chore: remove test code

refactor(config): update mongoose imports to resolve path dynamically
refactor(config): update user-related imports to utilize mongoose models
2025-05-30 15:05:18 -04:00 · 2025-05-30 15:01:27 -04:00 · 2025-05-30 14:54:32 -04:00 · 2025-05-30 14:47:32 -04:00 · 2025-05-30 14:45:09 -04:00 · 2025-05-30 14:43:38 -04:00
457 changed files with 22791 additions and 5803 deletions
--- a/.env.example
+++ b/.env.example
@@ -20,8 +20,8 @@ DOMAIN_CLIENT=http://localhost:3080
 DOMAIN_SERVER=http://localhost:3080

 NO_INDEX=true
-# Use the address that is at most n number of hops away from the Express application. 
-# req.socket.remoteAddress is the first hop, and the rest are looked for in the X-Forwarded-For header from right to left. 
+# Use the address that is at most n number of hops away from the Express application.
+# req.socket.remoteAddress is the first hop, and the rest are looked for in the X-Forwarded-For header from right to left.
 # A value of 0 means that the first untrusted address would be req.socket.remoteAddress, i.e. there is no reverse proxy.
 # Defaulted to 1.
 TRUST_PROXY=1
@@ -88,7 +88,7 @@ PROXY=
 #============#

 ANTHROPIC_API_KEY=user_provided
-# ANTHROPIC_MODELS=claude-3-7-sonnet-latest,claude-3-7-sonnet-20250219,claude-3-5-haiku-20241022,claude-3-5-sonnet-20241022,claude-3-5-sonnet-latest,claude-3-5-sonnet-20240620,claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307,claude-2.1,claude-2,claude-1.2,claude-1,claude-1-100k,claude-instant-1,claude-instant-1-100k
+# ANTHROPIC_MODELS=claude-opus-4-20250514,claude-sonnet-4-20250514,claude-3-7-sonnet-20250219,claude-3-5-sonnet-20241022,claude-3-5-haiku-20241022,claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307
 # ANTHROPIC_REVERSE_PROXY=

 #============#
@@ -443,6 +443,47 @@ OPENID_IMAGE_URL=
 # Set to true to automatically redirect to the OpenID provider when a user visits the login page
 # This will bypass the login form completely for users, only use this if OpenID is your only authentication method
 OPENID_AUTO_REDIRECT=false
+# Set to true to use PKCE (Proof Key for Code Exchange) for OpenID authentication
+OPENID_USE_PKCE=false
+#Set to true to reuse openid tokens for authentication management instead of using the mongodb session and the custom refresh token.
+OPENID_REUSE_TOKENS=
+#By default, signing key verification results are cached in order to prevent excessive HTTP requests to the JWKS endpoint.
+#If a signing key matching the kid is found, this will be cached and the next time this kid is requested the signing key will be served from the cache.
+#Default is true.
+OPENID_JWKS_URL_CACHE_ENABLED=
+OPENID_JWKS_URL_CACHE_TIME= # 600000 ms eq to 10 minutes leave empty to disable caching
+#Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
+OPENID_ON_BEHALF_FLOW_FOR_USERINFRO_REQUIRED=
+OPENID_ON_BEHALF_FLOW_USERINFRO_SCOPE = "user.read" # example for Scope Needed for Microsoft Graph API
+# Set to true to use the OpenID Connect end session endpoint for logout
+OPENID_USE_END_SESSION_ENDPOINT=
+
+
+# SAML
+# Note: If OpenID is enabled, SAML authentication will be automatically disabled.
+SAML_ENTRY_POINT=
+SAML_ISSUER=
+SAML_CERT=
+SAML_CALLBACK_URL=/oauth/saml/callback
+SAML_SESSION_SECRET=
+
+# Attribute mappings (optional)
+SAML_EMAIL_CLAIM=
+SAML_USERNAME_CLAIM=
+SAML_GIVEN_NAME_CLAIM=
+SAML_FAMILY_NAME_CLAIM=
+SAML_PICTURE_CLAIM=
+SAML_NAME_CLAIM=
+
+# Logint buttion settings (optional)
+SAML_BUTTON_LABEL=
+SAML_IMAGE_URL=
+
+# Whether the SAML Response should be signed.
+# - If "true", the entire `SAML Response` will be signed.
+# - If "false" or unset, only the `SAML Assertion` will be signed (default behavior).
+# SAML_USE_AUTHN_RESPONSE_SIGNED=
+

 # LDAP
 LDAP_URL=
@@ -563,9 +604,9 @@ HELP_AND_FAQ_URL=https://librechat.ai
 #   users always get the latest version. Customize    #
 #   only if you understand caching implications.      #

-# INDEX_HTML_CACHE_CONTROL=no-cache, no-store, must-revalidate
-# INDEX_HTML_PRAGMA=no-cache
-# INDEX_HTML_EXPIRES=0
+# INDEX_CACHE_CONTROL=no-cache, no-store, must-revalidate
+# INDEX_PRAGMA=no-cache
+# INDEX_EXPIRES=0

 # no-cache: Forces validation with server before using cached version
 # no-store: Prevents storing the response entirely
@@ -575,3 +616,33 @@ HELP_AND_FAQ_URL=https://librechat.ai
 #                  OpenWeather                        #
 #=====================================================#
 OPENWEATHER_API_KEY=
+
+#====================================#
+# LibreChat Code Interpreter API     #
+#====================================#
+
+# https://code.librechat.ai
+# LIBRECHAT_CODE_API_KEY=your-key
+
+#======================#
+# Web Search           #
+#======================#
+
+# Note: All of the following variable names can be customized.
+# Omit values to allow user to provide them.
+
+# For more information on configuration values, see:
+# https://librechat.ai/docs/features/web_search
+
+# Search Provider (Required)
+# SERPER_API_KEY=your_serper_api_key
+
+# Scraper (Required)
+# FIRECRAWL_API_KEY=your_firecrawl_api_key
+# Optional: Custom Firecrawl API URL
+# FIRECRAWL_API_URL=your_firecrawl_api_url
+
+# Reranker (Required)
+# JINA_API_KEY=your_jina_api_key
+# or
+# COHERE_API_KEY=your_cohere_api_key
--- a/.github/workflows/helmcharts.yml
+++ b/.github/workflows/helmcharts.yml
@@ -26,8 +26,15 @@ jobs:
        uses: azure/setup-helm@v4
        env:
          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Build Subchart Deps
+        run: |
+          cd helm/librechat-rag-api
+          helm dependency build 

      - name: Run chart-releaser
        uses: helm/chart-releaser-action@v1.6.0
+        with:
+          charts_dir: helm
+          skip_existing: true
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
--- a/.github/workflows/i18n-unused-keys.yml
+++ b/.github/workflows/i18n-unused-keys.yml
@@ -22,7 +22,7 @@ jobs:

          # Define paths
          I18N_FILE="client/src/locales/en/translation.json"
-          SOURCE_DIRS=("client/src" "api")
+          SOURCE_DIRS=("client/src" "api" "packages/data-provider/src")

          # Check if translation file exists
          if [[ ! -f "$I18N_FILE" ]]; then
--- a/.gitignore
+++ b/.gitignore
@@ -52,8 +52,9 @@ bower_components/
 *.d.ts
 !vite-env.d.ts

-# Cline
+# AI
 .clineignore
+.cursor

 # Floobits
 .floo
@@ -113,4 +114,13 @@ uploads/

 # owner
 release/
+
+# Helm
+helm/librechat/Chart.lock
+helm/**/charts/
+helm/**/.values.yaml
+
 !/client/src/@types/i18next.d.ts
+
+# SAML Idp cert
+*.cert
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,23 +5,47 @@ All notable changes to this project will be documented in this file.



+
+
 ## [Unreleased]

 ### ✨ New Features

 - ✨ feat: implement search parameter updates by **@mawburn** in [#7151](https://github.com/danny-avila/LibreChat/pull/7151)
 - 🎏 feat: Add MCP support for Streamable HTTP Transport by **@benverhees** in [#7353](https://github.com/danny-avila/LibreChat/pull/7353)
+- 🔒 feat: Add Content Security Policy using Helmet middleware by **@rubentalstra** in [#7377](https://github.com/danny-avila/LibreChat/pull/7377)
+- ✨ feat: Add Normalization for MCP Server Names by **@danny-avila** in [#7421](https://github.com/danny-avila/LibreChat/pull/7421)
+- 📊 feat: Improve Helm Chart by **@hofq** in [#3638](https://github.com/danny-avila/LibreChat/pull/3638)
+- 🦾 feat: Claude-4 Support by **@danny-avila** in [#7509](https://github.com/danny-avila/LibreChat/pull/7509)
+- 🪨 feat: Bedrock Support for Claude-4 Reasoning by **@danny-avila** in [#7517](https://github.com/danny-avila/LibreChat/pull/7517)
+
+### 🌍 Internationalization
+
+- 🌍 i18n: Add `Danish` and `Czech` and `Catalan` localization support by **@rubentalstra** in [#7373](https://github.com/danny-avila/LibreChat/pull/7373)
+- 🌍 i18n: Update translation.json with latest translations by **@github-actions[bot]** in [#7375](https://github.com/danny-avila/LibreChat/pull/7375)
+- 🌍 i18n: Update translation.json with latest translations by **@github-actions[bot]** in [#7468](https://github.com/danny-avila/LibreChat/pull/7468)

 ### 🔧 Fixes

 - 💬 fix: update aria-label for accessibility in ConvoLink component by **@berry-13** in [#7320](https://github.com/danny-avila/LibreChat/pull/7320)
 - 🔑 fix: use `apiKey` instead of `openAIApiKey` in OpenAI-like Config by **@danny-avila** in [#7337](https://github.com/danny-avila/LibreChat/pull/7337)
 - 🔄 fix: update navigation logic in `useFocusChatEffect` to ensure correct search parameters are used by **@mawburn** in [#7340](https://github.com/danny-avila/LibreChat/pull/7340)
+- 🔄 fix: Improve MCP Connection Cleanup by **@danny-avila** in [#7400](https://github.com/danny-avila/LibreChat/pull/7400)
+- 🛡️ fix: Preset and Validation Logic for URL Query Params by **@danny-avila** in [#7407](https://github.com/danny-avila/LibreChat/pull/7407)
+- 🌘 fix: artifact of preview text is illegible in dark mode by **@nhtruong** in [#7405](https://github.com/danny-avila/LibreChat/pull/7405)
+- 🛡️ fix: Temporarily Remove CSP until Configurable by **@danny-avila** in [#7419](https://github.com/danny-avila/LibreChat/pull/7419)
+- 💽 fix: Exclude index page `/` from static cache settings by **@sbruel** in [#7382](https://github.com/danny-avila/LibreChat/pull/7382)

 ### ⚙️ Other Changes

 - 📜 docs: CHANGELOG for release v0.7.8 by **@github-actions[bot]** in [#7290](https://github.com/danny-avila/LibreChat/pull/7290)
 - 📦 chore: Update API Package Dependencies by **@danny-avila** in [#7359](https://github.com/danny-avila/LibreChat/pull/7359)
+- 📜 docs: Unreleased Changelog by **@github-actions[bot]** in [#7321](https://github.com/danny-avila/LibreChat/pull/7321)
+- 📜 docs: Unreleased Changelog by **@github-actions[bot]** in [#7434](https://github.com/danny-avila/LibreChat/pull/7434)
+- 🛡️ chore: `multer` v2.0.0 for CVE-2025-47935 and CVE-2025-47944 by **@danny-avila** in [#7454](https://github.com/danny-avila/LibreChat/pull/7454)
+- 📂 refactor: Improve `FileAttachment` & File Form Deletion by **@danny-avila** in [#7471](https://github.com/danny-avila/LibreChat/pull/7471)
+- 📊 chore: Remove Old Helm Chart by **@hofq** in [#7512](https://github.com/danny-avila/LibreChat/pull/7512)
+- 🪖 chore: bump helm app version to v0.7.8 by **@austin-barrington** in [#7524](https://github.com/danny-avila/LibreChat/pull/7524)



@@ -67,7 +91,6 @@ Changes from v0.7.8-rc1 to v0.7.8.

 ---
 ## [v0.7.8-rc1] - 
-## [v0.7.8-rc1] - 

 Changes from v0.7.7 to v0.7.8-rc1.

--- a/README.md
+++ b/README.md
@@ -71,6 +71,11 @@
    - [Model Context Protocol (MCP) Support](https://modelcontextprotocol.io/clients#librechat) for Tools
  - Use LibreChat Agents and OpenAI Assistants with Files, Code Interpreter, Tools, and API Actions

+- 🔍 **Web Search**:  
+  - Search the internet and retrieve relevant information to enhance your AI context
+  - Combines search providers, content scrapers, and result rerankers for optimal results
+  - **[Learn More →](https://www.librechat.ai/docs/features/web_search)**
+
 - 🪄 **Generative UI with Code Artifacts**:  
  - [Code Artifacts](https://youtu.be/GfTj7O4gmd0?si=WJbdnemZpJzBrJo3) allow creation of React, HTML, and Mermaid diagrams directly in chat

--- a/api/app/clients/AnthropicClient.js
+++ b/api/app/clients/AnthropicClient.js
@@ -70,13 +70,10 @@ class AnthropicClient extends BaseClient {
    this.message_delta;
    /** Whether the model is part of the Claude 3 Family
     * @type {boolean} */
-    this.isClaude3;
+    this.isClaudeLatest;
    /** Whether to use Messages API or Completions API
     * @type {boolean} */
    this.useMessages;
-    /** Whether or not the model is limited to the legacy amount of output tokens
-     * @type {boolean} */
-    this.isLegacyOutput;
    /** Whether or not the model supports Prompt Caching
     * @type {boolean} */
    this.supportsCacheControl;
@@ -116,21 +113,25 @@ class AnthropicClient extends BaseClient {
    );

    const modelMatch = matchModelName(this.modelOptions.model, EModelEndpoint.anthropic);
-    this.isClaude3 = modelMatch.includes('claude-3');
-    this.isLegacyOutput = !(
-      /claude-3[-.]5-sonnet/.test(modelMatch) || /claude-3[-.]7/.test(modelMatch)
+    this.isClaudeLatest =
+      /claude-[3-9]/.test(modelMatch) || /claude-(?:sonnet|opus|haiku)-[4-9]/.test(modelMatch);
+    const isLegacyOutput = !(
+      /claude-3[-.]5-sonnet/.test(modelMatch) ||
+      /claude-3[-.]7/.test(modelMatch) ||
+      /claude-(?:sonnet|opus|haiku)-[4-9]/.test(modelMatch) ||
+      /claude-[4-9]/.test(modelMatch)
    );
    this.supportsCacheControl = this.options.promptCache && checkPromptCacheSupport(modelMatch);

    if (
-      this.isLegacyOutput &&
+      isLegacyOutput &&
      this.modelOptions.maxOutputTokens &&
      this.modelOptions.maxOutputTokens > legacy.maxOutputTokens.default
    ) {
      this.modelOptions.maxOutputTokens = legacy.maxOutputTokens.default;
    }

-    this.useMessages = this.isClaude3 || !!this.options.attachments;
+    this.useMessages = this.isClaudeLatest || !!this.options.attachments;

    this.defaultVisionModel = this.options.visionModel ?? 'claude-3-sonnet-20240229';
    this.options.attachments?.then((attachments) => this.checkVisionRequest(attachments));
@@ -654,7 +655,10 @@ class AnthropicClient extends BaseClient {
      );
    };

-    if (this.modelOptions.model.includes('claude-3')) {
+    if (
+      /claude-[3-9]/.test(this.modelOptions.model) ||
+      /claude-(?:sonnet|opus|haiku)-[4-9]/.test(this.modelOptions.model)
+    ) {
      await buildMessagesPayload();
      processTokens();
      return {
--- a/api/app/clients/specs/AnthropicClient.test.js
+++ b/api/app/clients/specs/AnthropicClient.test.js
@@ -15,7 +15,7 @@ describe('AnthropicClient', () => {
    {
      role: 'user',
      isCreatedByUser: true,
-      text: 'What\'s up',
+      text: "What's up",
      messageId: '3',
      parentMessageId: '2',
    },
@@ -170,7 +170,7 @@ describe('AnthropicClient', () => {
      client.options.modelLabel = 'Claude-2';
      const result = await client.buildMessages(messages, parentMessageId);
      const { prompt } = result;
-      expect(prompt).toContain('Human\'s name: John');
+      expect(prompt).toContain("Human's name: John");
      expect(prompt).toContain('You are Claude-2');
    });
  });
@@ -244,6 +244,64 @@ describe('AnthropicClient', () => {
      );
    });

+    describe('Claude 4 model headers', () => {
+      it('should add "prompt-caching" beta header for claude-sonnet-4 model', () => {
+        const client = new AnthropicClient('test-api-key');
+        const modelOptions = {
+          model: 'claude-sonnet-4-20250514',
+        };
+        client.setOptions({ modelOptions, promptCache: true });
+        const anthropicClient = client.getClient(modelOptions);
+        expect(anthropicClient._options.defaultHeaders).toBeDefined();
+        expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
+        expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
+          'prompt-caching-2024-07-31',
+        );
+      });
+
+      it('should add "prompt-caching" beta header for claude-opus-4 model', () => {
+        const client = new AnthropicClient('test-api-key');
+        const modelOptions = {
+          model: 'claude-opus-4-20250514',
+        };
+        client.setOptions({ modelOptions, promptCache: true });
+        const anthropicClient = client.getClient(modelOptions);
+        expect(anthropicClient._options.defaultHeaders).toBeDefined();
+        expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
+        expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
+          'prompt-caching-2024-07-31',
+        );
+      });
+
+      it('should add "prompt-caching" beta header for claude-4-sonnet model', () => {
+        const client = new AnthropicClient('test-api-key');
+        const modelOptions = {
+          model: 'claude-4-sonnet-20250514',
+        };
+        client.setOptions({ modelOptions, promptCache: true });
+        const anthropicClient = client.getClient(modelOptions);
+        expect(anthropicClient._options.defaultHeaders).toBeDefined();
+        expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
+        expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
+          'prompt-caching-2024-07-31',
+        );
+      });
+
+      it('should add "prompt-caching" beta header for claude-4-opus model', () => {
+        const client = new AnthropicClient('test-api-key');
+        const modelOptions = {
+          model: 'claude-4-opus-20250514',
+        };
+        client.setOptions({ modelOptions, promptCache: true });
+        const anthropicClient = client.getClient(modelOptions);
+        expect(anthropicClient._options.defaultHeaders).toBeDefined();
+        expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
+        expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
+          'prompt-caching-2024-07-31',
+        );
+      });
+    });
+
    it('should not add beta header for claude-3-5-sonnet-latest model', () => {
      const client = new AnthropicClient('test-api-key');
      const modelOptions = {
@@ -456,6 +514,34 @@ describe('AnthropicClient', () => {
      expect(client.modelOptions.maxOutputTokens).toBe(highTokenValue);
    });

+    it('should not cap maxOutputTokens for Claude 4 Sonnet models', () => {
+      const client = new AnthropicClient('test-api-key');
+      const highTokenValue = anthropicSettings.legacy.maxOutputTokens.default * 10; // 40,960 tokens
+
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-sonnet-4-20250514',
+          maxOutputTokens: highTokenValue,
+        },
+      });
+
+      expect(client.modelOptions.maxOutputTokens).toBe(highTokenValue);
+    });
+
+    it('should not cap maxOutputTokens for Claude 4 Opus models', () => {
+      const client = new AnthropicClient('test-api-key');
+      const highTokenValue = anthropicSettings.legacy.maxOutputTokens.default * 6; // 24,576 tokens (under 32K limit)
+
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-opus-4-20250514',
+          maxOutputTokens: highTokenValue,
+        },
+      });
+
+      expect(client.modelOptions.maxOutputTokens).toBe(highTokenValue);
+    });
+
    it('should cap maxOutputTokens for Claude 3.5 Haiku models', () => {
      const client = new AnthropicClient('test-api-key');
      const highTokenValue = anthropicSettings.legacy.maxOutputTokens.default * 2;
@@ -729,4 +815,223 @@ describe('AnthropicClient', () => {
    expect(capturedOptions).toHaveProperty('topK', 10);
    expect(capturedOptions).toHaveProperty('topP', 0.9);
  });
+
+  describe('isClaudeLatest', () => {
+    it('should set isClaudeLatest to true for claude-3 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-3-sonnet-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(true);
+    });
+
+    it('should set isClaudeLatest to true for claude-3.5 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-3.5-sonnet-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(true);
+    });
+
+    it('should set isClaudeLatest to true for claude-sonnet-4 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-sonnet-4-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(true);
+    });
+
+    it('should set isClaudeLatest to true for claude-opus-4 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-opus-4-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(true);
+    });
+
+    it('should set isClaudeLatest to true for claude-3.5-haiku models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-3.5-haiku-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(true);
+    });
+
+    it('should set isClaudeLatest to false for claude-2 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-2',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(false);
+    });
+
+    it('should set isClaudeLatest to false for claude-instant models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-instant',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(false);
+    });
+
+    it('should set isClaudeLatest to false for claude-sonnet-3 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-sonnet-3-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(false);
+    });
+
+    it('should set isClaudeLatest to false for claude-opus-3 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-opus-3-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(false);
+    });
+
+    it('should set isClaudeLatest to false for claude-haiku-3 models', () => {
+      const client = new AnthropicClient('test-api-key');
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-haiku-3-20240229',
+        },
+      });
+      expect(client.isClaudeLatest).toBe(false);
+    });
+  });
+
+  describe('configureReasoning', () => {
+    it('should enable thinking for claude-opus-4 and claude-sonnet-4 models', async () => {
+      const client = new AnthropicClient('test-api-key');
+      // Create a mock async generator function
+      async function* mockAsyncGenerator() {
+        yield { type: 'message_start', message: { usage: {} } };
+        yield { delta: { text: 'Test response' } };
+        yield { type: 'message_delta', usage: {} };
+      }
+
+      // Mock createResponse to return the async generator
+      jest.spyOn(client, 'createResponse').mockImplementation(() => {
+        return mockAsyncGenerator();
+      });
+
+      // Test claude-opus-4
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-opus-4-20250514',
+        },
+        thinking: true,
+        thinkingBudget: 2000,
+      });
+
+      let capturedOptions = null;
+      jest.spyOn(client, 'getClient').mockImplementation((options) => {
+        capturedOptions = options;
+        return {};
+      });
+
+      const payload = [{ role: 'user', content: 'Test message' }];
+      await client.sendCompletion(payload, {});
+
+      expect(capturedOptions).toHaveProperty('thinking');
+      expect(capturedOptions.thinking).toEqual({
+        type: 'enabled',
+        budget_tokens: 2000,
+      });
+
+      // Test claude-sonnet-4
+      client.setOptions({
+        modelOptions: {
+          model: 'claude-sonnet-4-20250514',
+        },
+        thinking: true,
+        thinkingBudget: 2000,
+      });
+
+      await client.sendCompletion(payload, {});
+
+      expect(capturedOptions).toHaveProperty('thinking');
+      expect(capturedOptions.thinking).toEqual({
+        type: 'enabled',
+        budget_tokens: 2000,
+      });
+    });
+  });
+});
+
+describe('Claude Model Tests', () => {
+  it('should handle Claude 3 and 4 series models correctly', () => {
+    const client = new AnthropicClient('test-key');
+    // Claude 3 series models
+    const claude3Models = [
+      'claude-3-opus-20240229',
+      'claude-3-sonnet-20240229',
+      'claude-3-haiku-20240307',
+      'claude-3-5-sonnet-20240620',
+      'claude-3-5-haiku-20240620',
+      'claude-3.5-sonnet-20240620',
+      'claude-3.5-haiku-20240620',
+      'claude-3.7-sonnet-20240620',
+      'claude-3.7-haiku-20240620',
+      'anthropic/claude-3-opus-20240229',
+      'claude-3-opus-20240229/anthropic',
+    ];
+
+    // Claude 4 series models
+    const claude4Models = [
+      'claude-sonnet-4-20250514',
+      'claude-opus-4-20250514',
+      'claude-4-sonnet-20250514',
+      'claude-4-opus-20250514',
+      'anthropic/claude-sonnet-4-20250514',
+      'claude-sonnet-4-20250514/anthropic',
+    ];
+
+    // Test Claude 3 series
+    claude3Models.forEach((model) => {
+      client.setOptions({ modelOptions: { model } });
+      expect(
+        /claude-[3-9]/.test(client.modelOptions.model) ||
+          /claude-(?:sonnet|opus|haiku)-[4-9]/.test(client.modelOptions.model),
+      ).toBe(true);
+    });
+
+    // Test Claude 4 series
+    claude4Models.forEach((model) => {
+      client.setOptions({ modelOptions: { model } });
+      expect(
+        /claude-[3-9]/.test(client.modelOptions.model) ||
+          /claude-(?:sonnet|opus|haiku)-[4-9]/.test(client.modelOptions.model),
+      ).toBe(true);
+    });
+
+    // Test non-Claude 3/4 models
+    const nonClaudeModels = ['claude-2', 'claude-instant', 'gpt-4', 'gpt-3.5-turbo'];
+
+    nonClaudeModels.forEach((model) => {
+      client.setOptions({ modelOptions: { model } });
+      expect(
+        /claude-[3-9]/.test(client.modelOptions.model) ||
+          /claude-(?:sonnet|opus|haiku)-[4-9]/.test(client.modelOptions.model),
+      ).toBe(false);
+    });
+  });
 });
--- a/api/app/clients/specs/BaseClient.test.js
+++ b/api/app/clients/specs/BaseClient.test.js
@@ -1,7 +1,7 @@
 const { Constants } = require('librechat-data-provider');
 const { initializeFakeClient } = require('./FakeClient');

-jest.mock('~/lib/db/connectDb');
+jest.mock('~/db/connect');
 jest.mock('~/models', () => ({
  User: jest.fn(),
  Key: jest.fn(),
@@ -52,7 +52,7 @@ const messageHistory = [
  {
    role: 'user',
    isCreatedByUser: true,
-    text: 'What\'s up',
+    text: "What's up",
    messageId: '3',
    parentMessageId: '2',
  },
@@ -456,7 +456,7 @@ describe('BaseClient', () => {

      const chatMessages2 = await TestClient.loadHistory(conversationId, '3');
      expect(TestClient.currentMessages).toHaveLength(3);
-      expect(chatMessages2[chatMessages2.length - 1].text).toEqual('What\'s up');
+      expect(chatMessages2[chatMessages2.length - 1].text).toEqual("What's up");
    });

    /* Most of the new sendMessage logic revolving around edited/continued AI messages
--- a/api/app/clients/specs/OpenAIClient.test.js
+++ b/api/app/clients/specs/OpenAIClient.test.js
@@ -5,7 +5,7 @@ const getLogStores = require('~/cache/getLogStores');
 const OpenAIClient = require('../OpenAIClient');
 jest.mock('meilisearch');

-jest.mock('~/lib/db/connectDb');
+jest.mock('~/db/connect');
 jest.mock('~/models', () => ({
  User: jest.fn(),
  Key: jest.fn(),
@@ -462,17 +462,17 @@ describe('OpenAIClient', () => {
        role: 'system',
        name: 'example_user',
        content:
-          'Let\'s circle back when we have more bandwidth to touch base on opportunities for increased leverage.',
+          "Let's circle back when we have more bandwidth to touch base on opportunities for increased leverage.",
      },
      {
        role: 'system',
        name: 'example_assistant',
-        content: 'Let\'s talk later when we\'re less busy about how to do better.',
+        content: "Let's talk later when we're less busy about how to do better.",
      },
      {
        role: 'user',
        content:
-          'This late pivot means we don\'t have time to boil the ocean for the client deliverable.',
+          "This late pivot means we don't have time to boil the ocean for the client deliverable.",
      },
    ];

--- a/api/app/clients/specs/PluginsClient.test.js
+++ b/api/app/clients/specs/PluginsClient.test.js
@@ -3,7 +3,7 @@ const { Constants } = require('librechat-data-provider');
 const { HumanMessage, AIMessage } = require('@langchain/core/messages');
 const PluginsClient = require('../PluginsClient');

-jest.mock('~/lib/db/connectDb');
+jest.mock('~/db/connect');
 jest.mock('~/models/Conversation', () => {
  return function () {
    return {
--- a/api/app/clients/tools/structured/OpenAIImageTools.js
+++ b/api/app/clients/tools/structured/OpenAIImageTools.js
@@ -30,7 +30,7 @@ const DEFAULT_IMAGE_EDIT_DESCRIPTION =

 When to use \`image_edit_oai\`:
 - The user wants to modify, extend, or remix one **or more** uploaded images, either:
-  - Previously generated, or in the current request (both to be included in the \`image_ids\` array).
+- Previously generated, or in the current request (both to be included in the \`image_ids\` array).
 - Always when the user refers to uploaded images for editing, enhancement, remixing, style transfer, or combining elements.
 - Any current or existing images are to be used as visual guides.
 - If there are any files in the current request, they are more likely than not expected as references for image edit requests.
--- a/api/app/clients/tools/util/handleTools.js
+++ b/api/app/clients/tools/util/handleTools.js
@@ -1,7 +1,13 @@
 const { SerpAPI } = require('@langchain/community/tools/serpapi');
 const { Calculator } = require('@langchain/community/tools/calculator');
-const { createCodeExecutionTool, EnvVar } = require('@librechat/agents');
-const { Tools, Constants, EToolResources } = require('librechat-data-provider');
+const { EnvVar, createCodeExecutionTool, createSearchTool } = require('@librechat/agents');
+const {
+  Tools,
+  Constants,
+  EToolResources,
+  loadWebSearchAuth,
+  replaceSpecialVars,
+} = require('librechat-data-provider');
 const { getUserPluginAuthValue } = require('~/server/services/PluginService');
 const {
  availableTools,
@@ -138,7 +144,6 @@ const loadTools = async ({
  agent,
  model,
  endpoint,
-  useSpecs,
  tools = [],
  options = {},
  functions = true,
@@ -263,6 +268,33 @@ const loadTools = async ({
        return createFileSearchTool({ req: options.req, files, entity_id: agent?.id });
      };
      continue;
+    } else if (tool === Tools.web_search) {
+      const webSearchConfig = options?.req?.app?.locals?.webSearch;
+      const result = await loadWebSearchAuth({
+        userId: user,
+        loadAuthValues,
+        webSearchConfig,
+      });
+      const { onSearchResults, onGetHighlights } = options?.[Tools.web_search] ?? {};
+      requestedTools[tool] = async () => {
+        toolContextMap[tool] = `# \`${tool}\`:
+Current Date & Time: ${replaceSpecialVars({ text: '{{iso_datetime}}' })}
+1. **Execute immediately without preface** when using \`${tool}\`.
+2. **After the search, begin with a brief summary** that directly addresses the query without headers or explaining your process.
+3. **Structure your response clearly** using Markdown formatting (Level 2 headers for sections, lists for multiple points, tables for comparisons).
+4. **Cite sources properly** according to the citation anchor format, utilizing group anchors when appropriate.
+5. **Tailor your approach to the query type** (academic, news, coding, etc.) while maintaining an expert, journalistic, unbiased tone.
+6. **Provide comprehensive information** with specific details, examples, and as much relevant context as possible from search results.
+7. **Avoid moralizing language.**
+`.trim();
+        return createSearchTool({
+          ...result.authResult,
+          onSearchResults,
+          onGetHighlights,
+          logger,
+        });
+      };
+      continue;
    } else if (tool && appTools[tool] && mcpToolPattern.test(tool)) {
      requestedTools[tool] = async () =>
        createMCPTool({
--- a/api/app/clients/tools/util/handleTools.test.js
+++ b/api/app/clients/tools/util/handleTools.test.js
@@ -10,18 +10,24 @@ const mockPluginService = {
  getUserPluginAuthValue: jest.fn(),
 };

-jest.mock('~/models/User', () => {
-  return function () {
-    return mockUser;
+const mockModels = {
+  User: mockUser,
+};
+jest.mock('~/db/connect', () => {
+  return {
+    connectDb: jest.fn(),
+    User: mockModels.mockUser,
  };
 });
+jest.mock('~/models/File', () => ({
+  File: jest.fn(),
+}));

 jest.mock('~/server/services/PluginService', () => mockPluginService);

 const { BaseLLM } = require('@langchain/openai');
 const { Calculator } = require('@langchain/community/tools/calculator');

-const User = require('~/models/User');
 const PluginService = require('~/server/services/PluginService');
 const { validateTools, loadTools, loadToolWithAuth } = require('./handleTools');
 const { StructuredSD, availableTools, DALLE3 } = require('../');
@@ -52,7 +58,7 @@ describe('Tool Handlers', () => {
      },
    );

-    fakeUser = new User({
+    fakeUser = await mockModels.User.createUser({
      name: 'Fake User',
      username: 'fakeuser',
      email: 'fakeuser@example.com',
@@ -218,7 +224,6 @@ describe('Tool Handlers', () => {
      try {
        await loadTool2();
      } catch (error) {
-        // eslint-disable-next-line jest/no-conditional-expect
        expect(error).toBeDefined();
      }
    });
--- a/api/cache/banViolation.js
+++ b/api/cache/banViolation.js
@@ -1,8 +1,8 @@
+const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
 const { isEnabled, math, removePorts } = require('~/server/utils');
 const { deleteAllUserSessions } = require('~/models');
 const getLogStores = require('./getLogStores');
-const { logger } = require('~/config');

 const { BAN_VIOLATIONS, BAN_INTERVAL } = process.env ?? {};
 const interval = math(BAN_INTERVAL, 20);
@@ -32,7 +32,6 @@ const banViolation = async (req, res, errorMessage) => {
  if (!isEnabled(BAN_VIOLATIONS)) {
    return;
  }
-
  if (!errorMessage) {
    return;
  }
@@ -51,7 +50,6 @@ const banViolation = async (req, res, errorMessage) => {

  const banLogs = getLogStores(ViolationTypes.BAN);
  const duration = errorMessage.duration || banLogs.opts.ttl;
-
  if (duration <= 0) {
    return;
  }
--- a/api/cache/banViolation.spec.js
+++ b/api/cache/banViolation.spec.js
@@ -1,7 +1,28 @@
 const banViolation = require('./banViolation');

+const mockModels = {
+  Session: {
+    deleteAllUserSessions: jest.fn(),
+  },
+};
+
+jest.mock('~/db/connect', () => {
+  return {
+    connectDb: jest.fn(),
+    get models() {
+      return mockModels;
+    },
+  };
+});
+
+jest.mock('~/server/utils', () => ({
+  isEnabled: jest.fn(() => true), // default to false, override per test if needed
+  math: jest.fn(() => 20), // default to false, override per test if needed
+  removePorts: jest.fn(),
+}));
+
 jest.mock('keyv');
-jest.mock('../models/Session');
+// jest.mock('../models/Session');
 // Mocking the getLogStores function
 jest.mock('./getLogStores', () => {
  return jest.fn().mockImplementation(() => {
--- a/api/cache/getLogStores.js
+++ b/api/cache/getLogStores.js
@@ -61,6 +61,10 @@ const abortKeys = isRedisEnabled
  ? new Keyv({ store: keyvRedis })
  : new Keyv({ namespace: CacheKeys.ABORT_KEYS, ttl: Time.TEN_MINUTES });

+const openIdExchangedTokensCache = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.TEN_MINUTES })
+  : new Keyv({ namespace: CacheKeys.OPENID_EXCHANGED_TOKENS, ttl: Time.TEN_MINUTES });
+
 const namespaces = {
  [CacheKeys.ROLES]: roles,
  [CacheKeys.CONFIG_STORE]: config,
@@ -98,6 +102,7 @@ const namespaces = {
  [CacheKeys.AUDIO_RUNS]: audioRuns,
  [CacheKeys.MESSAGES]: messages,
  [CacheKeys.FLOWS]: flows,
+  [CacheKeys.OPENID_EXCHANGED_TOKENS]: openIdExchangedTokensCache,
 };

 /**
--- a/api/cache/keyvRedis.js
+++ b/api/cache/keyvRedis.js
@@ -76,10 +76,13 @@ if (REDIS_URI && isEnabled(USE_REDIS)) {
    keyvRedis = new KeyvRedis(REDIS_URI, keyvOpts);
  }

-  const pingInterval = setInterval(() => {
-    logger.debug('KeyvRedis ping');
-    keyvRedis.client.ping().catch(err => logger.error('Redis keep-alive ping failed:', err));
-  }, 5 * 60 * 1000);
+  const pingInterval = setInterval(
+    () => {
+      logger.debug('KeyvRedis ping');
+      keyvRedis.client.ping().catch((err) => logger.error('Redis keep-alive ping failed:', err));
+    },
+    5 * 60 * 1000,
+  );

  keyvRedis.on('ready', () => {
    logger.info('KeyvRedis connection ready');
--- a/api/lib/db/connectDb.js
+++ b/api/lib/db/connectDb.js
@@ -39,7 +39,10 @@ async function connectDb() {
    });
  }
  cached.conn = await cached.promise;
+
  return cached.conn;
 }

-module.exports = connectDb;
+module.exports = {
+  connectDb,
+};
--- a/api/db/index.js
+++ b/api/db/index.js
@@ -0,0 +1,8 @@
+const mongoose = require('mongoose');
+const { createModels } = require('@librechat/data-schemas');
+const { connectDb } = require('./connect');
+const indexSync = require('./indexSync');
+
+createModels(mongoose);
+
+module.exports = { connectDb, indexSync };
--- a/api/lib/db/indexSync.js
+++ b/api/lib/db/indexSync.js
@@ -1,8 +1,11 @@
+const mongoose = require('mongoose');
 const { MeiliSearch } = require('meilisearch');
-const { Conversation } = require('~/models/Conversation');
-const { Message } = require('~/models/Message');
+const { logger } = require('@librechat/data-schemas');
+
 const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
+
+const Conversation = mongoose.models.Conversation;
+const Message = mongoose.models.Message;

 const searchEnabled = isEnabled(process.env.SEARCH);
 const indexingDisabled = isEnabled(process.env.MEILI_NO_SYNC);
@@ -29,7 +32,6 @@ async function indexSync() {
  if (!searchEnabled) {
    return;
  }
-
  try {
    const client = MeiliSearchClient.getInstance();

--- a/api/db/models.js
+++ b/api/db/models.js
@@ -0,0 +1,5 @@
+const mongoose = require('mongoose');
+const { createModels } = require('@librechat/data-schemas');
+const models = createModels(mongoose);
+
+module.exports = { ...models };
--- a/api/jest.config.js
+++ b/api/jest.config.js
@@ -11,5 +11,8 @@ module.exports = {
  moduleNameMapper: {
    '~/(.*)': '<rootDir>/$1',
    '~/data/auth.json': '<rootDir>/__mocks__/auth.mock.json',
+    '^openid-client/passport$': '<rootDir>/test/__mocks__/openid-client-passport.js', // Mock for the passport strategy part
+    '^openid-client$': '<rootDir>/test/__mocks__/openid-client.js',
  },
+  transformIgnorePatterns: ['/node_modules/(?!(openid-client|oauth4webapi|jose)/).*/'],
 };
--- a/api/lib/db/index.js
+++ b/api/lib/db/index.js
@@ -1,4 +0,0 @@
-const connectDb = require('./connectDb');
-const indexSync = require('./indexSync');
-
-module.exports = { connectDb, indexSync };
--- a/api/models/Action.js
+++ b/api/models/Action.js
@@ -1,7 +1,5 @@
 const mongoose = require('mongoose');
-const { actionSchema } = require('@librechat/data-schemas');
-
-const Action = mongoose.model('action', actionSchema);
+const Action = require('~/db/models').Action;

 /**
 * Update an action with new data without overwriting existing properties,
--- a/api/models/Agent.js
+++ b/api/models/Agent.js
@@ -1,6 +1,7 @@
 const mongoose = require('mongoose');
-const { agentSchema } = require('@librechat/data-schemas');
-const { SystemRoles, Tools } = require('librechat-data-provider');
+const crypto = require('node:crypto');
+const { logger } = require('@librechat/data-schemas');
+const { SystemRoles, Tools, actionDelimiter } = require('librechat-data-provider');
 const { GLOBAL_PROJECT_NAME, EPHEMERAL_AGENT_ID, mcp_delimiter } =
  require('librechat-data-provider').Constants;
 const { CONFIG_STORE, STARTUP_CONFIG } = require('librechat-data-provider').CacheKeys;
@@ -11,8 +12,9 @@ const {
  removeAgentFromAllProjects,
 } = require('./Project');
 const getLogStores = require('~/cache/getLogStores');
+const { getActions } = require('./Action');

-const Agent = mongoose.model('agent', agentSchema);
+const Agent = require('~/db/models').Agent;

 /**
 * Create an agent with the provided data.
@@ -21,7 +23,19 @@ const Agent = mongoose.model('agent', agentSchema);
 * @throws {Error} If the agent creation fails.
 */
 const createAgent = async (agentData) => {
-  return (await Agent.create(agentData)).toObject();
+  const { author, ...versionData } = agentData;
+  const timestamp = new Date();
+  const initialAgentData = {
+    ...agentData,
+    versions: [
+      {
+        ...versionData,
+        createdAt: timestamp,
+        updatedAt: timestamp,
+      },
+    ],
+  };
+  return (await Agent.create(initialAgentData)).toObject();
 };

 /**
@@ -48,12 +62,17 @@ const loadEphemeralAgent = ({ req, agent_id, endpoint, model_parameters: _m }) =
  const { model, ...model_parameters } = _m;
  /** @type {Record<string, FunctionTool>} */
  const availableTools = req.app.locals.availableTools;
-  const mcpServers = new Set(req.body.ephemeralAgent?.mcp);
+  /** @type {TEphemeralAgent | null} */
+  const ephemeralAgent = req.body.ephemeralAgent;
+  const mcpServers = new Set(ephemeralAgent?.mcp);
  /** @type {string[]} */
  const tools = [];
-  if (req.body.ephemeralAgent?.execute_code === true) {
+  if (ephemeralAgent?.execute_code === true) {
    tools.push(Tools.execute_code);
  }
+  if (ephemeralAgent?.web_search === true) {
+    tools.push(Tools.web_search);
+  }

  if (mcpServers.size > 0) {
    for (const toolName of Object.keys(availableTools)) {
@@ -103,6 +122,8 @@ const loadAgent = async ({ req, agent_id, endpoint, model_parameters }) => {
    return null;
  }

+  agent.version = agent.versions ? agent.versions.length : 0;
+
  if (agent.author.toString() === req.user.id) {
    return agent;
  }
@@ -127,19 +148,207 @@ const loadAgent = async ({ req, agent_id, endpoint, model_parameters }) => {
  }
 };

+/**
+ * Check if a version already exists in the versions array, excluding timestamp and author fields
+ * @param {Object} updateData - The update data to compare
+ * @param {Object} currentData - The current agent data
+ * @param {Array} versions - The existing versions array
+ * @param {string} [actionsHash] - Hash of current action metadata
+ * @returns {Object|null} - The matching version if found, null otherwise
+ */
+const isDuplicateVersion = (updateData, currentData, versions, actionsHash = null) => {
+  if (!versions || versions.length === 0) {
+    return null;
+  }
+
+  const excludeFields = [
+    '_id',
+    'id',
+    'createdAt',
+    'updatedAt',
+    'author',
+    'updatedBy',
+    'created_at',
+    'updated_at',
+    '__v',
+    'agent_ids',
+    'versions',
+    'actionsHash', // Exclude actionsHash from direct comparison
+  ];
+
+  const { $push, $pull, $addToSet, ...directUpdates } = updateData;
+
+  if (Object.keys(directUpdates).length === 0 && !actionsHash) {
+    return null;
+  }
+
+  const wouldBeVersion = { ...currentData, ...directUpdates };
+  const lastVersion = versions[versions.length - 1];
+
+  if (actionsHash && lastVersion.actionsHash !== actionsHash) {
+    return null;
+  }
+
+  const allFields = new Set([...Object.keys(wouldBeVersion), ...Object.keys(lastVersion)]);
+
+  const importantFields = Array.from(allFields).filter((field) => !excludeFields.includes(field));
+
+  let isMatch = true;
+  for (const field of importantFields) {
+    if (!wouldBeVersion[field] && !lastVersion[field]) {
+      continue;
+    }
+
+    if (Array.isArray(wouldBeVersion[field]) && Array.isArray(lastVersion[field])) {
+      if (wouldBeVersion[field].length !== lastVersion[field].length) {
+        isMatch = false;
+        break;
+      }
+
+      // Special handling for projectIds (MongoDB ObjectIds)
+      if (field === 'projectIds') {
+        const wouldBeIds = wouldBeVersion[field].map((id) => id.toString()).sort();
+        const versionIds = lastVersion[field].map((id) => id.toString()).sort();
+
+        if (!wouldBeIds.every((id, i) => id === versionIds[i])) {
+          isMatch = false;
+          break;
+        }
+      }
+      // Handle arrays of objects like tool_kwargs
+      else if (typeof wouldBeVersion[field][0] === 'object' && wouldBeVersion[field][0] !== null) {
+        const sortedWouldBe = [...wouldBeVersion[field]].map((item) => JSON.stringify(item)).sort();
+        const sortedVersion = [...lastVersion[field]].map((item) => JSON.stringify(item)).sort();
+
+        if (!sortedWouldBe.every((item, i) => item === sortedVersion[i])) {
+          isMatch = false;
+          break;
+        }
+      } else {
+        const sortedWouldBe = [...wouldBeVersion[field]].sort();
+        const sortedVersion = [...lastVersion[field]].sort();
+
+        if (!sortedWouldBe.every((item, i) => item === sortedVersion[i])) {
+          isMatch = false;
+          break;
+        }
+      }
+    } else if (field === 'model_parameters') {
+      const wouldBeParams = wouldBeVersion[field] || {};
+      const lastVersionParams = lastVersion[field] || {};
+      if (JSON.stringify(wouldBeParams) !== JSON.stringify(lastVersionParams)) {
+        isMatch = false;
+        break;
+      }
+    } else if (wouldBeVersion[field] !== lastVersion[field]) {
+      isMatch = false;
+      break;
+    }
+  }
+
+  return isMatch ? lastVersion : null;
+};
+
 /**
 * Update an agent with new data without overwriting existing
 *  properties, or create a new agent if it doesn't exist.
+ * When an agent is updated, a copy of the current state will be saved to the versions array.
 *
 * @param {Object} searchParameter - The search parameters to find the agent to update.
 * @param {string} searchParameter.id - The ID of the agent to update.
 * @param {string} [searchParameter.author] - The user ID of the agent's author.
 * @param {Object} updateData - An object containing the properties to update.
+ * @param {Object} [options] - Optional configuration object.
+ * @param {string} [options.updatingUserId] - The ID of the user performing the update (used for tracking non-author updates).
+ * @param {boolean} [options.forceVersion] - Force creation of a new version even if no fields changed.
 * @returns {Promise<Agent>} The updated or newly created agent document as a plain object.
+ * @throws {Error} If the update would create a duplicate version
 */
-const updateAgent = async (searchParameter, updateData) => {
-  const options = { new: true, upsert: false };
-  return Agent.findOneAndUpdate(searchParameter, updateData, options).lean();
+const updateAgent = async (searchParameter, updateData, options = {}) => {
+  const { updatingUserId = null, forceVersion = false } = options;
+  const mongoOptions = { new: true, upsert: false };
+
+  const currentAgent = await Agent.findOne(searchParameter);
+  if (currentAgent) {
+    const { __v, _id, id, versions, author, ...versionData } = currentAgent.toObject();
+    const { $push, $pull, $addToSet, ...directUpdates } = updateData;
+
+    let actionsHash = null;
+
+    // Generate actions hash if agent has actions
+    if (currentAgent.actions && currentAgent.actions.length > 0) {
+      // Extract action IDs from the format "domain_action_id"
+      const actionIds = currentAgent.actions
+        .map((action) => {
+          const parts = action.split(actionDelimiter);
+          return parts[1]; // Get just the action ID part
+        })
+        .filter(Boolean);
+
+      if (actionIds.length > 0) {
+        try {
+          const actions = await getActions(
+            {
+              action_id: { $in: actionIds },
+            },
+            true,
+          ); // Include sensitive data for hash
+
+          actionsHash = await generateActionMetadataHash(currentAgent.actions, actions);
+        } catch (error) {
+          logger.error('Error fetching actions for hash generation:', error);
+        }
+      }
+    }
+
+    const shouldCreateVersion =
+      forceVersion ||
+      (versions &&
+        versions.length > 0 &&
+        (Object.keys(directUpdates).length > 0 || $push || $pull || $addToSet));
+
+    if (shouldCreateVersion) {
+      const duplicateVersion = isDuplicateVersion(updateData, versionData, versions, actionsHash);
+      if (duplicateVersion && !forceVersion) {
+        const error = new Error(
+          'Duplicate version: This would create a version identical to an existing one',
+        );
+        error.statusCode = 409;
+        error.details = {
+          duplicateVersion,
+          versionIndex: versions.findIndex(
+            (v) => JSON.stringify(duplicateVersion) === JSON.stringify(v),
+          ),
+        };
+        throw error;
+      }
+    }
+
+    const versionEntry = {
+      ...versionData,
+      ...directUpdates,
+      updatedAt: new Date(),
+    };
+
+    // Include actions hash in version if available
+    if (actionsHash) {
+      versionEntry.actionsHash = actionsHash;
+    }
+
+    // Always store updatedBy field to track who made the change
+    if (updatingUserId) {
+      versionEntry.updatedBy = new mongoose.Types.ObjectId(updatingUserId);
+    }
+
+    if (shouldCreateVersion || forceVersion) {
+      updateData.$push = {
+        ...($push || {}),
+        versions: versionEntry,
+      };
+    }
+  }
+
+  return Agent.findOneAndUpdate(searchParameter, updateData, mongoOptions).lean();
 };

 /**
@@ -151,7 +360,7 @@ const updateAgent = async (searchParameter, updateData) => {
 * @param {string} params.file_id
 * @returns {Promise<Agent>} The updated agent.
 */
-const addAgentResourceFile = async ({ agent_id, tool_resource, file_id }) => {
+const addAgentResourceFile = async ({ req, agent_id, tool_resource, file_id }) => {
  const searchParameter = { id: agent_id };
  let agent = await getAgent(searchParameter);
  if (!agent) {
@@ -177,7 +386,9 @@ const addAgentResourceFile = async ({ agent_id, tool_resource, file_id }) => {
    },
  };

-  const updatedAgent = await updateAgent(searchParameter, updateData);
+  const updatedAgent = await updateAgent(searchParameter, updateData, {
+    updatingUserId: req?.user?.id,
+  });
  if (updatedAgent) {
    return updatedAgent;
  } else {
@@ -269,7 +480,6 @@ const getListAgents = async (searchParameter) => {
    delete globalQuery.author;
    query = { $or: [globalQuery, query] };
  }
-
  const agents = (
    await Agent.find(query, {
      id: 1,
@@ -341,7 +551,7 @@ const updateAgentProjects = async ({ user, agentId, projectIds, removeProjectIds
    delete updateQuery.author;
  }

-  const updatedAgent = await updateAgent(updateQuery, updateOps);
+  const updatedAgent = await updateAgent(updateQuery, updateOps, { updatingUserId: user.id });
  if (updatedAgent) {
    return updatedAgent;
  }
@@ -358,15 +568,107 @@ const updateAgentProjects = async ({ user, agentId, projectIds, removeProjectIds
  return await getAgent({ id: agentId });
 };

+/**
+ * Reverts an agent to a specific version in its version history.
+ * @param {Object} searchParameter - The search parameters to find the agent to revert.
+ * @param {string} searchParameter.id - The ID of the agent to revert.
+ * @param {string} [searchParameter.author] - The user ID of the agent's author.
+ * @param {number} versionIndex - The index of the version to revert to in the versions array.
+ * @returns {Promise<MongoAgent>} The updated agent document after reverting.
+ * @throws {Error} If the agent is not found or the specified version does not exist.
+ */
+const revertAgentVersion = async (searchParameter, versionIndex) => {
+  const agent = await Agent.findOne(searchParameter);
+  if (!agent) {
+    throw new Error('Agent not found');
+  }
+
+  if (!agent.versions || !agent.versions[versionIndex]) {
+    throw new Error(`Version ${versionIndex} not found`);
+  }
+
+  const revertToVersion = agent.versions[versionIndex];
+
+  const updateData = {
+    ...revertToVersion,
+  };
+
+  delete updateData._id;
+  delete updateData.id;
+  delete updateData.versions;
+  delete updateData.author;
+  delete updateData.updatedBy;
+
+  return Agent.findOneAndUpdate(searchParameter, updateData, { new: true }).lean();
+};
+
+/**
+ * Generates a hash of action metadata for version comparison
+ * @param {string[]} actionIds - Array of action IDs in format "domain_action_id"
+ * @param {Action[]} actions - Array of action documents
+ * @returns {Promise<string>} - SHA256 hash of the action metadata
+ */
+const generateActionMetadataHash = async (actionIds, actions) => {
+  if (!actionIds || actionIds.length === 0) {
+    return '';
+  }
+
+  // Create a map of action_id to metadata for quick lookup
+  const actionMap = new Map();
+  actions.forEach((action) => {
+    actionMap.set(action.action_id, action.metadata);
+  });
+
+  // Sort action IDs for consistent hashing
+  const sortedActionIds = [...actionIds].sort();
+
+  // Build a deterministic string representation of all action metadata
+  const metadataString = sortedActionIds
+    .map((actionFullId) => {
+      // Extract just the action_id part (after the delimiter)
+      const parts = actionFullId.split(actionDelimiter);
+      const actionId = parts[1];
+
+      const metadata = actionMap.get(actionId);
+      if (!metadata) {
+        return `${actionId}:null`;
+      }
+
+      // Sort metadata keys for deterministic output
+      const sortedKeys = Object.keys(metadata).sort();
+      const metadataStr = sortedKeys
+        .map((key) => `${key}:${JSON.stringify(metadata[key])}`)
+        .join(',');
+      return `${actionId}:{${metadataStr}}`;
+    })
+    .join(';');
+
+  // Use Web Crypto API to generate hash
+  const encoder = new TextEncoder();
+  const data = encoder.encode(metadataString);
+  const hashBuffer = await crypto.webcrypto.subtle.digest('SHA-256', data);
+  const hashArray = Array.from(new Uint8Array(hashBuffer));
+  const hashHex = hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
+
+  return hashHex;
+};
+
+/**
+ * Load a default agent based on the endpoint
+ * @param {string} endpoint
+ * @returns {Agent | null}
+ */
+
 module.exports = {
-  Agent,
  getAgent,
  loadAgent,
  createAgent,
  updateAgent,
  deleteAgent,
  getListAgents,
+  revertAgentVersion,
  updateAgentProjects,
  addAgentResourceFile,
  removeAgentResourceFiles,
+  generateActionMetadataHash,
 };
--- a/api/models/Agent.spec.js
+++ b/api/models/Agent.spec.js
@@ -1,7 +1,27 @@
+const originalEnv = {
+  CREDS_KEY: process.env.CREDS_KEY,
+  CREDS_IV: process.env.CREDS_IV,
+};
+
+process.env.CREDS_KEY = '0123456789abcdef0123456789abcdef';
+process.env.CREDS_IV = '0123456789abcdef';
+
 const mongoose = require('mongoose');
 const { v4: uuidv4 } = require('uuid');
+
 const { MongoMemoryServer } = require('mongodb-memory-server');
-const { Agent, addAgentResourceFile, removeAgentResourceFiles } = require('./Agent');
+const {
+  getAgent,
+  updateAgent,
+  deleteAgent,
+  createAgent,
+  getListAgents,
+  updateAgentProjects,
+  addAgentResourceFile,
+  removeAgentResourceFiles,
+} = require('./Agent');
+
+const Agent = require('~/db/models').Agent;

 describe('Agent Resource File Operations', () => {
  let mongoServer;
@@ -15,6 +35,8 @@ describe('Agent Resource File Operations', () => {
  afterAll(async () => {
    await mongoose.disconnect();
    await mongoServer.stop();
+    process.env.CREDS_KEY = originalEnv.CREDS_KEY;
+    process.env.CREDS_IV = originalEnv.CREDS_IV;
  });

  beforeEach(async () => {
@@ -35,6 +57,7 @@ describe('Agent Resource File Operations', () => {

  test('should add tool_resource to tools if missing', async () => {
    const agent = await createBasicAgent();
+
    const fileId = uuidv4();
    const toolResource = 'file_search';

@@ -332,3 +355,725 @@ describe('Agent Resource File Operations', () => {
    expect(finalFileIds).toHaveLength(0);
  });
 });
+
+describe('Agent CRUD Operations', () => {
+  let mongoServer;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    const mongoUri = mongoServer.getUri();
+    await mongoose.connect(mongoUri);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    await Agent.deleteMany({});
+  });
+
+  test('should create and get an agent', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+
+    const newAgent = await createAgent({
+      id: agentId,
+      name: 'Test Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      description: 'Test description',
+    });
+
+    expect(newAgent).toBeDefined();
+    expect(newAgent.id).toBe(agentId);
+    expect(newAgent.name).toBe('Test Agent');
+
+    const retrievedAgent = await getAgent({ id: agentId });
+    expect(retrievedAgent).toBeDefined();
+    expect(retrievedAgent.id).toBe(agentId);
+    expect(retrievedAgent.name).toBe('Test Agent');
+    expect(retrievedAgent.description).toBe('Test description');
+  });
+
+  test('should delete an agent', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Agent To Delete',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+    });
+
+    const agentBeforeDelete = await getAgent({ id: agentId });
+    expect(agentBeforeDelete).toBeDefined();
+
+    await deleteAgent({ id: agentId });
+
+    const agentAfterDelete = await getAgent({ id: agentId });
+    expect(agentAfterDelete).toBeNull();
+  });
+
+  test('should list agents by author', async () => {
+    const authorId = new mongoose.Types.ObjectId();
+    const otherAuthorId = new mongoose.Types.ObjectId();
+
+    const agentIds = [];
+    for (let i = 0; i < 5; i++) {
+      const id = `agent_${uuidv4()}`;
+      agentIds.push(id);
+      await createAgent({
+        id,
+        name: `Agent ${i}`,
+        provider: 'test',
+        model: 'test-model',
+        author: authorId,
+      });
+    }
+
+    for (let i = 0; i < 3; i++) {
+      await createAgent({
+        id: `other_agent_${uuidv4()}`,
+        name: `Other Agent ${i}`,
+        provider: 'test',
+        model: 'test-model',
+        author: otherAuthorId,
+      });
+    }
+
+    const result = await getListAgents({ author: authorId.toString() });
+
+    expect(result).toBeDefined();
+    expect(result.data).toBeDefined();
+    expect(result.data).toHaveLength(5);
+    expect(result.has_more).toBe(true);
+
+    for (const agent of result.data) {
+      expect(agent.author).toBe(authorId.toString());
+    }
+  });
+
+  test('should update agent projects', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+    const projectId1 = new mongoose.Types.ObjectId();
+    const projectId2 = new mongoose.Types.ObjectId();
+    const projectId3 = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Project Test Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      projectIds: [projectId1],
+    });
+
+    await updateAgent(
+      { id: agentId },
+      { $addToSet: { projectIds: { $each: [projectId2, projectId3] } } },
+    );
+
+    await updateAgent({ id: agentId }, { $pull: { projectIds: projectId1 } });
+
+    await updateAgent({ id: agentId }, { projectIds: [projectId2, projectId3] });
+
+    const updatedAgent = await getAgent({ id: agentId });
+    expect(updatedAgent.projectIds).toHaveLength(2);
+    expect(updatedAgent.projectIds.map((id) => id.toString())).toContain(projectId2.toString());
+    expect(updatedAgent.projectIds.map((id) => id.toString())).toContain(projectId3.toString());
+    expect(updatedAgent.projectIds.map((id) => id.toString())).not.toContain(projectId1.toString());
+
+    await updateAgent({ id: agentId }, { projectIds: [] });
+
+    const emptyProjectsAgent = await getAgent({ id: agentId });
+    expect(emptyProjectsAgent.projectIds).toHaveLength(0);
+
+    const nonExistentId = `agent_${uuidv4()}`;
+    await expect(
+      updateAgentProjects({
+        id: nonExistentId,
+        projectIds: [projectId1],
+      }),
+    ).rejects.toThrow();
+  });
+
+  test('should handle ephemeral agent loading', async () => {
+    const agentId = 'ephemeral_test';
+    const endpoint = 'openai';
+
+    const originalModule = jest.requireActual('librechat-data-provider');
+
+    const mockDataProvider = {
+      ...originalModule,
+      Constants: {
+        ...originalModule.Constants,
+        EPHEMERAL_AGENT_ID: 'ephemeral_test',
+      },
+    };
+
+    jest.doMock('librechat-data-provider', () => mockDataProvider);
+
+    const mockReq = {
+      user: { id: 'user123' },
+      body: {
+        promptPrefix: 'This is a test instruction',
+        ephemeralAgent: {
+          execute_code: true,
+          mcp: ['server1', 'server2'],
+        },
+      },
+      app: {
+        locals: {
+          availableTools: {
+            tool__server1: {},
+            tool__server2: {},
+            another_tool: {},
+          },
+        },
+      },
+    };
+
+    const params = {
+      req: mockReq,
+      agent_id: agentId,
+      endpoint,
+      model_parameters: {
+        model: 'gpt-4',
+        temperature: 0.7,
+      },
+    };
+
+    expect(agentId).toBeDefined();
+    expect(endpoint).toBeDefined();
+
+    jest.dontMock('librechat-data-provider');
+  });
+
+  test('should handle loadAgent functionality and errors', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Test Load Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      tools: ['tool1', 'tool2'],
+    });
+
+    const agent = await getAgent({ id: agentId });
+
+    expect(agent).toBeDefined();
+    expect(agent.id).toBe(agentId);
+    expect(agent.name).toBe('Test Load Agent');
+    expect(agent.tools).toEqual(expect.arrayContaining(['tool1', 'tool2']));
+
+    const mockLoadAgent = jest.fn().mockResolvedValue(agent);
+    const loadedAgent = await mockLoadAgent();
+    expect(loadedAgent).toBeDefined();
+    expect(loadedAgent.id).toBe(agentId);
+
+    const nonExistentId = `agent_${uuidv4()}`;
+    const nonExistentAgent = await getAgent({ id: nonExistentId });
+    expect(nonExistentAgent).toBeNull();
+
+    const mockLoadAgentError = jest.fn().mockRejectedValue(new Error('No agent found with ID'));
+    await expect(mockLoadAgentError()).rejects.toThrow('No agent found with ID');
+  });
+});
+
+describe('Agent Version History', () => {
+  let mongoServer;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    const mongoUri = mongoServer.getUri();
+    await mongoose.connect(mongoUri);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    await Agent.deleteMany({});
+  });
+
+  test('should create an agent with a single entry in versions array', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const agent = await createAgent({
+      id: agentId,
+      name: 'Test Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: new mongoose.Types.ObjectId(),
+    });
+
+    expect(agent.versions).toBeDefined();
+    expect(Array.isArray(agent.versions)).toBe(true);
+    expect(agent.versions).toHaveLength(1);
+    expect(agent.versions[0].name).toBe('Test Agent');
+    expect(agent.versions[0].provider).toBe('test');
+    expect(agent.versions[0].model).toBe('test-model');
+  });
+
+  test('should accumulate version history across multiple updates', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const author = new mongoose.Types.ObjectId();
+    await createAgent({
+      id: agentId,
+      name: 'First Name',
+      provider: 'test',
+      model: 'test-model',
+      author,
+      description: 'First description',
+    });
+
+    await updateAgent({ id: agentId }, { name: 'Second Name', description: 'Second description' });
+    await updateAgent({ id: agentId }, { name: 'Third Name', model: 'new-model' });
+    const finalAgent = await updateAgent({ id: agentId }, { description: 'Final description' });
+
+    expect(finalAgent.versions).toBeDefined();
+    expect(Array.isArray(finalAgent.versions)).toBe(true);
+    expect(finalAgent.versions).toHaveLength(4);
+
+    expect(finalAgent.versions[0].name).toBe('First Name');
+    expect(finalAgent.versions[0].description).toBe('First description');
+    expect(finalAgent.versions[0].model).toBe('test-model');
+
+    expect(finalAgent.versions[1].name).toBe('Second Name');
+    expect(finalAgent.versions[1].description).toBe('Second description');
+    expect(finalAgent.versions[1].model).toBe('test-model');
+
+    expect(finalAgent.versions[2].name).toBe('Third Name');
+    expect(finalAgent.versions[2].description).toBe('Second description');
+    expect(finalAgent.versions[2].model).toBe('new-model');
+
+    expect(finalAgent.versions[3].name).toBe('Third Name');
+    expect(finalAgent.versions[3].description).toBe('Final description');
+    expect(finalAgent.versions[3].model).toBe('new-model');
+
+    expect(finalAgent.name).toBe('Third Name');
+    expect(finalAgent.description).toBe('Final description');
+    expect(finalAgent.model).toBe('new-model');
+  });
+
+  test('should not include metadata fields in version history', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    await createAgent({
+      id: agentId,
+      name: 'Test Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: new mongoose.Types.ObjectId(),
+    });
+
+    const updatedAgent = await updateAgent({ id: agentId }, { description: 'New description' });
+
+    expect(updatedAgent.versions).toHaveLength(2);
+    expect(updatedAgent.versions[0]._id).toBeUndefined();
+    expect(updatedAgent.versions[0].__v).toBeUndefined();
+    expect(updatedAgent.versions[0].name).toBe('Test Agent');
+    expect(updatedAgent.versions[0].author).toBeUndefined();
+
+    expect(updatedAgent.versions[1]._id).toBeUndefined();
+    expect(updatedAgent.versions[1].__v).toBeUndefined();
+  });
+
+  test('should not recursively include previous versions', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    await createAgent({
+      id: agentId,
+      name: 'Test Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: new mongoose.Types.ObjectId(),
+    });
+
+    await updateAgent({ id: agentId }, { name: 'Updated Name 1' });
+    await updateAgent({ id: agentId }, { name: 'Updated Name 2' });
+    const finalAgent = await updateAgent({ id: agentId }, { name: 'Updated Name 3' });
+
+    expect(finalAgent.versions).toHaveLength(4);
+
+    finalAgent.versions.forEach((version) => {
+      expect(version.versions).toBeUndefined();
+    });
+  });
+
+  test('should handle MongoDB operators and field updates correctly', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+    const projectId = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'MongoDB Operator Test',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      tools: ['tool1'],
+    });
+
+    await updateAgent(
+      { id: agentId },
+      {
+        description: 'Updated description',
+        $push: { tools: 'tool2' },
+        $addToSet: { projectIds: projectId },
+      },
+    );
+
+    const firstUpdate = await getAgent({ id: agentId });
+    expect(firstUpdate.description).toBe('Updated description');
+    expect(firstUpdate.tools).toContain('tool1');
+    expect(firstUpdate.tools).toContain('tool2');
+    expect(firstUpdate.projectIds.map((id) => id.toString())).toContain(projectId.toString());
+    expect(firstUpdate.versions).toHaveLength(2);
+
+    await updateAgent(
+      { id: agentId },
+      {
+        tools: ['tool2', 'tool3'],
+      },
+    );
+
+    const secondUpdate = await getAgent({ id: agentId });
+    expect(secondUpdate.tools).toHaveLength(2);
+    expect(secondUpdate.tools).toContain('tool2');
+    expect(secondUpdate.tools).toContain('tool3');
+    expect(secondUpdate.tools).not.toContain('tool1');
+    expect(secondUpdate.versions).toHaveLength(3);
+
+    await updateAgent(
+      { id: agentId },
+      {
+        $push: { tools: 'tool3' },
+      },
+    );
+
+    const thirdUpdate = await getAgent({ id: agentId });
+    const toolCount = thirdUpdate.tools.filter((t) => t === 'tool3').length;
+    expect(toolCount).toBe(2);
+    expect(thirdUpdate.versions).toHaveLength(4);
+  });
+
+  test('should handle parameter objects correctly', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Parameters Test',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      model_parameters: { temperature: 0.7 },
+    });
+
+    const updatedAgent = await updateAgent(
+      { id: agentId },
+      { model_parameters: { temperature: 0.8 } },
+    );
+
+    expect(updatedAgent.versions).toHaveLength(2);
+    expect(updatedAgent.model_parameters.temperature).toBe(0.8);
+
+    await updateAgent(
+      { id: agentId },
+      {
+        model_parameters: {
+          temperature: 0.8,
+          max_tokens: 1000,
+        },
+      },
+    );
+
+    const complexAgent = await getAgent({ id: agentId });
+    expect(complexAgent.versions).toHaveLength(3);
+    expect(complexAgent.model_parameters.temperature).toBe(0.8);
+    expect(complexAgent.model_parameters.max_tokens).toBe(1000);
+
+    await updateAgent({ id: agentId }, { model_parameters: {} });
+
+    const emptyParamsAgent = await getAgent({ id: agentId });
+    expect(emptyParamsAgent.versions).toHaveLength(4);
+    expect(emptyParamsAgent.model_parameters).toEqual({});
+  });
+
+  test('should detect duplicate versions and reject updates', async () => {
+    const originalConsoleError = console.error;
+    console.error = jest.fn();
+
+    try {
+      const agentId = `agent_${uuidv4()}`;
+      const authorId = new mongoose.Types.ObjectId();
+      const projectId1 = new mongoose.Types.ObjectId();
+      const projectId2 = new mongoose.Types.ObjectId();
+
+      const testCases = [
+        {
+          name: 'simple field update',
+          initial: {
+            name: 'Test Agent',
+            description: 'Initial description',
+          },
+          update: { name: 'Updated Name' },
+          duplicate: { name: 'Updated Name' },
+        },
+        {
+          name: 'object field update',
+          initial: {
+            model_parameters: { temperature: 0.7 },
+          },
+          update: { model_parameters: { temperature: 0.8 } },
+          duplicate: { model_parameters: { temperature: 0.8 } },
+        },
+        {
+          name: 'array field update',
+          initial: {
+            tools: ['tool1', 'tool2'],
+          },
+          update: { tools: ['tool2', 'tool3'] },
+          duplicate: { tools: ['tool2', 'tool3'] },
+        },
+        {
+          name: 'projectIds update',
+          initial: {
+            projectIds: [projectId1],
+          },
+          update: { projectIds: [projectId1, projectId2] },
+          duplicate: { projectIds: [projectId2, projectId1] },
+        },
+      ];
+
+      for (const testCase of testCases) {
+        const testAgentId = `agent_${uuidv4()}`;
+
+        await createAgent({
+          id: testAgentId,
+          provider: 'test',
+          model: 'test-model',
+          author: authorId,
+          ...testCase.initial,
+        });
+
+        await updateAgent({ id: testAgentId }, testCase.update);
+
+        let error;
+        try {
+          await updateAgent({ id: testAgentId }, testCase.duplicate);
+        } catch (e) {
+          error = e;
+        }
+
+        expect(error).toBeDefined();
+        expect(error.message).toContain('Duplicate version');
+        expect(error.statusCode).toBe(409);
+        expect(error.details).toBeDefined();
+        expect(error.details.duplicateVersion).toBeDefined();
+
+        const agent = await getAgent({ id: testAgentId });
+        expect(agent.versions).toHaveLength(2);
+      }
+    } finally {
+      console.error = originalConsoleError;
+    }
+  });
+
+  test('should track updatedBy when a different user updates an agent', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const originalAuthor = new mongoose.Types.ObjectId();
+    const updatingUser = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Original Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: originalAuthor,
+      description: 'Original description',
+    });
+
+    const updatedAgent = await updateAgent(
+      { id: agentId },
+      { name: 'Updated Agent', description: 'Updated description' },
+      { updatingUserId: updatingUser.toString() },
+    );
+
+    expect(updatedAgent.versions).toHaveLength(2);
+    expect(updatedAgent.versions[1].updatedBy.toString()).toBe(updatingUser.toString());
+    expect(updatedAgent.author.toString()).toBe(originalAuthor.toString());
+  });
+
+  test('should include updatedBy even when the original author updates the agent', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const originalAuthor = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Original Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: originalAuthor,
+      description: 'Original description',
+    });
+
+    const updatedAgent = await updateAgent(
+      { id: agentId },
+      { name: 'Updated Agent', description: 'Updated description' },
+      { updatingUserId: originalAuthor.toString() },
+    );
+
+    expect(updatedAgent.versions).toHaveLength(2);
+    expect(updatedAgent.versions[1].updatedBy.toString()).toBe(originalAuthor.toString());
+    expect(updatedAgent.author.toString()).toBe(originalAuthor.toString());
+  });
+
+  test('should track multiple different users updating the same agent', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const originalAuthor = new mongoose.Types.ObjectId();
+    const user1 = new mongoose.Types.ObjectId();
+    const user2 = new mongoose.Types.ObjectId();
+    const user3 = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Original Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: originalAuthor,
+      description: 'Original description',
+    });
+
+    // User 1 makes an update
+    await updateAgent(
+      { id: agentId },
+      { name: 'Updated by User 1', description: 'First update' },
+      { updatingUserId: user1.toString() },
+    );
+
+    // Original author makes an update
+    await updateAgent(
+      { id: agentId },
+      { description: 'Updated by original author' },
+      { updatingUserId: originalAuthor.toString() },
+    );
+
+    // User 2 makes an update
+    await updateAgent(
+      { id: agentId },
+      { name: 'Updated by User 2', model: 'new-model' },
+      { updatingUserId: user2.toString() },
+    );
+
+    // User 3 makes an update
+    const finalAgent = await updateAgent(
+      { id: agentId },
+      { description: 'Final update by User 3' },
+      { updatingUserId: user3.toString() },
+    );
+
+    expect(finalAgent.versions).toHaveLength(5);
+    expect(finalAgent.author.toString()).toBe(originalAuthor.toString());
+
+    // Check that each version has the correct updatedBy
+    expect(finalAgent.versions[0].updatedBy).toBeUndefined(); // Initial creation has no updatedBy
+    expect(finalAgent.versions[1].updatedBy.toString()).toBe(user1.toString());
+    expect(finalAgent.versions[2].updatedBy.toString()).toBe(originalAuthor.toString());
+    expect(finalAgent.versions[3].updatedBy.toString()).toBe(user2.toString());
+    expect(finalAgent.versions[4].updatedBy.toString()).toBe(user3.toString());
+
+    // Verify the final state
+    expect(finalAgent.name).toBe('Updated by User 2');
+    expect(finalAgent.description).toBe('Final update by User 3');
+    expect(finalAgent.model).toBe('new-model');
+  });
+
+  test('should preserve original author during agent restoration', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const originalAuthor = new mongoose.Types.ObjectId();
+    const updatingUser = new mongoose.Types.ObjectId();
+
+    await createAgent({
+      id: agentId,
+      name: 'Original Agent',
+      provider: 'test',
+      model: 'test-model',
+      author: originalAuthor,
+      description: 'Original description',
+    });
+
+    await updateAgent(
+      { id: agentId },
+      { name: 'Updated Agent', description: 'Updated description' },
+      { updatingUserId: updatingUser.toString() },
+    );
+
+    const { revertAgentVersion } = require('./Agent');
+    const revertedAgent = await revertAgentVersion({ id: agentId }, 0);
+
+    expect(revertedAgent.author.toString()).toBe(originalAuthor.toString());
+    expect(revertedAgent.name).toBe('Original Agent');
+    expect(revertedAgent.description).toBe('Original description');
+  });
+
+  test('should detect action metadata changes and force version update', async () => {
+    const agentId = `agent_${uuidv4()}`;
+    const authorId = new mongoose.Types.ObjectId();
+    const actionId = 'testActionId123';
+
+    // Create agent with actions
+    await createAgent({
+      id: agentId,
+      name: 'Agent with Actions',
+      provider: 'test',
+      model: 'test-model',
+      author: authorId,
+      actions: [`test.com_action_${actionId}`],
+      tools: ['listEvents_action_test.com', 'createEvent_action_test.com'],
+    });
+
+    // First update with forceVersion should create a version
+    const firstUpdate = await updateAgent(
+      { id: agentId },
+      { tools: ['listEvents_action_test.com', 'createEvent_action_test.com'] },
+      { updatingUserId: authorId.toString(), forceVersion: true },
+    );
+
+    expect(firstUpdate.versions).toHaveLength(2);
+
+    // Second update with same data but forceVersion should still create a version
+    const secondUpdate = await updateAgent(
+      { id: agentId },
+      { tools: ['listEvents_action_test.com', 'createEvent_action_test.com'] },
+      { updatingUserId: authorId.toString(), forceVersion: true },
+    );
+
+    expect(secondUpdate.versions).toHaveLength(3);
+
+    // Update without forceVersion and no changes should not create a version
+    let error;
+    try {
+      await updateAgent(
+        { id: agentId },
+        { tools: ['listEvents_action_test.com', 'createEvent_action_test.com'] },
+        { updatingUserId: authorId.toString(), forceVersion: false },
+      );
+    } catch (e) {
+      error = e;
+    }
+
+    expect(error).toBeDefined();
+    expect(error.message).toContain('Duplicate version');
+    expect(error.statusCode).toBe(409);
+  });
+});
--- a/api/models/Assistant.js
+++ b/api/models/Assistant.js
@@ -1,7 +1,5 @@
 const mongoose = require('mongoose');
-const { assistantSchema } = require('@librechat/data-schemas');
-
-const Assistant = mongoose.model('assistant', assistantSchema);
+const Assistant = require('~/db/models').Assistant;

 /**
 * Update an assistant with new data without overwriting existing properties,
--- a/api/models/Balance.js
+++ b/api/models/Balance.js
@@ -1,4 +0,0 @@
-const mongoose = require('mongoose');
-const { balanceSchema } = require('@librechat/data-schemas');
-
-module.exports = mongoose.model('Balance', balanceSchema);
--- a/api/models/Banner.js
+++ b/api/models/Banner.js
@@ -1,8 +1,7 @@
 const mongoose = require('mongoose');
-const logger = require('~/config/winston');
-const { bannerSchema } = require('@librechat/data-schemas');
+const { logger } = require('@librechat/data-schemas');

-const Banner = mongoose.model('Banner', bannerSchema);
+const Banner = require('~/db/models').Banner;

 /**
 * Retrieves the current active banner.
@@ -28,4 +27,4 @@ const getBanner = async (user) => {
  }
 };

-module.exports = { Banner, getBanner };
+module.exports = { getBanner };
--- a/api/models/Config.js
+++ b/api/models/Config.js
@@ -1,86 +0,0 @@
-const mongoose = require('mongoose');
-const { logger } = require('~/config');
-
-const major = [0, 0];
-const minor = [0, 0];
-const patch = [0, 5];
-
-const configSchema = mongoose.Schema(
-  {
-    tag: {
-      type: String,
-      required: true,
-      validate: {
-        validator: function (tag) {
-          const [part1, part2, part3] = tag.replace('v', '').split('.').map(Number);
-
-          // Check if all parts are numbers
-          if (isNaN(part1) || isNaN(part2) || isNaN(part3)) {
-            return false;
-          }
-
-          // Check if all parts are within their respective ranges
-          if (part1 < major[0] || part1 > major[1]) {
-            return false;
-          }
-          if (part2 < minor[0] || part2 > minor[1]) {
-            return false;
-          }
-          if (part3 < patch[0] || part3 > patch[1]) {
-            return false;
-          }
-          return true;
-        },
-        message: 'Invalid tag value',
-      },
-    },
-    searchEnabled: {
-      type: Boolean,
-      default: false,
-    },
-    usersEnabled: {
-      type: Boolean,
-      default: false,
-    },
-    startupCounts: {
-      type: Number,
-      default: 0,
-    },
-  },
-  { timestamps: true },
-);
-
-// Instance method
-configSchema.methods.incrementCount = function () {
-  this.startupCounts += 1;
-};
-
-// Static methods
-configSchema.statics.findByTag = async function (tag) {
-  return await this.findOne({ tag }).lean();
-};
-
-configSchema.statics.updateByTag = async function (tag, update) {
-  return await this.findOneAndUpdate({ tag }, update, { new: true });
-};
-
-const Config = mongoose.models.Config || mongoose.model('Config', configSchema);
-
-module.exports = {
-  getConfigs: async (filter) => {
-    try {
-      return await Config.find(filter).lean();
-    } catch (error) {
-      logger.error('Error getting configs', error);
-      return { config: 'Error getting configs' };
-    }
-  },
-  deleteConfigs: async (filter) => {
-    try {
-      return await Config.deleteMany(filter);
-    } catch (error) {
-      logger.error('Error deleting configs', error);
-      return { config: 'Error deleting configs' };
-    }
-  },
-};
--- a/api/models/Conversation.js
+++ b/api/models/Conversation.js
@@ -1,6 +1,8 @@
-const Conversation = require('./schema/convoSchema');
+const mongoose = require('mongoose');
+const { logger } = require('@librechat/data-schemas');
 const { getMessages, deleteMessages } = require('./Message');
-const logger = require('~/config/winston');
+
+const Conversation = require('~/db/models').Conversation;

 /**
 * Searches for a conversation by conversationId and returns a lean document with only conversationId and user.
@@ -75,7 +77,6 @@ const getConvoFiles = async (conversationId) => {
 };

 module.exports = {
-  Conversation,
  getConvoFiles,
  searchConversation,
  deleteNullOrEmptyConversations,
@@ -155,7 +156,6 @@ module.exports = {
    { cursor, limit = 25, isArchived = false, tags, search, order = 'desc' } = {},
  ) => {
    const filters = [{ user }];
-
    if (isArchived) {
      filters.push({ isArchived: true });
    } else {
@@ -288,7 +288,6 @@ module.exports = {
  deleteConvos: async (user, filter) => {
    try {
      const userFilter = { ...filter, user };
-
      const conversations = await Conversation.find(userFilter).select('conversationId');
      const conversationIds = conversations.map((c) => c.conversationId);

--- a/api/models/ConversationTag.js
+++ b/api/models/ConversationTag.js
@@ -1,10 +1,8 @@
 const mongoose = require('mongoose');
-const Conversation = require('./schema/convoSchema');
-const logger = require('~/config/winston');
+const { logger } = require('@librechat/data-schemas');

-const { conversationTagSchema } = require('@librechat/data-schemas');
-
-const ConversationTag = mongoose.model('ConversationTag', conversationTagSchema);
+const ConversationTag = require('~/db/models').ConversationTag;
+const Conversation = require('~/db/models').Conversation;

 /**
 * Retrieves all conversation tags for a user.
@@ -140,13 +138,13 @@ const adjustPositions = async (user, oldPosition, newPosition) => {
  const position =
    oldPosition < newPosition
      ? {
-        $gt: Math.min(oldPosition, newPosition),
-        $lte: Math.max(oldPosition, newPosition),
-      }
+          $gt: Math.min(oldPosition, newPosition),
+          $lte: Math.max(oldPosition, newPosition),
+        }
      : {
-        $gte: Math.min(oldPosition, newPosition),
-        $lt: Math.max(oldPosition, newPosition),
-      };
+          $gte: Math.min(oldPosition, newPosition),
+          $lt: Math.max(oldPosition, newPosition),
+        };

  await ConversationTag.updateMany(
    {
--- a/api/models/File.js
+++ b/api/models/File.js
@@ -1,9 +1,8 @@
 const mongoose = require('mongoose');
+const { logger } = require('@librechat/data-schemas');
 const { EToolResources } = require('librechat-data-provider');
-const { fileSchema } = require('@librechat/data-schemas');
-const { logger } = require('~/config');

-const File = mongoose.model('File', fileSchema);
+const File = require('~/db/models').File;

 /**
 * Finds a file by its file_id with additional query options.
@@ -169,7 +168,6 @@ async function batchUpdateFiles(updates) {
 }

 module.exports = {
-  File,
  findFileById,
  getFiles,
  getToolFilesByIds,
--- a/api/models/Key.js
+++ b/api/models/Key.js
@@ -1,4 +0,0 @@
-const mongoose = require('mongoose');
-const { keySchema } = require('@librechat/data-schemas');
-
-module.exports = mongoose.model('Key', keySchema);
--- a/api/models/Message.js
+++ b/api/models/Message.js
@@ -1,7 +1,7 @@
 const { z } = require('zod');
-const Message = require('./schema/messageSchema');
-const { logger } = require('~/config');
+const { logger } = require('@librechat/data-schemas');

+const Message = require('~/db/models').Message;
 const idSchema = z.string().uuid();

 /**
@@ -68,7 +68,6 @@ async function saveMessage(req, params, metadata) {
      logger.info(`---\`saveMessage\` context: ${metadata?.context}`);
      update.tokenCount = 0;
    }
-
    const message = await Message.findOneAndUpdate(
      { messageId: params.messageId, user: req.user.id },
      update,
@@ -140,7 +139,6 @@ async function bulkSaveMessages(messages, overrideTimestamp = false) {
        upsert: true,
      },
    }));
-
    const result = await Message.bulkWrite(bulkOps);
    return result;
  } catch (err) {
@@ -355,7 +353,6 @@ async function deleteMessages(filter) {
 }

 module.exports = {
-  Message,
  saveMessage,
  bulkSaveMessages,
  recordMessage,
--- a/api/models/Message.spec.js
+++ b/api/models/Message.spec.js
@@ -1,4 +1,3 @@
-const mongoose = require('mongoose');
 const { v4: uuidv4 } = require('uuid');

 jest.mock('mongoose');
@@ -20,14 +19,20 @@ const mockSchema = {
  deleteMany: jest.fn(),
 };

-mongoose.model.mockReturnValue(mockSchema);
-
-jest.mock('~/models/schema/messageSchema', () => mockSchema);
-
 jest.mock('~/config/winston', () => ({
  error: jest.fn(),
 }));

+const mockModels = {
+  Message: {
+    findOneAndUpdate: mockSchema.findOneAndUpdate,
+    updateOne: mockSchema.updateOne,
+    findOne: mockSchema.findOne,
+    find: mockSchema.find,
+    deleteMany: mockSchema.deleteMany,
+  },
+};
+
 const {
  saveMessage,
  getMessages,
@@ -153,7 +158,7 @@ describe('Message Operations', () => {
  });

  describe('Conversation Hijacking Prevention', () => {
-    it('should not allow editing a message in another user\'s conversation', async () => {
+    it("should not allow editing a message in another user's conversation", async () => {
      const attackerReq = { user: { id: 'attacker123' } };
      const victimConversationId = 'victim-convo-123';
      const victimMessageId = 'victim-msg-123';
@@ -175,7 +180,7 @@ describe('Message Operations', () => {
      );
    });

-    it('should not allow deleting messages from another user\'s conversation', async () => {
+    it("should not allow deleting messages from another user's conversation", async () => {
      const attackerReq = { user: { id: 'attacker123' } };
      const victimConversationId = 'victim-convo-123';
      const victimMessageId = 'victim-msg-123';
@@ -193,7 +198,7 @@ describe('Message Operations', () => {
      });
    });

-    it('should not allow inserting a new message into another user\'s conversation', async () => {
+    it("should not allow inserting a new message into another user's conversation", async () => {
      const attackerReq = { user: { id: 'attacker123' } };
      const victimConversationId = uuidv4(); // Use a valid UUID

--- a/api/models/Preset.js
+++ b/api/models/Preset.js
@@ -1,5 +1,7 @@
-const Preset = require('./schema/presetSchema');
-const { logger } = require('~/config');
+const mongoose = require('mongoose');
+const { logger } = require('@librechat/data-schemas');
+
+const Preset = require('~/db/models').Preset;

 const getPreset = async (user, presetId) => {
  try {
@@ -11,7 +13,6 @@ const getPreset = async (user, presetId) => {
 };

 module.exports = {
-  Preset,
  getPreset,
  getPresets: async (user, filter) => {
    try {
--- a/api/models/Project.js
+++ b/api/models/Project.js
@@ -1,8 +1,7 @@
-const { model } = require('mongoose');
+const mongoose = require('mongoose');
 const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
-const { projectSchema } = require('@librechat/data-schemas');

-const Project = model('Project', projectSchema);
+const Project = require('~/db/models').Project;

 /**
 * Retrieve a project by ID and convert the found project document to a plain object.
--- a/api/models/Prompt.js
+++ b/api/models/Prompt.js
@@ -1,5 +1,6 @@
 const mongoose = require('mongoose');
 const { ObjectId } = require('mongodb');
+const { logger } = require('@librechat/data-schemas');
 const { SystemRoles, SystemCategories, Constants } = require('librechat-data-provider');
 const {
  getProjectByName,
@@ -7,12 +8,10 @@ const {
  removeGroupIdsFromProject,
  removeGroupFromAllProjects,
 } = require('./Project');
-const { promptGroupSchema, promptSchema } = require('@librechat/data-schemas');
 const { escapeRegExp } = require('~/server/utils');
-const { logger } = require('~/config');

-const PromptGroup = mongoose.model('PromptGroup', promptGroupSchema);
-const Prompt = mongoose.model('Prompt', promptSchema);
+const PromptGroup = require('~/db/models').PromptGroup;
+const Prompt = require('~/db/models').Prompt;

 /**
 * Create a pipeline for the aggregation to get prompt groups
--- a/api/models/Role.js
+++ b/api/models/Role.js
@@ -1,4 +1,3 @@
-const mongoose = require('mongoose');
 const {
  CacheKeys,
  SystemRoles,
@@ -7,11 +6,10 @@ const {
  permissionsSchema,
  removeNullishValues,
 } = require('librechat-data-provider');
+const { logger } = require('@librechat/data-schemas');
 const getLogStores = require('~/cache/getLogStores');
-const { roleSchema } = require('@librechat/data-schemas');
-const { logger } = require('~/config');

-const Role = mongoose.model('Role', roleSchema);
+const Role = require('~/db/models').Role;

 /**
 * Retrieve a role by name and convert the found role document to a plain object.
@@ -282,7 +280,6 @@ const migrateRoleSchema = async function (roleName) {
 };

 module.exports = {
-  Role,
  getRoleByName,
  initializeRoles,
  updateRoleByName,
--- a/api/models/Role.spec.js
+++ b/api/models/Role.spec.js
@@ -6,9 +6,11 @@ const {
  roleDefaults,
  PermissionTypes,
 } = require('librechat-data-provider');
-const { Role, getRoleByName, updateAccessPermissions, initializeRoles } = require('~/models/Role');
+const { getRoleByName, updateAccessPermissions, initializeRoles } = require('~/models/Role');
 const getLogStores = require('~/cache/getLogStores');

+const Role = require('~/db/models').Role;
+
 // Mock the cache
 jest.mock('~/cache/getLogStores', () =>
  jest.fn().mockReturnValue({
--- a/api/models/Session.js
+++ b/api/models/Session.js
@@ -1,275 +0,0 @@
-const mongoose = require('mongoose');
-const signPayload = require('~/server/services/signPayload');
-const { hashToken } = require('~/server/utils/crypto');
-const { sessionSchema } = require('@librechat/data-schemas');
-const { logger } = require('~/config');
-
-const Session = mongoose.model('Session', sessionSchema);
-
-const { REFRESH_TOKEN_EXPIRY } = process.env ?? {};
-const expires = eval(REFRESH_TOKEN_EXPIRY) ?? 1000 * 60 * 60 * 24 * 7; // 7 days default
-
-/**
- * Error class for Session-related errors
- */
-class SessionError extends Error {
-  constructor(message, code = 'SESSION_ERROR') {
-    super(message);
-    this.name = 'SessionError';
-    this.code = code;
-  }
-}
-
-/**
- * Creates a new session for a user
- * @param {string} userId - The ID of the user
- * @param {Object} options - Additional options for session creation
- * @param {Date} options.expiration - Custom expiration date
- * @returns {Promise<{session: Session, refreshToken: string}>}
- * @throws {SessionError}
- */
-const createSession = async (userId, options = {}) => {
-  if (!userId) {
-    throw new SessionError('User ID is required', 'INVALID_USER_ID');
-  }
-
-  try {
-    const session = new Session({
-      user: userId,
-      expiration: options.expiration || new Date(Date.now() + expires),
-    });
-    const refreshToken = await generateRefreshToken(session);
-    return { session, refreshToken };
-  } catch (error) {
-    logger.error('[createSession] Error creating session:', error);
-    throw new SessionError('Failed to create session', 'CREATE_SESSION_FAILED');
-  }
-};
-
-/**
- * Finds a session by various parameters
- * @param {Object} params - Search parameters
- * @param {string} [params.refreshToken] - The refresh token to search by
- * @param {string} [params.userId] - The user ID to search by
- * @param {string} [params.sessionId] - The session ID to search by
- * @param {Object} [options] - Additional options
- * @param {boolean} [options.lean=true] - Whether to return plain objects instead of documents
- * @returns {Promise<Session|null>}
- * @throws {SessionError}
- */
-const findSession = async (params, options = { lean: true }) => {
-  try {
-    const query = {};
-
-    if (!params.refreshToken && !params.userId && !params.sessionId) {
-      throw new SessionError('At least one search parameter is required', 'INVALID_SEARCH_PARAMS');
-    }
-
-    if (params.refreshToken) {
-      const tokenHash = await hashToken(params.refreshToken);
-      query.refreshTokenHash = tokenHash;
-    }
-
-    if (params.userId) {
-      query.user = params.userId;
-    }
-
-    if (params.sessionId) {
-      const sessionId = params.sessionId.sessionId || params.sessionId;
-      if (!mongoose.Types.ObjectId.isValid(sessionId)) {
-        throw new SessionError('Invalid session ID format', 'INVALID_SESSION_ID');
-      }
-      query._id = sessionId;
-    }
-
-    // Add expiration check to only return valid sessions
-    query.expiration = { $gt: new Date() };
-
-    const sessionQuery = Session.findOne(query);
-
-    if (options.lean) {
-      return await sessionQuery.lean();
-    }
-
-    return await sessionQuery.exec();
-  } catch (error) {
-    logger.error('[findSession] Error finding session:', error);
-    throw new SessionError('Failed to find session', 'FIND_SESSION_FAILED');
-  }
-};
-
-/**
- * Updates session expiration
- * @param {Session|string} session - The session or session ID to update
- * @param {Date} [newExpiration] - Optional new expiration date
- * @returns {Promise<Session>}
- * @throws {SessionError}
- */
-const updateExpiration = async (session, newExpiration) => {
-  try {
-    const sessionDoc = typeof session === 'string' ? await Session.findById(session) : session;
-
-    if (!sessionDoc) {
-      throw new SessionError('Session not found', 'SESSION_NOT_FOUND');
-    }
-
-    sessionDoc.expiration = newExpiration || new Date(Date.now() + expires);
-    return await sessionDoc.save();
-  } catch (error) {
-    logger.error('[updateExpiration] Error updating session:', error);
-    throw new SessionError('Failed to update session expiration', 'UPDATE_EXPIRATION_FAILED');
-  }
-};
-
-/**
- * Deletes a session by refresh token or session ID
- * @param {Object} params - Delete parameters
- * @param {string} [params.refreshToken] - The refresh token of the session to delete
- * @param {string} [params.sessionId] - The ID of the session to delete
- * @returns {Promise<Object>}
- * @throws {SessionError}
- */
-const deleteSession = async (params) => {
-  try {
-    if (!params.refreshToken && !params.sessionId) {
-      throw new SessionError(
-        'Either refreshToken or sessionId is required',
-        'INVALID_DELETE_PARAMS',
-      );
-    }
-
-    const query = {};
-
-    if (params.refreshToken) {
-      query.refreshTokenHash = await hashToken(params.refreshToken);
-    }
-
-    if (params.sessionId) {
-      query._id = params.sessionId;
-    }
-
-    const result = await Session.deleteOne(query);
-
-    if (result.deletedCount === 0) {
-      logger.warn('[deleteSession] No session found to delete');
-    }
-
-    return result;
-  } catch (error) {
-    logger.error('[deleteSession] Error deleting session:', error);
-    throw new SessionError('Failed to delete session', 'DELETE_SESSION_FAILED');
-  }
-};
-
-/**
- * Deletes all sessions for a user
- * @param {string} userId - The ID of the user
- * @param {Object} [options] - Additional options
- * @param {boolean} [options.excludeCurrentSession] - Whether to exclude the current session
- * @param {string} [options.currentSessionId] - The ID of the current session to exclude
- * @returns {Promise<Object>}
- * @throws {SessionError}
- */
-const deleteAllUserSessions = async (userId, options = {}) => {
-  try {
-    if (!userId) {
-      throw new SessionError('User ID is required', 'INVALID_USER_ID');
-    }
-
-    // Extract userId if it's passed as an object
-    const userIdString = userId.userId || userId;
-
-    if (!mongoose.Types.ObjectId.isValid(userIdString)) {
-      throw new SessionError('Invalid user ID format', 'INVALID_USER_ID_FORMAT');
-    }
-
-    const query = { user: userIdString };
-
-    if (options.excludeCurrentSession && options.currentSessionId) {
-      query._id = { $ne: options.currentSessionId };
-    }
-
-    const result = await Session.deleteMany(query);
-
-    if (result.deletedCount > 0) {
-      logger.debug(
-        `[deleteAllUserSessions] Deleted ${result.deletedCount} sessions for user ${userIdString}.`,
-      );
-    }
-
-    return result;
-  } catch (error) {
-    logger.error('[deleteAllUserSessions] Error deleting user sessions:', error);
-    throw new SessionError('Failed to delete user sessions', 'DELETE_ALL_SESSIONS_FAILED');
-  }
-};
-
-/**
- * Generates a refresh token for a session
- * @param {Session} session - The session to generate a token for
- * @returns {Promise<string>}
- * @throws {SessionError}
- */
-const generateRefreshToken = async (session) => {
-  if (!session || !session.user) {
-    throw new SessionError('Invalid session object', 'INVALID_SESSION');
-  }
-
-  try {
-    const expiresIn = session.expiration ? session.expiration.getTime() : Date.now() + expires;
-
-    if (!session.expiration) {
-      session.expiration = new Date(expiresIn);
-    }
-
-    const refreshToken = await signPayload({
-      payload: {
-        id: session.user,
-        sessionId: session._id,
-      },
-      secret: process.env.JWT_REFRESH_SECRET,
-      expirationTime: Math.floor((expiresIn - Date.now()) / 1000),
-    });
-
-    session.refreshTokenHash = await hashToken(refreshToken);
-    await session.save();
-
-    return refreshToken;
-  } catch (error) {
-    logger.error('[generateRefreshToken] Error generating refresh token:', error);
-    throw new SessionError('Failed to generate refresh token', 'GENERATE_TOKEN_FAILED');
-  }
-};
-
-/**
- * Counts active sessions for a user
- * @param {string} userId - The ID of the user
- * @returns {Promise<number>}
- * @throws {SessionError}
- */
-const countActiveSessions = async (userId) => {
-  try {
-    if (!userId) {
-      throw new SessionError('User ID is required', 'INVALID_USER_ID');
-    }
-
-    return await Session.countDocuments({
-      user: userId,
-      expiration: { $gt: new Date() },
-    });
-  } catch (error) {
-    logger.error('[countActiveSessions] Error counting active sessions:', error);
-    throw new SessionError('Failed to count active sessions', 'COUNT_SESSIONS_FAILED');
-  }
-};
-
-module.exports = {
-  createSession,
-  findSession,
-  updateExpiration,
-  deleteSession,
-  deleteAllUserSessions,
-  generateRefreshToken,
-  countActiveSessions,
-  SessionError,
-};
--- a/api/models/Share.js
+++ b/api/models/Share.js
@@ -1,11 +1,11 @@
-const mongoose = require('mongoose');
 const { nanoid } = require('nanoid');
+const mongoose = require('mongoose');
 const { Constants } = require('librechat-data-provider');
-const { Conversation } = require('~/models/Conversation');
-const { shareSchema } = require('@librechat/data-schemas');
-const SharedLink = mongoose.model('SharedLink', shareSchema);
+const { logger } = require('@librechat/data-schemas');
 const { getMessages } = require('./Message');
-const logger = require('~/config/winston');
+
+const Conversation = require('~/db/models').Conversation;
+const SharedLink = require('~/db/models').SharedLink;

 class ShareServiceError extends Error {
  constructor(message, code) {
@@ -202,7 +202,6 @@ async function createSharedLink(user, conversationId) {
  if (!user || !conversationId) {
    throw new ShareServiceError('Missing required parameters', 'INVALID_PARAMS');
  }
-
  try {
    const [existingShare, conversationMessages] = await Promise.all([
      SharedLink.findOne({ conversationId, isPublic: true }).select('-_id -__v -user').lean(),
@@ -340,7 +339,6 @@ async function deleteSharedLink(user, shareId) {
 }

 module.exports = {
-  SharedLink,
  getSharedLink,
  getSharedLinks,
  createSharedLink,
--- a/api/models/Token.js
+++ b/api/models/Token.js
@@ -1,158 +1,5 @@
-const mongoose = require('mongoose');
+const { findToken, updateToken, createToken } = require('~/models');
 const { encryptV2 } = require('~/server/utils/crypto');
-const { tokenSchema } = require('@librechat/data-schemas');
-const { logger } = require('~/config');
-
-/**
- * Token model.
- * @type {mongoose.Model}
- */
-const Token = mongoose.model('Token', tokenSchema);
-/**
- * Fixes the indexes for the Token collection from legacy TTL indexes to the new expiresAt index.
- */
-async function fixIndexes() {
-  try {
-    if (
-      process.env.NODE_ENV === 'CI' ||
-      process.env.NODE_ENV === 'development' ||
-      process.env.NODE_ENV === 'test'
-    ) {
-      return;
-    }
-    const indexes = await Token.collection.indexes();
-    logger.debug('Existing Token Indexes:', JSON.stringify(indexes, null, 2));
-    const unwantedTTLIndexes = indexes.filter(
-      (index) => index.key.createdAt === 1 && index.expireAfterSeconds !== undefined,
-    );
-    if (unwantedTTLIndexes.length === 0) {
-      logger.debug('No unwanted Token indexes found.');
-      return;
-    }
-    for (const index of unwantedTTLIndexes) {
-      logger.debug(`Dropping unwanted Token index: ${index.name}`);
-      await Token.collection.dropIndex(index.name);
-      logger.debug(`Dropped Token index: ${index.name}`);
-    }
-    logger.debug('Token index cleanup completed successfully.');
-  } catch (error) {
-    logger.error('An error occurred while fixing Token indexes:', error);
-  }
-}
-
-fixIndexes();
-
-/**
- * Creates a new Token instance.
- * @param {Object} tokenData - The data for the new Token.
- * @param {mongoose.Types.ObjectId} tokenData.userId - The user's ID. It is required.
- * @param {String} tokenData.email - The user's email.
- * @param {String} tokenData.token - The token. It is required.
- * @param {Number} tokenData.expiresIn - The number of seconds until the token expires.
- * @returns {Promise<mongoose.Document>} The new Token instance.
- * @throws Will throw an error if token creation fails.
- */
-async function createToken(tokenData) {
-  try {
-    const currentTime = new Date();
-    const expiresAt = new Date(currentTime.getTime() + tokenData.expiresIn * 1000);
-
-    const newTokenData = {
-      ...tokenData,
-      createdAt: currentTime,
-      expiresAt,
-    };
-
-    return await Token.create(newTokenData);
-  } catch (error) {
-    logger.debug('An error occurred while creating token:', error);
-    throw error;
-  }
-}
-
-/**
- * Finds a Token document that matches the provided query.
- * @param {Object} query - The query to match against.
- * @param {mongoose.Types.ObjectId|String} query.userId - The ID of the user.
- * @param {String} query.token - The token value.
- * @param {String} [query.email] - The email of the user.
- * @param {String} [query.identifier] - Unique, alternative identifier for the token.
- * @returns {Promise<Object|null>} The matched Token document, or null if not found.
- * @throws Will throw an error if the find operation fails.
- */
-async function findToken(query) {
-  try {
-    const conditions = [];
-
-    if (query.userId) {
-      conditions.push({ userId: query.userId });
-    }
-    if (query.token) {
-      conditions.push({ token: query.token });
-    }
-    if (query.email) {
-      conditions.push({ email: query.email });
-    }
-    if (query.identifier) {
-      conditions.push({ identifier: query.identifier });
-    }
-
-    const token = await Token.findOne({
-      $and: conditions,
-    }).lean();
-
-    return token;
-  } catch (error) {
-    logger.debug('An error occurred while finding token:', error);
-    throw error;
-  }
-}
-
-/**
- * Updates a Token document that matches the provided query.
- * @param {Object} query - The query to match against.
- * @param {mongoose.Types.ObjectId|String} query.userId - The ID of the user.
- * @param {String} query.token - The token value.
- * @param {String} [query.email] - The email of the user.
- * @param {String} [query.identifier] - Unique, alternative identifier for the token.
- * @param {Object} updateData - The data to update the Token with.
- * @returns {Promise<mongoose.Document|null>} The updated Token document, or null if not found.
- * @throws Will throw an error if the update operation fails.
- */
-async function updateToken(query, updateData) {
-  try {
-    return await Token.findOneAndUpdate(query, updateData, { new: true });
-  } catch (error) {
-    logger.debug('An error occurred while updating token:', error);
-    throw error;
-  }
-}
-
-/**
- * Deletes all Token documents that match the provided token, user ID, or email.
- * @param {Object} query - The query to match against.
- * @param {mongoose.Types.ObjectId|String} query.userId - The ID of the user.
- * @param {String} query.token - The token value.
- * @param {String} [query.email] - The email of the user.
- * @param {String} [query.identifier] - Unique, alternative identifier for the token.
- * @returns {Promise<Object>} The result of the delete operation.
- * @throws Will throw an error if the delete operation fails.
- */
-async function deleteTokens(query) {
-  try {
-    return await Token.deleteMany({
-      $or: [
-        { userId: query.userId },
-        { token: query.token },
-        { email: query.email },
-        { identifier: query.identifier },
-      ],
-    });
-  } catch (error) {
-    logger.debug('An error occurred while deleting tokens:', error);
-    throw error;
-  }
-}

 /**
 * Handles the OAuth token by creating or updating the token.
@@ -191,9 +38,5 @@ async function handleOAuthToken({
 }

 module.exports = {
-  findToken,
-  createToken,
-  updateToken,
-  deleteTokens,
  handleOAuthToken,
 };
--- a/api/models/ToolCall.js
+++ b/api/models/ToolCall.js
@@ -1,6 +1,6 @@
 const mongoose = require('mongoose');
-const { toolCallSchema } = require('@librechat/data-schemas');
-const ToolCall = mongoose.model('ToolCall', toolCallSchema);
+
+const ToolCall = require('~/db/models').ToolCall;

 /**
 * Create a new tool call
--- a/api/models/Transaction.js
+++ b/api/models/Transaction.js
@@ -1,9 +1,10 @@
 const mongoose = require('mongoose');
-const { transactionSchema } = require('@librechat/data-schemas');
+const { logger } = require('@librechat/data-schemas');
 const { getBalanceConfig } = require('~/server/services/Config');
 const { getMultiplier, getCacheMultiplier } = require('./tx');
-const { logger } = require('~/config');
-const Balance = require('./Balance');
+
+const Transaction = require('~/db/models').Transaction;
+const Balance = require('~/db/models').Balance;

 const cancelRate = 1.15;

@@ -140,19 +141,19 @@ const updateBalance = async ({ user, incrementValue, setValues }) => {
 };

 /** Method to calculate and set the tokenValue for a transaction */
-transactionSchema.methods.calculateTokenValue = function () {
-  if (!this.valueKey || !this.tokenType) {
-    this.tokenValue = this.rawAmount;
+function calculateTokenValue(txn) {
+  if (!txn.valueKey || !txn.tokenType) {
+    txn.tokenValue = txn.rawAmount;
  }
-  const { valueKey, tokenType, model, endpointTokenConfig } = this;
+  const { valueKey, tokenType, model, endpointTokenConfig } = txn;
  const multiplier = Math.abs(getMultiplier({ valueKey, tokenType, model, endpointTokenConfig }));
-  this.rate = multiplier;
-  this.tokenValue = this.rawAmount * multiplier;
-  if (this.context && this.tokenType === 'completion' && this.context === 'incomplete') {
-    this.tokenValue = Math.ceil(this.tokenValue * cancelRate);
-    this.rate *= cancelRate;
+  txn.rate = multiplier;
+  txn.tokenValue = txn.rawAmount * multiplier;
+  if (txn.context && txn.tokenType === 'completion' && txn.context === 'incomplete') {
+    txn.tokenValue = Math.ceil(txn.tokenValue * cancelRate);
+    txn.rate *= cancelRate;
  }
-};
+}

 /**
 * New static method to create an auto-refill transaction that does NOT trigger a balance update.
@@ -163,13 +164,13 @@ transactionSchema.methods.calculateTokenValue = function () {
 * @param {number} txData.rawAmount - The raw amount of tokens.
 * @returns {Promise<object>} - The created transaction.
 */
-transactionSchema.statics.createAutoRefillTransaction = async function (txData) {
+async function createAutoRefillTransaction(txData) {
  if (txData.rawAmount != null && isNaN(txData.rawAmount)) {
    return;
  }
-  const transaction = new this(txData);
+  const transaction = new Transaction(txData);
  transaction.endpointTokenConfig = txData.endpointTokenConfig;
-  transaction.calculateTokenValue();
+  calculateTokenValue(transaction);
  await transaction.save();

  const balanceResponse = await updateBalance({
@@ -185,21 +186,20 @@ transactionSchema.statics.createAutoRefillTransaction = async function (txData)
  logger.debug('[Balance.check] Auto-refill performed', result);
  result.transaction = transaction;
  return result;
-};
+}

 /**
 * Static method to create a transaction and update the balance
 * @param {txData} txData - Transaction data.
 */
-transactionSchema.statics.create = async function (txData) {
-  const Transaction = this;
+async function createTransaction(txData) {
  if (txData.rawAmount != null && isNaN(txData.rawAmount)) {
    return;
  }

  const transaction = new Transaction(txData);
  transaction.endpointTokenConfig = txData.endpointTokenConfig;
-  transaction.calculateTokenValue();
+  calculateTokenValue(transaction);

  await transaction.save();

@@ -209,7 +209,6 @@ transactionSchema.statics.create = async function (txData) {
  }

  let incrementValue = transaction.tokenValue;
-
  const balanceResponse = await updateBalance({
    user: transaction.user,
    incrementValue,
@@ -221,21 +220,19 @@ transactionSchema.statics.create = async function (txData) {
    balance: balanceResponse.tokenCredits,
    [transaction.tokenType]: incrementValue,
  };
-};
+}

 /**
 * Static method to create a structured transaction and update the balance
 * @param {txData} txData - Transaction data.
 */
-transactionSchema.statics.createStructured = async function (txData) {
-  const Transaction = this;
-
+async function createStructuredTransaction(txData) {
  const transaction = new Transaction({
    ...txData,
    endpointTokenConfig: txData.endpointTokenConfig,
  });

-  transaction.calculateStructuredTokenValue();
+  calculateStructuredTokenValue(transaction);

  await transaction.save();

@@ -257,71 +254,69 @@ transactionSchema.statics.createStructured = async function (txData) {
    balance: balanceResponse.tokenCredits,
    [transaction.tokenType]: incrementValue,
  };
-};
+}

 /** Method to calculate token value for structured tokens */
-transactionSchema.methods.calculateStructuredTokenValue = function () {
-  if (!this.tokenType) {
-    this.tokenValue = this.rawAmount;
+function calculateStructuredTokenValue(txn) {
+  if (!txn.tokenType) {
+    txn.tokenValue = txn.rawAmount;
    return;
  }

-  const { model, endpointTokenConfig } = this;
+  const { model, endpointTokenConfig } = txn;

-  if (this.tokenType === 'prompt') {
+  if (txn.tokenType === 'prompt') {
    const inputMultiplier = getMultiplier({ tokenType: 'prompt', model, endpointTokenConfig });
    const writeMultiplier =
      getCacheMultiplier({ cacheType: 'write', model, endpointTokenConfig }) ?? inputMultiplier;
    const readMultiplier =
      getCacheMultiplier({ cacheType: 'read', model, endpointTokenConfig }) ?? inputMultiplier;

-    this.rateDetail = {
+    txn.rateDetail = {
      input: inputMultiplier,
      write: writeMultiplier,
      read: readMultiplier,
    };

    const totalPromptTokens =
-      Math.abs(this.inputTokens || 0) +
-      Math.abs(this.writeTokens || 0) +
-      Math.abs(this.readTokens || 0);
+      Math.abs(txn.inputTokens || 0) +
+      Math.abs(txn.writeTokens || 0) +
+      Math.abs(txn.readTokens || 0);

    if (totalPromptTokens > 0) {
-      this.rate =
-        (Math.abs(inputMultiplier * (this.inputTokens || 0)) +
-          Math.abs(writeMultiplier * (this.writeTokens || 0)) +
-          Math.abs(readMultiplier * (this.readTokens || 0))) /
+      txn.rate =
+        (Math.abs(inputMultiplier * (txn.inputTokens || 0)) +
+          Math.abs(writeMultiplier * (txn.writeTokens || 0)) +
+          Math.abs(readMultiplier * (txn.readTokens || 0))) /
        totalPromptTokens;
    } else {
-      this.rate = Math.abs(inputMultiplier); // Default to input rate if no tokens
+      txn.rate = Math.abs(inputMultiplier); // Default to input rate if no tokens
    }

-    this.tokenValue = -(
-      Math.abs(this.inputTokens || 0) * inputMultiplier +
-      Math.abs(this.writeTokens || 0) * writeMultiplier +
-      Math.abs(this.readTokens || 0) * readMultiplier
+    txn.tokenValue = -(
+      Math.abs(txn.inputTokens || 0) * inputMultiplier +
+      Math.abs(txn.writeTokens || 0) * writeMultiplier +
+      Math.abs(txn.readTokens || 0) * readMultiplier
    );

-    this.rawAmount = -totalPromptTokens;
-  } else if (this.tokenType === 'completion') {
-    const multiplier = getMultiplier({ tokenType: this.tokenType, model, endpointTokenConfig });
-    this.rate = Math.abs(multiplier);
-    this.tokenValue = -Math.abs(this.rawAmount) * multiplier;
-    this.rawAmount = -Math.abs(this.rawAmount);
+    txn.rawAmount = -totalPromptTokens;
+  } else if (txn.tokenType === 'completion') {
+    const multiplier = getMultiplier({ tokenType: txn.tokenType, model, endpointTokenConfig });
+    txn.rate = Math.abs(multiplier);
+    txn.tokenValue = -Math.abs(txn.rawAmount) * multiplier;
+    txn.rawAmount = -Math.abs(txn.rawAmount);
  }

-  if (this.context && this.tokenType === 'completion' && this.context === 'incomplete') {
-    this.tokenValue = Math.ceil(this.tokenValue * cancelRate);
-    this.rate *= cancelRate;
-    if (this.rateDetail) {
-      this.rateDetail = Object.fromEntries(
-        Object.entries(this.rateDetail).map(([k, v]) => [k, v * cancelRate]),
+  if (txn.context && txn.tokenType === 'completion' && txn.context === 'incomplete') {
+    txn.tokenValue = Math.ceil(txn.tokenValue * cancelRate);
+    txn.rate *= cancelRate;
+    if (txn.rateDetail) {
+      txn.rateDetail = Object.fromEntries(
+        Object.entries(txn.rateDetail).map(([k, v]) => [k, v * cancelRate]),
      );
    }
  }
-};
-
-const Transaction = mongoose.model('Transaction', transactionSchema);
+}

 /**
 * Queries and retrieves transactions based on a given filter.
@@ -340,4 +335,9 @@ async function getTransactions(filter) {
  }
 }

-module.exports = { Transaction, getTransactions };
+module.exports = {
+  getTransactions,
+  createTransaction,
+  createAutoRefillTransaction,
+  createStructuredTransaction,
+};
--- a/api/models/Transaction.spec.js
+++ b/api/models/Transaction.spec.js
@@ -3,14 +3,13 @@ const { MongoMemoryServer } = require('mongodb-memory-server');
 const { spendTokens, spendStructuredTokens } = require('./spendTokens');
 const { getBalanceConfig } = require('~/server/services/Config');
 const { getMultiplier, getCacheMultiplier } = require('./tx');
-const { Transaction } = require('./Transaction');
-const Balance = require('./Balance');
+const { createTransaction } = require('./Transaction');
+const Balance = require('~/db/models').Balance;

 // Mock the custom config module so we can control the balance flag.
 jest.mock('~/server/services/Config');

 let mongoServer;
-
 beforeAll(async () => {
  mongoServer = await MongoMemoryServer.create();
  const mongoUri = mongoServer.getUri();
@@ -368,7 +367,7 @@ describe('NaN Handling Tests', () => {
    };

    // Act
-    const result = await Transaction.create(txData);
+    const result = await createTransaction(txData);

    // Assert: No transaction should be created and balance remains unchanged.
    expect(result).toBeUndefined();
--- a/api/models/User.js
+++ b/api/models/User.js
@@ -1,6 +0,0 @@
-const mongoose = require('mongoose');
-const { userSchema } = require('@librechat/data-schemas');
-
-const User = mongoose.model('User', userSchema);
-
-module.exports = User;
--- a/api/models/balanceMethods.js
+++ b/api/models/balanceMethods.js
@@ -1,9 +1,11 @@
+const mongoose = require('mongoose');
+const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
-const { Transaction } = require('./Transaction');
+const { createAutoRefillTransaction } = require('./Transaction');
 const { logViolation } = require('~/cache');
 const { getMultiplier } = require('./tx');
-const { logger } = require('~/config');
-const Balance = require('./Balance');
+
+const Balance = require('~/db/models').Balance;

 function isInvalidDate(date) {
  return isNaN(date);
@@ -60,7 +62,7 @@ const checkBalanceRecord = async function ({
    ) {
      try {
        /** @type {{ rate: number, user: string, balance: number, transaction: import('@librechat/data-schemas').ITransaction}} */
-        const result = await Transaction.createAutoRefillTransaction({
+        const result = await createAutoRefillTransaction({
          user: user,
          tokenType: 'credits',
          context: 'autoRefill',
--- a/api/models/convoStructure.spec.js
+++ b/api/models/convoStructure.spec.js
@@ -1,6 +1,8 @@
 const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
-const { Message, getMessages, bulkSaveMessages } = require('./Message');
+const { getMessages, bulkSaveMessages } = require('./Message');
+
+const Message = require('~/db/models').Message;

 // Original version of buildTree function
 function buildTree({ messages, fileMap }) {
@@ -42,7 +44,6 @@ function buildTree({ messages, fileMap }) {
 }

 let mongod;
-
 beforeAll(async () => {
  mongod = await MongoMemoryServer.create();
  const uri = mongod.getUri();
--- a/api/models/index.js
+++ b/api/models/index.js
@@ -1,13 +1,7 @@
-const {
-  comparePassword,
-  deleteUserById,
-  generateToken,
-  getUserById,
-  updateUser,
-  createUser,
-  countUsers,
-  findUser,
-} = require('./userMethods');
+const mongoose = require('mongoose');
+const { createMethods } = require('@librechat/data-schemas');
+const methods = createMethods(mongoose);
+const { comparePassword } = require('./userMethods');
 const {
  findFileById,
  createFile,
@@ -26,32 +20,12 @@ const {
  deleteMessagesSince,
  deleteMessages,
 } = require('./Message');
-const {
-  createSession,
-  findSession,
-  updateExpiration,
-  deleteSession,
-  deleteAllUserSessions,
-  generateRefreshToken,
-  countActiveSessions,
-} = require('./Session');
 const { getConvoTitle, getConvo, saveConvo, deleteConvos } = require('./Conversation');
 const { getPreset, getPresets, savePreset, deletePresets } = require('./Preset');
-const { createToken, findToken, updateToken, deleteTokens } = require('./Token');
-const Balance = require('./Balance');
-const User = require('./User');
-const Key = require('./Key');

 module.exports = {
+  ...methods,
  comparePassword,
-  deleteUserById,
-  generateToken,
-  getUserById,
-  updateUser,
-  createUser,
-  countUsers,
-  findUser,
-
  findFileById,
  createFile,
  updateFile,
@@ -77,21 +51,4 @@ module.exports = {
  getPresets,
  savePreset,
  deletePresets,
-
-  createToken,
-  findToken,
-  updateToken,
-  deleteTokens,
-
-  createSession,
-  findSession,
-  updateExpiration,
-  deleteSession,
-  deleteAllUserSessions,
-  generateRefreshToken,
-  countActiveSessions,
-
-  User,
-  Key,
-  Balance,
 };
--- a/api/models/inviteUser.js
+++ b/api/models/inviteUser.js
@@ -1,7 +1,7 @@
 const mongoose = require('mongoose');
-const { getRandomValues, hashToken } = require('~/server/utils/crypto');
-const { createToken, findToken } = require('./Token');
-const logger = require('~/config/winston');
+const { logger, hashToken } = require('@librechat/data-schemas');
+const { getRandomValues } = require('~/server/utils/crypto');
+const { createToken, findToken } = require('~/models');

 /**
 * @module inviteUser
--- a/api/models/schema/convoSchema.js
+++ b/api/models/schema/convoSchema.js
@@ -1,18 +0,0 @@
-const mongoose = require('mongoose');
-const mongoMeili = require('../plugins/mongoMeili');
-
-const { convoSchema } = require('@librechat/data-schemas');
-
-if (process.env.MEILI_HOST && process.env.MEILI_MASTER_KEY) {
-  convoSchema.plugin(mongoMeili, {
-    host: process.env.MEILI_HOST,
-    apiKey: process.env.MEILI_MASTER_KEY,
-    /** Note: Will get created automatically if it doesn't exist already */
-    indexName: 'convos',
-    primaryKey: 'conversationId',
-  });
-}
-
-const Conversation = mongoose.models.Conversation || mongoose.model('Conversation', convoSchema);
-
-module.exports = Conversation;
--- a/api/models/schema/messageSchema.js
+++ b/api/models/schema/messageSchema.js
@@ -1,16 +0,0 @@
-const mongoose = require('mongoose');
-const mongoMeili = require('~/models/plugins/mongoMeili');
-const { messageSchema } = require('@librechat/data-schemas');
-
-if (process.env.MEILI_HOST && process.env.MEILI_MASTER_KEY) {
-  messageSchema.plugin(mongoMeili, {
-    host: process.env.MEILI_HOST,
-    apiKey: process.env.MEILI_MASTER_KEY,
-    indexName: 'messages',
-    primaryKey: 'messageId',
-  });
-}
-
-const Message = mongoose.models.Message || mongoose.model('Message', messageSchema);
-
-module.exports = Message;
--- a/api/models/schema/pluginAuthSchema.js
+++ b/api/models/schema/pluginAuthSchema.js
@@ -1,6 +0,0 @@
-const mongoose = require('mongoose');
-const { pluginAuthSchema } = require('@librechat/data-schemas');
-
-const PluginAuth = mongoose.models.Plugin || mongoose.model('PluginAuth', pluginAuthSchema);
-
-module.exports = PluginAuth;
--- a/api/models/schema/presetSchema.js
+++ b/api/models/schema/presetSchema.js
@@ -1,6 +0,0 @@
-const mongoose = require('mongoose');
-const { presetSchema } = require('@librechat/data-schemas');
-
-const Preset = mongoose.models.Preset || mongoose.model('Preset', presetSchema);
-
-module.exports = Preset;
--- a/api/models/spendTokens.js
+++ b/api/models/spendTokens.js
@@ -1,6 +1,5 @@
-const { Transaction } = require('./Transaction');
 const { logger } = require('~/config');
-
+const { createTransaction, createStructuredTransaction } = require('./Transaction');
 /**
 * Creates up to two transactions to record the spending of tokens.
 *
@@ -33,7 +32,7 @@ const spendTokens = async (txData, tokenUsage) => {
  let prompt, completion;
  try {
    if (promptTokens !== undefined) {
-      prompt = await Transaction.create({
+      prompt = await createTransaction({
        ...txData,
        tokenType: 'prompt',
        rawAmount: promptTokens === 0 ? 0 : -Math.max(promptTokens, 0),
@@ -41,7 +40,7 @@ const spendTokens = async (txData, tokenUsage) => {
    }

    if (completionTokens !== undefined) {
-      completion = await Transaction.create({
+      completion = await createTransaction({
        ...txData,
        tokenType: 'completion',
        rawAmount: completionTokens === 0 ? 0 : -Math.max(completionTokens, 0),
@@ -101,7 +100,7 @@ const spendStructuredTokens = async (txData, tokenUsage) => {
  try {
    if (promptTokens) {
      const { input = 0, write = 0, read = 0 } = promptTokens;
-      prompt = await Transaction.createStructured({
+      prompt = await createStructuredTransaction({
        ...txData,
        tokenType: 'prompt',
        inputTokens: -input,
@@ -111,7 +110,7 @@ const spendStructuredTokens = async (txData, tokenUsage) => {
    }

    if (completionTokens) {
-      completion = await Transaction.create({
+      completion = await createTransaction({
        ...txData,
        tokenType: 'completion',
        rawAmount: -completionTokens,
--- a/api/models/spendTokens.spec.js
+++ b/api/models/spendTokens.spec.js
@@ -1,8 +1,9 @@
 const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
-const { Transaction } = require('./Transaction');
-const Balance = require('./Balance');
 const { spendTokens, spendStructuredTokens } = require('./spendTokens');
+const { createTransaction, createAutoRefillTransaction } = require('./Transaction');
+const Transaction = require('~/db/models').Transaction;
+const Balance = require('~/db/models').Balance;

 // Mock the logger to prevent console output during tests
 jest.mock('~/config', () => ({
@@ -22,8 +23,7 @@ describe('spendTokens', () => {

  beforeAll(async () => {
    mongoServer = await MongoMemoryServer.create();
-    const mongoUri = mongoServer.getUri();
-    await mongoose.connect(mongoUri);
+    await mongoose.connect(mongoServer.getUri());
  });

  afterAll(async () => {
@@ -197,7 +197,7 @@ describe('spendTokens', () => {
    // Check that the transaction records show the adjusted values
    const transactionResults = await Promise.all(
      transactions.map((t) =>
-        Transaction.create({
+        createTransaction({
          ...txData,
          tokenType: t.tokenType,
          rawAmount: t.rawAmount,
@@ -280,7 +280,7 @@ describe('spendTokens', () => {

    // Check the return values from Transaction.create directly
    // This is to verify that the incrementValue is not becoming positive
-    const directResult = await Transaction.create({
+    const directResult = await createTransaction({
      user: userId,
      conversationId: 'test-convo-3',
      model: 'gpt-4',
@@ -607,7 +607,7 @@ describe('spendTokens', () => {
    const promises = [];
    for (let i = 0; i < numberOfRefills; i++) {
      promises.push(
-        Transaction.createAutoRefillTransaction({
+        createAutoRefillTransaction({
          user: userId,
          tokenType: 'credits',
          context: 'concurrent-refill-test',
--- a/api/models/tx.js
+++ b/api/models/tx.js
@@ -100,6 +100,8 @@ const tokenValues = Object.assign(
    'claude-3-5-haiku': { prompt: 0.8, completion: 4 },
    'claude-3.5-haiku': { prompt: 0.8, completion: 4 },
    'claude-3-haiku': { prompt: 0.25, completion: 1.25 },
+    'claude-sonnet-4': { prompt: 3, completion: 15 },
+    'claude-opus-4': { prompt: 15, completion: 75 },
    'claude-2.1': { prompt: 8, completion: 24 },
    'claude-2': { prompt: 8, completion: 24 },
    'claude-instant': { prompt: 0.8, completion: 2.4 },
@@ -162,6 +164,8 @@ const cacheTokenValues = {
  'claude-3.5-haiku': { write: 1, read: 0.08 },
  'claude-3-5-haiku': { write: 1, read: 0.08 },
  'claude-3-haiku': { write: 0.3, read: 0.03 },
+  'claude-sonnet-4': { write: 3.75, read: 0.3 },
+  'claude-opus-4': { write: 18.75, read: 1.5 },
 };

 /**
--- a/api/models/tx.spec.js
+++ b/api/models/tx.spec.js
@@ -664,3 +664,97 @@ describe('Grok Model Tests - Pricing', () => {
    });
  });
 });
+
+describe('Claude Model Tests', () => {
+  it('should return correct prompt and completion rates for Claude 4 models', () => {
+    expect(getMultiplier({ model: 'claude-sonnet-4', tokenType: 'prompt' })).toBe(
+      tokenValues['claude-sonnet-4'].prompt,
+    );
+    expect(getMultiplier({ model: 'claude-sonnet-4', tokenType: 'completion' })).toBe(
+      tokenValues['claude-sonnet-4'].completion,
+    );
+    expect(getMultiplier({ model: 'claude-opus-4', tokenType: 'prompt' })).toBe(
+      tokenValues['claude-opus-4'].prompt,
+    );
+    expect(getMultiplier({ model: 'claude-opus-4', tokenType: 'completion' })).toBe(
+      tokenValues['claude-opus-4'].completion,
+    );
+  });
+
+  it('should handle Claude 4 model name variations with different prefixes and suffixes', () => {
+    const modelVariations = [
+      'claude-sonnet-4',
+      'claude-sonnet-4-20240229',
+      'claude-sonnet-4-latest',
+      'anthropic/claude-sonnet-4',
+      'claude-sonnet-4/anthropic',
+      'claude-sonnet-4-preview',
+      'claude-sonnet-4-20240229-preview',
+      'claude-opus-4',
+      'claude-opus-4-20240229',
+      'claude-opus-4-latest',
+      'anthropic/claude-opus-4',
+      'claude-opus-4/anthropic',
+      'claude-opus-4-preview',
+      'claude-opus-4-20240229-preview',
+    ];
+
+    modelVariations.forEach((model) => {
+      const valueKey = getValueKey(model);
+      const isSonnet = model.includes('sonnet');
+      const expectedKey = isSonnet ? 'claude-sonnet-4' : 'claude-opus-4';
+
+      expect(valueKey).toBe(expectedKey);
+      expect(getMultiplier({ model, tokenType: 'prompt' })).toBe(tokenValues[expectedKey].prompt);
+      expect(getMultiplier({ model, tokenType: 'completion' })).toBe(
+        tokenValues[expectedKey].completion,
+      );
+    });
+  });
+
+  it('should return correct cache rates for Claude 4 models', () => {
+    expect(getCacheMultiplier({ model: 'claude-sonnet-4', cacheType: 'write' })).toBe(
+      cacheTokenValues['claude-sonnet-4'].write,
+    );
+    expect(getCacheMultiplier({ model: 'claude-sonnet-4', cacheType: 'read' })).toBe(
+      cacheTokenValues['claude-sonnet-4'].read,
+    );
+    expect(getCacheMultiplier({ model: 'claude-opus-4', cacheType: 'write' })).toBe(
+      cacheTokenValues['claude-opus-4'].write,
+    );
+    expect(getCacheMultiplier({ model: 'claude-opus-4', cacheType: 'read' })).toBe(
+      cacheTokenValues['claude-opus-4'].read,
+    );
+  });
+
+  it('should handle Claude 4 model cache rates with different prefixes and suffixes', () => {
+    const modelVariations = [
+      'claude-sonnet-4',
+      'claude-sonnet-4-20240229',
+      'claude-sonnet-4-latest',
+      'anthropic/claude-sonnet-4',
+      'claude-sonnet-4/anthropic',
+      'claude-sonnet-4-preview',
+      'claude-sonnet-4-20240229-preview',
+      'claude-opus-4',
+      'claude-opus-4-20240229',
+      'claude-opus-4-latest',
+      'anthropic/claude-opus-4',
+      'claude-opus-4/anthropic',
+      'claude-opus-4-preview',
+      'claude-opus-4-20240229-preview',
+    ];
+
+    modelVariations.forEach((model) => {
+      const isSonnet = model.includes('sonnet');
+      const expectedKey = isSonnet ? 'claude-sonnet-4' : 'claude-opus-4';
+
+      expect(getCacheMultiplier({ model, cacheType: 'write' })).toBe(
+        cacheTokenValues[expectedKey].write,
+      );
+      expect(getCacheMultiplier({ model, cacheType: 'read' })).toBe(
+        cacheTokenValues[expectedKey].read,
+      );
+    });
+  });
+});
--- a/api/models/userMethods.js
+++ b/api/models/userMethods.js
@@ -1,159 +1,4 @@
 const bcrypt = require('bcryptjs');
-const { getBalanceConfig } = require('~/server/services/Config');
-const signPayload = require('~/server/services/signPayload');
-const Balance = require('./Balance');
-const User = require('./User');
-
-/**
- * Retrieve a user by ID and convert the found user document to a plain object.
- *
- * @param {string} userId - The ID of the user to find and return as a plain object.
- * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
- * @returns {Promise<MongoUser>} A plain object representing the user document, or `null` if no user is found.
- */
-const getUserById = async function (userId, fieldsToSelect = null) {
-  const query = User.findById(userId);
-  if (fieldsToSelect) {
-    query.select(fieldsToSelect);
-  }
-  return await query.lean();
-};
-
-/**
- * Search for a single user based on partial data and return matching user document as plain object.
- * @param {Partial<MongoUser>} searchCriteria - The partial data to use for searching the user.
- * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
- * @returns {Promise<MongoUser>} A plain object representing the user document, or `null` if no user is found.
- */
-const findUser = async function (searchCriteria, fieldsToSelect = null) {
-  const query = User.findOne(searchCriteria);
-  if (fieldsToSelect) {
-    query.select(fieldsToSelect);
-  }
-  return await query.lean();
-};
-
-/**
- * Update a user with new data without overwriting existing properties.
- *
- * @param {string} userId - The ID of the user to update.
- * @param {Object} updateData - An object containing the properties to update.
- * @returns {Promise<MongoUser>} The updated user document as a plain object, or `null` if no user is found.
- */
-const updateUser = async function (userId, updateData) {
-  const updateOperation = {
-    $set: updateData,
-    $unset: { expiresAt: '' }, // Remove the expiresAt field to prevent TTL
-  };
-  return await User.findByIdAndUpdate(userId, updateOperation, {
-    new: true,
-    runValidators: true,
-  }).lean();
-};
-
-/**
- * Creates a new user, optionally with a TTL of 1 week.
- * @param {MongoUser} data - The user data to be created, must contain user_id.
- * @param {boolean} [disableTTL=true] - Whether to disable the TTL. Defaults to `true`.
- * @param {boolean} [returnUser=false] - Whether to return the created user object.
- * @returns {Promise<ObjectId|MongoUser>} A promise that resolves to the created user document ID or user object.
- * @throws {Error} If a user with the same user_id already exists.
- */
-const createUser = async (data, disableTTL = true, returnUser = false) => {
-  const balance = await getBalanceConfig();
-  const userData = {
-    ...data,
-    expiresAt: disableTTL ? null : new Date(Date.now() + 604800 * 1000), // 1 week in milliseconds
-  };
-
-  if (disableTTL) {
-    delete userData.expiresAt;
-  }
-
-  const user = await User.create(userData);
-
-  // If balance is enabled, create or update a balance record for the user using global.interfaceConfig.balance
-  if (balance?.enabled && balance?.startBalance) {
-    const update = {
-      $inc: { tokenCredits: balance.startBalance },
-    };
-
-    if (
-      balance.autoRefillEnabled &&
-      balance.refillIntervalValue != null &&
-      balance.refillIntervalUnit != null &&
-      balance.refillAmount != null
-    ) {
-      update.$set = {
-        autoRefillEnabled: true,
-        refillIntervalValue: balance.refillIntervalValue,
-        refillIntervalUnit: balance.refillIntervalUnit,
-        refillAmount: balance.refillAmount,
-      };
-    }
-
-    await Balance.findOneAndUpdate({ user: user._id }, update, { upsert: true, new: true }).lean();
-  }
-
-  if (returnUser) {
-    return user.toObject();
-  }
-  return user._id;
-};
-
-/**
- * Count the number of user documents in the collection based on the provided filter.
- *
- * @param {Object} [filter={}] - The filter to apply when counting the documents.
- * @returns {Promise<number>} The count of documents that match the filter.
- */
-const countUsers = async function (filter = {}) {
-  return await User.countDocuments(filter);
-};
-
-/**
- * Delete a user by their unique ID.
- *
- * @param {string} userId - The ID of the user to delete.
- * @returns {Promise<{ deletedCount: number }>} An object indicating the number of deleted documents.
- */
-const deleteUserById = async function (userId) {
-  try {
-    const result = await User.deleteOne({ _id: userId });
-    if (result.deletedCount === 0) {
-      return { deletedCount: 0, message: 'No user found with that ID.' };
-    }
-    return { deletedCount: result.deletedCount, message: 'User was deleted successfully.' };
-  } catch (error) {
-    throw new Error('Error deleting user: ' + error.message);
-  }
-};
-
-const { SESSION_EXPIRY } = process.env ?? {};
-const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15;
-
-/**
- * Generates a JWT token for a given user.
- *
- * @param {MongoUser} user - The user for whom the token is being generated.
- * @returns {Promise<string>} A promise that resolves to a JWT token.
- */
-const generateToken = async (user) => {
-  if (!user) {
-    throw new Error('No user provided');
-  }
-
-  return await signPayload({
-    payload: {
-      id: user._id,
-      username: user.username,
-      provider: user.provider,
-      email: user.email,
-    },
-    secret: process.env.JWT_SECRET,
-    expirationTime: expires / 1000,
-  });
-};

 /**
 * Compares the provided password with the user's password.
@@ -179,11 +24,4 @@ const comparePassword = async (user, candidatePassword) => {

 module.exports = {
  comparePassword,
-  deleteUserById,
-  generateToken,
-  getUserById,
-  countUsers,
-  createUser,
-  updateUser,
-  findUser,
 };
--- a/api/package.json
+++ b/api/package.json
@@ -43,13 +43,14 @@
    "@google/generative-ai": "^0.23.0",
    "@googleapis/youtube": "^20.0.0",
    "@keyv/redis": "^4.3.3",
-    "@langchain/community": "^0.3.42",
-    "@langchain/core": "^0.3.55",
-    "@langchain/google-genai": "^0.2.8",
-    "@langchain/google-vertexai": "^0.2.8",
+    "@langchain/community": "^0.3.44",
+    "@langchain/core": "^0.3.57",
+    "@langchain/google-genai": "^0.2.9",
+    "@langchain/google-vertexai": "^0.2.9",
    "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.4.317",
+    "@librechat/agents": "^2.4.37",
    "@librechat/data-schemas": "*",
+    "@node-saml/passport-saml": "^5.0.0",
    "@waylaidwanderer/fetch-event-source": "^3.0.1",
    "axios": "^1.8.2",
    "bcryptjs": "^2.4.3",
@@ -75,6 +76,7 @@
    "ioredis": "^5.3.2",
    "js-yaml": "^4.1.0",
    "jsonwebtoken": "^9.0.0",
+    "jwks-rsa": "^3.2.0",
    "keyv": "^5.3.2",
    "keyv-file": "^5.1.2",
    "klona": "^2.0.6",
@@ -86,13 +88,13 @@
    "mime": "^3.0.0",
    "module-alias": "^2.2.3",
    "mongoose": "^8.12.1",
-    "multer": "^1.4.5-lts.1",
+    "multer": "^2.0.0",
    "nanoid": "^3.3.7",
    "nodemailer": "^6.9.15",
    "ollama": "^0.5.0",
    "openai": "^4.96.2",
    "openai-chat-tokens": "^0.2.8",
-    "openid-client": "^5.4.2",
+    "openid-client": "^6.5.0",
    "passport": "^0.6.0",
    "passport-apple": "^2.0.2",
    "passport-discord": "^0.1.4",
--- a/api/server/cleanup.js
+++ b/api/server/cleanup.js
@@ -16,17 +16,17 @@ const FinalizationRegistry = global.FinalizationRegistry || null;
 */
 const clientRegistry = FinalizationRegistry
  ? new FinalizationRegistry((heldValue) => {
-    try {
-      // This will run when the client is garbage collected
-      if (heldValue && heldValue.userId) {
-        logger.debug(`[FinalizationRegistry] Cleaning up client for user ${heldValue.userId}`);
-      } else {
-        logger.debug('[FinalizationRegistry] Cleaning up client');
+      try {
+        // This will run when the client is garbage collected
+        if (heldValue && heldValue.userId) {
+          logger.debug(`[FinalizationRegistry] Cleaning up client for user ${heldValue.userId}`);
+        } else {
+          logger.debug('[FinalizationRegistry] Cleaning up client');
+        }
+      } catch (e) {
+        // Ignore errors
      }
-    } catch (e) {
-      // Ignore errors
-    }
-  })
+    })
  : null;

 /**
@@ -134,15 +134,12 @@ function disposeClient(client) {
    if (client.message_delta) {
      client.message_delta = null;
    }
-    if (client.isClaude3 !== undefined) {
-      client.isClaude3 = null;
+    if (client.isClaudeLatest !== undefined) {
+      client.isClaudeLatest = null;
    }
    if (client.useMessages !== undefined) {
      client.useMessages = null;
    }
-    if (client.isLegacyOutput !== undefined) {
-      client.isLegacyOutput = null;
-    }
    if (client.supportsCacheControl !== undefined) {
      client.supportsCacheControl = null;
    }
--- a/api/server/controllers/AuthController.js
+++ b/api/server/controllers/AuthController.js
@@ -1,13 +1,17 @@
 const cookies = require('cookie');
 const jwt = require('jsonwebtoken');
+const openIdClient = require('openid-client');
+const { logger } = require('@librechat/data-schemas');
 const {
  registerUser,
  resetPassword,
  setAuthTokens,
  requestPasswordReset,
+  setOpenIDAuthTokens,
 } = require('~/server/services/AuthService');
-const { findSession, getUserById, deleteAllUserSessions } = require('~/models');
-const { logger } = require('~/config');
+const { findUser, getUserById, deleteAllUserSessions, findSession } = require('~/models');
+const { getOpenIdConfig } = require('~/strategies');
+const { isEnabled } = require('~/server/utils');

 const registrationController = async (req, res) => {
  try {
@@ -55,10 +59,28 @@ const resetPasswordController = async (req, res) => {

 const refreshController = async (req, res) => {
  const refreshToken = req.headers.cookie ? cookies.parse(req.headers.cookie).refreshToken : null;
+  const token_provider = req.headers.cookie
+    ? cookies.parse(req.headers.cookie).token_provider
+    : null;
  if (!refreshToken) {
    return res.status(200).send('Refresh token not provided');
  }
-
+  if (token_provider === 'openid' && isEnabled(process.env.OPENID_REUSE_TOKENS) === true) {
+    try {
+      const openIdConfig = getOpenIdConfig();
+      const tokenset = await openIdClient.refreshTokenGrant(openIdConfig, refreshToken);
+      const claims = tokenset.claims();
+      const user = await findUser({ email: claims.email });
+      if (!user) {
+        return res.status(401).redirect('/login');
+      }
+      const token = setOpenIDAuthTokens(tokenset, res);
+      return res.status(200).send({ token, user });
+    } catch (error) {
+      logger.error('[refreshController] OpenID token refresh error', error);
+      return res.status(403).send('Invalid OpenID refresh token');
+    }
+  }
  try {
    const payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
    const user = await getUserById(payload.id, '-password -__v -totpSecret');
@@ -74,7 +96,10 @@ const refreshController = async (req, res) => {
    }

    // Find the session with the hashed refresh token
-    const session = await findSession({ userId: userId, refreshToken: refreshToken });
+    const session = await findSession({
+      userId: userId,
+      refreshToken: refreshToken,
+    });

    if (session && session.expiration > new Date()) {
      const token = await setAuthTokens(userId, res, session._id);
--- a/api/server/controllers/Balance.js
+++ b/api/server/controllers/Balance.js
@@ -1,9 +1,26 @@
-const Balance = require('~/models/Balance');
+const mongoose = require('mongoose');
+
+const Balance = require('~/db/models').Balance;

 async function balanceController(req, res) {
-  const { tokenCredits: balance = '' } =
-    (await Balance.findOne({ user: req.user.id }, 'tokenCredits').lean()) ?? {};
-  res.status(200).send('' + balance);
+  const balanceData = await Balance.findOne(
+    { user: req.user.id },
+    '-_id tokenCredits autoRefillEnabled refillIntervalValue refillIntervalUnit lastRefill refillAmount',
+  ).lean();
+
+  if (!balanceData) {
+    return res.status(404).json({ error: 'Balance not found' });
+  }
+
+  // If auto-refill is not enabled, remove auto-refill related fields from the response
+  if (!balanceData.autoRefillEnabled) {
+    delete balanceData.refillIntervalValue;
+    delete balanceData.refillIntervalUnit;
+    delete balanceData.lastRefill;
+    delete balanceData.refillAmount;
+  }
+
+  res.status(200).json(balanceData);
 }

 module.exports = balanceController;
--- a/api/server/controllers/TwoFactorController.js
+++ b/api/server/controllers/TwoFactorController.js
@@ -1,12 +1,12 @@
+const { logger } = require('@librechat/data-schemas');
 const {
+  verifyTOTP,
+  getTOTPSecret,
+  verifyBackupCode,
  generateTOTPSecret,
  generateBackupCodes,
-  verifyTOTP,
-  verifyBackupCode,
-  getTOTPSecret,
 } = require('~/server/services/twoFactorService');
-const { updateUser, getUserById } = require('~/models');
-const { logger } = require('~/config');
+const { getUserById, updateUser } = require('~/models');
 const { encryptV3 } = require('~/server/utils/crypto');

 const safeAppTitle = (process.env.APP_TITLE || 'LibreChat').replace(/\s+/g, '');
--- a/api/server/controllers/UserController.js
+++ b/api/server/controllers/UserController.js
@@ -1,6 +1,11 @@
-const { FileSources } = require('librechat-data-provider');
 const {
-  Balance,
+  Tools,
+  FileSources,
+  webSearchKeys,
+  extractWebSearchEnvVars,
+} = require('librechat-data-provider');
+const { logger } = require('@librechat/data-schemas');
+const {
  getFiles,
  updateUser,
  deleteFiles,
@@ -10,7 +15,6 @@ const {
  deleteUserById,
  deleteAllUserSessions,
 } = require('~/models');
-const User = require('~/models/User');
 const { updateUserPluginAuth, deleteUserPluginAuth } = require('~/server/services/PluginService');
 const { updateUserPluginsService, deleteUserKey } = require('~/server/services/UserService');
 const { verifyEmail, resendVerificationEmail } = require('~/server/services/AuthService');
@@ -18,8 +22,10 @@ const { needsRefresh, getNewS3URL } = require('~/server/services/Files/S3/crud')
 const { processDeleteRequest } = require('~/server/services/Files/process');
 const { deleteAllSharedLinks } = require('~/models/Share');
 const { deleteToolCalls } = require('~/models/ToolCall');
-const { Transaction } = require('~/models/Transaction');
-const { logger } = require('~/config');
+
+const Transaction = require('~/db/models').Transaction;
+const Balance = require('~/db/models').Balance;
+const User = require('~/db/models').User;

 const getUserController = async (req, res) => {
  /** @type {MongoUser} */
@@ -83,7 +89,6 @@ const deleteUserFiles = async (req) => {
 const updateUserPluginsController = async (req, res) => {
  const { user } = req;
  const { pluginKey, action, auth, isEntityTool } = req.body;
-  let authService;
  try {
    if (!isEntityTool) {
      const userPluginsService = await updateUserPluginsService(user, pluginKey, action);
@@ -95,32 +100,55 @@ const updateUserPluginsController = async (req, res) => {
      }
    }

-    if (auth) {
-      const keys = Object.keys(auth);
-      const values = Object.values(auth);
-      if (action === 'install' && keys.length > 0) {
-        for (let i = 0; i < keys.length; i++) {
-          authService = await updateUserPluginAuth(user.id, keys[i], pluginKey, values[i]);
-          if (authService instanceof Error) {
-            logger.error('[authService]', authService);
-            const { status, message } = authService;
-            res.status(status).send({ message });
-          }
+    if (auth == null) {
+      return res.status(200).send();
+    }
+
+    let keys = Object.keys(auth);
+    if (keys.length === 0 && pluginKey !== Tools.web_search) {
+      return res.status(200).send();
+    }
+    const values = Object.values(auth);
+
+    /** @type {number} */
+    let status = 200;
+    /** @type {string} */
+    let message;
+    /** @type {IPluginAuth | Error} */
+    let authService;
+
+    if (pluginKey === Tools.web_search) {
+      /** @type  {TCustomConfig['webSearch']} */
+      const webSearchConfig = req.app.locals?.webSearch;
+      keys = extractWebSearchEnvVars({
+        keys: action === 'install' ? keys : webSearchKeys,
+        config: webSearchConfig,
+      });
+    }
+
+    if (action === 'install') {
+      for (let i = 0; i < keys.length; i++) {
+        authService = await updateUserPluginAuth(user.id, keys[i], pluginKey, values[i]);
+        if (authService instanceof Error) {
+          logger.error('[authService]', authService);
+          ({ status, message } = authService);
        }
      }
-      if (action === 'uninstall' && keys.length > 0) {
-        for (let i = 0; i < keys.length; i++) {
-          authService = await deleteUserPluginAuth(user.id, keys[i]);
-          if (authService instanceof Error) {
-            logger.error('[authService]', authService);
-            const { status, message } = authService;
-            res.status(status).send({ message });
-          }
+    } else if (action === 'uninstall') {
+      for (let i = 0; i < keys.length; i++) {
+        authService = await deleteUserPluginAuth(user.id, keys[i]);
+        if (authService instanceof Error) {
+          logger.error('[authService]', authService);
+          ({ status, message } = authService);
        }
      }
    }

-    res.status(200).send();
+    if (status === 200) {
+      return res.status(status).send();
+    }
+
+    res.status(status).send({ message });
  } catch (err) {
    logger.error('[updateUserPluginsController]', err);
    return res.status(500).json({ message: 'Something went wrong.' });
--- a/api/server/controllers/agents/callbacks.js
+++ b/api/server/controllers/agents/callbacks.js
@@ -237,6 +237,30 @@ function createToolEndCallback({ req, res, artifactPromises }) {
      return;
    }

+    if (output.artifact[Tools.web_search]) {
+      artifactPromises.push(
+        (async () => {
+          const name = `${output.name}_${output.tool_call_id}_${nanoid()}`;
+          const attachment = {
+            name,
+            type: Tools.web_search,
+            messageId: metadata.run_id,
+            toolCallId: output.tool_call_id,
+            conversationId: metadata.thread_id,
+            [Tools.web_search]: { ...output.artifact[Tools.web_search] },
+          };
+          if (!res.headersSent) {
+            return attachment;
+          }
+          res.write(`event: attachment\ndata: ${JSON.stringify(attachment)}\n\n`);
+          return attachment;
+        })().catch((error) => {
+          logger.error('Error processing artifact content:', error);
+          return null;
+        }),
+      );
+    }
+
    if (output.artifact.content) {
      /** @type {FormattedContent[]} */
      const content = output.artifact.content;
--- a/api/server/controllers/agents/client.js
+++ b/api/server/controllers/agents/client.js
@@ -39,9 +39,6 @@ const BaseClient = require('~/app/clients/BaseClient');
 const { logger, sendEvent } = require('~/config');
 const { createRun } = require('./run');

-/** @typedef {import('@librechat/agents').MessageContentComplex} MessageContentComplex */
-/** @typedef {import('@langchain/core/runnables').RunnableConfig} RunnableConfig */
-
 /**
 * @param {ServerRequest} req
 * @param {Agent} agent
@@ -543,7 +540,7 @@ class AgentClient extends BaseClient {
  }

  async chatCompletion({ payload, abortController = null }) {
-    /** @type {Partial<RunnableConfig> & { version: 'v1' | 'v2'; run_id?: string; streamMode: string }} */
+    /** @type {Partial<GraphRunnableConfig>} */
    let config;
    /** @type {ReturnType<createRun>} */
    let run;
--- a/api/server/controllers/agents/v1.js
+++ b/api/server/controllers/agents/v1.js
@@ -23,6 +23,7 @@ const { updateAction, getActions } = require('~/models/Action');
 const { updateAgentProjects } = require('~/models/Agent');
 const { getProjectByName } = require('~/models/Project');
 const { deleteFileByFilter } = require('~/models/File');
+const { revertAgentVersion } = require('~/models/Agent');
 const { logger } = require('~/config');

 const systemTools = {
@@ -104,11 +105,13 @@ const getAgentHandler = async (req, res) => {
      return res.status(404).json({ error: 'Agent not found' });
    }

+    agent.version = agent.versions ? agent.versions.length : 0;
+
    if (agent.avatar && agent.avatar?.source === FileSources.s3) {
      const originalUrl = agent.avatar.filepath;
      agent.avatar.filepath = await refreshS3Url(agent.avatar);
      if (originalUrl !== agent.avatar.filepath) {
-        await updateAgent({ id }, { avatar: agent.avatar });
+        await updateAgent({ id }, { avatar: agent.avatar }, { updatingUserId: req.user.id });
      }
    }

@@ -127,6 +130,7 @@ const getAgentHandler = async (req, res) => {
        author: agent.author,
        projectIds: agent.projectIds,
        isCollaborative: agent.isCollaborative,
+        version: agent.version,
      });
    }
    return res.status(200).json(agent);
@@ -165,7 +169,9 @@ const updateAgentHandler = async (req, res) => {
    }

    let updatedAgent =
-      Object.keys(updateData).length > 0 ? await updateAgent({ id }, updateData) : existingAgent;
+      Object.keys(updateData).length > 0
+        ? await updateAgent({ id }, updateData, { updatingUserId: req.user.id })
+        : existingAgent;

    if (projectIds || removeProjectIds) {
      updatedAgent = await updateAgentProjects({
@@ -187,6 +193,14 @@ const updateAgentHandler = async (req, res) => {
    return res.json(updatedAgent);
  } catch (error) {
    logger.error('[/Agents/:id] Error updating Agent', error);
+
+    if (error.statusCode === 409) {
+      return res.status(409).json({
+        error: error.message,
+        details: error.details,
+      });
+    }
+
    res.status(500).json({ error: error.message });
  }
 };
@@ -393,7 +407,11 @@ const uploadAgentAvatarHandler = async (req, res) => {
      },
    };

-    promises.push(await updateAgent({ id: agent_id, author: req.user.id }, data));
+    promises.push(
+      await updateAgent({ id: agent_id, author: req.user.id }, data, {
+        updatingUserId: req.user.id,
+      }),
+    );

    const resolved = await Promise.all(promises);
    res.status(201).json(resolved[0]);
@@ -411,6 +429,66 @@ const uploadAgentAvatarHandler = async (req, res) => {
  }
 };

+/**
+ * Reverts an agent to a previous version from its version history.
+ * @route PATCH /agents/:id/revert
+ * @param {object} req - Express Request object
+ * @param {object} req.params - Request parameters
+ * @param {string} req.params.id - The ID of the agent to revert
+ * @param {object} req.body - Request body
+ * @param {number} req.body.version_index - The index of the version to revert to
+ * @param {object} req.user - Authenticated user information
+ * @param {string} req.user.id - User ID
+ * @param {string} req.user.role - User role
+ * @param {ServerResponse} res - Express Response object
+ * @returns {Promise<Agent>} 200 - The updated agent after reverting to the specified version
+ * @throws {Error} 400 - If version_index is missing
+ * @throws {Error} 403 - If user doesn't have permission to modify the agent
+ * @throws {Error} 404 - If agent not found
+ * @throws {Error} 500 - If there's an internal server error during the reversion process
+ */
+const revertAgentVersionHandler = async (req, res) => {
+  try {
+    const { id } = req.params;
+    const { version_index } = req.body;
+
+    if (version_index === undefined) {
+      return res.status(400).json({ error: 'version_index is required' });
+    }
+
+    const isAdmin = req.user.role === SystemRoles.ADMIN;
+    const existingAgent = await getAgent({ id });
+
+    if (!existingAgent) {
+      return res.status(404).json({ error: 'Agent not found' });
+    }
+
+    const isAuthor = existingAgent.author.toString() === req.user.id;
+    const hasEditPermission = existingAgent.isCollaborative || isAdmin || isAuthor;
+
+    if (!hasEditPermission) {
+      return res.status(403).json({
+        error: 'You do not have permission to modify this non-collaborative agent',
+      });
+    }
+
+    const updatedAgent = await revertAgentVersion({ id }, version_index);
+
+    if (updatedAgent.author) {
+      updatedAgent.author = updatedAgent.author.toString();
+    }
+
+    if (updatedAgent.author !== req.user.id) {
+      delete updatedAgent.author;
+    }
+
+    return res.json(updatedAgent);
+  } catch (error) {
+    logger.error('[/agents/:id/revert] Error reverting Agent version', error);
+    res.status(500).json({ error: error.message });
+  }
+};
+
 module.exports = {
  createAgent: createAgentHandler,
  getAgent: getAgentHandler,
@@ -419,4 +497,5 @@ module.exports = {
  deleteAgent: deleteAgentHandler,
  getListAgents: getListAgentsHandler,
  uploadAgentAvatar: uploadAgentAvatarHandler,
+  revertAgentVersion: revertAgentVersionHandler,
 };
--- a/api/server/controllers/assistants/chatV1.js
+++ b/api/server/controllers/assistants/chatV1.js
@@ -326,8 +326,15 @@ const chatV1 = async (req, res) => {

      file_ids = files.map(({ file_id }) => file_id);
      if (file_ids.length || thread_file_ids.length) {
-        userMessage.file_ids = file_ids;
        attachedFileIds = new Set([...file_ids, ...thread_file_ids]);
+        if (endpoint === EModelEndpoint.azureAssistants) {
+          userMessage.attachments = Array.from(attachedFileIds).map((file_id) => ({
+            file_id,
+            tools: [{ type: 'file_search' }],
+          }));
+        } else {
+          userMessage.file_ids = Array.from(attachedFileIds);
+        }
      }
    };

--- a/api/server/controllers/auth/LogoutController.js
+++ b/api/server/controllers/auth/LogoutController.js
@@ -1,5 +1,5 @@
 const cookies = require('cookie');
-const { Issuer } = require('openid-client');
+const { getOpenIdConfig } = require('~/strategies');
 const { logoutUser } = require('~/server/services/AuthService');
 const { isEnabled } = require('~/server/utils');
 const { logger } = require('~/config');
@@ -10,20 +10,29 @@ const logoutController = async (req, res) => {
    const logout = await logoutUser(req, refreshToken);
    const { status, message } = logout;
    res.clearCookie('refreshToken');
+    res.clearCookie('token_provider');
    const response = { message };
    if (
      req.user.openidId != null &&
      isEnabled(process.env.OPENID_USE_END_SESSION_ENDPOINT) &&
      process.env.OPENID_ISSUER
    ) {
-      const issuer = await Issuer.discover(process.env.OPENID_ISSUER);
-      const redirect = issuer.metadata.end_session_endpoint;
-      if (!redirect) {
+      const openIdConfig = getOpenIdConfig();
+      if (!openIdConfig) {
        logger.warn(
-          '[logoutController] end_session_endpoint not found in OpenID issuer metadata. Please verify that the issuer is correct.',
+          '[logoutController] OpenID config not found. Please verify that the open id configuration and initialization are correct.',
        );
      } else {
-        response.redirect = redirect;
+        const endSessionEndpoint = openIdConfig
+          ? openIdConfig.serverMetadata().end_session_endpoint
+          : null;
+        if (endSessionEndpoint) {
+          response.redirect = endSessionEndpoint;
+        } else {
+          logger.warn(
+            '[logoutController] end_session_endpoint not found in OpenID issuer metadata. Please verify that the issuer is correct.',
+          );
+        }
      }
    }
    return res.status(status).send(response);
--- a/api/server/controllers/auth/TwoFactorAuthController.js
+++ b/api/server/controllers/auth/TwoFactorAuthController.js
@@ -1,12 +1,12 @@
 const jwt = require('jsonwebtoken');
+const { logger } = require('@librechat/data-schemas');
 const {
  verifyTOTP,
-  verifyBackupCode,
  getTOTPSecret,
+  verifyBackupCode,
 } = require('~/server/services/twoFactorService');
 const { setAuthTokens } = require('~/server/services/AuthService');
-const { getUserById } = require('~/models/userMethods');
-const { logger } = require('~/config');
+const { getUserById } = require('~/models');

 /**
 * Verifies the 2FA code during login using a temporary token.
--- a/api/server/controllers/tools.js
+++ b/api/server/controllers/tools.js
@@ -6,6 +6,7 @@ const {
  Permissions,
  ToolCallTypes,
  PermissionTypes,
+  loadWebSearchAuth,
 } = require('librechat-data-provider');
 const { processFileURL, uploadImageBuffer } = require('~/server/services/Files/process');
 const { processCodeOutput } = require('~/server/services/Files/Code/process');
@@ -24,6 +25,36 @@ const toolAccessPermType = {
  [Tools.execute_code]: PermissionTypes.RUN_CODE,
 };

+/**
+ * Verifies web search authentication, ensuring each category has at least
+ * one fully authenticated service.
+ *
+ * @param {ServerRequest} req - The request object
+ * @param {ServerResponse} res - The response object
+ * @returns {Promise<void>} A promise that resolves when the function has completed
+ */
+const verifyWebSearchAuth = async (req, res) => {
+  try {
+    const userId = req.user.id;
+    /** @type {TCustomConfig['webSearch']} */
+    const webSearchConfig = req.app.locals?.webSearch || {};
+    const result = await loadWebSearchAuth({
+      userId,
+      loadAuthValues,
+      webSearchConfig,
+      throwError: false,
+    });
+
+    return res.status(200).json({
+      authenticated: result.authenticated,
+      authTypes: result.authTypes,
+    });
+  } catch (error) {
+    console.error('Error in verifyWebSearchAuth:', error);
+    return res.status(500).json({ message: error.message });
+  }
+};
+
 /**
 * @param {ServerRequest} req - The request object, containing information about the HTTP request.
 * @param {ServerResponse} res - The response object, used to send back the desired HTTP response.
@@ -32,6 +63,9 @@ const toolAccessPermType = {
 const verifyToolAuth = async (req, res) => {
  try {
    const { toolId } = req.params;
+    if (toolId === Tools.web_search) {
+      return await verifyWebSearchAuth(req, res);
+    }
    const authFields = fieldsMap[toolId];
    if (!authFields) {
      res.status(404).json({ message: 'Tool not found' });
--- a/api/server/index.js
+++ b/api/server/index.js
@@ -9,8 +9,9 @@ const passport = require('passport');
 const mongoSanitize = require('express-mongo-sanitize');
 const fs = require('fs');
 const cookieParser = require('cookie-parser');
+const { connectDb, indexSync } = require('~/db');
+
 const { jwtLogin, passportLogin } = require('~/strategies');
-const { connectDb, indexSync } = require('~/lib/db');
 const { isEnabled } = require('~/server/utils');
 const { ldapLogin } = require('~/strategies');
 const { logger } = require('~/config');
@@ -24,20 +25,25 @@ const routes = require('./routes');

 const { PORT, HOST, ALLOW_SOCIAL_LOGIN, DISABLE_COMPRESSION, TRUST_PROXY } = process.env ?? {};

-const port = Number(PORT) || 3080;
+// Allow PORT=0 to be used for automatic free port assignment
+const port = isNaN(Number(PORT)) ? 3080 : Number(PORT);
 const host = HOST || 'localhost';
 const trusted_proxy = Number(TRUST_PROXY) || 1; /* trust first proxy by default */

+const app = express();
+
 const startServer = async () => {
  if (typeof Bun !== 'undefined') {
    axios.defaults.headers.common['Accept-Encoding'] = 'gzip';
  }
  await connectDb();
+
  logger.info('Connected to MongoDB');
  await indexSync();

-  const app = express();
  app.disable('x-powered-by');
+  app.set('trust proxy', trusted_proxy);
+
  await AppService(app);

  const indexPath = path.join(app.locals.paths.dist, 'index.html');
@@ -49,28 +55,29 @@ const startServer = async () => {
  app.use(noIndex);
  app.use(errorController);
  app.use(express.json({ limit: '3mb' }));
-  app.use(mongoSanitize());
  app.use(express.urlencoded({ extended: true, limit: '3mb' }));
-  app.use(staticCache(app.locals.paths.dist));
-  app.use(staticCache(app.locals.paths.fonts));
-  app.use(staticCache(app.locals.paths.assets));
-  app.set('trust proxy', trusted_proxy);
+  app.use(mongoSanitize());
  app.use(cors());
  app.use(cookieParser());

  if (!isEnabled(DISABLE_COMPRESSION)) {
    app.use(compression());
+  } else {
+    console.warn('Response compression has been disabled via DISABLE_COMPRESSION.');
  }

+  // Serve static assets with aggressive caching
+  app.use(staticCache(app.locals.paths.dist));
+  app.use(staticCache(app.locals.paths.fonts));
+  app.use(staticCache(app.locals.paths.assets));
+
  if (!ALLOW_SOCIAL_LOGIN) {
-    console.warn(
-      'Social logins are disabled. Set Environment Variable "ALLOW_SOCIAL_LOGIN" to true to enable them.',
-    );
+    console.warn('Social logins are disabled. Set ALLOW_SOCIAL_LOGIN=true to enable them.');
  }

  /* OAUTH */
  app.use(passport.initialize());
-  passport.use(await jwtLogin());
+  passport.use(jwtLogin());
  passport.use(passportLogin());

  /* LDAP Auth */
@@ -79,7 +86,7 @@ const startServer = async () => {
  }

  if (isEnabled(ALLOW_SOCIAL_LOGIN)) {
-    configureSocialLogins(app);
+    await configureSocialLogins(app);
  }

  app.use('/oauth', routes.oauth);
@@ -128,7 +135,7 @@ const startServer = async () => {
  });

  app.listen(port, host, () => {
-    if (host == '0.0.0.0') {
+    if (host === '0.0.0.0') {
      logger.info(
        `Server listening on all interfaces at port ${port}. Use http://localhost:${port} to access it`,
      );
@@ -176,3 +183,6 @@ process.on('uncaughtException', (err) => {

  process.exit(1);
 });
+
+// export app for easier testing purposes
+module.exports = app;
--- a/api/server/index.spec.js
+++ b/api/server/index.spec.js
@@ -0,0 +1,82 @@
+const fs = require('fs');
+const path = require('path');
+const request = require('supertest');
+const { MongoMemoryServer } = require('mongodb-memory-server');
+const mongoose = require('mongoose');
+
+jest.mock('~/server/services/Config/loadCustomConfig', () => {
+  return jest.fn(() => Promise.resolve({}));
+});
+
+describe('Server Configuration', () => {
+  // Increase the default timeout to allow for Mongo cleanup
+  jest.setTimeout(30_000);
+
+  let mongoServer;
+  let app;
+
+  /** Mocked fs.readFileSync for index.html */
+  const originalReadFileSync = fs.readFileSync;
+  beforeAll(() => {
+    fs.readFileSync = function (filepath, options) {
+      if (filepath.includes('index.html')) {
+        return '<!DOCTYPE html><html><head><title>LibreChat</title></head><body><div id="root"></div></body></html>';
+      }
+      return originalReadFileSync(filepath, options);
+    };
+  });
+
+  afterAll(() => {
+    // Restore original fs.readFileSync
+    fs.readFileSync = originalReadFileSync;
+  });
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    process.env.MONGO_URI = mongoServer.getUri();
+    process.env.PORT = '0'; // Use a random available port
+    app = require('~/server');
+
+    // Wait for the app to be healthy
+    await healthCheckPoll(app);
+  });
+
+  afterAll(async () => {
+    await mongoServer.stop();
+    await mongoose.disconnect();
+  });
+
+  it('should return OK for /health', async () => {
+    const response = await request(app).get('/health');
+    expect(response.status).toBe(200);
+    expect(response.text).toBe('OK');
+  });
+
+  it('should not cache index page', async () => {
+    const response = await request(app).get('/');
+    expect(response.status).toBe(200);
+    expect(response.headers['cache-control']).toBe('no-cache, no-store, must-revalidate');
+    expect(response.headers['pragma']).toBe('no-cache');
+    expect(response.headers['expires']).toBe('0');
+  });
+});
+
+// Polls the /health endpoint every 30ms for up to 10 seconds to wait for the server to start completely
+async function healthCheckPoll(app, retries = 0) {
+  const maxRetries = Math.floor(10000 / 30); // 10 seconds / 30ms
+  try {
+    const response = await request(app).get('/health');
+    if (response.status === 200) {
+      return; // App is healthy
+    }
+  } catch (error) {
+    // Ignore connection errors during polling
+  }
+
+  if (retries < maxRetries) {
+    await new Promise((resolve) => setTimeout(resolve, 30));
+    await healthCheckPoll(app, retries + 1);
+  } else {
+    throw new Error('App did not become healthy within 10 seconds.');
+  }
+}
--- a/api/server/middleware/checkBan.js
+++ b/api/server/middleware/checkBan.js
@@ -1,12 +1,12 @@
 const { Keyv } = require('keyv');
 const uap = require('ua-parser-js');
+const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
 const { isEnabled, removePorts } = require('~/server/utils');
 const keyvMongo = require('~/cache/keyvMongo');
 const denyRequest = require('./denyRequest');
 const { getLogStores } = require('~/cache');
 const { findUser } = require('~/models');
-const { logger } = require('~/config');

 const banCache = new Keyv({ store: keyvMongo, namespace: ViolationTypes.BAN, ttl: 0 });
 const message = 'Your account has been temporarily banned due to violations of our service.';
--- a/api/server/middleware/checkInviteUser.js
+++ b/api/server/middleware/checkInviteUser.js
@@ -1,5 +1,5 @@
 const { getInvite } = require('~/models/inviteUser');
-const { deleteTokens } = require('~/models/Token');
+const { deleteTokens } = require('~/models');

 async function checkInviteUser(req, res, next) {
  const token = req.body.token;
--- a/api/server/middleware/optionalJwtAuth.js
+++ b/api/server/middleware/optionalJwtAuth.js
@@ -1,9 +1,13 @@
+const cookies = require('cookie');
+const { isEnabled } = require('~/server/utils');
 const passport = require('passport');

 // This middleware does not require authentication,
 // but if the user is authenticated, it will set the user object.
 const optionalJwtAuth = (req, res, next) => {
-  passport.authenticate('jwt', { session: false }, (err, user) => {
+  const cookieHeader = req.headers.cookie;
+  const tokenProvider = cookieHeader ? cookies.parse(cookieHeader).token_provider : null;
+  const callback = (err, user) => {
    if (err) {
      return next(err);
    }
@@ -11,7 +15,11 @@ const optionalJwtAuth = (req, res, next) => {
      req.user = user;
    }
    next();
-  })(req, res, next);
+  };
+  if (tokenProvider === 'openid' && isEnabled(process.env.OPENID_REUSE_TOKENS)) {
+    return passport.authenticate('openidJwt', { session: false }, callback)(req, res, next);
+  }
+  passport.authenticate('jwt', { session: false }, callback)(req, res, next);
 };

 module.exports = optionalJwtAuth;
--- a/api/server/middleware/requireJwtAuth.js
+++ b/api/server/middleware/requireJwtAuth.js
@@ -1,5 +1,23 @@
 const passport = require('passport');
+const cookies = require('cookie');
+const { isEnabled } = require('~/server/utils');

-const requireJwtAuth = passport.authenticate('jwt', { session: false });
+/**
+ * Custom Middleware to handle JWT authentication, with support for OpenID token reuse
+ * Switches between JWT and OpenID authentication based on cookies and environment settings
+ */
+const requireJwtAuth = (req, res, next) => {
+  // Check if token provider is specified in cookies
+  const cookieHeader = req.headers.cookie;
+  const tokenProvider = cookieHeader ? cookies.parse(cookieHeader).token_provider : null;
+
+  // Use OpenID authentication if token provider is OpenID and OPENID_REUSE_TOKENS is enabled
+  if (tokenProvider === 'openid' && isEnabled(process.env.OPENID_REUSE_TOKENS)) {
+    return passport.authenticate('openidJwt', { session: false })(req, res, next);
+  }
+
+  // Default to standard JWT authentication
+  return passport.authenticate('jwt', { session: false })(req, res, next);
+};

 module.exports = requireJwtAuth;
--- a/api/server/middleware/setBalanceConfig.js
+++ b/api/server/middleware/setBalanceConfig.js
@@ -1,6 +1,8 @@
+const mongoose = require('mongoose');
+const { logger } = require('@librechat/data-schemas');
 const { getBalanceConfig } = require('~/server/services/Config');
-const Balance = require('~/models/Balance');
-const { logger } = require('~/config');
+
+const Balance = require('~/db/models').Balance;

 /**
 * Middleware to synchronize user balance settings with current balance configuration.
--- a/api/server/routes/tests/config.spec.js
+++ b/api/server/routes/tests/config.spec.js
@@ -1,11 +1,11 @@
 jest.mock('~/cache/getLogStores');
 const request = require('supertest');
 const express = require('express');
-const routes = require('../');
+const configRoute = require('../config');
 // file deepcode ignore UseCsurfForExpress/test: test
 const app = express();
 app.disable('x-powered-by');
-app.use('/api/config', routes.config);
+app.use('/api/config', configRoute);

 afterEach(() => {
  delete process.env.APP_TITLE;
@@ -24,6 +24,12 @@ afterEach(() => {
  delete process.env.GITHUB_CLIENT_SECRET;
  delete process.env.DISCORD_CLIENT_ID;
  delete process.env.DISCORD_CLIENT_SECRET;
+  delete process.env.SAML_ENTRY_POINT;
+  delete process.env.SAML_ISSUER;
+  delete process.env.SAML_CERT;
+  delete process.env.SAML_SESSION_SECRET;
+  delete process.env.SAML_BUTTON_LABEL;
+  delete process.env.SAML_IMAGE_URL;
  delete process.env.DOMAIN_SERVER;
  delete process.env.ALLOW_REGISTRATION;
  delete process.env.ALLOW_SOCIAL_LOGIN;
@@ -55,6 +61,12 @@ describe.skip('GET /', () => {
    process.env.GITHUB_CLIENT_SECRET = 'Test Github client Secret';
    process.env.DISCORD_CLIENT_ID = 'Test Discord client Id';
    process.env.DISCORD_CLIENT_SECRET = 'Test Discord client Secret';
+    process.env.SAML_ENTRY_POINT = 'http://test-server.com';
+    process.env.SAML_ISSUER = 'Test SAML Issuer';
+    process.env.SAML_CERT = 'saml.pem';
+    process.env.SAML_SESSION_SECRET = 'Test Secret';
+    process.env.SAML_BUTTON_LABEL = 'Test SAML';
+    process.env.SAML_IMAGE_URL = 'http://test-server.com';
    process.env.DOMAIN_SERVER = 'http://test-server.com';
    process.env.ALLOW_REGISTRATION = 'true';
    process.env.ALLOW_SOCIAL_LOGIN = 'true';
@@ -70,7 +82,7 @@ describe.skip('GET /', () => {
    expect(response.statusCode).toBe(200);
    expect(response.body).toEqual({
      appTitle: 'Test Title',
-      socialLogins: ['google', 'facebook', 'openid', 'github', 'discord'],
+      socialLogins: ['google', 'facebook', 'openid', 'github', 'discord', 'saml'],
      discordLoginEnabled: true,
      facebookLoginEnabled: true,
      githubLoginEnabled: true,
@@ -78,6 +90,9 @@ describe.skip('GET /', () => {
      openidLoginEnabled: true,
      openidLabel: 'Test OpenID',
      openidImageUrl: 'http://test-server.com',
+      samlLoginEnabled: true,
+      samlLabel: 'Test SAML',
+      samlImageUrl: 'http://test-server.com',
      ldap: {
        enabled: true,
      },
--- a/api/server/routes/agents/actions.js
+++ b/api/server/routes/agents/actions.js
@@ -107,7 +107,15 @@ router.post('/:agent_id', async (req, res) => {
      .filter((tool) => !(tool && (tool.includes(domain) || tool.includes(action_id))))
      .concat(functions.map((tool) => `${tool.function.name}${actionDelimiter}${domain}`));

-    const updatedAgent = await updateAgent(agentQuery, { tools, actions });
+    // Force version update since actions are changing
+    const updatedAgent = await updateAgent(
+      agentQuery,
+      { tools, actions },
+      {
+        updatingUserId: req.user.id,
+        forceVersion: true,
+      },
+    );

    // Only update user field for new actions
    const actionUpdateData = { metadata, agent_id };
@@ -172,7 +180,12 @@ router.delete('/:agent_id/:action_id', async (req, res) => {

    const updatedTools = tools.filter((tool) => !(tool && tool.includes(domain)));

-    await updateAgent(agentQuery, { tools: updatedTools, actions: updatedActions });
+    // Force version update since actions are being removed
+    await updateAgent(
+      agentQuery,
+      { tools: updatedTools, actions: updatedActions },
+      { updatingUserId: req.user.id, forceVersion: true },
+    );
    // If admin, can delete any action, otherwise only user's actions
    const actionQuery = admin ? { action_id } : { action_id, user: req.user.id };
    await deleteAction(actionQuery);
--- a/api/server/routes/agents/v1.js
+++ b/api/server/routes/agents/v1.js
@@ -78,6 +78,15 @@ router.post('/:id/duplicate', checkAgentCreate, v1.duplicateAgent);
 */
 router.delete('/:id', checkAgentCreate, v1.deleteAgent);

+/**
+ * Reverts an agent to a previous version.
+ * @route POST /agents/:id/revert
+ * @param {string} req.params.id - Agent identifier.
+ * @param {number} req.body.version_index - Index of the version to revert to.
+ * @returns {Agent} 200 - success response - application/json
+ */
+router.post('/:id/revert', checkGlobalAgentShare, v1.revertAgentVersion);
+
 /**
 * Returns a list of agents.
 * @route GET /agents
--- a/api/server/routes/config.js
+++ b/api/server/routes/config.js
@@ -37,6 +37,18 @@ router.get('/', async function (req, res) {
  const ldap = getLdapConfig();

  try {
+    const isOpenIdEnabled =
+      !!process.env.OPENID_CLIENT_ID &&
+      !!process.env.OPENID_CLIENT_SECRET &&
+      !!process.env.OPENID_ISSUER &&
+      !!process.env.OPENID_SESSION_SECRET;
+
+    const isSamlEnabled =
+      !!process.env.SAML_ENTRY_POINT &&
+      !!process.env.SAML_ISSUER &&
+      !!process.env.SAML_CERT &&
+      !!process.env.SAML_SESSION_SECRET;
+
    /** @type {TStartupConfig} */
    const payload = {
      appTitle: process.env.APP_TITLE || 'LibreChat',
@@ -51,14 +63,13 @@ router.get('/', async function (req, res) {
        !!process.env.APPLE_TEAM_ID &&
        !!process.env.APPLE_KEY_ID &&
        !!process.env.APPLE_PRIVATE_KEY_PATH,
-      openidLoginEnabled:
-        !!process.env.OPENID_CLIENT_ID &&
-        !!process.env.OPENID_CLIENT_SECRET &&
-        !!process.env.OPENID_ISSUER &&
-        !!process.env.OPENID_SESSION_SECRET,
+      openidLoginEnabled: isOpenIdEnabled,
      openidLabel: process.env.OPENID_BUTTON_LABEL || 'Continue with OpenID',
      openidImageUrl: process.env.OPENID_IMAGE_URL,
      openidAutoRedirect: isEnabled(process.env.OPENID_AUTO_REDIRECT),
+      samlLoginEnabled: !isOpenIdEnabled && isSamlEnabled,
+      samlLabel: process.env.SAML_BUTTON_LABEL,
+      samlImageUrl: process.env.SAML_IMAGE_URL,
      serverDomain: process.env.DOMAIN_SERVER || 'http://localhost:3080',
      emailLoginEnabled,
      registrationEnabled: !ldap?.enabled && isEnabled(process.env.ALLOW_REGISTRATION),
@@ -85,6 +96,26 @@ router.get('/', async function (req, res) {
      bundlerURL: process.env.SANDPACK_BUNDLER_URL,
      staticBundlerURL: process.env.SANDPACK_STATIC_BUNDLER_URL,
    };
+    /** @type {TCustomConfig['webSearch']} */
+    const webSearchConfig = req.app.locals.webSearch;
+    if (
+      webSearchConfig != null &&
+      (webSearchConfig.searchProvider ||
+        webSearchConfig.scraperType ||
+        webSearchConfig.rerankerType)
+    ) {
+      payload.webSearch = {};
+    }
+
+    if (webSearchConfig?.searchProvider) {
+      payload.webSearch.searchProvider = webSearchConfig.searchProvider;
+    }
+    if (webSearchConfig?.scraperType) {
+      payload.webSearch.scraperType = webSearchConfig.scraperType;
+    }
+    if (webSearchConfig?.rerankerType) {
+      payload.webSearch.rerankerType = webSearchConfig.rerankerType;
+    }

    if (ldap) {
      payload.ldap = ldap;
--- a/api/server/routes/convos.js
+++ b/api/server/routes/convos.js
@@ -74,7 +74,7 @@ router.post('/gen_title', async (req, res) => {
    res.status(200).json({ title });
  } else {
    res.status(404).json({
-      message: 'Title not found or method not implemented for the conversation\'s endpoint',
+      message: "Title not found or method not implemented for the conversation's endpoint",
    });
  }
 });
--- a/api/server/routes/files/files.js
+++ b/api/server/routes/files/files.js
@@ -121,6 +121,14 @@ router.delete('/', async (req, res) => {
      await processDeleteRequest({ req, files: assistantFiles });
      res.status(200).json({ message: 'File associations removed successfully from assistant' });
      return;
+    } else if (
+      req.body.assistant_id &&
+      req.body.files?.[0]?.filepath === EModelEndpoint.azureAssistants
+    ) {
+      await processDeleteRequest({ req, files: req.body.files });
+      return res
+        .status(200)
+        .json({ message: 'File associations removed successfully from Azure Assistant' });
    }

    await processDeleteRequest({ req, files: dbFiles });
@@ -275,6 +283,10 @@ router.post('/', async (req, res) => {
      message += ': ' + error.message;
    }

+    if (error.message?.includes('Invalid file format')) {
+      message = error.message;
+    }
+
    // TODO: delete remote file if it exists
    try {
      await fs.unlink(req.file.path);
--- a/api/server/routes/messages.js
+++ b/api/server/routes/messages.js
@@ -1,4 +1,5 @@
 const express = require('express');
+const { logger } = require('@librechat/data-schemas');
 const { ContentTypes } = require('librechat-data-provider');
 const {
  saveConvo,
@@ -13,8 +14,8 @@ const { requireJwtAuth, validateMessageReq } = require('~/server/middleware');
 const { cleanUpPrimaryKeyValue } = require('~/lib/utils/misc');
 const { getConvosQueried } = require('~/models/Conversation');
 const { countTokens } = require('~/server/utils');
-const { Message } = require('~/models/Message');
-const { logger } = require('~/config');
+
+const Message = require('~/db/models').Message;

 const router = express.Router();
 router.use(requireJwtAuth);
@@ -40,7 +41,11 @@ router.get('/', async (req, res) => {
    const sortOrder = sortDirection === 'asc' ? 1 : -1;

    if (conversationId && messageId) {
-      const message = await Message.findOne({ conversationId, messageId, user: user }).lean();
+      const message = await Message.findOne({
+        conversationId,
+        messageId,
+        user: user,
+      }).lean();
      response = { messages: message ? [message] : [], nextCursor: null };
    } else if (conversationId) {
      const filter = { conversationId, user: user };
--- a/api/server/routes/oauth.js
+++ b/api/server/routes/oauth.js
@@ -1,6 +1,7 @@
 // file deepcode ignore NoRateLimitingForLogin: Rate limiting is handled by the `loginLimiter` middleware
 const express = require('express');
 const passport = require('passport');
+const { randomState } = require('openid-client');
 const {
  checkBan,
  logHeaders,
@@ -8,7 +9,8 @@ const {
  setBalanceConfig,
  checkDomainAllowed,
 } = require('~/server/middleware');
-const { setAuthTokens } = require('~/server/services/AuthService');
+const { setAuthTokens, setOpenIDAuthTokens } = require('~/server/services/AuthService');
+const { isEnabled } = require('~/server/utils');
 const { logger } = require('~/config');

 const router = express.Router();
@@ -28,7 +30,15 @@ const oauthHandler = async (req, res) => {
    if (req.banned) {
      return;
    }
-    await setAuthTokens(req.user._id, res);
+    if (
+      req.user &&
+      req.user.provider == 'openid' &&
+      isEnabled(process.env.OPENID_REUSE_TOKENS) === true
+    ) {
+      setOpenIDAuthTokens(req.user.tokenset, res);
+    } else {
+      await setAuthTokens(req.user._id, res);
+    }
    res.redirect(domains.client);
  } catch (err) {
    logger.error('Error in setting authentication tokens:', err);
@@ -94,12 +104,12 @@ router.get(
 /**
 * OpenID Routes
 */
-router.get(
-  '/openid',
-  passport.authenticate('openid', {
+router.get('/openid', (req, res, next) => {
+  return passport.authenticate('openid', {
    session: false,
-  }),
-);
+    state: randomState(),
+  })(req, res, next);
+});

 router.get(
  '/openid/callback',
@@ -179,4 +189,24 @@ router.post(
  oauthHandler,
 );

+/**
+ * SAML Routes
+ */
+router.get(
+  '/saml',
+  passport.authenticate('saml', {
+    session: false,
+  }),
+);
+
+router.post(
+  '/saml/callback',
+  passport.authenticate('saml', {
+    failureRedirect: `${domains.client}/oauth/error`,
+    failureMessage: true,
+    session: false,
+  }),
+  oauthHandler,
+);
+
 module.exports = router;
--- a/api/server/services/ActionService.js
+++ b/api/server/services/ActionService.js
@@ -17,9 +17,9 @@ const { logger, getFlowStateManager, sendEvent } = require('~/config');
 const { encryptV2, decryptV2 } = require('~/server/utils/crypto');
 const { getActions, deleteActions } = require('~/models/Action');
 const { deleteAssistant } = require('~/models/Assistant');
-const { findToken } = require('~/models/Token');
 const { logAxiosError } = require('~/utils');
 const { getLogStores } = require('~/cache');
+const { findToken } = require('~/models');

 const JWT_SECRET = process.env.JWT_SECRET;
 const toolNameRegex = /^[a-zA-Z0-9_-]+$/;
@@ -207,7 +207,7 @@ async function createActionTool({
                    state: stateToken,
                    userId: userId,
                    client_url: metadata.auth.client_url,
-                    redirect_uri: `${process.env.DOMAIN_CLIENT}/api/actions/${action_id}/oauth/callback`,
+                    redirect_uri: `${process.env.DOMAIN_SERVER}/api/actions/${action_id}/oauth/callback`,
                    /** Encrypted values */
                    encrypted_oauth_client_id: encrypted.oauth_client_id,
                    encrypted_oauth_client_secret: encrypted.oauth_client_secret,
--- a/api/server/services/AppService.interface.spec.js
+++ b/api/server/services/AppService.interface.spec.js
@@ -25,6 +25,7 @@ jest.mock('./start/checks', () => ({
  checkHealth: jest.fn(),
  checkConfig: jest.fn(),
  checkAzureVariables: jest.fn(),
+  checkWebSearchConfig: jest.fn(),
 }));

 const AppService = require('./AppService');
--- a/api/server/services/AppService.js
+++ b/api/server/services/AppService.js
@@ -1,11 +1,18 @@
 const {
  FileSources,
-  EModelEndpoint,
  loadOCRConfig,
  processMCPEnv,
+  EModelEndpoint,
  getConfigDefaults,
+  loadWebSearchConfig,
 } = require('librechat-data-provider');
-const { checkVariables, checkHealth, checkConfig, checkAzureVariables } = require('./start/checks');
+const {
+  checkHealth,
+  checkConfig,
+  checkVariables,
+  checkAzureVariables,
+  checkWebSearchConfig,
+} = require('./start/checks');
 const { azureAssistantsDefaults, assistantsConfigSetup } = require('./start/assistants');
 const { initializeAzureBlobService } = require('./Files/Azure/initialize');
 const { initializeFirebase } = require('./Files/Firebase/initialize');
@@ -35,6 +42,8 @@ const AppService = async (app) => {
  const configDefaults = getConfigDefaults();

  const ocr = loadOCRConfig(config.ocr);
+  const webSearch = loadWebSearchConfig(config.webSearch);
+  checkWebSearchConfig(webSearch);
  const filteredTools = config.filteredTools;
  const includedTools = config.includedTools;
  const fileStrategy = config.fileStrategy ?? configDefaults.fileStrategy;
@@ -79,6 +88,7 @@ const AppService = async (app) => {
  const defaultLocals = {
    ocr,
    paths,
+    webSearch,
    fileStrategy,
    socialLogins,
    filteredTools,
--- a/api/server/services/AppService.spec.js
+++ b/api/server/services/AppService.spec.js
@@ -141,6 +141,14 @@ describe('AppService', () => {
      balance: { enabled: true },
      filteredTools: undefined,
      includedTools: undefined,
+      webSearch: {
+        cohereApiKey: '${COHERE_API_KEY}',
+        firecrawlApiKey: '${FIRECRAWL_API_KEY}',
+        firecrawlApiUrl: '${FIRECRAWL_API_URL}',
+        jinaApiKey: '${JINA_API_KEY}',
+        safeSearch: 1,
+        serperApiKey: '${SERPER_API_KEY}',
+      },
    });
  });

@@ -537,7 +545,7 @@ describe('AppService updating app.locals and issuing warnings', () => {
    const { logger } = require('~/config');
    expect(logger.warn).toHaveBeenCalledWith(
      expect.stringContaining(
-        'The \'assistants\' endpoint has both \'supportedIds\' and \'excludedIds\' defined.',
+        "The 'assistants' endpoint has both 'supportedIds' and 'excludedIds' defined.",
      ),
    );
  });
@@ -559,7 +567,7 @@ describe('AppService updating app.locals and issuing warnings', () => {
    const { logger } = require('~/config');
    expect(logger.warn).toHaveBeenCalledWith(
      expect.stringContaining(
-        'The \'assistants\' endpoint has both \'privateAssistants\' and \'supportedIds\' or \'excludedIds\' defined.',
+        "The 'assistants' endpoint has both 'privateAssistants' and 'supportedIds' or 'excludedIds' defined.",
      ),
    );
  });
--- a/api/server/services/AuthService.js
+++ b/api/server/services/AuthService.js
@@ -3,24 +3,23 @@ const { webcrypto } = require('node:crypto');
 const { SystemRoles, errorsToString } = require('librechat-data-provider');
 const {
  findUser,
-  countUsers,
  createUser,
  updateUser,
-  getUserById,
-  generateToken,
-  deleteUserById,
-} = require('~/models/userMethods');
-const {
-  createToken,
  findToken,
-  deleteTokens,
+  countUsers,
+  getUserById,
  findSession,
+  createToken,
+  deleteTokens,
  deleteSession,
  createSession,
+  generateToken,
+  deleteUserById,
  generateRefreshToken,
 } = require('~/models');
 const { isEnabled, checkEmailConfig, sendEmail } = require('~/server/utils');
 const { isEmailDomainAllowed } = require('~/server/services/domains');
+const { getBalanceConfig } = require('~/server/services/Config');
 const { registerSchema } = require('~/strategies/validators');
 const { logger } = require('~/config');

@@ -146,6 +145,7 @@ const verifyEmail = async (req) => {
  }

  const updatedUser = await updateUser(emailVerificationData.userId, { emailVerified: true });
+
  if (!updatedUser) {
    logger.warn(`[verifyEmail] [User update failed] [Email: ${decodedEmail}]`);
    return new Error('Failed to update user verification status');
@@ -155,6 +155,7 @@ const verifyEmail = async (req) => {
  logger.info(`[verifyEmail] Email verification successful [Email: ${decodedEmail}]`);
  return { message: 'Email verification was successful', status: 'success' };
 };
+
 /**
 * Register a new user.
 * @param {MongoUser} user <email, password, name, username>
@@ -216,7 +217,9 @@ const registerUser = async (user, additionalData = {}) => {

    const emailEnabled = checkEmailConfig();
    const disableTTL = isEnabled(process.env.ALLOW_UNVERIFIED_EMAIL_LOGIN);
-    const newUser = await createUser(newUserData, disableTTL, true);
+    const balanceConfig = await getBalanceConfig();
+
+    const newUser = await createUser(newUserData, balanceConfig, disableTTL, true);
    newUserId = newUser._id;
    if (emailEnabled && !newUser.emailVerified) {
      await sendVerificationEmail({
@@ -377,7 +380,12 @@ const setAuthTokens = async (userId, res, sessionId = null) => {
      secure: isProduction,
      sameSite: 'strict',
    });
-
+    res.cookie('token_provider', 'librechat', {
+      expires: new Date(refreshTokenExpires),
+      httpOnly: true,
+      secure: isProduction,
+      sameSite: 'strict',
+    });
    return token;
  } catch (error) {
    logger.error('[setAuthTokens] Error in setting authentication tokens:', error);
@@ -385,6 +393,51 @@ const setAuthTokens = async (userId, res, sessionId = null) => {
  }
 };

+/**
+ * @function setOpenIDAuthTokens
+ * Set OpenID Authentication Tokens
+ * //type tokenset from openid-client
+ * @param {import('openid-client').TokenEndpointResponse & import('openid-client').TokenEndpointResponseHelpers} tokenset
+ * - The tokenset object containing access and refresh tokens
+ * @param {Object} res - response object
+ * @returns {String} - access token
+ */
+const setOpenIDAuthTokens = (tokenset, res) => {
+  try {
+    if (!tokenset) {
+      logger.error('[setOpenIDAuthTokens] No tokenset found in request');
+      return;
+    }
+    const { REFRESH_TOKEN_EXPIRY } = process.env ?? {};
+    const expiryInMilliseconds = eval(REFRESH_TOKEN_EXPIRY) ?? 1000 * 60 * 60 * 24 * 7; // 7 days default
+    const expirationDate = new Date(Date.now() + expiryInMilliseconds);
+    if (tokenset == null) {
+      logger.error('[setOpenIDAuthTokens] No tokenset found in request');
+      return;
+    }
+    if (!tokenset.access_token || !tokenset.refresh_token) {
+      logger.error('[setOpenIDAuthTokens] No access or refresh token found in tokenset');
+      return;
+    }
+    res.cookie('refreshToken', tokenset.refresh_token, {
+      expires: expirationDate,
+      httpOnly: true,
+      secure: isProduction,
+      sameSite: 'strict',
+    });
+    res.cookie('token_provider', 'openid', {
+      expires: expirationDate,
+      httpOnly: true,
+      secure: isProduction,
+      sameSite: 'strict',
+    });
+    return tokenset.access_token;
+  } catch (error) {
+    logger.error('[setOpenIDAuthTokens] Error in setting authentication tokens:', error);
+    throw error;
+  }
+};
+
 /**
 * Resend Verification Email
 * @param {Object} req
@@ -452,4 +505,5 @@ module.exports = {
  resetPassword,
  requestPasswordReset,
  resendVerificationEmail,
+  setOpenIDAuthTokens,
 };
--- a/api/server/services/Config/getCustomConfig.js
+++ b/api/server/services/Config/getCustomConfig.js
@@ -10,17 +10,7 @@ const getLogStores = require('~/cache/getLogStores');
 * */
 async function getCustomConfig() {
  const cache = getLogStores(CacheKeys.CONFIG_STORE);
-  let customConfig = await cache.get(CacheKeys.CUSTOM_CONFIG);
-
-  if (!customConfig) {
-    customConfig = await loadCustomConfig();
-  }
-
-  if (!customConfig) {
-    return null;
-  }
-
-  return customConfig;
+  return (await cache.get(CacheKeys.CUSTOM_CONFIG)) || (await loadCustomConfig());
 }

 /**
--- a/api/server/services/Config/loadConfigEndpoints.js
+++ b/api/server/services/Config/loadConfigEndpoints.js
@@ -29,7 +29,14 @@ async function loadConfigEndpoints(req) {

    for (let i = 0; i < customEndpoints.length; i++) {
      const endpoint = customEndpoints[i];
-      const { baseURL, apiKey, name: configName, iconURL, modelDisplayLabel } = endpoint;
+      const {
+        baseURL,
+        apiKey,
+        name: configName,
+        iconURL,
+        modelDisplayLabel,
+        customParams,
+      } = endpoint;
      const name = normalizeEndpointName(configName);

      const resolvedApiKey = extractEnvVariable(apiKey);
@@ -41,6 +48,7 @@ async function loadConfigEndpoints(req) {
        userProvideURL: isUserProvided(resolvedBaseURL),
        modelDisplayLabel,
        iconURL,
+        customParams,
      };
    }
  }
--- a/api/server/services/Config/loadCustomConfig.js
+++ b/api/server/services/Config/loadCustomConfig.js
@@ -1,10 +1,18 @@
 const path = require('path');
-const { CacheKeys, configSchema, EImageOutputType } = require('librechat-data-provider');
+const {
+  CacheKeys,
+  configSchema,
+  EImageOutputType,
+  validateSettingDefinitions,
+  agentParamSettings,
+  paramSettings,
+} = require('librechat-data-provider');
 const getLogStores = require('~/cache/getLogStores');
 const loadYaml = require('~/utils/loadYaml');
 const { logger } = require('~/config');
 const axios = require('axios');
 const yaml = require('js-yaml');
+const keyBy = require('lodash/keyBy');

 const projectRoot = path.resolve(__dirname, '..', '..', '..', '..');
 const defaultConfigPath = path.resolve(projectRoot, 'librechat.yaml');
@@ -105,6 +113,10 @@ https://www.librechat.ai/docs/configuration/stt_tts`);
    logger.debug('Custom config:', customConfig);
  }

+  (customConfig.endpoints?.custom ?? [])
+    .filter((endpoint) => endpoint.customParams)
+    .forEach((endpoint) => parseCustomParams(endpoint.name, endpoint.customParams));
+
  if (customConfig.cache) {
    const cache = getLogStores(CacheKeys.CONFIG_STORE);
    await cache.set(CacheKeys.CUSTOM_CONFIG, customConfig);
@@ -117,4 +129,52 @@ https://www.librechat.ai/docs/configuration/stt_tts`);
  return customConfig;
 }

+// Validate and fill out missing values for custom parameters
+function parseCustomParams(endpointName, customParams) {
+  const paramEndpoint = customParams.defaultParamsEndpoint;
+  customParams.paramDefinitions = customParams.paramDefinitions || [];
+
+  // Checks if `defaultParamsEndpoint` is a key in `paramSettings`.
+  const validEndpoints = new Set([
+    ...Object.keys(paramSettings),
+    ...Object.keys(agentParamSettings),
+  ]);
+  if (!validEndpoints.has(paramEndpoint)) {
+    throw new Error(
+      `defaultParamsEndpoint of "${endpointName}" endpoint is invalid. ` +
+        `Valid options are ${Array.from(validEndpoints).join(', ')}`,
+    );
+  }
+
+  // creates default param maps
+  const regularParams = paramSettings[paramEndpoint] ?? [];
+  const agentParams = agentParamSettings[paramEndpoint] ?? [];
+  const defaultParams = regularParams.concat(agentParams);
+  const defaultParamsMap = keyBy(defaultParams, 'key');
+
+  // TODO: Remove this check once we support new parameters not part of default parameters.
+  // Checks if every key in `paramDefinitions` is valid.
+  const validKeys = new Set(Object.keys(defaultParamsMap));
+  const paramKeys = customParams.paramDefinitions.map((param) => param.key);
+  if (paramKeys.some((key) => !validKeys.has(key))) {
+    throw new Error(
+      `paramDefinitions of "${endpointName}" endpoint contains invalid key(s). ` +
+        `Valid parameter keys are ${Array.from(validKeys).join(', ')}`,
+    );
+  }
+
+  // Fill out missing values for custom param definitions
+  customParams.paramDefinitions = customParams.paramDefinitions.map((param) => {
+    return { ...defaultParamsMap[param.key], ...param, optionType: 'custom' };
+  });
+
+  try {
+    validateSettingDefinitions(customParams.paramDefinitions);
+  } catch (e) {
+    throw new Error(
+      `Custom parameter definitions for "${endpointName}" endpoint is malformed: ${e.message}`,
+    );
+  }
+}
+
 module.exports = loadCustomConfig;
--- a/api/server/services/Config/loadCustomConfig.spec.js
+++ b/api/server/services/Config/loadCustomConfig.spec.js
@@ -1,6 +1,34 @@
 jest.mock('axios');
 jest.mock('~/cache/getLogStores');
 jest.mock('~/utils/loadYaml');
+jest.mock('librechat-data-provider', () => {
+  const actual = jest.requireActual('librechat-data-provider');
+  return {
+    ...actual,
+    paramSettings: { foo: {}, bar: {}, custom: {} },
+    agentParamSettings: {
+      custom: [],
+      google: [
+        {
+          key: 'pressure',
+          type: 'string',
+          component: 'input',
+        },
+        {
+          key: 'temperature',
+          type: 'number',
+          component: 'slider',
+          default: 0.5,
+          range: {
+            min: 0,
+            max: 2,
+            step: 0.01,
+          },
+        },
+      ],
+    },
+  };
+});

 const axios = require('axios');
 const loadCustomConfig = require('./loadCustomConfig');
@@ -150,4 +178,126 @@ describe('loadCustomConfig', () => {
    expect(logger.info).toHaveBeenCalledWith(JSON.stringify(mockConfig, null, 2));
    expect(logger.debug).toHaveBeenCalledWith('Custom config:', mockConfig);
  });
+
+  describe('parseCustomParams', () => {
+    const mockConfig = {
+      version: '1.0',
+      cache: false,
+      endpoints: {
+        custom: [
+          {
+            name: 'Google',
+            apiKey: 'user_provided',
+            customParams: {},
+          },
+        ],
+      },
+    };
+
+    async function loadCustomParams(customParams) {
+      mockConfig.endpoints.custom[0].customParams = customParams;
+      loadYaml.mockReturnValue(mockConfig);
+      return await loadCustomConfig();
+    }
+
+    beforeEach(() => {
+      jest.resetAllMocks();
+      process.env.CONFIG_PATH = 'validConfig.yaml';
+    });
+
+    it('returns no error when customParams is undefined', async () => {
+      const result = await loadCustomParams(undefined);
+      expect(result).toEqual(mockConfig);
+    });
+
+    it('returns no error when customParams is valid', async () => {
+      const result = await loadCustomParams({
+        defaultParamsEndpoint: 'google',
+        paramDefinitions: [
+          {
+            key: 'temperature',
+            default: 0.5,
+          },
+        ],
+      });
+      expect(result).toEqual(mockConfig);
+    });
+
+    it('throws an error when paramDefinitions contain unsupported keys', async () => {
+      const malformedCustomParams = {
+        defaultParamsEndpoint: 'google',
+        paramDefinitions: [
+          { key: 'temperature', default: 0.5 },
+          { key: 'unsupportedKey', range: 0.5 },
+        ],
+      };
+      await expect(loadCustomParams(malformedCustomParams)).rejects.toThrow(
+        'paramDefinitions of "Google" endpoint contains invalid key(s). Valid parameter keys are pressure, temperature',
+      );
+    });
+
+    it('throws an error when paramDefinitions is malformed', async () => {
+      const malformedCustomParams = {
+        defaultParamsEndpoint: 'google',
+        paramDefinitions: [
+          {
+            key: 'temperature',
+            type: 'noomba',
+            component: 'inpoot',
+            optionType: 'custom',
+          },
+        ],
+      };
+      await expect(loadCustomParams(malformedCustomParams)).rejects.toThrow(
+        /Custom parameter definitions for "Google" endpoint is malformed:/,
+      );
+    });
+
+    it('throws an error when defaultParamsEndpoint is not provided', async () => {
+      const malformedCustomParams = { defaultParamsEndpoint: undefined };
+      await expect(loadCustomParams(malformedCustomParams)).rejects.toThrow(
+        'defaultParamsEndpoint of "Google" endpoint is invalid. Valid options are foo, bar, custom, google',
+      );
+    });
+
+    it('fills the paramDefinitions with missing values', async () => {
+      const customParams = {
+        defaultParamsEndpoint: 'google',
+        paramDefinitions: [
+          { key: 'temperature', default: 0.7, range: { min: 0.1, max: 0.9, step: 0.1 } },
+          { key: 'pressure', component: 'textarea' },
+        ],
+      };
+
+      const parsedConfig = await loadCustomParams(customParams);
+      const paramDefinitions = parsedConfig.endpoints.custom[0].customParams.paramDefinitions;
+      expect(paramDefinitions).toEqual([
+        {
+          columnSpan: 1,
+          component: 'slider',
+          default: 0.7, // overridden
+          includeInput: true,
+          key: 'temperature',
+          label: 'temperature',
+          optionType: 'custom',
+          range: {
+            // overridden
+            max: 0.9,
+            min: 0.1,
+            step: 0.1,
+          },
+          type: 'number',
+        },
+        {
+          columnSpan: 1,
+          component: 'textarea', // overridden
+          key: 'pressure',
+          label: 'pressure',
+          optionType: 'custom',
+          placeholder: '',
+          type: 'string',
+        },
+      ]);
+    });
+  });
 });
--- a/api/server/services/Endpoints/anthropic/helpers.js
+++ b/api/server/services/Endpoints/anthropic/helpers.js
@@ -15,20 +15,14 @@ function checkPromptCacheSupport(modelName) {
    return false;
  }

-  if (
-    modelMatch === 'claude-3-7-sonnet' ||
-    modelMatch === 'claude-3-5-sonnet' ||
-    modelMatch === 'claude-3-5-haiku' ||
-    modelMatch === 'claude-3-haiku' ||
-    modelMatch === 'claude-3-opus' ||
-    modelMatch === 'claude-3.7-sonnet' ||
-    modelMatch === 'claude-3.5-sonnet' ||
-    modelMatch === 'claude-3.5-haiku'
-  ) {
-    return true;
-  }
-
-  return false;
+  return (
+    /claude-3[-.]7/.test(modelMatch) ||
+    /claude-3[-.]5-(?:sonnet|haiku)/.test(modelMatch) ||
+    /claude-3-(?:sonnet|haiku|opus)?/.test(modelMatch) ||
+    /claude-(?:sonnet|opus|haiku)-[4-9]/.test(modelMatch) ||
+    /claude-[4-9]-(?:sonnet|opus|haiku)?/.test(modelMatch) ||
+    /claude-4(?:-(?:sonnet|opus|haiku))?/.test(modelMatch)
+  );
 }

 /**
@@ -51,6 +45,14 @@ function getClaudeHeaders(model, supportsCacheControl) {
      'anthropic-beta':
        'token-efficient-tools-2025-02-19,output-128k-2025-02-19,prompt-caching-2024-07-31',
    };
+  } else if (
+    /claude-(?:sonnet|opus|haiku)-[4-9]/.test(model) ||
+    /claude-[4-9]-(?:sonnet|opus|haiku)?/.test(model) ||
+    /claude-4(?:-(?:sonnet|opus|haiku))?/.test(model)
+  ) {
+    return {
+      'anthropic-beta': 'prompt-caching-2024-07-31',
+    };
  } else {
    return {
      'anthropic-beta': 'prompt-caching-2024-07-31',
@@ -72,7 +74,8 @@ function configureReasoning(anthropicInput, extendedOptions = {}) {
  if (
    extendedOptions.thinking &&
    updatedOptions?.model &&
-    /claude-3[-.]7/.test(updatedOptions.model)
+    (/claude-3[-.]7/.test(updatedOptions.model) ||
+      /claude-(?:sonnet|opus|haiku)-[4-9]/.test(updatedOptions.model))
  ) {
    updatedOptions.thinking = {
      type: 'enabled',
--- a/Show More
+++ b/Show More