 changed files with 6914 additions and 2365 deletions
@@ -76,12 +76,10 @@ HUB_DATABASE_URL=postgresql://postgres:postgres@postgres:5432/hub?sslmode=disabl
 # EMBEDDING_MODEL=gemini-embedding-001
 # EMBEDDING_PROVIDER_API_KEY=

-###########################
-#  CUBE ANALYTICS (XM V5) #
-###########################
-# XM Suite v5 analysis features require Cube.js. The optional xm dev profile exposes Cube on port 4000.
-# Uncomment COMPOSE_PROFILES=xm to run the optional Cube analytics service.
-# COMPOSE_PROFILES=xm
+####################
+#  CUBE ANALYTICS  #
+####################
+# Cube semantic-layer API. Required. The bundled Docker stack exposes Cube on port 4000.
 CUBEJS_API_URL=http://localhost:4000
 # Generate with: openssl rand -hex 32. `pnpm dev:setup` will create/preserve this automatically.
 CUBEJS_API_SECRET=
@@ -157,11 +155,12 @@ PASSWORD_RESET_DISABLED=1
 # INVITE_DISABLED=1

 ###########################################
-# Account deletion reauthentication       #
+# Account deletion SSO confirmation       #
 ###########################################

-# Danger: disables fresh SSO reauthentication for passwordless account deletion. Keep unset unless you accept the risk.
-# DISABLE_ACCOUNT_DELETION_SSO_REAUTH=1
+# Danger: skips the SSO identity confirmation redirect for passwordless account deletion.
+# Users can delete SSO accounts with only the in-app email text confirmation. Keep unset unless you accept the risk.
+# DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION=1


 ##########
@@ -189,9 +188,6 @@ GITHUB_SECRET=
 # Configure Google Login
 GOOGLE_CLIENT_ID=
 GOOGLE_CLIENT_SECRET=
-# Google only returns the auth_time proof after Auth Platform Security Bundle "Session age claims" is enabled.
-# Keep this unset until that setting is active for the OAuth app.
-# GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED=1

 # Configure Azure Active Directory Login
 AZUREAD_CLIENT_ID=
@@ -8,8 +8,8 @@ import { TOrganization } from "@formbricks/types/organizations";
 import { TUser } from "@formbricks/types/user";
 import { DeleteAccountModal } from "@/modules/account/components/DeleteAccountModal";
 import {
-  ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE,
  ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
+  ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE,
 } from "@/modules/account/constants";
 import { Button } from "@/modules/ui/components/button";
 import { TooltipRenderer } from "@/modules/ui/components/tooltip";
@@ -22,6 +22,7 @@ interface DeleteAccountProps {
  accountDeletionError?: string | string[];
  isMultiOrgEnabled: boolean;
  requiresPasswordConfirmation: boolean;
+  isSsoIdentityConfirmationDisabled: boolean;
 }

 export const DeleteAccount = ({
@@ -32,6 +33,7 @@ export const DeleteAccount = ({
  accountDeletionError,
  isMultiOrgEnabled,
  requiresPasswordConfirmation,
+  isSsoIdentityConfirmationDisabled,
 }: Readonly<DeleteAccountProps>) => {
  const [isModalOpen, setModalOpen] = useState(false);
  const isDeleteDisabled = !isMultiOrgEnabled && organizationsWithSingleOwner.length > 0;
@@ -42,21 +44,18 @@ export const DeleteAccount = ({
  const hasShownAccountDeletionError = useRef(false);

  useEffect(() => {
-    if (!accountDeletionErrorCode || hasShownAccountDeletionError.current) {
+    if (
+      accountDeletionErrorCode !== ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE ||
+      hasShownAccountDeletionError.current
+    ) {
      return;
    }

    hasShownAccountDeletionError.current = true;

-    if (accountDeletionErrorCode === ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE) {
-      toast.error(t("workspace.settings.profile.google_sso_account_deletion_requires_setup"), {
-        id: "account-deletion-sso-reauth-error",
-      });
-    } else {
-      toast.error(t("workspace.settings.profile.sso_reauthentication_failed"), {
-        id: "account-deletion-sso-reauth-error",
-      });
-    }
+    toast.error(t("workspace.settings.profile.sso_identity_confirmation_failed"), {
+      id: "account-deletion-sso-confirmation-error",
+    });

    const url = new URL(globalThis.location.href);
    url.searchParams.delete(ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM);
@@ -76,6 +75,7 @@ export const DeleteAccount = ({
        user={user}
        isFormbricksCloud={IS_FORMBRICKS_CLOUD}
        organizationsWithSingleOwner={organizationsWithSingleOwner}
+        isSsoIdentityConfirmationDisabled={isSsoIdentityConfirmationDisabled}
      />
      <p className="text-sm text-slate-700">
        <strong>{t("workspace.settings.profile.warning_cannot_undo")}</strong>
@@ -4,6 +4,7 @@ import { DeleteAccount } from "@/app/(app)/workspaces/[workspaceId]/settings/acc
 import { EditProfileDetailsForm } from "@/app/(app)/workspaces/[workspaceId]/settings/account/profile/components/EditProfileDetailsForm";
 import { SettingsCard } from "@/app/(app)/workspaces/[workspaceId]/settings/components/SettingsCard";
 import {
+  DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION,
  EMAIL_VERIFICATION_DISABLED,
  ENTERPRISE_LICENSE_REQUEST_FORM_URL,
  IS_FORMBRICKS_CLOUD,
@@ -98,6 +99,7 @@ const Page = async (props: {
              isMultiOrgEnabled={isMultiOrgEnabled}
              accountDeletionError={searchParams.accountDeletionError}
              requiresPasswordConfirmation={requiresPasswordConfirmation}
+              isSsoIdentityConfirmationDisabled={DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION}
            />
          </SettingsCard>
          <IdBadge id={user.id} label={t("common.profile_id")} variant="column" />
@@ -3,12 +3,17 @@ import { beforeEach, describe, expect, test, vi } from "vitest";
 import { logger } from "@formbricks/logger";
 import { AuthorizationError } from "@formbricks/types/errors";
 import { verifyAccountDeletionSsoReauthIntent } from "@/lib/jwt";
+import { FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL } from "@/modules/account/constants";
 import { deleteUserWithAccountDeletionAuthorization } from "@/modules/account/lib/account-deletion";
-import { queueAuditEventBackground } from "@/modules/ee/audit-logs/lib/handler";
-import { completeAccountDeletionSsoReauthenticationAndGetRedirectPath } from "./account-deletion-sso-complete";
+import { queueAccountDeletionAuditEvent } from "@/modules/account/lib/account-deletion-audit";
+import { completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath } from "./account-deletion-sso-complete";

 vi.mock("server-only", () => ({}));

+const mockConstants = vi.hoisted(() => ({
+  isFormbricksCloud: false,
+}));
+
 vi.mock("next-auth", () => ({
  getServerSession: vi.fn(),
 }));
@@ -21,7 +26,9 @@ vi.mock("@formbricks/logger", () => ({
 }));

 vi.mock("@/lib/constants", () => ({
-  IS_FORMBRICKS_CLOUD: false,
+  get IS_FORMBRICKS_CLOUD() {
+    return mockConstants.isFormbricksCloud;
+  },
  WEBAPP_URL: "http://localhost:3000",
 }));

@@ -37,15 +44,15 @@ vi.mock("@/modules/auth/lib/authOptions", () => ({
  authOptions: {},
 }));

-vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
-  queueAuditEventBackground: vi.fn(),
+vi.mock("@/modules/account/lib/account-deletion-audit", () => ({
+  queueAccountDeletionAuditEvent: vi.fn(),
 }));

 const mockGetServerSession = vi.mocked(getServerSession);
 const mockLoggerError = vi.mocked(logger.error);
 const mockVerifyAccountDeletionSsoReauthIntent = vi.mocked(verifyAccountDeletionSsoReauthIntent);
 const mockDeleteUserWithAccountDeletionAuthorization = vi.mocked(deleteUserWithAccountDeletionAuthorization);
-const mockQueueAuditEventBackground = vi.mocked(queueAuditEventBackground);
+const mockQueueAccountDeletionAuditEvent = vi.mocked(queueAccountDeletionAuditEvent);

 const intent = {
  id: "intent-id",
@@ -57,9 +64,10 @@ const intent = {
  userId: "user-id",
 };

-describe("completeAccountDeletionSsoReauthenticationAndGetRedirectPath", () => {
+describe("completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath", () => {
  beforeEach(() => {
    vi.clearAllMocks();
+    mockConstants.isFormbricksCloud = false;

    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockGetServerSession.mockResolvedValue({
@@ -71,22 +79,22 @@ describe("completeAccountDeletionSsoReauthenticationAndGetRedirectPath", () => {
    mockDeleteUserWithAccountDeletionAuthorization.mockResolvedValue({
      oldUser: { id: intent.userId } as any,
    });
-    mockQueueAuditEventBackground.mockResolvedValue(undefined);
+    mockQueueAccountDeletionAuditEvent.mockResolvedValue(undefined);
  });

  test("returns login without deleting when the callback has no intent", async () => {
-    await expect(completeAccountDeletionSsoReauthenticationAndGetRedirectPath({})).resolves.toBe(
+    await expect(completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({})).resolves.toBe(
      "/auth/login"
    );

    expect(mockVerifyAccountDeletionSsoReauthIntent).not.toHaveBeenCalled();
    expect(mockDeleteUserWithAccountDeletionAuthorization).not.toHaveBeenCalled();
-    expect(mockQueueAuditEventBackground).not.toHaveBeenCalled();
+    expect(mockQueueAccountDeletionAuditEvent).not.toHaveBeenCalled();
  });

-  test("deletes the account after a completed SSO reauthentication", async () => {
+  test("deletes the account after a completed SSO identity confirmation", async () => {
    await expect(
-      completeAccountDeletionSsoReauthenticationAndGetRedirectPath({ intent: "intent-token" })
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: "intent-token" })
    ).resolves.toBe("/auth/login");

    expect(mockDeleteUserWithAccountDeletionAuthorization).toHaveBeenCalledWith({
@@ -94,15 +102,24 @@ describe("completeAccountDeletionSsoReauthenticationAndGetRedirectPath", () => {
      userEmail: intent.email,
      userId: intent.userId,
    });
-    expect(mockQueueAuditEventBackground).toHaveBeenCalledWith({
-      action: "deleted",
-      targetType: "user",
-      userId: intent.userId,
-      userType: "user",
-      targetId: intent.userId,
-      organizationId: "unknown",
-      oldObject: { id: intent.userId },
+    expect(mockQueueAccountDeletionAuditEvent).toHaveBeenCalledWith({
+      oldUser: { id: intent.userId },
      status: "success",
+      targetUserId: intent.userId,
+    });
+  });
+
+  test("redirects to the account deletion survey after SSO identity confirmation on Formbricks Cloud", async () => {
+    mockConstants.isFormbricksCloud = true;
+
+    await expect(
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: "intent-token" })
+    ).resolves.toBe(FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL);
+
+    expect(mockDeleteUserWithAccountDeletionAuthorization).toHaveBeenCalledWith({
+      confirmationEmail: intent.email,
+      userEmail: intent.email,
+      userId: intent.userId,
    });
  });

@@ -115,27 +132,43 @@ describe("completeAccountDeletionSsoReauthenticationAndGetRedirectPath", () => {
    } as any);

    await expect(
-      completeAccountDeletionSsoReauthenticationAndGetRedirectPath({ intent: "intent-token" })
-    ).resolves.toBe("/environments/env-id/settings/profile");
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: "intent-token" })
+    ).resolves.toBe("/environments/env-id/settings/profile?accountDeletionError=sso_reauth_failed");

    expect(mockDeleteUserWithAccountDeletionAuthorization).not.toHaveBeenCalled();
    expect(mockLoggerError).toHaveBeenCalledWith(
      { error: expect.any(AuthorizationError) },
-      "Failed to complete account deletion after SSO reauth"
+      "Failed to complete account deletion after SSO identity confirmation"
    );
  });

-  test("keeps the post-deletion redirect if audit logging fails after deletion", async () => {
-    mockQueueAuditEventBackground.mockRejectedValue(new Error("audit unavailable"));
+  test("returns to the profile page with an error when deletion fails after SSO identity confirmation", async () => {
+    mockDeleteUserWithAccountDeletionAuthorization.mockRejectedValue(
+      new AuthorizationError("marker missing")
+    );

    await expect(
-      completeAccountDeletionSsoReauthenticationAndGetRedirectPath({ intent: "intent-token" })
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: "intent-token" })
+    ).resolves.toBe("/environments/env-id/settings/profile?accountDeletionError=sso_reauth_failed");
+
+    expect(mockDeleteUserWithAccountDeletionAuthorization).toHaveBeenCalled();
+    expect(mockQueueAccountDeletionAuditEvent).toHaveBeenCalledWith({
+      status: "failure",
+      targetUserId: intent.userId,
+    });
+  });
+
+  test("keeps the post-deletion redirect if audit logging fails after deletion", async () => {
+    mockQueueAccountDeletionAuditEvent.mockRejectedValue(new Error("audit unavailable"));
+
+    await expect(
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: "intent-token" })
    ).resolves.toBe("/auth/login");

    expect(mockDeleteUserWithAccountDeletionAuthorization).toHaveBeenCalled();
    expect(mockLoggerError).toHaveBeenCalledWith(
      { error: expect.any(Error) },
-      "Failed to complete account deletion after SSO reauth"
+      "Failed to complete account deletion after SSO identity confirmation"
    );
  });

@@ -152,7 +185,7 @@ describe("completeAccountDeletionSsoReauthenticationAndGetRedirectPath", () => {
    } as any);

    await expect(
-      completeAccountDeletionSsoReauthenticationAndGetRedirectPath({ intent: ["intent-token"] })
+      completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({ intent: ["intent-token"] })
    ).resolves.toBe("/auth/login");

    expect(mockDeleteUserWithAccountDeletionAuthorization).not.toHaveBeenCalled();
@@ -5,11 +5,14 @@ import { AuthorizationError } from "@formbricks/types/errors";
 import { IS_FORMBRICKS_CLOUD, WEBAPP_URL } from "@/lib/constants";
 import { verifyAccountDeletionSsoReauthIntent } from "@/lib/jwt";
 import { getValidatedCallbackUrl } from "@/lib/utils/url";
-import { FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL } from "@/modules/account/constants";
+import {
+  ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
+  ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE,
+  FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL,
+} from "@/modules/account/constants";
 import { deleteUserWithAccountDeletionAuthorization } from "@/modules/account/lib/account-deletion";
+import { queueAccountDeletionAuditEvent } from "@/modules/account/lib/account-deletion-audit";
 import { authOptions } from "@/modules/auth/lib/authOptions";
-import { queueAuditEventBackground } from "@/modules/ee/audit-logs/lib/handler";
-import { UNKNOWN_DATA } from "@/modules/ee/audit-logs/types/audit-log";

 type TAccountDeletionSsoCompleteSearchParams = {
  intent?: string | string[];
@@ -23,7 +26,7 @@ const getIntentToken = (intent: string | string[] | undefined) => {
  return intent;
 };

-const getSafeRedirectPath = (returnToUrl: string) => {
+const getSafeFailureRedirectPath = (returnToUrl: string) => {
  const validatedReturnToUrl = getValidatedCallbackUrl(returnToUrl, WEBAPP_URL);

  if (!validatedReturnToUrl) {
@@ -31,17 +34,23 @@ const getSafeRedirectPath = (returnToUrl: string) => {
  }

  const parsedReturnToUrl = new URL(validatedReturnToUrl);
+  parsedReturnToUrl.searchParams.set(
+    ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
+    ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE
+  );
  return `${parsedReturnToUrl.pathname}${parsedReturnToUrl.search}${parsedReturnToUrl.hash}`;
 };

 const getPostDeletionRedirectPath = () =>
  IS_FORMBRICKS_CLOUD ? FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL : "/auth/login";

-export const completeAccountDeletionSsoReauthenticationAndGetRedirectPath = async ({
+export const completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath = async ({
  intent,
 }: TAccountDeletionSsoCompleteSearchParams): Promise<string> => {
  const intentToken = getIntentToken(intent);
+  let deletionSucceeded = false;
  let redirectPath = "/auth/login";
+  let targetUserId: string | null = null;

  if (!intentToken) {
    return redirectPath;
@@ -49,33 +58,30 @@ export const completeAccountDeletionSsoReauthenticationAndGetRedirectPath = asyn

  try {
    const verifiedIntent = verifyAccountDeletionSsoReauthIntent(intentToken);
-    redirectPath = getSafeRedirectPath(verifiedIntent.returnToUrl);
+    targetUserId = verifiedIntent.userId;
+    redirectPath = getSafeFailureRedirectPath(verifiedIntent.returnToUrl);
    const session = await getServerSession(authOptions);

    if (!session?.user?.id || !session.user.email || session.user.id !== verifiedIntent.userId) {
-      throw new AuthorizationError("Account deletion SSO reauthentication session mismatch");
+      throw new AuthorizationError("Account deletion SSO identity confirmation session mismatch");
    }

-    logger.info({ userId: session.user.id }, "Completing account deletion after SSO reauth");
+    logger.info({ userId: session.user.id }, "Completing account deletion after SSO identity confirmation");
    const { oldUser } = await deleteUserWithAccountDeletionAuthorization({
      confirmationEmail: verifiedIntent.email,
      userEmail: session.user.email,
      userId: session.user.id,
    });
+    deletionSucceeded = true;
    redirectPath = getPostDeletionRedirectPath();
-    await queueAuditEventBackground({
-      action: "deleted",
-      targetType: "user",
-      userId: session.user.id,
-      userType: "user",
-      targetId: session.user.id,
-      organizationId: UNKNOWN_DATA,
-      oldObject: oldUser,
-      status: "success",
-    });
-    logger.info({ userId: session.user.id }, "Completed account deletion after SSO reauth");
+    await queueAccountDeletionAuditEvent({ oldUser, status: "success", targetUserId: session.user.id });
+    logger.info({ userId: session.user.id }, "Completed account deletion after SSO identity confirmation");
  } catch (error) {
-    logger.error({ error }, "Failed to complete account deletion after SSO reauth");
+    if (targetUserId && !deletionSucceeded) {
+      await queueAccountDeletionAuditEvent({ status: "failure", targetUserId });
+    }
+
+    logger.error({ error }, "Failed to complete account deletion after SSO identity confirmation");
  }

  return redirectPath;
@@ -1,10 +0,0 @@
-import { redirect } from "next/navigation";
-import { completeAccountDeletionSsoReauthenticationAndGetRedirectPath } from "./lib/account-deletion-sso-complete";
-
-export default async function AccountDeletionSsoReauthCompletePage({
-  searchParams,
-}: {
-  searchParams: Promise<{ intent?: string | string[] }>;
-}) {
-  redirect(await completeAccountDeletionSsoReauthenticationAndGetRedirectPath(await searchParams));
-}
@@ -0,0 +1,20 @@
+import { type NextRequest, NextResponse } from "next/server";
+import { completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath } from "./lib/account-deletion-sso-complete";
+
+const getIntentSearchParam = (request: NextRequest): string | string[] | undefined => {
+  const intentValues = request.nextUrl.searchParams.getAll("intent");
+
+  if (intentValues.length === 0) {
+    return undefined;
+  }
+
+  return intentValues.length === 1 ? intentValues[0] : intentValues;
+};
+
+export const GET = async (request: NextRequest) => {
+  const redirectPath = await completeAccountDeletionSsoIdentityConfirmationAndGetRedirectPath({
+    intent: getIntentSearchParam(request),
+  });
+
+  return NextResponse.redirect(new URL(redirectPath, request.url));
+};
@@ -12,7 +12,7 @@ import { applyRateLimit } from "@/modules/core/rate-limit/helpers";
 import { rateLimitConfigs } from "@/modules/core/rate-limit/rate-limit-configs";
 import { getBiggerUploadFileSizePermission } from "@/modules/ee/license-check/lib/utils";
 import { getSignedUrlForUpload } from "@/modules/storage/service";
-import { getErrorResponseFromStorageError } from "@/modules/storage/utils";
+import { getErrorResponseFromStorageError, validateSurveyAllowsFileUpload } from "@/modules/storage/utils";

 export const OPTIONS = async (): Promise<Response> => {
  return responses.successResponse(
@@ -107,6 +107,23 @@ export const POST = withV1ApiWrapper({
      };
    }

+    const fileUploadPermission = validateSurveyAllowsFileUpload({
+      fileName,
+      blocks: survey.blocks,
+      questions: survey.questions,
+    });
+
+    if (!fileUploadPermission.ok) {
+      return {
+        response: responses.badRequestResponse(
+          fileUploadPermission.reason === "no_file_upload_question"
+            ? "Survey does not allow file uploads"
+            : "File extension is not allowed for this survey",
+          undefined
+        ),
+      };
+    }
+
    const isBiggerFileUploadAllowed = await getBiggerUploadFileSizePermission(organization.id);
    const maxFileUploadSize = isBiggerFileUploadAllowed
      ? MAX_FILE_UPLOAD_SIZES.big
@@ -135,7 +135,7 @@ describe("withV3ApiWrapper", () => {
      apiKeyId: "key_1",
      organizationId: "org_1",
      organizationAccess: { accessControl: { read: true, write: true } },
-      environmentPermissions: [],
+      workspacePermissions: [],
    });

    const wrapped = withV3ApiWrapper({
@@ -3,7 +3,7 @@ import { beforeEach, describe, expect, test, vi } from "vitest";
 import { AuthorizationError } from "@formbricks/types/errors";
 import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
 import { getOrganizationIdFromWorkspaceId } from "@/lib/utils/helper";
-import { findWorkspaceByIdOrLegacyEnvId } from "@/lib/utils/resolve-client-id";
+import { getWorkspace } from "@/lib/workspace/service";
 import { requireSessionWorkspaceAccess, requireV3WorkspaceAccess } from "./auth";

 vi.mock("@formbricks/logger", () => ({
@@ -19,8 +19,8 @@ vi.mock("@/lib/utils/helper", () => ({
  getOrganizationIdFromWorkspaceId: vi.fn(),
 }));

-vi.mock("@/lib/utils/resolve-client-id", () => ({
-  findWorkspaceByIdOrLegacyEnvId: vi.fn(),
+vi.mock("@/lib/workspace/service", () => ({
+  getWorkspace: vi.fn(),
 }));

 vi.mock("@/lib/utils/action-client/action-client-middleware", () => ({
@@ -39,7 +39,7 @@ describe("requireSessionWorkspaceAccess", () => {
    expect(body.requestId).toBe(requestId);
    expect(body.status).toBe(401);
    expect(body.code).toBe("not_authenticated");
-    expect(findWorkspaceByIdOrLegacyEnvId).not.toHaveBeenCalled();
+    expect(getWorkspace).not.toHaveBeenCalled();
    expect(checkAuthorizationUpdated).not.toHaveBeenCalled();
  });

@@ -55,11 +55,11 @@ describe("requireSessionWorkspaceAccess", () => {
    const body = await (result as Response).json();
    expect(body.requestId).toBe(requestId);
    expect(body.code).toBe("not_authenticated");
-    expect(findWorkspaceByIdOrLegacyEnvId).not.toHaveBeenCalled();
+    expect(getWorkspace).not.toHaveBeenCalled();
  });

  test("returns 403 when workspace is not found (avoid leaking existence)", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce(null);
+    vi.mocked(getWorkspace).mockResolvedValueOnce(null);
    const result = await requireSessionWorkspaceAccess(
      { user: { id: "user_1" }, expires: "" } as any,
      "ws_nonexistent",
@@ -72,12 +72,12 @@ describe("requireSessionWorkspaceAccess", () => {
    const body = await (result as Response).json();
    expect(body.requestId).toBe(requestId);
    expect(body.code).toBe("forbidden");
-    expect(findWorkspaceByIdOrLegacyEnvId).toHaveBeenCalledWith("ws_nonexistent");
+    expect(getWorkspace).toHaveBeenCalledWith("ws_nonexistent");
    expect(checkAuthorizationUpdated).not.toHaveBeenCalled();
  });

  test("returns 403 when user has no access to workspace", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce({ id: "proj_abc" });
+    vi.mocked(getWorkspace).mockResolvedValueOnce({ id: "proj_abc" } as any);
    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValueOnce("org_1");
    vi.mocked(checkAuthorizationUpdated).mockRejectedValueOnce(new AuthorizationError("Not authorized"));
    const result = await requireSessionWorkspaceAccess(
@@ -102,7 +102,7 @@ describe("requireSessionWorkspaceAccess", () => {
  });

  test("returns workspace context when session is valid and user has access", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce({ id: "proj_abc" });
+    vi.mocked(getWorkspace).mockResolvedValueOnce({ id: "proj_abc" } as any);
    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValueOnce("org_1");
    vi.mocked(checkAuthorizationUpdated).mockResolvedValueOnce(undefined as any);
    const result = await requireSessionWorkspaceAccess(
@@ -144,7 +144,7 @@ function wsPerm(workspaceId: string, permission: ApiKeyPermission = ApiKeyPermis

 describe("requireV3WorkspaceAccess", () => {
  beforeEach(() => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValue({ id: "proj_k" });
+    vi.mocked(getWorkspace).mockResolvedValue({ id: "proj_k" } as any);
    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValue("org_k");
  });

@@ -154,7 +154,7 @@ describe("requireV3WorkspaceAccess", () => {
  });

  test("delegates to session flow when user is present", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce({ id: "proj_s" });
+    vi.mocked(getWorkspace).mockResolvedValueOnce({ id: "proj_s" } as any);
    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValueOnce("org_s");
    vi.mocked(checkAuthorizationUpdated).mockResolvedValueOnce(undefined as any);
    const r = await requireV3WorkspaceAccess(
@@ -179,7 +179,7 @@ describe("requireV3WorkspaceAccess", () => {
      workspaceId: "proj_k",
      organizationId: "org_k",
    });
-    expect(findWorkspaceByIdOrLegacyEnvId).toHaveBeenCalledWith("proj_k");
+    expect(getWorkspace).toHaveBeenCalledWith("proj_k");
  });

  test("returns context for API key with write on workspace", async () => {
@@ -239,7 +239,7 @@ describe("requireV3WorkspaceAccess", () => {
  });

  test("returns 403 when the workspace cannot be resolved for an API key", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce(null);
+    vi.mocked(getWorkspace).mockResolvedValueOnce(null);
    const auth = {
      ...keyBase,
      workspacePermissions: [wsPerm("proj_k", ApiKeyPermission.manage)],
@@ -1,5 +1,7 @@
 import { describe, expect, test } from "vitest";
 import {
+  createdResponse,
+  noContentResponse,
  problemBadRequest,
  problemForbidden,
  problemInternalError,
@@ -118,3 +120,34 @@ describe("successResponse", () => {
    expect(res.headers.get("Cache-Control")).toBe("private, max-age=60");
  });
 });
+
+describe("createdResponse", () => {
+  test("returns 201 with Location, request id, and data envelope", async () => {
+    const res = createdResponse(
+      { id: "survey_1" },
+      {
+        location: "/api/v3/surveys/survey_1",
+        requestId: "req-created",
+      }
+    );
+
+    expect(res.status).toBe(201);
+    expect(res.headers.get("Location")).toBe("/api/v3/surveys/survey_1");
+    expect(res.headers.get("X-Request-Id")).toBe("req-created");
+    expect(res.headers.get("Content-Type")).toBe("application/json");
+    expect(res.headers.get("Cache-Control")).toContain("no-store");
+    expect(await res.json()).toEqual({
+      data: { id: "survey_1" },
+    });
+  });
+});
+
+describe("noContentResponse", () => {
+  test("returns 204 without a body", async () => {
+    const res = noContentResponse({ requestId: "req-empty" });
+    expect(res.status).toBe(204);
+    expect(res.headers.get("X-Request-Id")).toBe("req-empty");
+    expect(res.headers.get("Cache-Control")).toContain("no-store");
+    expect(await res.text()).toBe("");
+  });
+});
@@ -171,3 +171,43 @@ export function successResponse<T>(
    }
  );
 }
+
+export function createdResponse<T>(
+  data: T,
+  options: { location: string; requestId?: string; cache?: string }
+): Response {
+  const headers: Record<string, string> = {
+    "Content-Type": "application/json",
+    "Cache-Control": options.cache ?? CACHE_NO_STORE,
+    Location: options.location,
+  };
+
+  if (options.requestId) {
+    headers["X-Request-Id"] = options.requestId;
+  }
+
+  return Response.json(
+    {
+      data,
+    },
+    {
+      status: 201,
+      headers,
+    }
+  );
+}
+
+export function noContentResponse(options?: { requestId?: string; cache?: string }): Response {
+  const headers: Record<string, string> = {
+    "Cache-Control": options?.cache ?? CACHE_NO_STORE,
+  };
+
+  if (options?.requestId) {
+    headers["X-Request-Id"] = options.requestId;
+  }
+
+  return new Response(null, {
+    status: 204,
+    headers,
+  });
+}
@@ -1,45 +1,34 @@
 import { describe, expect, test, vi } from "vitest";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { getOrganizationIdFromWorkspaceId } from "@/lib/utils/helper";
-import { findWorkspaceByIdOrLegacyEnvId } from "@/lib/utils/resolve-client-id";
+import { getWorkspace } from "@/lib/workspace/service";
 import { resolveV3WorkspaceContext } from "./workspace-context";

+vi.mock("@/lib/workspace/service", () => ({
+  getWorkspace: vi.fn(),
+}));
+
 vi.mock("@/lib/utils/helper", () => ({
  getOrganizationIdFromWorkspaceId: vi.fn(),
 }));

-vi.mock("@/lib/utils/resolve-client-id", () => ({
-  findWorkspaceByIdOrLegacyEnvId: vi.fn(),
-}));
-
 describe("resolveV3WorkspaceContext", () => {
  test("returns workspaceId and organizationId when workspace exists", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce({ id: "ws_abc" });
+    vi.mocked(getWorkspace).mockResolvedValueOnce({ id: "ws_abc" });
    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValueOnce("org_123");
    const result = await resolveV3WorkspaceContext("ws_abc");
    expect(result).toEqual({
      workspaceId: "ws_abc",
      organizationId: "org_123",
    });
-    expect(findWorkspaceByIdOrLegacyEnvId).toHaveBeenCalledWith("ws_abc");
+    expect(getWorkspace).toHaveBeenCalledWith("ws_abc");
    expect(getOrganizationIdFromWorkspaceId).toHaveBeenCalledWith("ws_abc");
  });

-  test("resolves legacy environmentId to canonical workspaceId", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce({ id: "ws_canonical" });
-    vi.mocked(getOrganizationIdFromWorkspaceId).mockResolvedValueOnce("org_456");
-    const result = await resolveV3WorkspaceContext("env_legacy");
-    expect(result).toEqual({
-      workspaceId: "ws_canonical",
-      organizationId: "org_456",
-    });
-    expect(getOrganizationIdFromWorkspaceId).toHaveBeenCalledWith("ws_canonical");
-  });
-
  test("throws when workspace does not exist", async () => {
-    vi.mocked(findWorkspaceByIdOrLegacyEnvId).mockResolvedValueOnce(null);
+    vi.mocked(getWorkspace).mockResolvedValueOnce(null);
    await expect(resolveV3WorkspaceContext("ws_nonexistent")).rejects.toThrow(ResourceNotFoundError);
-    expect(findWorkspaceByIdOrLegacyEnvId).toHaveBeenCalledWith("ws_nonexistent");
+    expect(getWorkspace).toHaveBeenCalledWith("ws_nonexistent");
    expect(getOrganizationIdFromWorkspaceId).not.toHaveBeenCalled();
  });
 });
@@ -6,7 +6,7 @@
 */
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { getOrganizationIdFromWorkspaceId } from "@/lib/utils/helper";
-import { findWorkspaceByIdOrLegacyEnvId } from "@/lib/utils/resolve-client-id";
+import { getWorkspace } from "@/lib/workspace/service";

 /**
 * Internal IDs derived from a V3 workspace identifier.
@@ -19,21 +19,20 @@ export type V3WorkspaceContext = {
 };

 /**
- * Resolves a V3 API workspaceId (or legacy environmentId) to internal workspaceId and organizationId.
+ * Resolves a V3 API workspaceId to internal workspaceId and organizationId.
 *
 * @throws ResourceNotFoundError if the workspace does not exist.
 */
 export async function resolveV3WorkspaceContext(workspaceId: string): Promise<V3WorkspaceContext> {
-  const workspace = await findWorkspaceByIdOrLegacyEnvId(workspaceId);
+  const workspace = await getWorkspace(workspaceId);
  if (!workspace) {
    throw new ResourceNotFoundError("workspace", workspaceId);
  }

-  const canonicalId = workspace.id;
-  const organizationId = await getOrganizationIdFromWorkspaceId(canonicalId);
+  const organizationId = await getOrganizationIdFromWorkspaceId(workspace.id);

  return {
-    workspaceId: canonicalId,
+    workspaceId: workspace.id,
    organizationId,
  };
 }
@@ -1,318 +0,0 @@
-import { ApiKeyPermission } from "@prisma/client";
-import { NextRequest } from "next/server";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
-import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
-import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
-import { getSurvey } from "@/lib/survey/service";
-import { deleteSurvey } from "@/modules/survey/lib/surveys";
-import { DELETE } from "./route";
-
-const { mockAuthenticateRequest } = vi.hoisted(() => ({
-  mockAuthenticateRequest: vi.fn(),
-}));
-
-const { mockQueueAuditEvent, mockBuildAuditLogBaseObject } = vi.hoisted(() => ({
-  mockQueueAuditEvent: vi.fn().mockImplementation(async () => undefined),
-  mockBuildAuditLogBaseObject: vi.fn((action: string, targetType: string, apiUrl: string) => ({
-    action,
-    targetType,
-    userId: "unknown",
-    targetId: "unknown",
-    organizationId: "unknown",
-    status: "failure",
-    oldObject: undefined,
-    newObject: undefined,
-    userType: "api",
-    apiUrl,
-  })),
-}));
-
-vi.mock("next-auth", () => ({
-  getServerSession: vi.fn(),
-}));
-
-vi.mock("@/app/api/v1/auth", async (importOriginal) => {
-  const actual = await importOriginal<typeof import("@/app/api/v1/auth")>();
-  return { ...actual, authenticateRequest: mockAuthenticateRequest };
-});
-
-vi.mock("@/modules/core/rate-limit/helpers", () => ({
-  applyRateLimit: vi.fn().mockResolvedValue(undefined),
-  applyIPRateLimit: vi.fn().mockResolvedValue(undefined),
-}));
-
-vi.mock("@/lib/constants", async (importOriginal) => {
-  const actual = await importOriginal<typeof import("@/lib/constants")>();
-  return { ...actual, AUDIT_LOG_ENABLED: false };
-});
-
-vi.mock("@/app/api/v3/lib/auth", () => ({
-  requireV3WorkspaceAccess: vi.fn(),
-}));
-
-vi.mock("@/lib/survey/service", () => ({
-  getSurvey: vi.fn(),
-}));
-
-vi.mock("@/modules/survey/lib/surveys", () => ({
-  deleteSurvey: vi.fn(),
-}));
-
-vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
-  queueAuditEvent: mockQueueAuditEvent,
-}));
-
-vi.mock("@/app/lib/api/with-api-logging", () => ({
-  buildAuditLogBaseObject: mockBuildAuditLogBaseObject,
-}));
-
-vi.mock("@formbricks/logger", () => ({
-  logger: {
-    withContext: vi.fn(() => ({
-      warn: vi.fn(),
-      error: vi.fn(),
-    })),
-  },
-}));
-
-const getServerSession = vi.mocked((await import("next-auth")).getServerSession);
-const queueAuditEvent = vi.mocked((await import("@/modules/ee/audit-logs/lib/handler")).queueAuditEvent);
-
-const surveyId = "clxx1234567890123456789012";
-const workspaceId = "clzz9876543210987654321098";
-
-function createRequest(url: string, requestId?: string, extraHeaders?: Record<string, string>): NextRequest {
-  const headers: Record<string, string> = { ...extraHeaders };
-  if (requestId) {
-    headers["x-request-id"] = requestId;
-  }
-
-  return new NextRequest(url, {
-    method: "DELETE",
-    headers,
-  });
-}
-
-const apiKeyAuth = {
-  type: "apiKey" as const,
-  apiKeyId: "key_1",
-  organizationId: "org_1",
-  organizationAccess: {
-    accessControl: { read: true, write: true },
-  },
-  workspacePermissions: [
-    {
-      workspaceId,
-      workspaceName: "W",
-      permission: ApiKeyPermission.write,
-    },
-  ],
-};
-
-describe("DELETE /api/v3/surveys/[surveyId]", () => {
-  beforeEach(() => {
-    vi.resetAllMocks();
-    getServerSession.mockResolvedValue({
-      user: { id: "user_1", name: "User", email: "u@example.com" },
-      expires: "2026-01-01",
-    } as any);
-    mockAuthenticateRequest.mockResolvedValue(null);
-    vi.mocked(getSurvey).mockResolvedValue({
-      id: surveyId,
-      name: "Delete me",
-      workspaceId: workspaceId,
-      type: "link",
-      status: "draft",
-      createdAt: new Date("2026-04-15T10:00:00.000Z"),
-      updatedAt: new Date("2026-04-15T10:00:00.000Z"),
-      responseCount: 0,
-      creator: { name: "User" },
-      singleUse: null,
-    } as any);
-    vi.mocked(deleteSurvey).mockResolvedValue({
-      id: surveyId,
-      workspaceId,
-      type: "link",
-      segment: null,
-      triggers: [],
-    } as any);
-    vi.mocked(requireV3WorkspaceAccess).mockResolvedValue({
-      workspaceId,
-      organizationId: "org_1",
-    });
-  });
-
-  afterEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("returns 401 when no session and no API key", async () => {
-    getServerSession.mockResolvedValue(null);
-    mockAuthenticateRequest.mockResolvedValue(null);
-
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(401);
-    expect(vi.mocked(getSurvey)).not.toHaveBeenCalled();
-  });
-
-  test("returns 200 with session auth and deletes the survey", async () => {
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-delete"), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(200);
-    expect(requireV3WorkspaceAccess).toHaveBeenCalledWith(
-      expect.objectContaining({ user: expect.any(Object) }),
-      workspaceId,
-      "readWrite",
-      "req-delete",
-      `/api/v3/surveys/${surveyId}`
-    );
-    expect(deleteSurvey).toHaveBeenCalledWith(surveyId);
-    expect(await res.json()).toEqual({
-      data: {
-        id: surveyId,
-      },
-    });
-  });
-
-  test("returns 200 with x-api-key when the key can delete in the survey workspace", async () => {
-    getServerSession.mockResolvedValue(null);
-    mockAuthenticateRequest.mockResolvedValue(apiKeyAuth as any);
-
-    const res = await DELETE(
-      createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-api-key", {
-        "x-api-key": "fbk_test",
-      }),
-      {
-        params: Promise.resolve({ surveyId }),
-      } as never
-    );
-
-    expect(res.status).toBe(200);
-    expect(requireV3WorkspaceAccess).toHaveBeenCalledWith(
-      expect.objectContaining({ apiKeyId: "key_1" }),
-      workspaceId,
-      "readWrite",
-      "req-api-key",
-      `/api/v3/surveys/${surveyId}`
-    );
-  });
-
-  test("returns 400 when surveyId is invalid", async () => {
-    const res = await DELETE(createRequest("http://localhost/api/v3/surveys/not-a-cuid"), {
-      params: Promise.resolve({ surveyId: "not-a-cuid" }),
-    } as never);
-
-    expect(res.status).toBe(400);
-    expect(vi.mocked(getSurvey)).not.toHaveBeenCalled();
-  });
-
-  test("returns 403 when the survey does not exist", async () => {
-    vi.mocked(getSurvey).mockResolvedValueOnce(null);
-
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(403);
-    expect(deleteSurvey).not.toHaveBeenCalled();
-  });
-
-  test("returns 403 when the user lacks readWrite workspace access", async () => {
-    vi.mocked(requireV3WorkspaceAccess).mockResolvedValueOnce(
-      new Response(
-        JSON.stringify({
-          title: "Forbidden",
-          status: 403,
-          detail: "You are not authorized to access this resource",
-          requestId: "req-forbidden",
-        }),
-        { status: 403, headers: { "Content-Type": "application/problem+json" } }
-      )
-    );
-
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-forbidden"), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(403);
-    expect(deleteSurvey).not.toHaveBeenCalled();
-    expect(queueAuditEvent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        action: "deleted",
-        targetType: "survey",
-        targetId: "unknown",
-        organizationId: "unknown",
-        userId: "user_1",
-        userType: "user",
-        status: "failure",
-        oldObject: undefined,
-      })
-    );
-  });
-
-  test("returns 500 when survey deletion fails", async () => {
-    vi.mocked(deleteSurvey).mockRejectedValueOnce(new DatabaseError("db down"));
-
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-db"), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(500);
-    const body = await res.json();
-    expect(body.code).toBe("internal_server_error");
-  });
-
-  test("returns 403 when the survey is deleted after authorization succeeds", async () => {
-    vi.mocked(deleteSurvey).mockRejectedValueOnce(new ResourceNotFoundError("Survey", surveyId));
-
-    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-race"), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(res.status).toBe(403);
-    const body = await res.json();
-    expect(body.code).toBe("forbidden");
-    expect(queueAuditEvent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        action: "deleted",
-        targetType: "survey",
-        targetId: surveyId,
-        organizationId: "org_1",
-        userId: "user_1",
-        userType: "user",
-        status: "failure",
-        oldObject: expect.objectContaining({
-          id: surveyId,
-          workspaceId: workspaceId,
-        }),
-      })
-    );
-  });
-
-  test("queues an audit log with target, actor, organization, and old object", async () => {
-    await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-audit"), {
-      params: Promise.resolve({ surveyId }),
-    } as never);
-
-    expect(queueAuditEvent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        action: "deleted",
-        targetType: "survey",
-        targetId: surveyId,
-        organizationId: "org_1",
-        userId: "user_1",
-        userType: "user",
-        status: "success",
-        oldObject: expect.objectContaining({
-          id: surveyId,
-          workspaceId: workspaceId,
-        }),
-      })
-    );
-  });
-});
@@ -2,42 +2,140 @@ import { z } from "zod";
 import { logger } from "@formbricks/logger";
 import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { withV3ApiWrapper } from "@/app/api/v3/lib/api-wrapper";
-import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
-import { problemForbidden, problemInternalError, successResponse } from "@/app/api/v3/lib/response";
-import { getSurvey } from "@/lib/survey/service";
+import {
+  noContentResponse,
+  problemBadRequest,
+  problemForbidden,
+  problemInternalError,
+  successResponse,
+} from "@/app/api/v3/lib/response";
+import {
+  V3SurveyLanguageError,
+  V3SurveyUnsupportedShapeError,
+  serializeV3SurveyResource,
+} from "@/app/api/v3/surveys/serializers";
 import { deleteSurvey } from "@/modules/survey/lib/surveys";
+import { getAuthorizedV3Survey } from "../authorization";
+import { parseV3SurveyLanguageQuery } from "../language";
+
+const surveyParamsSchema = z.object({
+  surveyId: z.cuid2(),
+});
+
+const surveyQuerySchema = z
+  .object({
+    lang: z
+      .union([z.string(), z.array(z.string())])
+      .transform((value, ctx) => {
+        const parsedLanguageQuery = parseV3SurveyLanguageQuery(value);
+
+        if (!parsedLanguageQuery.ok) {
+          ctx.addIssue({
+            code: "custom",
+            message: parsedLanguageQuery.message,
+          });
+          return z.NEVER;
+        }
+
+        return parsedLanguageQuery.languages;
+      })
+      .optional(),
+  })
+  .strict();
+
+export const GET = withV3ApiWrapper({
+  auth: "both",
+  schemas: {
+    params: surveyParamsSchema,
+    query: surveyQuerySchema,
+  },
+  handler: async ({ parsedInput, authentication, requestId, instance }) => {
+    const surveyId = parsedInput.params.surveyId;
+    const log = logger.withContext({ requestId, surveyId });
+
+    try {
+      const { survey, response } = await getAuthorizedV3Survey({
+        surveyId,
+        authentication,
+        access: "read",
+        requestId,
+        instance,
+      });
+
+      if (response) {
+        log.warn({ statusCode: response.status }, "Survey not found or not accessible");
+        return response;
+      }
+
+      try {
+        return successResponse(serializeV3SurveyResource(survey, { lang: parsedInput.query.lang }), {
+          requestId,
+          cache: "private, no-store",
+        });
+      } catch (error) {
+        if (error instanceof V3SurveyLanguageError) {
+          log.warn({ statusCode: 400, lang: parsedInput.query.lang }, "Invalid survey language selector");
+          return problemBadRequest(requestId, error.message, {
+            instance,
+            invalid_params: [
+              {
+                name: "lang",
+                reason: error.message,
+              },
+            ],
+          });
+        }
+
+        if (error instanceof V3SurveyUnsupportedShapeError) {
+          log.warn({ statusCode: 400 }, "Unsupported v3 survey shape");
+          return problemBadRequest(requestId, error.message, {
+            instance,
+            invalid_params: [
+              {
+                name: "survey",
+                reason: error.message,
+              },
+            ],
+          });
+        }
+
+        throw error;
+      }
+    } catch (error) {
+      if (error instanceof DatabaseError) {
+        log.error({ error, statusCode: 500 }, "Database error");
+        return problemInternalError(requestId, "An unexpected error occurred.", instance);
+      }
+
+      log.error({ error, statusCode: 500 }, "V3 survey get unexpected error");
+      return problemInternalError(requestId, "An unexpected error occurred.", instance);
+    }
+  },
+});

 export const DELETE = withV3ApiWrapper({
  auth: "both",
  action: "deleted",
  targetType: "survey",
  schemas: {
-    params: z.object({
-      surveyId: z.cuid2(),
-    }),
+    params: surveyParamsSchema,
  },
  handler: async ({ parsedInput, authentication, requestId, instance, auditLog }) => {
    const surveyId = parsedInput.params.surveyId;
    const log = logger.withContext({ requestId, surveyId });

    try {
-      const survey = await getSurvey(surveyId);
-
-      if (!survey) {
-        log.warn({ statusCode: 403 }, "Survey not found or not accessible");
-        return problemForbidden(requestId, "You are not authorized to access this resource", instance);
-      }
-
-      const authResult = await requireV3WorkspaceAccess(
+      const { survey, authResult, response } = await getAuthorizedV3Survey({
+        surveyId,
        authentication,
-        survey.workspaceId,
-        "readWrite",
+        access: "readWrite",
        requestId,
-        instance
-      );
+        instance,
+      });

-      if (authResult instanceof Response) {
-        return authResult;
+      if (response) {
+        log.warn({ statusCode: 403 }, "Survey not found or not accessible");
+        return response;
      }

      if (auditLog) {
@@ -46,14 +144,9 @@ export const DELETE = withV3ApiWrapper({
        auditLog.oldObject = survey;
      }

-      const deletedSurvey = await deleteSurvey(surveyId);
+      await deleteSurvey(surveyId);

-      return successResponse(
-        {
-          id: deletedSurvey.id,
-        },
-        { requestId }
-      );
+      return noContentResponse({ requestId });
    } catch (error) {
      if (error instanceof ResourceNotFoundError) {
        log.warn({ errorCode: error.name, statusCode: 403 }, "Survey not found or not accessible");
@@ -0,0 +1,71 @@
+import { describe, expect, test, vi } from "vitest";
+import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
+import { getSurvey } from "@/lib/survey/service";
+import { getAuthorizedV3Survey } from "./authorization";
+
+vi.mock("@/app/api/v3/lib/auth", () => ({
+  requireV3WorkspaceAccess: vi.fn(),
+}));
+
+vi.mock("@/lib/survey/service", () => ({
+  getSurvey: vi.fn(),
+}));
+
+const survey = {
+  id: "clsv1234567890123456789012",
+  workspaceId: "clxx1234567890123456789012",
+};
+const surveyRecord = survey as unknown as NonNullable<Awaited<ReturnType<typeof getSurvey>>>;
+
+describe("getAuthorizedV3Survey", () => {
+  test("returns a generic forbidden response when the survey does not exist", async () => {
+    vi.mocked(getSurvey).mockResolvedValue(null);
+
+    const result = await getAuthorizedV3Survey({
+      surveyId: survey.id,
+      authentication: null,
+      access: "read",
+      requestId: "req_1",
+      instance: "/api/v3/surveys/clsv1234567890123456789012",
+    });
+
+    expect(result.response?.status).toBe(403);
+    expect(requireV3WorkspaceAccess).not.toHaveBeenCalled();
+  });
+
+  test("returns the authorization response when workspace access is denied", async () => {
+    const forbiddenResponse = new Response(null, { status: 403 });
+    vi.mocked(getSurvey).mockResolvedValue(surveyRecord);
+    vi.mocked(requireV3WorkspaceAccess).mockResolvedValue(forbiddenResponse);
+
+    const result = await getAuthorizedV3Survey({
+      surveyId: survey.id,
+      authentication: null,
+      access: "readWrite",
+      requestId: "req_2",
+      instance: "/api/v3/surveys/clsv1234567890123456789012",
+    });
+
+    expect(result.response).toBe(forbiddenResponse);
+  });
+
+  test("returns the survey and authorization context when access is allowed", async () => {
+    const authResult = { workspaceId: survey.workspaceId, organizationId: "org_1" };
+    vi.mocked(getSurvey).mockResolvedValue(surveyRecord);
+    vi.mocked(requireV3WorkspaceAccess).mockResolvedValue(authResult);
+
+    const result = await getAuthorizedV3Survey({
+      surveyId: survey.id,
+      authentication: null,
+      access: "read",
+      requestId: "req_3",
+      instance: "/api/v3/surveys/clsv1234567890123456789012",
+    });
+
+    expect(result).toEqual({
+      survey,
+      authResult,
+      response: null,
+    });
+  });
+});
@@ -0,0 +1,37 @@
+import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
+import { problemForbidden } from "@/app/api/v3/lib/response";
+import type { TV3Authentication } from "@/app/api/v3/lib/types";
+import { getSurvey } from "@/lib/survey/service";
+
+export async function getAuthorizedV3Survey(params: {
+  surveyId: string;
+  authentication: TV3Authentication;
+  access: "read" | "readWrite";
+  requestId: string;
+  instance: string;
+}) {
+  const { surveyId, authentication, access, requestId, instance } = params;
+  const survey = await getSurvey(surveyId);
+
+  if (!survey) {
+    return {
+      survey: null,
+      authResult: null,
+      response: problemForbidden(requestId, "You are not authorized to access this resource", instance),
+    };
+  }
+
+  const authResult = await requireV3WorkspaceAccess(
+    authentication,
+    survey.workspaceId,
+    access,
+    requestId,
+    instance
+  );
+
+  if (authResult instanceof Response) {
+    return { survey: null, authResult: null, response: authResult };
+  }
+
+  return { survey, authResult, response: null };
+}
@@ -0,0 +1,241 @@
+import { beforeEach, describe, expect, test, vi } from "vitest";
+import { prisma } from "@formbricks/database";
+import type { TSurvey } from "@formbricks/types/surveys/types";
+import { getOrganizationByWorkspaceId } from "@/lib/organization/service";
+import { createSurvey } from "@/lib/survey/service";
+import { getExternalUrlsPermission } from "@/modules/survey/lib/permission";
+import { V3SurveyCreatePermissionError, createV3Survey } from "./create";
+import { ZV3CreateSurveyBody } from "./schemas";
+
+vi.mock("server-only", () => ({}));
+
+vi.mock("@formbricks/database", () => ({
+  prisma: {
+    language: {
+      upsert: vi.fn(),
+    },
+  },
+}));
+
+vi.mock("@/lib/survey/service", () => ({
+  createSurvey: vi.fn(),
+}));
+
+vi.mock("@/lib/organization/service", () => ({
+  getOrganizationByWorkspaceId: vi.fn(),
+}));
+
+vi.mock("@/modules/survey/lib/permission", () => ({
+  getExternalUrlsPermission: vi.fn(),
+}));
+
+vi.mock("@formbricks/logger", () => ({
+  logger: {
+    withContext: vi.fn(() => ({
+      error: vi.fn(),
+      warn: vi.fn(),
+    })),
+  },
+}));
+
+const workspaceId = "clxx1234567890123456789012";
+
+const rawCreateBody = {
+  workspaceId,
+  name: "Product Feedback",
+  defaultLanguage: "en-US",
+  metadata: {
+    cx_operation: "enterprise_onboarding",
+    title: { "en-US": "Product Feedback", "de-DE": "Produktfeedback" },
+  },
+  blocks: [
+    {
+      id: "clbk1234567890123456789012",
+      name: "Main Block",
+      elements: [
+        {
+          id: "satisfaction",
+          type: "openText",
+          headline: {
+            "en-US": "What should we improve?",
+            "de-DE": "Was sollen wir verbessern?",
+          },
+          required: true,
+        },
+      ],
+    },
+  ],
+};
+
+const createBody = ZV3CreateSurveyBody.parse(rawCreateBody);
+
+const createdSurvey = {
+  id: "clsv1234567890123456789012",
+  workspaceId,
+  createdAt: new Date("2026-04-21T10:00:00.000Z"),
+  updatedAt: new Date("2026-04-21T10:00:00.000Z"),
+  name: "Product Feedback",
+  type: "link",
+  status: "draft",
+  metadata: {},
+  languages: [],
+  questions: [],
+  welcomeCard: { enabled: false },
+  blocks: createBody.blocks,
+  endings: [],
+  hiddenFields: { enabled: false },
+  variables: [],
+} as unknown as TSurvey;
+
+type TLanguageUpsertArgs = Parameters<typeof prisma.language.upsert>[0];
+type TLanguageUpsertReturn = ReturnType<typeof prisma.language.upsert>;
+
+describe("createV3Survey", () => {
+  beforeEach(() => {
+    vi.resetAllMocks();
+    vi.mocked(prisma.language.upsert).mockImplementation(
+      (args: TLanguageUpsertArgs): TLanguageUpsertReturn => {
+        const workspaceIdCode = args.where.workspaceId_code;
+        if (!workspaceIdCode) {
+          throw new Error("Expected workspaceId_code upsert selector");
+        }
+
+        return Promise.resolve({
+          id: `cllang${workspaceIdCode.code.toLowerCase().replaceAll("-", "")}`,
+          code: workspaceIdCode.code,
+          alias: null,
+          workspaceId: workspaceIdCode.workspaceId,
+          createdAt: new Date("2026-04-21T10:00:00.000Z"),
+          updatedAt: new Date("2026-04-21T10:00:00.000Z"),
+        }) as TLanguageUpsertReturn;
+      }
+    );
+    vi.mocked(createSurvey).mockResolvedValue(createdSurvey);
+    vi.mocked(getOrganizationByWorkspaceId).mockResolvedValue({
+      id: "org_1",
+      name: "Organization",
+      createdAt: new Date(),
+      updatedAt: new Date(),
+      billing: {
+        limits: { monthly: { responses: 1000 }, workspaces: 1 },
+        stripeCustomerId: null,
+        usageCycleAnchor: null,
+      },
+      isAISmartToolsEnabled: false,
+      isAIDataAnalysisEnabled: false,
+      whitelabel: undefined,
+    });
+    vi.mocked(getExternalUrlsPermission).mockResolvedValue(true);
+  });
+
+  test("maps the public v3 body to the internal create payload", async () => {
+    await createV3Survey(
+      createBody,
+      {
+        user: { id: "user_1", email: "user@example.com", name: "User" },
+        expires: "2026-05-01",
+      },
+      "req_1"
+    );
+
+    expect(prisma.language.upsert).toHaveBeenCalledWith(
+      expect.objectContaining({
+        where: { workspaceId_code: { workspaceId, code: "en-US" } },
+        create: { workspaceId, code: "en-US", alias: null },
+      })
+    );
+    expect(prisma.language.upsert).toHaveBeenCalledWith(
+      expect.objectContaining({
+        where: { workspaceId_code: { workspaceId, code: "de-DE" } },
+        create: { workspaceId, code: "de-DE", alias: null },
+      })
+    );
+    expect(createSurvey).toHaveBeenCalledWith(
+      workspaceId,
+      expect.objectContaining({
+        name: "Product Feedback",
+        type: "link",
+        status: "draft",
+        createdBy: "user_1",
+        questions: [],
+        metadata: expect.objectContaining({
+          cx_operation: "enterprise_onboarding",
+          title: { default: "Product Feedback", "de-DE": "Produktfeedback" },
+        }),
+        blocks: [
+          expect.objectContaining({
+            elements: [
+              expect.objectContaining({
+                headline: {
+                  default: "What should we improve?",
+                  "de-DE": "Was sollen wir verbessern?",
+                },
+              }),
+            ],
+          }),
+        ],
+        languages: [
+          expect.objectContaining({ default: true, enabled: true }),
+          expect.objectContaining({ default: false, enabled: true }),
+        ],
+      })
+    );
+    expect(getOrganizationByWorkspaceId).not.toHaveBeenCalled();
+    expect(getExternalUrlsPermission).not.toHaveBeenCalled();
+  });
+
+  test("keeps createdBy null for API key calls and honors explicit disabled languages", async () => {
+    const body = ZV3CreateSurveyBody.parse({
+      ...rawCreateBody,
+      languages: [{ code: "fr-FR", enabled: false }],
+    });
+
+    await createV3Survey(
+      body,
+      {
+        type: "apiKey",
+        apiKeyId: "key_1",
+        organizationId: "org_1",
+        organizationAccess: { accessControl: { read: true, write: true } },
+        workspacePermissions: [],
+      },
+      "req_2"
+    );
+
+    expect(createSurvey).toHaveBeenCalledWith(
+      workspaceId,
+      expect.objectContaining({
+        createdBy: null,
+        languages: expect.arrayContaining([
+          expect.objectContaining({ language: expect.objectContaining({ code: "fr-FR" }), enabled: false }),
+        ]),
+      })
+    );
+  });
+
+  test("rejects external CTA buttons when the organization does not have external URL permission", async () => {
+    vi.mocked(getExternalUrlsPermission).mockResolvedValue(false);
+    const body = ZV3CreateSurveyBody.parse({
+      ...rawCreateBody,
+      blocks: [
+        {
+          ...rawCreateBody.blocks[0],
+          elements: [
+            {
+              id: "external_cta",
+              type: "cta",
+              headline: { "en-US": "Continue" },
+              required: false,
+              buttonExternal: true,
+              buttonUrl: "https://example.com",
+              ctaButtonLabel: { "en-US": "Open" },
+            },
+          ],
+        },
+      ],
+    });
+
+    await expect(createV3Survey(body, null, "req_3")).rejects.toThrow(V3SurveyCreatePermissionError);
+    expect(createSurvey).not.toHaveBeenCalled();
+  });
+});
@@ -0,0 +1,106 @@
+import "server-only";
+import type { TSurveyCreateInput } from "@formbricks/types/surveys/types";
+import type { TV3Authentication } from "@/app/api/v3/lib/types";
+import { getOrganizationByWorkspaceId } from "@/lib/organization/service";
+import { createSurvey } from "@/lib/survey/service";
+import { getElementsFromBlocks } from "@/lib/survey/utils";
+import { getExternalUrlsPermission } from "@/modules/survey/lib/permission";
+import { type TV3SurveyLanguageRequest, ensureV3WorkspaceLanguages } from "./languages";
+import { prepareV3SurveyCreate } from "./prepare";
+import { V3SurveyReferenceValidationError } from "./reference-validation";
+import type { TV3CreateSurveyBody } from "./schemas";
+
+export class V3SurveyCreatePermissionError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "V3SurveyCreatePermissionError";
+  }
+}
+
+function getCreatedBy(authentication: TV3Authentication): string | null {
+  if (authentication && "user" in authentication && authentication.user?.id) {
+    return authentication.user.id;
+  }
+
+  return null;
+}
+
+function hasExternalUrlReferences(input: TV3CreateSurveyBody): boolean {
+  const hasExternalEndingLink = input.endings.some(
+    (ending) => ending.type === "endScreen" && Boolean(ending.buttonLink)
+  );
+  const hasExternalCtaButton = getElementsFromBlocks(input.blocks).some(
+    (element) => element.type === "cta" && element.buttonExternal
+  );
+
+  return hasExternalEndingLink || hasExternalCtaButton;
+}
+
+async function assertV3SurveyCreatePermissions(
+  input: TV3CreateSurveyBody,
+  organizationId?: string
+): Promise<void> {
+  if (!hasExternalUrlReferences(input)) {
+    return;
+  }
+
+  const resolvedOrganizationId =
+    organizationId ?? (await getOrganizationByWorkspaceId(input.workspaceId))?.id ?? null;
+  if (!resolvedOrganizationId) {
+    return;
+  }
+
+  const isExternalUrlsAllowed = await getExternalUrlsPermission(resolvedOrganizationId);
+  if (!isExternalUrlsAllowed) {
+    throw new V3SurveyCreatePermissionError(
+      "External URLs are not enabled for this organization. Upgrade to use external survey links."
+    );
+  }
+}
+
+export async function executeV3SurveyCreate(params: {
+  input: TV3CreateSurveyBody;
+  authentication: TV3Authentication;
+  languageRequests: TV3SurveyLanguageRequest[];
+  requestId?: string;
+}) {
+  const { input, authentication, languageRequests, requestId } = params;
+  const languages = await ensureV3WorkspaceLanguages(input.workspaceId, languageRequests, requestId);
+  const surveyCreateInput: TSurveyCreateInput = {
+    name: input.name,
+    type: "link",
+    status: input.status,
+    metadata: input.metadata,
+    welcomeCard: input.welcomeCard,
+    blocks: input.blocks,
+    endings: input.endings,
+    hiddenFields: input.hiddenFields,
+    variables: input.variables,
+    languages,
+    questions: [],
+    createdBy: getCreatedBy(authentication),
+  };
+
+  return await createSurvey(input.workspaceId, surveyCreateInput);
+}
+
+export async function createV3Survey(
+  input: TV3CreateSurveyBody,
+  authentication: TV3Authentication,
+  requestId?: string,
+  organizationId?: string
+) {
+  const preparation = prepareV3SurveyCreate(input);
+  if (!preparation.ok) {
+    throw new V3SurveyReferenceValidationError(preparation.validation.invalidParams);
+  }
+
+  await assertV3SurveyCreatePermissions(input, organizationId);
+
+  return await executeV3SurveyCreate({
+    input: preparation.document,
+    authentication,
+    languageRequests: preparation.languageRequests,
+    requestId,
+  });
+}
@@ -0,0 +1,106 @@
+import { describe, expect, test } from "vitest";
+import {
+  normalizeV3SurveyLanguageTag,
+  parseV3SurveyLanguageQuery,
+  resolveV3SurveyLanguageCode,
+} from "./language";
+
+const languages = [
+  { code: "en-US", enabled: true },
+  { code: "de-DE", enabled: true },
+  { code: "fr-FR", enabled: false },
+];
+
+describe("normalizeV3SurveyLanguageTag", () => {
+  test.each([
+    ["EN_us", "en-US"],
+    ["en-us", "en-US"],
+    ["de", "de"],
+    ["zh_hans_cn", "zh-Hans-CN"],
+  ])("normalizes %s to %s", (input, expected) => {
+    expect(normalizeV3SurveyLanguageTag(input)).toBe(expected);
+  });
+
+  test("returns null for invalid language tags", () => {
+    expect(normalizeV3SurveyLanguageTag("not a locale")).toBeNull();
+  });
+});
+
+describe("parseV3SurveyLanguageQuery", () => {
+  test("parses comma-separated language selectors", () => {
+    expect(parseV3SurveyLanguageQuery("de-DE, pt_PT, EN_us")).toEqual({
+      ok: true,
+      languages: ["de-DE", "pt-PT", "en-US"],
+    });
+  });
+
+  test("parses repeated language selectors", () => {
+    expect(parseV3SurveyLanguageQuery(["de-DE", "pt_PT,en_us"])).toEqual({
+      ok: true,
+      languages: ["de-DE", "pt-PT", "en-US"],
+    });
+  });
+
+  test("deduplicates language selectors case-insensitively", () => {
+    expect(parseV3SurveyLanguageQuery("de-DE,DE_de")).toEqual({
+      ok: true,
+      languages: ["de-DE"],
+    });
+  });
+
+  test("rejects empty language selectors", () => {
+    expect(parseV3SurveyLanguageQuery("de-DE,")).toEqual({
+      ok: false,
+      message: "Language selector must contain valid comma-separated locale codes",
+    });
+  });
+
+  test("rejects invalid language selectors", () => {
+    expect(parseV3SurveyLanguageQuery("not a locale")).toEqual({
+      ok: false,
+      message: "Language 'not a locale' is not a valid locale code",
+    });
+  });
+});
+
+describe("resolveV3SurveyLanguageCode", () => {
+  test("matches configured languages case-insensitively and normalizes underscores", () => {
+    expect(resolveV3SurveyLanguageCode("DE_de", languages)).toEqual({ ok: true, code: "de-DE" });
+  });
+
+  test("resolves language-only tags when exactly one configured language matches", () => {
+    expect(resolveV3SurveyLanguageCode("de", languages)).toEqual({ ok: true, code: "de-DE" });
+  });
+
+  test("resolves disabled configured languages for management reads", () => {
+    expect(resolveV3SurveyLanguageCode("fr", languages)).toEqual({ ok: true, code: "fr-FR" });
+  });
+
+  test("returns ambiguous when language-only tags match multiple configured languages", () => {
+    expect(
+      resolveV3SurveyLanguageCode("pt", [
+        { code: "pt-BR", enabled: true },
+        { code: "pt-PT", enabled: true },
+      ])
+    ).toEqual({
+      ok: false,
+      reason: "ambiguous",
+      message: "Language 'pt' is ambiguous for this survey; use one of pt-BR, pt-PT",
+    });
+  });
+
+  test("returns unknown for languages not configured on the survey", () => {
+    expect(resolveV3SurveyLanguageCode("es-ES", languages)).toEqual({
+      ok: false,
+      reason: "unknown",
+      message: "Language 'es-ES' is not configured for this survey",
+    });
+  });
+
+  test("resolves the implicit default language for surveys without configured languages", () => {
+    expect(resolveV3SurveyLanguageCode("en", [{ code: "en-US", enabled: true }])).toEqual({
+      ok: true,
+      code: "en-US",
+    });
+  });
+});
@@ -0,0 +1,149 @@
+import type { TSurvey as TInternalSurvey } from "@formbricks/types/surveys/types";
+
+type TV3SurveyLanguageInput = {
+  code: string;
+  enabled: boolean;
+};
+
+export type TV3SurveyLanguage = {
+  code: string;
+  default: boolean;
+  enabled: boolean;
+};
+
+type TV3SurveyLanguageQueryInput = string | string[];
+
+type TResolveV3SurveyLanguageCodeResult =
+  | { ok: true; code: string }
+  | { ok: false; reason: "invalid" | "unknown" | "ambiguous"; message: string };
+
+type TParseV3SurveyLanguageQueryResult = { ok: true; languages: string[] } | { ok: false; message: string };
+
+export function normalizeV3SurveyLanguageTag(value: string): string | null {
+  const normalizedSeparators = value.trim().replaceAll("_", "-");
+
+  try {
+    return Intl.getCanonicalLocales(normalizedSeparators)[0] ?? null;
+  } catch {
+    return null;
+  }
+}
+
+export function parseV3SurveyLanguageQuery(
+  value: TV3SurveyLanguageQueryInput
+): TParseV3SurveyLanguageQueryResult {
+  const requestedLanguages = (Array.isArray(value) ? value : [value])
+    .flatMap((entry) => entry.split(","))
+    .map((entry) => entry.trim());
+
+  if (requestedLanguages.some((entry) => entry.length === 0)) {
+    return {
+      ok: false,
+      message: "Language selector must contain valid comma-separated locale codes",
+    };
+  }
+
+  const normalizedLanguages: string[] = [];
+
+  for (const language of requestedLanguages) {
+    const normalizedLanguage = normalizeV3SurveyLanguageTag(language);
+
+    if (!normalizedLanguage) {
+      return {
+        ok: false,
+        message: `Language '${language}' is not a valid locale code`,
+      };
+    }
+
+    if (!normalizedLanguages.some((entry) => entry.toLowerCase() === normalizedLanguage.toLowerCase())) {
+      normalizedLanguages.push(normalizedLanguage);
+    }
+  }
+
+  return { ok: true, languages: normalizedLanguages };
+}
+
+function getLanguageSubtag(languageTag: string): string {
+  return languageTag.split("-")[0]?.toLowerCase() ?? languageTag.toLowerCase();
+}
+
+export function resolveV3SurveyLanguageCode(
+  requestedLanguage: string,
+  languages: TV3SurveyLanguageInput[]
+): TResolveV3SurveyLanguageCodeResult {
+  const normalizedRequestedLanguage = normalizeV3SurveyLanguageTag(requestedLanguage);
+
+  if (!normalizedRequestedLanguage) {
+    return {
+      ok: false,
+      reason: "invalid",
+      message: `Language '${requestedLanguage}' is not a valid locale code`,
+    };
+  }
+
+  const normalizedLanguages = languages.map((language) => ({
+    ...language,
+    code: normalizeV3SurveyLanguageTag(language.code) ?? language.code,
+  }));
+  const exactMatch = normalizedLanguages.find(
+    (language) => language.code.toLowerCase() === normalizedRequestedLanguage.toLowerCase()
+  );
+
+  if (exactMatch) {
+    return { ok: true, code: exactMatch.code };
+  }
+
+  const requestedSubtag = getLanguageSubtag(normalizedRequestedLanguage);
+  const hasRegionOrScript = normalizedRequestedLanguage.includes("-");
+  const matchingLanguages = hasRegionOrScript
+    ? []
+    : normalizedLanguages.filter((language) => getLanguageSubtag(language.code) === requestedSubtag);
+
+  if (matchingLanguages.length > 1) {
+    return {
+      ok: false,
+      reason: "ambiguous",
+      message: `Language '${normalizedRequestedLanguage}' is ambiguous for this survey; use one of ${matchingLanguages.map((language) => language.code).join(", ")}`,
+    };
+  }
+
+  const languageMatch = matchingLanguages[0];
+  if (languageMatch) {
+    return { ok: true, code: languageMatch.code };
+  }
+
+  return {
+    ok: false,
+    reason: "unknown",
+    message: `Language '${normalizedRequestedLanguage}' is not configured for this survey`,
+  };
+}
+
+export function getV3SurveyLanguages(
+  survey: Pick<TInternalSurvey, "languages">,
+  fallbackLanguage: string
+): TV3SurveyLanguage[] {
+  const languages = (survey.languages ?? []).map((surveyLanguage) => ({
+    code: normalizeV3SurveyLanguageTag(surveyLanguage.language.code) ?? surveyLanguage.language.code,
+    default: surveyLanguage.default,
+    enabled: surveyLanguage.enabled,
+  }));
+
+  if (languages.length === 0) {
+    return [{ code: fallbackLanguage, default: true, enabled: true }];
+  }
+
+  return languages;
+}
+
+export function getV3SurveyDefaultLanguage(
+  survey: Pick<TInternalSurvey, "languages">,
+  fallbackLanguage: string
+): string {
+  const defaultLanguageCode = survey.languages?.find((surveyLanguage) => surveyLanguage.default)?.language
+    .code;
+
+  return defaultLanguageCode
+    ? (normalizeV3SurveyLanguageTag(defaultLanguageCode) ?? defaultLanguageCode)
+    : fallbackLanguage;
+}
@@ -0,0 +1,150 @@
+import "server-only";
+import { Prisma } from "@prisma/client";
+import { prisma } from "@formbricks/database";
+import { logger } from "@formbricks/logger";
+import { DatabaseError } from "@formbricks/types/errors";
+import type { TI18nString } from "@formbricks/types/i18n";
+import type { TSurveyLanguage } from "@formbricks/types/surveys/types";
+import type { TLanguage } from "@formbricks/types/workspace";
+import { normalizeV3SurveyLanguageTag } from "./language";
+import type { TV3SurveyDocument } from "./schemas";
+
+export type TV3SurveyLanguageRequest = {
+  code: string;
+  default: boolean;
+  enabled: boolean;
+};
+
+const languageSelect = {
+  id: true,
+  code: true,
+  alias: true,
+  workspaceId: true,
+  createdAt: true,
+  updatedAt: true,
+} satisfies Prisma.LanguageSelect;
+
+function isPlainObject(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function isInternalI18nString(value: unknown): value is TI18nString {
+  return (
+    isPlainObject(value) &&
+    typeof value.default === "string" &&
+    Object.values(value).every((entry) => typeof entry === "string")
+  );
+}
+
+function collectI18nLanguageCodes(value: unknown, languageCodes: Set<string>): void {
+  if (Array.isArray(value)) {
+    value.forEach((entry) => collectI18nLanguageCodes(entry, languageCodes));
+    return;
+  }
+
+  if (!isPlainObject(value)) {
+    return;
+  }
+
+  if (isInternalI18nString(value)) {
+    Object.keys(value).forEach((languageCode) => {
+      if (languageCode !== "default") {
+        const normalizedLanguageCode = normalizeV3SurveyLanguageTag(languageCode);
+        if (normalizedLanguageCode) {
+          languageCodes.add(normalizedLanguageCode);
+        }
+      }
+    });
+    return;
+  }
+
+  Object.values(value).forEach((entry) => collectI18nLanguageCodes(entry, languageCodes));
+}
+
+export function deriveV3SurveyLanguageRequests(input: TV3SurveyDocument): TV3SurveyLanguageRequest[] {
+  const requestedLanguages = new Map<string, TV3SurveyLanguageRequest>();
+  const addLanguage = (code: string, enabled = true): void => {
+    requestedLanguages.set(code, {
+      code,
+      default: code.toLowerCase() === input.defaultLanguage.toLowerCase(),
+      enabled: code.toLowerCase() === input.defaultLanguage.toLowerCase() ? true : enabled,
+    });
+  };
+
+  addLanguage(input.defaultLanguage);
+
+  input.languages.forEach((language) => {
+    addLanguage(language.code, language.enabled);
+  });
+
+  const contentLanguageCodes = new Set<string>();
+  collectI18nLanguageCodes(input.welcomeCard, contentLanguageCodes);
+  collectI18nLanguageCodes(input.blocks, contentLanguageCodes);
+  collectI18nLanguageCodes(input.endings, contentLanguageCodes);
+  collectI18nLanguageCodes(input.metadata, contentLanguageCodes);
+  contentLanguageCodes.forEach((languageCode) => {
+    if (!requestedLanguages.has(languageCode)) {
+      addLanguage(languageCode);
+    }
+  });
+
+  return Array.from(requestedLanguages.values()).sort((left, right) => {
+    if (left.default) return -1;
+    if (right.default) return 1;
+    return left.code.localeCompare(right.code);
+  });
+}
+
+export async function ensureV3WorkspaceLanguages(
+  workspaceId: string,
+  languageRequests: TV3SurveyLanguageRequest[],
+  requestId?: string
+): Promise<TSurveyLanguage[]> {
+  const log = logger.withContext({ requestId, workspaceId });
+
+  try {
+    const languages = await Promise.all(
+      languageRequests.map((languageRequest) =>
+        prisma.language.upsert({
+          where: {
+            workspaceId_code: {
+              workspaceId,
+              code: languageRequest.code,
+            },
+          },
+          update: {},
+          create: {
+            workspaceId,
+            code: languageRequest.code,
+            alias: null,
+          },
+          select: languageSelect,
+        })
+      )
+    );
+    const languageByCode = new Map(
+      languages.map((language) => [language.code.toLowerCase(), language as TLanguage])
+    );
+
+    return languageRequests.map((languageRequest) => {
+      const language = languageByCode.get(languageRequest.code.toLowerCase());
+
+      if (!language) {
+        throw new DatabaseError(`Failed to resolve language '${languageRequest.code}'`);
+      }
+
+      return {
+        language,
+        default: languageRequest.default,
+        enabled: languageRequest.enabled,
+      };
+    });
+  } catch (error) {
+    if (error instanceof Prisma.PrismaClientKnownRequestError) {
+      log.error({ error }, "Error creating workspace languages for v3 survey write");
+      throw new DatabaseError(error.message);
+    }
+
+    throw error;
+  }
+}
@@ -0,0 +1,165 @@
+import { describe, expect, test, vi } from "vitest";
+import type { TSurvey } from "@formbricks/types/surveys/types";
+import { prepareV3SurveyCreate, prepareV3SurveyCreateInput, prepareV3SurveyPatchInput } from "./prepare";
+import { ZV3CreateSurveyBody } from "./schemas";
+
+vi.mock("server-only", () => ({}));
+
+const workspaceId = "clxx1234567890123456789012";
+
+const rawCreateBody = {
+  workspaceId,
+  name: "Product Feedback",
+  defaultLanguage: "en-US",
+  blocks: [
+    {
+      id: "clbk1234567890123456789012",
+      name: "Main Block",
+      elements: [
+        {
+          id: "satisfaction",
+          type: "openText",
+          headline: { "en-US": "What should we improve?", "de-DE": "Was sollen wir verbessern?" },
+          required: true,
+        },
+      ],
+    },
+  ],
+};
+
+const createBody = ZV3CreateSurveyBody.parse(rawCreateBody);
+
+const survey = {
+  id: "clsv1234567890123456789012",
+  workspaceId,
+  createdAt: new Date("2026-04-21T10:00:00.000Z"),
+  updatedAt: new Date("2026-04-21T10:00:00.000Z"),
+  name: "Product Feedback",
+  type: "link",
+  status: "draft",
+  metadata: {},
+  languages: [
+    {
+      language: {
+        id: "cllangenus000000000000000",
+        code: "en-US",
+        alias: null,
+        workspaceId,
+        createdAt: new Date("2026-04-21T10:00:00.000Z"),
+        updatedAt: new Date("2026-04-21T10:00:00.000Z"),
+      },
+      default: true,
+      enabled: true,
+    },
+  ],
+  questions: [],
+  welcomeCard: { enabled: false },
+  blocks: createBody.blocks,
+  endings: [],
+  hiddenFields: { enabled: false },
+  variables: [],
+} as unknown as TSurvey;
+
+describe("v3 survey preparation", () => {
+  test("prepares a valid create document and derives language side effects", () => {
+    const preparation = prepareV3SurveyCreate(createBody);
+
+    expect(preparation.ok).toBe(true);
+    if (!preparation.ok) {
+      throw new Error("Expected create preparation to succeed");
+    }
+    expect(preparation.languageRequests).toEqual([
+      { code: "en-US", default: true, enabled: true },
+      { code: "de-DE", default: false, enabled: true },
+    ]);
+  });
+
+  test("returns validation results instead of throwing for invalid create input", () => {
+    const preparation = prepareV3SurveyCreateInput({
+      ...rawCreateBody,
+      blocks: [
+        {
+          ...rawCreateBody.blocks[0],
+          elements: [
+            {
+              ...rawCreateBody.blocks[0].elements[0],
+              buttonUrl: "https://example.com",
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(preparation.ok).toBe(false);
+    if (!preparation.ok) {
+      expect(preparation.validation.invalidParams).toEqual(
+        expect.arrayContaining([expect.objectContaining({ name: "blocks.0.elements.0.buttonUrl" })])
+      );
+    }
+  });
+
+  test("applies a patch over the current document before validating references", () => {
+    const preparation = prepareV3SurveyPatchInput(survey, {
+      blocks: [
+        {
+          ...rawCreateBody.blocks[0],
+          logicFallback: "clmiss12345678901234567890",
+        },
+      ],
+    });
+
+    expect(preparation.ok).toBe(false);
+    if (!preparation.ok) {
+      expect(preparation.validation.invalidParams).toEqual(
+        expect.arrayContaining([expect.objectContaining({ name: "blocks.0.logicFallback" })])
+      );
+    }
+  });
+
+  test("rejects patch input with immutable fields as validation results", () => {
+    const preparation = prepareV3SurveyPatchInput(survey, {
+      workspaceId,
+    });
+
+    expect(preparation.ok).toBe(false);
+    if (!preparation.ok) {
+      expect(preparation.validation.invalidParams).toEqual(
+        expect.arrayContaining([expect.objectContaining({ name: "workspaceId" })])
+      );
+    }
+  });
+
+  test("rejects non-draft element id changes on non-draft surveys", () => {
+    const preparation = prepareV3SurveyPatchInput(
+      {
+        ...survey,
+        status: "inProgress",
+      } as TSurvey,
+      {
+        blocks: [
+          {
+            ...rawCreateBody.blocks[0],
+            elements: [
+              {
+                ...rawCreateBody.blocks[0].elements[0],
+                id: "renamed_satisfaction",
+              },
+            ],
+          },
+        ],
+      }
+    );
+
+    expect(preparation.ok).toBe(false);
+    if (!preparation.ok) {
+      expect(preparation.validation.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            name: "blocks.0.elements.0.id",
+            reason: expect.stringContaining("cannot be changed"),
+          }),
+        ])
+      );
+    }
+  });
+});
@@ -0,0 +1,178 @@
+import type { TSurvey as TInternalSurvey } from "@formbricks/types/surveys/types";
+import type { InvalidParam } from "@/app/api/v3/lib/response";
+import { getV3SurveyDefaultLanguage, getV3SurveyLanguages } from "./language";
+import { type TV3SurveyLanguageRequest, deriveV3SurveyLanguageRequests } from "./languages";
+import {
+  DEFAULT_V3_SURVEY_LANGUAGE,
+  type TV3CreateSurveyBody,
+  type TV3PatchSurveyBody,
+  type TV3SurveyDocument,
+  ZV3CreateSurveyBody,
+  ZV3SurveyDocumentBase,
+  createZV3PatchSurveyBodySchema,
+  formatV3ZodInvalidParams,
+} from "./schemas";
+import { type TV3SurveyDocumentValidationResult, validateV3SurveyDocument } from "./validation";
+
+type TV3SurveyPrepareSuccess<TDocument> = {
+  ok: true;
+  document: TDocument;
+  validation: Extract<TV3SurveyDocumentValidationResult, { valid: true }>;
+  languageRequests: TV3SurveyLanguageRequest[];
+};
+
+type TV3SurveyPrepareFailure = {
+  ok: false;
+  validation: Extract<TV3SurveyDocumentValidationResult, { valid: false }>;
+};
+
+export type TV3SurveyPrepareResult<TDocument> = TV3SurveyPrepareSuccess<TDocument> | TV3SurveyPrepareFailure;
+
+function invalidPreparation(invalidParams: InvalidParam[]): TV3SurveyPrepareFailure {
+  return {
+    ok: false,
+    validation: {
+      valid: false,
+      invalidParams,
+    },
+  };
+}
+
+function validPreparation<TDocument extends TV3SurveyDocument>(
+  document: TDocument
+): TV3SurveyPrepareResult<TDocument> {
+  const validation = validateV3SurveyDocument(document);
+
+  if (!validation.valid) {
+    return invalidPreparation(validation.invalidParams);
+  }
+
+  return {
+    ok: true,
+    document,
+    validation,
+    languageRequests: deriveV3SurveyLanguageRequests(document),
+  };
+}
+
+function buildDocumentFromSurvey(survey: TInternalSurvey): TV3SurveyPrepareResult<TV3SurveyDocument> {
+  if (Array.isArray(survey.questions) && survey.questions.length > 0) {
+    return invalidPreparation([
+      {
+        name: "survey",
+        reason: "Legacy question-based surveys are not supported by the v3 survey management API",
+      },
+    ]);
+  }
+
+  const documentResult = ZV3SurveyDocumentBase.safeParse({
+    name: survey.name,
+    status: survey.status,
+    metadata: survey.metadata ?? {},
+    defaultLanguage: getV3SurveyDefaultLanguage(survey, DEFAULT_V3_SURVEY_LANGUAGE),
+    languages: getV3SurveyLanguages(survey, DEFAULT_V3_SURVEY_LANGUAGE),
+    welcomeCard: survey.welcomeCard,
+    blocks: survey.blocks,
+    endings: survey.endings,
+    hiddenFields: survey.hiddenFields,
+    variables: survey.variables,
+  });
+
+  if (!documentResult.success) {
+    return invalidPreparation(formatV3ZodInvalidParams(documentResult.error, "survey"));
+  }
+
+  return validPreparation(documentResult.data);
+}
+
+function mergeV3SurveyPatch(document: TV3SurveyDocument, patch: TV3PatchSurveyBody): TV3SurveyDocument {
+  return {
+    ...document,
+    ...Object.fromEntries(Object.entries(patch).filter(([, value]) => value !== undefined)),
+  };
+}
+
+function getElementIds(document: TV3SurveyDocument): Set<string> {
+  return new Set(document.blocks.flatMap((block) => block.elements.map((element) => element.id)));
+}
+
+function getImmutableElementIdIssues(
+  currentDocument: TV3SurveyDocument,
+  patchedDocument: TV3SurveyDocument
+): InvalidParam[] {
+  if (currentDocument.status === "draft") {
+    return [];
+  }
+
+  const patchedElementIds = getElementIds(patchedDocument);
+  const issues: InvalidParam[] = [];
+
+  currentDocument.blocks.forEach((currentBlock) => {
+    const patchedBlockIndex = patchedDocument.blocks.findIndex((block) => block.id === currentBlock.id);
+    if (patchedBlockIndex === -1) {
+      return;
+    }
+
+    const patchedBlock = patchedDocument.blocks[patchedBlockIndex];
+    currentBlock.elements.forEach((currentElement, elementIndex) => {
+      if (currentElement.isDraft || patchedElementIds.has(currentElement.id)) {
+        return;
+      }
+
+      const patchedElement = patchedBlock.elements[elementIndex];
+      if (!patchedElement || patchedElement.id === currentElement.id) {
+        return;
+      }
+
+      issues.push({
+        name: `blocks.${patchedBlockIndex}.elements.${elementIndex}.id`,
+        reason: `Element id '${currentElement.id}' cannot be changed because the survey and element are no longer drafts`,
+      });
+    });
+  });
+
+  return issues;
+}
+
+export function prepareV3SurveyCreate(
+  document: TV3CreateSurveyBody
+): TV3SurveyPrepareResult<TV3CreateSurveyBody> {
+  return validPreparation(document);
+}
+
+export function prepareV3SurveyCreateInput(input: unknown): TV3SurveyPrepareResult<TV3CreateSurveyBody> {
+  const parsed = ZV3CreateSurveyBody.safeParse(input);
+
+  if (!parsed.success) {
+    return invalidPreparation(formatV3ZodInvalidParams(parsed.error, "data"));
+  }
+
+  return prepareV3SurveyCreate(parsed.data);
+}
+
+export function prepareV3SurveyPatchInput(
+  survey: TInternalSurvey,
+  input: unknown
+): TV3SurveyPrepareResult<TV3SurveyDocument> {
+  const currentDocument = buildDocumentFromSurvey(survey);
+
+  if (!currentDocument.ok) {
+    return currentDocument;
+  }
+
+  const parsedPatch = createZV3PatchSurveyBodySchema(currentDocument.document.defaultLanguage).safeParse(
+    input
+  );
+
+  if (!parsedPatch.success) {
+    return invalidPreparation(formatV3ZodInvalidParams(parsedPatch.error, "data"));
+  }
+
+  const patchedDocument = mergeV3SurveyPatch(currentDocument.document, parsedPatch.data);
+  const immutableElementIdIssues = getImmutableElementIdIssues(currentDocument.document, patchedDocument);
+  if (immutableElementIdIssues.length > 0) {
+    return invalidPreparation(immutableElementIdIssues);
+  }
+
+  return validPreparation(patchedDocument);
+}
@@ -0,0 +1,269 @@
+import { describe, expect, test } from "vitest";
+import { validateV3SurveyReferences } from "./reference-validation";
+import { ZV3CreateSurveyBody } from "./schemas";
+
+const validSurvey = ZV3CreateSurveyBody.parse({
+  workspaceId: "clxx1234567890123456789012",
+  name: "Product Feedback",
+  hiddenFields: {
+    enabled: true,
+    fieldIds: ["account_id"],
+  },
+  variables: [
+    {
+      id: "clvar123456789012345678901",
+      name: "score",
+      type: "number",
+      value: 0,
+    },
+  ],
+  endings: [
+    {
+      id: "clend123456789012345678901",
+      type: "endScreen",
+      headline: { "en-US": "Thanks" },
+    },
+  ],
+  blocks: [
+    {
+      id: "clbk1234567890123456789012",
+      name: "Main Block",
+      logicFallback: "clend123456789012345678901",
+      elements: [
+        {
+          id: "satisfaction",
+          type: "openText",
+          headline: { "en-US": "What should we improve?" },
+          required: true,
+        },
+      ],
+      logic: [
+        {
+          id: "cllog123456789012345678901",
+          conditions: {
+            id: "clgrp123456789012345678901",
+            connector: "and",
+            conditions: [
+              {
+                id: "clcon123456789012345678901",
+                leftOperand: { type: "element", value: "satisfaction" },
+                operator: "isSubmitted",
+              },
+            ],
+          },
+          actions: [
+            {
+              id: "clact123456789012345678901",
+              objective: "calculate",
+              variableId: "clvar123456789012345678901",
+              operator: "add",
+              value: { type: "static", value: 1 },
+            },
+          ],
+        },
+      ],
+    },
+  ],
+});
+
+describe("validateV3SurveyReferences", () => {
+  test("accepts a survey with consistent stable identifiers", () => {
+    expect(
+      validateV3SurveyReferences({
+        blocks: validSurvey.blocks,
+        endings: validSurvey.endings,
+        hiddenFields: validSurvey.hiddenFields,
+        variables: validSurvey.variables,
+      })
+    ).toEqual({ ok: true, invalidParams: [] });
+  });
+
+  test("rejects duplicate block, element, variable, and hidden field identifiers", () => {
+    const survey = {
+      ...validSurvey,
+      hiddenFields: { enabled: true, fieldIds: ["account_id", "account_id"] },
+      variables: [
+        ...validSurvey.variables,
+        {
+          id: "clvar123456789012345678901",
+          name: "score",
+          type: "number" as const,
+          value: 0,
+        },
+      ],
+      blocks: [
+        ...validSurvey.blocks,
+        {
+          ...validSurvey.blocks[0],
+          elements: [{ ...validSurvey.blocks[0].elements[0] }],
+        },
+      ],
+    };
+
+    const result = validateV3SurveyReferences({
+      blocks: survey.blocks,
+      endings: survey.endings,
+      hiddenFields: survey.hiddenFields,
+      variables: survey.variables,
+    });
+
+    expect(result.ok).toBe(false);
+    if (!result.ok) {
+      expect(result.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: "blocks.1.id" }),
+          expect.objectContaining({ name: "blocks.1.elements.0.id" }),
+          expect.objectContaining({ name: "variables.1.id" }),
+          expect.objectContaining({ name: "hiddenFields.fieldIds.1" }),
+        ])
+      );
+    }
+  });
+
+  test("rejects cross-namespace identifier collisions", () => {
+    const result = validateV3SurveyReferences({
+      blocks: validSurvey.blocks,
+      endings: validSurvey.endings,
+      hiddenFields: { enabled: true, fieldIds: ["account_id", "satisfaction"] },
+      variables: [
+        {
+          id: "satisfaction",
+          name: "account_id",
+          type: "number",
+          value: 0,
+        },
+      ],
+    });
+
+    expect(result.ok).toBe(false);
+    if (!result.ok) {
+      expect(result.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: "hiddenFields.fieldIds.1" }),
+          expect.objectContaining({ name: "variables.0.id" }),
+          expect.objectContaining({ name: "variables.0.name" }),
+        ])
+      );
+    }
+  });
+
+  test("reports dangling logic references with actionable paths", () => {
+    const survey = {
+      ...validSurvey,
+      blocks: [
+        {
+          ...validSurvey.blocks[0],
+          logicFallback: "clmiss12345678901234567890",
+          logic: [
+            {
+              ...validSurvey.blocks[0].logic![0],
+              actions: [
+                {
+                  ...validSurvey.blocks[0].logic![0].actions[0],
+                  variableId: "clmiss12345678901234567890",
+                },
+                {
+                  id: "cljmp123456789012345678901",
+                  objective: "jumpToBlock" as const,
+                  target: "clmiss12345678901234567890",
+                },
+              ],
+            },
+          ],
+        },
+      ],
+    };
+
+    const result = validateV3SurveyReferences({
+      blocks: survey.blocks,
+      endings: survey.endings,
+      hiddenFields: survey.hiddenFields,
+      variables: survey.variables,
+    });
+
+    expect(result.ok).toBe(false);
+    if (!result.ok) {
+      expect(result.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: "blocks.0.logicFallback" }),
+          expect.objectContaining({ name: "blocks.0.logic.0.actions.0.variableId" }),
+          expect.objectContaining({ name: "blocks.0.logic.0.actions.1.target" }),
+        ])
+      );
+    }
+  });
+
+  test("reports dangling recall references with actionable paths", () => {
+    const survey = {
+      ...validSurvey,
+      blocks: [
+        {
+          ...validSurvey.blocks[0],
+          elements: [
+            {
+              ...validSurvey.blocks[0].elements[0],
+              headline: {
+                default: "Please explain #recall:missing_id/fallback:your answer#",
+              },
+            },
+          ],
+        },
+      ],
+    };
+
+    const result = validateV3SurveyReferences({
+      blocks: survey.blocks,
+      endings: survey.endings,
+      hiddenFields: survey.hiddenFields,
+      variables: survey.variables,
+    });
+
+    expect(result.ok).toBe(false);
+    if (!result.ok) {
+      expect(result.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            name: "blocks.0.elements.0.headline.default",
+            reason: expect.stringContaining("missing_id"),
+          }),
+        ])
+      );
+    }
+  });
+
+  test("reports dangling recall references in survey-level translatable fields", () => {
+    const result = validateV3SurveyReferences({
+      blocks: validSurvey.blocks,
+      endings: validSurvey.endings,
+      hiddenFields: validSurvey.hiddenFields,
+      metadata: {
+        title: {
+          default: "Metadata #recall:missing_metadata_reference/fallback:value#",
+        },
+      },
+      variables: validSurvey.variables,
+      welcomeCard: {
+        enabled: true,
+        headline: {
+          default: "Welcome #recall:missing_welcome_reference/fallback:there#",
+        },
+      },
+    });
+
+    expect(result.ok).toBe(false);
+    if (!result.ok) {
+      expect(result.invalidParams).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            name: "welcomeCard.headline.default",
+            reason: expect.stringContaining("missing_welcome_reference"),
+          }),
+          expect.objectContaining({
+            name: "metadata.title.default",
+            reason: expect.stringContaining("missing_metadata_reference"),
+          }),
+        ])
+      );
+    }
+  });
+});
@@ -0,0 +1,342 @@
+import type { TSurveyBlocks } from "@formbricks/types/surveys/blocks";
+import type { TConditionGroup, TDynamicLogicFieldValue } from "@formbricks/types/surveys/logic";
+import type { TSurveyEndings, TSurveyHiddenFields, TSurveyVariables } from "@formbricks/types/surveys/types";
+import type { InvalidParam } from "@/app/api/v3/lib/response";
+
+type TReferenceValidationInput = {
+  blocks: TSurveyBlocks;
+  endings: TSurveyEndings;
+  hiddenFields: TSurveyHiddenFields;
+  metadata?: unknown;
+  variables: TSurveyVariables;
+  welcomeCard?: unknown;
+};
+
+type TNamedReference = {
+  id: string;
+  path: string;
+  namespace: "block" | "element" | "ending" | "hiddenField" | "variable" | "variableName";
+};
+
+export class V3SurveyReferenceValidationError extends Error {
+  invalidParams: InvalidParam[];
+
+  constructor(invalidParams: InvalidParam[]) {
+    super("Survey contains invalid references");
+    this.name = "V3SurveyReferenceValidationError";
+    this.invalidParams = invalidParams;
+  }
+}
+
+export type TV3SurveyReferenceValidationResult =
+  | { ok: true; invalidParams: [] }
+  | { ok: false; invalidParams: InvalidParam[] };
+
+function addDuplicateIdIssues(
+  entries: { id: string; path: string }[],
+  label: string,
+  issues: InvalidParam[]
+): void {
+  const firstPathById = new Map<string, string>();
+
+  entries.forEach(({ id, path }) => {
+    const firstPath = firstPathById.get(id);
+    if (firstPath !== undefined) {
+      issues.push({
+        name: path,
+        reason: `${label} id '${id}' is duplicated; first used at ${firstPath}`,
+      });
+      return;
+    }
+
+    firstPathById.set(id, path);
+  });
+}
+
+function addDuplicateValueIssues(
+  values: string[],
+  pathForIndex: (index: number) => string,
+  label: string,
+  issues: InvalidParam[]
+): void {
+  const firstIndexByValue = new Map<string, number>();
+
+  values.forEach((value, index) => {
+    const firstIndex = firstIndexByValue.get(value);
+    if (firstIndex !== undefined) {
+      issues.push({
+        name: pathForIndex(index),
+        reason: `${label} '${value}' is duplicated; first used at ${pathForIndex(firstIndex)}`,
+      });
+      return;
+    }
+
+    firstIndexByValue.set(value, index);
+  });
+}
+
+function addCrossNamespaceCollisionIssues(entries: TNamedReference[], issues: InvalidParam[]): void {
+  const firstEntryById = new Map<string, TNamedReference>();
+
+  entries.forEach((entry) => {
+    const lookupId = entry.id.toLowerCase();
+    const firstEntry = firstEntryById.get(lookupId);
+
+    if (!firstEntry) {
+      firstEntryById.set(lookupId, entry);
+      return;
+    }
+
+    if (firstEntry.namespace === entry.namespace) {
+      return;
+    }
+
+    issues.push({
+      name: entry.path,
+      reason: `${entry.namespace} identifier '${entry.id}' conflicts with ${firstEntry.namespace} identifier at ${firstEntry.path}`,
+    });
+  });
+}
+
+function isPlainObject(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function addRecallReferenceIssues(
+  value: unknown,
+  path: string,
+  references: {
+    elementIds: Set<string>;
+    variableIds: Set<string>;
+    hiddenFieldIds: Set<string>;
+  },
+  issues: InvalidParam[]
+): void {
+  if (typeof value === "string") {
+    const recallPattern = /#recall:([A-Za-z0-9_-]+)/g;
+
+    for (const match of value.matchAll(recallPattern)) {
+      const recallId = match[1];
+      const isKnownReference =
+        references.elementIds.has(recallId) ||
+        references.variableIds.has(recallId) ||
+        references.hiddenFieldIds.has(recallId);
+
+      if (!isKnownReference) {
+        issues.push({
+          name: path,
+          reason: `Recall reference '${recallId}' is not defined in blocks, variables, or hiddenFields.fieldIds`,
+        });
+      }
+    }
+
+    return;
+  }
+
+  if (Array.isArray(value)) {
+    value.forEach((entry, index) => addRecallReferenceIssues(entry, `${path}.${index}`, references, issues));
+    return;
+  }
+
+  if (!isPlainObject(value)) {
+    return;
+  }
+
+  Object.entries(value).forEach(([key, entry]) => {
+    addRecallReferenceIssues(entry, path ? `${path}.${key}` : key, references, issues);
+  });
+}
+
+function validateDynamicOperand(
+  operand: TDynamicLogicFieldValue,
+  path: string,
+  references: {
+    elementIds: Set<string>;
+    variableIds: Set<string>;
+    hiddenFieldIds: Set<string>;
+  },
+  issues: InvalidParam[]
+): void {
+  if (operand.type === "element" && !references.elementIds.has(operand.value)) {
+    issues.push({
+      name: `${path}.value`,
+      reason: `Element id '${operand.value}' is not defined in blocks`,
+    });
+  }
+
+  if (operand.type === "variable" && !references.variableIds.has(operand.value)) {
+    issues.push({
+      name: `${path}.value`,
+      reason: `Variable id '${operand.value}' is not defined in variables`,
+    });
+  }
+
+  if (operand.type === "hiddenField" && !references.hiddenFieldIds.has(operand.value)) {
+    issues.push({
+      name: `${path}.value`,
+      reason: `Hidden field id '${operand.value}' is not defined in hiddenFields.fieldIds`,
+    });
+  }
+}
+
+function validateConditionGroup(
+  conditionGroup: TConditionGroup,
+  path: string,
+  references: {
+    elementIds: Set<string>;
+    variableIds: Set<string>;
+    hiddenFieldIds: Set<string>;
+  },
+  issues: InvalidParam[]
+): void {
+  conditionGroup.conditions.forEach((condition, index) => {
+    const conditionPath = `${path}.conditions.${index}`;
+
+    if ("conditions" in condition) {
+      validateConditionGroup(condition, conditionPath, references, issues);
+      return;
+    }
+
+    validateDynamicOperand(condition.leftOperand, `${conditionPath}.leftOperand`, references, issues);
+
+    if (condition.rightOperand?.type && condition.rightOperand.type !== "static") {
+      validateDynamicOperand(condition.rightOperand, `${conditionPath}.rightOperand`, references, issues);
+    }
+  });
+}
+
+export function getV3SurveyReferenceInvalidParams(input: TReferenceValidationInput): InvalidParam[] {
+  const issues: InvalidParam[] = [];
+  const blockIds = input.blocks.map((block) => block.id);
+  const blockEntries = input.blocks.map((block, index) => ({
+    id: block.id,
+    path: `blocks.${index}.id`,
+  }));
+  const endingIds = input.endings.map((ending) => ending.id);
+  const endingEntries = input.endings.map((ending, index) => ({
+    id: ending.id,
+    path: `endings.${index}.id`,
+  }));
+  const elementEntries = input.blocks.flatMap((block, blockIndex) =>
+    block.elements.map((element, elementIndex) => ({
+      id: element.id,
+      path: `blocks.${blockIndex}.elements.${elementIndex}.id`,
+    }))
+  );
+  const elementIds = elementEntries.map((element) => element.id);
+  const hiddenFieldIds = input.hiddenFields.fieldIds ?? [];
+  const hiddenFieldEntries = hiddenFieldIds.map((id, index) => ({
+    id,
+    path: `hiddenFields.fieldIds.${index}`,
+  }));
+  const variableIds = input.variables.map((variable) => variable.id);
+  const variableIdEntries = variableIds.map((id, index) => ({
+    id,
+    path: `variables.${index}.id`,
+  }));
+  const variableNames = input.variables.map((variable) => variable.name);
+  const variableNameEntries = variableNames.map((id, index) => ({
+    id,
+    path: `variables.${index}.name`,
+  }));
+  const navigationTargetIds = new Set([...blockIds, ...endingIds]);
+  const references = {
+    elementIds: new Set(elementIds),
+    variableIds: new Set(variableIds),
+    hiddenFieldIds: new Set(hiddenFieldIds),
+  };
+
+  addDuplicateIdIssues(blockEntries, "Block", issues);
+  addDuplicateIdIssues(elementEntries, "Element", issues);
+  addDuplicateIdIssues(variableIdEntries, "Variable", issues);
+  addDuplicateValueIssues(
+    hiddenFieldIds,
+    (index) => `hiddenFields.fieldIds.${index}`,
+    "Hidden field id",
+    issues
+  );
+  addDuplicateValueIssues(variableNames, (index) => `variables.${index}.name`, "Variable name", issues);
+  addCrossNamespaceCollisionIssues(
+    [
+      ...blockEntries.map((entry) => ({ ...entry, namespace: "block" as const })),
+      ...elementEntries.map((entry) => ({ ...entry, namespace: "element" as const })),
+      ...endingEntries.map((entry) => ({ ...entry, namespace: "ending" as const })),
+      ...hiddenFieldEntries.map((entry) => ({ ...entry, namespace: "hiddenField" as const })),
+      ...variableIdEntries.map((entry) => ({ ...entry, namespace: "variable" as const })),
+      ...variableNameEntries.map((entry) => ({ ...entry, namespace: "variableName" as const })),
+    ],
+    issues
+  );
+
+  input.blocks.forEach((block, blockIndex) => {
+    if (block.logicFallback && !navigationTargetIds.has(block.logicFallback)) {
+      issues.push({
+        name: `blocks.${blockIndex}.logicFallback`,
+        reason: `Logic fallback target '${block.logicFallback}' is not defined in blocks or endings`,
+      });
+    }
+
+    block.logic?.forEach((logic, logicIndex) => {
+      const logicPath = `blocks.${blockIndex}.logic.${logicIndex}`;
+      validateConditionGroup(logic.conditions, `${logicPath}.conditions`, references, issues);
+
+      logic.actions.forEach((action, actionIndex) => {
+        const actionPath = `${logicPath}.actions.${actionIndex}`;
+
+        if (action.objective === "calculate") {
+          if (!references.variableIds.has(action.variableId)) {
+            issues.push({
+              name: `${actionPath}.variableId`,
+              reason: `Variable id '${action.variableId}' is not defined in variables`,
+            });
+          }
+
+          if (action.value.type !== "static") {
+            validateDynamicOperand(action.value, `${actionPath}.value`, references, issues);
+          }
+        }
+
+        if (action.objective === "requireAnswer" && !references.elementIds.has(action.target)) {
+          issues.push({
+            name: `${actionPath}.target`,
+            reason: `Element id '${action.target}' is not defined in blocks`,
+          });
+        }
+
+        if (action.objective === "jumpToBlock" && !navigationTargetIds.has(action.target)) {
+          issues.push({
+            name: `${actionPath}.target`,
+            reason: `Jump target '${action.target}' is not defined in blocks or endings`,
+          });
+        }
+      });
+    });
+  });
+
+  addRecallReferenceIssues(input.blocks, "blocks", references, issues);
+  addRecallReferenceIssues(input.endings, "endings", references, issues);
+  addRecallReferenceIssues(input.welcomeCard, "welcomeCard", references, issues);
+  addRecallReferenceIssues(input.metadata, "metadata", references, issues);
+
+  return issues;
+}
+
+export function validateV3SurveyReferences(
+  input: TReferenceValidationInput
+): TV3SurveyReferenceValidationResult {
+  const invalidParams = getV3SurveyReferenceInvalidParams(input);
+
+  if (invalidParams.length > 0) {
+    return { ok: false, invalidParams };
+  }
+
+  return { ok: true, invalidParams: [] };
+}
+
+export function assertValidV3SurveyReferences(input: TReferenceValidationInput): void {
+  const result = validateV3SurveyReferences(input);
+
+  if (!result.ok) {
+    throw new V3SurveyReferenceValidationError(result.invalidParams);
+  }
+}
@@ -50,6 +50,10 @@ vi.mock("@/modules/survey/list/lib/survey", async (importOriginal) => {
  };
 });

+vi.mock("./create", () => ({
+  createV3Survey: vi.fn(),
+}));
+
 vi.mock("@formbricks/logger", () => ({
  logger: {
    withContext: vi.fn(() => ({
@@ -1,5 +1,5 @@
 /**
- * GET /api/v3/surveys — list surveys for a workspace.
+ * /api/v3/surveys — list and create block-based survey management resources.
 * Session cookie or x-api-key; scope by workspaceId only.
 */
 import { logger } from "@formbricks/logger";
@@ -7,6 +7,7 @@ import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { withV3ApiWrapper } from "@/app/api/v3/lib/api-wrapper";
 import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
 import {
+  createdResponse,
  problemBadRequest,
  problemForbidden,
  problemInternalError,
@@ -14,8 +15,15 @@ import {
 } from "@/app/api/v3/lib/response";
 import { getSurveyCount } from "@/modules/survey/list/lib/survey";
 import { getSurveyListPage } from "@/modules/survey/list/lib/survey-page";
+import { V3SurveyCreatePermissionError, createV3Survey } from "./create";
 import { parseV3SurveysListQuery } from "./parse-v3-surveys-list-query";
-import { serializeV3SurveyListItem } from "./serializers";
+import { V3SurveyReferenceValidationError } from "./reference-validation";
+import { ZV3CreateSurveyBody } from "./schemas";
+import {
+  V3SurveyUnsupportedShapeError,
+  serializeV3SurveyListItem,
+  serializeV3SurveyResource,
+} from "./serializers";

 export const GET = withV3ApiWrapper({
  auth: "both",
@@ -80,3 +88,81 @@ export const GET = withV3ApiWrapper({
    }
  },
 });
+
+export const POST = withV3ApiWrapper({
+  auth: "both",
+  schemas: {
+    body: ZV3CreateSurveyBody,
+  },
+  action: "created",
+  targetType: "survey",
+  handler: async ({ authentication, auditLog, parsedInput, requestId, instance }) => {
+    const { body } = parsedInput;
+    const log = logger.withContext({ requestId, workspaceId: body.workspaceId });
+
+    try {
+      const authResult = await requireV3WorkspaceAccess(
+        authentication,
+        body.workspaceId,
+        "readWrite",
+        requestId,
+        instance
+      );
+      if (authResult instanceof Response) {
+        return authResult;
+      }
+
+      const survey = await createV3Survey(
+        {
+          ...body,
+          workspaceId: authResult.workspaceId,
+        },
+        authentication,
+        requestId,
+        authResult.organizationId
+      );
+      const resource = serializeV3SurveyResource(survey);
+
+      if (auditLog) {
+        auditLog.organizationId = authResult.organizationId;
+        auditLog.targetId = survey.id;
+        auditLog.newObject = resource;
+      }
+
+      return createdResponse(resource, {
+        requestId,
+        location: `/api/v3/surveys/${survey.id}`,
+      });
+    } catch (err) {
+      if (err instanceof V3SurveyReferenceValidationError) {
+        log.warn({ statusCode: 400, invalidParams: err.invalidParams }, "Survey reference validation failed");
+        return problemBadRequest(requestId, "Invalid survey references", {
+          invalid_params: err.invalidParams,
+          instance,
+        });
+      }
+      if (err instanceof V3SurveyUnsupportedShapeError) {
+        log.warn({ statusCode: 400, errorCode: err.name }, "Unsupported survey shape");
+        return problemBadRequest(requestId, err.message, {
+          invalid_params: [{ name: "body", reason: err.message }],
+          instance,
+        });
+      }
+      if (err instanceof V3SurveyCreatePermissionError) {
+        log.warn({ statusCode: 403, errorCode: err.name }, "Survey create permission check failed");
+        return problemForbidden(requestId, err.message, instance);
+      }
+      if (err instanceof ResourceNotFoundError) {
+        log.warn({ statusCode: 403, errorCode: err.name }, "Resource not found");
+        return problemForbidden(requestId, "You are not authorized to access this resource", instance);
+      }
+      if (err instanceof DatabaseError) {
+        log.error({ error: err, statusCode: 500 }, "Database error");
+        return problemInternalError(requestId, "An unexpected error occurred.", instance);
+      }
+
+      log.error({ error: err, statusCode: 500 }, "V3 survey create unexpected error");
+      return problemInternalError(requestId, "An unexpected error occurred.", instance);
+    }
+  },
+});
@@ -0,0 +1,403 @@
+import { describe, expect, test } from "vitest";
+import { ZV3CreateSurveyBody, ZV3PatchSurveyBody, createZV3PatchSurveyBodySchema } from "./schemas";
+
+const validCreateBody = {
+  workspaceId: "clxx1234567890123456789012",
+  name: "Product Feedback",
+  blocks: [
+    {
+      id: "clbk1234567890123456789012",
+      name: "Main Block",
+      elements: [
+        {
+          id: "satisfaction",
+          type: "openText",
+          headline: { "en-US": "What should we improve?" },
+          required: true,
+        },
+      ],
+    },
+  ],
+};
+
+describe("ZV3CreateSurveyBody", () => {
+  test("accepts a valid block-based create body and applies public defaults", () => {
+    const parsed = ZV3CreateSurveyBody.parse(validCreateBody);
+
+    expect(parsed).toMatchObject({
+      workspaceId: validCreateBody.workspaceId,
+      name: "Product Feedback",
+      type: "link",
+      status: "draft",
+      metadata: {},
+      defaultLanguage: "en-US",
+      languages: [],
+      welcomeCard: { enabled: false },
+      endings: [],
+      hiddenFields: { enabled: false },
+      variables: [],
+    });
+    expect(parsed.blocks[0].elements[0]).toMatchObject({
+      headline: { default: "What should we improve?" },
+    });
+  });
+
+  test("normalizes locale maps and language codes before shared survey validation", () => {
+    const parsed = ZV3CreateSurveyBody.parse({
+      ...validCreateBody,
+      defaultLanguage: "en_us",
+      languages: [{ code: "de_de" }],
+      welcomeCard: {
+        enabled: true,
+        headline: { en_us: "Welcome", de_de: "Willkommen" },
+      },
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              headline: { en_us: "Hello", de_de: "Hallo" },
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(parsed.defaultLanguage).toBe("en-US");
+    expect(parsed.languages).toEqual([{ code: "de-DE", enabled: true }]);
+    expect(parsed.welcomeCard).toMatchObject({
+      headline: { default: "Welcome", "de-DE": "Willkommen" },
+    });
+    expect(parsed.blocks[0].elements[0]).toMatchObject({
+      headline: { default: "Hello", "de-DE": "Hallo" },
+    });
+  });
+
+  test("rejects an invalid defaultLanguage instead of silently defaulting", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      defaultLanguage: "not a locale",
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toContain("defaultLanguage");
+  });
+
+  test("rejects duplicate locale keys after normalization", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              headline: { "en-US": "Hello", en_us: "Duplicate" },
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toContain(
+      "blocks.0.elements.0.headline.en_us"
+    );
+  });
+
+  test("rejects unsupported top-level fields instead of silently ignoring them", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      questions: [],
+      styling: {},
+      createdBy: "user_1",
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toEqual(
+      expect.arrayContaining(["questions", "styling", "createdBy"])
+    );
+  });
+
+  test("rejects unsupported nested fields instead of stripping them", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          targeting: {},
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              analytics: {},
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toEqual(
+      expect.arrayContaining(["blocks.0.targeting", "blocks.0.elements.0.analytics"])
+    );
+  });
+
+  test("rejects element fields that do not belong to the selected element type", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              buttonUrl: "https://example.com",
+              scale: "star",
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toContain(
+      "blocks.0.elements.0.buttonUrl"
+    );
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toContain("blocks.0.elements.0.scale");
+    expect(
+      result.error?.issues.find((issue) => issue.path.join(".") === "blocks.0.elements.0.buttonUrl")
+    ).toMatchObject({
+      message: expect.stringContaining("element type 'openText'"),
+    });
+  });
+
+  test("rejects choice fields that do not belong to the selected element type", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              id: "choices",
+              type: "multipleChoiceSingle",
+              headline: { "en-US": "Pick one" },
+              required: true,
+              choices: [
+                { id: "choice_1", label: { "en-US": "A" }, imageUrl: "https://example.com/a.png" },
+                { id: "choice_2", label: { "en-US": "B" } },
+              ],
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toContain(
+      "blocks.0.elements.0.choices.0.imageUrl"
+    );
+    expect(
+      result.error?.issues.find((issue) => issue.path.join(".") === "blocks.0.elements.0.choices.0.imageUrl")
+    ).toMatchObject({
+      message: expect.stringContaining("Allowed fields: id, label"),
+    });
+  });
+
+  test("does not rewrite locale-shaped objects in logic metadata", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+            },
+          ],
+          logic: [
+            {
+              id: "cllog123456789012345678901",
+              conditions: {
+                id: "clgrp123456789012345678901",
+                connector: "and",
+                conditions: [
+                  {
+                    id: "clcon123456789012345678901",
+                    leftOperand: {
+                      type: "element",
+                      value: "satisfaction",
+                      meta: { "en-US": "metadata" },
+                    },
+                    operator: "isSubmitted",
+                  },
+                ],
+              },
+              actions: [
+                {
+                  id: "clact123456789012345678901",
+                  objective: "requireAnswer",
+                  target: "satisfaction",
+                },
+              ],
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(true);
+    if (!result.success) {
+      throw new Error("Expected schema validation to pass");
+    }
+    expect(result.data.blocks[0].logic?.[0].conditions.conditions[0]).toMatchObject({
+      leftOperand: {
+        meta: { "en-US": "metadata" },
+      },
+    });
+  });
+
+  test("rejects the internal default translation key in public v3 input", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              headline: { default: "Internal key should not be public" },
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues[0].path.join(".")).toBe("blocks.0.elements.0.headline.default");
+  });
+
+  test("preserves arbitrary metadata while normalizing known translatable metadata fields", () => {
+    const parsed = ZV3CreateSurveyBody.parse({
+      ...validCreateBody,
+      metadata: {
+        cx_context: {
+          "de-DE": "This is arbitrary customer metadata, not translation content",
+        },
+        title: {
+          "en-US": "Feedback Survey",
+          "de-DE": "Feedback-Umfrage",
+        },
+      },
+    });
+
+    expect(parsed.metadata).toMatchObject({
+      cx_context: {
+        "de-DE": "This is arbitrary customer metadata, not translation content",
+      },
+      title: {
+        default: "Feedback Survey",
+        "de-DE": "Feedback-Umfrage",
+      },
+    });
+  });
+
+  test("rejects non-link survey types for this survey-template endpoint", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      type: "app",
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues[0].path).toEqual(["type"]);
+  });
+
+  test("rejects malformed locale maps that do not include the default language", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      blocks: [
+        {
+          ...validCreateBody.blocks[0],
+          elements: [
+            {
+              ...validCreateBody.blocks[0].elements[0],
+              headline: { "not a locale": "Hello" },
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(result.success).toBe(false);
+  });
+
+  test("rejects duplicate language entries and disabled default language", () => {
+    const result = ZV3CreateSurveyBody.safeParse({
+      ...validCreateBody,
+      languages: [{ code: "en-US", enabled: false }, { code: "en_us" }],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toEqual(
+      expect.arrayContaining(["languages.0.enabled", "languages.1.code"])
+    );
+  });
+});
+
+describe("ZV3PatchSurveyBody", () => {
+  test("accepts a strict top-level partial and preserves omitted defaults", () => {
+    const parsed = ZV3PatchSurveyBody.parse({
+      name: "Updated survey",
+    });
+
+    expect(parsed).toEqual({ name: "Updated survey" });
+  });
+
+  test("rejects an empty patch body", () => {
+    const result = ZV3PatchSurveyBody.safeParse({});
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues[0]).toMatchObject({
+      message: "Request body must include at least one updatable field",
+    });
+  });
+
+  test("rejects immutable and out-of-scope fields", () => {
+    const result = ZV3PatchSurveyBody.safeParse({
+      id: "clsv1234567890123456789012",
+      workspaceId: "clxx1234567890123456789012",
+      type: "link",
+      questions: [],
+    });
+
+    expect(result.success).toBe(false);
+    expect(result.error?.issues.map((issue) => issue.path.join("."))).toEqual(
+      expect.arrayContaining(["id", "workspaceId", "type", "questions"])
+    );
+  });
+
+  test("normalizes patch translation maps using the current default language", () => {
+    const parsed = createZV3PatchSurveyBodySchema("de-DE").parse({
+      blocks: [
+        {
+          id: "clbk1234567890123456789012",
+          name: "Main Block",
+          elements: [
+            {
+              id: "satisfaction",
+              type: "openText",
+              headline: { de_de: "Hallo", en_us: "Hello" },
+              required: true,
+            },
+          ],
+        },
+      ],
+    });
+
+    expect(parsed.blocks?.[0].elements[0]).toMatchObject({
+      headline: { default: "Hallo", "en-US": "Hello" },
+    });
+    expect(parsed).not.toHaveProperty("defaultLanguage");
+  });
+});
@@ -0,0 +1,274 @@
+import { describe, expect, test } from "vitest";
+import type { TSurvey } from "@formbricks/types/surveys/types";
+import { V3SurveyUnsupportedShapeError, serializeV3SurveyResource } from "./serializers";
+
+const baseSurvey = {
+  id: "survey_1",
+  workspaceId: "workspace_1",
+  createdAt: new Date("2026-04-21T10:00:00.000Z"),
+  updatedAt: new Date("2026-04-21T11:00:00.000Z"),
+  name: "Product Feedback",
+  type: "link",
+  status: "draft",
+  metadata: { cx: "enterprise" },
+  languages: [
+    {
+      default: true,
+      enabled: true,
+      language: { id: "lang_1", code: "en-US", alias: "en", createdAt: new Date(), updatedAt: new Date() },
+    },
+    {
+      default: false,
+      enabled: true,
+      language: { id: "lang_2", code: "de-DE", alias: "de", createdAt: new Date(), updatedAt: new Date() },
+    },
+    {
+      default: false,
+      enabled: false,
+      language: { id: "lang_3", code: "fr-FR", alias: "fr", createdAt: new Date(), updatedAt: new Date() },
+    },
+  ],
+  questions: [],
+  welcomeCard: {
+    enabled: true,
+    headline: { default: "Welcome", "de-DE": "Willkommen", "fr-FR": "Bienvenue" },
+  },
+  blocks: [
+    {
+      id: "block_1",
+      name: "Intro",
+      elements: [
+        {
+          id: "satisfaction",
+          type: "openText",
+          headline: { default: "What should we improve?", "de-DE": "Was sollen wir verbessern?" },
+          subheader: { default: "Tell us more" },
+          required: true,
+        },
+      ],
+    },
+  ],
+  endings: [],
+  hiddenFields: { enabled: false, fieldIds: [] },
+  variables: [],
+} as unknown as TSurvey;
+
+describe("serializeV3SurveyResource", () => {
+  test("returns canonical multilingual fields using real locale codes", () => {
+    const resource = serializeV3SurveyResource(baseSurvey);
+
+    expect(resource.defaultLanguage).toBe("en-US");
+    expect(resource).not.toHaveProperty("language");
+    expect(resource.languages).toEqual([
+      { code: "en-US", default: true, enabled: true },
+      { code: "de-DE", default: false, enabled: true },
+      { code: "fr-FR", default: false, enabled: false },
+    ]);
+    expect(resource).toMatchObject({
+      welcomeCard: {
+        headline: {
+          "en-US": "Welcome",
+          "de-DE": "Willkommen",
+          "fr-FR": "Bienvenue",
+        },
+      },
+    });
+    expect(resource).toMatchObject({
+      blocks: [
+        {
+          elements: [
+            {
+              headline: {
+                "en-US": "What should we improve?",
+                "de-DE": "Was sollen wir verbessern?",
+              },
+            },
+          ],
+        },
+      ],
+    });
+  });
+
+  test("does not expose the internal default pseudo-locale for surveys without configured languages", () => {
+    const survey = {
+      ...baseSurvey,
+      languages: [],
+      welcomeCard: {
+        enabled: true,
+        headline: { default: "Welcome" },
+      },
+      blocks: [
+        {
+          id: "block_1",
+          name: "Intro",
+          elements: [
+            {
+              id: "satisfaction",
+              type: "openText",
+              headline: { default: "What should we improve?" },
+              required: true,
+            },
+          ],
+        },
+      ],
+    } as unknown as TSurvey;
+
+    const resource = serializeV3SurveyResource(survey);
+
+    expect(resource.defaultLanguage).toBe("en-US");
+    expect(resource.languages).toEqual([{ code: "en-US", default: true, enabled: true }]);
+    expect(resource).toMatchObject({
+      welcomeCard: { headline: { "en-US": "Welcome" } },
+      blocks: [
+        {
+          elements: [
+            {
+              headline: { "en-US": "What should we improve?" },
+            },
+          ],
+        },
+      ],
+    });
+  });
+
+  test("filters the implicit default language for surveys without configured languages", () => {
+    const survey = {
+      ...baseSurvey,
+      languages: [],
+      welcomeCard: {
+        enabled: true,
+        headline: { default: "Welcome" },
+      },
+    } as unknown as TSurvey;
+
+    const resource = serializeV3SurveyResource(survey, { lang: ["en"] });
+
+    expect(resource).not.toHaveProperty("language");
+    expect(resource).toMatchObject({ welcomeCard: { headline: { "en-US": "Welcome" } } });
+  });
+
+  test("preserves stored locale variants when their keys use non-canonical casing or separators", () => {
+    const survey = {
+      ...baseSurvey,
+      welcomeCard: {
+        enabled: true,
+        headline: { default: "Welcome", de_de: "Willkommen" },
+      },
+    } as unknown as TSurvey;
+
+    const resource = serializeV3SurveyResource(survey);
+
+    expect(resource).toMatchObject({
+      welcomeCard: {
+        headline: {
+          "en-US": "Welcome",
+          "de-DE": "Willkommen",
+        },
+      },
+    });
+  });
+
+  test("filters fields for case-insensitive underscore language selectors while preserving maps", () => {
+    const resource = serializeV3SurveyResource(baseSurvey, { lang: ["DE_de"] });
+
+    expect(resource).not.toHaveProperty("language");
+    expect(resource).toMatchObject({
+      welcomeCard: { headline: { "de-DE": "Willkommen" } },
+      blocks: [
+        {
+          elements: [
+            {
+              headline: { "de-DE": "Was sollen wir verbessern?" },
+              subheader: { "de-DE": "Tell us more" },
+            },
+          ],
+        },
+      ],
+    });
+  });
+
+  test("resolves language-only selectors against configured survey languages", () => {
+    const resource = serializeV3SurveyResource(baseSurvey, { lang: ["de"] });
+
+    expect(resource).toMatchObject({ welcomeCard: { headline: { "de-DE": "Willkommen" } } });
+  });
+
+  test("filters disabled configured languages for management reads", () => {
+    const resource = serializeV3SurveyResource(baseSurvey, { lang: ["fr"] });
+
+    expect(resource).toMatchObject({ welcomeCard: { headline: { "fr-FR": "Bienvenue" } } });
+  });
+
+  test("filters multiple requested languages while preserving maps", () => {
+    const resource = serializeV3SurveyResource(baseSurvey, { lang: ["en-US", "de"] });
+
+    expect(resource).not.toHaveProperty("language");
+    expect(resource).toMatchObject({
+      welcomeCard: {
+        headline: {
+          "en-US": "Welcome",
+          "de-DE": "Willkommen",
+        },
+      },
+      blocks: [
+        {
+          elements: [
+            {
+              headline: {
+                "en-US": "What should we improve?",
+                "de-DE": "Was sollen wir verbessern?",
+              },
+            },
+          ],
+        },
+      ],
+    });
+  });
+
+  test("rejects ambiguous language-only selectors", () => {
+    const survey = {
+      ...baseSurvey,
+      languages: [
+        {
+          default: true,
+          enabled: true,
+          language: {
+            id: "lang_1",
+            code: "pt-BR",
+            alias: "br",
+            createdAt: new Date(),
+            updatedAt: new Date(),
+          },
+        },
+        {
+          default: false,
+          enabled: true,
+          language: {
+            id: "lang_2",
+            code: "pt-PT",
+            alias: "pt",
+            createdAt: new Date(),
+            updatedAt: new Date(),
+          },
+        },
+      ],
+    } as unknown as TSurvey;
+
+    expect(() => serializeV3SurveyResource(survey, { lang: ["pt"] })).toThrow(
+      "Language 'pt' is ambiguous for this survey; use one of pt-BR, pt-PT"
+    );
+  });
+
+  test("rejects legacy question-based survey shapes instead of returning an incomplete block resource", () => {
+    const survey = {
+      ...baseSurvey,
+      questions: [{ id: "legacy_question", type: "openText", headline: { default: "Legacy question" } }],
+      blocks: [],
+    } as unknown as TSurvey;
+
+    expect(() => serializeV3SurveyResource(survey)).toThrow(V3SurveyUnsupportedShapeError);
+    expect(() => serializeV3SurveyResource(survey)).toThrow(
+      "Legacy question-based surveys are not supported by the v3 survey management API"
+    );
+  });
+});
@@ -1,13 +1,170 @@
-import type { TSurvey } from "@/modules/survey/list/types/surveys";
+import type { TSurvey as TInternalSurvey } from "@formbricks/types/surveys/types";
+import type { TSurvey as TSurveyListRecord } from "@/modules/survey/list/types/surveys";
+import {
+  type TV3SurveyLanguage,
+  getV3SurveyDefaultLanguage,
+  getV3SurveyLanguages,
+  normalizeV3SurveyLanguageTag,
+  resolveV3SurveyLanguageCode,
+} from "./language";

-export type TV3SurveyListItem = Omit<TSurvey, "singleUse">;
+export type TV3SurveyListItem = Omit<TSurveyListRecord, "singleUse">;
+const DEFAULT_V3_SURVEY_LANGUAGE = "en-US";
+
+type TSerializedValue =
+  | string
+  | number
+  | boolean
+  | null
+  | TSerializedValue[]
+  | { [key: string]: TSerializedValue };
+
+export class V3SurveyLanguageError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "V3SurveyLanguageError";
+  }
+}
+
+export class V3SurveyUnsupportedShapeError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "V3SurveyUnsupportedShapeError";
+  }
+}

 /**
 * Keep the v3 API contract isolated from internal persistence naming.
 * Surveys are scoped by workspaceId.
 */
-export function serializeV3SurveyListItem(survey: TSurvey): TV3SurveyListItem {
+export function serializeV3SurveyListItem(survey: TSurveyListRecord): TV3SurveyListItem {
  const { singleUse: _omitSingleUse, ...rest } = survey;

  return rest;
 }
+
+function toIsoString(value: Date | string): string {
+  return value instanceof Date ? value.toISOString() : new Date(value).toISOString();
+}
+
+function isPlainObject(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function isI18nString(value: unknown): value is Record<string, string> {
+  return (
+    isPlainObject(value) &&
+    typeof value.default === "string" &&
+    Object.values(value).every((entry) => typeof entry === "string")
+  );
+}
+
+function getI18nValueForLanguage(value: Record<string, string>, languageCode: string): string | undefined {
+  if (typeof value[languageCode] === "string") {
+    return value[languageCode];
+  }
+
+  const matchingKey = Object.keys(value).find(
+    (key) => normalizeV3SurveyLanguageTag(key)?.toLowerCase() === languageCode.toLowerCase()
+  );
+  return matchingKey ? value[matchingKey] : undefined;
+}
+
+function serializeCanonicalValue(
+  value: unknown,
+  defaultLanguage: string,
+  languageCodes: Set<string>,
+  options?: { fallbackMissingTranslations?: boolean }
+): TSerializedValue {
+  if (isI18nString(value)) {
+    const result: Record<string, string> = {
+      [defaultLanguage]: value.default,
+    };
+
+    for (const languageCode of languageCodes) {
+      const translatedValue = getI18nValueForLanguage(value, languageCode);
+      if (languageCode !== defaultLanguage) {
+        if (translatedValue !== undefined) {
+          result[languageCode] = translatedValue;
+        } else if (options?.fallbackMissingTranslations) {
+          result[languageCode] = value.default;
+        }
+      }
+    }
+
+    if (!languageCodes.has(defaultLanguage)) {
+      delete result[defaultLanguage];
+    }
+
+    return result;
+  }
+
+  if (Array.isArray(value)) {
+    return value.map((entry) => serializeCanonicalValue(entry, defaultLanguage, languageCodes, options));
+  }
+
+  if (isPlainObject(value)) {
+    return Object.fromEntries(
+      Object.entries(value).map(([key, entry]) => [
+        key,
+        serializeCanonicalValue(entry, defaultLanguage, languageCodes, options),
+      ])
+    );
+  }
+
+  return value as TSerializedValue;
+}
+
+function resolveRequestedLanguage(languages: TV3SurveyLanguage[], language: string): string {
+  const result = resolveV3SurveyLanguageCode(language, languages);
+
+  if (!result.ok) {
+    throw new V3SurveyLanguageError(result.message);
+  }
+
+  return result.code;
+}
+
+function resolveRequestedLanguages(languages: TV3SurveyLanguage[], requestedLanguages?: string[]): string[] {
+  if (!requestedLanguages) {
+    return [];
+  }
+
+  return requestedLanguages.map((language) => resolveRequestedLanguage(languages, language));
+}
+
+export function serializeV3SurveyResource(survey: TInternalSurvey, options?: { lang?: string[] }) {
+  if (Array.isArray(survey.questions) && survey.questions.length > 0) {
+    throw new V3SurveyUnsupportedShapeError(
+      "Legacy question-based surveys are not supported by the v3 survey management API"
+    );
+  }
+
+  const defaultLanguage = getV3SurveyDefaultLanguage(survey, DEFAULT_V3_SURVEY_LANGUAGE);
+  const languages = getV3SurveyLanguages(survey, DEFAULT_V3_SURVEY_LANGUAGE);
+  const configuredLanguageCodes = new Set(languages.map((language) => language.code));
+  const requestedLanguages = resolveRequestedLanguages(languages, options?.lang);
+  const languageCodes = requestedLanguages.length > 0 ? new Set(requestedLanguages) : configuredLanguageCodes;
+  const serializeValue = (value: unknown) =>
+    serializeCanonicalValue(value, defaultLanguage, languageCodes, {
+      fallbackMissingTranslations: requestedLanguages.length > 0,
+    });
+
+  return {
+    id: survey.id,
+    workspaceId: survey.workspaceId,
+    createdAt: toIsoString(survey.createdAt),
+    updatedAt: toIsoString(survey.updatedAt),
+    name: survey.name,
+    type: survey.type,
+    status: survey.status,
+    metadata: survey.metadata,
+    defaultLanguage,
+    languages,
+    welcomeCard: serializeValue(survey.welcomeCard),
+    blocks: serializeValue(survey.blocks),
+    endings: serializeValue(survey.endings),
+    hiddenFields: survey.hiddenFields,
+    variables: survey.variables,
+  };
+}
@@ -0,0 +1,108 @@
+import { z } from "zod";
+import { logger } from "@formbricks/logger";
+import { DatabaseError } from "@formbricks/types/errors";
+import { withV3ApiWrapper } from "@/app/api/v3/lib/api-wrapper";
+import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
+import { problemInternalError, successResponse } from "@/app/api/v3/lib/response";
+import { getAuthorizedV3Survey } from "../authorization";
+import {
+  type TV3SurveyPrepareResult,
+  prepareV3SurveyCreateInput,
+  prepareV3SurveyPatchInput,
+} from "../prepare";
+import { type TV3SurveyDocument, ZV3EmptyQuery, ZV3SurveyValidationRequestBody } from "../schemas";
+
+const createWorkspaceSchema = z.object({
+  workspaceId: z.cuid2(),
+});
+
+function serializeValidationResult<TDocument extends TV3SurveyDocument>(
+  operation: "create" | "patch",
+  preparation: TV3SurveyPrepareResult<TDocument>
+) {
+  if (!preparation.ok) {
+    return {
+      valid: false,
+      operation,
+      invalid_params: preparation.validation.invalidParams,
+    };
+  }
+
+  return {
+    valid: true,
+    operation,
+    invalid_params: [],
+    languages: preparation.languageRequests.map((languageRequest) => ({
+      ...languageRequest,
+      writeBehavior: "connect_or_create" as const,
+    })),
+  };
+}
+
+export const POST = withV3ApiWrapper({
+  auth: "both",
+  schemas: {
+    body: ZV3SurveyValidationRequestBody,
+    query: ZV3EmptyQuery,
+  },
+  handler: async ({ parsedInput, authentication, requestId, instance }) => {
+    const { body } = parsedInput;
+    const log = logger.withContext({ requestId, operation: body.operation });
+
+    try {
+      if (body.operation === "create") {
+        const workspaceResult = createWorkspaceSchema.safeParse(body.data);
+        if (workspaceResult.success) {
+          const authResult = await requireV3WorkspaceAccess(
+            authentication,
+            workspaceResult.data.workspaceId,
+            "readWrite",
+            requestId,
+            instance
+          );
+
+          if (authResult instanceof Response) {
+            return authResult;
+          }
+        }
+
+        return successResponse(serializeValidationResult("create", prepareV3SurveyCreateInput(body.data)), {
+          requestId,
+          cache: "private, no-store",
+        });
+      }
+
+      const { survey, response } = await getAuthorizedV3Survey({
+        surveyId: body.surveyId,
+        authentication,
+        access: "readWrite",
+        requestId,
+        instance,
+      });
+
+      if (response) {
+        log.warn(
+          { statusCode: response.status, surveyId: body.surveyId },
+          "Survey not found or not accessible"
+        );
+        return response;
+      }
+
+      return successResponse(
+        serializeValidationResult("patch", prepareV3SurveyPatchInput(survey, body.data)),
+        {
+          requestId,
+          cache: "private, no-store",
+        }
+      );
+    } catch (error) {
+      if (error instanceof DatabaseError) {
+        log.error({ error, statusCode: 500 }, "Database error");
+        return problemInternalError(requestId, "An unexpected error occurred.", instance);
+      }
+
+      log.error({ error, statusCode: 500 }, "V3 survey validation unexpected error");
+      return problemInternalError(requestId, "An unexpected error occurred.", instance);
+    }
+  },
+});
@@ -0,0 +1,27 @@
+import type { InvalidParam } from "@/app/api/v3/lib/response";
+import { validateV3SurveyReferences } from "./reference-validation";
+import type { TV3SurveyDocument } from "./schemas";
+
+export type TV3SurveyDocumentValidationResult =
+  | { valid: true; invalidParams: [] }
+  | { valid: false; invalidParams: InvalidParam[] };
+
+export function validateV3SurveyDocument(document: TV3SurveyDocument): TV3SurveyDocumentValidationResult {
+  const referenceValidation = validateV3SurveyReferences({
+    blocks: document.blocks,
+    endings: document.endings,
+    hiddenFields: document.hiddenFields,
+    metadata: document.metadata,
+    variables: document.variables,
+    welcomeCard: document.welcomeCard,
+  });
+
+  if (!referenceValidation.ok) {
+    return {
+      valid: false,
+      invalidParams: referenceValidation.invalidParams,
+    };
+  }
+
+  return { valid: true, invalidParams: [] };
+}
@@ -2587,7 +2587,6 @@ checksums:
    workspace/settings/profile/email_confirmation_does_not_match: eee9d13af9ca8c1f21b46fee764605ac
    workspace/settings/profile/enable_two_factor_authentication: 476d45754f584b25cc66ab00eccbefaa
    workspace/settings/profile/enter_the_code_from_your_authenticator_app_below: 9bae7024a84c2be6e2725b187e2244f9
-    workspace/settings/profile/google_sso_account_deletion_requires_setup: b2b60bb8bd1297f8b78af44b461733f5
    workspace/settings/profile/lost_access: 70292321ff8232218d2261b11c40bc0a
    workspace/settings/profile/or_enter_the_following_code_manually: c209f319f38984d8718cd272a2a60b97
    workspace/settings/profile/organizations_delete_message: 9ca1794c9a63c8d82462abcf7109d31f
@@ -2598,8 +2597,8 @@ checksums:
    workspace/settings/profile/save_the_following_backup_codes_in_a_safe_place: a5b9d38083770375f2372f93ac9a7b2b
    workspace/settings/profile/scan_the_qr_code_below_with_your_authenticator_app: 5a6b60928590ce3b6be1bdf1d34cd45e
    workspace/settings/profile/security_description: e833adde4e3e26795e61a93619c6caec
-    workspace/settings/profile/sso_reauthentication_failed: 1b2f4047fcec5571c67ee3235ad70853
-    workspace/settings/profile/sso_reauthentication_may_be_required_for_deletion: f2e0c238a701bd504a9527113b4f22e4
+    workspace/settings/profile/sso_identity_confirmation_failed: 9d0fcabd5321c07af1caf627b0c68bdf
+    workspace/settings/profile/sso_identity_confirmation_may_be_required_for_deletion: a220681b82105f16803bb542853809f4
    workspace/settings/profile/two_factor_authentication: 97a428a54e41d68810a12dbae075f371
    workspace/settings/profile/two_factor_authentication_description: 1429e4eeaea193f15fb508875d4fb601
    workspace/settings/profile/two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app: 308ba145b3dc485ff4f17387e977b1f9
@@ -25,7 +25,8 @@ export const TERMS_URL = env.TERMS_URL;
 export const IMPRINT_URL = env.IMPRINT_URL;
 export const IMPRINT_ADDRESS = env.IMPRINT_ADDRESS;

-export const DISABLE_ACCOUNT_DELETION_SSO_REAUTH = env.DISABLE_ACCOUNT_DELETION_SSO_REAUTH === "1";
+export const DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION =
+  env.DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION === "1";
 export const DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS = env.DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS === "1";
 export const DEBUG_SHOW_RESET_LINK = !IS_PRODUCTION && env.DEBUG_SHOW_RESET_LINK === "1";
 export const PASSWORD_RESET_DISABLED = env.PASSWORD_RESET_DISABLED === "1";
@@ -33,7 +34,6 @@ export const PASSWORD_RESET_TOKEN_LIFETIME_MINUTES = env.PASSWORD_RESET_TOKEN_LI
 export const EMAIL_VERIFICATION_DISABLED = env.EMAIL_VERIFICATION_DISABLED === "1";

 export const GOOGLE_OAUTH_ENABLED = !!(env.GOOGLE_CLIENT_ID && env.GOOGLE_CLIENT_SECRET);
-export const GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED = env.GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED === "1";
 export const GITHUB_OAUTH_ENABLED = !!(env.GITHUB_ID && env.GITHUB_SECRET);
 export const AZURE_OAUTH_ENABLED = !!(env.AZUREAD_CLIENT_ID && env.AZUREAD_CLIENT_SECRET);
 export const OIDC_OAUTH_ENABLED = !!(env.OIDC_CLIENT_ID && env.OIDC_CLIENT_SECRET && env.OIDC_ISSUER);
@@ -153,7 +153,7 @@ const parsedEnv = createEnv({
    BREVO_API_KEY: z.string().optional(),
    BREVO_LIST_ID: z.string().optional(),
    DATABASE_URL: z.url(),
-    DISABLE_ACCOUNT_DELETION_SSO_REAUTH: z.enum(["1", "0"]).optional(),
+    DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION: z.enum(["1", "0"]).optional(),
    DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS: z.enum(["1", "0"]).optional(),
    DEBUG_SHOW_RESET_LINK: z.enum(["1", "0"]).optional(),
    // DEBUG is a common ambient env var in CI/tooling, so we accept arbitrary strings here
@@ -173,7 +173,6 @@ const parsedEnv = createEnv({
    ENVIRONMENT: z.enum(["production", "staging"]).prefault("production"),
    GITHUB_ID: z.string().optional(),
    GITHUB_SECRET: z.string().optional(),
-    GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED: z.enum(["1", "0"]).optional(),
    GOOGLE_CLIENT_ID: z.string().optional(),
    GOOGLE_CLIENT_SECRET: z.string().optional(),
    AI_GOOGLE_CLOUD_PROJECT: z.string().optional(),
@@ -315,7 +314,7 @@ const parsedEnv = createEnv({
    BREVO_LIST_ID: process.env.BREVO_LIST_ID,
    CRON_SECRET: process.env.CRON_SECRET,
    DATABASE_URL: process.env.DATABASE_URL,
-    DISABLE_ACCOUNT_DELETION_SSO_REAUTH: process.env.DISABLE_ACCOUNT_DELETION_SSO_REAUTH,
+    DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION: process.env.DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION,
    DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS: process.env.DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS,
    DEBUG: process.env.DEBUG,
    DEBUG_SHOW_RESET_LINK: process.env.DEBUG_SHOW_RESET_LINK,
@@ -333,7 +332,6 @@ const parsedEnv = createEnv({
    ENVIRONMENT: process.env.ENVIRONMENT,
    GITHUB_ID: process.env.GITHUB_ID,
    GITHUB_SECRET: process.env.GITHUB_SECRET,
-    GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED: process.env.GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED,
    GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID,
    GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET,
    AI_GOOGLE_CLOUD_PROJECT: process.env.AI_GOOGLE_CLOUD_PROJECT,
@@ -1126,7 +1126,7 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
      });
    });

-    describe("account deletion SSO reauthentication intents", () => {
+    describe("account deletion SSO identity confirmation intents", () => {
      const accountDeletionIntent = {
        id: "intent-id",
        userId: mockUser.id,
@@ -1137,7 +1137,7 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        returnToUrl: "http://localhost:3000/environments/env-1/settings/profile",
      };

-      test("round-trips encrypted account deletion reauth intents", () => {
+      test("round-trips encrypted account deletion SSO identity confirmation intents", () => {
        const token = createAccountDeletionSsoReauthIntent(accountDeletionIntent);

        expect(verifyAccountDeletionSsoReauthIntent(token)).toEqual(accountDeletionIntent);
@@ -1154,14 +1154,14 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        );
      });

-      test("creates account deletion reauth intents with a ten minute default expiry", () => {
+      test("creates account deletion SSO identity confirmation intents with a ten minute default expiry", () => {
        const token = createAccountDeletionSsoReauthIntent(accountDeletionIntent);
        const decoded = jwt.decode(token) as any;

        expect(decoded.exp - decoded.iat).toBe(10 * 60);
      });

-      test("rejects account deletion reauth intents with the wrong purpose", () => {
+      test("rejects account deletion SSO identity confirmation intents with the wrong purpose", () => {
        const token = jwt.sign(
          {
            id: crypto.symmetricEncrypt(accountDeletionIntent.id, TEST_ENCRYPTION_KEY),
@@ -1183,7 +1183,7 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        );
      });

-      test("rejects account deletion reauth intents missing required fields", () => {
+      test("rejects account deletion SSO identity confirmation intents missing required fields", () => {
        const token = jwt.sign(
          {
            id: crypto.symmetricEncrypt(accountDeletionIntent.id, TEST_ENCRYPTION_KEY),
@@ -1204,7 +1204,7 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        );
      });

-      test("rejects expired account deletion reauth intents", () => {
+      test("rejects expired account deletion SSO identity confirmation intents", () => {
        const expiredToken = jwt.sign(
          {
            id: crypto.symmetricEncrypt(accountDeletionIntent.id, TEST_ENCRYPTION_KEY),
@@ -1225,7 +1225,7 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        expect(() => verifyAccountDeletionSsoReauthIntent(expiredToken)).toThrow();
      });

-      test("throws when account deletion reauth intent secrets are missing", async () => {
+      test("throws when account deletion SSO identity confirmation intent secrets are missing", async () => {
        await testMissingSecretsError(createAccountDeletionSsoReauthIntent, [accountDeletionIntent]);

        const token = jwt.sign(
@@ -733,6 +733,85 @@ describe("Tests for createSurvey", () => {
        })
      );
    });
+
+    test("creates survey languages from validated language inputs", async () => {
+      vi.mocked(getOrganizationByWorkspaceId).mockResolvedValueOnce(mockOrganizationOutput);
+      prisma.survey.create.mockResolvedValueOnce({
+        ...mockSurveyOutput,
+      });
+
+      await createSurvey(mockWorkspaceId, {
+        ...mockCreateSurveyInput,
+        languages: [
+          {
+            default: true,
+            enabled: true,
+            language: {
+              id: "cllang12345678901234567890",
+              code: "en-US",
+              alias: null,
+              workspaceId: mockWorkspaceId,
+              createdAt: new Date(),
+              updatedAt: new Date(),
+            },
+          },
+        ],
+      });
+
+      expect(prisma.survey.create).toHaveBeenCalledWith(
+        expect.objectContaining({
+          data: expect.objectContaining({
+            languages: {
+              create: [
+                {
+                  language: {
+                    connect: {
+                      id: "cllang12345678901234567890",
+                    },
+                  },
+                  default: true,
+                  enabled: true,
+                },
+              ],
+            },
+          }),
+        })
+      );
+    });
+
+    test("preserves an explicitly provided segment relation for existing callers", async () => {
+      vi.mocked(getOrganizationByWorkspaceId).mockResolvedValueOnce(mockOrganizationOutput);
+      prisma.survey.create.mockResolvedValueOnce({
+        ...mockSurveyOutput,
+      });
+
+      await createSurvey(mockWorkspaceId, {
+        ...mockCreateSurveyInput,
+        segment: {
+          id: "clseg123456789012345678901",
+          title: "Segment",
+          description: null,
+          isPrivate: false,
+          filters: [],
+          workspaceId: mockWorkspaceId,
+          surveys: [],
+          createdAt: new Date(),
+          updatedAt: new Date(),
+        },
+      });
+
+      expect(prisma.survey.create).toHaveBeenCalledWith(
+        expect.objectContaining({
+          data: expect.objectContaining({
+            segment: {
+              connect: {
+                id: "clseg123456789012345678901",
+              },
+            },
+          }),
+        })
+      );
+    });
  });

  describe("Sad Path", () => {
@@ -628,9 +628,23 @@ export const createSurvey = async (workspaceId: string, surveyBody: TSurveyCreat
  );

  try {
-    const { createdBy, languages, ...restSurveyBody } = parsedSurveyBody;
+    const { createdBy, languages, segment, followUps, ...restSurveyBody } = parsedSurveyBody;
    const normalizedCloseOn = restSurveyBody.closeOn instanceof Date ? restSurveyBody.closeOn : null;
    const normalizedPublishOn = restSurveyBody.publishOn instanceof Date ? restSurveyBody.publishOn : null;
+    const surveyLanguagesCreateData: Prisma.SurveyLanguageCreateNestedManyWithoutSurveyInput | undefined =
+      languages?.length
+        ? {
+            create: languages.map((surveyLanguage) => ({
+              language: {
+                connect: {
+                  id: surveyLanguage.language.id,
+                },
+              },
+              default: surveyLanguage.default,
+              enabled: surveyLanguage.enabled,
+            })),
+          }
+        : undefined;

    const actionClasses = await getActionClasses(parsedWorkspaceId);

@@ -641,18 +655,15 @@ export const createSurvey = async (workspaceId: string, surveyBody: TSurveyCreat
        publishOn: normalizedPublishOn,
        status: restSurveyBody.status ?? "draft",
      }),
-      // @ts-expect-error - languages would be undefined in case of empty array
-      languages: languages?.length ? languages : undefined,
+      languages: surveyLanguagesCreateData,
+      segment: segment?.id ? { connect: { id: segment.id } } : undefined,
      triggers: restSurveyBody.triggers
        ? handleTriggerUpdates(restSurveyBody.triggers, [], actionClasses)
        : undefined,
      attributeFilters: undefined,
    };
    const data = validateSurveyCreateDataMedia(
-      attachSurveyFollowUpsToCreateData(
-        attachSurveyCreatorToCreateData(baseData, createdBy),
-        restSurveyBody.followUps
-      )
+      attachSurveyFollowUpsToCreateData(attachSurveyCreatorToCreateData(baseData, createdBy), followUps)
    );

    const organization = await getOrganizationByWorkspaceId(parsedWorkspaceId);
@@ -5,7 +5,6 @@ import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import {
  AuthenticationError,
  AuthorizationError,
-  ConfigurationError,
  EXPECTED_ERROR_NAMES,
  INVALID_PASSWORD_RESET_TOKEN_ERROR_CODE,
  InvalidInputError,
@@ -75,7 +74,6 @@ describe("isExpectedError (shared helper)", () => {
      "ValidationError",
      "AuthenticationError",
      "OperationNotAllowedError",
-      "ConfigurationError",
      "QueryExecutionError",
      "TooManyRequestsError",
      "InvalidPasswordResetTokenError",
@@ -96,7 +94,6 @@ describe("isExpectedError (shared helper)", () => {
    { ErrorClass: InvalidInputError, args: ["Invalid input"] },
    { ErrorClass: ValidationError, args: ["Invalid data"] },
    { ErrorClass: OperationNotAllowedError, args: ["Not allowed"] },
-    { ErrorClass: ConfigurationError, args: ["Cube is not configured"] },
    { ErrorClass: QueryExecutionError, args: ["Cube query failed. Details: connect ECONNREFUSED"] },
    { ErrorClass: InvalidPasswordResetTokenError, args: [INVALID_PASSWORD_RESET_TOKEN_ERROR_CODE] },
    { ErrorClass: UniqueConstraintError, args: ["Already exists"] },
@@ -188,12 +185,6 @@ describe("actionClient handleServerError", () => {
      expect(Sentry.captureException).not.toHaveBeenCalled();
    });

-    test("ConfigurationError returns its message and is not sent to Sentry", async () => {
-      const result = await executeThrowingAction(new ConfigurationError("Cube is not configured"));
-      expect(result?.serverError).toBe("Cube is not configured");
-      expect(Sentry.captureException).not.toHaveBeenCalled();
-    });
-
    test("QueryExecutionError returns its message and is not sent to Sentry", async () => {
      const result = await executeThrowingAction(
        new QueryExecutionError("Cube query failed. Details: connect ECONNREFUSED")
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "E-Mail-Bestätigung stimmt nicht überein.",
        "enable_two_factor_authentication": "Zwei-Faktor-Authentifizierung aktivieren",
        "enter_the_code_from_your_authenticator_app_below": "Gib unten den Code aus deiner Authentifizierungs-App ein.",
-        "google_sso_account_deletion_requires_setup": "Wir konnten deine Identität nicht mit deinem SSO-Anbieter bestätigen. Bitte versuche es erneut oder kontaktiere deinen Administrator.",
        "lost_access": "Zugang verloren",
        "or_enter_the_following_code_manually": "Oder gib folgenden Code manuell ein:",
        "organizations_delete_message": "Du bist der einzige Inhaber dieser Organisationen, daher <b>werden sie ebenfalls gelöscht.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Speichere die folgenden Backup-Codes an einem sicheren Ort.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Scanne den QR-Code unten mit deiner Authenticator-App.",
        "security_description": "Verwalte dein Passwort und andere Sicherheitseinstellungen wie die Zwei-Faktor-Authentifizierung (2FA).",
-        "sso_reauthentication_failed": "SSO-Neuauthentifizierung fehlgeschlagen. Bitte versuche erneut, dein Konto zu löschen.",
-        "sso_reauthentication_may_be_required_for_deletion": "Bei SSO-Konten kann die Auswahl von „Löschen“ zu einer Weiterleitung zu deinem Identitätsanbieter führen. Wenn deine Identität bestätigt wird, wird dein Konto automatisch gelöscht.",
+        "sso_identity_confirmation_failed": "SSO-Identitätsbestätigung fehlgeschlagen. Bitte versuche erneut, dein Konto zu löschen.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Bei SSO-Konten kann dich die Auswahl von Löschen zu deinem Identitätsanbieter weiterleiten, um dieses Konto zu bestätigen. Wenn dasselbe Konto bestätigt wird, wird die Löschung automatisch fortgesetzt.",
        "two_factor_authentication": "Zwei-Faktor-Authentifizierung",
        "two_factor_authentication_description": "Füge deinem Konto eine zusätzliche Sicherheitsebene hinzu, falls dein Passwort gestohlen wird.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Zwei-Faktor-Authentifizierung aktiviert. Bitte gib den sechsstelligen Code aus deiner Authenticator-App ein.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Enable two factor authentication",
        "enter_the_code_from_your_authenticator_app_below": "Enter the code from your authenticator app below.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Lost access",
        "or_enter_the_following_code_manually": "Or enter the following code manually:",
        "organizations_delete_message": "You are the only owner of these organizations, so they <b>will be deleted as well.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Save the following backup codes in a safe place.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Scan the QR code below with your authenticator app.",
        "security_description": "Manage your password and other security settings like two-factor authentication (2FA).",
-        "sso_reauthentication_failed": "SSO reauthentication failed. Please try deleting your account again.",
-        "sso_reauthentication_may_be_required_for_deletion": "For SSO accounts, selecting Delete may redirect you to your identity provider. If your identity is confirmed, your account will be deleted automatically.",
+        "sso_identity_confirmation_failed": "SSO identity confirmation failed. Please try deleting your account again.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "For SSO accounts, selecting Delete may redirect you to your identity provider to confirm this account. If the same account is confirmed, deletion continues automatically.",
        "two_factor_authentication": "Two factor authentication",
        "two_factor_authentication_description": "Add an extra layer of security to your account in case your password is stolen.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Two-factor authentication enabled. Please enter the six-digit code from your authenticator app.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Activar autenticación de dos factores",
        "enter_the_code_from_your_authenticator_app_below": "Introduce el código de tu aplicación de autenticación a continuación.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Acceso perdido",
        "or_enter_the_following_code_manually": "O introduce el siguiente código manualmente:",
        "organizations_delete_message": "Eres el único propietario de estas organizaciones, por lo que <b>también serán eliminadas.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Guarda los siguientes códigos de respaldo en un lugar seguro.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Escanea el código QR a continuación con tu aplicación de autenticación.",
        "security_description": "Gestiona tu contraseña y otros ajustes de seguridad como la autenticación de dos factores (2FA).",
-        "sso_reauthentication_failed": "La reautenticación SSO falló. Intenta eliminar tu cuenta de nuevo.",
-        "sso_reauthentication_may_be_required_for_deletion": "En las cuentas SSO, al seleccionar Eliminar es posible que se te redirija a tu proveedor de identidad. Si se confirma tu identidad, tu cuenta se eliminará automáticamente.",
+        "sso_identity_confirmation_failed": "No se pudo confirmar la identidad mediante SSO. Intenta eliminar tu cuenta de nuevo.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "En las cuentas SSO, al seleccionar Eliminar es posible que se te redirija a tu proveedor de identidad para confirmar esta cuenta. Si se confirma la misma cuenta, la eliminación continuará automáticamente.",
        "two_factor_authentication": "Autenticación de dos factores",
        "two_factor_authentication_description": "Añade una capa adicional de seguridad a tu cuenta en caso de que tu contraseña sea robada.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Autenticación de dos factores activada. Por favor, introduce el código de seis dígitos de tu aplicación de autenticación.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Activer l'authentification à deux facteurs",
        "enter_the_code_from_your_authenticator_app_below": "Entrez le code de votre application d'authentification ci-dessous.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Accès perdu",
        "or_enter_the_following_code_manually": "Ou entrez le code suivant manuellement :",
        "organizations_delete_message": "Tu es le seul propriétaire de ces organisations, elles <b>seront aussi supprimées.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Enregistrez les codes de sauvegarde suivants dans un endroit sûr.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Scannez le code QR ci-dessous avec votre application d'authentification.",
        "security_description": "Gérez votre mot de passe et d'autres paramètres de sécurité comme l'authentification à deux facteurs (2FA).",
-        "sso_reauthentication_failed": "La réauthentification SSO a échoué. Veuillez réessayer de supprimer votre compte.",
-        "sso_reauthentication_may_be_required_for_deletion": "Pour les comptes SSO, sélectionner Supprimer peut vous rediriger vers votre fournisseur d'identité. Si votre identité est confirmée, votre compte sera supprimé automatiquement.",
+        "sso_identity_confirmation_failed": "La confirmation d'identité SSO a échoué. Veuillez réessayer de supprimer votre compte.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Pour les comptes SSO, sélectionner Supprimer peut vous rediriger vers votre fournisseur d'identité afin de confirmer ce compte. Si le même compte est confirmé, la suppression se poursuit automatiquement.",
        "two_factor_authentication": "Authentification à deux facteurs",
        "two_factor_authentication_description": "Ajoutez une couche de sécurité supplémentaire à votre compte au cas où votre mot de passe serait volé.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Authentification à deux facteurs activée. Veuillez entrer le code à six chiffres de votre application d'authentification.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Az e-mail-cím megerősítése nem egyezik.",
        "enable_two_factor_authentication": "Kétfaktoros hitelesítés engedélyezése",
        "enter_the_code_from_your_authenticator_app_below": "Adja meg a hitelesítő alkalmazásból származó kódot lent.",
-        "google_sso_account_deletion_requires_setup": "Nem tudtuk megerősíteni a személyazonosságát az SSO-szolgáltatóval. Próbálja meg újra, vagy vegye fel a kapcsolatot az adminisztrátorral.",
        "lost_access": "Elvesztett hozzáférés",
        "or_enter_the_following_code_manually": "Vagy adja meg a következő kódot kézileg:",
        "organizations_delete_message": "Ön az egyetlen tulajdonosa ezeknek a szervezeteknek, ezért <b>azok is törölve lesznek.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Mentse el a következő visszaszerzési kódokat egy biztonságos helyre.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Olvassa be a lenti QR-kódot a hitelesítő alkalmazásával.",
        "security_description": "A jelszava és egyéb biztonsági beállítások, például a kétfaktoros hitelesítés (2FA) kezelése.",
-        "sso_reauthentication_failed": "Az SSO újrahitelesítése nem sikerült. Próbálja meg újra törölni a fiókját.",
-        "sso_reauthentication_may_be_required_for_deletion": "SSO-fiókoknál a Törlés kiválasztása átirányíthatja Önt a személyazonosság-szolgáltatójához. Ha a személyazonossága megerősítésre került, akkor a fiókja automatikusan törölve lesz.",
+        "sso_identity_confirmation_failed": "Az SSO-identitás megerősítése nem sikerült. Kérjük, próbáld meg újra törölni a fiókodat.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "SSO-fiókok esetén a Törlés kiválasztása átirányíthat az identitásszolgáltatóhoz a fiók megerősítéséhez. Ha ugyanazt a fiókot erősítik meg, a törlés automatikusan folytatódik.",
        "two_factor_authentication": "Kétfaktoros hitelesítés",
        "two_factor_authentication_description": "További biztonsági réteg hozzáadása a fiókjához arra az esetre, ha a jelszavát ellopnák.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "A kétfaktoros hitelesítés engedélyezve van. Adja a meg a 6 számjegyű kódot a hitelesítő alkalmazásából.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "二段階認証を有効にする",
        "enter_the_code_from_your_authenticator_app_below": "認証アプリからコードを以下に入力してください。",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "アクセスを紛失しましたか",
        "or_enter_the_following_code_manually": "または、以下のコードを手動で入力してください:",
        "organizations_delete_message": "あなたはこれらの組織の唯一のオーナーであるため、組織も<b>削除されます。</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "以下のバックアップコードを安全な場所に保存してください。",
        "scan_the_qr_code_below_with_your_authenticator_app": "以下のQRコードを認証アプリでスキャンしてください。",
        "security_description": "パスワードや二段階認証（2FA）などの他のセキュリティ設定を管理します。",
-        "sso_reauthentication_failed": "SSO の再認証に失敗しました。もう一度アカウントの削除を試してください。",
-        "sso_reauthentication_may_be_required_for_deletion": "SSOアカウントの場合、削除を選択するとIDプロバイダーにリダイレクトされることがあります。本人確認が完了すると、アカウントは自動的に削除されます。",
+        "sso_identity_confirmation_failed": "SSOでの本人確認に失敗しました。もう一度アカウントの削除をお試しください。",
+        "sso_identity_confirmation_may_be_required_for_deletion": "SSOアカウントの場合、［削除］を選択すると、このアカウントを確認するためにIDプロバイダーへリダイレクトされることがあります。同じアカウントが確認されると、削除は自動的に続行されます。",
        "two_factor_authentication": "二段階認証",
        "two_factor_authentication_description": "パスワードが盗まれた場合に備えて、アカウントにセキュリティの追加レイヤーを追加します。",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "二段階認証が有効になりました。認証アプリから6桁のコードを入力してください。",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Schakel tweefactorauthenticatie in",
        "enter_the_code_from_your_authenticator_app_below": "Voer hieronder de code uit uw authenticator-app in.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Toegang verloren",
        "or_enter_the_following_code_manually": "Of voer de volgende code handmatig in:",
        "organizations_delete_message": "U bent de enige eigenaar van deze organisaties, dus <b>worden ze ook verwijderd.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Bewaar de volgende back-upcodes op een veilige plaats.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Scan onderstaande QR-code met uw authenticator-app.",
        "security_description": "Beheer uw wachtwoord en andere beveiligingsinstellingen zoals tweefactorauthenticatie (2FA).",
-        "sso_reauthentication_failed": "SSO-herauthenticatie is mislukt. Probeer je account opnieuw te verwijderen.",
-        "sso_reauthentication_may_be_required_for_deletion": "Bij SSO-accounts kan het selecteren van Verwijderen u doorsturen naar uw identiteitsprovider. Als uw identiteit is bevestigd, wordt uw account automatisch verwijderd.",
+        "sso_identity_confirmation_failed": "SSO-identiteitsbevestiging is mislukt. Probeer je account opnieuw te verwijderen.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Voor SSO-accounts kan het selecteren van Verwijderen je doorsturen naar je identiteitsprovider om dit account te bevestigen. Als hetzelfde account wordt bevestigd, gaat de verwijdering automatisch verder.",
        "two_factor_authentication": "Tweefactorauthenticatie",
        "two_factor_authentication_description": "Voeg een extra beveiligingslaag toe aan uw account voor het geval uw wachtwoord wordt gestolen.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Tweefactorauthenticatie ingeschakeld. Voer de zescijferige code van uw authenticator-app in.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Ativar autenticação de dois fatores",
        "enter_the_code_from_your_authenticator_app_below": "Digite o código do seu app autenticador abaixo.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Perdi o acesso",
        "or_enter_the_following_code_manually": "Ou insira o seguinte código manualmente:",
        "organizations_delete_message": "Você é o único dono dessas organizações, então elas <b>também serão apagadas.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Guarde os seguintes códigos de backup em um lugar seguro.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Escaneie o código QR abaixo com seu app autenticador.",
        "security_description": "Gerencie sua senha e outras configurações de segurança como a autenticação de dois fatores (2FA).",
-        "sso_reauthentication_failed": "A reautenticação SSO falhou. Tente excluir sua conta novamente.",
-        "sso_reauthentication_may_be_required_for_deletion": "Para contas SSO, selecionar Excluir pode redirecionar você para seu provedor de identidade. Se sua identidade for confirmada, sua conta será excluída automaticamente.",
+        "sso_identity_confirmation_failed": "A confirmação de identidade via SSO falhou. Tente excluir sua conta novamente.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Para contas SSO, selecionar Excluir pode redirecionar você para o provedor de identidade para confirmar esta conta. Se a mesma conta for confirmada, a exclusão continuará automaticamente.",
        "two_factor_authentication": "Autenticação de dois fatores",
        "two_factor_authentication_description": "Adicione uma camada extra de segurança à sua conta caso sua senha seja roubada.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Autenticação de dois fatores ativada. Por favor, insira o código de seis dígitos do seu app autenticador.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Ativar autenticação de dois fatores",
        "enter_the_code_from_your_authenticator_app_below": "Introduza o código da sua aplicação de autenticação abaixo.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Perdeu o acesso",
        "or_enter_the_following_code_manually": "Ou insira o seguinte código manualmente:",
        "organizations_delete_message": "É o único proprietário destas organizações, por isso <b>também serão eliminadas.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Guarde os seguintes códigos de backup num local seguro.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Digitalize o código QR abaixo com a sua aplicação de autenticação.",
        "security_description": "Gerir a sua palavra-passe e outras definições de segurança, como a autenticação de dois fatores (2FA).",
-        "sso_reauthentication_failed": "A reautenticação SSO falhou. Tente eliminar a sua conta novamente.",
-        "sso_reauthentication_may_be_required_for_deletion": "Para contas SSO, selecionar Eliminar poderá redirecioná-lo para o seu fornecedor de identidade. Se a sua identidade for confirmada, a sua conta será eliminada automaticamente.",
+        "sso_identity_confirmation_failed": "A confirmação de identidade por SSO falhou. Tenta eliminar a tua conta novamente.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Para contas SSO, selecionar Eliminar pode redirecionar-te para o teu fornecedor de identidade para confirmares esta conta. Se a mesma conta for confirmada, a eliminação continuará automaticamente.",
        "two_factor_authentication": "Autenticação de dois fatores",
        "two_factor_authentication_description": "Adicione uma camada extra de segurança à sua conta caso a sua palavra-passe seja roubada.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Autenticação de dois fatores ativada. Introduza o código de seis dígitos da sua aplicação de autenticação.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Activează autentificarea în doi pași",
        "enter_the_code_from_your_authenticator_app_below": "Introduceți codul din aplicația dvs. de autentificare mai jos.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Acces pierdut",
        "or_enter_the_following_code_manually": "Sau introduceți manual următorul cod:",
        "organizations_delete_message": "Ești singurul proprietar al acestor organizații, deci ele <b>vor fi șterse și ele.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Salvează următoarele coduri de rezervă într-un loc sigur.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Scanați codul QR de mai jos cu aplicația dvs. de autentificare.",
        "security_description": "Gestionează parola și alte setări de securitate, precum autentificarea în doi pași (2FA).",
-        "sso_reauthentication_failed": "Reautentificarea SSO a eșuat. Te rugăm să încerci din nou să îți ștergi contul.",
-        "sso_reauthentication_may_be_required_for_deletion": "Pentru conturile SSO, selectarea opțiunii Șterge te poate redirecționa către furnizorul tău de identitate. Dacă identitatea ta este confirmată, contul va fi șters automat.",
+        "sso_identity_confirmation_failed": "Confirmarea identității SSO a eșuat. Te rugăm să încerci din nou să îți ștergi contul.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Pentru conturile SSO, selectarea opțiunii Șterge te poate redirecționa către furnizorul de identitate pentru a confirma acest cont. Dacă același cont este confirmat, ștergerea continuă automat.",
        "two_factor_authentication": "Autentificare în doi pași",
        "two_factor_authentication_description": "Adăugați un strat suplimentar de securitate la contul dvs. în cazul în care parola este furată.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Autentificare în doi pași activată. Introduceți codul de șase cifre din aplicația dvs. de autentificare.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Включить двухфакторную аутентификацию",
        "enter_the_code_from_your_authenticator_app_below": "Введите ниже код из вашего приложения-аутентификатора.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Потерян доступ",
        "or_enter_the_following_code_manually": "Или введите следующий код вручную:",
        "organizations_delete_message": "Вы являетесь единственным владельцем этих организаций, поэтому они <b>также будут удалены.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Сохраните следующие резервные коды в безопасном месте.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Отсканируйте QR-код ниже с помощью вашего приложения-аутентификатора.",
        "security_description": "Управляйте паролем и другими настройками безопасности, такими как двухфакторная аутентификация (2FA).",
-        "sso_reauthentication_failed": "Повторная аутентификация SSO не удалась. Попробуйте удалить аккаунт еще раз.",
-        "sso_reauthentication_may_be_required_for_deletion": "Для учетных записей SSO выбор Удалить может перенаправить вас к поставщику удостоверений. Если ваша личность будет подтверждена, учетная запись будет удалена автоматически.",
+        "sso_identity_confirmation_failed": "Не удалось подтвердить личность через SSO. Попробуйте удалить аккаунт ещё раз.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "Для аккаунтов SSO при выборе «Удалить» вы можете быть перенаправлены к поставщику удостоверений, чтобы подтвердить этот аккаунт. Если будет подтверждён тот же аккаунт, удаление продолжится автоматически.",
        "two_factor_authentication": "Двухфакторная аутентификация",
        "two_factor_authentication_description": "Добавьте дополнительный уровень защиты вашему аккаунту на случай, если ваш пароль будет украден.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Двухфакторная аутентификация включена. Пожалуйста, введите шестизначный код из вашего приложения-аутентификатора.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "Aktivera tvåfaktorsautentisering",
        "enter_the_code_from_your_authenticator_app_below": "Ange koden från din autentiseringsapp nedan.",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "Förlorad åtkomst",
        "or_enter_the_following_code_manually": "Eller ange följande kod manuellt:",
        "organizations_delete_message": "Du är den enda ägaren av dessa organisationer, så de <b>kommer också att tas bort.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Spara följande reservkoder på ett säkert ställe.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Skanna QR-koden nedan med din autentiseringsapp.",
        "security_description": "Hantera ditt lösenord och andra säkerhetsinställningar som tvåfaktorsautentisering (2FA).",
-        "sso_reauthentication_failed": "SSO-återautentisering misslyckades. Försök ta bort ditt konto igen.",
-        "sso_reauthentication_may_be_required_for_deletion": "För SSO-konton kan valet Ta bort omdirigera dig till din identitetsleverantör. Om din identitet bekräftas tas ditt konto bort automatiskt.",
+        "sso_identity_confirmation_failed": "SSO-identitetsbekräftelsen misslyckades. Försök ta bort ditt konto igen.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "För SSO-konton kan valet Ta bort omdirigera dig till din identitetsleverantör för att bekräfta kontot. Om samma konto bekräftas fortsätter borttagningen automatiskt.",
        "two_factor_authentication": "Tvåfaktorsautentisering",
        "two_factor_authentication_description": "Lägg till ett extra säkerhetslager till ditt konto om ditt lösenord blir stulet.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "Tvåfaktorsautentisering aktiverad. Vänligen ange den sexsiffriga koden från din autentiseringsapp.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "E-posta onayı eşleşmiyor.",
        "enable_two_factor_authentication": "İki faktörlü kimlik doğrulamayı etkinleştir",
        "enter_the_code_from_your_authenticator_app_below": "Kimlik doğrulayıcı uygulamandaki kodu aşağıya gir.",
-        "google_sso_account_deletion_requires_setup": "SSO sağlayıcınızla kimliğinizi doğrulayamadık. Lütfen tekrar deneyin veya yöneticinizle iletişime geçin.",
        "lost_access": "Erişimi kaybettim",
        "or_enter_the_following_code_manually": "Ya da aşağıdaki kodu manuel olarak gir:",
        "organizations_delete_message": "Bu organizasyonların tek sahibi sensin, bu yüzden <b>onlar da silinecek.</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "Aşağıdaki yedekleme kodlarını güvenli bir yerde sakla.",
        "scan_the_qr_code_below_with_your_authenticator_app": "Aşağıdaki QR kodunu kimlik doğrulayıcı uygulamanla tara.",
        "security_description": "Şifreni ve iki faktörlü kimlik doğrulama (2FA) gibi diğer güvenlik ayarlarını yönet.",
-        "sso_reauthentication_failed": "SSO yeniden kimlik doğrulaması başarısız oldu. Lütfen hesabınızı silmeyi tekrar deneyin.",
-        "sso_reauthentication_may_be_required_for_deletion": "SSO hesapları için Sil'i seçmek sizi kimlik sağlayıcınıza yönlendirebilir. Kimliğiniz doğrulanırsa, hesabınız otomatik olarak silinecektir.",
+        "sso_identity_confirmation_failed": "SSO kimlik doğrulaması başarısız oldu. Lütfen hesabınızı silmeyi tekrar deneyin.",
+        "sso_identity_confirmation_may_be_required_for_deletion": "SSO hesaplarında Sil'i seçmek, bu hesabı onaylamanız için sizi kimlik sağlayıcınıza yönlendirebilir. Aynı hesap onaylanırsa silme işlemi otomatik olarak devam eder.",
        "two_factor_authentication": "İki faktörlü kimlik doğrulama",
        "two_factor_authentication_description": "Şifren çalınması durumunda hesabına ekstra bir güvenlik katmanı ekle.",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "İki faktörlü kimlik doğrulama etkinleştirildi. Lütfen kimlik doğrulayıcı uygulamandaki altı haneli kodu gir.",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "启用 双因素 认证",
        "enter_the_code_from_your_authenticator_app_below": "从 你的 身份验证 应用 中 输入 代码 。",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "失去访问",
        "or_enter_the_following_code_manually": "或者 手动输入 以下 代码:",
        "organizations_delete_message": "您 是 这些 组织 的 唯一 所有者，因此它们 <b> 也将 被 删除。 </b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "请 将 以下 备份 代码 保存在 安全地 方。",
        "scan_the_qr_code_below_with_your_authenticator_app": "用 你的 身份验证 应用 扫描 下方 的 二维码。",
        "security_description": "管理你的密码和其他安全设置，如双因素认证 (2FA)。",
-        "sso_reauthentication_failed": "SSO 重新认证失败。请再次尝试删除您的账号。",
-        "sso_reauthentication_may_be_required_for_deletion": "对于 SSO 账户，选择删除可能会将您重定向到身份提供商。如果您的身份确认成功，您的账户将自动删除。",
+        "sso_identity_confirmation_failed": "SSO 身份确认失败。请再次尝试删除你的账户。",
+        "sso_identity_confirmation_may_be_required_for_deletion": "对于 SSO 账户，选择“删除”可能会将你重定向到身份提供商以确认此账户。如果确认的是同一账户，删除会自动继续。",
        "two_factor_authentication": "双因素 认证",
        "two_factor_authentication_description": "为你的账户增加额外的安全层，以防密码被盗。",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "双因素 认证 已启用 。 请输入 从 你的 身份验证 应用 中 的 六 位 数 字 代码 。",
@@ -2700,7 +2700,6 @@
        "email_confirmation_does_not_match": "Email confirmation does not match.",
        "enable_two_factor_authentication": "啟用雙重驗證",
        "enter_the_code_from_your_authenticator_app_below": "在下方輸入您驗證器應用程式中的程式碼。",
-        "google_sso_account_deletion_requires_setup": "We couldn't confirm your identity with your SSO provider. Please try again or contact your administrator.",
        "lost_access": "無法存取",
        "or_enter_the_following_code_manually": "或手動輸入下列程式碼：",
        "organizations_delete_message": "您是這些組織的唯一擁有者，因此它們也 <b>將被刪除。</b>",
@@ -2711,8 +2710,8 @@
        "save_the_following_backup_codes_in_a_safe_place": "將下列備份碼儲存在安全的地方。",
        "scan_the_qr_code_below_with_your_authenticator_app": "使用您的驗證器應用程式掃描下方的 QR 碼。",
        "security_description": "管理您的密碼和其他安全性設定，例如雙重驗證 (2FA)。",
-        "sso_reauthentication_failed": "SSO 重新驗證失敗。請再次嘗試刪除您的帳號。",
-        "sso_reauthentication_may_be_required_for_deletion": "對於 SSO 帳戶，選取刪除可能會將您重新導向至身分提供者。如果您的身分確認成功，您的帳戶將自動刪除。",
+        "sso_identity_confirmation_failed": "SSO 身分確認失敗。請再次嘗試刪除你的帳戶。",
+        "sso_identity_confirmation_may_be_required_for_deletion": "對於 SSO 帳戶，選擇「刪除」可能會將你重新導向至身分提供者以確認此帳戶。如果確認的是同一個帳戶，刪除會自動繼續。",
        "two_factor_authentication": "雙重驗證",
        "two_factor_authentication_description": "在您的密碼被盜時，為您的帳戶新增額外的安全層。",
        "two_factor_authentication_enabled_please_enter_the_six_digit_code_from_your_authenticator_app": "已啟用雙重驗證。請輸入您驗證器應用程式中的六位數程式碼。",
@@ -2,26 +2,23 @@

 import { z } from "zod";
 import { logger } from "@formbricks/logger";
+import { AuthorizationError } from "@formbricks/types/errors";
 import { ZUserEmail } from "@formbricks/types/user";
+import { WEBAPP_URL } from "@/lib/constants";
 import { capturePostHogEvent } from "@/lib/posthog";
 import { authenticatedActionClient } from "@/lib/utils/action-client";
+import { ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE } from "@/modules/account/constants";
 import { deleteUserWithAccountDeletionAuthorization } from "@/modules/account/lib/account-deletion";
+import { queueAccountDeletionAuditEvent } from "@/modules/account/lib/account-deletion-audit";
 import { startAccountDeletionSsoReauthentication } from "@/modules/account/lib/account-deletion-sso-reauth";
 import { applyRateLimit } from "@/modules/core/rate-limit/helpers";
 import { rateLimitConfigs } from "@/modules/core/rate-limit/rate-limit-configs";
-import { withAuditLogging } from "@/modules/ee/audit-logs/lib/handler";

 const ZDeleteUserConfirmation = z
  .object({
    confirmationEmail: z.string().trim().pipe(ZUserEmail),
    password: z.string().max(128).optional(),
-  })
-  .strict();
-
-const ZStartAccountDeletionSsoReauth = z
-  .object({
-    confirmationEmail: z.string().trim().pipe(ZUserEmail),
-    returnToUrl: z.string().trim().max(2048).pipe(z.url()),
+    returnToUrl: z.string().trim().max(2048).pipe(z.url()).optional(),
  })
  .strict();

@@ -29,31 +26,16 @@ const logAccountDeletionError = (userId: string, error: unknown) => {
  logger.error({ error, userId }, "Account deletion failed");
 };

-export const startAccountDeletionSsoReauthenticationAction = authenticatedActionClient
-  .inputSchema(ZStartAccountDeletionSsoReauth)
+const isSsoConfirmationRequiredError = (error: unknown) =>
+  error instanceof AuthorizationError && error.message === ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE;
+
+export const deleteUserAction = authenticatedActionClient
+  .inputSchema(ZDeleteUserConfirmation)
  .action(async ({ ctx, parsedInput }) => {
-    try {
-      await applyRateLimit(rateLimitConfigs.actions.accountDeletion, ctx.user.id);
-
-      const { confirmationEmail, returnToUrl } = parsedInput;
-
-      return await startAccountDeletionSsoReauthentication({
-        confirmationEmail,
-        returnToUrl,
-        userId: ctx.user.id,
-      });
-    } catch (error) {
-      logger.error({ error, userId: ctx.user.id }, "Account deletion SSO reauthentication failed");
-      throw error;
-    }
-  });
-
-export const deleteUserAction = authenticatedActionClient.inputSchema(ZDeleteUserConfirmation).action(
-  withAuditLogging("deleted", "user", async ({ ctx, parsedInput }) => {
-    ctx.auditLoggingCtx.userId = ctx.user.id;
+    const userId = ctx.user.id;

    try {
-      await applyRateLimit(rateLimitConfigs.actions.accountDeletion, ctx.user.id);
+      await applyRateLimit(rateLimitConfigs.actions.accountDeletion, userId);

      const { confirmationEmail, password } = parsedInput;

@@ -61,16 +43,45 @@ export const deleteUserAction = authenticatedActionClient.inputSchema(ZDeleteUse
        confirmationEmail,
        password,
        userEmail: ctx.user.email,
-        userId: ctx.user.id,
+        userId,
      });
-      ctx.auditLoggingCtx.oldObject = oldUser;
+      await queueAccountDeletionAuditEvent({ oldUser, status: "success", targetUserId: userId });

-      capturePostHogEvent(ctx.user.id, "delete_account");
+      capturePostHogEvent(userId, "delete_account");

      return { success: true };
    } catch (error) {
-      logAccountDeletionError(ctx.user.id, error);
+      if (isSsoConfirmationRequiredError(error)) {
+        const { confirmationEmail, returnToUrl } = parsedInput;
+
+        try {
+          return {
+            ssoConfirmation: await startAccountDeletionSsoReauthentication({
+              confirmationEmail,
+              returnToUrl: returnToUrl ?? WEBAPP_URL,
+              userId,
+            }),
+          };
+        } catch (ssoConfirmationError) {
+          await queueAccountDeletionAuditEvent({
+            eventId: ctx.auditLoggingCtx.eventId,
+            status: "failure",
+            targetUserId: userId,
+          });
+          logger.error(
+            { error: ssoConfirmationError, userId },
+            "Account deletion SSO identity confirmation failed"
+          );
+          throw ssoConfirmationError;
+        }
+      }
+
+      await queueAccountDeletionAuditEvent({
+        eventId: ctx.auditLoggingCtx.eventId,
+        status: "failure",
+        targetUserId: userId,
+      });
+      logAccountDeletionError(userId, error);
      throw error;
    }
-  })
-);
+  });
@@ -11,7 +11,6 @@ import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import {
  ACCOUNT_DELETION_CONFIRMATION_REQUIRED_ERROR_CODE,
  ACCOUNT_DELETION_EMAIL_MISMATCH_ERROR_CODE,
-  ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE,
  ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE,
  DELETE_ACCOUNT_WRONG_PASSWORD_ERROR,
  FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL,
@@ -20,7 +19,7 @@ import { useSignOut } from "@/modules/auth/hooks/use-sign-out";
 import { DeleteDialog } from "@/modules/ui/components/delete-dialog";
 import { Input } from "@/modules/ui/components/input";
 import { PasswordInput } from "@/modules/ui/components/password-input";
-import { deleteUserAction, startAccountDeletionSsoReauthenticationAction } from "./actions";
+import { deleteUserAction } from "./actions";

 interface DeleteAccountModalProps {
  requiresPasswordConfirmation: boolean;
@@ -29,6 +28,7 @@ interface DeleteAccountModalProps {
  user: TUser;
  isFormbricksCloud: boolean;
  organizationsWithSingleOwner: TOrganization[];
+  isSsoIdentityConfirmationDisabled: boolean;
 }

 export const DeleteAccountModal = ({
@@ -38,6 +38,7 @@ export const DeleteAccountModal = ({
  user,
  isFormbricksCloud,
  organizationsWithSingleOwner,
+  isSsoIdentityConfirmationDisabled,
 }: Readonly<DeleteAccountModalProps>) => {
  const { t } = useTranslation();
  const [deleting, setDeleting] = useState(false);
@@ -65,10 +66,6 @@ export const DeleteAccountModal = ({
      return t("workspace.settings.profile.wrong_password");
    }

-    if (serverError === ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE) {
-      return t("workspace.settings.profile.google_sso_account_deletion_requires_setup");
-    }
-
    if (serverError === ACCOUNT_DELETION_EMAIL_MISMATCH_ERROR_CODE) {
      return t("workspace.settings.profile.email_confirmation_does_not_match");
    }
@@ -78,39 +75,12 @@ export const DeleteAccountModal = ({
    }

    if (serverError === ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE) {
-      return t("workspace.settings.profile.sso_reauthentication_failed");
+      return t("workspace.settings.profile.sso_identity_confirmation_failed");
    }

    return null;
  };

-  const startSsoReauthentication = async () => {
-    const result = await startAccountDeletionSsoReauthenticationAction({
-      confirmationEmail: inputValue,
-      returnToUrl: globalThis.location.href,
-    });
-
-    if (!result?.data) {
-      const fallbackErrorMessage = t("common.something_went_wrong_please_try_again");
-      const errorMessage =
-        getLocalizedDeletionErrorMessage(result?.serverError) ??
-        (result ? getFormattedErrorMessage(result) : fallbackErrorMessage);
-
-      logger.error({ errorMessage }, "Account deletion SSO reauthentication action failed");
-      toast.error(errorMessage || fallbackErrorMessage);
-      return;
-    }
-
-    await signIn(
-      result.data.provider,
-      {
-        callbackUrl: result.data.callbackUrl,
-        redirect: true,
-      },
-      result.data.authorizationParams
-    );
-  };
-
  const deleteAccount = async () => {
    try {
      if (!hasValidConfirmation) {
@@ -123,37 +93,47 @@ export const DeleteAccountModal = ({
          ? {
              confirmationEmail: inputValue,
              password,
+              returnToUrl: globalThis.location.href,
            }
          : {
              confirmationEmail: inputValue,
+              returnToUrl: globalThis.location.href,
            }
      );

+      if (result?.data?.ssoConfirmation) {
+        await signIn(
+          result.data.ssoConfirmation.provider,
+          {
+            callbackUrl: result.data.ssoConfirmation.callbackUrl,
+            redirect: true,
+          },
+          result.data.ssoConfirmation.authorizationParams
+        );
+        return;
+      }
+
      if (!result?.data?.success) {
        const fallbackErrorMessage = t("common.something_went_wrong_please_try_again");
-        let errorMessage = getLocalizedDeletionErrorMessage(result?.serverError) ?? fallbackErrorMessage;
-
-        if (result?.serverError === ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE) {
-          await startSsoReauthentication();
-          return;
-        } else if (result) {
-          errorMessage =
-            getLocalizedDeletionErrorMessage(result.serverError) ?? getFormattedErrorMessage(result);
-        }
+        const errorMessage = result
+          ? (getLocalizedDeletionErrorMessage(result.serverError) ?? getFormattedErrorMessage(result))
+          : fallbackErrorMessage;

        logger.error({ errorMessage }, "Account deletion action failed");
        toast.error(errorMessage || fallbackErrorMessage);
        return;
      }

-      // Sign out with account deletion reason (no automatic redirect)
-      await signOutWithAudit({
-        reason: "account_deletion",
-        redirect: false, // Prevent NextAuth automatic redirect
-        clearWorkspaceId: true,
-      });
+      try {
+        await signOutWithAudit({
+          clearWorkspaceId: true,
+          reason: "account_deletion",
+          redirect: false,
+        });
+      } catch (error) {
+        logger.error({ error }, "Failed to sign out after account deletion");
+      }

-      // Manual redirect after signOut completes
      if (isFormbricksCloud) {
        globalThis.location.replace(FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL);
      } else {
@@ -221,9 +201,9 @@ export const DeleteAccountModal = ({
            id="deleteAccountConfirmation"
            name="deleteAccountConfirmation"
          />
-          {!requiresPasswordConfirmation && (
+          {!requiresPasswordConfirmation && !isSsoIdentityConfirmationDisabled && (
            <p className="mt-2 text-sm text-slate-600">
-              {t("workspace.settings.profile.sso_reauthentication_may_be_required_for_deletion")}
+              {t("workspace.settings.profile.sso_identity_confirmation_may_be_required_for_deletion")}
            </p>
          )}
          {requiresPasswordConfirmation && (
@@ -4,7 +4,6 @@ export const ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE = "sso_reauth_failed"
 export const ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE = "sso_reauth_required";
 export const ACCOUNT_DELETION_EMAIL_MISMATCH_ERROR_CODE = "account_deletion_email_mismatch";
 export const ACCOUNT_DELETION_CONFIRMATION_REQUIRED_ERROR_CODE = "account_deletion_confirmation_required";
-export const ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE = "google_reauth_not_configured";
 export const FORMBRICKS_CLOUD_ACCOUNT_DELETION_SURVEY_URL =
  "https://app.formbricks.com/s/clri52y3z8f221225wjdhsoo2";

@@ -0,0 +1,34 @@
+import "server-only";
+import { logger } from "@formbricks/logger";
+import { queueAuditEventBackground } from "@/modules/ee/audit-logs/lib/handler";
+import { UNKNOWN_DATA } from "@/modules/ee/audit-logs/types/audit-log";
+
+export const queueAccountDeletionAuditEvent = async ({
+  eventId,
+  oldUser,
+  status,
+  targetUserId,
+  userId = targetUserId,
+}: {
+  eventId?: string;
+  oldUser?: Record<string, unknown> | null;
+  status: "success" | "failure";
+  targetUserId: string;
+  userId?: string;
+}) => {
+  try {
+    await queueAuditEventBackground({
+      action: "deleted",
+      targetType: "user",
+      userId,
+      userType: "user",
+      targetId: targetUserId,
+      organizationId: UNKNOWN_DATA,
+      oldObject: oldUser,
+      status,
+      ...(eventId ? { eventId } : {}),
+    });
+  } catch (error) {
+    logger.error({ error, targetUserId, userId }, "Failed to queue account deletion audit event");
+  }
+};
@@ -1,4 +1,3 @@
-import jwt from "jsonwebtoken";
 import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { ErrorCode } from "@formbricks/cache";
 import { prisma } from "@formbricks/database";
@@ -7,9 +6,8 @@ import { cache } from "@/lib/cache";
 import { createAccountDeletionSsoReauthIntent, verifyAccountDeletionSsoReauthIntent } from "@/lib/jwt";
 import { getUserAuthenticationData } from "@/lib/user/password";
 import {
-  ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE,
  ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
-  ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE,
+  ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE,
 } from "@/modules/account/constants";
 import {
  completeAccountDeletionSsoReauthentication,
@@ -52,7 +50,6 @@ vi.mock("@/lib/constants", async (importOriginal) => {
  const actual = await importOriginal<typeof import("@/lib/constants")>();
  return {
    ...actual,
-    GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED: true,
    SAML_PRODUCT: "formbricks",
    SAML_TENANT: "formbricks.com",
    WEBAPP_URL: "http://localhost:3000",
@@ -106,15 +103,13 @@ const storedSamlIntent = {
  userId: samlIntent.userId,
 };

-const createIdToken = (authTime: number) => jwt.sign({ auth_time: authTime }, "test-secret");
-const createAuthnInstant = (authTime: number) => new Date(authTime * 1000).toISOString();
 const mockRedisConsume = (value: unknown) => {
  const redisEval = vi.fn().mockResolvedValue(value === null ? null : JSON.stringify(value));
  mockCache.getRedisClient.mockResolvedValueOnce({ eval: redisEval } as any);
  return redisEval;
 };

-describe("account deletion SSO reauthentication", () => {
+describe("account deletion SSO identity confirmation", () => {
  beforeEach(() => {
    vi.resetAllMocks();
    vi.spyOn(crypto, "randomUUID").mockReturnValue("intent-id" as ReturnType<typeof crypto.randomUUID>);
@@ -129,7 +124,7 @@ describe("account deletion SSO reauthentication", () => {
    vi.restoreAllMocks();
  });

-  test("starts SSO reauthentication with a signed, cached intent", async () => {
+  test("starts SSO identity confirmation with a signed, cached intent", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
      identityProvider: "google",
@@ -151,26 +146,45 @@ describe("account deletion SSO reauthentication", () => {
    });
    expect(result).toEqual({
      authorizationParams: {
-        claims: JSON.stringify({
-          id_token: {
-            auth_time: {
-              essential: true,
-            },
-          },
-        }),
        login_hint: intent.email,
-        max_age: "0",
+        prompt: "login",
      },
      callbackUrl: "http://localhost:3000/auth/account-deletion/sso/complete?intent=intent-token",
      provider: "google",
    });
  });

-  test("starts Azure AD reauthentication with standard OIDC step-up params", async () => {
+  test("requests interactive login without freshness-only SSO authorization parameters", async () => {
+    mockCreateAccountDeletionSsoReauthIntent.mockReturnValue("intent-token");
+
+    for (const identityProvider of ["google", "azuread", "openid"] as const) {
+      mockGetUserAuthenticationData.mockResolvedValueOnce({
+        email: intent.email,
+        identityProvider,
+        identityProviderAccountId: `${identityProvider}-account-id`,
+        password: null,
+      } as any);
+
+      const result = await startAccountDeletionSsoReauthentication({
+        confirmationEmail: intent.email,
+        returnToUrl: "/environments/env-1/settings/profile",
+        userId: intent.userId,
+      });
+
+      expect(result.authorizationParams).toEqual({
+        login_hint: intent.email,
+        prompt: "login",
+      });
+      expect(result.authorizationParams).not.toHaveProperty("claims");
+      expect(result.authorizationParams).not.toHaveProperty("max_age");
+    }
+  });
+
+  test("starts GitHub SSO identity confirmation with account picker params", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
-      identityProvider: "azuread",
-      identityProviderAccountId: intent.providerAccountId,
+      identityProvider: "github",
+      identityProviderAccountId: "github-account-id",
      password: null,
    } as any);
    mockCreateAccountDeletionSsoReauthIntent.mockReturnValue("intent-token");
@@ -182,43 +196,13 @@ describe("account deletion SSO reauthentication", () => {
    });

    expect(result.authorizationParams).toEqual({
-      login_hint: intent.email,
-      max_age: "0",
-      prompt: "login",
+      login: intent.email,
+      prompt: "select_account",
    });
-    expect(result.provider).toBe("azure-ad");
+    expect(result.provider).toBe("github");
  });

-  test("extracts reauth intents only from the expected callback URL", () => {
-    expect(
-      getAccountDeletionSsoReauthIntentFromCallbackUrl(
-        "http://localhost:3000/auth/account-deletion/sso/complete?intent=intent-token"
-      )
-    ).toBe("intent-token");
-    expect(
-      getAccountDeletionSsoReauthIntentFromCallbackUrl("http://localhost:3000/auth/login?intent=intent-token")
-    ).toBeNull();
-    expect(
-      getAccountDeletionSsoReauthIntentFromCallbackUrl(
-        "https://evil.example/auth/account-deletion/sso/complete?intent=intent-token"
-      )
-    ).toBeNull();
-  });
-
-  test("builds a safe profile redirect for SSO reauthentication callback failures", () => {
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
-
-    expect(
-      getAccountDeletionSsoReauthFailureRedirectUrl({
-        error: new AuthorizationError(ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE),
-        intentToken: "intent-token",
-      })
-    ).toBe(
-      `http://localhost:3000/environments/env-1/settings/profile?${ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM}=${ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE}`
-    );
-  });
-
-  test("starts SAML reauthentication with forced-authentication params", async () => {
+  test("starts SAML SSO identity confirmation with Jackson routing and ForceAuthn params", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
      identityProvider: "saml",
@@ -245,24 +229,32 @@ describe("account deletion SSO reauthentication", () => {
    });
  });

-  test("does not start SSO reauthentication for providers without verifiable freshness", async () => {
-    mockGetUserAuthenticationData.mockResolvedValue({
-      email: intent.email,
-      identityProvider: "github",
-      identityProviderAccountId: "github-account-id",
-      password: null,
-    } as any);
+  test("extracts confirmation intents only from the expected callback URL", () => {
+    expect(
+      getAccountDeletionSsoReauthIntentFromCallbackUrl(
+        "http://localhost:3000/auth/account-deletion/sso/complete?intent=intent-token"
+      )
+    ).toBe("intent-token");
+    expect(
+      getAccountDeletionSsoReauthIntentFromCallbackUrl("http://localhost:3000/auth/login?intent=intent-token")
+    ).toBeNull();
+    expect(
+      getAccountDeletionSsoReauthIntentFromCallbackUrl(
+        "https://evil.example/auth/account-deletion/sso/complete?intent=intent-token"
+      )
+    ).toBeNull();
+  });

-    await expect(
-      startAccountDeletionSsoReauthentication({
-        confirmationEmail: intent.email,
-        returnToUrl: "/environments/env-1/settings/profile",
-        userId: intent.userId,
+  test("builds a safe profile redirect for SSO identity confirmation callback failures", () => {
+    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
+
+    expect(
+      getAccountDeletionSsoReauthFailureRedirectUrl({
+        intentToken: "intent-token",
      })
-    ).rejects.toThrow(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-
-    expect(mockCache.set).not.toHaveBeenCalled();
-    expect(mockCreateAccountDeletionSsoReauthIntent).not.toHaveBeenCalled();
+    ).toBe(
+      `http://localhost:3000/environments/env-1/settings/profile?${ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM}=${ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE}`
+    );
  });

  test("falls back to the web app URL when the return URL is unsafe", async () => {
@@ -287,7 +279,7 @@ describe("account deletion SSO reauthentication", () => {
    );
  });

-  test("does not start SSO reauthentication for password-backed users", async () => {
+  test("does not start SSO identity confirmation for password-backed users", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
      identityProvider: "email",
@@ -306,7 +298,7 @@ describe("account deletion SSO reauthentication", () => {
    expect(mockCache.set).not.toHaveBeenCalled();
  });

-  test("does not start SSO reauthentication when the confirmation email mismatches", async () => {
+  test("does not start SSO identity confirmation when the confirmation email mismatches", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
      identityProvider: "google",
@@ -325,7 +317,7 @@ describe("account deletion SSO reauthentication", () => {
    expect(mockCache.set).not.toHaveBeenCalled();
  });

-  test("does not start SSO reauthentication without a linked SSO provider account", async () => {
+  test("does not start SSO identity confirmation without a linked SSO provider account", async () => {
    mockGetUserAuthenticationData.mockResolvedValue({
      email: intent.email,
      identityProvider: "google",
@@ -359,11 +351,49 @@ describe("account deletion SSO reauthentication", () => {
        returnToUrl: "/environments/env-1/settings/profile",
        userId: intent.userId,
      })
-    ).rejects.toThrow("Unable to start account deletion SSO reauthentication");
+    ).rejects.toThrow("Unable to start account deletion SSO identity confirmation");

    expect(mockCreateAccountDeletionSsoReauthIntent).not.toHaveBeenCalled();
  });

+  test("validates a matching SSO callback before the normal SSO handler runs", async () => {
+    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
+    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
+
+    await expect(
+      validateAccountDeletionSsoReauthenticationCallback({
+        account: {
+          provider: "google",
+          providerAccountId: intent.providerAccountId,
+          type: "oauth",
+        } as any,
+        intentToken: "intent-token",
+      })
+    ).resolves.toBeUndefined();
+
+    expect(mockCache.get).toHaveBeenCalled();
+    expect(mockCache.del).not.toHaveBeenCalled();
+  });
+
+  test("validates a matching SAML callback without AuthnInstant freshness proof", async () => {
+    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(samlIntent);
+    mockCache.get.mockResolvedValue({ ok: true, data: storedSamlIntent });
+
+    await expect(
+      validateAccountDeletionSsoReauthenticationCallback({
+        account: {
+          provider: "saml",
+          providerAccountId: samlIntent.providerAccountId,
+          type: "oauth",
+        } as any,
+        intentToken: "intent-token",
+      })
+    ).resolves.toBeUndefined();
+
+    expect(mockCache.get).toHaveBeenCalled();
+    expect(mockCache.del).not.toHaveBeenCalled();
+  });
+
  test("fails SSO completion without consuming the intent when the callback provider does not match", async () => {
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
@@ -421,11 +451,21 @@ describe("account deletion SSO reauthentication", () => {
    expect(mockCache.get).not.toHaveBeenCalled();
  });

-  test("rejects callbacks when the signed intent is for an unverifiable SSO provider", async () => {
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue({
+  test("accepts GitHub callbacks because identity confirmation does not require freshness proof", async () => {
+    const githubIntent = {
      ...intent,
      provider: "github",
      providerAccountId: "github-account-id",
+    };
+    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(githubIntent);
+    mockCache.get.mockResolvedValue({
+      ok: true,
+      data: {
+        id: githubIntent.id,
+        provider: githubIntent.provider,
+        providerAccountId: githubIntent.providerAccountId,
+        userId: githubIntent.userId,
+      },
    });

    await expect(
@@ -437,9 +477,9 @@ describe("account deletion SSO reauthentication", () => {
        } as any,
        intentToken: "intent-token",
      })
-    ).rejects.toThrow(AuthorizationError);
+    ).resolves.toBeUndefined();

-    expect(mockCache.get).not.toHaveBeenCalled();
+    expect(mockCache.get).toHaveBeenCalled();
    expect(mockCache.del).not.toHaveBeenCalled();
  });

@@ -460,145 +500,7 @@ describe("account deletion SSO reauthentication", () => {
    expect(mockCache.get).not.toHaveBeenCalled();
  });

-  test("validates a fresh SSO callback before the normal SSO handler runs", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
-    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
-
-    await expect(
-      validateAccountDeletionSsoReauthenticationCallback({
-        account: {
-          id_token: createIdToken(nowInSeconds),
-          provider: "google",
-          providerAccountId: intent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).resolves.toBeUndefined();
-
-    expect(mockCache.get).toHaveBeenCalled();
-    expect(mockCache.del).not.toHaveBeenCalled();
-  });
-
-  test("rejects OIDC callbacks without an auth_time claim", async () => {
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
-
-    await expect(
-      validateAccountDeletionSsoReauthenticationCallback({
-        account: {
-          id_token: jwt.sign({}, "test-secret"),
-          provider: "google",
-          providerAccountId: intent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).rejects.toThrow(ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE);
-
-    expect(mockCache.get).not.toHaveBeenCalled();
-  });
-
-  test("validates a fresh SAML callback with an AuthnInstant", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(samlIntent);
-    mockCache.get.mockResolvedValue({ ok: true, data: storedSamlIntent });
-
-    await expect(
-      validateAccountDeletionSsoReauthenticationCallback({
-        account: {
-          authn_instant: createAuthnInstant(nowInSeconds),
-          provider: "saml",
-          providerAccountId: samlIntent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).resolves.toBeUndefined();
-
-    expect(mockCache.get).toHaveBeenCalled();
-    expect(mockCache.del).not.toHaveBeenCalled();
-  });
-
-  test("rejects SAML callbacks without an AuthnInstant", async () => {
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(samlIntent);
-
-    await expect(
-      validateAccountDeletionSsoReauthenticationCallback({
-        account: {
-          provider: "saml",
-          providerAccountId: samlIntent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).rejects.toThrow(AuthorizationError);
-
-    expect(mockCache.get).not.toHaveBeenCalled();
-  });
-
-  test("rejects stale SAML AuthnInstant values without consuming the intent", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(samlIntent);
-
-    await expect(
-      completeAccountDeletionSsoReauthentication({
-        account: {
-          authn_instant: createAuthnInstant(nowInSeconds - 10 * 60),
-          provider: "saml",
-          providerAccountId: samlIntent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).rejects.toThrow(AuthorizationError);
-
-    expect(mockCache.del).not.toHaveBeenCalled();
-    expect(mockPrismaAccountFindUnique).not.toHaveBeenCalled();
-  });
-
-  test("rejects stale OIDC auth_time claims", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
-    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
-
-    await expect(
-      completeAccountDeletionSsoReauthentication({
-        account: {
-          id_token: createIdToken(nowInSeconds - 10 * 60),
-          provider: "google",
-          providerAccountId: intent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).rejects.toThrow(AuthorizationError);
-
-    expect(mockPrismaAccountFindUnique).not.toHaveBeenCalled();
-  });
-
-  test("rejects OIDC auth_time claims too far in the future", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
-    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
-
-    await expect(
-      completeAccountDeletionSsoReauthentication({
-        account: {
-          id_token: createIdToken(nowInSeconds + 2 * 60),
-          provider: "google",
-          providerAccountId: intent.providerAccountId,
-          type: "oauth",
-        } as any,
-        intentToken: "intent-token",
-      })
-    ).rejects.toThrow(AuthorizationError);
-
-    expect(mockPrismaAccountFindUnique).not.toHaveBeenCalled();
-  });
-
-  test("stores a deletion marker after fresh SSO reauthentication", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
+  test("stores a deletion marker after SSO identity confirmation", async () => {
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
    mockRedisConsume(storedIntent);
@@ -606,7 +508,6 @@ describe("account deletion SSO reauthentication", () => {

    await completeAccountDeletionSsoReauthentication({
      account: {
-        id_token: createIdToken(nowInSeconds),
        provider: "google",
        providerAccountId: intent.providerAccountId,
        type: "oauth",
@@ -621,32 +522,7 @@ describe("account deletion SSO reauthentication", () => {
    );
  });

-  test("stores a deletion marker after fresh SAML reauthentication", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
-    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(samlIntent);
-    mockCache.get.mockResolvedValue({ ok: true, data: storedSamlIntent });
-    mockRedisConsume(storedSamlIntent);
-    mockPrismaAccountFindUnique.mockResolvedValue({ userId: samlIntent.userId } as any);
-
-    await completeAccountDeletionSsoReauthentication({
-      account: {
-        authn_instant: createAuthnInstant(nowInSeconds),
-        provider: "saml",
-        providerAccountId: samlIntent.providerAccountId,
-        type: "oauth",
-      } as any,
-      intentToken: "intent-token",
-    });
-
-    expect(mockCache.set).toHaveBeenCalledWith(
-      expect.any(String),
-      expect.objectContaining(storedSamlIntent),
-      5 * 60 * 1000
-    );
-  });
-
  test("stores a deletion marker when the linked account is found through legacy user fields", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
    mockRedisConsume(storedIntent);
@@ -655,7 +531,6 @@ describe("account deletion SSO reauthentication", () => {

    await completeAccountDeletionSsoReauthentication({
      account: {
-        id_token: createIdToken(nowInSeconds),
        provider: "google",
        providerAccountId: intent.providerAccountId,
        type: "oauth",
@@ -680,7 +555,6 @@ describe("account deletion SSO reauthentication", () => {
  });

  test("fails SSO completion when the provider account belongs to another user", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
    mockPrismaAccountFindUnique.mockResolvedValue({ userId: "other-user-id" } as any);
@@ -688,7 +562,6 @@ describe("account deletion SSO reauthentication", () => {
    await expect(
      completeAccountDeletionSsoReauthentication({
        account: {
-          id_token: createIdToken(nowInSeconds),
          provider: "google",
          providerAccountId: intent.providerAccountId,
          type: "oauth",
@@ -701,7 +574,6 @@ describe("account deletion SSO reauthentication", () => {
  });

  test("fails SSO completion when the cached intent does not match the signed intent", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({
      ok: true,
@@ -714,7 +586,6 @@ describe("account deletion SSO reauthentication", () => {
    await expect(
      completeAccountDeletionSsoReauthentication({
        account: {
-          id_token: createIdToken(nowInSeconds),
          provider: "google",
          providerAccountId: intent.providerAccountId,
          type: "oauth",
@@ -728,7 +599,6 @@ describe("account deletion SSO reauthentication", () => {
  });

  test("fails SSO completion when the deletion marker cannot be cached", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: true, data: storedIntent });
    mockRedisConsume(storedIntent);
@@ -738,35 +608,32 @@ describe("account deletion SSO reauthentication", () => {
    await expect(
      completeAccountDeletionSsoReauthentication({
        account: {
-          id_token: createIdToken(nowInSeconds),
          provider: "google",
          providerAccountId: intent.providerAccountId,
          type: "oauth",
        } as any,
        intentToken: "intent-token",
      })
-    ).rejects.toThrow("Unable to complete account deletion SSO reauthentication");
+    ).rejects.toThrow("Unable to complete account deletion SSO identity confirmation");
  });

  test("surfaces cache read failures while validating callbacks", async () => {
-    const nowInSeconds = Math.floor(Date.now() / 1000);
    mockVerifyAccountDeletionSsoReauthIntent.mockReturnValue(intent);
    mockCache.get.mockResolvedValue({ ok: false, error: cacheError });

    await expect(
      validateAccountDeletionSsoReauthenticationCallback({
        account: {
-          id_token: createIdToken(nowInSeconds),
          provider: "google",
          providerAccountId: intent.providerAccountId,
          type: "oauth",
        } as any,
        intentToken: "intent-token",
      })
-    ).rejects.toThrow("Unable to read account deletion SSO reauth value");
+    ).rejects.toThrow("Unable to read account deletion SSO identity confirmation value");
  });

-  test("requires a completed SSO reauthentication marker before deleting an SSO account", async () => {
+  test("requires a completed SSO identity confirmation marker before deleting an SSO account", async () => {
    mockRedisConsume(null);

    await expect(
@@ -778,7 +645,7 @@ describe("account deletion SSO reauthentication", () => {
    ).rejects.toThrow(AuthorizationError);
  });

-  test("consumes a valid SSO reauthentication marker", async () => {
+  test("consumes a valid SSO identity confirmation marker", async () => {
    const redisEval = mockRedisConsume({
      ...storedIntent,
      completedAt: Date.now(),
@@ -807,37 +674,12 @@ describe("account deletion SSO reauthentication", () => {
        providerAccountId: intent.providerAccountId,
        userId: intent.userId,
      })
-    ).rejects.toThrow("Unable to consume account deletion SSO reauth value");
+    ).rejects.toThrow("Unable to consume account deletion SSO identity confirmation value");

    expect(mockCache.get).not.toHaveBeenCalled();
    expect(mockCache.del).not.toHaveBeenCalled();
  });

-  test("atomically consumes a valid SSO reauthentication marker from Redis", async () => {
-    const redisEval = vi.fn().mockResolvedValue(
-      JSON.stringify({
-        ...storedIntent,
-        completedAt: Date.now(),
-      })
-    );
-    mockCache.getRedisClient.mockResolvedValueOnce({ eval: redisEval } as any);
-
-    await expect(
-      consumeAccountDeletionSsoReauthentication({
-        identityProvider: "google",
-        providerAccountId: intent.providerAccountId,
-        userId: intent.userId,
-      })
-    ).resolves.toBeUndefined();
-
-    expect(redisEval).toHaveBeenCalledWith(expect.any(String), {
-      arguments: [],
-      keys: [expect.any(String)],
-    });
-    expect(mockCache.get).not.toHaveBeenCalled();
-    expect(mockCache.del).not.toHaveBeenCalled();
-  });
-
  test("rejects unexpected Redis values while consuming a marker", async () => {
    mockCache.getRedisClient.mockResolvedValueOnce({
      eval: vi.fn().mockResolvedValue(42),
@@ -849,7 +691,7 @@ describe("account deletion SSO reauthentication", () => {
        providerAccountId: intent.providerAccountId,
        userId: intent.userId,
      })
-    ).rejects.toThrow("Unexpected cached account deletion SSO reauth value");
+    ).rejects.toThrow("Unexpected cached account deletion SSO identity confirmation value");
  });

  test("surfaces atomic Redis failures while consuming a marker", async () => {
@@ -885,7 +727,7 @@ describe("account deletion SSO reauthentication", () => {
    expect(mockCache.del).not.toHaveBeenCalled();
  });

-  test("rejects an expired SSO reauthentication marker", async () => {
+  test("rejects an expired SSO identity confirmation marker", async () => {
    mockRedisConsume({
      ...storedIntent,
      completedAt: Date.now() - 6 * 60 * 1000,
@@ -1,25 +1,18 @@
 import "server-only";
 import type { IdentityProvider } from "@prisma/client";
-import jwt from "jsonwebtoken";
 import type { Account } from "next-auth";
 import { createCacheKey } from "@formbricks/cache";
 import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { AuthorizationError, InvalidInputError } from "@formbricks/types/errors";
 import { cache } from "@/lib/cache";
-import {
-  GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED,
-  SAML_PRODUCT,
-  SAML_TENANT,
-  WEBAPP_URL,
-} from "@/lib/constants";
+import { SAML_PRODUCT, SAML_TENANT, WEBAPP_URL } from "@/lib/constants";
 import { createAccountDeletionSsoReauthIntent, verifyAccountDeletionSsoReauthIntent } from "@/lib/jwt";
 import { getUserAuthenticationData } from "@/lib/user/password";
 import { getValidatedCallbackUrl } from "@/lib/utils/url";
 import {
  ACCOUNT_DELETION_CONFIRMATION_REQUIRED_ERROR_CODE,
  ACCOUNT_DELETION_EMAIL_MISMATCH_ERROR_CODE,
-  ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE,
  ACCOUNT_DELETION_SSO_REAUTH_CALLBACK_PATH,
  ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
  ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE,
@@ -33,13 +26,8 @@ import {

 const ACCOUNT_DELETION_SSO_REAUTH_INTENT_TTL_MS = 10 * 60 * 1000;
 const ACCOUNT_DELETION_SSO_REAUTH_MARKER_TTL_MS = 5 * 60 * 1000;
-const SSO_AUTH_TIME_MAX_AGE_SECONDS = 5 * 60;
-const SSO_AUTH_TIME_FUTURE_SKEW_SECONDS = 60;

 type TSsoIdentityProvider = Exclude<IdentityProvider, "email">;
-type TAccountWithSamlAuthnInstant = Account & {
-  authn_instant?: unknown;
-};

 type TStoredAccountDeletionSsoReauthIntent = {
  id: string;
@@ -72,23 +60,6 @@ const NEXT_AUTH_PROVIDER_BY_IDENTITY_PROVIDER = {
  saml: "saml",
 } as const satisfies Record<TSsoIdentityProvider, string>;

-const OIDC_REAUTH_PROVIDERS = new Set<TSsoIdentityProvider>([
-  "azuread",
-  ...(GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED ? (["google"] as const) : []),
-  "openid",
-]);
-// GitHub OAuth does not return a verifiable auth_time/max_age proof, so it cannot secure this
-// destructive action without another app-controlled step-up.
-const FRESH_SSO_REAUTH_PROVIDERS = new Set<TSsoIdentityProvider>([...OIDC_REAUTH_PROVIDERS, "saml"]);
-// Google only returns auth_time when it is explicitly requested as an ID token claim.
-const GOOGLE_AUTH_TIME_CLAIMS_REQUEST = JSON.stringify({
-  id_token: {
-    auth_time: {
-      essential: true,
-    },
-  },
-});
-
 const getAccountDeletionSsoReauthIntentKey = (intentId: string) =>
  createCacheKey.custom("account_deletion", "sso_reauth_intent", intentId);

@@ -106,28 +77,15 @@ const getSsoIdentityProviderOrThrow = (
  return { provider: identityProvider, providerAccountId };
 };

-const assertSsoProviderSupportsFreshReauthentication = (provider: TSsoIdentityProvider) => {
-  if (provider === "google" && !GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED) {
-    logger.warn(
-      { googleAccountDeletionReauthEnabled: GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED, provider },
-      "Google SSO account deletion reauthentication is not enabled"
-    );
-    throw new AuthorizationError(ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE);
-  }
-
-  if (!FRESH_SSO_REAUTH_PROVIDERS.has(provider)) {
-    logger.warn(
-      { googleAccountDeletionReauthEnabled: GOOGLE_ACCOUNT_DELETION_REAUTH_ENABLED, provider },
-      "SSO provider does not support verifiable account deletion reauthentication"
-    );
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-};
-
 const getAccountDeletionSsoReauthAuthorizationParams = (
  provider: TSsoIdentityProvider,
  email: string
 ): Record<string, string> => {
+  // This flow asks supported providers for an interactive login, but still only treats the callback
+  // as same-identity confirmation. Do not add max_age=0, Google auth_time claims, or AuthnInstant
+  // validation here unless the product decision changes back to strict step-up authentication.
+  // A future lower-friction alternative would be a short-lived email confirmation link that deletes
+  // the account after verifying the signed deletion intent, making the inbox the confirmation factor.
  if (provider === "saml") {
    return {
      forceAuthn: "true",
@@ -137,23 +95,17 @@ const getAccountDeletionSsoReauthAuthorizationParams = (
    };
  }

-  if (OIDC_REAUTH_PROVIDERS.has(provider)) {
-    if (provider === "google") {
-      return {
-        claims: GOOGLE_AUTH_TIME_CLAIMS_REQUEST,
-        login_hint: email,
-        max_age: "0",
-      };
-    }
-
+  if (provider === "github") {
    return {
-      login_hint: email,
-      max_age: "0",
-      prompt: "login",
+      login: email,
+      prompt: "select_account",
    };
  }

-  throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
+  return {
+    login_hint: email,
+    prompt: "login",
+  };
 };

 const createAccountDeletionSsoReauthCallbackUrl = (intentToken: string) => {
@@ -162,14 +114,6 @@ const createAccountDeletionSsoReauthCallbackUrl = (intentToken: string) => {
  return callbackUrl.toString();
 };

-const getAccountDeletionSsoReauthErrorCode = (error: unknown) => {
-  if (error instanceof Error && error.message === ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE) {
-    return ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE;
-  }
-
-  return ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE;
-};
-
 export const getAccountDeletionSsoReauthIntentFromCallbackUrl = (callbackUrl: string): string | null => {
  const validatedCallbackUrl = getValidatedCallbackUrl(callbackUrl, WEBAPP_URL);

@@ -187,10 +131,8 @@ export const getAccountDeletionSsoReauthIntentFromCallbackUrl = (callbackUrl: st
 };

 export const getAccountDeletionSsoReauthFailureRedirectUrl = ({
-  error,
  intentToken,
 }: {
-  error: unknown;
  intentToken: string | null;
 }): string | null => {
  if (!intentToken) {
@@ -208,11 +150,11 @@ export const getAccountDeletionSsoReauthFailureRedirectUrl = ({
    const redirectUrl = new URL(validatedReturnToUrl);
    redirectUrl.searchParams.set(
      ACCOUNT_DELETION_SSO_REAUTH_ERROR_QUERY_PARAM,
-      getAccountDeletionSsoReauthErrorCode(error)
+      ACCOUNT_DELETION_SSO_REAUTH_FAILED_ERROR_CODE
    );
    return redirectUrl.toString();
  } catch (redirectError) {
-    logger.error({ error: redirectError }, "Failed to resolve account deletion SSO reauth failure URL");
+    logger.error({ error: redirectError }, "Failed to resolve account deletion SSO confirmation failure URL");
    return null;
  }
 };
@@ -224,9 +166,9 @@ const storeAccountDeletionSsoReauthIntent = async (intent: TStoredAccountDeletio
  if (!result.ok) {
    logger.error(
      { error: result.error, intentId: intent.id, userId: intent.userId },
-      "Failed to store SSO reauth intent"
+      "Failed to store SSO identity confirmation intent"
    );
-    throw new Error("Unable to start account deletion SSO reauthentication");
+    throw new Error("Unable to start account deletion SSO identity confirmation");
  }
 };

@@ -237,9 +179,9 @@ const storeAccountDeletionSsoReauthMarker = async (marker: TAccountDeletionSsoRe
  if (!result.ok) {
    logger.error(
      { error: result.error, intentId: marker.id, userId: marker.userId },
-      "Failed to store account deletion SSO reauth marker"
+      "Failed to store account deletion SSO identity confirmation marker"
    );
-    throw new Error("Unable to complete account deletion SSO reauthentication");
+    throw new Error("Unable to complete account deletion SSO identity confirmation");
  }
 };

@@ -249,13 +191,19 @@ const consumeCachedJsonValue = async <TValue>(key: string, logContext: Record<st
  try {
    redis = await cache.getRedisClient();
  } catch (error) {
-    logger.error({ ...logContext, error, key }, "Failed to resolve Redis client for SSO reauth cache");
+    logger.error(
+      { ...logContext, error, key },
+      "Failed to resolve Redis client for SSO identity confirmation cache"
+    );
    throw error;
  }

  if (!redis) {
-    logger.error({ ...logContext, key }, "Redis is required to atomically consume SSO reauth cache value");
-    throw new Error("Unable to consume account deletion SSO reauth value");
+    logger.error(
+      { ...logContext, key },
+      "Redis is required to atomically consume SSO identity confirmation cache value"
+    );
+    throw new Error("Unable to consume account deletion SSO identity confirmation value");
  }

  try {
@@ -278,13 +226,19 @@ const consumeCachedJsonValue = async <TValue>(key: string, logContext: Record<st
    }

    if (typeof serializedValue !== "string") {
-      logger.error({ ...logContext, key, serializedValue }, "Unexpected cached SSO reauth value");
-      throw new Error("Unexpected cached account deletion SSO reauth value");
+      logger.error(
+        { ...logContext, key, serializedValue },
+        "Unexpected cached SSO identity confirmation value"
+      );
+      throw new Error("Unexpected cached account deletion SSO identity confirmation value");
    }

    return JSON.parse(serializedValue) as TValue;
  } catch (error) {
-    logger.error({ ...logContext, error, key }, "Failed to atomically consume SSO reauth cache value");
+    logger.error(
+      { ...logContext, error, key },
+      "Failed to atomically consume SSO identity confirmation cache value"
+    );
    throw error;
  }
 };
@@ -293,8 +247,11 @@ const getCachedJsonValue = async <TValue>(key: string, logContext: Record<string
  const cacheResult = await cache.get<TValue>(key);

  if (!cacheResult.ok) {
-    logger.error({ ...logContext, error: cacheResult.error, key }, "Failed to read SSO reauth cache value");
-    throw new Error("Unable to read account deletion SSO reauth value");
+    logger.error(
+      { ...logContext, error: cacheResult.error, key },
+      "Failed to read SSO identity confirmation cache value"
+    );
+    throw new Error("Unable to read account deletion SSO identity confirmation value");
  }

  return cacheResult.data;
@@ -379,89 +336,6 @@ const findLinkedSsoUserId = async ({
  return legacyUser?.id ?? null;
 };

-const assertFreshAuthTime = (authTimeInSeconds: number, logContext: Record<string, unknown>) => {
-  const nowInSeconds = Math.floor(Date.now() / 1000);
-  const isTooOld = nowInSeconds - authTimeInSeconds > SSO_AUTH_TIME_MAX_AGE_SECONDS;
-  const isFromTheFuture = authTimeInSeconds - nowInSeconds > SSO_AUTH_TIME_FUTURE_SKEW_SECONDS;
-
-  if (isTooOld || isFromTheFuture) {
-    logger.warn(
-      {
-        ...logContext,
-        ageSeconds: nowInSeconds - authTimeInSeconds,
-        authTimeInSeconds,
-        futureSkewSeconds: authTimeInSeconds - nowInSeconds,
-        maxAgeSeconds: SSO_AUTH_TIME_MAX_AGE_SECONDS,
-      },
-      "SSO account deletion reauthentication timestamp is not fresh"
-    );
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-};
-
-const assertFreshOidcAuthTime = (provider: TSsoIdentityProvider, idToken?: string) => {
-  if (!OIDC_REAUTH_PROVIDERS.has(provider)) {
-    return;
-  }
-
-  if (!idToken) {
-    logger.warn({ provider }, "OIDC account deletion reauthentication callback is missing an ID token");
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-
-  const decodedToken = jwt.decode(idToken);
-
-  if (!decodedToken || typeof decodedToken === "string") {
-    logger.warn({ provider }, "OIDC account deletion reauthentication callback has an invalid ID token");
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-
-  const { auth_time: authTime } = decodedToken;
-
-  if (typeof authTime !== "number") {
-    logger.warn(
-      { claimKeys: Object.keys(decodedToken), provider },
-      "OIDC account deletion reauthentication callback is missing numeric auth_time"
-    );
-    if (provider === "google") {
-      throw new AuthorizationError(ACCOUNT_DELETION_GOOGLE_REAUTH_NOT_CONFIGURED_ERROR_CODE);
-    }
-
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-
-  assertFreshAuthTime(authTime, { claim: "auth_time", provider });
-};
-
-const assertFreshSamlAuthnInstant = (
-  provider: TSsoIdentityProvider,
-  account: TAccountWithSamlAuthnInstant
-) => {
-  if (provider !== "saml") {
-    return;
-  }
-
-  if (typeof account.authn_instant !== "string") {
-    logger.warn({ provider }, "SAML account deletion reauthentication callback is missing AuthnInstant");
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-
-  const authnInstantTimestamp = Date.parse(account.authn_instant);
-
-  if (Number.isNaN(authnInstantTimestamp)) {
-    logger.warn({ provider }, "SAML account deletion reauthentication callback has invalid AuthnInstant");
-    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
-  }
-
-  assertFreshAuthTime(Math.floor(authnInstantTimestamp / 1000), { claim: "authn_instant", provider });
-};
-
-const assertFreshSsoAuthentication = (provider: TSsoIdentityProvider, account: Account) => {
-  assertSsoProviderSupportsFreshReauthentication(provider);
-  assertFreshOidcAuthTime(provider, account.id_token);
-  assertFreshSamlAuthnInstant(provider, account);
-};
-
 const getVerifiedAccountDeletionSsoReauthIntent = (intentToken: string) => {
  const intent = verifyAccountDeletionSsoReauthIntent(intentToken);
  const provider = normalizeSsoProvider(intent.provider);
@@ -470,8 +344,6 @@ const getVerifiedAccountDeletionSsoReauthIntent = (intentToken: string) => {
    throw new AuthorizationError(ACCOUNT_DELETION_SSO_REAUTH_REQUIRED_ERROR_CODE);
  }

-  assertSsoProviderSupportsFreshReauthentication(provider);
-
  return {
    intent,
    storedIntent: {
@@ -525,7 +397,6 @@ const validateAccountDeletionSsoReauthenticationCallbackContext = async ({
    expectedProviderAccountId: storedIntent.providerAccountId,
    provider: normalizedProvider,
  });
-  assertFreshSsoAuthentication(normalizedProvider, account);
  await assertStoredAccountDeletionSsoReauthIntentExists(storedIntent);

  return { intent, normalizedProvider, storedIntent };
@@ -550,8 +421,7 @@ export const startAccountDeletionSsoReauthentication = async ({
    userAuthenticationData.identityProvider,
    userAuthenticationData.identityProviderAccountId
  );
-  assertSsoProviderSupportsFreshReauthentication(provider);
-  logger.info({ provider, userId }, "Starting account deletion SSO reauthentication");
+  logger.info({ provider, userId }, "Starting account deletion SSO identity confirmation");

  const intentId = crypto.randomUUID();
  const validatedReturnToUrl = getValidatedCallbackUrl(returnToUrl, WEBAPP_URL) ?? WEBAPP_URL;
@@ -616,7 +486,7 @@ export const completeAccountDeletionSsoReauthentication = async ({
  });
  logger.info(
    { intentId: intent.id, provider: normalizedProvider, userId: intent.userId },
-    "Completed account deletion SSO reauthentication"
+    "Completed account deletion SSO identity confirmation"
  );
 };

@@ -646,7 +516,6 @@ export const consumeAccountDeletionSsoReauthentication = async ({
    identityProvider,
    providerAccountId
  );
-  assertSsoProviderSupportsFreshReauthentication(provider);

  const marker = await consumeCachedJsonValue<TAccountDeletionSsoReauthMarker>(
    getAccountDeletionSsoReauthMarkerKey(userId),
@@ -22,9 +22,9 @@ const oldUser = {
 };

 const loadAccountDeletionModule = async ({
-  dangerouslyDisableSsoReauth = false,
+  dangerouslyDisableSsoConfirmation = false,
 }: {
-  dangerouslyDisableSsoReauth?: boolean;
+  dangerouslyDisableSsoConfirmation?: boolean;
 } = {}) => {
  vi.resetModules();

@@ -35,7 +35,7 @@ const loadAccountDeletionModule = async ({
  }));

  vi.doMock("@/lib/constants", () => ({
-    DISABLE_ACCOUNT_DELETION_SSO_REAUTH: dangerouslyDisableSsoReauth,
+    DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION: dangerouslyDisableSsoConfirmation,
  }));

  vi.doMock("@/lib/organization/service", () => ({
@@ -81,7 +81,7 @@ describe("deleteUserWithAccountDeletionAuthorization", () => {
    mocks.verifyUserPassword.mockResolvedValue(true);
  });

-  test("requires the completed SSO reauthentication marker by default", async () => {
+  test("requires the completed SSO identity confirmation marker by default", async () => {
    const { deleteUserWithAccountDeletionAuthorization } = await loadAccountDeletionModule();

    await expect(
@@ -102,9 +102,9 @@ describe("deleteUserWithAccountDeletionAuthorization", () => {
    expect(mocks.deleteUser).toHaveBeenCalledWith(user.id);
  });

-  test("can dangerously bypass SSO reauthentication for passwordless SSO users", async () => {
+  test("can dangerously bypass SSO identity confirmation for passwordless SSO users", async () => {
    const { deleteUserWithAccountDeletionAuthorization } = await loadAccountDeletionModule({
-      dangerouslyDisableSsoReauth: true,
+      dangerouslyDisableSsoConfirmation: true,
    });

    await expect(
@@ -118,7 +118,7 @@ describe("deleteUserWithAccountDeletionAuthorization", () => {
    expect(mocks.consumeAccountDeletionSsoReauthentication).not.toHaveBeenCalled();
    expect(mocks.loggerWarn).toHaveBeenCalledWith(
      { identityProvider: "google", userId: user.id },
-      "Account deletion SSO reauthentication bypassed by environment configuration"
+      "Account deletion SSO identity confirmation bypassed by environment configuration"
    );
    expect(mocks.deleteUser).toHaveBeenCalledWith(user.id);
  });
@@ -131,7 +131,7 @@ describe("deleteUserWithAccountDeletionAuthorization", () => {
      password: "hashed-password",
    });
    const { deleteUserWithAccountDeletionAuthorization } = await loadAccountDeletionModule({
-      dangerouslyDisableSsoReauth: true,
+      dangerouslyDisableSsoConfirmation: true,
    });

    await expect(
@@ -2,7 +2,7 @@ import "server-only";
 import type { IdentityProvider } from "@prisma/client";
 import { logger } from "@formbricks/logger";
 import { AuthorizationError, InvalidInputError, OperationNotAllowedError } from "@formbricks/types/errors";
-import { DISABLE_ACCOUNT_DELETION_SSO_REAUTH } from "@/lib/constants";
+import { DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION } from "@/lib/constants";
 import { getOrganizationsWhereUserIsSingleOwner } from "@/lib/organization/service";
 import { getUserAuthenticationData, verifyUserPassword } from "@/lib/user/password";
 import { deleteUser, getUser } from "@/lib/user/service";
@@ -29,10 +29,10 @@ const assertConfirmationEmailMatches = (confirmationEmail: string, expectedEmail
  }
 };

-const canBypassSsoReauthentication = (identityProvider: IdentityProvider) =>
-  DISABLE_ACCOUNT_DELETION_SSO_REAUTH && identityProvider !== "email";
+const canBypassSsoIdentityConfirmation = (identityProvider: IdentityProvider) =>
+  DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION && identityProvider !== "email";

-const assertAccountDeletionSsoReauthentication = async ({
+const assertAccountDeletionSsoIdentityConfirmation = async ({
  identityProvider,
  providerAccountId,
  userId,
@@ -41,10 +41,10 @@ const assertAccountDeletionSsoReauthentication = async ({
  providerAccountId: string | null;
  userId: string;
 }) => {
-  if (canBypassSsoReauthentication(identityProvider)) {
+  if (canBypassSsoIdentityConfirmation(identityProvider)) {
    logger.warn(
      { identityProvider, userId },
-      "Account deletion SSO reauthentication bypassed by environment configuration"
+      "Account deletion SSO identity confirmation bypassed by environment configuration"
    );
    return;
  }
@@ -95,7 +95,7 @@ export const deleteUserWithAccountDeletionAuthorization = async ({
  }

  if (!requiresPasswordConfirmationForAccountDeletion(userAuthenticationData)) {
-    await assertAccountDeletionSsoReauthentication({
+    await assertAccountDeletionSsoIdentityConfirmation({
      identityProvider: userAuthenticationData.identityProvider,
      providerAccountId: userAuthenticationData.identityProviderAccountId,
      userId,
@@ -701,7 +701,7 @@ describe("authOptions", () => {
      expect(mockUpdateUserLastLoginAt).toHaveBeenCalledWith(user.email);
    });

-    test("should complete account deletion SSO reauthentication before finalizing sign-in", async () => {
+    test("should complete account deletion SSO identity confirmation before finalizing sign-in", async () => {
      vi.resetModules();

      const mockHandleSsoCallback = vi.fn().mockResolvedValueOnce(true);
@@ -773,7 +773,7 @@ describe("authOptions", () => {
      expect(mockUpdateUserLastLoginAt).toHaveBeenCalledWith(user.email);
    });

-    test("should redirect account deletion SSO reauthentication failures back to the profile page", async () => {
+    test("should redirect account deletion SSO identity confirmation failures back to the profile page", async () => {
      vi.resetModules();

      const mockHandleSsoCallback = vi.fn();
@@ -783,17 +783,15 @@ describe("authOptions", () => {
      const mockGetAccountDeletionSsoReauthFailureRedirectUrl = vi
        .fn()
        .mockReturnValueOnce(
-          "http://localhost:3000/environments/env-id/settings/profile?accountDeletionError=google_reauth_not_configured"
+          "http://localhost:3000/environments/env-id/settings/profile?accountDeletionError=sso_reauth_failed"
        );
      const mockGetAccountDeletionSsoReauthIntentFromCallbackUrl = vi
        .fn()
        .mockReturnValueOnce("intent-token");
-      const reauthError = new Error(
-        "Google account deletion requires Google Auth Platform Session age claims to be enabled."
-      );
+      const confirmationError = new Error("SSO identity confirmation failed");
      const mockValidateAccountDeletionSsoReauthenticationCallback = vi
        .fn()
-        .mockRejectedValueOnce(reauthError);
+        .mockRejectedValueOnce(confirmationError);

      vi.doMock("@/lib/constants", async (importOriginal) => {
        const actual = await importOriginal<typeof import("@/lib/constants")>();
@@ -842,11 +840,10 @@ describe("authOptions", () => {
      const account = { provider: "google", type: "oauth", providerAccountId: "provider-123" } as any;

      await expect(enterpriseAuthOptions.callbacks?.signIn?.({ user, account } as any)).resolves.toBe(
-        "http://localhost:3000/environments/env-id/settings/profile?accountDeletionError=google_reauth_not_configured"
+        "http://localhost:3000/environments/env-id/settings/profile?accountDeletionError=sso_reauth_failed"
      );

      expect(mockGetAccountDeletionSsoReauthFailureRedirectUrl).toHaveBeenCalledWith({
-        error: reauthError,
        intentToken: "intent-token",
      });
      expect(mockHandleSsoCallback).not.toHaveBeenCalled();
@@ -90,40 +90,6 @@ const handleCredentialsOrTokenSignIn = async ({
  return true;
 };

-const maybeValidateAccountDeletionSsoReauth = async ({
-  account,
-  intentToken,
-}: {
-  account: NonNullable<TSignInAccount>;
-  intentToken: string | null;
-}) => {
-  if (!intentToken) {
-    return;
-  }
-
-  await validateAccountDeletionSsoReauthenticationCallback({
-    account,
-    intentToken,
-  });
-};
-
-const maybeCompleteAccountDeletionSsoReauth = async ({
-  account,
-  intentToken,
-}: {
-  account: NonNullable<TSignInAccount>;
-  intentToken: string | null;
-}) => {
-  if (!intentToken) {
-    return;
-  }
-
-  await completeAccountDeletionSsoReauthentication({
-    account,
-    intentToken,
-  });
-};
-
 const handleEnterpriseSsoSignIn = async ({
  account,
  callbackUrl,
@@ -139,7 +105,12 @@ const handleEnterpriseSsoSignIn = async ({
  userEmail: string;
  userId: string;
 }) => {
-  await maybeValidateAccountDeletionSsoReauth({ account, intentToken });
+  if (intentToken) {
+    await validateAccountDeletionSsoReauthenticationCallback({
+      account,
+      intentToken,
+    });
+  }

  const result = await handleSsoCallback({
    user: user as TUser,
@@ -148,7 +119,12 @@ const handleEnterpriseSsoSignIn = async ({
  });

  if (result === true) {
-    await maybeCompleteAccountDeletionSsoReauth({ account, intentToken });
+    if (intentToken) {
+      await completeAccountDeletionSsoReauthentication({
+        account,
+        intentToken,
+      });
+    }

    await finalizeSuccessfulSignIn({
      userId,
@@ -489,7 +465,6 @@ export const authOptions: NextAuthOptions = {
          });
        } catch (error) {
          const failureRedirectUrl = getAccountDeletionSsoReauthFailureRedirectUrl({
-            error,
            intentToken: accountDeletionSsoReauthIntentToken,
          });

@@ -112,4 +112,12 @@ describe("cube-config", () => {

    await expect(import("./cube-config")).rejects.toThrow("Invalid environment variables");
  });
+
+  test("fails at env validation when CUBEJS_API_SECRET is an empty string", async () => {
+    setTestEnv({
+      CUBEJS_API_SECRET: "",
+    });
+
+    await expect(import("./cube-config")).rejects.toThrow("Invalid environment variables");
+  });
 });
@@ -1,11 +1,8 @@
 import "server-only";
 import jwt from "jsonwebtoken";
 import { randomUUID } from "node:crypto";
-import { ConfigurationError } from "@formbricks/types/errors";
 import { env } from "@/lib/env";

-export const CUBE_CONFIGURATION_ERROR_MESSAGE =
-  "Cube is not configured on this instance. Set CUBEJS_API_URL and CUBEJS_API_SECRET.";
 export const CUBE_API_TOKEN_TTL_SECONDS = 5 * 60;
 export const CUBE_QUERY_SCOPE = "xm:cube:query";
 export const DEFAULT_CUBE_JWT_AUDIENCE = "formbricks-cube";
@@ -39,18 +36,12 @@ export const normalizeCubeApiUrl = (baseUrl: string): string => {
  return `${normalizedBaseUrl}/cubejs-api/v1`;
 };

-export const getCubeApiCredentials = () => {
-  if (!env.CUBEJS_API_URL || !env.CUBEJS_API_SECRET) {
-    throw new ConfigurationError(CUBE_CONFIGURATION_ERROR_MESSAGE);
-  }
-
-  return {
-    apiUrl: normalizeCubeApiUrl(env.CUBEJS_API_URL),
-    apiSecret: env.CUBEJS_API_SECRET,
-    audience: env.CUBEJS_JWT_AUDIENCE ?? DEFAULT_CUBE_JWT_AUDIENCE,
-    issuer: env.CUBEJS_JWT_ISSUER ?? DEFAULT_CUBE_JWT_ISSUER,
-  };
-};
+export const getCubeApiCredentials = () => ({
+  apiUrl: normalizeCubeApiUrl(env.CUBEJS_API_URL),
+  apiSecret: env.CUBEJS_API_SECRET,
+  audience: env.CUBEJS_JWT_AUDIENCE ?? DEFAULT_CUBE_JWT_AUDIENCE,
+  issuer: env.CUBEJS_JWT_ISSUER ?? DEFAULT_CUBE_JWT_ISSUER,
+});

 export const createCubeApiToken = (
  apiSecret: string,
@@ -1,7 +1,5 @@
 import { redirect } from "next/navigation";
-import { logger } from "@formbricks/logger";
 import { responses } from "@/app/lib/api/response";
-import { storeSamlAuthnInstantFromSamlResponse } from "@/modules/ee/auth/saml/lib/authn-instant";
 import jackson from "@/modules/ee/auth/saml/lib/jackson";

 interface SAMLCallbackBody {
@@ -14,7 +12,7 @@ export const POST = async (req: Request) => {
  if (!jacksonInstance) {
    return responses.forbiddenResponse("SAML SSO is not enabled in your Formbricks license");
  }
-  const { connectionController, oauthController } = jacksonInstance;
+  const { oauthController } = jacksonInstance;

  const formData = await req.formData();
  const body = Object.fromEntries(formData.entries());
@@ -30,15 +28,5 @@ export const POST = async (req: Request) => {
    return responses.internalServerErrorResponse("Failed to get redirect URL");
  }

-  try {
-    await storeSamlAuthnInstantFromSamlResponse({
-      connectionController,
-      redirectUrl: redirect_url,
-      samlResponse: SAMLResponse,
-    });
-  } catch (error) {
-    logger.error({ error }, "Failed to persist SAML AuthnInstant");
-  }
-
  return redirect(redirect_url);
 };
@@ -1,7 +1,5 @@
 import type { OAuthTokenReq } from "@boxyhq/saml-jackson";
-import { logger } from "@formbricks/logger";
 import { responses } from "@/app/lib/api/response";
-import { consumeSamlAuthnInstantForCode } from "@/modules/ee/auth/saml/lib/authn-instant";
 import jackson from "@/modules/ee/auth/saml/lib/jackson";

 export const POST = async (req: Request) => {
@@ -15,13 +13,6 @@ export const POST = async (req: Request) => {
  const formData = Object.fromEntries(body.entries());

  const response = await oauthController.token(formData as unknown as OAuthTokenReq);
-  let authnInstant: string | null = null;

-  try {
-    authnInstant = await consumeSamlAuthnInstantForCode(formData.code);
-  } catch (error) {
-    logger.error({ error }, "Failed to consume SAML AuthnInstant");
-  }
-
-  return Response.json(authnInstant ? { ...response, authn_instant: authnInstant } : response);
+  return Response.json(response);
 };
@@ -1,189 +0,0 @@
-import { createHash } from "node:crypto";
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { cache } from "@/lib/cache";
-import {
-  consumeSamlAuthnInstantForCode,
-  getSamlAuthnInstantFromResponse,
-  getSamlAuthnInstantFromXml,
-  storeSamlAuthnInstantFromSamlResponse,
-} from "./authn-instant";
-
-vi.mock("@/lib/cache", () => ({
-  cache: {
-    del: vi.fn(),
-    get: vi.fn(),
-    set: vi.fn(),
-  },
-}));
-
-vi.mock("@boxyhq/saml20", () => ({
-  default: {
-    decryptXml: vi.fn(),
-    parseIssuer: vi.fn(),
-    validateSignature: vi.fn(),
-  },
-}));
-
-vi.mock("@boxyhq/saml-jackson/dist/saml/x509", () => ({
-  getDefaultCertificate: vi.fn(),
-}));
-
-vi.mock("@formbricks/logger", () => ({
-  logger: {
-    error: vi.fn(),
-  },
-}));
-
-const saml20 = await import("@boxyhq/saml20");
-const x509 = await import("@boxyhq/saml-jackson/dist/saml/x509");
-const mockCache = vi.mocked(cache);
-const mockSaml20 = vi.mocked(saml20.default);
-const mockGetDefaultCertificate = vi.mocked(x509.getDefaultCertificate);
-const connectionController = {
-  getConnections: vi.fn(),
-};
-const encodeSamlResponse = (xml: string) => Buffer.from(xml, "utf8").toString("base64");
-const getSamlCodeHash = (code: string) => createHash("sha256").update(code).digest("hex");
-const signedSamlResponse = `
-  <saml:Assertion>
-    <saml:AuthnStatement AuthnInstant="2026-05-04T12:30:00Z" />
-  </saml:Assertion>
-`;
-
-describe("SAML AuthnInstant handoff", () => {
-  beforeEach(() => {
-    vi.resetAllMocks();
-    mockCache.set.mockResolvedValue({ ok: true, data: undefined });
-    mockCache.del.mockResolvedValue({ ok: true, data: undefined });
-    mockGetDefaultCertificate.mockResolvedValue({
-      privateKey: "sp-private-key",
-      publicKey: "sp-public-key",
-    });
-    mockSaml20.parseIssuer.mockReturnValue("https://idp.example.com/metadata");
-    mockSaml20.decryptXml.mockReturnValue({ assertion: signedSamlResponse, decrypted: true });
-    mockSaml20.validateSignature.mockReturnValue(signedSamlResponse);
-    connectionController.getConnections.mockResolvedValue([
-      {
-        idpMetadata: {
-          publicKey: "trusted-public-key",
-        },
-      },
-    ]);
-  });
-
-  test("extracts and normalizes AuthnInstant from signed SAML XML", () => {
-    expect(getSamlAuthnInstantFromXml(signedSamlResponse)).toBe("2026-05-04T12:30:00.000Z");
-  });
-
-  test("extracts AuthnInstant from the signature-validated SAML response", async () => {
-    const samlResponse = `
-      <samlp:Response>
-        <saml:Assertion>
-          <saml:AuthnStatement AuthnInstant="2026-05-04T12:00:00Z" />
-        </saml:Assertion>
-      </samlp:Response>
-    `;
-
-    await expect(
-      getSamlAuthnInstantFromResponse({
-        connectionController: connectionController as any,
-        samlResponse: encodeSamlResponse(samlResponse),
-      })
-    ).resolves.toBe("2026-05-04T12:30:00.000Z");
-    expect(mockSaml20.validateSignature).toHaveBeenCalledWith(samlResponse, "trusted-public-key", null);
-  });
-
-  test("extracts AuthnInstant from encrypted signature-validated SAML responses", async () => {
-    const encryptedSignedResponse = `
-      <samlp:Response>
-        <saml:EncryptedAssertion>encrypted-assertion</saml:EncryptedAssertion>
-      </samlp:Response>
-    `;
-    const decryptedSignedResponse = `
-      <samlp:Response>
-        <saml:Assertion>
-          <saml:AuthnStatement AuthnInstant="2026-05-04T12:45:00Z" />
-        </saml:Assertion>
-      </samlp:Response>
-    `;
-    mockSaml20.validateSignature.mockReturnValue(encryptedSignedResponse);
-    mockSaml20.decryptXml.mockReturnValue({ assertion: decryptedSignedResponse, decrypted: true });
-
-    await expect(
-      getSamlAuthnInstantFromResponse({
-        connectionController: connectionController as any,
-        samlResponse: encodeSamlResponse(encryptedSignedResponse),
-      })
-    ).resolves.toBe("2026-05-04T12:45:00.000Z");
-
-    expect(mockGetDefaultCertificate).toHaveBeenCalled();
-    expect(mockSaml20.decryptXml).toHaveBeenCalledWith(encryptedSignedResponse, {
-      privateKey: "sp-private-key",
-    });
-  });
-
-  test("stores signed AuthnInstant by the one-time OAuth code from the Jackson redirect", async () => {
-    const samlResponse = encodeSamlResponse(`
-      <samlp:Response>
-        <saml:Assertion>
-          <saml:AuthnStatement AuthnInstant="2026-05-04T12:30:00Z" />
-        </saml:Assertion>
-      </samlp:Response>
-    `);
-
-    await storeSamlAuthnInstantFromSamlResponse({
-      connectionController: connectionController as any,
-      redirectUrl: "http://localhost:3000/api/auth/callback/saml?code=oauth-code&state=state",
-      samlResponse,
-    });
-
-    expect(mockCache.set).toHaveBeenCalledWith(
-      expect.any(String),
-      { authnInstant: "2026-05-04T12:30:00.000Z" },
-      5 * 60 * 1000
-    );
-    const cacheKey = mockCache.set.mock.calls[0][0] as string;
-    expect(cacheKey).toContain(getSamlCodeHash("oauth-code"));
-    expect(cacheKey).not.toContain("oauth-code");
-  });
-
-  test("does not store when the signed SAML XML has no AuthnInstant", async () => {
-    mockSaml20.validateSignature.mockReturnValue("<saml:Assertion />");
-
-    await storeSamlAuthnInstantFromSamlResponse({
-      connectionController: connectionController as any,
-      redirectUrl: "http://localhost:3000/api/auth/callback/saml?code=oauth-code&state=state",
-      samlResponse: encodeSamlResponse("<samlp:Response />"),
-    });
-
-    expect(mockCache.set).not.toHaveBeenCalled();
-  });
-
-  test("does not store when the SAML signature cannot be validated with known IdP metadata", async () => {
-    mockSaml20.validateSignature.mockReturnValue(null);
-
-    await storeSamlAuthnInstantFromSamlResponse({
-      connectionController: connectionController as any,
-      redirectUrl: "http://localhost:3000/api/auth/callback/saml?code=oauth-code&state=state",
-      samlResponse: encodeSamlResponse("<samlp:Response />"),
-    });
-
-    expect(mockCache.set).not.toHaveBeenCalled();
-  });
-
-  test("consumes a stored AuthnInstant for the token response", async () => {
-    mockCache.get.mockResolvedValue({
-      ok: true,
-      data: {
-        authnInstant: "2026-05-04T12:30:00.000Z",
-      },
-    });
-
-    await expect(consumeSamlAuthnInstantForCode("oauth-code")).resolves.toBe("2026-05-04T12:30:00.000Z");
-
-    const cacheKey = mockCache.get.mock.calls[0][0] as string;
-    expect(cacheKey).toContain(getSamlCodeHash("oauth-code"));
-    expect(cacheKey).not.toContain("oauth-code");
-    expect(mockCache.del).toHaveBeenCalledWith([cacheKey]);
-  });
-});
@@ -1,185 +0,0 @@
-import "server-only";
-import saml20 from "@boxyhq/saml20";
-import type { IConnectionAPIController, SAMLSSORecord } from "@boxyhq/saml-jackson";
-import { getDefaultCertificate } from "@boxyhq/saml-jackson/dist/saml/x509";
-import { createHash } from "node:crypto";
-import { createCacheKey } from "@formbricks/cache";
-import { logger } from "@formbricks/logger";
-import { cache } from "@/lib/cache";
-
-const SAML_AUTHN_INSTANT_TTL_MS = 5 * 60 * 1000;
-
-type TSamlAuthnInstantCacheValue = {
-  authnInstant: string;
-};
-type TSamlConnection = Awaited<ReturnType<IConnectionAPIController["getConnections"]>>[number];
-
-const authnInstantRegex = /<[\w:-]*AuthnStatement\b[^>]*\bAuthnInstant\s*=\s*["']([^"']+)["']/;
-const encryptedAssertionRegex = /<[\w:-]*EncryptedAssertion\b/;
-
-const getSamlCodeHash = (code: string) => createHash("sha256").update(code).digest("hex");
-
-const getSamlAuthnInstantCacheKey = (code: string) =>
-  createCacheKey.custom("account_deletion", "saml_authn_instant", getSamlCodeHash(code));
-
-const isSamlConnection = (connection: TSamlConnection): connection is SAMLSSORecord =>
-  "idpMetadata" in connection;
-
-const getCodeFromRedirectUrl = (redirectUrl: string) => {
-  try {
-    return new URL(redirectUrl).searchParams.get("code");
-  } catch {
-    return null;
-  }
-};
-
-export const getSamlAuthnInstantFromXml = (samlXml: string): string | null => {
-  // Use .exec() instead of .match()
-  const match = authnInstantRegex.exec(samlXml);
-  const authnInstant = match?.[1];
-
-  if (!authnInstant) {
-    return null;
-  }
-
-  const authnInstantTimestamp = Date.parse(authnInstant);
-
-  if (Number.isNaN(authnInstantTimestamp)) {
-    return null;
-  }
-
-  return new Date(authnInstantTimestamp).toISOString();
-};
-
-const getSignedSamlXml = async ({
-  connectionController,
-  decodedSamlResponse,
-}: {
-  connectionController: IConnectionAPIController;
-  decodedSamlResponse: string;
-}) => {
-  const issuer = saml20.parseIssuer(decodedSamlResponse);
-
-  if (!issuer) {
-    return null;
-  }
-
-  const connections = await connectionController.getConnections({ entityId: issuer });
-
-  for (const connection of connections) {
-    if (!isSamlConnection(connection)) {
-      continue;
-    }
-
-    const { publicKey, thumbprint } = connection.idpMetadata;
-
-    if (!publicKey && !thumbprint) {
-      continue;
-    }
-
-    try {
-      const signedXml = saml20.validateSignature(decodedSamlResponse, publicKey ?? null, thumbprint ?? null);
-
-      if (signedXml) {
-        return signedXml;
-      }
-    } catch {
-      continue;
-    }
-  }
-
-  return null;
-};
-
-const getReadableSignedSamlXml = async (signedSamlXml: string) => {
-  if (!encryptedAssertionRegex.test(signedSamlXml)) {
-    return signedSamlXml;
-  }
-
-  const { privateKey } = await getDefaultCertificate();
-  return saml20.decryptXml(signedSamlXml, { privateKey }).assertion;
-};
-
-export const getSamlAuthnInstantFromResponse = async ({
-  connectionController,
-  samlResponse,
-}: {
-  connectionController: IConnectionAPIController;
-  samlResponse: string;
-}): Promise<string | null> => {
-  const decodedSamlResponse = Buffer.from(samlResponse, "base64").toString("utf8");
-  const signedSamlXml = await getSignedSamlXml({
-    connectionController,
-    decodedSamlResponse,
-  });
-
-  if (!signedSamlXml) {
-    return null;
-  }
-
-  return getSamlAuthnInstantFromXml(await getReadableSignedSamlXml(signedSamlXml));
-};
-
-export const storeSamlAuthnInstantFromSamlResponse = async ({
-  connectionController,
-  redirectUrl,
-  samlResponse,
-}: {
-  connectionController: IConnectionAPIController;
-  redirectUrl: string;
-  samlResponse: string;
-}) => {
-  const code = getCodeFromRedirectUrl(redirectUrl);
-
-  if (!code) {
-    return;
-  }
-
-  const authnInstant = await getSamlAuthnInstantFromResponse({
-    connectionController,
-    samlResponse,
-  }).catch((error: unknown) => {
-    logger.error({ error }, "Failed to extract SAML AuthnInstant");
-    return null;
-  });
-
-  if (!authnInstant) {
-    return;
-  }
-
-  const result = await cache.set(
-    getSamlAuthnInstantCacheKey(code),
-    { authnInstant },
-    SAML_AUTHN_INSTANT_TTL_MS
-  );
-
-  if (!result.ok) {
-    logger.error({ error: result.error }, "Failed to store SAML AuthnInstant");
-  }
-};
-
-export const consumeSamlAuthnInstantForCode = async (code: unknown): Promise<string | null> => {
-  if (typeof code !== "string" || !code) {
-    return null;
-  }
-
-  const cacheKey = getSamlAuthnInstantCacheKey(code);
-  const result = await cache.get<TSamlAuthnInstantCacheValue>(cacheKey);
-
-  if (!result.ok) {
-    logger.error({ error: result.error }, "Failed to read SAML AuthnInstant");
-    return null;
-  }
-
-  if (!result.data) {
-    return null;
-  }
-
-  const deleteResult = await cache.del([cacheKey]);
-
-  if (!deleteResult.ok) {
-    logger.error({ error: deleteResult.error }, "Failed to consume SAML AuthnInstant");
-  }
-
-  return result.data.authnInstant;
-};
@@ -9,6 +9,7 @@ import { Button } from "@/modules/ui/components/button";

 interface RemovedFromOrganizationProps {
  isFormbricksCloud: boolean;
+  isSsoIdentityConfirmationDisabled: boolean;
  requiresPasswordConfirmation: boolean;
  user: TUser;
 }
@@ -16,6 +17,7 @@ interface RemovedFromOrganizationProps {
 export const RemovedFromOrganization = ({
  user,
  isFormbricksCloud,
+  isSsoIdentityConfirmationDisabled,
  requiresPasswordConfirmation,
 }: Readonly<RemovedFromOrganizationProps>) => {
  const { t } = useTranslation();
@@ -35,6 +37,7 @@ export const RemovedFromOrganization = ({
        user={user}
        isFormbricksCloud={isFormbricksCloud}
        organizationsWithSingleOwner={[]}
+        isSsoIdentityConfirmationDisabled={isSsoIdentityConfirmationDisabled}
      />
      <Button
        onClick={() => {
@@ -2,7 +2,7 @@ import { Metadata } from "next";
 import { getServerSession } from "next-auth";
 import { notFound } from "next/navigation";
 import { AuthenticationError } from "@formbricks/types/errors";
-import { IS_FORMBRICKS_CLOUD } from "@/lib/constants";
+import { DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION, IS_FORMBRICKS_CLOUD } from "@/lib/constants";
 import { getHasNoOrganizations } from "@/lib/instance/service";
 import { getOrganizationsByUserId } from "@/lib/organization/service";
 import { getUser } from "@/lib/user/service";
@@ -43,6 +43,7 @@ export const CreateOrganizationPage = async () => {
      <RemovedFromOrganization
        user={user}
        isFormbricksCloud={IS_FORMBRICKS_CLOUD}
+        isSsoIdentityConfirmationDisabled={DISABLE_ACCOUNT_DELETION_SSO_CONFIRMATION}
        requiresPasswordConfirmation={requiresPasswordConfirmationForAccountDeletion(user)}
      />
    );
@@ -2,6 +2,7 @@ import { beforeEach, describe, expect, test, vi } from "vitest";
 import { StorageErrorCode } from "@formbricks/storage";
 import { TResponseData } from "@formbricks/types/responses";
 import { ZAllowedFileExtension } from "@formbricks/types/storage";
+import { TSurveyBlock } from "@formbricks/types/surveys/blocks";
 import { TSurveyQuestion } from "@formbricks/types/surveys/types";
 import {
  isAllowedFileExtension,
@@ -12,6 +13,7 @@ import {
  sanitizeFileName,
  validateFileUploads,
  validateSingleFile,
+  validateSurveyAllowsFileUpload,
 } from "@/modules/storage/utils";

 // Mock the getOriginalFileNameFromUrl function
@@ -351,6 +353,148 @@ describe("storage utils", () => {
    });
  });

+  describe("validateSurveyAllowsFileUpload", () => {
+    test("should allow a matching extension from a modern file upload block element", () => {
+      const blocks = [
+        {
+          id: "block1",
+          name: "Block 1",
+          elements: [
+            {
+              id: "element1",
+              type: "fileUpload" as const,
+              allowedFileExtensions: ["pdf"],
+            },
+          ],
+        },
+      ] as unknown as TSurveyBlock[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report.pdf", blocks })).toEqual({ ok: true });
+    });
+
+    test("should allow a matching extension from a legacy file upload question", () => {
+      const questions = [
+        {
+          id: "question1",
+          type: "fileUpload" as const,
+          allowedFileExtensions: ["png"],
+        },
+      ] as TSurveyQuestion[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "image.png", questions })).toEqual({ ok: true });
+    });
+
+    test("should allow any globally safe extension when a file upload has no survey restriction", () => {
+      const blocks = [
+        {
+          id: "block1",
+          name: "Block 1",
+          elements: [
+            {
+              id: "element1",
+              type: "fileUpload" as const,
+            },
+          ],
+        },
+      ] as unknown as TSurveyBlock[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report.pdf", blocks })).toEqual({ ok: true });
+    });
+
+    test("should reject surveys without file upload blocks or questions", () => {
+      const blocks = [
+        {
+          id: "block1",
+          name: "Block 1",
+          elements: [
+            {
+              id: "element1",
+              type: "openText" as const,
+            },
+          ],
+        },
+      ] as unknown as TSurveyBlock[];
+      const questions = [
+        {
+          id: "question1",
+          type: "openText" as const,
+        },
+      ] as TSurveyQuestion[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report.pdf", blocks, questions })).toEqual({
+        ok: false,
+        reason: "no_file_upload_question",
+      });
+    });
+
+    test("should reject when no file upload entry allows the requested extension", () => {
+      const blocks = [
+        {
+          id: "block1",
+          name: "Block 1",
+          elements: [
+            {
+              id: "element1",
+              type: "fileUpload" as const,
+              allowedFileExtensions: ["jpg"],
+            },
+            {
+              id: "element2",
+              type: "fileUpload" as const,
+              allowedFileExtensions: ["png"],
+            },
+          ],
+        },
+      ] as unknown as TSurveyBlock[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report.pdf", blocks })).toEqual({
+        ok: false,
+        reason: "file_extension_not_allowed",
+      });
+    });
+
+    test("should allow when any file upload entry permits the requested extension", () => {
+      const blocks = [
+        {
+          id: "block1",
+          name: "Block 1",
+          elements: [
+            {
+              id: "element1",
+              type: "fileUpload" as const,
+              allowedFileExtensions: ["jpg"],
+            },
+            {
+              id: "element2",
+              type: "fileUpload" as const,
+              allowedFileExtensions: ["pdf"],
+            },
+          ],
+        },
+      ] as unknown as TSurveyBlock[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report.pdf", blocks })).toEqual({ ok: true });
+    });
+
+    test("should reject files without a globally safe extension even when the survey has an unrestricted upload", () => {
+      const questions = [
+        {
+          id: "question1",
+          type: "fileUpload" as const,
+        },
+      ] as TSurveyQuestion[];
+
+      expect(validateSurveyAllowsFileUpload({ fileName: "report", questions })).toEqual({
+        ok: false,
+        reason: "file_extension_not_allowed",
+      });
+      expect(validateSurveyAllowsFileUpload({ fileName: "malware.exe", questions })).toEqual({
+        ok: false,
+        reason: "file_extension_not_allowed",
+      });
+    });
+  });
+
  describe("isValidImageFile", () => {
    test("should return true for valid image file extensions", () => {
      expect(isValidImageFile("https://example.com/image.jpg")).toBe(true);
@@ -2,6 +2,8 @@ import "server-only";
 import { type StorageError, StorageErrorCode } from "@formbricks/storage";
 import { TResponseData } from "@formbricks/types/responses";
 import { TAllowedFileExtension, ZAllowedFileExtension } from "@formbricks/types/storage";
+import { TSurveyBlock } from "@formbricks/types/surveys/blocks";
+import { TSurveyElementTypeEnum, TSurveyFileUploadElement } from "@formbricks/types/surveys/elements";
 import { TSurveyQuestion, TSurveyQuestionTypeEnum } from "@formbricks/types/surveys/types";
 import { responses } from "@/app/lib/api/response";
 import { WEBAPP_URL } from "@/lib/constants";
@@ -57,15 +59,27 @@ export const sanitizeFileName = (rawFileName: string): string => {
  return result;
 };

+/**
+ * Extracts the lowercase file extension from a file name
+ * @param fileName The name of the file
+ * @returns {string | null} The lowercase extension, or null when no extension exists
+ */
+const extractFileExtension = (fileName: string): string | null => {
+  const extension = fileName.split(".").pop()?.toLowerCase();
+
+  if (!extension || extension === fileName.toLowerCase()) return null;
+
+  return extension;
+};
+
 /**
 * Validates if the file extension is allowed
 * @param fileName The name of the file to validate
 * @returns {boolean} True if the file extension is allowed, false otherwise
 */
 export const isAllowedFileExtension = (fileName: string): boolean => {
-  // Extract the file extension
-  const extension = fileName.split(".").pop()?.toLowerCase();
-  if (!extension || extension === fileName.toLowerCase()) return false;
+  const extension = extractFileExtension(fileName);
+  if (!extension) return false;

  // Check if the extension is in the allowed list
  return Object.values(ZAllowedFileExtension.enum).includes(extension as TAllowedFileExtension);
@@ -77,7 +91,7 @@ export const validateSingleFile = (
 ): boolean => {
  const fileName = getOriginalFileNameFromUrl(fileUrl);
  if (!fileName) return false;
-  const extension = fileName.split(".").pop()?.toLowerCase();
+  const extension = extractFileExtension(fileName);
  if (!extension) return false;
  return !allowedFileExtensions || allowedFileExtensions.includes(extension as TAllowedFileExtension);
 };
@@ -100,6 +114,70 @@ export const validateFileUploads = (data?: TResponseData, questions?: TSurveyQue
  return true;
 };

+export type TSurveyFileUploadPermissionResult =
+  | {
+      ok: true;
+    }
+  | {
+      ok: false;
+      reason: "no_file_upload_question" | "file_extension_not_allowed";
+    };
+
+const getAllowedFileExtensionFromFileName = (fileName: string): TAllowedFileExtension | null => {
+  const extension = extractFileExtension(fileName);
+  if (!extension) return null;
+
+  const extensionValidation = ZAllowedFileExtension.safeParse(extension);
+
+  return extensionValidation.success ? extensionValidation.data : null;
+};
+
+export const validateSurveyAllowsFileUpload = ({
+  fileName,
+  blocks,
+  questions,
+}: {
+  fileName: string;
+  blocks?: TSurveyBlock[] | null;
+  questions?: TSurveyQuestion[] | null;
+}): TSurveyFileUploadPermissionResult => {
+  const fileUploadConfigs = [
+    ...(blocks ?? [])
+      .flatMap((block) => block.elements)
+      .filter((element) => element.type === TSurveyElementTypeEnum.FileUpload),
+    ...(questions ?? []).filter((question) => question.type === TSurveyQuestionTypeEnum.FileUpload),
+  ] as TSurveyFileUploadElement[];
+
+  if (fileUploadConfigs.length === 0) {
+    return {
+      ok: false,
+      reason: "no_file_upload_question",
+    };
+  }
+
+  const fileExtension = getAllowedFileExtensionFromFileName(fileName);
+
+  if (!fileExtension) {
+    return {
+      ok: false,
+      reason: "file_extension_not_allowed",
+    };
+  }
+
+  const isFileExtensionAllowed = fileUploadConfigs.some((fileUploadConfig) => {
+    const { allowedFileExtensions } = fileUploadConfig;
+
+    return allowedFileExtensions === undefined || allowedFileExtensions.includes(fileExtension);
+  });
+
+  return isFileExtensionAllowed
+    ? { ok: true }
+    : {
+        ok: false,
+        reason: "file_extension_not_allowed",
+      };
+};
+
 export const isValidImageFile = (fileUrl: string): boolean => {
  const fileName = getOriginalFileNameFromUrl(fileUrl);
  if (!fileName || fileName.endsWith(".")) return false;
@@ -3,6 +3,7 @@
 import { Workspace } from "@prisma/client";
 import { useSearchParams } from "next/navigation";
 import { useCallback, useEffect, useMemo, useState } from "react";
+import { useTranslation } from "react-i18next";
 import { TResponseData } from "@formbricks/types/responses";
 import { TSurvey, TSurveyStyling } from "@formbricks/types/surveys/types";
 import { TWorkspaceStyling } from "@formbricks/types/workspace";
@@ -13,7 +14,7 @@ import { LinkSurveyWrapper } from "@/modules/survey/link/components/link-survey-
 import { OfflineAlert } from "@/modules/survey/link/components/offline-alert";
 import { getPrefillValue } from "@/modules/survey/link/lib/prefill";
 import { getUserIdFromSearchParams } from "@/modules/survey/link/lib/user-id";
-import { isRTLLanguage } from "@/modules/survey/link/lib/utils";
+import { getWebAppLocale, isRTLLanguage } from "@/modules/survey/link/lib/utils";
 import { SurveyInline } from "@/modules/ui/components/survey";

 interface SurveyClientWrapperProps {
@@ -63,6 +64,17 @@ export const SurveyClientWrapper = ({
  IS_FORMBRICKS_CLOUD,
 }: SurveyClientWrapperProps) => {
  const searchParams = useSearchParams();
+  const { i18n } = useTranslation();
+
+  useEffect(() => {
+    const webAppLocale = getWebAppLocale(languageCode, survey);
+    if (i18n.language !== webAppLocale) {
+      i18n.changeLanguage(webAppLocale).catch(() => {
+        i18n.changeLanguage("en-US");
+      });
+    }
+  }, [languageCode, survey, i18n]);
+
  const skipPrefilled = searchParams.get("skipPrefilled") === "true";
  const offlineSupport = searchParams.get("offlineSupport") === "true";
  const userId = canReadUserIdFromUrl ? getUserIdFromSearchParams(searchParams) : undefined;
@@ -1,118 +0,0 @@
-import { revalidatePath } from "next/cache";
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { OperationNotAllowedError } from "@formbricks/types/errors";
-import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
-import { getOrganizationIdFromSurveyId, getWorkspaceIdFromSurveyId } from "@/lib/utils/helper";
-import { updateSurvey } from "@/modules/survey/editor/lib/survey";
-import { getSurvey } from "@/modules/survey/lib/survey";
-import { updateSurveyStatusAction } from "./actions";
-
-vi.mock("next/cache", () => ({
-  revalidatePath: vi.fn(),
-}));
-
-vi.mock("@/lib/utils/action-client", () => ({
-  authenticatedActionClient: {
-    inputSchema: vi.fn(() => ({
-      action: vi.fn((fn) => fn),
-    })),
-  },
-}));
-
-vi.mock("@/lib/utils/action-client/action-client-middleware", () => ({
-  checkAuthorizationUpdated: vi.fn(),
-}));
-
-vi.mock("@/lib/utils/helper", () => ({
-  getOrganizationIdFromSurveyId: vi.fn(),
-  getOrganizationIdFromWorkspaceId: vi.fn(),
-  getWorkspaceIdFromSurveyId: vi.fn(),
-}));
-
-vi.mock("@/lib/utils/single-use-surveys", () => ({
-  generateSurveySingleUseLinkParams: vi.fn(),
-  generateSurveySingleUseLinkParamsList: vi.fn(),
-}));
-
-vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
-  withAuditLogging: vi.fn((_eventName, _targetType, fn) => fn),
-}));
-
-vi.mock("@/modules/survey/editor/lib/survey", () => ({
-  updateSurvey: vi.fn(),
-}));
-
-vi.mock("@/modules/survey/lib/survey", () => ({
-  getSurvey: vi.fn(),
-}));
-
-vi.mock("@/modules/survey/list/lib/survey", () => ({
-  copySurveyToOtherWorkspace: vi.fn(),
-}));
-
-const baseSurvey = {
-  id: "survey_1",
-  workspaceId: "workspace_1",
-  status: "inProgress",
-};
-
-const ctx = {
-  user: { id: "user_1" },
-  auditLoggingCtx: {},
-};
-
-describe("updateSurveyStatusAction", () => {
-  beforeEach(() => {
-    vi.clearAllMocks();
-    vi.mocked(getOrganizationIdFromSurveyId).mockResolvedValue("organization_1");
-    vi.mocked(getWorkspaceIdFromSurveyId).mockResolvedValue("workspace_1");
-    vi.mocked(checkAuthorizationUpdated).mockResolvedValue(undefined);
-    vi.mocked(getSurvey).mockResolvedValue(baseSurvey as never);
-    vi.mocked(updateSurvey).mockResolvedValue({ ...baseSurvey, status: "completed" } as never);
-  });
-
-  test("updates a non-draft survey status with read-write access", async () => {
-    const result = await updateSurveyStatusAction({
-      ctx,
-      parsedInput: { surveyId: "survey_1", status: "completed" },
-    } as never);
-
-    expect(checkAuthorizationUpdated).toHaveBeenCalledWith({
-      userId: "user_1",
-      organizationId: "organization_1",
-      access: [
-        {
-          type: "organization",
-          roles: ["owner", "manager"],
-        },
-        {
-          type: "workspaceTeam",
-          workspaceId: "workspace_1",
-          minPermission: "readWrite",
-        },
-      ],
-    });
-    expect(updateSurvey).toHaveBeenCalledWith({ ...baseSurvey, status: "completed" });
-    expect(ctx.auditLoggingCtx).toEqual({
-      organizationId: "organization_1",
-      surveyId: "survey_1",
-      oldObject: baseSurvey,
-      newObject: { ...baseSurvey, status: "completed" },
-    });
-    expect(revalidatePath).toHaveBeenCalledWith("/workspaces/workspace_1/surveys");
-    expect(revalidatePath).toHaveBeenCalledWith("/workspaces/workspace_1/surveys/survey_1");
-    expect(result).toEqual({ ...baseSurvey, status: "completed" });
-  });
-
-  test("rejects draft survey status changes from the list", async () => {
-    vi.mocked(getSurvey).mockResolvedValue({ ...baseSurvey, status: "draft" } as never);
-
-    await expect(
-      updateSurveyStatusAction({
-        ctx: { user: { id: "user_1" }, auditLoggingCtx: {} },
-        parsedInput: { surveyId: "survey_1", status: "completed" },
-      } as never)
-    ).rejects.toThrow(OperationNotAllowedError);
-    expect(updateSurvey).not.toHaveBeenCalled();
-  });
-});
@@ -1,8 +1,6 @@
 "use server";

-import { revalidatePath } from "next/cache";
 import { z } from "zod";
-import { ZId } from "@formbricks/types/common";
 import { OperationNotAllowedError } from "@formbricks/types/errors";
 import { authenticatedActionClient } from "@/lib/utils/action-client";
 import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
@@ -16,8 +14,6 @@ import {
  generateSurveySingleUseLinkParamsList,
 } from "@/lib/utils/single-use-surveys";
 import { withAuditLogging } from "@/modules/ee/audit-logs/lib/handler";
-import { updateSurvey } from "@/modules/survey/editor/lib/survey";
-import { getSurvey } from "@/modules/survey/lib/survey";
 import { copySurveyToOtherWorkspace } from "@/modules/survey/list/lib/survey";

 const ZCopySurveyToOtherWorkspaceAction = z.object({
@@ -85,55 +81,6 @@ export const copySurveyToOtherWorkspaceAction = authenticatedActionClient
    })
  );

-const ZUpdateSurveyStatusAction = z.object({
-  surveyId: ZId,
-  status: z.enum(["inProgress", "paused", "completed"]),
-});
-
-export const updateSurveyStatusAction = authenticatedActionClient
-  .inputSchema(ZUpdateSurveyStatusAction)
-  .action(
-    withAuditLogging("updated", "survey", async ({ ctx, parsedInput }) => {
-      const organizationId = await getOrganizationIdFromSurveyId(parsedInput.surveyId);
-      const workspaceId = await getWorkspaceIdFromSurveyId(parsedInput.surveyId);
-
-      await checkAuthorizationUpdated({
-        userId: ctx.user.id,
-        organizationId,
-        access: [
-          {
-            type: "organization",
-            roles: ["owner", "manager"],
-          },
-          {
-            type: "workspaceTeam",
-            workspaceId,
-            minPermission: "readWrite",
-          },
-        ],
-      });
-
-      const survey = await getSurvey(parsedInput.surveyId);
-
-      if (survey.status === "draft") {
-        throw new OperationNotAllowedError("Draft surveys must be published from the editor.");
-      }
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.surveyId = parsedInput.surveyId;
-      ctx.auditLoggingCtx.oldObject = survey;
-
-      const updatedSurvey = await updateSurvey({ ...survey, status: parsedInput.status });
-
-      ctx.auditLoggingCtx.newObject = updatedSurvey;
-
-      revalidatePath(`/workspaces/${updatedSurvey.workspaceId}/surveys`);
-      revalidatePath(`/workspaces/${updatedSurvey.workspaceId}/surveys/${updatedSurvey.id}`);
-
-      return updatedSurvey;
-    })
-  );
-
 const ZGenerateSingleUseIdAction = z
  .object({
    surveyId: z.cuid2(),
@@ -1,7 +1,7 @@
 "use client";

 import Link from "next/link";
-import { type ComponentProps, useMemo } from "react";
+import { useMemo } from "react";
 import { useTranslation } from "react-i18next";
 import { TUserLocale } from "@formbricks/types/user";
 import { useWorkspace } from "@/app/(app)/workspaces/[workspaceId]/context/workspace-context";
@@ -18,17 +18,9 @@ interface SurveyCardProps {
  publicDomain: string;
  isReadOnly: boolean;
  deleteSurvey: (surveyId: string) => Promise<void>;
-  updateSurveyStatus: ComponentProps<typeof SurveyDropDownMenu>["updateSurveyStatus"];
  locale: TUserLocale;
 }
-export const SurveyCard = ({
-  survey,
-  publicDomain,
-  isReadOnly,
-  deleteSurvey,
-  updateSurveyStatus,
-  locale,
-}: Readonly<SurveyCardProps>) => {
+export const SurveyCard = ({ survey, publicDomain, isReadOnly, deleteSurvey, locale }: SurveyCardProps) => {
  const { t } = useTranslation();
  const { workspace } = useWorkspace();
  const workspaceBasePath = `/workspaces/${workspace?.id}`;
@@ -112,7 +104,6 @@ export const SurveyCard = ({
          disabled={isDraftAndReadOnly}
          isSurveyCreationDeletionDisabled={isSurveyCreationDeletionDisabled}
          deleteSurvey={deleteSurvey}
-          updateSurveyStatus={updateSurveyStatus}
        />
      </div>
    </div>
@@ -9,35 +9,18 @@ import { useTranslation } from "react-i18next";
 import { logger } from "@formbricks/logger";
 import { useWorkspace } from "@/app/(app)/workspaces/[workspaceId]/context/workspace-context";
 import { cn } from "@/lib/cn";
-import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { getV3ApiErrorMessage } from "@/modules/api/lib/v3-client";
 import { EditPublicSurveyAlertDialog } from "@/modules/survey/components/edit-public-survey-alert-dialog";
 import { copySurveyLink } from "@/modules/survey/lib/client-utils";
-import type { TSurveyListItem } from "@/modules/survey/list/types/survey-overview";
+import { TSurveyListItem } from "@/modules/survey/list/types/survey-overview";
 import { DeleteDialog } from "@/modules/ui/components/delete-dialog";
 import {
  DropdownMenu,
  DropdownMenuContent,
  DropdownMenuGroup,
  DropdownMenuItem,
-  DropdownMenuRadioGroup,
-  DropdownMenuRadioItem,
-  DropdownMenuSub,
-  DropdownMenuSubContent,
-  DropdownMenuSubTrigger,
  DropdownMenuTrigger,
 } from "@/modules/ui/components/dropdown-menu";
-import { SurveyStatusIndicator } from "@/modules/ui/components/survey-status-indicator";
-
-type TSurveyStatusUpdate = Exclude<TSurveyListItem["status"], "draft">;
-type TUpdateSurveyStatusResponse = {
-  data?: {
-    status: TSurveyListItem["status"];
-    publishOn: Date | null;
-  };
-  serverError?: string;
-  validationErrors?: unknown;
-};

 interface SurveyDropDownMenuProps {
  survey: TSurveyListItem;
@@ -45,10 +28,6 @@ interface SurveyDropDownMenuProps {
  disabled?: boolean;
  isSurveyCreationDeletionDisabled?: boolean;
  deleteSurvey: (surveyId: string) => Promise<void>;
-  updateSurveyStatus: (variables: {
-    surveyId: string;
-    status: TSurveyStatusUpdate;
-  }) => Promise<TUpdateSurveyStatusResponse>;
 }

 export const SurveyDropDownMenu = ({
@@ -57,8 +36,7 @@ export const SurveyDropDownMenu = ({
  disabled,
  isSurveyCreationDeletionDisabled,
  deleteSurvey,
-  updateSurveyStatus,
-}: Readonly<SurveyDropDownMenuProps>) => {
+}: SurveyDropDownMenuProps) => {
  const { workspace } = useWorkspace();

  const { t } = useTranslation();
@@ -71,26 +49,11 @@ export const SurveyDropDownMenu = ({
  const editHref = `/workspaces/${workspace?.id}/surveys/${survey.id}/edit`;

  const surveyLink = useMemo(() => `${publicDomain}/s/${survey.id}`, [publicDomain, survey.id]);
-  const isScheduled = survey.status === "paused" && survey.publishOn !== null;
  const isSingleUseEnabled = survey.singleUse?.enabled ?? false;
  const canManageSurvey = !isSurveyCreationDeletionDisabled;
-  const canUpdateSurveyStatus = canManageSurvey && survey.status !== "draft";
  const canPreviewOrCopyLink = survey.type === "link" && survey.status !== "draft";
  const hasVisibleActions = canManageSurvey || canPreviewOrCopyLink;

-  const getSurveyStatusLabel = (status: TSurveyListItem["status"], isScheduledStatus = isScheduled) => {
-    switch (status) {
-      case "inProgress":
-        return t("common.in_progress");
-      case "completed":
-        return t("common.completed");
-      case "draft":
-        return t("common.draft");
-      case "paused":
-        return isScheduledStatus ? t("common.scheduled") : t("common.paused");
-    }
-  };
-
  const handleDeleteSurvey = async (surveyId: string) => {
    setLoading(true);

@@ -122,40 +85,6 @@ export const SurveyDropDownMenu = ({
    setIsCautionDialogOpen(true);
  };

-  const handleStatusChange = async (status: TSurveyStatusUpdate) => {
-    if (status === survey.status) {
-      return;
-    }
-
-    setIsDropDownOpen(false);
-    const toastId = toast.loading(t("common.saving"));
-
-    try {
-      const updateSurveyStatusResponse = await updateSurveyStatus({ surveyId: survey.id, status });
-
-      if (updateSurveyStatusResponse?.data) {
-        const { publishOn, status: resultingStatus } = updateSurveyStatusResponse.data;
-        const isResultScheduled = resultingStatus === "paused" && publishOn !== null;
-        const statusToToastMessage: Record<TSurveyStatusUpdate, string> = {
-          inProgress: t("common.survey_live"),
-          paused: isResultScheduled ? t("common.survey_scheduled") : t("common.survey_paused"),
-          completed: t("common.survey_completed"),
-        };
-
-        if (resultingStatus !== "draft") {
-          toast.success(statusToToastMessage[resultingStatus], { id: toastId });
-        } else {
-          toast.success(t("workspace.surveys.edit.changes_saved"), { id: toastId });
-        }
-      } else {
-        toast.error(getFormattedErrorMessage(updateSurveyStatusResponse), { id: toastId });
-      }
-    } catch (error) {
-      logger.error(error);
-      toast.error(t("common.something_went_wrong_please_try_again"), { id: toastId });
-    }
-  };
-
  if (!hasVisibleActions) {
    return null;
  }
@@ -191,39 +120,6 @@ export const SurveyDropDownMenu = ({
                </Link>
              </DropdownMenuItem>
            )}
-            {canUpdateSurveyStatus && (
-              <DropdownMenuSub>
-                <DropdownMenuSubTrigger>
-                  <div className="flex min-w-36 flex-1 items-center gap-2">
-                    <SurveyStatusIndicator status={survey.status} isScheduled={isScheduled} />
-                    <span>{t("common.status")}</span>
-                    <span className="ml-auto pl-4 text-xs font-normal text-slate-500">
-                      {getSurveyStatusLabel(survey.status)}
-                    </span>
-                  </div>
-                </DropdownMenuSubTrigger>
-                <DropdownMenuSubContent>
-                  <DropdownMenuRadioGroup
-                    value={survey.status}
-                    onValueChange={(value) => {
-                      void handleStatusChange(value as TSurveyStatusUpdate);
-                    }}>
-                    <DropdownMenuRadioItem value="inProgress">
-                      <SurveyStatusIndicator status="inProgress" />
-                      {getSurveyStatusLabel("inProgress", false)}
-                    </DropdownMenuRadioItem>
-                    <DropdownMenuRadioItem value="paused">
-                      <SurveyStatusIndicator status="paused" isScheduled={isScheduled} />
-                      {getSurveyStatusLabel("paused")}
-                    </DropdownMenuRadioItem>
-                    <DropdownMenuRadioItem value="completed">
-                      <SurveyStatusIndicator status="completed" />
-                      {getSurveyStatusLabel("completed", false)}
-                    </DropdownMenuRadioItem>
-                  </DropdownMenuRadioGroup>
-                </DropdownMenuSubContent>
-              </DropdownMenuSub>
-            )}
            {canPreviewOrCopyLink && (
              <DropdownMenuItem>
                <button
@@ -11,7 +11,6 @@ import { FORMBRICKS_SURVEYS_FILTERS_KEY_LS } from "@/lib/localStorage";
 import { getV3ApiErrorMessage } from "@/modules/api/lib/v3-client";
 import { useDeleteSurvey } from "@/modules/survey/list/hooks/use-delete-survey";
 import { useSurveys } from "@/modules/survey/list/hooks/use-surveys";
-import { useUpdateSurveyStatus } from "@/modules/survey/list/hooks/use-update-survey-status";
 import { initialFilters } from "@/modules/survey/list/lib/constants";
 import {
  hasActiveSurveyFilters,
@@ -45,7 +44,7 @@ export const SurveysList = ({
  surveysPerPage,
  currentWorkspaceChannel,
  locale,
-}: Readonly<SurveysListProps>) => {
+}: SurveysListProps) => {
  const { t } = useTranslation();
  const [surveyFilters, setSurveyFilters] = useState<TSurveyOverviewFilters>(initialFilters);
  const [isFilterInitialized, setIsFilterInitialized] = useState(false);
@@ -104,7 +103,6 @@ export const SurveysList = ({
  });

  const deleteSurveyMutation = useDeleteSurvey({ queryKey });
-  const updateSurveyStatusMutation = useUpdateSurveyStatus({ queryKey });

  const hasAppliedFilters = hasActiveSurveyFilters(normalizedFilters);
  const showInitialLoading = !isFilterInitialized || (isLoading && surveys.length === 0);
@@ -115,10 +113,6 @@ export const SurveysList = ({
    await deleteSurveyMutation.mutateAsync({ surveyId });
  };

-  const handleUpdateSurveyStatus = async (
-    variables: Parameters<typeof updateSurveyStatusMutation.mutateAsync>[0]
-  ) => updateSurveyStatusMutation.mutateAsync(variables);
-
  const createSurveyButton = (
    <Button size="sm" asChild>
      <Link href={`/workspaces/${workspace.id}/surveys/templates`}>
@@ -209,7 +203,6 @@ export const SurveysList = ({
              survey={survey}
              isReadOnly={isReadOnly}
              deleteSurvey={handleDeleteSurvey}
-              updateSurveyStatus={handleUpdateSurveyStatus}
              publicDomain={publicDomain}
              locale={locale}
            />
@@ -99,12 +99,7 @@ describe("useDeleteSurvey", () => {
      0
    );

-    resolveFetch?.(
-      new Response(JSON.stringify({ data: { id: "survey_1" } }), {
-        status: 200,
-        headers: { "Content-Type": "application/json" },
-      })
-    );
+    resolveFetch?.(new Response(null, { status: 204 }));

    await waitFor(() => expect(result.current.isSuccess).toBe(true));
    expect(invalidateQueriesSpy).toHaveBeenCalledWith({ queryKey: surveyKeys.lists() });
@@ -1,142 +0,0 @@
-/**
- * @vitest-environment jsdom
- */
-import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
-import { renderHook, waitFor } from "@testing-library/react";
-import { type ReactNode, createElement } from "react";
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
-import { updateSurveyStatusAction } from "@/modules/survey/list/actions";
-import { surveyKeys } from "@/modules/survey/list/lib/query";
-import type { TSurveyListPage } from "@/modules/survey/list/lib/v3-surveys-client";
-import { useUpdateSurveyStatus } from "./use-update-survey-status";
-
-vi.mock("@/modules/survey/list/actions", () => ({
-  updateSurveyStatusAction: vi.fn(),
-}));
-
-const queryKey = surveyKeys.list({
-  workspaceId: "workspace_1",
-  limit: 20,
-  filters: {
-    name: "",
-    status: [],
-    type: [],
-    sortBy: "relevance",
-  },
-});
-
-const queryData = {
-  pages: [
-    {
-      data: [
-        {
-          id: "survey_1",
-          name: "Survey 1",
-          workspaceId: "workspace_1",
-          type: "link",
-          status: "inProgress",
-          publishOn: null,
-          createdAt: new Date("2026-04-15T10:00:00.000Z"),
-          updatedAt: new Date("2026-04-15T10:00:00.000Z"),
-          responseCount: 0,
-          creator: { name: "Alice" },
-          singleUse: null,
-        },
-      ],
-      meta: {
-        limit: 20,
-        nextCursor: null,
-        totalCount: 1,
-      },
-    },
-  ],
-  pageParams: [null],
-} satisfies { pages: TSurveyListPage[]; pageParams: (string | null)[] };
-
-const createWrapper = (queryClient: QueryClient) => {
-  const Wrapper = ({ children }: Readonly<{ children: ReactNode }>) =>
-    createElement(QueryClientProvider, { client: queryClient }, children);
-  Wrapper.displayName = "UseUpdateSurveyStatusTestWrapper";
-  return Wrapper;
-};
-
-const createQueryClient = () =>
-  new QueryClient({
-    defaultOptions: {
-      mutations: { retry: false },
-      queries: { retry: false },
-    },
-  });
-
-describe("useUpdateSurveyStatus", () => {
-  beforeEach(() => {
-    (globalThis as typeof globalThis & { IS_REACT_ACT_ENVIRONMENT?: boolean }).IS_REACT_ACT_ENVIRONMENT =
-      true;
-  });
-
-  afterEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("updates cached list data from the status action result", async () => {
-    const updatedAt = new Date("2026-04-16T10:00:00.000Z");
-    vi.mocked(updateSurveyStatusAction).mockResolvedValue({
-      data: {
-        id: "survey_1",
-        status: "completed",
-        publishOn: null,
-        updatedAt,
-      },
-    });
-
-    const queryClient = createQueryClient();
-    queryClient.setQueryData(queryKey, queryData);
-
-    const { result } = renderHook(() => useUpdateSurveyStatus({ queryKey }), {
-      wrapper: createWrapper(queryClient),
-    });
-
-    result.current.mutate({ surveyId: "survey_1", status: "completed" });
-
-    await waitFor(() => expect(result.current.isSuccess).toBe(true));
-    expect(queryClient.getQueryData<{ pages: TSurveyListPage[] }>(queryKey)?.pages[0]?.data[0]).toEqual(
-      expect.objectContaining({
-        status: "completed",
-        publishOn: null,
-        updatedAt,
-      })
-    );
-  });
-
-  test("rolls cached list data back when the action throws", async () => {
-    vi.mocked(updateSurveyStatusAction).mockRejectedValue(new Error("Unable to update"));
-
-    const queryClient = createQueryClient();
-    queryClient.setQueryData(queryKey, queryData);
-
-    const { result } = renderHook(() => useUpdateSurveyStatus({ queryKey }), {
-      wrapper: createWrapper(queryClient),
-    });
-
-    result.current.mutate({ surveyId: "survey_1", status: "completed" });
-
-    await waitFor(() => expect(result.current.isError).toBe(true));
-    expect(queryClient.getQueryData(queryKey)).toEqual(queryData);
-  });
-
-  test("rolls cached list data back when the action returns no data", async () => {
-    vi.mocked(updateSurveyStatusAction).mockResolvedValue({ serverError: "Unable to update" });
-
-    const queryClient = createQueryClient();
-    queryClient.setQueryData(queryKey, queryData);
-
-    const { result } = renderHook(() => useUpdateSurveyStatus({ queryKey }), {
-      wrapper: createWrapper(queryClient),
-    });
-
-    result.current.mutate({ surveyId: "survey_1", status: "completed" });
-
-    await waitFor(() => expect(result.current.isSuccess).toBe(true));
-    expect(queryClient.getQueryData(queryKey)).toEqual(queryData);
-  });
-});
@@ -1,67 +0,0 @@
-"use client";
-
-import { InfiniteData, useMutation, useQueryClient } from "@tanstack/react-query";
-import type { TSurveyStatus } from "@formbricks/types/surveys/types";
-import { updateSurveyStatusAction } from "@/modules/survey/list/actions";
-import { surveyKeys, updateSurveyInInfiniteData } from "@/modules/survey/list/lib/query";
-import type { TSurveyListPage } from "@/modules/survey/list/lib/v3-surveys-client";
-
-type TUpdateSurveyStatusInput = {
-  surveyId: string;
-  status: Exclude<TSurveyStatus, "draft">;
-};
-
-export const useUpdateSurveyStatus = ({ queryKey }: { queryKey: ReturnType<typeof surveyKeys.list> }) => {
-  const queryClient = useQueryClient();
-
-  return useMutation({
-    mutationFn: async ({ surveyId, status }: TUpdateSurveyStatusInput) =>
-      updateSurveyStatusAction({ surveyId, status }),
-    onMutate: async ({ surveyId, status }) => {
-      await queryClient.cancelQueries({ queryKey });
-
-      const previousData = queryClient.getQueryData<InfiniteData<TSurveyListPage>>(queryKey);
-
-      queryClient.setQueryData<InfiniteData<TSurveyListPage> | undefined>(queryKey, (currentData) =>
-        updateSurveyInInfiniteData(currentData, {
-          id: surveyId,
-          status,
-          updatedAt: new Date(),
-          ...(status === "paused" ? {} : { publishOn: null }),
-        })
-      );
-
-      return {
-        previousData,
-      };
-    },
-    onError: (_error, _variables, context) => {
-      if (context?.previousData) {
-        queryClient.setQueryData(queryKey, context.previousData);
-      }
-    },
-    onSuccess: (response, _variables, context) => {
-      if (!response?.data) {
-        if (context?.previousData) {
-          queryClient.setQueryData(queryKey, context.previousData);
-        }
-
-        return;
-      }
-
-      const { id, publishOn, status, updatedAt } = response.data;
-
-      queryClient.setQueryData<InfiniteData<TSurveyListPage> | undefined>(queryKey, (currentData) =>
-        updateSurveyInInfiniteData(currentData, {
-          id,
-          publishOn,
-          status,
-          updatedAt,
-        })
-      );
-    },
-    onSettled: async () => {
-      await queryClient.invalidateQueries({ queryKey: surveyKeys.lists() });
-    },
-  });
-};
@@ -1,7 +1,7 @@
 import type { InfiniteData } from "@tanstack/react-query";
 import { describe, expect, test } from "vitest";
-import { flattenSurveyPages, removeSurveyFromInfiniteData, updateSurveyInInfiniteData } from "./query";
-import type { TSurveyListPage } from "./v3-surveys-client";
+import { flattenSurveyPages, removeSurveyFromInfiniteData } from "./query";
+import { TSurveyListPage } from "./v3-surveys-client";

 const surveyA = {
  id: "survey_a",
@@ -9,7 +9,6 @@ const surveyA = {
  workspaceId: "env_1",
  type: "link" as const,
  status: "draft" as const,
-  publishOn: null,
  createdAt: new Date("2026-04-15T10:00:00.000Z"),
  updatedAt: new Date("2026-04-15T10:00:00.000Z"),
  responseCount: 0,
@@ -51,30 +50,6 @@ describe("flattenSurveyPages", () => {
  });
 });

-describe("updateSurveyInInfiniteData", () => {
-  test("updates the matching survey across cached pages", () => {
-    const updatedAt = new Date("2026-04-16T10:00:00.000Z");
-    const nextData = updateSurveyInInfiniteData(baseData, {
-      id: "survey_b",
-      status: "completed",
-      publishOn: null,
-      updatedAt,
-    });
-
-    expect(nextData?.pages[0]?.data).toEqual([surveyA]);
-    expect(nextData?.pages[1]?.data[0]).toEqual({
-      ...surveyB,
-      status: "completed",
-      publishOn: null,
-      updatedAt,
-    });
-  });
-
-  test("returns the original cache when the survey is not present", () => {
-    expect(updateSurveyInInfiniteData(baseData, { id: "missing_survey", status: "paused" })).toBe(baseData);
-  });
-});
-
 describe("removeSurveyFromInfiniteData", () => {
  test("removes the survey from cached pages and decrements each page total", () => {
    const nextData = removeSurveyFromInfiniteData(baseData, "survey_a");
@@ -1,6 +1,6 @@
 import type { InfiniteData } from "@tanstack/react-query";
-import type { TSurveyListItem, TSurveyOverviewFilters } from "@/modules/survey/list/types/survey-overview";
-import type { TSurveyListPage } from "./v3-surveys-client";
+import { TSurveyListItem, TSurveyOverviewFilters } from "@/modules/survey/list/types/survey-overview";
+import { TSurveyListPage } from "./v3-surveys-client";

 type TSurveyListKeyInput = {
  workspaceId: string;
@@ -55,38 +55,3 @@ export function removeSurveyFromInfiniteData(
    })),
  };
 }
-
-export function updateSurveyInInfiniteData(
-  data: InfiniteData<TSurveyListPage> | undefined,
-  updatedSurvey: Pick<TSurveyListItem, "id"> & Partial<TSurveyListItem>
-): InfiniteData<TSurveyListPage> | undefined {
-  if (!data) {
-    return data;
-  }
-
-  let surveyWasUpdated = false;
-
-  const pages = data.pages.map((page) => ({
-    ...page,
-    data: page.data.map((survey) => {
-      if (survey.id !== updatedSurvey.id) {
-        return survey;
-      }
-
-      surveyWasUpdated = true;
-      return {
-        ...survey,
-        ...updatedSurvey,
-      };
-    }),
-  }));
-
-  if (!surveyWasUpdated) {
-    return data;
-  }
-
-  return {
-    ...data,
-    pages,
-  };
-}
@@ -1,5 +1,10 @@
-import { describe, expect, test } from "vitest";
-import { buildSurveyListSearchParams } from "./v3-surveys-client";
+import { afterEach, describe, expect, test, vi } from "vitest";
+import type { V3ApiError } from "@/modules/api/lib/v3-client";
+import { buildSurveyListSearchParams, deleteSurvey } from "./v3-surveys-client";
+
+afterEach(() => {
+  vi.unstubAllGlobals();
+});

 describe("buildSurveyListSearchParams", () => {
  test("emits only supported v3 params using normalized filter values", () => {
@@ -39,3 +44,39 @@ describe("buildSurveyListSearchParams", () => {
    );
  });
 });
+
+describe("deleteSurvey", () => {
+  test("treats 204 No Content as a successful delete", async () => {
+    const fetchMock = vi.fn().mockResolvedValue(new Response(null, { status: 204 }));
+    vi.stubGlobal("fetch", fetchMock);
+
+    await expect(deleteSurvey("survey_1")).resolves.toBeUndefined();
+
+    expect(fetchMock).toHaveBeenCalledWith("/api/v3/surveys/survey_1", {
+      method: "DELETE",
+      cache: "no-store",
+    });
+  });
+
+  test("maps v3 problem responses to V3ApiError", async () => {
+    vi.stubGlobal(
+      "fetch",
+      vi.fn().mockResolvedValue(
+        Response.json(
+          {
+            status: 403,
+            detail: "You are not authorized to access this resource",
+            code: "forbidden",
+          },
+          { status: 403 }
+        )
+      )
+    );
+
+    await expect(deleteSurvey("survey_1")).rejects.toMatchObject<V3ApiError>({
+      status: 403,
+      detail: "You are not authorized to access this resource",
+      code: "forbidden",
+    });
+  });
+});
@@ -13,12 +13,6 @@ type TV3SurveyListResponse = {
  meta: TSurveyListPage["meta"];
 };

-type TV3DeleteSurveyResponse = {
-  data: {
-    id: string;
-  };
-};
-
 export type TSurveyListPage = {
  data: TSurveyListItem[];
  meta: {
@@ -122,7 +116,7 @@ export async function listSurveys({
  };
 }

-export async function deleteSurvey(surveyId: string): Promise<{ id: string }> {
+export async function deleteSurvey(surveyId: string): Promise<void> {
  const response = await fetch(`/api/v3/surveys/${surveyId}`, {
    method: "DELETE",
    cache: "no-store",
@@ -131,7 +125,4 @@ export async function deleteSurvey(surveyId: string): Promise<{ id: string }> {
  if (!response.ok) {
    throw await parseV3ApiError(response);
  }
-
-  const body = (await response.json()) as TV3DeleteSurveyResponse;
-  return body.data;
 }
@@ -118,6 +118,26 @@ describe("workspace lib", () => {
      expectNoFrdSideEffects();
    });

+    test("seeds the default contact attribute keys when creating a workspace", async () => {
+      const createdWorkspace = { ...baseWorkspace, id: "p-defaults" };
+      vi.mocked(prisma.workspace.create).mockResolvedValueOnce(createdWorkspace as any);
+
+      await createWorkspace("org1", { name: "Workspace defaults" });
+
+      const createArgs = vi.mocked(prisma.workspace.create).mock.calls[0][0];
+      const attributeCreate = (createArgs.data as any).contactAttributeKeys.create as Array<{
+        key: string;
+        type: string;
+        isUnique?: boolean;
+      }>;
+      expect(attributeCreate.map((a) => a.key).sort()).toEqual(
+        ["email", "firstName", "language", "lastName", "userId"].sort()
+      );
+      expect(attributeCreate.every((a) => a.type === "default")).toBe(true);
+      const uniqueKeys = attributeCreate.filter((a) => a.isUnique).map((a) => a.key);
+      expect(uniqueKeys.sort()).toEqual(["email", "userId"].sort());
+    });
+
    test("creates workspace without teams and does not auto-link any FRD", async () => {
      const createdWorkspace = { ...baseWorkspace, id: "p3" };
      vi.mocked(prisma.workspace.create).mockResolvedValueOnce(createdWorkspace as any);
@@ -9,6 +9,41 @@ import { TWorkspace, TWorkspaceUpdateInput, ZWorkspaceUpdateInput } from "@formb
 import { validateInputs } from "@/lib/utils/validate";
 import { deleteFilesByWorkspaceId } from "@/modules/storage/service";

+const DEFAULT_CONTACT_ATTRIBUTE_KEYS: Prisma.ContactAttributeKeyCreateWithoutWorkspaceInput[] = [
+  {
+    key: "userId",
+    name: "User Id",
+    description: "The user id of a contact",
+    type: "default",
+    isUnique: true,
+  },
+  {
+    key: "email",
+    name: "Email",
+    description: "The email of a contact",
+    type: "default",
+    isUnique: true,
+  },
+  {
+    key: "firstName",
+    name: "First Name",
+    description: "Your contact's first name",
+    type: "default",
+  },
+  {
+    key: "lastName",
+    name: "Last Name",
+    description: "Your contact's last name",
+    type: "default",
+  },
+  {
+    key: "language",
+    name: "Language",
+    description: "The language preference of a contact",
+    type: "default",
+  },
+];
+
 const selectWorkspace = {
  id: true,
  createdAt: true,
@@ -76,6 +111,9 @@ export const createWorkspace = async (
        ...data,
        name: workspaceInput.name,
        organizationId,
+        contactAttributeKeys: {
+          create: DEFAULT_CONTACT_ATTRIBUTE_KEYS,
+        },
      },
      select: selectWorkspace,
    });
@@ -21,7 +21,6 @@
  "dependencies": {
    "@cubejs-client/core": "1.6.6",
    "@boxyhq/saml-jackson": "26.2.0",
-    "@boxyhq/saml20": "1.15.2",
    "@dnd-kit/core": "6.3.1",
    "@dnd-kit/modifiers": "9.0.0",
    "@dnd-kit/sortable": "10.0.0",
@@ -46,14 +46,15 @@ The intended defaults are:
 - self-hosted / single-tenant clusters: bundled controller mode
 - shared clusters with an existing platform controller: external-controller mode

-## Cube.js for XM Suite v5
+## Cube

-XM Suite v5 dashboard and analysis features require Cube.js. Set `cube.enabled=true` to deploy an
-internal Cube service from this chart, or provide an external Cube endpoint.
+Cube is part of the baseline Formbricks v5 stack and is deployed by this chart by default
+(`cube.enabled: true`).

- For chart-managed Cube, set `deployment.env.CUBEJS_API_URL` to `http://formbricks-cube:4000`
+- For the chart-managed Cube, `deployment.env.CUBEJS_API_URL` should point at `http://formbricks-cube:4000`
  when using the default release name.
- For external Cube, set `deployment.env.CUBEJS_API_URL` to your Cube endpoint.
+- For an external Cube, set `cube.enabled: false` and point `deployment.env.CUBEJS_API_URL` at your
+  endpoint.
 - Provide `CUBEJS_API_SECRET` through your existing secret management flow, such as the generated app secret override or `deployment.envFrom`.
 - Provide `CUBEJS_DB_*` connection variables to the Cube deployment through `cube.envFrom` or `cube.env`.
 - Keep `cube.replicas=1` while `cube.env.CUBEJS_CACHE_AND_QUEUE_DRIVER` is `memory`. Configure Cube Store before running multiple Cube replicas.
@@ -96,8 +96,8 @@ deployment:
    #   nameSuffix: app-secrets

  # Environment variables passed to the app container.
-  # XM Suite v5 analytics requires an external Cube endpoint when using Helm:
-  # set deployment.env.CUBEJS_API_URL and provide CUBEJS_API_SECRET through a Secret referenced by envFrom/existingSecret.
+  # Cube is bundled by default (see the `cube` section below). To use an external Cube cluster instead,
+  # set `cube.enabled: false` and provide CUBEJS_API_URL / CUBEJS_API_SECRET here via deployment.env or envFrom.
  env: {}

  # Tolerations for scheduling pods on tainted nodes
@@ -561,8 +561,10 @@ serviceMonitor:
 # Cube.js Analytics Configuration
 ##########################################################
 cube:
-  # Optional internal Cube.js service for XM Suite v5 analytics.
-  enabled: false
+  # Cube semantic-layer service used by Formbricks analytics. Bundled by default.
+  # Set to false only if you want to point the app at an external Cube cluster
+  # via deployment.env.CUBEJS_API_URL (CUBEJS_API_SECRET must still be provided).
+  enabled: true
  replicas: 1

  image:
@@ -900,10 +902,6 @@ hub:
    affinity: {}
    topologySpreadConstraints: []

-  # XM Suite v5 analytics also requires Cube. Use cube.enabled=true to deploy
-  # the internal chart-managed Cube service, or set deployment.env.CUBEJS_API_URL
-  # to an operator-managed Cube endpoint.
-
  # Upgrade migration job runs goose + river before Helm upgrades Hub resources.
  # Fresh installs run the same migrations through the Hub deployment init container.
  migration:
@@ -155,7 +155,6 @@ services:
      <<: *hub-runtime-environment

  cube:
-    profiles: ["xm"]
    image: cubejs/cube:v1.6.6
    env_file:
      - apps/web/.env
@@ -30,13 +30,13 @@ That's it! After running the command and providing the required information, vis

 ## Formbricks Hub and Cube

-The stack includes the [Formbricks Hub](https://github.com/formbricks/hub) API (`ghcr.io/formbricks/hub`) and can also run a bundled Cube.js service for XM Suite v5 analytics. Hub and Cube share the same database as Formbricks by default, and Cube is enabled through the optional Docker Compose `xm` profile.
+The stack includes the [Formbricks Hub](https://github.com/formbricks/hub) API (`ghcr.io/formbricks/hub`) and the bundled Cube service. Hub and Cube share the same database as Formbricks by default and both start as part of the baseline `docker compose up`.

 - **Migrations**: A `hub-migrate` service runs Hub's database migrations (goose + river) before the Hub API starts. It runs on every `docker compose up` and is idempotent.
- **Production** (`docker/docker-compose.yml`): Set `HUB_API_KEY` (required). `HUB_API_URL` defaults to `http://hub:8080` so the Formbricks app can reach Hub inside the compose network. To enable XM Suite v5 analytics, set `COMPOSE_PROFILES=xm` and `CUBEJS_API_SECRET`; `CUBEJS_API_URL` defaults to `http://cube:4000`. Cube JWT issuer/audience default to `formbricks-web` and `formbricks-cube`, and the bundled Cube service exposes only `meta,data` API scopes. Override `HUB_DATABASE_URL` and `CUBEJS_DB_*` only if Hub or Cube should use a separate database. The Hub image tracks `:latest` by default so `formbricks.sh update` advances Hub in lockstep with the app. `hub` and `hub-migrate` always resolve to the same image. To pin to an immutable reference, set `HUB_IMAGE_REF` in `docker/.env` to either a tag (e.g. `:0.3.0`) or a digest (e.g. `@sha256:14db7b3d...`).
- **Development** (`docker-compose.dev.yml`): Hub uses a dedicated local `hub` database and `HUB_API_KEY` defaults to `dev-api-key`. The dev stack starts `hub` plus `hub-worker`; set `EMBEDDING_PROVIDER`, `EMBEDDING_MODEL`, and any provider credentials in the repo root `.env` to enable Hub embeddings locally. See the [Hub embeddings environment reference](https://hub.formbricks.com/reference/environment-variables/#embeddings) for provider-specific values. Cube is behind the `xm` profile, `CUBEJS_API_URL` defaults to `http://localhost:4000`, and `pnpm dev:setup` generates `CUBEJS_API_SECRET` in the repo root `.env`. The Hub image is pinned to a semver tag (`hub`, `hub-worker`, and `hub-migrate` share the same value); override `HUB_IMAGE_TAG` in the repo root `.env` to test a specific Hub release.
+- **Production** (`docker/docker-compose.yml`): Set `HUB_API_KEY` and `CUBEJS_API_SECRET` (both required). `HUB_API_URL` defaults to `http://hub:8080` and `CUBEJS_API_URL` defaults to `http://cube:4000` so the Formbricks app reaches Hub and Cube inside the compose network. Cube JWT issuer/audience default to `formbricks-web` and `formbricks-cube`, and the bundled Cube service exposes only `meta,data` API scopes. Override `HUB_DATABASE_URL` and `CUBEJS_DB_*` only if Hub or Cube should use a separate database. The Hub image tracks `:latest` by default so `formbricks.sh update` advances Hub in lockstep with the app. `hub` and `hub-migrate` always resolve to the same image. To pin to an immutable reference, set `HUB_IMAGE_REF` in `docker/.env` to either a tag (e.g. `:0.3.0`) or a digest (e.g. `@sha256:14db7b3d...`).
+- **Development** (`docker-compose.dev.yml`): Hub uses a dedicated local `hub` database and `HUB_API_KEY` defaults to `dev-api-key`. The dev stack starts `hub` plus `hub-worker`; set `EMBEDDING_PROVIDER`, `EMBEDDING_MODEL`, and any provider credentials in the repo root `.env` to enable Hub embeddings locally. See the [Hub embeddings environment reference](https://hub.formbricks.com/reference/environment-variables/#embeddings) for provider-specific values. Cube starts with the dev stack, `CUBEJS_API_URL` defaults to `http://localhost:4000`, and `pnpm dev:setup` generates `CUBEJS_API_SECRET` in the repo root `.env`. The Hub image is pinned to a semver tag (`hub`, `hub-worker`, and `hub-migrate` share the same value); override `HUB_IMAGE_TAG` in the repo root `.env` to test a specific Hub release.

-In development, Hub is exposed locally on port **8080**. When the `xm` profile is enabled, Cube is exposed on **4000** (with the Cube playground on **4001**). In production Docker Compose, Hub stays internal to the compose network at `http://hub:8080`; Cube also stays internal at `http://cube:4000` when enabled.
+In development, Hub is exposed locally on port **8080** and Cube on **4000** (with the Cube playground on **4001**). In production Docker Compose, both stay internal to the compose network at `http://hub:8080` and `http://cube:4000`.

 The one-click Traefik installer exposes Hub-backed FeedbackRecords on the Formbricks origin at
 `/api/v3/feedbackRecords` and `/v1/feedback-records`. Traefik uses Formbricks gateway auth, rewrites the v3
@@ -38,7 +38,7 @@ x-environment: &environment
    # Hub database URL (optional). Default: same Postgres as Formbricks. Set only if Hub uses a separate DB.
    # HUB_DATABASE_URL:

-    # Cube.js analytics for XM Suite v5. Enable the optional xm profile and set CUBEJS_API_SECRET to run Cube.
+    # Cube semantic-layer API used by Formbricks analytics. Required.
    CUBEJS_API_URL: ${CUBEJS_API_URL:-http://cube:4000}
    CUBEJS_API_SECRET: ${CUBEJS_API_SECRET:-}
    CUBEJS_JWT_ISSUER: ${CUBEJS_JWT_ISSUER:-formbricks-web}
@@ -257,6 +257,8 @@ services:
        condition: service_healthy
      redis:
        condition: service_healthy
+      cube:
+        condition: service_healthy
    ports:
      - 3000:3000
    volumes:
@@ -294,9 +296,8 @@ services:
      API_KEY: ${HUB_API_KEY:?HUB_API_KEY is required to run Hub}
      DATABASE_URL: ${HUB_DATABASE_URL:-postgresql://postgres:postgres@postgres:5432/formbricks?sslmode=disable}

-  # Optional Cube.js analytics service for XM Suite v5. Enable with COMPOSE_PROFILES=xm and set CUBEJS_API_SECRET.
+  # Cube semantic-layer API used by Formbricks analytics dashboards.
  cube:
-    profiles: ["xm"]
    restart: always
    image: cubejs/cube:v1.6.6
    depends_on:
@@ -319,6 +320,12 @@ services:
    volumes:
      - ./cube/cube.js:/cube/conf/cube.js:ro
      - ./cube/schema:/cube/conf/model:ro
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:4000/readyz"]
+      interval: 10s
+      timeout: 5s
+      retries: 12
+      start_period: 30s

 volumes:
  postgres:
@@ -527,7 +527,6 @@ EOT
  hub_api_key=$(openssl rand -hex 32)
  cubejs_api_secret=$(openssl rand -hex 32)
 cat <<EOF > .env
-COMPOSE_PROFILES=xm
 HUB_API_KEY=$hub_api_key
 CUBEJS_API_SECRET=$cubejs_api_secret
 CUBEJS_JWT_ISSUER=formbricks-web
--- a/Show More
+++ b/Show More