Merge remote-tracking branch 'origin/master' into feature/flexible-collections

2025-07-14 06:07:36 -05:00 · 2023-10-23 08:47:11 +10:00
parent 52e723c57a 728cd1c0b5
commit cd376bee7f
196 changed files with 1219 additions and 817 deletions
--- a/src/Admin/Controllers/OrganizationsController.cs
+++ b/src/Admin/Controllers/OrganizationsController.cs
@ -2,6 +2,8 @@
 using Bit.Admin.Models;
 using Bit.Admin.Services;
 using Bit.Admin.Utilities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
--- a/src/Admin/Models/OrganizationEditModel.cs
+++ b/src/Admin/Models/OrganizationEditModel.cs
@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Entities;
 using Bit.Core.Entities.Provider;
 using Bit.Core.Enums;
--- a/src/Admin/Models/OrganizationViewModel.cs
+++ b/src/Admin/Models/OrganizationViewModel.cs
@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Entities;
 using Bit.Core.Entities.Provider;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
--- a/src/Api/AdminConsole/Controllers/GroupsController.cs
+++ b/src/Api/AdminConsole/Controllers/GroupsController.cs
@ -1,14 +1,16 @@
-using Bit.Api.Models.Request;
+using Bit.Api.AdminConsole.Models.Request;
+using Bit.Api.AdminConsole.Models.Response;
 using Bit.Api.Models.Response;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.AdminConsole.Services;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.Repositories;
-using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("organizations/{orgId}/groups")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs
+++ b/src/Api/AdminConsole/Controllers/OrganizationUsersController.cs
@ -1,6 +1,8 @@
-using Bit.Api.Models.Request.Organizations;
+using Bit.Api.AdminConsole.Models.Request.Organizations;
+using Bit.Api.AdminConsole.Models.Response.Organizations;
+using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;
-using Bit.Api.Models.Response.Organizations;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Context;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
@ -14,7 +16,7 @@ using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("organizations/{orgId}/users")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/OrganizationsController.cs
+++ b/src/Api/AdminConsole/Controllers/OrganizationsController.cs
@ -1,4 +1,8 @@
 using System.Text.Json;
+using Bit.Api.AdminConsole.Models.Request;
+using Bit.Api.AdminConsole.Models.Request.Organizations;
+using Bit.Api.AdminConsole.Models.Response;
+using Bit.Api.AdminConsole.Models.Response.Organizations;
 using Bit.Api.Auth.Models.Request.Accounts;
 using Bit.Api.Auth.Models.Request.Organizations;
 using Bit.Api.Auth.Models.Response.Organizations;
@ -6,7 +10,6 @@ using Bit.Api.Models.Request;
 using Bit.Api.Models.Request.Accounts;
 using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;
-using Bit.Api.Models.Response.Organizations;
 using Bit.Core;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Auth.Repositories;
@ -26,7 +29,7 @@ using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("organizations")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/PoliciesController.cs
+++ b/src/Api/AdminConsole/Controllers/PoliciesController.cs
@ -1,4 +1,4 @@
-using Bit.Api.Models.Request;
+using Bit.Api.AdminConsole.Models.Request;
 using Bit.Api.Models.Response;
 using Bit.Core.Context;
 using Bit.Core.Enums;
@ -12,7 +12,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("organizations/{orgId}/policies")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/ProviderOrganizationsController.cs
+++ b/src/Api/AdminConsole/Controllers/ProviderOrganizationsController.cs
@ -1,6 +1,6 @@
-using Bit.Api.Models.Request.Providers;
+using Bit.Api.AdminConsole.Models.Request.Providers;
+using Bit.Api.AdminConsole.Models.Response.Providers;
 using Bit.Api.Models.Response;
-using Bit.Api.Models.Response.Providers;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
@ -9,7 +9,7 @@ using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("providers/{providerId:guid}/organizations")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/ProviderUsersController.cs
+++ b/src/Api/AdminConsole/Controllers/ProviderUsersController.cs
@ -1,6 +1,6 @@
-using Bit.Api.Models.Request.Providers;
+using Bit.Api.AdminConsole.Models.Request.Providers;
+using Bit.Api.AdminConsole.Models.Response.Providers;
 using Bit.Api.Models.Response;
-using Bit.Api.Models.Response.Providers;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Business.Provider;
@ -9,7 +9,7 @@ using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("providers/{providerId:guid}/users")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Controllers/ProvidersController.cs
+++ b/src/Api/AdminConsole/Controllers/ProvidersController.cs
@ -1,5 +1,5 @@
-using Bit.Api.Models.Request.Providers;
-using Bit.Api.Models.Response.Providers;
+using Bit.Api.AdminConsole.Models.Request.Providers;
+using Bit.Api.AdminConsole.Models.Response.Providers;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
@ -8,7 +8,7 @@ using Bit.Core.Settings;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Controllers;
+namespace Bit.Api.AdminConsole.Controllers;

 [Route("providers")]
 [Authorize("Application")]
--- a/src/Api/AdminConsole/Models/Request/GroupRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/GroupRequestModel.cs
@ -1,7 +1,8 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Core.Entities;
+using Bit.Api.Models.Request;
+using Bit.Core.AdminConsole.Entities;

-namespace Bit.Api.Models.Request;
+namespace Bit.Api.AdminConsole.Models.Request;

 public class GroupRequestModel
 {
--- a/src/Api/Models/Request/Organizations/ImportOrganizationUsersRequestModel.cs
+++ b/src/Api/Models/Request/Organizations/ImportOrganizationUsersRequestModel.cs
@ -1,7 +1,8 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.AdminConsole.Models.Business;
 using Bit.Core.Models.Business;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request;

 public class ImportOrganizationUsersRequestModel
 {
@ -24,7 +25,7 @@ public class ImportOrganizationUsersRequestModel
        {
            var importedGroup = new ImportedGroup
            {
-                Group = new Core.Entities.Group
+                Group = new Core.AdminConsole.Entities.Group
                {
                    OrganizationId = organizationId,
                    Name = Name,
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationApiKeyRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationApiKeyRequestModel.cs
@ -1,7 +1,7 @@
 using Bit.Api.Auth.Models.Request.Accounts;
 using Bit.Core.Enums;

-namespace Bit.Api.Models.Request.Accounts;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationApiKeyRequestModel : SecretVerificationRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationCreateRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationCreateRequestModel.cs
@ -4,7 +4,7 @@ using Bit.Core.Enums;
 using Bit.Core.Models.Business;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationCreateRequestModel : IValidatableObject
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationKeysRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationKeysRequestModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Models.Business;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationKeysRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationSeatRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationSeatRequestModel.cs
@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationSeatRequestModel : IValidatableObject
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUpdateRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUpdateRequestModel.cs
@ -3,7 +3,7 @@ using Bit.Core.Entities;
 using Bit.Core.Models.Data;
 using Bit.Core.Settings;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationUpdateRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUpgradeRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUpgradeRequestModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Enums;
 using Bit.Core.Models.Business;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationUpgradeRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUserRequestModels.cs
+++ b/src/Api/AdminConsole/Models/Request/Organizations/OrganizationUserRequestModels.cs
@ -1,11 +1,12 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.Models.Request;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Request.Organizations;
+namespace Bit.Api.AdminConsole.Models.Request.Organizations;

 public class OrganizationUserInviteRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/PolicyRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/PolicyRequestModel.cs
@ -3,7 +3,7 @@ using System.Text.Json;
 using Bit.Core.Entities;
 using Bit.Core.Enums;

-namespace Bit.Api.Models.Request;
+namespace Bit.Api.AdminConsole.Models.Request;

 public class PolicyRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Providers/ProviderOrganizationAddRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Providers/ProviderOrganizationAddRequestModel.cs
@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;

-namespace Bit.Api.Models.Request.Providers;
+namespace Bit.Api.AdminConsole.Models.Request.Providers;

 public class ProviderOrganizationAddRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Providers/ProviderOrganizationCreateRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Providers/ProviderOrganizationCreateRequestModel.cs
@ -1,8 +1,8 @@
 using System.ComponentModel.DataAnnotations;
-using Bit.Api.Models.Request.Organizations;
+using Bit.Api.AdminConsole.Models.Request.Organizations;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Request.Providers;
+namespace Bit.Api.AdminConsole.Models.Request.Providers;

 public class ProviderOrganizationCreateRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Providers/ProviderSetupRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Providers/ProviderSetupRequestModel.cs
@ -1,7 +1,7 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Entities.Provider;

-namespace Bit.Api.Models.Request.Providers;
+namespace Bit.Api.AdminConsole.Models.Request.Providers;

 public class ProviderSetupRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Providers/ProviderUpdateRequestModel.cs
+++ b/src/Api/AdminConsole/Models/Request/Providers/ProviderUpdateRequestModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Entities.Provider;
 using Bit.Core.Settings;

-namespace Bit.Api.Models.Request.Providers;
+namespace Bit.Api.AdminConsole.Models.Request.Providers;

 public class ProviderUpdateRequestModel
 {
--- a/src/Api/AdminConsole/Models/Request/Providers/ProviderUserRequestModels.cs
+++ b/src/Api/AdminConsole/Models/Request/Providers/ProviderUserRequestModels.cs
@ -3,7 +3,7 @@ using Bit.Core.Entities.Provider;
 using Bit.Core.Enums.Provider;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Request.Providers;
+namespace Bit.Api.AdminConsole.Models.Request.Providers;

 public class ProviderUserInviteRequestModel
 {
--- a/src/Api/AdminConsole/Models/Response/GroupResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/GroupResponseModel.cs
@ -1,8 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Api.Models.Response;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;

-namespace Bit.Api.Models.Response;
+namespace Bit.Api.AdminConsole.Models.Response;

 public class GroupResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationApiKeyInformationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationApiKeyInformationResponseModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationApiKeyInformation : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationAutoEnrollStatusResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationAutoEnrollStatusResponseModel.cs
@ -1,6 +1,6 @@
 using Bit.Core.Models.Api;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationAutoEnrollStatusResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationKeysResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationKeysResponseModel.cs
@ -1,7 +1,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Models.Api;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationKeysResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationPublicKeyResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationPublicKeyResponseModel.cs
@ -1,7 +1,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Models.Api;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationPublicKeyResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationResponseModel.cs
@ -1,11 +1,12 @@
-using Bit.Core.Entities;
+using Bit.Api.Models.Response;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Business;
 using Bit.Core.Utilities;
 using Constants = Bit.Core.Constants;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Organizations/OrganizationUserResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Organizations/OrganizationUserResponseModel.cs
@ -1,4 +1,5 @@
 using System.Text.Json.Serialization;
+using Bit.Api.Models.Response;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Api;
@ -6,7 +7,7 @@ using Bit.Core.Models.Data;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Response.Organizations;
+namespace Bit.Api.AdminConsole.Models.Response.Organizations;

 public class OrganizationUserResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/ProfileOrganizationResponseModel.cs
@ -7,7 +7,7 @@ using Bit.Core.Models.Data;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Response;
+namespace Bit.Api.AdminConsole.Models.Response;

 public class ProfileOrganizationResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/ProfileProviderOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/ProfileProviderOrganizationResponseModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Models.Data;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Response;
+namespace Bit.Api.AdminConsole.Models.Response;

 public class ProfileProviderOrganizationResponseModel : ProfileOrganizationResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Providers/ProfileProviderResponseModel.cs
@ -3,7 +3,7 @@ using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Response.Providers;
+namespace Bit.Api.AdminConsole.Models.Response.Providers;

 public class ProfileProviderResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Providers/ProviderOrganizationResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Providers/ProviderOrganizationResponseModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;

-namespace Bit.Api.Models.Response.Providers;
+namespace Bit.Api.AdminConsole.Models.Response.Providers;

 public class ProviderOrganizationResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Providers/ProviderResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Providers/ProviderResponseModel.cs
@ -1,7 +1,7 @@
 using Bit.Core.Entities.Provider;
 using Bit.Core.Models.Api;

-namespace Bit.Api.Models.Response.Providers;
+namespace Bit.Api.AdminConsole.Models.Response.Providers;

 public class ProviderResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Models/Response/Providers/ProviderUserResponseModel.cs
+++ b/src/Api/AdminConsole/Models/Response/Providers/ProviderUserResponseModel.cs
@ -4,7 +4,7 @@ using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Response.Providers;
+namespace Bit.Api.AdminConsole.Models.Response.Providers;

 public class ProviderUserResponseModel : ResponseModel
 {
--- a/src/Api/AdminConsole/Public/Controllers/GroupsController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/GroupsController.cs
@ -1,13 +1,15 @@
 using System.Net;
-using Bit.Api.Models.Public.Request;
+using Bit.Api.AdminConsole.Public.Models.Request;
+using Bit.Api.AdminConsole.Public.Models.Response;
 using Bit.Api.Models.Public.Response;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Context;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.Repositories;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Public.Controllers;
+namespace Bit.Api.AdminConsole.Public.Controllers;

 [Route("public/groups")]
 [Authorize("Organization")]
--- a/src/Api/AdminConsole/Public/Controllers/MembersController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/MembersController.cs
@ -1,6 +1,8 @@
 using System.Net;
-using Bit.Api.Models.Public.Request;
+using Bit.Api.AdminConsole.Public.Models.Request;
+using Bit.Api.AdminConsole.Public.Models.Response;
 using Bit.Api.Models.Public.Response;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Context;
 using Bit.Core.Models.Business;
 using Bit.Core.OrganizationFeatures.OrganizationUsers.Interfaces;
@ -9,7 +11,7 @@ using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Public.Controllers;
+namespace Bit.Api.AdminConsole.Public.Controllers;

 [Route("public/members")]
 [Authorize("Organization")]
--- a/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/OrganizationController.cs
@ -1,5 +1,6 @@
 using System.Net;
-using Bit.Api.Models.Public.Request;
+using Bit.Api.AdminConsole.Public.Models.Request;
+using Bit.Api.AdminConsole.Public.Models.Response;
 using Bit.Api.Models.Public.Response;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
@ -8,7 +9,7 @@ using Bit.Core.Settings;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Public.Controllers;
+namespace Bit.Api.AdminConsole.Public.Controllers;

 [Route("public/organization")]
 [Authorize("Organization")]
--- a/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs
+++ b/src/Api/AdminConsole/Public/Controllers/PoliciesController.cs
@ -1,5 +1,6 @@
 using System.Net;
-using Bit.Api.Models.Public.Request;
+using Bit.Api.AdminConsole.Public.Models.Request;
+using Bit.Api.AdminConsole.Public.Models.Response;
 using Bit.Api.Models.Public.Response;
 using Bit.Core.Context;
 using Bit.Core.Enums;
@ -8,7 +9,7 @@ using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace Bit.Api.Public.Controllers;
+namespace Bit.Api.AdminConsole.Public.Controllers;

 [Route("public/policies")]
 [Authorize("Organization")]
--- a/src/Api/AdminConsole/Public/Models/GroupBaseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/GroupBaseModel.cs
@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;

-namespace Bit.Api.Models.Public;
+namespace Bit.Api.AdminConsole.Public.Models;

 public abstract class GroupBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/MemberBaseModel.cs
@ -3,7 +3,7 @@ using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;

-namespace Bit.Api.Models.Public;
+namespace Bit.Api.AdminConsole.Public.Models;

 public abstract class MemberBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/PolicyBaseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/PolicyBaseModel.cs
@ -1,6 +1,6 @@
 using System.ComponentModel.DataAnnotations;

-namespace Bit.Api.Models.Public;
+namespace Bit.Api.AdminConsole.Public.Models;

 public abstract class PolicyBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/GroupCreateUpdateRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/GroupCreateUpdateRequestModel.cs
@ -1,7 +1,7 @@
 using Bit.Api.Auth.Models.Public.Request;
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;

-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class GroupCreateUpdateRequestModel : GroupBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/MemberCreateRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/MemberCreateRequestModel.cs
@ -2,7 +2,7 @@
 using Bit.Core.Entities;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class MemberCreateRequestModel : MemberUpdateRequestModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/MemberUpdateRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/MemberUpdateRequestModel.cs
@ -1,7 +1,7 @@
 using Bit.Api.Auth.Models.Public.Request;
 using Bit.Core.Entities;

-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class MemberUpdateRequestModel : MemberBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/OrganizationImportRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/OrganizationImportRequestModel.cs
@ -1,10 +1,11 @@
 using System.ComponentModel.DataAnnotations;
 using System.Text.Json.Serialization;
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Models.Business;
 using Bit.Core.Models.Business;
 using Bit.Core.Utilities;

-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class OrganizationImportRequestModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/PolicyUpdateRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/PolicyUpdateRequestModel.cs
@ -1,7 +1,7 @@
 using System.Text.Json;
 using Bit.Core.Entities;

-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class PolicyUpdateRequestModel : PolicyBaseModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/UpdateGroupIdsRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/UpdateGroupIdsRequestModel.cs
@ -1,4 +1,4 @@
-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class UpdateGroupIdsRequestModel
 {
--- a/src/Api/AdminConsole/Public/Models/Request/UpdateMemberIdsRequestModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Request/UpdateMemberIdsRequestModel.cs
@ -1,4 +1,4 @@
-namespace Bit.Api.Models.Public.Request;
+namespace Bit.Api.AdminConsole.Public.Models.Request;

 public class UpdateMemberIdsRequestModel
 {
--- a/src/Api/AdminConsole/Public/Models/Response/GroupResponseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Response/GroupResponseModel.cs
@ -1,9 +1,10 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Api.Auth.Models.Public.Response;
-using Bit.Core.Entities;
+using Bit.Api.Models.Public.Response;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Models.Data;

-namespace Bit.Api.Models.Public.Response;
+namespace Bit.Api.AdminConsole.Public.Models.Response;

 /// <summary>
 /// A user group.
--- a/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Response/MemberResponseModel.cs
@ -1,11 +1,12 @@
 using System.ComponentModel.DataAnnotations;
 using Bit.Api.Auth.Models.Public.Response;
+using Bit.Api.Models.Public.Response;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;

-namespace Bit.Api.Models.Public.Response;
+namespace Bit.Api.AdminConsole.Public.Models.Response;

 /// <summary>
 /// An organization member.
--- a/src/Api/AdminConsole/Public/Models/Response/PolicyResponseModel.cs
+++ b/src/Api/AdminConsole/Public/Models/Response/PolicyResponseModel.cs
@ -1,9 +1,10 @@
 using System.ComponentModel.DataAnnotations;
 using System.Text.Json;
+using Bit.Api.Models.Public.Response;
 using Bit.Core.Entities;
 using Bit.Core.Enums;

-namespace Bit.Api.Models.Public.Response;
+namespace Bit.Api.AdminConsole.Public.Models.Response;

 /// <summary>
 /// A policy.
--- a/src/Api/Auth/Controllers/EmergencyAccessController.cs
+++ b/src/Api/Auth/Controllers/EmergencyAccessController.cs
@ -1,6 +1,6 @@
-using Bit.Api.Auth.Models.Request;
+using Bit.Api.AdminConsole.Models.Request.Organizations;
+using Bit.Api.Auth.Models.Request;
 using Bit.Api.Auth.Models.Response;
-using Bit.Api.Models.Request.Organizations;
 using Bit.Api.Models.Response;
 using Bit.Api.Vault.Models.Response;
 using Bit.Core.Auth.Services;
--- a/src/Api/Controllers/AccountsController.cs
+++ b/src/Api/Controllers/AccountsController.cs
@ -1,4 +1,5 @@
-using Bit.Api.Auth.Models.Request.Accounts;
+using Bit.Api.AdminConsole.Models.Response;
+using Bit.Api.Auth.Models.Request.Accounts;
 using Bit.Api.Models.Request;
 using Bit.Api.Models.Request.Accounts;
 using Bit.Api.Models.Response;
--- a/src/Api/Controllers/EventsController.cs
+++ b/src/Api/Controllers/EventsController.cs
@ -1,4 +1,5 @@
 using Bit.Api.Models.Response;
+using Bit.Api.Utilities;
 using Bit.Core.Context;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Data;
@ -41,7 +42,7 @@ public class EventsController : Controller
    public async Task<ListResponseModel<EventResponseModel>> GetUser(
        [FromQuery] DateTime? start = null, [FromQuery] DateTime? end = null, [FromQuery] string continuationToken = null)
    {
-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var userId = _userService.GetProperUserId(User).Value;
        var result = await _eventRepository.GetManyByUserAsync(userId, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
@ -75,7 +76,7 @@ public class EventsController : Controller
            throw new NotFoundException();
        }

-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var result = await _eventRepository.GetManyByCipherAsync(cipher, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
        var responses = result.Data.Select(e => new EventResponseModel(e));
@ -92,7 +93,7 @@ public class EventsController : Controller
            throw new NotFoundException();
        }

-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var result = await _eventRepository.GetManyByOrganizationAsync(orgId, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
        var responses = result.Data.Select(e => new EventResponseModel(e));
@ -110,7 +111,7 @@ public class EventsController : Controller
            throw new NotFoundException();
        }

-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var result = await _eventRepository.GetManyByOrganizationActingUserAsync(organizationUser.OrganizationId,
            organizationUser.UserId.Value, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
@ -127,7 +128,7 @@ public class EventsController : Controller
            throw new NotFoundException();
        }

-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var result = await _eventRepository.GetManyByProviderAsync(providerId, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
        var responses = result.Data.Select(e => new EventResponseModel(e));
@ -145,33 +146,11 @@ public class EventsController : Controller
            throw new NotFoundException();
        }

-        var dateRange = GetDateRange(start, end);
+        var dateRange = ApiHelpers.GetDateRange(start, end);
        var result = await _eventRepository.GetManyByProviderActingUserAsync(providerUser.ProviderId,
            providerUser.UserId.Value, dateRange.Item1, dateRange.Item2,
            new PageOptions { ContinuationToken = continuationToken });
        var responses = result.Data.Select(e => new EventResponseModel(e));
        return new ListResponseModel<EventResponseModel>(responses, result.ContinuationToken);
    }
-
-    private Tuple<DateTime, DateTime> GetDateRange(DateTime? start, DateTime? end)
-    {
-        if (!end.HasValue || !start.HasValue)
-        {
-            end = DateTime.UtcNow.Date.AddDays(1).AddMilliseconds(-1);
-            start = DateTime.UtcNow.Date.AddDays(-30);
-        }
-        else if (start.Value > end.Value)
-        {
-            var newEnd = start;
-            start = end;
-            end = newEnd;
-        }
-
-        if ((end.Value - start.Value) > TimeSpan.FromDays(367))
-        {
-            throw new BadRequestException("Range too large.");
-        }
-
-        return new Tuple<DateTime, DateTime>(start.Value, end.Value);
-    }
 }
--- a/src/Api/Controllers/OrganizationConnectionsController.cs
+++ b/src/Api/Controllers/OrganizationConnectionsController.cs
@ -78,7 +78,12 @@ public class OrganizationConnectionsController : Controller
    [HttpPut("{organizationConnectionId}")]
    public async Task<OrganizationConnectionResponseModel> UpdateConnection(Guid organizationConnectionId, [FromBody] OrganizationConnectionRequestModel model)
    {
-        var existingOrganizationConnection = await _organizationConnectionRepository.GetByIdAsync(organizationConnectionId);
+        if (model == null)
+        {
+            throw new NotFoundException();
+        }
+
+        var existingOrganizationConnection = await _organizationConnectionRepository.GetByIdOrganizationIdAsync(organizationConnectionId, model.OrganizationId);
        if (existingOrganizationConnection == null)
        {
            throw new NotFoundException();
--- a/src/Api/Controllers/OrganizationDomainController.cs
+++ b/src/Api/Controllers/OrganizationDomainController.cs
@ -19,7 +19,7 @@ public class OrganizationDomainController : Controller
    private readonly ICreateOrganizationDomainCommand _createOrganizationDomainCommand;
    private readonly IVerifyOrganizationDomainCommand _verifyOrganizationDomainCommand;
    private readonly IDeleteOrganizationDomainCommand _deleteOrganizationDomainCommand;
-    private readonly IGetOrganizationDomainByIdQuery _getOrganizationDomainByIdQuery;
+    private readonly IGetOrganizationDomainByIdOrganizationIdQuery _getOrganizationDomainByIdAndOrganizationIdQuery;
    private readonly IGetOrganizationDomainByOrganizationIdQuery _getOrganizationDomainByOrganizationIdQuery;
    private readonly ICurrentContext _currentContext;
    private readonly IOrganizationRepository _organizationRepository;
@ -29,7 +29,7 @@ public class OrganizationDomainController : Controller
        ICreateOrganizationDomainCommand createOrganizationDomainCommand,
        IVerifyOrganizationDomainCommand verifyOrganizationDomainCommand,
        IDeleteOrganizationDomainCommand deleteOrganizationDomainCommand,
-        IGetOrganizationDomainByIdQuery getOrganizationDomainByIdQuery,
+        IGetOrganizationDomainByIdOrganizationIdQuery getOrganizationDomainByIdAndOrganizationIdQuery,
        IGetOrganizationDomainByOrganizationIdQuery getOrganizationDomainByOrganizationIdQuery,
        ICurrentContext currentContext,
        IOrganizationRepository organizationRepository,
@ -38,7 +38,7 @@ public class OrganizationDomainController : Controller
        _createOrganizationDomainCommand = createOrganizationDomainCommand;
        _verifyOrganizationDomainCommand = verifyOrganizationDomainCommand;
        _deleteOrganizationDomainCommand = deleteOrganizationDomainCommand;
-        _getOrganizationDomainByIdQuery = getOrganizationDomainByIdQuery;
+        _getOrganizationDomainByIdAndOrganizationIdQuery = getOrganizationDomainByIdAndOrganizationIdQuery;
        _getOrganizationDomainByOrganizationIdQuery = getOrganizationDomainByOrganizationIdQuery;
        _currentContext = currentContext;
        _organizationRepository = organizationRepository;
@ -46,71 +46,78 @@ public class OrganizationDomainController : Controller
    }

    [HttpGet("{orgId}/domain")]
-    public async Task<ListResponseModel<OrganizationDomainResponseModel>> Get(string orgId)
+    public async Task<ListResponseModel<OrganizationDomainResponseModel>> Get(Guid orgId)
    {
-        var orgIdGuid = new Guid(orgId);
-        await ValidateOrganizationAccessAsync(orgIdGuid);
+        await ValidateOrganizationAccessAsync(orgId);

        var domains = await _getOrganizationDomainByOrganizationIdQuery
-            .GetDomainsByOrganizationId(orgIdGuid);
+            .GetDomainsByOrganizationIdAsync(orgId);
        var response = domains.Select(x => new OrganizationDomainResponseModel(x)).ToList();
        return new ListResponseModel<OrganizationDomainResponseModel>(response);
    }

    [HttpGet("{orgId}/domain/{id}")]
-    public async Task<OrganizationDomainResponseModel> Get(string orgId, string id)
+    public async Task<OrganizationDomainResponseModel> Get(Guid orgId, Guid id)
    {
-        var orgIdGuid = new Guid(orgId);
-        var IdGuid = new Guid(id);
-        await ValidateOrganizationAccessAsync(orgIdGuid);
+        await ValidateOrganizationAccessAsync(orgId);

-        var domain = await _getOrganizationDomainByIdQuery.GetOrganizationDomainById(IdGuid);
+        var organizationDomain = await _getOrganizationDomainByIdAndOrganizationIdQuery
+            .GetOrganizationDomainByIdOrganizationIdAsync(id, orgId);
+        if (organizationDomain is null)
+        {
+            throw new NotFoundException();
+        }
+
+        return new OrganizationDomainResponseModel(organizationDomain);
+    }
+
+    [HttpPost("{orgId}/domain")]
+    public async Task<OrganizationDomainResponseModel> Post(Guid orgId,
+        [FromBody] OrganizationDomainRequestModel model)
+    {
+        await ValidateOrganizationAccessAsync(orgId);
+
+        var organizationDomain = new OrganizationDomain
+        {
+            OrganizationId = orgId,
+            Txt = model.Txt,
+            DomainName = model.DomainName.ToLower()
+        };
+
+        organizationDomain = await _createOrganizationDomainCommand.CreateAsync(organizationDomain);
+
+        return new OrganizationDomainResponseModel(organizationDomain);
+    }
+
+    [HttpPost("{orgId}/domain/{id}/verify")]
+    public async Task<OrganizationDomainResponseModel> Verify(Guid orgId, Guid id)
+    {
+        await ValidateOrganizationAccessAsync(orgId);
+
+        var organizationDomain = await _organizationDomainRepository.GetDomainByIdOrganizationIdAsync(id, orgId);
+        if (organizationDomain is null)
+        {
+            throw new NotFoundException();
+        }
+
+        organizationDomain = await _verifyOrganizationDomainCommand.VerifyOrganizationDomainAsync(organizationDomain);
+
+        return new OrganizationDomainResponseModel(organizationDomain);
+    }
+
+    [HttpDelete("{orgId}/domain/{id}")]
+    [HttpPost("{orgId}/domain/{id}/remove")]
+    public async Task RemoveDomain(Guid orgId, Guid id)
+    {
+        await ValidateOrganizationAccessAsync(orgId);
+
+        var domain = await _organizationDomainRepository.GetDomainByIdOrganizationIdAsync(id, orgId);
        if (domain is null)
        {
            throw new NotFoundException();
        }

-        return new OrganizationDomainResponseModel(domain);
-    }
-
-    [HttpPost("{orgId}/domain")]
-    public async Task<OrganizationDomainResponseModel> Post(string orgId,
-        [FromBody] OrganizationDomainRequestModel model)
-    {
-        var orgIdGuid = new Guid(orgId);
-        await ValidateOrganizationAccessAsync(orgIdGuid);
-
-        var organizationDomain = new OrganizationDomain
-        {
-            OrganizationId = orgIdGuid,
-            Txt = model.Txt,
-            DomainName = model.DomainName.ToLower()
-        };
-
-        var domain = await _createOrganizationDomainCommand.CreateAsync(organizationDomain);
-        return new OrganizationDomainResponseModel(domain);
-    }
-
-    [HttpPost("{orgId}/domain/{id}/verify")]
-    public async Task<OrganizationDomainResponseModel> Verify(string orgId, string id)
-    {
-        var orgIdGuid = new Guid(orgId);
-        var idGuid = new Guid(id);
-        await ValidateOrganizationAccessAsync(orgIdGuid);
-
-        var domain = await _verifyOrganizationDomainCommand.VerifyOrganizationDomain(idGuid);
-        return new OrganizationDomainResponseModel(domain);
-    }
-
-    [HttpDelete("{orgId}/domain/{id}")]
-    [HttpPost("{orgId}/domain/{id}/remove")]
-    public async Task RemoveDomain(string orgId, string id)
-    {
-        var orgIdGuid = new Guid(orgId);
-        var idGuid = new Guid(id);
-        await ValidateOrganizationAccessAsync(orgIdGuid);
-
-        await _deleteOrganizationDomainCommand.DeleteAsync(idGuid);
+        await _deleteOrganizationDomainCommand.DeleteAsync(domain);
    }

    [AllowAnonymous]
--- a/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs
+++ b/src/Api/Controllers/SelfHosted/SelfHostedOrganizationLicensesController.cs
@ -1,6 +1,6 @@
-using Bit.Api.Models.Request;
+using Bit.Api.AdminConsole.Models.Response.Organizations;
+using Bit.Api.Models.Request;
 using Bit.Api.Models.Request.Organizations;
-using Bit.Api.Models.Response.Organizations;
 using Bit.Api.Utilities;
 using Bit.Core.Context;
 using Bit.Core.Enums;
--- a/src/Api/Models/Request/Organizations/OrganizationCreateLicenseRequestModel.cs
+++ b/src/Api/Models/Request/Organizations/OrganizationCreateLicenseRequestModel.cs
@ -1,4 +1,5 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Api.AdminConsole.Models.Request.Organizations;
 using Bit.Core.Utilities;

 namespace Bit.Api.Models.Request.Organizations;
--- a/src/Api/Models/Response/ProfileResponseModel.cs
+++ b/src/Api/Models/Response/ProfileResponseModel.cs
@ -1,4 +1,5 @@
-using Bit.Api.Models.Response.Providers;
+using Bit.Api.AdminConsole.Models.Response;
+using Bit.Api.AdminConsole.Models.Response.Providers;
 using Bit.Core.Entities;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Data;
--- a/src/Api/SecretsManager/Controllers/AccessPoliciesController.cs
+++ b/src/Api/SecretsManager/Controllers/AccessPoliciesController.cs
@ -1,6 +1,7 @@
 using Bit.Api.Models.Response;
 using Bit.Api.SecretsManager.Models.Request;
 using Bit.Api.SecretsManager.Models.Response;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Context;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
--- a/src/Api/SecretsManager/Controllers/SecretsManagerEventsController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsManagerEventsController.cs
@ -0,0 +1,52 @@
+using Bit.Api.Models.Response;
+using Bit.Api.Utilities;
+using Bit.Core.Exceptions;
+using Bit.Core.Models.Data;
+using Bit.Core.Repositories;
+using Bit.Core.SecretsManager.AuthorizationRequirements;
+using Bit.Core.SecretsManager.Repositories;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Bit.Api.SecretsManager.Controllers;
+
+[Authorize("secrets")]
+public class SecretsManagerEventsController : Controller
+{
+    private readonly IAuthorizationService _authorizationService;
+    private readonly IEventRepository _eventRepository;
+    private readonly IServiceAccountRepository _serviceAccountRepository;
+
+    public SecretsManagerEventsController(
+        IEventRepository eventRepository,
+        IServiceAccountRepository serviceAccountRepository,
+        IAuthorizationService authorizationService)
+    {
+        _authorizationService = authorizationService;
+        _serviceAccountRepository = serviceAccountRepository;
+        _eventRepository = eventRepository;
+    }
+
+    [HttpGet("sm/events/service-accounts/{serviceAccountId}")]
+    public async Task<ListResponseModel<EventResponseModel>> GetServiceAccountEventsAsync(Guid serviceAccountId,
+        [FromQuery] DateTime? start = null, [FromQuery] DateTime? end = null,
+        [FromQuery] string continuationToken = null)
+    {
+        var serviceAccount = await _serviceAccountRepository.GetByIdAsync(serviceAccountId);
+        var authorizationResult =
+            await _authorizationService.AuthorizeAsync(User, serviceAccount, ServiceAccountOperations.ReadEvents);
+
+        if (!authorizationResult.Succeeded)
+        {
+            throw new NotFoundException();
+        }
+
+        var dateRange = ApiHelpers.GetDateRange(start, end);
+
+        var result = await _eventRepository.GetManyByOrganizationServiceAccountAsync(serviceAccount.OrganizationId,
+            serviceAccount.Id, dateRange.Item1, dateRange.Item2,
+            new PageOptions { ContinuationToken = continuationToken });
+        var responses = result.Data.Select(e => new EventResponseModel(e));
+        return new ListResponseModel<EventResponseModel>(responses, result.ContinuationToken);
+    }
+}
--- a/src/Api/SecretsManager/Models/Response/PotentialGranteeResponseModel.cs
+++ b/src/Api/SecretsManager/Models/Response/PotentialGranteeResponseModel.cs
@ -1,4 +1,4 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Models.Api;
 using Bit.Core.Models.Data.Organizations.OrganizationUsers;
 using Bit.Core.SecretsManager.Entities;
--- a/src/Api/Utilities/ApiHelpers.cs
+++ b/src/Api/Utilities/ApiHelpers.cs
@ -1,6 +1,7 @@
 using System.Text.Json;
 using Azure.Messaging.EventGrid;
 using Azure.Messaging.EventGrid.SystemEvents;
+using Bit.Core.Exceptions;
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Mvc;

@ -69,4 +70,35 @@ public static class ApiHelpers

        return new OkObjectResult(response);
    }
+
+    /// <summary>
+    /// Validates and returns a date range. Currently used for fetching events.
+    /// </summary>
+    /// <param name="start">start date and time</param>
+    /// <param name="end">end date and time</param>
+    /// <remarks>
+    /// If start or end are null, will return a range of the last 30 days.
+    /// If a time span greater than 367 days is passed will throw BadRequestException.
+    /// </remarks>
+    public static Tuple<DateTime, DateTime> GetDateRange(DateTime? start, DateTime? end)
+    {
+        if (!end.HasValue || !start.HasValue)
+        {
+            end = DateTime.UtcNow.Date.AddDays(1).AddMilliseconds(-1);
+            start = DateTime.UtcNow.Date.AddDays(-30);
+        }
+        else if (start.Value > end.Value)
+        {
+            var newEnd = start;
+            start = end;
+            end = newEnd;
+        }
+
+        if ((end.Value - start.Value) > TimeSpan.FromDays(367))
+        {
+            throw new BadRequestException("Range too large.");
+        }
+
+        return new Tuple<DateTime, DateTime>(start.Value, end.Value);
+    }
 }
--- a/src/Billing/Utilities/PayPalIpnClient.cs
+++ b/src/Billing/Utilities/PayPalIpnClient.cs
@ -10,18 +10,22 @@ public class PayPalIpnClient
 {
    private readonly HttpClient _httpClient = new HttpClient();
    private readonly Uri _ipnUri;
+    private readonly ILogger<PayPalIpnClient> _logger;

-    public PayPalIpnClient(IOptions<BillingSettings> billingSettings)
+    public PayPalIpnClient(IOptions<BillingSettings> billingSettings, ILogger<PayPalIpnClient> logger)
    {
        var bSettings = billingSettings?.Value;
-        _ipnUri = new Uri(bSettings.PayPal.Production ? "https://www.paypal.com/cgi-bin/webscr" :
-            "https://www.sandbox.paypal.com/cgi-bin/webscr");
+        _ipnUri = new Uri(bSettings.PayPal.Production ? "https://ipnpb.paypal.com/cgi-bin/webscr" :
+            "https://ipnpb.sandbox.paypal.com/cgi-bin/webscr");
+        _logger = logger;
    }

    public async Task<bool> VerifyIpnAsync(string ipnBody)
    {
+        _logger.LogInformation("Verifying IPN with PayPal at {Timestamp}: {VerificationUri}", DateTime.UtcNow, _ipnUri);
        if (ipnBody == null)
        {
+            _logger.LogError("No IPN body.");
            throw new ArgumentException("No IPN body.");
        }

@ -30,6 +34,7 @@ public class PayPalIpnClient
            Method = HttpMethod.Post,
            RequestUri = _ipnUri
        };
+        _httpClient.DefaultRequestHeaders.Add("User-Agent", "CSharp-IPN-VerificationScript");
        var cmdIpnBody = string.Concat("cmd=_notify-validate&", ipnBody);
        request.Content = new StringContent(cmdIpnBody, Encoding.UTF8, "application/x-www-form-urlencoded");
        var response = await _httpClient.SendAsync(request);
@ -42,14 +47,14 @@ public class PayPalIpnClient
        {
            return true;
        }
-        else if (responseContent.Equals("INVALID"))
+
+        if (responseContent.Equals("INVALID"))
        {
+            _logger.LogWarning("Received an INVALID response from PayPal: {ResponseContent}", responseContent);
            return false;
        }
-        else
-        {
-            throw new Exception("Failed to verify IPN.");
-        }
+        _logger.LogError("Failed to verify IPN: {ResponseContent}", responseContent);
+        throw new Exception("Failed to verify IPN.");
    }

    public class IpnTransaction
--- a/src/Core/AdminConsole/Entities/Group.cs
+++ b/src/Core/AdminConsole/Entities/Group.cs
@ -1,8 +1,9 @@
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Entities;
 using Bit.Core.Models;
 using Bit.Core.Utilities;

-namespace Bit.Core.Entities;
+namespace Bit.Core.AdminConsole.Entities;

 public class Group : ITableObject<Guid>, IExternal
 {
--- a/src/Core/AdminConsole/Entities/GroupUser.cs
+++ b/src/Core/AdminConsole/Entities/GroupUser.cs
@ -1,4 +1,4 @@
-namespace Bit.Core.Entities;
+namespace Bit.Core.AdminConsole.Entities;

 public class GroupUser
 {
--- a/src/Core/AdminConsole/Models/Business/ImportedGroup.cs
+++ b/src/Core/AdminConsole/Models/Business/ImportedGroup.cs
@ -1,6 +1,6 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;

-namespace Bit.Core.Models.Business;
+namespace Bit.Core.AdminConsole.Models.Business;

 public class ImportedGroup
 {
--- a/src/Core/AdminConsole/Models/Data/GroupWithCollections.cs
+++ b/src/Core/AdminConsole/Models/Data/GroupWithCollections.cs
@ -1,7 +1,7 @@
 using System.Data;
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;

-namespace Bit.Core.Models.Data;
+namespace Bit.Core.AdminConsole.Models.Data;

 public class GroupWithCollections : Group
 {
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/CreateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/CreateGroupCommand.cs
@ -1,16 +1,18 @@
-using Bit.Core.Context;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Data;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Core.Tools.Enums;
 using Bit.Core.Tools.Models.Business;
 using Bit.Core.Tools.Services;

-namespace Bit.Core.OrganizationFeatures.Groups;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups;

 public class CreateGroupCommand : ICreateGroupCommand
 {
@ -46,7 +48,7 @@ public class CreateGroupCommand : ICreateGroupCommand
            await GroupRepositoryUpdateUsersAsync(group, users);
        }

-        await _eventService.LogGroupEventAsync(group, Enums.EventType.Group_Created);
+        await _eventService.LogGroupEventAsync(group, Core.Enums.EventType.Group_Created);
    }

    public async Task CreateGroupAsync(Group group, Organization organization, EventSystemUser systemUser,
@ -61,7 +63,7 @@ public class CreateGroupCommand : ICreateGroupCommand
            await GroupRepositoryUpdateUsersAsync(group, users, systemUser);
        }

-        await _eventService.LogGroupEventAsync(group, Enums.EventType.Group_Created, systemUser);
+        await _eventService.LogGroupEventAsync(group, Core.Enums.EventType.Group_Created, systemUser);
    }

    private async Task GroupRepositoryCreateGroupAsync(Group group, Organization organization, IEnumerable<CollectionAccessSelection> collections = null)
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/DeleteGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/DeleteGroupCommand.cs
@ -1,11 +1,11 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
-using Bit.Core.Repositories;
 using Bit.Core.Services;

-namespace Bit.Core.OrganizationFeatures.Groups;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups;

 public class DeleteGroupCommand : IDeleteGroupCommand
 {
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/ICreateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/ICreateGroupCommand.cs
@ -1,8 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;

-namespace Bit.Core.OrganizationFeatures.Groups.Interfaces;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;

 public interface ICreateGroupCommand
 {
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/IDeleteGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/IDeleteGroupCommand.cs
@ -1,7 +1,7 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Enums;

-namespace Bit.Core.OrganizationFeatures.Groups.Interfaces;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;

 public interface IDeleteGroupCommand
 {
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/IUpdateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/Interfaces/IUpdateGroupCommand.cs
@ -1,8 +1,9 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Models.Data;

-namespace Bit.Core.OrganizationFeatures.Groups.Interfaces;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;

 public interface IUpdateGroupCommand
 {
--- a/src/Core/AdminConsole/OrganizationFeatures/Groups/UpdateGroupCommand.cs
+++ b/src/Core/AdminConsole/OrganizationFeatures/Groups/UpdateGroupCommand.cs
@ -1,12 +1,14 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Models.Data;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.Repositories;
 using Bit.Core.Services;

-namespace Bit.Core.OrganizationFeatures.Groups;
+namespace Bit.Core.AdminConsole.OrganizationFeatures.Groups;

 public class UpdateGroupCommand : IUpdateGroupCommand
 {
@ -36,7 +38,7 @@ public class UpdateGroupCommand : IUpdateGroupCommand
            await GroupRepositoryUpdateUsersAsync(group, userIds);
        }

-        await _eventService.LogGroupEventAsync(group, Enums.EventType.Group_Updated);
+        await _eventService.LogGroupEventAsync(group, Core.Enums.EventType.Group_Updated);
    }

    public async Task UpdateGroupAsync(Group group, Organization organization, EventSystemUser systemUser,
@ -51,7 +53,7 @@ public class UpdateGroupCommand : IUpdateGroupCommand
            await GroupRepositoryUpdateUsersAsync(group, userIds, systemUser);
        }

-        await _eventService.LogGroupEventAsync(group, Enums.EventType.Group_Updated, systemUser);
+        await _eventService.LogGroupEventAsync(group, Core.Enums.EventType.Group_Updated, systemUser);
    }

    private async Task GroupRepositoryUpdateGroupAsync(Group group, IEnumerable<CollectionAccessSelection> collections = null)
--- a/src/Core/AdminConsole/Repositories/IGroupRepository.cs
+++ b/src/Core/AdminConsole/Repositories/IGroupRepository.cs
@ -1,7 +1,8 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Models.Data;
+using Bit.Core.Repositories;

-namespace Bit.Core.Repositories;
+namespace Bit.Core.AdminConsole.Repositories;

 public interface IGroupRepository : IRepository<Group, Guid>
 {
--- a/src/Core/AdminConsole/Services/IGroupService.cs
+++ b/src/Core/AdminConsole/Services/IGroupService.cs
@ -1,7 +1,7 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Enums;

-namespace Bit.Core.Services;
+namespace Bit.Core.AdminConsole.Services;

 public interface IGroupService
 {
--- a/src/Core/AdminConsole/Services/Implementations/GroupService.cs
+++ b/src/Core/AdminConsole/Services/Implementations/GroupService.cs
@ -1,9 +1,12 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Entities;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
+using Bit.Core.Services;

-namespace Bit.Core.Services;
+namespace Bit.Core.AdminConsole.Services.Implementations;

 public class GroupService : IGroupService
 {
--- a/src/Core/OrganizationFeatures/OrganizationDomains/DeleteOrganizationDomainCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/DeleteOrganizationDomainCommand.cs
@ -1,5 +1,5 @@
-using Bit.Core.Enums;
-using Bit.Core.Exceptions;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
 using Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
@ -18,15 +18,9 @@ public class DeleteOrganizationDomainCommand : IDeleteOrganizationDomainCommand
        _eventService = eventService;
    }

-    public async Task DeleteAsync(Guid id)
+    public async Task DeleteAsync(OrganizationDomain organizationDomain)
    {
-        var domain = await _organizationDomainRepository.GetByIdAsync(id);
-        if (domain is null)
-        {
-            throw new NotFoundException();
-        }
-
-        await _organizationDomainRepository.DeleteAsync(domain);
-        await _eventService.LogOrganizationDomainEventAsync(domain, EventType.OrganizationDomain_Removed);
+        await _organizationDomainRepository.DeleteAsync(organizationDomain);
+        await _eventService.LogOrganizationDomainEventAsync(organizationDomain, EventType.OrganizationDomain_Removed);
    }
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/GetOrganizationDomainByIdOrganizationIdQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/GetOrganizationDomainByIdOrganizationIdQuery.cs
@ -4,15 +4,15 @@ using Bit.Core.Repositories;

 namespace Bit.Core.OrganizationFeatures.OrganizationDomains;

-public class GetOrganizationDomainByIdQuery : IGetOrganizationDomainByIdQuery
+public class GetOrganizationDomainByIdOrganizationIdQuery : IGetOrganizationDomainByIdOrganizationIdQuery
 {
    private readonly IOrganizationDomainRepository _organizationDomainRepository;

-    public GetOrganizationDomainByIdQuery(IOrganizationDomainRepository organizationDomainRepository)
+    public GetOrganizationDomainByIdOrganizationIdQuery(IOrganizationDomainRepository organizationDomainRepository)
    {
        _organizationDomainRepository = organizationDomainRepository;
    }

-    public async Task<OrganizationDomain> GetOrganizationDomainById(Guid id)
-        => await _organizationDomainRepository.GetByIdAsync(id);
+    public async Task<OrganizationDomain> GetOrganizationDomainByIdOrganizationIdAsync(Guid id, Guid organizationId)
+        => await _organizationDomainRepository.GetDomainByIdOrganizationIdAsync(id, organizationId);
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/GetOrganizationDomainByOrganizationIdQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/GetOrganizationDomainByOrganizationIdQuery.cs
@ -13,6 +13,6 @@ public class GetOrganizationDomainByOrganizationIdQuery : IGetOrganizationDomain
        _organizationDomainRepository = organizationDomainRepository;
    }

-    public async Task<ICollection<OrganizationDomain>> GetDomainsByOrganizationId(Guid orgId)
+    public async Task<ICollection<OrganizationDomain>> GetDomainsByOrganizationIdAsync(Guid orgId)
        => await _organizationDomainRepository.GetDomainsByOrganizationIdAsync(orgId);
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IDeleteOrganizationDomainCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IDeleteOrganizationDomainCommand.cs
@ -1,6 +1,8 @@
-namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;
+using Bit.Core.Entities;
+
+namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;

 public interface IDeleteOrganizationDomainCommand
 {
-    Task DeleteAsync(Guid id);
+    Task DeleteAsync(OrganizationDomain organizationDomain);
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByIdOrganizationIdQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByIdOrganizationIdQuery.cs
@ -0,0 +1,8 @@
+using Bit.Core.Entities;
+
+namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;
+
+public interface IGetOrganizationDomainByIdOrganizationIdQuery
+{
+    Task<OrganizationDomain> GetOrganizationDomainByIdOrganizationIdAsync(Guid id, Guid organizationId);
+}
--- a/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByIdQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByIdQuery.cs
@ -1,8 +0,0 @@
-using Bit.Core.Entities;
-
-namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;
-
-public interface IGetOrganizationDomainByIdQuery
-{
-    Task<OrganizationDomain> GetOrganizationDomainById(Guid id);
-}
--- a/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByOrganizationIdQuery.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IGetOrganizationDomainByOrganizationIdQuery.cs
@ -4,5 +4,5 @@ namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;

 public interface IGetOrganizationDomainByOrganizationIdQuery
 {
-    Task<ICollection<OrganizationDomain>> GetDomainsByOrganizationId(Guid orgId);
+    Task<ICollection<OrganizationDomain>> GetDomainsByOrganizationIdAsync(Guid orgId);
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IVerifyOrganizationDomainCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/Interfaces/IVerifyOrganizationDomainCommand.cs
@ -4,5 +4,5 @@ namespace Bit.Core.OrganizationFeatures.OrganizationDomains.Interfaces;

 public interface IVerifyOrganizationDomainCommand
 {
-    Task<OrganizationDomain> VerifyOrganizationDomain(Guid id);
+    Task<OrganizationDomain> VerifyOrganizationDomainAsync(OrganizationDomain organizationDomain);
 }
--- a/src/Core/OrganizationFeatures/OrganizationDomains/VerifyOrganizationDomainCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationDomains/VerifyOrganizationDomainCommand.cs
@ -27,14 +27,8 @@ public class VerifyOrganizationDomainCommand : IVerifyOrganizationDomainCommand
        _logger = logger;
    }

-    public async Task<OrganizationDomain> VerifyOrganizationDomain(Guid id)
+    public async Task<OrganizationDomain> VerifyOrganizationDomainAsync(OrganizationDomain domain)
    {
-        var domain = await _organizationDomainRepository.GetByIdAsync(id);
-        if (domain is null)
-        {
-            throw new NotFoundException();
-        }
-
        if (domain.VerifiedDate is not null)
        {
            domain.SetLastCheckedDate();
--- a/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs
+++ b/src/Core/OrganizationFeatures/OrganizationServiceCollectionExtensions.cs
@ -1,8 +1,8 @@
 using Bit.Core.AdminConsole.OrganizationAuth;
 using Bit.Core.AdminConsole.OrganizationAuth.Interfaces;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups;
+using Bit.Core.AdminConsole.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.Models.Business.Tokenables;
-using Bit.Core.OrganizationFeatures.Groups;
-using Bit.Core.OrganizationFeatures.Groups.Interfaces;
 using Bit.Core.OrganizationFeatures.OrganizationApiKeys;
 using Bit.Core.OrganizationFeatures.OrganizationApiKeys.Interfaces;
 using Bit.Core.OrganizationFeatures.OrganizationCollections;
@ -119,7 +119,7 @@ public static class OrganizationServiceCollectionExtensions
    {
        services.AddScoped<ICreateOrganizationDomainCommand, CreateOrganizationDomainCommand>();
        services.AddScoped<IVerifyOrganizationDomainCommand, VerifyOrganizationDomainCommand>();
-        services.AddScoped<IGetOrganizationDomainByIdQuery, GetOrganizationDomainByIdQuery>();
+        services.AddScoped<IGetOrganizationDomainByIdOrganizationIdQuery, GetOrganizationDomainByIdOrganizationIdQuery>();
        services.AddScoped<IGetOrganizationDomainByOrganizationIdQuery, GetOrganizationDomainByOrganizationIdQuery>();
        services.AddScoped<IDeleteOrganizationDomainCommand, DeleteOrganizationDomainCommand>();
    }
--- a/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpgradeOrganizationPlanCommand.cs
+++ b/src/Core/OrganizationFeatures/OrganizationSubscriptions/UpgradeOrganizationPlanCommand.cs
@ -1,4 +1,5 @@
 using Bit.Core.AdminConsole.Models.OrganizationConnectionConfigs;
+using Bit.Core.AdminConsole.Repositories;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Auth.Repositories;
 using Bit.Core.Context;
--- a/src/Core/Repositories/IEventRepository.cs
+++ b/src/Core/Repositories/IEventRepository.cs
@ -19,4 +19,6 @@ public interface IEventRepository
        PageOptions pageOptions);
    Task CreateAsync(IEvent e);
    Task CreateManyAsync(IEnumerable<IEvent> e);
+    Task<PagedResult<IEvent>> GetManyByOrganizationServiceAccountAsync(Guid organizationId, Guid serviceAccountId,
+        DateTime startDate, DateTime endDate, PageOptions pageOptions);
 }
--- a/src/Core/Repositories/IOrganizationConnectionRepository.cs
+++ b/src/Core/Repositories/IOrganizationConnectionRepository.cs
@ -5,6 +5,7 @@ namespace Bit.Core.Repositories;

 public interface IOrganizationConnectionRepository : IRepository<OrganizationConnection, Guid>
 {
+    Task<OrganizationConnection> GetByIdOrganizationIdAsync(Guid id, Guid organizationId);
    Task<ICollection<OrganizationConnection>> GetByOrganizationIdTypeAsync(Guid organizationId, OrganizationConnectionType type);
    Task<ICollection<OrganizationConnection>> GetEnabledByOrganizationIdTypeAsync(Guid organizationId, OrganizationConnectionType type);
 }
--- a/src/Core/Repositories/IOrganizationDomainRepository.cs
+++ b/src/Core/Repositories/IOrganizationDomainRepository.cs
@ -9,6 +9,7 @@ public interface IOrganizationDomainRepository : IRepository<OrganizationDomain,
    Task<ICollection<OrganizationDomain>> GetDomainsByOrganizationIdAsync(Guid orgId);
    Task<ICollection<OrganizationDomain>> GetManyByNextRunDateAsync(DateTime date);
    Task<OrganizationDomainSsoDetailsData> GetOrganizationDomainSsoDetailsAsync(string email);
+    Task<OrganizationDomain> GetDomainByIdOrganizationIdAsync(Guid id, Guid organizationId);
    Task<OrganizationDomain> GetDomainByOrgIdAndDomainNameAsync(Guid orgId, string domainName);
    Task<ICollection<OrganizationDomain>> GetExpiredOrganizationDomainsAsync();
    Task<bool> DeleteExpiredAsync(int expirationPeriod);
--- a/src/Core/Repositories/TableStorage/EventRepository.cs
+++ b/src/Core/Repositories/TableStorage/EventRepository.cs
@ -61,6 +61,14 @@ public class EventRepository : IEventRepository
        return await GetManyAsync(partitionKey, $"CipherId={cipher.Id}__Date={{0}}", startDate, endDate, pageOptions);
    }

+    public async Task<PagedResult<IEvent>> GetManyByOrganizationServiceAccountAsync(Guid organizationId,
+        Guid serviceAccountId, DateTime startDate, DateTime endDate, PageOptions pageOptions)
+    {
+
+        return await GetManyAsync($"OrganizationId={organizationId}",
+            $"ServiceAccountId={serviceAccountId}__Date={{0}}", startDate, endDate, pageOptions);
+    }
+
    public async Task CreateAsync(IEvent e)
    {
        if (!(e is EventTableEntity entity))
--- a/src/Core/SecretsManager/AuthorizationRequirements/ServiceAccountOperationRequirement.cs
+++ b/src/Core/SecretsManager/AuthorizationRequirements/ServiceAccountOperationRequirement.cs
@ -15,4 +15,5 @@ public static class ServiceAccountOperations
    public static readonly ServiceAccountOperationRequirement ReadAccessTokens = new() { Name = nameof(ReadAccessTokens) };
    public static readonly ServiceAccountOperationRequirement CreateAccessToken = new() { Name = nameof(CreateAccessToken) };
    public static readonly ServiceAccountOperationRequirement RevokeAccessTokens = new() { Name = nameof(RevokeAccessTokens) };
+    public static readonly ServiceAccountOperationRequirement ReadEvents = new() { Name = nameof(ReadEvents) };
 }
--- a/src/Core/SecretsManager/Entities/AccessPolicy.cs
+++ b/src/Core/SecretsManager/Entities/AccessPolicy.cs
@ -1,4 +1,5 @@
 #nullable enable
+using Bit.Core.AdminConsole.Entities;
 using Bit.Core.Entities;
 using Bit.Core.Utilities;

--- a/src/Core/Services/IEventService.cs
+++ b/src/Core/Services/IEventService.cs
@ -1,4 +1,5 @@
-using Bit.Core.Entities;
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Entities;
 using Bit.Core.Entities.Provider;
 using Bit.Core.Enums;
 using Bit.Core.SecretsManager.Entities;
--- a/src/Core/Services/IOrganizationService.cs
+++ b/src/Core/Services/IOrganizationService.cs
@ -1,4 +1,5 @@
 using System.Security.Claims;
+using Bit.Core.AdminConsole.Models.Business;
 using Bit.Core.Auth.Enums;
 using Bit.Core.Entities;
 using Bit.Core.Enums;
--- a/Show More
+++ b/Show More