diff --git a/.github/workflows/ecs_deploy.yml b/.github/workflows/ecs_deploy.yml
deleted file mode 100644
index 0d662c9c28..0000000000
--- a/.github/workflows/ecs_deploy.yml
+++ /dev/null
@@ -1,85 +0,0 @@
-# This workflow will build and push a new container image to Amazon ECR,
-# and then will deploy a new task definition to Amazon ECS, when a release is created
-#
-# To use this workflow, you will need to complete the following set-up steps:
-#
-# 1. Create an ECR repository to store your images.
-#    For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`.
-#    Replace the value of `ECR_REPOSITORY` in the workflow below with your repository's name.
-#    Replace the value of `aws-region` in the workflow below with your repository's region.
-#
-# 2. Create an ECS task definition, an ECS cluster, and an ECS service.
-#    For example, follow the Getting Started guide on the ECS console:
-#      https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun
-#    Replace the values for `service` and `cluster` in the workflow below with your service and cluster names.
-#
-# 3. Store your ECS task definition as a JSON file in your repository.
-#    The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`.
-#    Replace the value of `task-definition` in the workflow below with your JSON file's name.
-#    Replace the value of `container-name` in the workflow below with the name of the container
-#    in the `containerDefinitions` section of the task definition.
-#
-# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
-#    See the documentation for each action used below for the recommended IAM policies for this IAM user,
-#    and best practices on handling the access key credentials.
-
-on:
-  push:
-    tags:
-      - 'v*'
-
-name: Deploy to Amazon ECS
-
-jobs:
-  deploy:
-    name: deploy
-    runs-on: ubuntu-16.04
-
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: eu-west-1
-
-    - name: Download task definition
-      run: |
-        aws ecs describe-task-definition --task-definition ProdAppServerStackprodbudiapplbfargateserviceprodbudiappserverfargatetaskdefinition2EF7F1E7 --query taskDefinition > task-definition.json
-      
-    - name: Login to Amazon ECR
-      id: login-ecr
-      uses: aws-actions/amazon-ecr-login@v1
-
-    - name: Build, tag, and push image to Amazon ECR
-      id: build-image
-      env:
-        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-        ECR_REPOSITORY: prod-budi-app-server
-        IMAGE_TAG: ${{ github.sha }}
-      run: |
-        # Build a docker container and
-        # push it to ECR so that it can
-        # be deployed to ECS
-        cd packages/server
-        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-        echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
-    - name: Fill in the new image ID in the Amazon ECS task definition
-      id: task-def
-      uses: aws-actions/amazon-ecs-render-task-definition@v1
-      with:
-        task-definition: task-definition.json
-        container-name: prod-budi-app-server 
-        image: ${{ steps.build-image.outputs.image }}
-
-    - name: Deploy Amazon ECS task definition
-      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-      with:
-        task-definition: ${{ steps.task-def.outputs.task-definition }}
-        service: prod-budi-app-server-service
-        cluster: prod-budi-app-server
-        wait-for-service-stability: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4e76626d2c..588f0c54ae 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -42,6 +42,10 @@ jobs:
           echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} >> .npmrc 
           yarn release
 
+      - name: Get Previous tag
+          id: previoustag
+          uses: "WyriHaximus/github-action-get-previous-tag@v1"
+
       - name: Build/release Docker images
         run: | 
           docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
@@ -50,3 +54,18 @@ jobs:
         env:
           DOCKER_USER: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_API_KEY }}
+          BUDIBASE_RELEASE_VERSION: ${{ steps.previoustag.outputs.tag }}
+
+      - uses: azure/setup-helm@v1
+        id: install
+
+      # So, we need to inject the values into this
+      - run: yarn release:helm
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.1.0
+        with:
+          charts_dir: docs
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+    
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index b2a2021cc9..3a5fc5dc7b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -55,7 +55,7 @@ typings/
 .node_repl_history
 
 # Output of 'npm pack'
-*.tgz
+# *.tgz
 
 # Yarn Integrity file
 .yarn-integrity
@@ -91,4 +91,4 @@ hosting/.generated-envoy.dev.yaml
 
 # Sublime text
 *.sublime-project
-*.sublime-workspace
\ No newline at end of file
+*.sublime-workspace
diff --git a/.husky/pre-commit b/.husky/pre-commit
new file mode 100755
index 0000000000..3b614330e0
--- /dev/null
+++ b/.husky/pre-commit
@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+yarn run lint
diff --git a/docs/budibase-0.1.0.tgz b/docs/budibase-0.1.0.tgz
new file mode 100644
index 0000000000..7873874ab0
Binary files /dev/null and b/docs/budibase-0.1.0.tgz differ
diff --git a/docs/budibase-0.1.1.tgz b/docs/budibase-0.1.1.tgz
new file mode 100644
index 0000000000..b38527c4a4
Binary files /dev/null and b/docs/budibase-0.1.1.tgz differ
diff --git a/docs/index.html b/docs/index.html
new file mode 100644
index 0000000000..0fa6060f8f
--- /dev/null
+++ b/docs/index.html
@@ -0,0 +1,9 @@
+<html>
+  <head>
+    <title>Budibase Helm Chart Repo</title>
+  </head>
+  <body>
+    <h1>Budibase Charts Repo</h1>
+    <p>Point Helm at this repo to see charts.</p>
+  </body>
+</html>
\ No newline at end of file
diff --git a/docs/index.yaml b/docs/index.yaml
new file mode 100644
index 0000000000..4e064f3dd0
--- /dev/null
+++ b/docs/index.yaml
@@ -0,0 +1,54 @@
+apiVersion: v1
+entries:
+  budibase:
+  - apiVersion: v2
+    appVersion: 0.9.56
+    created: "2021-08-18T18:41:52.640176+01:00"
+    dependencies:
+    - condition: services.couchdb.enabled
+      name: couchdb
+      repository: https://apache.github.io/couchdb-helm
+      version: 3.3.4
+    - name: ingress-nginx
+      repository: https://github.com/kubernetes/ingress-nginx
+      version: 3.35.0
+    description: Budibase is an open source low-code platform, helping thousands of teams build apps for their workplace in minutes.
+    digest: 8dc4f2ed4d98cad5adf25936aefea680042d3e4e17832f846b961fd8708ad192
+    keywords:
+    - low-code
+    - database
+    - cluster
+    name: budibase
+    sources:
+    - https://github.com/Budibase/budibase
+    - https://budibase.com
+    type: application
+    urls:
+    - https://budibase.github.io/budibase/budibase-0.1.1.tgz
+    version: 0.1.1
+  - apiVersion: v2
+    appVersion: 0.9.56
+    created: "2021-08-18T18:41:52.635603+01:00"
+    dependencies:
+    - condition: services.couchdb.enabled
+      name: couchdb
+      repository: https://apache.github.io/couchdb-helm
+      version: 3.3.4
+    - name: ingress-nginx
+      repository: https://github.com/kubernetes/ingress-nginx
+      version: 3.35.0
+    description: Budibase is an open source low-code platform, helping thousands of teams build apps for their workplace in minutes.
+    digest: 08031b0803cce0eff64472e569d454d9176119c8207aa9873a9c95ee66cc7d3f
+    keywords:
+    - low-code
+    - database
+    - cluster
+    name: budibase
+    sources:
+    - https://github.com/Budibase/budibase
+    - https://budibase.com
+    type: application
+    urls:
+    - https://budibase.github.io/budibase/budibase-0.1.0.tgz
+    version: 0.1.0
+generated: "2021-08-18T18:41:52.629415+01:00"
diff --git a/hosting/envoy.dev.yaml.hbs b/hosting/envoy.dev.yaml.hbs
index 76417b3e0d..01d5a09efa 100644
--- a/hosting/envoy.dev.yaml.hbs
+++ b/hosting/envoy.dev.yaml.hbs
@@ -26,10 +26,18 @@ static_resources:
                   cluster: couchdb-service
                   prefix_rewrite: "/"
 
+              - match: { prefix: "/api/system/" }
+                route:
+                  cluster: worker-dev
+
               - match: { prefix: "/api/admin/" }
                 route:
                   cluster: worker-dev
 
+              - match: { prefix: "/api/global/" }
+                route:
+                  cluster: worker-dev
+
               - match: { prefix: "/api/" }
                 route:
                   cluster: server-dev
diff --git a/hosting/envoy.yaml b/hosting/envoy.yaml
index d7b34f4d5e..d5f9ebee28 100644
--- a/hosting/envoy.yaml
+++ b/hosting/envoy.yaml
@@ -37,11 +37,19 @@ static_resources:
                 route:
                   cluster: app-service
 
-              # special case for worker admin API
+              # special cases for worker admin (deprecated), global and system API
+              - match: { prefix: "/api/global/" }
+                route:
+                  cluster: worker-service
+
               - match: { prefix: "/api/admin/" }
                 route:
                   cluster: worker-service
 
+              - match: { prefix: "/api/system/" }
+                route:
+                  cluster: worker-service
+
               - match: { path: "/" }
                 route:
                   cluster: app-service
diff --git a/hosting/kubernetes/budibase/.helmignore b/hosting/kubernetes/budibase/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/hosting/kubernetes/budibase/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/hosting/kubernetes/budibase/Chart.yaml b/hosting/kubernetes/budibase/Chart.yaml
new file mode 100644
index 0000000000..b82cb3bab2
--- /dev/null
+++ b/hosting/kubernetes/budibase/Chart.yaml
@@ -0,0 +1,41 @@
+apiVersion: v2
+name: budibase
+description: Budibase is an open source low-code platform, helping thousands of teams build apps for their workplace in minutes.
+keywords:
+- low-code
+- database
+- cluster
+sources:
+- https://github.com/Budibase/budibase
+- https://budibase.com
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.9.56"
+
+dependencies:
+  - name: couchdb
+    version: 3.3.4
+    repository: https://apache.github.io/couchdb-helm
+    condition: services.couchdb.enabled
+  - name: ingress-nginx
+    version: 3.35.0 
+    repository: https://github.com/kubernetes/ingress-nginx
+    condition: services.ingress.nginx
diff --git a/hosting/kubernetes/budibase/README.md b/hosting/kubernetes/budibase/README.md
new file mode 100644
index 0000000000..efa78ba75c
--- /dev/null
+++ b/hosting/kubernetes/budibase/README.md
@@ -0,0 +1,39 @@
+# Budibase
+
+[Budibase](https://budibase.com/) Budibase is an open source low-code platform, helping thousands of teams build apps for their workplace in minutes.
+
+## TL;DR;
+```console
+$ cd chart
+$ helm install budibase .
+```
+
+## Introduction
+
+This chart bootstraps a [Budibase](https://budibase.com/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- helm v3 or above
+- Kubernetes 1.4+
+- PV provisioner support in the underlying infrastructure (with persistence storage enabled)
+
+## Installing the Chart
+
+To install the chart with the release name `budi-release`:
+
+```console
+$ helm install budi-release .
+```
+
+The command deploys Budibase on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```console
+$ helm delete my-release
+```
diff --git a/hosting/kubernetes/budibase/charts/couchdb/Chart.yaml b/hosting/kubernetes/budibase/charts/couchdb/Chart.yaml
new file mode 100755
index 0000000000..74ae734a17
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/Chart.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+appVersion: 3.1.0
+description: A database featuring seamless multi-master sync, that scales from big
+  data to mobile, with an intuitive HTTP/JSON API and designed for reliability.
+home: https://couchdb.apache.org/
+icon: http://couchdb.apache.org/CouchDB-visual-identity/logo/CouchDB-couch-symbol.svg
+keywords:
+- couchdb
+- database
+- nosql
+maintainers:
+- email: kocolosk@apache.org
+  name: kocolosk
+- email: willholley@apache.org
+  name: willholley
+name: couchdb
+sources:
+- https://github.com/apache/couchdb-docker
+version: 3.3.4
diff --git a/hosting/kubernetes/budibase/charts/couchdb/README.md b/hosting/kubernetes/budibase/charts/couchdb/README.md
new file mode 100755
index 0000000000..3227123d06
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/README.md
@@ -0,0 +1,244 @@
+# CouchDB
+
+Apache CouchDB is a database featuring seamless multi-master sync, that scales
+from big data to mobile, with an intuitive HTTP/JSON API and designed for
+reliability.
+
+This chart deploys a CouchDB cluster as a StatefulSet. It creates a ClusterIP
+Service in front of the Deployment for load balancing by default, but can also
+be configured to deploy other Service types or an Ingress Controller. The
+default persistence mechanism is simply the ephemeral local filesystem, but
+production deployments should set `persistentVolume.enabled` to `true` to attach
+storage volumes to each Pod in the Deployment.
+
+## TL;DR
+
+```bash
+$ helm repo add couchdb https://apache.github.io/couchdb-helm
+$ helm install couchdb/couchdb \
+  --set allowAdminParty=true \
+  --set couchdbConfig.couchdb.uuid=$(curl https://www.uuidgenerator.net/api/version4 2>/dev/null | tr -d -)
+```
+
+## Prerequisites
+
+- Kubernetes 1.9+ with Beta APIs enabled
+- Ingress requires Kubernetes 1.14+
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+Add the CouchDB Helm repository:
+
+```bash
+$ helm repo add couchdb https://apache.github.io/couchdb-helm
+```
+
+Afterwards install the chart replacing the UUID
+`decafbaddecafbaddecafbaddecafbad` with a custom one:
+
+```bash
+$ helm install \
+  --name my-release \
+  --set couchdbConfig.couchdb.uuid=decafbaddecafbaddecafbaddecafbad \
+  couchdb/couchdb
+```
+
+This will create a Secret containing the admin credentials for the cluster.
+Those credentials can be retrieved as follows:
+
+```bash
+$ kubectl get secret my-release-couchdb -o go-template='{{ .data.adminPassword }}' | base64 --decode
+```
+
+If you prefer to configure the admin credentials directly you can create a
+Secret containing `adminUsername`, `adminPassword` and `cookieAuthSecret` keys:
+
+```bash
+$  kubectl create secret generic my-release-couchdb --from-literal=adminUsername=foo --from-literal=adminPassword=bar --from-literal=cookieAuthSecret=baz
+```
+
+If you want to set the `adminHash` directly to achieve consistent salts between 
+different nodes you need to addionally add the key `password.ini` to the secret:
+
+```bash
+$  kubectl create secret generic my-release-couchdb \
+   --from-literal=adminUsername=foo \
+   --from-literal=cookieAuthSecret=baz \
+   --from-file=./my-password.ini 
+```
+
+With the following contents in `my-password.ini`:
+
+```
+[admins]
+foo = <pbkdf2-hash>
+```
+
+and then install the chart while overriding the `createAdminSecret` setting:
+
+```bash
+$ helm install \
+  --name my-release \
+  --set createAdminSecret=false \
+  --set couchdbConfig.couchdb.uuid=decafbaddecafbaddecafbaddecafbad \
+  couchdb/couchdb
+```
+
+This Helm chart deploys CouchDB on the Kubernetes cluster in a default
+configuration. The [configuration](#configuration) section lists
+the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` Deployment:
+
+```bash
+$ helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and
+deletes the release.
+
+## Upgrading an existing Release to a new major version
+
+A major chart version change (like v0.2.3 -> v1.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### Upgrade to 3.0.0
+
+Since version 3.0.0 setting the CouchDB server instance UUID is mandatory.
+Therefore you need to generate a UUID and supply it as a value during the
+upgrade as follows:
+
+```bash
+$ helm upgrade <release-name> \
+  --reuse-values \
+  --set couchdbConfig.couchdb.uuid=<UUID> \
+  couchdb/couchdb
+```
+
+## Migrating from stable/couchdb
+
+This chart replaces the `stable/couchdb` chart previously hosted by Helm and continues the
+version semantics. You can upgrade directly from `stable/couchdb` to this chart using:
+
+```bash
+$ helm repo add couchdb https://apache.github.io/couchdb-helm
+$ helm upgrade my-release couchdb/couchdb
+```
+
+## Configuration
+
+The following table lists the most commonly configured parameters of the
+CouchDB chart and their default values:
+
+|           Parameter             |             Description                               |                Default                 |
+|---------------------------------|-------------------------------------------------------|----------------------------------------|
+| `clusterSize`                   | The initial number of nodes in the CouchDB cluster    | 3                                      |
+| `couchdbConfig`                 | Map allowing override elements of server .ini config  | *See below*                            |
+| `allowAdminParty`               | If enabled, start cluster without admin account       | false (requires creating a Secret)     |
+| `createAdminSecret`             | If enabled, create an admin account and cookie secret | true                                   |
+| `schedulerName`                 | Name of the k8s scheduler (other than default)        | `nil`                                  |
+| `erlangFlags`                   | Map of flags supplied to the underlying Erlang VM     | name: couchdb, setcookie: monster
+| `persistentVolume.enabled`      | Boolean determining whether to attach a PV to each node | false
+| `persistentVolume.size`         | If enabled, the size of the persistent volume to attach                          | 10Gi
+| `enableSearch`                  | Adds a sidecar for Lucene-powered text search         | false                                  |
+
+You can set the values of the `couchdbConfig` map according to the
+[official configuration][4]. The following shows the map's default values and
+required options to set:
+
+|           Parameter             |             Description                                            |                Default                 |
+|---------------------------------|--------------------------------------------------------------------|----------------------------------------|
+| `couchdb.uuid`                  | UUID for this CouchDB server instance ([Required in a cluster][5]) |                                        |
+| `chttpd.bind_address`           | listens on all interfaces when set to any                          | any                                    |
+| `chttpd.require_valid_user`     | disables all the anonymous requests to the port 5984 when true     | false                                  |
+
+A variety of other parameters are also configurable. See the comments in the
+`values.yaml` file for further details:
+
+|           Parameter                  |                Default                 |
+|--------------------------------------|----------------------------------------|
+| `adminUsername`                      | admin                                  |
+| `adminPassword`                      | auto-generated                         |
+| `adminHash`                          |                                        |
+| `cookieAuthSecret`                   | auto-generated                         |
+| `image.repository`                   | couchdb                                |
+| `image.tag`                          | 3.1.0                                  |
+| `image.pullPolicy`                   | IfNotPresent                           |
+| `searchImage.repository`             | kocolosk/couchdb-search                |
+| `searchImage.tag`                    | 0.1.0                                  |
+| `searchImage.pullPolicy`             | IfNotPresent                           |
+| `initImage.repository`               | busybox                                |
+| `initImage.tag`                      | latest                                 |
+| `initImage.pullPolicy`               | Always                                 |
+| `ingress.enabled`                    | false                                  |
+| `ingress.hosts`                      | chart-example.local                    |
+| `ingress.annotations`                |                                        |
+| `ingress.path`                       | /                                      |
+| `ingress.tls`                        |                                        |
+| `persistentVolume.accessModes`       | ReadWriteOnce                          |
+| `persistentVolume.storageClass`      | Default for the Kube cluster           |
+| `podManagementPolicy`                | Parallel                               |
+| `affinity`                           |                                        |
+| `annotations`                        |                                        |
+| `tolerations`                        |                                        |
+| `resources`                          |                                        |
+| `service.annotations`                |                                        |
+| `service.enabled`                    | true                                   |
+| `service.type`                       | ClusterIP                              |
+| `service.externalPort`               | 5984                                   |
+| `dns.clusterDomainSuffix`            | cluster.local                          |
+| `networkPolicy.enabled`              | true                                   |
+| `serviceAccount.enabled`             | true                                   |
+| `serviceAccount.create`              | true                                   |
+| `serviceAccount.imagePullSecrets`    |                                        |
+| `sidecars`                           | {}                                     |
+| `livenessProbe.enabled`              | true                                   |
+| `livenessProbe.failureThreshold`     | 3                                      |
+| `livenessProbe.initialDelaySeconds`  | 0                                      |
+| `livenessProbe.periodSeconds`        | 10                                     |
+| `livenessProbe.successThreshold`     | 1                                      |
+| `livenessProbe.timeoutSeconds`       | 1                                      |
+| `readinessProbe.enabled`             | true                                   |
+| `readinessProbe.failureThreshold`    | 3                                      |
+| `readinessProbe.initialDelaySeconds` | 0                                      |
+| `readinessProbe.periodSeconds`       | 10                                     |
+| `readinessProbe.successThreshold`    | 1                                      |
+| `readinessProbe.timeoutSeconds`      | 1                                      |
+
+## Feedback, Issues, Contributing
+
+General feedback is welcome at our [user][1] or [developer][2] mailing lists.
+
+Apache CouchDB has a [CONTRIBUTING][3] file with details on how to get started
+with issue reporting or contributing to the upkeep of this project. In short,
+use GitHub Issues, do not report anything on Docker's website.
+
+## Non-Apache CouchDB Development Team Contributors
+
+- [@natarajaya](https://github.com/natarajaya)
+- [@satchpx](https://github.com/satchpx)
+- [@spanato](https://github.com/spanato)
+- [@jpds](https://github.com/jpds)
+- [@sebastien-prudhomme](https://github.com/sebastien-prudhomme)
+- [@stepanstipl](https://github.com/sebastien-stepanstipl)
+- [@amatas](https://github.com/amatas)
+- [@Chimney42](https://github.com/Chimney42)
+- [@mattjmcnaughton](https://github.com/mattjmcnaughton)
+- [@mainephd](https://github.com/mainephd)
+- [@AdamDang](https://github.com/AdamDang)
+- [@mrtyler](https://github.com/mrtyler)
+- [@kevinwlau](https://github.com/kevinwlau)
+- [@jeyenzo](https://github.com/jeyenzo)
+- [@Pinpin31.](https://github.com/Pinpin31)
+
+[1]: http://mail-archives.apache.org/mod_mbox/couchdb-user/
+[2]: http://mail-archives.apache.org/mod_mbox/couchdb-dev/
+[3]: https://github.com/apache/couchdb/blob/master/CONTRIBUTING.md
+[4]: https://docs.couchdb.org/en/stable/config/index.html
+[5]: https://docs.couchdb.org/en/latest/setup/cluster.html#preparing-couchdb-nodes-to-be-joined-into-a-cluster
diff --git a/hosting/kubernetes/budibase/charts/couchdb/ci/required-values.yaml b/hosting/kubernetes/budibase/charts/couchdb/ci/required-values.yaml
new file mode 100755
index 0000000000..79589d2e04
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/ci/required-values.yaml
@@ -0,0 +1,3 @@
+couchdbConfig:
+  couchdb:
+    uuid: "decafbaddecafbaddecafbaddecafbad"
diff --git a/hosting/kubernetes/budibase/charts/couchdb/ci/sidecar.yaml b/hosting/kubernetes/budibase/charts/couchdb/ci/sidecar.yaml
new file mode 100755
index 0000000000..aa570bdf74
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/ci/sidecar.yaml
@@ -0,0 +1,9 @@
+sidecars:
+  - name: foo
+    image: "busybox"
+    imagePullPolicy: IfNotPresent
+    resources:
+      requests:
+        cpu: "0.1"
+        memory: 10Mi
+    command: ['while true; do echo "foo"; sleep 5; done;']
diff --git a/hosting/kubernetes/budibase/charts/couchdb/password.ini b/hosting/kubernetes/budibase/charts/couchdb/password.ini
new file mode 100755
index 0000000000..4ce8445aae
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/password.ini
@@ -0,0 +1,2 @@
+[admins]
+{{ .Values.adminUsername }} = {{ .Values.adminHash }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/NOTES.txt b/hosting/kubernetes/budibase/charts/couchdb/templates/NOTES.txt
new file mode 100755
index 0000000000..a3658bd37f
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/NOTES.txt
@@ -0,0 +1,20 @@
+Apache CouchDB is starting. Check the status of the Pods using:
+
+  kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "couchdb.name" . }},release={{ .Release.Name }}"
+
+Once all of the Pods are fully Ready, execute the following command to create
+some required system databases:
+
+  kubectl exec --namespace {{ .Release.Namespace }} {{ if not .Values.allowAdminParty }}-it {{ end }}{{ template "couchdb.fullname" . }}-0 -c couchdb -- \
+    curl -s \
+    http://127.0.0.1:5984/_cluster_setup \
+    -X POST \
+    -H "Content-Type: application/json" \
+{{- if .Values.allowAdminParty }}
+    -d '{"action": "finish_cluster"}'
+{{- else }}
+    -d '{"action": "finish_cluster"}' \
+    -u <adminUsername>
+{{- end }}
+
+Then it's time to relax.
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/_helpers.tpl b/hosting/kubernetes/budibase/charts/couchdb/templates/_helpers.tpl
new file mode 100755
index 0000000000..f9d013e487
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/_helpers.tpl
@@ -0,0 +1,81 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "couchdb.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "couchdb.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- printf "%s-%s" .Values.fullnameOverride .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+In the event that we create both a headless service and a traditional one,
+ensure that the latter gets a unique name.
+*/}}
+{{- define "couchdb.svcname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- printf "%s-svc-%s" .Values.fullnameOverride .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-svc-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a random string if the supplied key does not exist
+*/}}
+{{- define "couchdb.defaultsecret" -}}
+{{- if . -}}
+{{- . | b64enc | quote -}}
+{{- else -}}
+{{- randAlphaNum 20 | b64enc | quote -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Labels used to define Pods in the CouchDB statefulset
+*/}}
+{{- define "couchdb.ss.selector" -}}
+app: {{ template "couchdb.name" . }}
+release: {{ .Release.Name }}
+{{- end -}}
+
+{{/*
+Generates a comma delimited list of nodes in the cluster
+*/}}
+{{- define "couchdb.seedlist" -}}
+{{- $nodeCount :=  min 5 .Values.clusterSize | int }}
+  {{- range $index0 := until $nodeCount -}}
+    {{- $index1 := $index0 | add1 -}}
+    {{ $.Values.erlangFlags.name }}@{{ template "couchdb.fullname" $ }}-{{ $index0 }}.{{ template "couchdb.fullname" $ }}.{{ $.Release.Namespace }}.svc.{{ $.Values.dns.clusterDomainSuffix }}{{ if ne $index1 $nodeCount }},{{ end }}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+If serviceAccount.name is specified, use that, else use the couchdb instance name
+*/}}
+{{- define "couchdb.serviceAccount" -}}
+{{- if .Values.serviceAccount.name -}}
+{{- .Values.serviceAccount.name }}
+{{- else -}}
+{{- template "couchdb.fullname" . -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Fail if couchdbConfig.couchdb.uuid is undefined
+*/}}
+{{- define "couchdb.uuid" -}}
+{{- required "A value for couchdbConfig.couchdb.uuid must be set" (.Values.couchdbConfig.couchdb | default dict).uuid -}}
+{{- end -}} 
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/configmap.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/configmap.yaml
new file mode 100755
index 0000000000..a6a20e0574
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/configmap.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+data:
+  inifile: |
+    {{ $couchdbConfig := dict "couchdb" (dict "uuid" (include "couchdb.uuid" .)) -}}
+    {{- $couchdbConfig := merge $couchdbConfig .Values.couchdbConfig -}}
+    {{- range $section, $settings := $couchdbConfig -}}
+    {{ printf "[%s]" $section }}
+    {{ range $key, $value := $settings -}}
+    {{ printf "%s = %s" $key ($value | toString) }}
+    {{ end }}
+    {{ end }}
+
+  seedlistinifile: |
+    [cluster]
+    seedlist = {{ template "couchdb.seedlist" . }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/headless.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/headless.yaml
new file mode 100755
index 0000000000..0ce3ef0f35
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/headless.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  clusterIP: None
+  publishNotReadyAddresses: true
+  ports:
+    - name: couchdb
+      port: 5984
+  selector:
+{{ include "couchdb.ss.selector" . | indent 4 }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/ingress.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/ingress.yaml
new file mode 100755
index 0000000000..c547847ce5
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/ingress.yaml
@@ -0,0 +1,33 @@
+{{- if .Values.ingress.enabled -}}
+{{- $serviceName := include "couchdb.fullname" . -}}
+{{- $servicePort := .Values.service.externalPort -}}
+{{- $path := .Values.ingress.path | quote -}}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    {{- range $key, $value := .Values.ingress.annotations }}
+      {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+    {{- range $host := .Values.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+          - path: {{ $path }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end -}}
+  {{- if .Values.ingress.tls }}
+  tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/networkpolicy.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/networkpolicy.yaml
new file mode 100755
index 0000000000..2830708bef
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/networkpolicy.yaml
@@ -0,0 +1,31 @@
+
+{{- if .Values.networkPolicy.enabled }}
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  podSelector:
+    matchLabels:
+{{ include "couchdb.ss.selector" . | indent 6 }}
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 5984
+    - ports:
+        - protocol: TCP
+          port: 9100
+        - protocol: TCP
+          port: 4369
+      from:
+        - podSelector:
+            matchLabels:
+{{ include "couchdb.ss.selector" . | indent 14 }}
+  policyTypes:
+    - Ingress
+{{- end }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/secrets.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/secrets.yaml
new file mode 100755
index 0000000000..92f55c6d6b
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/secrets.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.createAdminSecret -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+  adminUsername: {{ template "couchdb.defaultsecret" .Values.adminUsername }}
+  adminPassword: {{ template "couchdb.defaultsecret" .Values.adminPassword }}
+  cookieAuthSecret: {{ template "couchdb.defaultsecret" .Values.cookieAuthSecret }}
+{{- if  .Values.adminHash  }}
+  password.ini: {{ tpl (.Files.Get "password.ini") . | b64enc }}
+{{- end -}}
+{{- end -}}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/service.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/service.yaml
new file mode 100755
index 0000000000..6d0382477d
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/service.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.service.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "couchdb.svcname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.service.annotations }}
+  annotations:
+{{ toYaml .Values.service.annotations | indent 4 }}
+{{- end }}
+spec:
+  ports:
+    - port: {{ .Values.service.externalPort }}
+      protocol: TCP
+      targetPort: 5984
+  type: {{ .Values.service.type }}
+  selector:
+{{ include "couchdb.ss.selector" . | indent 4 }}
+{{- end -}}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/serviceaccount.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/serviceaccount.yaml
new file mode 100755
index 0000000000..bb82799a49
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/serviceaccount.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "couchdb.serviceAccount" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.serviceAccount.imagePullSecrets }}
+imagePullSecrets:
+{{ toYaml .Values.serviceAccount.imagePullSecrets }}
+{{- end }}
+{{- end }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/templates/statefulset.yaml b/hosting/kubernetes/budibase/charts/couchdb/templates/statefulset.yaml
new file mode 100755
index 0000000000..6225fbe98c
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/templates/statefulset.yaml
@@ -0,0 +1,202 @@
+apiVersion:  apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ template "couchdb.fullname" . }}
+  labels:
+    app: {{ template "couchdb.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.clusterSize }}
+  serviceName: {{ template "couchdb.fullname" . }}
+  podManagementPolicy: {{ .Values.podManagementPolicy }}
+  selector:
+    matchLabels:
+{{ include "couchdb.ss.selector" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+{{ include "couchdb.ss.selector" . | indent 8 }}
+{{- with .Values.annotations }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+    spec:
+      {{- if .Values.schedulerName }}
+      schedulerName: "{{ .Values.schedulerName }}"
+      {{- end }}
+      {{- if .Values.serviceAccount.enabled }}
+      serviceAccountName: {{ template "couchdb.serviceAccount" . }}
+      {{- end }}
+      initContainers:
+        - name: init-copy
+          image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
+          imagePullPolicy: {{ .Values.initImage.pullPolicy }}
+          command: ['sh','-c','cp /tmp/chart.ini /default.d; cp /tmp/seedlist.ini /default.d; ls -lrt /default.d;']
+          volumeMounts:
+          - name: config
+            mountPath: /tmp/
+          - name: config-storage
+            mountPath: /default.d
+{{- if .Values.adminHash }}
+        - name: admin-hash-copy
+          image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}"
+          imagePullPolicy: {{ .Values.initImage.pullPolicy }}
+          command: ['sh','-c','cp /tmp/password.ini /local.d/ ;']
+          volumeMounts:
+            - name: admin-password
+              mountPath: /tmp/password.ini
+              subPath: "password.ini"
+            - name: local-config-storage
+              mountPath: /local.d
+{{- end }}
+      containers:
+        - name: couchdb
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: couchdb
+              containerPort: 5984
+            - name: epmd
+              containerPort: 4369
+            - containerPort: 9100
+          env:
+{{- if not .Values.allowAdminParty }}
+            - name: COUCHDB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "couchdb.fullname" . }}
+                  key: adminUsername
+            - name: COUCHDB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "couchdb.fullname" . }}
+                  key: adminPassword
+            - name: COUCHDB_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "couchdb.fullname" . }}
+                  key: cookieAuthSecret
+{{- end }}
+            - name: ERL_FLAGS
+              value: "{{ range $k, $v := .Values.erlangFlags }} -{{ $k }} {{ $v }} {{ end }}"
+{{- if .Values.livenessProbe.enabled }}
+          livenessProbe:
+{{- if .Values.couchdbConfig.chttpd.require_valid_user }}
+            exec:
+              command:
+                - sh
+                - -c
+                - curl -G --silent --fail -u ${COUCHDB_USER}:${COUCHDB_PASSWORD} http://localhost:5984/_up
+{{- else }}
+            httpGet:
+              path: /_up
+              port: 5984
+{{- end }}
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+{{- end }}
+{{- if .Values.readinessProbe.enabled }}
+          readinessProbe:
+{{- if .Values.couchdbConfig.chttpd.require_valid_user }}
+            exec:
+              command:
+                - sh
+                - -c
+                - curl -G --silent --fail -u ${COUCHDB_USER}:${COUCHDB_PASSWORD} http://localhost:5984/_up
+{{- else }}
+            httpGet:
+              path: /_up
+              port: 5984
+{{- end }}
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+{{- end }}
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+          volumeMounts:
+          - name: config-storage
+            mountPath: /opt/couchdb/etc/default.d
+{{- if .Values.adminHash }}
+          - name: local-config-storage
+            mountPath: /opt/couchdb/etc/local.d
+{{- end }}
+          - name: database-storage
+            mountPath: /opt/couchdb/data
+{{- if .Values.enableSearch }}
+        - name: clouseau
+          image: "{{ .Values.searchImage.repository }}:{{ .Values.searchImage.tag }}"
+          imagePullPolicy: {{ .Values.searchImage.pullPolicy }}
+          volumeMounts:
+          - name: database-storage
+            mountPath: /opt/couchdb-search/data
+{{- end }}
+{{- if .Values.sidecars }}
+{{ toYaml .Values.sidecars | indent 8}}
+{{- end }}
+{{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+{{- with .Values.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- with .Values.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+{{- end }}
+      volumes:
+        - name: config-storage
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: {{ template "couchdb.fullname" . }}
+            items:
+              - key: inifile
+                path: chart.ini
+              - key: seedlistinifile
+                path: seedlist.ini
+
+{{- if .Values.adminHash }}
+        - name: local-config-storage
+          emptyDir: {}
+        - name: admin-password
+          secret:
+            secretName: {{ template "couchdb.fullname" . }}
+{{- end -}}
+
+{{- if not .Values.persistentVolume.enabled }}
+        - name: database-storage
+          emptyDir: {}
+{{- else }}
+  volumeClaimTemplates:
+    - metadata:
+        name: database-storage
+        labels:
+          app: {{ template "couchdb.name" . }}
+          release: {{ .Release.Name }}
+      spec:
+        accessModes:
+        {{- range .Values.persistentVolume.accessModes }}
+          - {{ . | quote }}
+        {{- end }}
+        resources:
+          requests:
+            storage: {{ .Values.persistentVolume.size | quote }}
+      {{- if .Values.persistentVolume.storageClass }}
+      {{- if (eq "-" .Values.persistentVolume.storageClass) }}
+        storageClassName: ""
+      {{- else }}
+        storageClassName: "{{ .Values.persistentVolume.storageClass }}"
+      {{- end }}
+      {{- end }}
+{{- end }}
diff --git a/hosting/kubernetes/budibase/charts/couchdb/values.yaml b/hosting/kubernetes/budibase/charts/couchdb/values.yaml
new file mode 100755
index 0000000000..5a5025f816
--- /dev/null
+++ b/hosting/kubernetes/budibase/charts/couchdb/values.yaml
@@ -0,0 +1,201 @@
+## clusterSize is the initial size of the CouchDB cluster.
+clusterSize: 3
+
+## If allowAdminParty is enabled the cluster will start up without any database
+## administrator account; i.e., all users will be granted administrative
+## access. Otherwise, the system will look for a Secret called
+## <ReleaseName>-couchdb containing `adminUsername`, `adminPassword` and
+## `cookieAuthSecret` keys. See the `createAdminSecret` flag.
+## ref: https://kubernetes.io/docs/concepts/configuration/secret/
+allowAdminParty: false
+
+## If createAdminSecret is enabled a Secret called <ReleaseName>-couchdb will
+## be created containing auto-generated credentials. Users who prefer to set
+## these values themselves have a couple of options:
+##
+## 1) The `adminUsername`, `adminPassword`, `adminHash`, and `cookieAuthSecret`
+##    can be defined directly in the chart's values. Note that all of a chart's
+##    values are currently stored in plaintext in a ConfigMap in the tiller
+##    namespace.
+##
+## 2) This flag can be disabled and a Secret with the required keys can be
+##    created ahead of time.
+createAdminSecret: true
+
+# adminUsername: budibase
+# adminPassword: budibase
+# adminHash: -pbkdf2-this_is_not_necessarily_secure_either
+# cookieAuthSecret: admin
+
+## When enabled, will deploy a networkpolicy that allows CouchDB pods to
+## communicate with each other for clustering and ingress on port 5984
+networkPolicy:
+  enabled: true
+
+## Use an alternate scheduler, e.g. "stork".
+## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+##
+# schedulerName:
+
+# Use a service account
+serviceAccount:
+  enabled: true
+  create: true
+# name:
+# imagePullSecrets:
+# - name: myimagepullsecret
+
+## The storage volume used by each Pod in the StatefulSet. If a
+## persistentVolume is not enabled, the Pods will use `emptyDir` ephemeral
+## local storage. Setting the storageClass attribute to "-" disables dynamic
+## provisioning of Persistent Volumes; leaving it unset will invoke the default
+## provisioner.
+persistentVolume:
+  enabled: false
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  storageClass: ""
+
+## The CouchDB image
+image:
+  repository: couchdb
+  tag: 3.1.0
+  pullPolicy: IfNotPresent
+
+## Experimental integration with Lucene-powered fulltext search
+searchImage:
+  repository: kocolosk/couchdb-search
+  tag: 0.2.0
+  pullPolicy: IfNotPresent
+
+## Flip this to flag to include the Search container in each Pod
+enableSearch: true
+
+initImage:
+  repository: busybox
+  tag: latest
+  pullPolicy: Always
+
+## CouchDB is happy to spin up cluster nodes in parallel, but if you encounter
+## problems you can try setting podManagementPolicy to the StatefulSet default
+## `OrderedReady`
+podManagementPolicy: Parallel
+
+## To better tolerate Node failures, we can prevent Kubernetes scheduler from
+## assigning more than one Pod of CouchDB StatefulSet per Node using podAntiAffinity.
+affinity: {}
+  # podAntiAffinity:
+  #   requiredDuringSchedulingIgnoredDuringExecution:
+  #     - labelSelector:
+  #         matchExpressions:
+  #           - key: "app"
+  #             operator: In
+  #             values:
+  #             - couchdb
+  #       topologyKey: "kubernetes.io/hostname"
+
+## Optional pod annotations
+annotations: {}
+
+## Optional tolerations
+tolerations: []
+
+## A StatefulSet requires a headless Service to establish the stable network
+## identities of the Pods, and that Service is created automatically by this
+## chart without any additional configuration. The Service block below refers
+## to a second Service that governs how clients connect to the CouchDB cluster.
+service:
+  # annotations:
+  enabled: true
+  type: ClusterIP
+  externalPort: 5984
+
+## An Ingress resource can provide name-based virtual hosting and TLS
+## termination among other things for CouchDB deployments which are accessed
+## from outside the Kubernetes cluster.
+## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
+ingress:
+  enabled: false
+  hosts:
+    - chart-example.local
+  path: /
+  annotations: []
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  tls:
+    # Secrets must be manually created in the namespace.
+    # - secretName: chart-example-tls
+    #   hosts:
+    #     - chart-example.local
+
+## Optional resource requests and limits for the CouchDB container
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+resources:
+  {}
+  # requests:
+  #  cpu: 100m
+  #  memory: 128Mi
+  # limits:
+  #  cpu: 56
+  #  memory: 256Gi
+
+## erlangFlags is a map that is passed to the Erlang VM as flags using the
+## ERL_FLAGS env. `name` and `setcookie` flags are minimally required to
+## establish connectivity between cluster nodes.
+## ref: http://erlang.org/doc/man/erl.html#init_flags
+erlangFlags:
+  name: couchdb
+  setcookie: monster
+
+## couchdbConfig will override default CouchDB configuration settings.
+## The contents of this map are reformatted into a .ini file laid down
+## by a ConfigMap object.
+## ref: http://docs.couchdb.org/en/latest/config/index.html
+couchdbConfig:
+  couchdb:
+   uuid: budibase-couchdb # REQUIRED: Unique identifier for this CouchDB server instance
+  # cluster:
+  #   q: 8 # Create 8 shards for each database
+  chttpd:
+    bind_address: any
+    # chttpd.require_valid_user disables all the anonymous requests to the port
+    # 5984 when is set to true.
+    require_valid_user: false
+
+# Kubernetes local cluster domain.
+# This is used to generate FQDNs for peers when joining the CouchDB cluster.
+dns:
+  clusterDomainSuffix: cluster.local
+
+## Configure liveness and readiness probe values
+## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
+livenessProbe:
+  enabled: true
+  failureThreshold: 3
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+readinessProbe:
+  enabled: true
+  failureThreshold: 3
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+# Configure arbitrary sidecar containers for CouchDB pods created by the
+# StatefulSet
+sidecars: {}
+  # - name: foo
+  #   image: "busybox"
+  #   imagePullPolicy: IfNotPresent
+  #   resources:
+  #     requests:
+  #       cpu: "0.1"
+  #       memory: 10Mi
+  #   command: ['echo "foo";']
+  #   volumeMounts:
+  #     - name: database-storage
+  #       mountPath: /opt/couchdb/data/
diff --git a/hosting/kubernetes/budibase/charts/ingress-nginx-3.35.0.tgz b/hosting/kubernetes/budibase/charts/ingress-nginx-3.35.0.tgz
new file mode 100644
index 0000000000..ee5214c497
Binary files /dev/null and b/hosting/kubernetes/budibase/charts/ingress-nginx-3.35.0.tgz differ
diff --git a/hosting/kubernetes/budibase/templates/NOTES.txt b/hosting/kubernetes/budibase/templates/NOTES.txt
new file mode 100644
index 0000000000..2ace0aa38d
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "budibase.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "budibase.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "budibase.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "budibase.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/hosting/kubernetes/budibase/templates/_helpers.tpl b/hosting/kubernetes/budibase/templates/_helpers.tpl
new file mode 100644
index 0000000000..3b0853e19f
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/_helpers.tpl
@@ -0,0 +1,83 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "budibase.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "budibase.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- printf "%s-%s" .Values.fullnameOverride .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+CouchDB secret identifier
+*/}}
+{{- define "couchdb.fullname" -}}
+{{- $name := "couchdb" -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Internal DNS
+*/}}
+{{- define "budibase.serviceDns" -}}
+{{- printf "%s.%s.%s" .Release.Namespace "svc" .Values.services.dns -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "budibase.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "budibase.labels" -}}
+helm.sh/chart: {{ include "budibase.chart" . }}
+{{ include "budibase.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "budibase.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "budibase.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "budibase.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "budibase.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create a random string if the supplied key does not exist
+*/}}
+{{- define "budibase.defaultsecret" -}}
+{{- if . -}}
+{{- . | b64enc | quote -}}
+{{- else -}}
+{{- randAlphaNum 20 | b64enc | quote -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/alb-ingress.yaml b/hosting/kubernetes/budibase/templates/alb-ingress.yaml
new file mode 100644
index 0000000000..ea3bd674d5
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/alb-ingress.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.ingress.aws }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-budibase
+  annotations:
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    {{- if .Values.ingress.certificateArn }}
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/certificate-arn: {{ .Values.ingress.certificateArn }} 
+    {{- end }}
+spec:
+  rules:
+    - http:
+        paths:
+        {{- if .Values.ingress.certificateArn }}
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: ssl-redirect
+              port:
+                name: use-annotation
+        {{- end }}
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: proxy-service
+              port:
+                number: {{ .Values.services.proxy.port }}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
new file mode 100644
index 0000000000..b101ab7854
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
@@ -0,0 +1,105 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: app-service
+  name: app-service
+spec:
+  replicas: {{ .Values.services.apps.replicaCount }}
+  selector:
+    matchLabels:
+      io.kompose.service: app-service
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert
+        kompose.version: 1.21.0 (992df58d8)
+      creationTimestamp: null
+      labels:
+        io.kompose.service: app-service
+    spec:
+      containers:
+      - env:
+        - name: BUDIBASE_ENVIRONMENT
+          value: {{ .Values.globals.budibaseEnv }}
+        - name: COUCH_DB_URL
+          {{ if .Values.services.couchdb.url }}
+          value: {{ .Values.services.couchdb.url }}
+          {{ else }}
+          value: http://{{ .Release.Name }}-svc-couchdb:{{ .Values.services.couchdb.port }}
+          {{ end }}
+        - name: COUCH_DB_USER
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "couchdb.fullname" . }}
+              key: adminUsername
+        - name: COUCH_DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "couchdb.fullname" . }}
+              key: adminPassword
+        - name: ENABLE_ANALYTICS
+          value: {{ .Values.globals.enableAnalytics | quote }}
+        - name: INTERNAL_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: internalApiKey
+        - name: JWT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: jwtSecret
+        - name: LOG_LEVEL
+          value: {{ .Values.services.apps.logLevel | default "info" | quote }}
+        {{ if .Values.services.objectStore.region }}
+        - name: AWS_REGION
+          value: {{ .Values.services.objectStore.region }}
+        {{ end }}
+        - name: MINIO_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreAccess
+        - name: MINIO_SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreSecret
+        - name: MINIO_URL
+          {{ if .Values.services.objectStore.url }}
+          value: {{ .Values.services.objectStore.url }}
+          {{ else }}
+          value: http://minio-service:{{ .Values.services.objectStore.port }}
+          {{ end }}
+        - name: PORT
+          value: {{ .Values.services.apps.port | quote }}
+        - name: REDIS_PASSWORD
+          value: {{ .Values.services.redis.password }}
+        - name: REDIS_URL
+          {{ if .Values.services.redis.url }}
+          value: {{ .Values.services.redis.url }}
+          {{ else }}
+          value: redis-service:{{ .Values.services.redis.port }}
+          {{ end }}
+        - name: SELF_HOSTED
+          value: {{ .Values.globals.selfHosted | quote }}
+        - name: SENTRY_DSN
+          value: {{ .Values.globals.sentryDSN }}
+        - name: WORKER_URL
+          value: worker-service:{{ .Values.services.worker.port }}
+        image: budibase/apps
+        imagePullPolicy: Always
+        name: bbapps
+        ports:
+        - containerPort: {{ .Values.services.apps.port }}
+        resources: {}
+      restartPolicy: Always
+      serviceAccountName: ""
+status: {}
diff --git a/hosting/kubernetes/budibase/templates/app-service-service.yaml b/hosting/kubernetes/budibase/templates/app-service-service.yaml
new file mode 100644
index 0000000000..5247b4de09
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/app-service-service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: app-service
+  name: app-service
+spec:
+  ports:
+  - name: {{ .Values.services.apps.port | quote }}
+    port: {{ .Values.services.apps.port }}
+    targetPort: {{ .Values.services.apps.port }}
+  selector:
+    io.kompose.service: app-service
+status:
+  loadBalancer: {}
diff --git a/hosting/kubernetes/budibase/templates/hpa.yaml b/hosting/kubernetes/budibase/templates/hpa.yaml
new file mode 100644
index 0000000000..2f901b4664
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/hpa.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "budibase.fullname" . }}
+  labels:
+    {{- include "budibase.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "budibase.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
diff --git a/hosting/kubernetes/budibase/templates/ingress.yaml b/hosting/kubernetes/budibase/templates/ingress.yaml
new file mode 100644
index 0000000000..4de295e18a
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/ingress.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "budibase.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "budibase.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ .backend.service.name }}
+                port:
+                  number: {{ .backend.service.port.number }}
+              {{- else }}
+              serviceName: {{ .backend.service.name }}
+              servicePort: {{ .backend.service.port.number }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/hosting/kubernetes/budibase/templates/minio-data-persistentvolumeclaim.yaml b/hosting/kubernetes/budibase/templates/minio-data-persistentvolumeclaim.yaml
new file mode 100644
index 0000000000..d122ad0a3e
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/minio-data-persistentvolumeclaim.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.services.objectStore.minio }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  creationTimestamp: null
+  labels:
+    io.kompose.service: minio-data
+  name: minio-data
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.services.objectStore.storage }}
+status: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/minio-service-deployment.yaml b/hosting/kubernetes/budibase/templates/minio-service-deployment.yaml
new file mode 100644
index 0000000000..a23d0c1d89
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/minio-service-deployment.yaml
@@ -0,0 +1,70 @@
+{{- if .Values.services.objectStore.minio }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: minio-service
+  name: minio-service
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      io.kompose.service: minio-service
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert
+        kompose.version: 1.21.0 (992df58d8)
+      creationTimestamp: null
+      labels:
+        io.kompose.service: minio-service
+    spec:
+      containers:
+      - args:
+        - server
+        - /data
+        env:
+        - name: MINIO_BROWSER
+          value: {{ .Values.services.objectStore.browser | quote }}
+        - name: MINIO_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreAccess
+        - name: MINIO_SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreSecret
+        image: minio/minio
+        imagePullPolicy: ""
+        livenessProbe:
+          exec:
+            command:
+            - curl
+            - -f
+            - http://localhost:9000/minio/health/live
+          failureThreshold: 3
+          periodSeconds: 30
+          timeoutSeconds: 20
+        name: minio-service
+        ports:
+        - containerPort: {{ .Values.services.objectStore.port }}
+        resources: {}
+        volumeMounts:
+        - mountPath: /data
+          name: minio-data
+      restartPolicy: Always
+      serviceAccountName: ""
+      volumes:
+      - name: minio-data
+        persistentVolumeClaim:
+          claimName: minio-data
+status: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/minio-service-service.yaml b/hosting/kubernetes/budibase/templates/minio-service-service.yaml
new file mode 100644
index 0000000000..cfdb22002b
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/minio-service-service.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.services.objectStore.minio }}
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: minio-service
+  name: minio-service
+spec:
+  ports:
+  - name: {{ .Values.services.objectStore.port | quote }}
+    port: {{ .Values.services.objectStore.port }}
+    targetPort: {{ .Values.services.objectStore.port }}
+  selector:
+    io.kompose.service: minio-service
+status:
+  loadBalancer: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/proxy-service-deployment.yaml b/hosting/kubernetes/budibase/templates/proxy-service-deployment.yaml
new file mode 100644
index 0000000000..0f802da843
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/proxy-service-deployment.yaml
@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: budibase-proxy
+  name: proxy-service
+spec:
+  replicas: {{ .Values.services.proxy.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: budibase-proxy
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert
+        kompose.version: 1.21.0 (992df58d8)
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/name: budibase-proxy
+    spec:
+      containers:
+      - image: budibase/proxy
+        imagePullPolicy: ""
+        name: proxy-service
+        ports:
+        - containerPort: {{ .Values.services.proxy.port }}
+        resources: {}
+        volumeMounts:
+      restartPolicy: Always
+      serviceAccountName: ""
+      volumes:
+status: {}
diff --git a/hosting/kubernetes/budibase/templates/proxy-service-service.yaml b/hosting/kubernetes/budibase/templates/proxy-service-service.yaml
new file mode 100644
index 0000000000..8f14d97862
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/proxy-service-service.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: budibase-proxy
+  name: proxy-service
+spec:
+  type: NodePort
+  ports:
+  - port: {{ .Values.services.proxy.port }}
+    targetPort: {{ .Values.services.proxy.port }}
+    protocol: TCP
+  selector:
+    app.kubernetes.io/name: budibase-proxy
+status:
+  loadBalancer: {}
diff --git a/hosting/kubernetes/budibase/templates/redis-data-persistentvolumeclaim.yaml b/hosting/kubernetes/budibase/templates/redis-data-persistentvolumeclaim.yaml
new file mode 100644
index 0000000000..2cb5ee8eab
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/redis-data-persistentvolumeclaim.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.services.redis.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  creationTimestamp: null
+  labels:
+    io.kompose.service: redis-data
+  name: redis-data
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.services.redis.storage }}
+status: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/redis-service-deployment.yaml b/hosting/kubernetes/budibase/templates/redis-service-deployment.yaml
new file mode 100644
index 0000000000..9235b0b11d
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/redis-service-deployment.yaml
@@ -0,0 +1,49 @@
+{{- if .Values.services.redis.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: redis-service
+  name: redis-service
+spec:
+  replicas: {{ .Values.services.redis.replicaCount }}
+  selector:
+    matchLabels:
+      io.kompose.service: redis-service
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert
+        kompose.version: 1.21.0 (992df58d8)
+      creationTimestamp: null
+      labels:
+        io.kompose.service: redis-service
+    spec:
+      containers:
+      - args:
+        - redis-server 
+        - --requirepass 
+        - {{ .Values.services.redis.password }}
+        image: redis
+        imagePullPolicy: ""
+        name: redis-service
+        ports:
+        - containerPort: {{ .Values.services.redis.port }}
+        resources: {}
+        volumeMounts:
+        - mountPath: /data
+          name: redis-data
+      restartPolicy: Always
+      serviceAccountName: ""
+      volumes:
+      - name: redis-data
+        persistentVolumeClaim:
+          claimName: redis-data
+status: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/redis-service-service.yaml b/hosting/kubernetes/budibase/templates/redis-service-service.yaml
new file mode 100644
index 0000000000..55ca40ed88
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/redis-service-service.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.services.redis.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: redis-service
+  name: redis-service
+spec:
+  ports:
+  - name: {{ .Values.services.redis.port | quote }}
+    port: {{ .Values.services.redis.port }}
+    targetPort: {{ .Values.services.redis.port }}
+  selector:
+    io.kompose.service: redis-service
+status:
+  loadBalancer: {}
+{{- end }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/secrets.yaml b/hosting/kubernetes/budibase/templates/secrets.yaml
new file mode 100644
index 0000000000..1c0a914ed3
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/secrets.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.globals.createSecrets -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "budibase.fullname" . }}
+  labels:
+    app: {{ template "budibase.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+  internalApiKey: {{ template "budibase.defaultsecret" .Values.globals.internalApiKey }}
+  jwtSecret: {{ template "budibase.defaultsecret" .Values.globals.jwtSecret }}
+  objectStoreAccess: {{ template "budibase.defaultsecret" .Values.services.objectStore.accessKey }}
+  objectStoreSecret: {{ template "budibase.defaultsecret" .Values.services.objectStore.secretKey }}
+{{- end -}}
diff --git a/hosting/kubernetes/budibase/templates/service.yaml b/hosting/kubernetes/budibase/templates/service.yaml
new file mode 100644
index 0000000000..be4d932b59
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "budibase.fullname" . }}
+  labels:
+    {{- include "budibase.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "budibase.selectorLabels" . | nindent 4 }}
\ No newline at end of file
diff --git a/hosting/kubernetes/budibase/templates/serviceaccount.yaml b/hosting/kubernetes/budibase/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..1aa1020088
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "budibase.serviceAccountName" . }}
+  labels:
+    {{- include "budibase.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/hosting/kubernetes/budibase/templates/tests/test-connection.yaml b/hosting/kubernetes/budibase/templates/tests/test-connection.yaml
new file mode 100644
index 0000000000..ecd1f361de
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "budibase.fullname" . }}-test-connection"
+  labels:
+    {{- include "budibase.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "budibase.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
diff --git a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
new file mode 100644
index 0000000000..703d59c075
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
@@ -0,0 +1,98 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: worker-service
+  name: worker-service
+spec:
+  replicas: {{ .Values.services.worker.replicaCount }}
+
+  selector:
+    matchLabels:
+      io.kompose.service: worker-service
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert
+        kompose.version: 1.21.0 (992df58d8)
+      creationTimestamp: null
+      labels:
+        io.kompose.service: worker-service
+    spec:
+      containers:
+      - env:
+        - name: CLUSTER_PORT
+          value: {{ .Values.services.worker.port | quote }}
+        - name: COUCH_DB_USER
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "couchdb.fullname" . }}
+              key: adminUsername
+        - name: COUCH_DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "couchdb.fullname" . }}
+              key: adminPassword
+        - name: COUCH_DB_URL
+          {{ if .Values.services.couchdb.url }}
+          value: {{ .Values.services.couchdb.url }}
+          {{ else }}
+          value: http://{{ .Release.Name }}-svc-couchdb:{{ .Values.services.couchdb.port }}
+          {{ end }}
+        - name: INTERNAL_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: internalApiKey
+        - name: JWT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: jwtSecret
+        {{ if .Values.services.objectStore.region }}
+        - name: AWS_REGION
+          value: {{ .Values.services.objectStore.region }}
+        {{ end }}
+        - name: MINIO_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreAccess
+        - name: MINIO_SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "budibase.fullname" . }}
+              key: objectStoreSecret
+        - name: MINIO_URL
+          {{ if .Values.services.objectStore.url }}
+          value: {{ .Values.services.objectStore.url }}
+          {{ else }}
+          value: http://minio-service:{{ .Values.services.objectStore.port }}
+          {{ end }}
+        - name: PORT
+          value: {{ .Values.services.worker.port | quote }}
+        - name: REDIS_PASSWORD
+          value: {{ .Values.services.redis.password | quote }}
+        - name: REDIS_URL
+          {{ if .Values.services.redis.url }}
+          value: {{ .Values.services.redis.url }}
+          {{ else }}
+          value: redis-service:{{ .Values.services.redis.port }}
+          {{ end }}
+        - name: SELF_HOSTED
+          value: {{ .Values.globals.selfHosted | quote }}
+        image: budibase/worker
+        imagePullPolicy: Always
+        name: bbworker
+        ports:
+        - containerPort: {{ .Values.services.worker.port }}
+        resources: {}
+      restartPolicy: Always
+      serviceAccountName: ""
+status: {}
diff --git a/hosting/kubernetes/budibase/templates/worker-service-service.yaml b/hosting/kubernetes/budibase/templates/worker-service-service.yaml
new file mode 100644
index 0000000000..a79ba1e04b
--- /dev/null
+++ b/hosting/kubernetes/budibase/templates/worker-service-service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert
+    kompose.version: 1.21.0 (992df58d8)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: worker-service
+  name: worker-service
+spec:
+  ports:
+  - name: {{ .Values.services.worker.port | quote }}
+    port: {{ .Values.services.worker.port }}
+    targetPort: {{ .Values.services.worker.port }}
+  selector:
+    io.kompose.service: worker-service
+status:
+  loadBalancer: {}
diff --git a/hosting/kubernetes/budibase/values.yaml b/hosting/kubernetes/budibase/values.yaml
new file mode 100644
index 0000000000..30594f95e3
--- /dev/null
+++ b/hosting/kubernetes/budibase/values.yaml
@@ -0,0 +1,142 @@
+# Default values for budibase.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+# fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 10000
+
+ingress:
+  enabled: true
+  nginx: true
+  certificateArn: ""
+  className: ""
+  annotations: 
+    kubernetes.io/ingress.class: nginx
+  hosts:
+    - host: # change if using custom domain
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: proxy-service
+            port:
+              number: 10000 
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+globals:
+  budibaseEnv: PRODUCTION
+  enableAnalytics: false
+  posthogToken: ""
+  sentryDSN: "" 
+  logLevel: info
+  selfHosted: 1
+  createSecrets: true # creates an internal API key, JWT secrets and redis password for you
+
+  # if createSecrets is set to false, you can hard-code your secrets here
+  internalApiKey: ""
+  jwtSecret: ""
+
+
+services:
+  dns: cluster.local
+
+  proxy:
+    port: 10000
+    replicaCount: 1
+
+  apps:
+    port: 4002
+    replicaCount: 1
+    logLevel: info
+
+  worker:
+    port: 4001
+    replicaCount: 1
+
+  couchdb:
+    enabled: true
+    replicaCount: 3
+    url: "" # only change if pointing to existing couch server
+    user: "" # only change if pointing to existing couch server
+    password: "" # only change if pointing to existing couch server
+    port: 5984
+    storage: 100Mi
+  
+  redis:
+    enabled: true # disable if using external redis
+    port: 6379
+    replicaCount: 1
+    url: "" # only change if pointing to existing redis cluster and enabled: false
+    password: "budibase" # recommended to override if using built-in redis
+    storage: 100Mi
+  
+  objectStore:
+    minio: true
+    browser: true
+    port: 9000
+    replicaCount: 1
+    accessKey: "" # AWS_ACCESS_KEY if using S3 or existing minio access key
+    secretKey: "" # AWS_SECRET_ACCESS_KEY if using S3 or existing minio secret 
+    region: "" # AWS_REGION if using S3 or existing minio secret 
+    url: "" # only change if pointing to existing minio cluster and minio: false 
+    storage: 100Mi
+
diff --git a/hosting/kubernetes/envoy/Dockerfile b/hosting/kubernetes/envoy/Dockerfile
new file mode 100644
index 0000000000..96334fa723
--- /dev/null
+++ b/hosting/kubernetes/envoy/Dockerfile
@@ -0,0 +1,4 @@
+FROM envoyproxy/envoy:v1.16-latest
+COPY envoy.yaml /etc/envoy/envoy.yaml
+RUN chmod go+r /etc/envoy/envoy.yaml
+
diff --git a/hosting/kubernetes/envoy/envoy.yaml b/hosting/kubernetes/envoy/envoy.yaml
new file mode 100644
index 0000000000..0e7859d887
--- /dev/null
+++ b/hosting/kubernetes/envoy/envoy.yaml
@@ -0,0 +1,125 @@
+static_resources:
+  listeners:
+  - name: main_listener
+    address:
+      socket_address: { address: 0.0.0.0, port_value: 10000 }
+    filter_chains:
+    - filters:
+      - name: envoy.filters.network.http_connection_manager
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+          stat_prefix: ingress
+          codec_type: auto
+          route_config:
+            name: local_route
+            virtual_hosts:
+            - name: local_services
+              domains: ["*"]
+              routes:
+              - match: { prefix: "/app/" }
+                route:
+                  cluster: app-service
+                  prefix_rewrite: "/"
+
+              - match: { prefix: "/builder/" }
+                route:
+                  cluster: app-service
+
+              - match: { prefix: "/builder" }
+                route:
+                  cluster: app-service
+              
+              - match: { prefix: "/app_" }
+                route:
+                  cluster: app-service
+
+              # special case for worker admin API
+              - match: { prefix: "/api/admin/" }
+                route:
+                  cluster: worker-service
+
+              - match: { path: "/" }
+                route:
+                  cluster: app-service
+
+              # special case for when API requests are made, can just forward, not to minio    
+              - match: { prefix: "/api/" }
+                route:
+                  cluster: app-service
+
+              - match: { prefix: "/worker/" }
+                route: 
+                  cluster: worker-service
+                  prefix_rewrite: "/"
+
+              - match: { prefix: "/db/" }
+                route:
+                  cluster: couchdb-service
+                  prefix_rewrite: "/"
+
+              # minio is on the default route because this works
+              # best, minio + AWS SDK doesn't handle path proxy
+              - match: { prefix: "/" }
+                route:
+                  cluster: minio-service
+
+          http_filters:
+          - name: envoy.filters.http.router
+
+  clusters:
+  - name: app-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: app-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address: 
+                address: app-service.budibase.svc.cluster.local
+                port_value: 4002
+
+  - name: minio-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: minio-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: minio-service.budibase.svc.cluster.local
+                port_value: 9000
+
+  - name: worker-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: worker-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address: 
+                address: worker-service.budibase.svc.cluster.local
+                port_value: 4001
+
+  - name: couchdb-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: couchdb-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: couchdb-service.budibase.svc.cluster.local
+                port_value: 5984
+
diff --git a/hosting/scripts/linux/release-to-docker-hub.sh b/hosting/scripts/linux/release-to-docker-hub.sh
index b3c380f729..ccb5fa09a0 100755
--- a/hosting/scripts/linux/release-to-docker-hub.sh
+++ b/hosting/scripts/linux/release-to-docker-hub.sh
@@ -1,12 +1,23 @@
 #!/bin/bash
 
 tag=$1
-tag=${tag:-latest}
+production=$2
 
-echo "Tagging images with SHA: $GITHUB_SHA and tag: $tag"
+if [[ ! "$tag" ]]; then
+	echo "No tag present. You must pass a tag to this script"
+	exit 1
+fi
+
+echo "Tagging images with tag: $tag"
 
 docker tag app-service budibase/apps:$tag
 docker tag worker-service budibase/worker:$tag
 
-docker push budibase/apps:$tag 
-docker push budibase/worker:$tag
+if [[ "$production" ]]; then
+	echo "Production Deployment. Tagging latest.."
+	docker tag app-service budibase/apps:latest
+	docker tag worker-service budibase/worker:latest
+fi
+
+docker push --all-tags budibase/apps 
+docker push --all-tags budibase/worker
diff --git a/i18n/README.de.md b/i18n/README.de.md
new file mode 100644
index 0000000000..34a9164c3f
--- /dev/null
+++ b/i18n/README.de.md
@@ -0,0 +1,235 @@
+<p align="center">
+  <a href="https://www.budibase.com">
+    <img alt="Budibase" src="https://d33wubrfki0l68.cloudfront.net/aac32159d7207b5085e74a7ef67afbb7027786c5/2b1fd/img/logo/bb-emblem.svg" width="60" />
+  </a>
+</p>
+<h1 align="center">
+  Budibase
+</h1>
+
+<h3 align="center">
+  Entwickle, automatisiere und stelle interne Tools in Minuten bereit.
+</h3>
+<p align="center">
+  Budibase ist eine quelloffene Low-Code Plattform, die es Entwicklern und IT-Profis ermöglicht interne Tools auf eigener Infrastruktur zu entwickeln, zu automatisieren und bereitzustellen.
+</p>
+
+<h3 align="center">
+ 🤖 🎨 🚀
+</h3>
+
+<p align="center">
+  <img alt="Budibase design ui" src="https://i.imgur.com/5BnXPsN.png">
+</p>
+
+<p align="center">
+  <a href="https://github.com/Budibase/budibase/releases">
+    <img alt="GitHub all releases" src="https://img.shields.io/github/downloads/Budibase/budibase/total">
+  </a>
+  <a href="https://github.com/Budibase/budibase/releases">
+    <img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/Budibase/budibase">
+  </a>
+  <a href="https://twitter.com/intent/follow?screen_name=budibase">
+    <img src="https://img.shields.io/twitter/follow/budibase?style=social" alt="Follow @budibase" />
+  </a>
+  <img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Code of conduct" />
+  <a href="https://codecov.io/gh/Budibase/budibase">
+    <img src="https://codecov.io/gh/Budibase/budibase/graph/badge.svg?token=E8W2ZFXQOH"/>
+  </a>
+</p>
+
+<h3 align="center">
+  <a href="https://docs.budibase.com/getting-started">Los Geht's</a>
+  <span> · </span>
+  <a href="https://docs.budibase.com">Dokumentation</a>
+  <span> · </span>
+  <a href="https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas">Featureanfrage</a>
+  <span> · </span>
+  <a href="https://github.com/Budibase/budibase/issues">Einen Bug melden</a>
+  <span> · </span>
+  Support: <a href="https://github.com/Budibase/budibase/discussions">Github Discussions</a>
+</h3>
+
+<br /><br />
+## ✨ Features
+
+- **Entwickle echte Webanwendungen.** Anders als ähnliche Plattformen entwickelst du mit Budibase echte Single-Page Webapplikationen (SPAs). Deine Budibase-Apps sind standardmäßig hochperformant und haben ein Responsive-Design für eine großartige Benutzererfahrung.
+
+- **Quelloffen und erweiterbar.** Budibase ist quelloffen - lizenziert unter der GPL v3. Du kannst darauf vertrauen, dass Budibase auch in der Zukunft immer zur Verfügung steht. Budibase bietet eine Entwicklerfreundliche Plattform: du kannst Budibase erweitern, oder die Codebase forken und eigene Änderungen vornehmen.
+
+- **Datenquellen einbinden oder von Null starten.** Budibase kann Daten aus vielen Quellen einbinden, unter anderem aus MongoDB, CouchDB, PostgreSQL, MySQL, Airtable, S3, DynamoDB, oder einer REST API. Und anders als ähnliche Plattformen erlaubt Budibase auch die App-Entwicklung komplett ohne Datenquellen mit einer internen Datenbank. Deine Datenquelle noch nicht dabei? [Frag einfach nach](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+
+- **Designe und entwickle Apps mit leistungsfähigen Komponenten.** Budibase kommt fertig mit optisch ansprechenden und leistungsfähigen Komponenten, die als Bausteine für deine UI dienen. Außerdem kannst du die UI mit vielen CSS-Styles nach deinem Geschmack anpassen. Fehlt dir eine Komponente? [Frag uns hier](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+
+- **Automatisiere Prozesse, integriere andere Tools und binde Web-APIs ein.** Spar dir Zeit, indem du manuelle Prozesse einfach automatisierst: Vom Verbinden mit Web-Hooks bis zum automatischen Senden von E-Mails, Budibase kann alles für dich erledigen. Eine Automatisierung ist noch nicht dabei? Du kannst einfach [deine eigene erstellen](https://github.com/Budibase/automations) oder [uns deine Idee mitteilen](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+
+- **Ein Paradies für Systemadministratoren** Budibase ist von Grund auf für das Skalieren ausgelegt. Du kannst Budibase einfach auf deiner eigenen Infrastruktur hosten und global Benutzer, Onboarding, SMTP, Applikationen, Gruppen, UI-Themes und mehr verwalten. Du kannst außerdem ein übersichtliches App-Portal für deine Benutzer bereitstellen und das Benutzermanagement an Gruppen-Manager delegieren.
+
+<br />
+
+---
+
+<br />
+
+## 🏁 Los geht's
+Momentan existieren zwei Optionen mit Budibase loszulegen: Digital Ocean und Docker.
+<br /><br />
+
+### Los geht's mit Digital Ocean
+Der einfachste und schnellste Weg loszulegen ist Digital Ocean:
+<a href="https://marketplace.digitalocean.com/apps/budibase">1-Click Deploy auf Digital Ocean</a>
+
+<a href="https://marketplace.digitalocean.com/apps/budibase">
+  <img src="https://user-images.githubusercontent.com/552074/87779219-5c3b7600-c824-11ea-9898-981a8ba94f6c.png" alt="digital ocean badge">
+</a>  
+<br /><br />
+
+### Los geht's mit Docker
+Um loszulegen musst du bereits `docker` und `docker compose` auf deinem Computer installiert haben.
+Sobald du Docker installiert hast brauchst du ca. 5 Minuten für diese 4 Schritte:
+
+1. Installiere das Budibase CLI Tool.
+```
+$ npm i -g @budibase/cli 
+```
+
+
+2. Installiere Budibase (wähle den Speicherort und den Port auf dem Budibase laufen soll.)
+```
+$ budi hosting --init 
+```
+
+
+3. Führe Budibase aus.
+```
+$ budi hosting --start 
+```
+
+
+4. Lege einen Admin-Benutzer an.
+Gib die E-Mail und das Passwort für den neuen Admin-Benutzer ein.
+
+Schon geschafft! Jetzt kann es losgehen mit der minutenschnellen Entwicklung deiner Tools. Für weitere Informationen und Tipps schau doch mal in unsere [Dokumentation](https://docs.budibase.com/getting-started).
+
+<br />
+
+---
+
+<br />
+
+## 🎓 Budibase lernen
+
+Die Budibase Dokumentation [findest du hier](https://docs.budibase.com).
+<br />
+
+---
+
+<br /><br />
+
+## 💬 Community
+
+Wenn du eine Frage hast, oder dich mit anderen Budibase-Nutzern unterhalten willst, schau doch mal in unsere
+[Github Discussions](https://github.com/Budibase/budibase/discussions).
+
+<img src="https://d33wubrfki0l68.cloudfront.net/e9241201fd89f9abbbdaac4fe44bb16312752abe/84013/img/hero-images/community.webp" />
+
+<br /><br />
+
+---
+
+<br />
+
+## ❗ Verhaltenskodex
+
+Budibase steht für eine einladende und vielfältige Community frei von Belästigung. Wir erwarten dass sich jeder in der Budibase-Community an unseren [**Verhaltenskodex**](https://github.com/Budibase/budibase/blob/HEAD/.github/CODE_OF_CONDUCT.md) hält. Bitte les ihn dir durch.
+<br />
+
+---
+
+<br />
+
+## 🙌 Zu Budibase beitragen
+
+Von einem gemeldeten Bug bis zum Erstellen einer Pull-Request: wir schätzen jeden Beitrag. Wenn du ein neues Feature implementieren willst oder eine Änderung an der API vornehmen willst, erstelle bitte zuerst ein Issue. So können wir sicherstellen, dass deine Arbeit nicht umsonst ist.
+
+### Unsicher wo du anfangen sollst?
+Gute Ideen für erste Beiträge zum Projekt [findest du hier](https://github.com/Budibase/budibase/projects/22).
+
+### Wie die Repository strukturiert ist.
+Budibase ist eine Monorepo, die von Lerna verwaltet wird. Lerna verwaltet das Erstellen und Veröffentlichen von Budibase-Paketen.
+Grob besteht Budibase aus folgenden Modulen:
+
+- [packages/builder](https://github.com/Budibase/budibase/tree/HEAD/packages/builder) - enthält Code für den clientseitigen Budibase Builder, mit dem Anwendungen erstellt werden.
+
+- [packages/client](https://github.com/Budibase/budibase/tree/HEAD/packages/client) - Ein Modul, das im Browser läuft und aus JSON-Definitionen funktionsfähige Web-Apps erstellt.
+
+- [packages/server](https://github.com/Budibase/budibase/tree/HEAD/packages/server) - Der Budibase Server. Diese Koa-Anwendung stellt den Javascript-Code für den Builder und den Client bereit, und bietet eine API für die Interaktion mit dem Budibase Backend, Datenbanken und dem Dateisystem.
+
+Für mehr Informationen schau in die [CONTRIBUTING.md](https://github.com/Budibase/budibase/blob/HEAD/.github/CONTRIBUTING.md)
+<br /><br />
+
+---
+
+<br /><br />
+
+## 📝 Lizenz
+
+Budibase ist quelloffen, lizenziert unter der [GPL v3](https://www.gnu.org/licenses/gpl-3.0.en.html). Die Client- und Komponentenbibliotheken sind unter der [MPL](https://directory.fsf.org/wiki/License:MPL-2.0) lizenziert, damit du deine erstellten Apps unter deine präferierte Lizenz stellen kannst.
+<br /><br />
+
+---
+
+
+<br />
+
+## ⭐ Github-Sterne im Verlauf der Zeit
+
+[![Stargazers over time](https://starchart.cc/Budibase/budibase.svg)](https://starchart.cc/Budibase/budibase)
+
+Wenn du zwischen Updates des Builders Probleme auftreten, lies bitte den Guide [hier](https://github.com/Budibase/budibase/blob/HEAD/.github/CONTRIBUTING.md#troubleshooting), um deine Umgebung zurückzusetzen.
+
+<br />
+
+---
+
+<br /><br />
+
+## Mitwirkende ✨
+
+Vielen Dank an alle wundervollen Menschen, die zu Budibase beigetragen haben ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-disable -->
+<table>
+  <tr>
+    <td align="center"><a href="http://martinmck.com"><img src="https://avatars1.githubusercontent.com/u/11256663?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Martin McKeaveney</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=shogunpurple" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=shogunpurple" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=shogunpurple" title="Tests">⚠️</a> <a href="#infra-shogunpurple" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+    <td align="center"><a href="http://www.michaeldrury.co.uk/"><img src="https://avatars2.githubusercontent.com/u/4407001?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Michael Drury</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=mike12345567" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=mike12345567" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=mike12345567" title="Tests">⚠️</a> <a href="#infra-mike12345567" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+    <td align="center"><a href="https://github.com/aptkingston"><img src="https://avatars3.githubusercontent.com/u/9075550?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Andrew Kingston</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=aptkingston" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=aptkingston" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=aptkingston" title="Tests">⚠️</a> <a href="#design-aptkingston" title="Design">🎨</a></td>
+    <td align="center"><a href="https://budibase.com/"><img src="https://avatars3.githubusercontent.com/u/3524181?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Michael Shanks</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=mjashanks" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=mjashanks" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=mjashanks" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://github.com/kevmodrome"><img src="https://avatars3.githubusercontent.com/u/534488?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Kevin Åberg Kultalahti</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=kevmodrome" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=kevmodrome" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=kevmodrome" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://www.budibase.com/"><img src="https://avatars2.githubusercontent.com/u/49767913?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Joe</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=joebudi" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=joebudi" title="Code">💻</a> <a href="#content-joebudi" title="Content">🖋</a> <a href="#design-joebudi" title="Design">🎨</a></td>
+    <td align="center"><a href="https://github.com/Rory-Powell"><img src="https://avatars.githubusercontent.com/u/8755148?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Rory Powell</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=Rory-Powell" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=Rory-Powell" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=Rory-Powell" title="Tests">⚠️</a></td>
+  </tr>
+  <tr>
+    <td align="center"><a href="https://github.com/PClmnt"><img src="https://avatars.githubusercontent.com/u/5665926?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Peter Clement</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=PClmnt" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=PClmnt" title="Documentation">📖</a> <a href="https://github.com/Budibase/budibase/commits?author=PClmnt" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://github.com/Conor-Mack"><img src="https://avatars1.githubusercontent.com/u/36074859?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Conor_Mack</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=Conor-Mack" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=Conor-Mack" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://github.com/pngwn"><img src="https://avatars1.githubusercontent.com/u/12937446?v=4?s=100" width="100px;" alt=""/><br /><sub><b>pngwn</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=pngwn" title="Code">💻</a> <a href="https://github.com/Budibase/budibase/commits?author=pngwn" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://github.com/HugoLd"><img src="https://avatars0.githubusercontent.com/u/26521848?v=4?s=100" width="100px;" alt=""/><br /><sub><b>HugoLd</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=HugoLd" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/victoriasloan"><img src="https://avatars.githubusercontent.com/u/9913651?v=4?s=100" width="100px;" alt=""/><br /><sub><b>victoriasloan</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=victoriasloan" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/yashank09"><img src="https://avatars.githubusercontent.com/u/37672190?v=4?s=100" width="100px;" alt=""/><br /><sub><b>yashank09</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=yashank09" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/SOVLOOKUP"><img src="https://avatars.githubusercontent.com/u/53158137?v=4?s=100" width="100px;" alt=""/><br /><sub><b>SOVLOOKUP</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=SOVLOOKUP" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/seoulaja"><img src="https://avatars.githubusercontent.com/u/15101654?v=4?s=100" width="100px;" alt=""/><br /><sub><b>seoulaja</b></sub></a><br /><a href="#translation-seoulaja" title="Translation">🌍</a></td>
+    <td align="center"><a href="https://github.com/mslourens"><img src="https://avatars.githubusercontent.com/u/1907152?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Maurits Lourens</b></sub></a><br /><a href="https://github.com/Budibase/budibase/commits?author=mslourens" title="Tests">⚠️</a> <a href="https://github.com/Budibase/budibase/commits?author=mslourens" title="Code">💻</a></td>
+  </tr>
+  <tr>
+    <td align="center"><a href="https://github.com/Rory-Powell"><img src="https://avatars.githubusercontent.com/u/8755148?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Rory Powell</b></sub></a><br /><a href="#infra-Rory-Powell" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/Budibase/budibase/commits?author=Rory-Powell" title="Tests">⚠️</a> <a href="https://github.com/Budibase/budibase/commits?author=Rory-Powell" title="Code">💻</a></td>
+  </tr>
+</table>
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+Dieses Projekt folgt der [All-Contributors](https://github.com/all-contributors/all-contributors) Spezifikation. Wir heißen Beiträge aller Art willkommen!
diff --git a/lerna.json b/lerna.json
index b00fa15ba4..eff6f67e6f 100644
--- a/lerna.json
+++ b/lerna.json
@@ -1,5 +1,5 @@
 {
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "npmClient": "yarn",
   "packages": [
     "packages/*"
diff --git a/package.json b/package.json
index 4f545d935f..05c69e54dc 100644
--- a/package.json
+++ b/package.json
@@ -7,6 +7,7 @@
     "eslint": "^7.28.0",
     "eslint-plugin-cypress": "^2.11.3",
     "eslint-plugin-svelte3": "^3.2.0",
+    "husky": "^7.0.1",
     "kill-port": "^1.6.1",
     "lerna": "3.14.1",
     "prettier": "^2.3.1",
@@ -16,7 +17,7 @@
     "svelte": "^3.38.2"
   },
   "scripts": {
-    "setup": "./hosting/scripts/setup.js && yarn && yarn bootstrap && yarn build && yarn dev",
+    "setup": "node ./hosting/scripts/setup.js && yarn && yarn bootstrap && yarn build && yarn dev",
     "bootstrap": "lerna link && lerna bootstrap",
     "build": "lerna run build",
     "initialise": "lerna run initialise",
@@ -42,7 +43,11 @@
     "lint:fix": "yarn run lint:fix:ts && yarn run lint:fix:prettier && yarn run lint:fix:eslint",
     "test:e2e": "lerna run cy:test",
     "test:e2e:ci": "lerna run cy:ci",
-    "build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh && cd -",
-    "build:docker:develop": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -"
+    "build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh $BUDIBASE_RELEASE_VERSION release && cd -",
+    "build:docker:develop": "node scripts/pinVersions && lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -",
+    "release:helm": "./scripts/release_helm_chart.sh",
+    "multi:enable": "lerna run multi:enable",
+    "multi:disable": "lerna run multi:disable",
+    "postinstall": "husky install"
   }
 }
diff --git a/packages/auth/db.js b/packages/auth/db.js
index 4b03ec36cc..a7b38821a7 100644
--- a/packages/auth/db.js
+++ b/packages/auth/db.js
@@ -1 +1,4 @@
-module.exports = require("./src/db/utils")
+module.exports = {
+  ...require("./src/db/utils"),
+  ...require("./src/db/constants"),
+}
diff --git a/packages/auth/package.json b/packages/auth/package.json
index fa56e927f1..beb1cf751c 100644
--- a/packages/auth/package.json
+++ b/packages/auth/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/auth",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "description": "Authentication middlewares for budibase builder and apps",
   "main": "src/index.js",
   "author": "Budibase",
@@ -13,6 +13,7 @@
     "@techpass/passport-openidconnect": "^0.3.0",
     "aws-sdk": "^2.901.0",
     "bcryptjs": "^2.4.3",
+    "cls-hooked": "^4.2.2",
     "ioredis": "^4.27.1",
     "jsonwebtoken": "^8.5.1",
     "koa-passport": "^4.1.4",
diff --git a/packages/auth/src/cache/user.js b/packages/auth/src/cache/user.js
index 46202cbfe9..4a19da489f 100644
--- a/packages/auth/src/cache/user.js
+++ b/packages/auth/src/cache/user.js
@@ -1,15 +1,21 @@
-const { getDB } = require("../db")
-const { StaticDatabases } = require("../db/utils")
 const redis = require("../redis/authRedis")
+const { getTenantId, lookupTenantId, getGlobalDB } = require("../tenancy")
 
 const EXPIRY_SECONDS = 3600
 
-exports.getUser = async userId => {
+exports.getUser = async (userId, tenantId = null) => {
+  if (!tenantId) {
+    try {
+      tenantId = getTenantId()
+    } catch (err) {
+      tenantId = await lookupTenantId(userId)
+    }
+  }
   const client = await redis.getUserClient()
   // try cache
   let user = await client.get(userId)
   if (!user) {
-    user = await getDB(StaticDatabases.GLOBAL.name).get(userId)
+    user = await getGlobalDB(tenantId).get(userId)
     client.store(userId, user, EXPIRY_SECONDS)
   }
   return user
diff --git a/packages/auth/src/constants.js b/packages/auth/src/constants.js
index c8cc34e937..4b4aef5a42 100644
--- a/packages/auth/src/constants.js
+++ b/packages/auth/src/constants.js
@@ -14,13 +14,14 @@ exports.Headers = {
   API_VER: "x-budibase-api-version",
   APP_ID: "x-budibase-app-id",
   TYPE: "x-budibase-type",
+  TENANT_ID: "x-budibase-tenant-id",
 }
 
 exports.GlobalRoles = {
   OWNER: "owner",
   ADMIN: "admin",
   BUILDER: "builder",
-  GROUP_MANAGER: "group_manager",
+  WORKSPACE_MANAGER: "workspace_manager",
 }
 
 exports.Configs = {
@@ -31,3 +32,5 @@ exports.Configs = {
   OIDC: "oidc",
   OIDC_LOGOS: "logos_oidc",
 }
+
+exports.DEFAULT_TENANT_ID = "default"
diff --git a/packages/auth/src/db/constants.js b/packages/auth/src/db/constants.js
new file mode 100644
index 0000000000..77643ce4c5
--- /dev/null
+++ b/packages/auth/src/db/constants.js
@@ -0,0 +1,17 @@
+exports.SEPARATOR = "_"
+
+exports.StaticDatabases = {
+  GLOBAL: {
+    name: "global-db",
+    docs: {
+      apiKeys: "apikeys",
+    },
+  },
+  // contains information about tenancy and so on
+  PLATFORM_INFO: {
+    name: "global-info",
+    docs: {
+      tenants: "tenants",
+    },
+  },
+}
diff --git a/packages/auth/src/db/utils.js b/packages/auth/src/db/utils.js
index 1fc78f4182..4cd29c9bc8 100644
--- a/packages/auth/src/db/utils.js
+++ b/packages/auth/src/db/utils.js
@@ -1,39 +1,38 @@
 const { newid } = require("../hashing")
 const Replication = require("./Replication")
+const { DEFAULT_TENANT_ID } = require("../constants")
 const env = require("../environment")
+const { StaticDatabases, SEPARATOR } = require("./constants")
+const { getTenantId } = require("../tenancy")
 const fetch = require("node-fetch")
 const { getCouch } = require("./index")
 
 const UNICODE_MAX = "\ufff0"
-const SEPARATOR = "_"
 
 exports.ViewNames = {
   USER_BY_EMAIL: "by_email",
 }
 
-exports.StaticDatabases = {
-  GLOBAL: {
-    name: "global-db",
-  },
-  DEPLOYMENTS: {
-    name: "deployments",
-  },
-}
+exports.StaticDatabases = StaticDatabases
+
+const PRE_APP = "app"
+const PRE_DEV = "dev"
 
 const DocumentTypes = {
   USER: "us",
-  GROUP: "group",
+  WORKSPACE: "workspace",
   CONFIG: "config",
   TEMPLATE: "template",
-  APP: "app",
-  APP_DEV: "app_dev",
-  APP_METADATA: "app_metadata",
+  APP: PRE_APP,
+  DEV: PRE_DEV,
+  APP_DEV: `${PRE_APP}${SEPARATOR}${PRE_DEV}`,
+  APP_METADATA: `${PRE_APP}${SEPARATOR}metadata`,
   ROLE: "role",
 }
 
 exports.DocumentTypes = DocumentTypes
 exports.APP_PREFIX = DocumentTypes.APP + SEPARATOR
-exports.APP_DEV_PREFIX = DocumentTypes.APP_DEV + SEPARATOR
+exports.APP_DEV = exports.APP_DEV_PREFIX = DocumentTypes.APP_DEV + SEPARATOR
 exports.SEPARATOR = SEPARATOR
 
 function isDevApp(app) {
@@ -64,21 +63,21 @@ function getDocParams(docType, docId = null, otherProps = {}) {
 }
 
 /**
- * Generates a new group ID.
- * @returns {string} The new group ID which the group doc can be stored under.
+ * Generates a new workspace ID.
+ * @returns {string} The new workspace ID which the workspace doc can be stored under.
  */
-exports.generateGroupID = () => {
-  return `${DocumentTypes.GROUP}${SEPARATOR}${newid()}`
+exports.generateWorkspaceID = () => {
+  return `${DocumentTypes.WORKSPACE}${SEPARATOR}${newid()}`
 }
 
 /**
- * Gets parameters for retrieving groups.
+ * Gets parameters for retrieving workspaces.
  */
-exports.getGroupParams = (id = "", otherProps = {}) => {
+exports.getWorkspaceParams = (id = "", otherProps = {}) => {
   return {
     ...otherProps,
-    startkey: `${DocumentTypes.GROUP}${SEPARATOR}${id}`,
-    endkey: `${DocumentTypes.GROUP}${SEPARATOR}${id}${UNICODE_MAX}`,
+    startkey: `${DocumentTypes.WORKSPACE}${SEPARATOR}${id}`,
+    endkey: `${DocumentTypes.WORKSPACE}${SEPARATOR}${id}${UNICODE_MAX}`,
   }
 }
 
@@ -106,14 +105,14 @@ exports.getGlobalUserParams = (globalId, otherProps = {}) => {
 
 /**
  * Generates a template ID.
- * @param ownerId The owner/user of the template, this could be global or a group level.
+ * @param ownerId The owner/user of the template, this could be global or a workspace level.
  */
 exports.generateTemplateID = ownerId => {
   return `${DocumentTypes.TEMPLATE}${SEPARATOR}${ownerId}${SEPARATOR}${newid()}`
 }
 
 /**
- * Gets parameters for retrieving templates. Owner ID must be specified, either global or a group level.
+ * Gets parameters for retrieving templates. Owner ID must be specified, either global or a workspace level.
  */
 exports.getTemplateParams = (ownerId, templateId, otherProps = {}) => {
   if (!templateId) {
@@ -159,6 +158,25 @@ exports.getDeployedAppID = appId => {
   return appId
 }
 
+exports.getCouchUrl = () => {
+  if (!env.COUCH_DB_URL) return
+
+  // username and password already exist in URL
+  if (env.COUCH_DB_URL.includes("@")) {
+    return env.COUCH_DB_URL
+  }
+
+  const [protocol, ...rest] = env.COUCH_DB_URL.split("://")
+
+  if (!env.COUCH_DB_USERNAME || !env.COUCH_DB_PASSWORD) {
+    throw new Error(
+      "CouchDB configuration invalid. You must provide a fully qualified CouchDB url, or the COUCH_DB_USER and COUCH_DB_PASSWORD environment variables."
+    )
+  }
+
+  return `${protocol}://${env.COUCH_DB_USERNAME}:${env.COUCH_DB_PASSWORD}@${rest}`
+}
+
 /**
  * if in production this will use the CouchDB _all_dbs call to retrieve a list of databases. If testing
  * when using Pouch it will use the pouchdb-all-dbs package.
@@ -168,7 +186,7 @@ exports.getAllDbs = async () => {
   if (env.isTest()) {
     return getCouch().allDbs()
   }
-  const response = await fetch(`${env.COUCH_DB_URL}/_all_dbs`)
+  const response = await fetch(`${exports.getCouchUrl()}/_all_dbs`)
   if (response.status === 200) {
     return response.json()
   } else {
@@ -183,9 +201,29 @@ exports.getAllDbs = async () => {
  * different users/companies apps as there is no security around it - all apps are returned.
  * @return {Promise<object[]>} returns the app information document stored in each app database.
  */
-exports.getAllApps = async ({ CouchDB, dev, all } = {}) => {
+exports.getAllApps = async (CouchDB, { dev, all, idsOnly } = {}) => {
+  let tenantId = getTenantId()
+  if (!env.MULTI_TENANCY && !tenantId) {
+    tenantId = DEFAULT_TENANT_ID
+  }
   let dbs = await exports.getAllDbs()
-  const appDbNames = dbs.filter(dbName => dbName.startsWith(exports.APP_PREFIX))
+  const appDbNames = dbs.filter(dbName => {
+    const split = dbName.split(SEPARATOR)
+    // it is an app, check the tenantId
+    if (split[0] === DocumentTypes.APP) {
+      const noTenantId = split.length === 2 || split[1] === DocumentTypes.DEV
+      // tenantId is always right before the UUID
+      const possibleTenantId = split[split.length - 2]
+      return (
+        (tenantId === DEFAULT_TENANT_ID && noTenantId) ||
+        possibleTenantId === tenantId
+      )
+    }
+    return false
+  })
+  if (idsOnly) {
+    return appDbNames
+  }
   const appPromises = appDbNames.map(db =>
     // skip setup otherwise databases could be re-created
     new CouchDB(db, { skip_setup: true }).get(DocumentTypes.APP_METADATA)
@@ -232,8 +270,8 @@ exports.dbExists = async (CouchDB, dbName) => {
  * Generates a new configuration ID.
  * @returns {string} The new configuration ID which the config doc can be stored under.
  */
-const generateConfigID = ({ type, group, user }) => {
-  const scope = [type, group, user].filter(Boolean).join(SEPARATOR)
+const generateConfigID = ({ type, workspace, user }) => {
+  const scope = [type, workspace, user].filter(Boolean).join(SEPARATOR)
 
   return `${DocumentTypes.CONFIG}${SEPARATOR}${scope}`
 }
@@ -241,8 +279,8 @@ const generateConfigID = ({ type, group, user }) => {
 /**
  * Gets parameters for retrieving configurations.
  */
-const getConfigParams = ({ type, group, user }, otherProps = {}) => {
-  const scope = [type, group, user].filter(Boolean).join(SEPARATOR)
+const getConfigParams = ({ type, workspace, user }, otherProps = {}) => {
+  const scope = [type, workspace, user].filter(Boolean).join(SEPARATOR)
 
   return {
     ...otherProps,
@@ -252,15 +290,15 @@ const getConfigParams = ({ type, group, user }, otherProps = {}) => {
 }
 
 /**
- * Returns the most granular configuration document from the DB based on the type, group and userID passed.
+ * Returns the most granular configuration document from the DB based on the type, workspace and userID passed.
  * @param {Object} db - db instance to query
- * @param {Object} scopes - the type, group and userID scopes of the configuration.
+ * @param {Object} scopes - the type, workspace and userID scopes of the configuration.
  * @returns The most granular configuration document based on the scope.
  */
-const getScopedFullConfig = async function (db, { type, user, group }) {
+const getScopedFullConfig = async function (db, { type, user, workspace }) {
   const response = await db.allDocs(
     getConfigParams(
-      { type, user, group },
+      { type, user, workspace },
       {
         include_docs: true,
       }
@@ -270,14 +308,14 @@ const getScopedFullConfig = async function (db, { type, user, group }) {
   function determineScore(row) {
     const config = row.doc
 
-    // Config is specific to a user and a group
-    if (config._id.includes(generateConfigID({ type, user, group }))) {
+    // Config is specific to a user and a workspace
+    if (config._id.includes(generateConfigID({ type, user, workspace }))) {
       return 4
     } else if (config._id.includes(generateConfigID({ type, user }))) {
       // Config is specific to a user only
       return 3
-    } else if (config._id.includes(generateConfigID({ type, group }))) {
-      // Config is specific to a group only
+    } else if (config._id.includes(generateConfigID({ type, workspace }))) {
+      // Config is specific to a workspace only
       return 2
     } else if (config._id.includes(generateConfigID({ type }))) {
       // Config is specific to a type only
diff --git a/packages/auth/src/db/views.js b/packages/auth/src/db/views.js
index 1f1f28b917..1b48786e24 100644
--- a/packages/auth/src/db/views.js
+++ b/packages/auth/src/db/views.js
@@ -1,5 +1,4 @@
-const { DocumentTypes, ViewNames, StaticDatabases } = require("./utils")
-const { getDB } = require("./index")
+const { DocumentTypes, ViewNames } = require("./utils")
 
 function DesignDoc() {
   return {
@@ -10,8 +9,7 @@ function DesignDoc() {
   }
 }
 
-exports.createUserEmailView = async () => {
-  const db = getDB(StaticDatabases.GLOBAL.name)
+exports.createUserEmailView = async db => {
   let designDoc
   try {
     designDoc = await db.get("_design/database")
diff --git a/packages/auth/src/environment.js b/packages/auth/src/environment.js
index 355843d02d..4d1453837c 100644
--- a/packages/auth/src/environment.js
+++ b/packages/auth/src/environment.js
@@ -9,6 +9,8 @@ function isTest() {
 module.exports = {
   JWT_SECRET: process.env.JWT_SECRET,
   COUCH_DB_URL: process.env.COUCH_DB_URL,
+  COUCH_DB_USERNAME: process.env.COUCH_DB_USER,
+  COUCH_DB_PASSWORD: process.env.COUCH_DB_PASSWORD,
   SALT_ROUNDS: process.env.SALT_ROUNDS,
   REDIS_URL: process.env.REDIS_URL,
   REDIS_PASSWORD: process.env.REDIS_PASSWORD,
@@ -16,6 +18,7 @@ module.exports = {
   MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
   MINIO_URL: process.env.MINIO_URL,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
   isTest,
   _set(key, value) {
     process.env[key] = value
diff --git a/packages/auth/src/index.js b/packages/auth/src/index.js
index 98c558706a..5421dea214 100644
--- a/packages/auth/src/index.js
+++ b/packages/auth/src/index.js
@@ -2,6 +2,7 @@ const passport = require("koa-passport")
 const LocalStrategy = require("passport-local").Strategy
 const JwtStrategy = require("passport-jwt").Strategy
 const { StaticDatabases } = require("./db/utils")
+const { getGlobalDB } = require("./tenancy")
 const {
   jwt,
   local,
@@ -9,8 +10,9 @@ const {
   google,
   oidc,
   auditLog,
+  tenancy,
 } = require("./middleware")
-const { setDB, getDB } = require("./db")
+const { setDB } = require("./db")
 const userCache = require("./cache/user")
 
 // Strategies
@@ -20,7 +22,7 @@ passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
 passport.serializeUser((user, done) => done(null, user))
 
 passport.deserializeUser(async (user, done) => {
-  const db = getDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
 
   try {
     const user = await db.get(user._id)
@@ -54,6 +56,7 @@ module.exports = {
     google,
     oidc,
     jwt: require("jsonwebtoken"),
+    buildTenancyMiddleware: tenancy,
     auditLog,
   },
   cache: {
diff --git a/packages/auth/src/middleware/authenticated.js b/packages/auth/src/middleware/authenticated.js
index b58e1917fd..e3705a9a24 100644
--- a/packages/auth/src/middleware/authenticated.js
+++ b/packages/auth/src/middleware/authenticated.js
@@ -2,46 +2,34 @@ const { Cookies, Headers } = require("../constants")
 const { getCookie, clearCookie } = require("../utils")
 const { getUser } = require("../cache/user")
 const { getSession, updateSessionTTL } = require("../security/sessions")
+const { buildMatcherRegex, matches } = require("./matchers")
 const env = require("../environment")
 
-const PARAM_REGEX = /\/:(.*?)\//g
-
-function buildNoAuthRegex(patterns) {
-  return patterns.map(pattern => {
-    const isObj = typeof pattern === "object" && pattern.route
-    const method = isObj ? pattern.method : "GET"
-    let route = isObj ? pattern.route : pattern
-
-    const matches = route.match(PARAM_REGEX)
-    if (matches) {
-      for (let match of matches) {
-        route = route.replace(match, "/.*/")
-      }
-    }
-    return { regex: new RegExp(route), method }
-  })
-}
-
-function finalise(ctx, { authenticated, user, internal, version } = {}) {
+function finalise(
+  ctx,
+  { authenticated, user, internal, version, publicEndpoint } = {}
+) {
+  ctx.publicEndpoint = publicEndpoint || false
   ctx.isAuthenticated = authenticated || false
   ctx.user = user
   ctx.internal = internal || false
   ctx.version = version
 }
 
-module.exports = (noAuthPatterns = [], opts) => {
-  const noAuthOptions = noAuthPatterns ? buildNoAuthRegex(noAuthPatterns) : []
+/**
+ * This middleware is tenancy aware, so that it does not depend on other middlewares being used.
+ * The tenancy modules should not be used here and it should be assumed that the tenancy context
+ * has not yet been populated.
+ */
+module.exports = (noAuthPatterns = [], opts = { publicAllowed: false }) => {
+  const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : []
   return async (ctx, next) => {
+    let publicEndpoint = false
     const version = ctx.request.headers[Headers.API_VER]
     // the path is not authenticated
-    const found = noAuthOptions.find(({ regex, method }) => {
-      return (
-        regex.test(ctx.request.url) &&
-        ctx.request.method.toLowerCase() === method.toLowerCase()
-      )
-    })
-    if (found != null) {
-      return next()
+    const found = matches(ctx, noAuthOptions)
+    if (found) {
+      publicEndpoint = true
     }
     try {
       // check the actual user is authenticated first
@@ -58,7 +46,7 @@ module.exports = (noAuthPatterns = [], opts) => {
           error = "No session found"
         } else {
           try {
-            user = await getUser(userId)
+            user = await getUser(userId, session.tenantId)
             delete user.password
             authenticated = true
           } catch (err) {
@@ -75,22 +63,26 @@ module.exports = (noAuthPatterns = [], opts) => {
         }
       }
       const apiKey = ctx.request.headers[Headers.API_KEY]
+      const tenantId = ctx.request.headers[Headers.TENANT_ID]
       // this is an internal request, no user made it
       if (!authenticated && apiKey && apiKey === env.INTERNAL_API_KEY) {
         authenticated = true
         internal = true
       }
+      if (!user && tenantId) {
+        user = { tenantId }
+      }
       // be explicit
       if (authenticated !== true) {
         authenticated = false
       }
       // isAuthenticated is a function, so use a variable to be able to check authed state
-      finalise(ctx, { authenticated, user, internal, version })
+      finalise(ctx, { authenticated, user, internal, version, publicEndpoint })
       return next()
     } catch (err) {
       // allow configuring for public access
-      if (opts && opts.publicAllowed) {
-        finalise(ctx, { authenticated: false, version })
+      if ((opts && opts.publicAllowed) || publicEndpoint) {
+        finalise(ctx, { authenticated: false, version, publicEndpoint })
       } else {
         ctx.throw(err.status || 403, err)
       }
diff --git a/packages/auth/src/middleware/index.js b/packages/auth/src/middleware/index.js
index 35c7d9c388..689859a139 100644
--- a/packages/auth/src/middleware/index.js
+++ b/packages/auth/src/middleware/index.js
@@ -4,6 +4,7 @@ const google = require("./passport/google")
 const oidc = require("./passport/oidc")
 const authenticated = require("./authenticated")
 const auditLog = require("./auditLog")
+const tenancy = require("./tenancy")
 
 module.exports = {
   google,
@@ -12,4 +13,5 @@ module.exports = {
   local,
   authenticated,
   auditLog,
+  tenancy,
 }
diff --git a/packages/auth/src/middleware/matchers.js b/packages/auth/src/middleware/matchers.js
new file mode 100644
index 0000000000..a555823136
--- /dev/null
+++ b/packages/auth/src/middleware/matchers.js
@@ -0,0 +1,33 @@
+const PARAM_REGEX = /\/:(.*?)(\/.*)?$/g
+
+exports.buildMatcherRegex = patterns => {
+  if (!patterns) {
+    return []
+  }
+  return patterns.map(pattern => {
+    const isObj = typeof pattern === "object" && pattern.route
+    const method = isObj ? pattern.method : "GET"
+    let route = isObj ? pattern.route : pattern
+
+    const matches = route.match(PARAM_REGEX)
+    if (matches) {
+      for (let match of matches) {
+        const pattern = "/.*" + (match.endsWith("/") ? "/" : "")
+        route = route.replace(match, pattern)
+      }
+    }
+    return { regex: new RegExp(route), method }
+  })
+}
+
+exports.matches = (ctx, options) => {
+  return options.find(({ regex, method }) => {
+    const urlMatch = regex.test(ctx.request.url)
+    const methodMatch =
+      method === "ALL"
+        ? true
+        : ctx.request.method.toLowerCase() === method.toLowerCase()
+
+    return urlMatch && methodMatch
+  })
+}
diff --git a/packages/auth/src/middleware/passport/google.js b/packages/auth/src/middleware/passport/google.js
index 68fe885512..07d6816c0b 100644
--- a/packages/auth/src/middleware/passport/google.js
+++ b/packages/auth/src/middleware/passport/google.js
@@ -27,13 +27,13 @@ async function authenticate(accessToken, refreshToken, profile, done) {
  * from couchDB rather than environment variables, using this factory is necessary for dynamically configuring passport.
  * @returns Dynamically configured Passport Google Strategy
  */
-exports.strategyFactory = async function (config) {
+exports.strategyFactory = async function (config, callbackUrl) {
   try {
-    const { clientID, clientSecret, callbackURL } = config
+    const { clientID, clientSecret } = config
 
-    if (!clientID || !clientSecret || !callbackURL) {
+    if (!clientID || !clientSecret) {
       throw new Error(
-        "Configuration invalid. Must contain google clientID, clientSecret and callbackURL"
+        "Configuration invalid. Must contain google clientID and clientSecret"
       )
     }
 
@@ -41,7 +41,7 @@ exports.strategyFactory = async function (config) {
       {
         clientID: config.clientID,
         clientSecret: config.clientSecret,
-        callbackURL: config.callbackURL,
+        callbackURL: callbackUrl,
       },
       authenticate
     )
diff --git a/packages/auth/src/middleware/passport/local.js b/packages/auth/src/middleware/passport/local.js
index 16b53bf894..0db40d64eb 100644
--- a/packages/auth/src/middleware/passport/local.js
+++ b/packages/auth/src/middleware/passport/local.js
@@ -6,19 +6,23 @@ const { getGlobalUserByEmail } = require("../../utils")
 const { authError } = require("./utils")
 const { newid } = require("../../hashing")
 const { createASession } = require("../../security/sessions")
+const { getTenantId } = require("../../tenancy")
 
 const INVALID_ERR = "Invalid Credentials"
 
-exports.options = {}
+exports.options = {
+  passReqToCallback: true,
+}
 
 /**
  * Passport Local Authentication Middleware.
- * @param {*} email - username to login with
- * @param {*} password - plain text password to log in with
- * @param {*} done - callback from passport to return user information and errors
+ * @param {*} ctx the request structure
+ * @param {*} email username to login with
+ * @param {*} password plain text password to log in with
+ * @param {*} done callback from passport to return user information and errors
  * @returns The authenticated user, or errors if they occur
  */
-exports.authenticate = async function (email, password, done) {
+exports.authenticate = async function (ctx, email, password, done) {
   if (!email) return authError(done, "Email Required")
   if (!password) return authError(done, "Password Required")
 
@@ -35,12 +39,14 @@ exports.authenticate = async function (email, password, done) {
   // authenticate
   if (await compare(password, dbUser.password)) {
     const sessionId = newid()
-    await createASession(dbUser._id, sessionId)
+    const tenantId = getTenantId()
+    await createASession(dbUser._id, { sessionId, tenantId })
 
     dbUser.token = jwt.sign(
       {
         userId: dbUser._id,
         sessionId,
+        tenantId,
       },
       env.JWT_SECRET
     )
diff --git a/packages/auth/src/middleware/passport/tests/google.spec.js b/packages/auth/src/middleware/passport/tests/google.spec.js
index 30e582a68f..9cc878bba9 100644
--- a/packages/auth/src/middleware/passport/tests/google.spec.js
+++ b/packages/auth/src/middleware/passport/tests/google.spec.js
@@ -2,8 +2,9 @@
 
 const { data } = require("./utilities/mock-data")
 
+const TENANT_ID = "default"
+
 const googleConfig = {
-  callbackURL: "http://somecallbackurl",
   clientID: data.clientID,
   clientSecret: data.clientSecret,
 }
@@ -26,13 +27,14 @@ describe("google", () => {
   
     it("should create successfully create a google strategy", async () => {
       const google = require("../google")
-         
-      await google.strategyFactory(googleConfig)
+
+      const callbackUrl = `/api/global/auth/${TENANT_ID}/google/callback`
+      await google.strategyFactory(googleConfig, callbackUrl)
   
       const expectedOptions = {
         clientID: googleConfig.clientID,
         clientSecret: googleConfig.clientSecret,
-        callbackURL: googleConfig.callbackURL,
+        callbackURL: callbackUrl,
       }
 
       expect(mockStrategy).toHaveBeenCalledWith(
diff --git a/packages/auth/src/middleware/passport/third-party-common.js b/packages/auth/src/middleware/passport/third-party-common.js
index 2ab2816391..7c03944232 100644
--- a/packages/auth/src/middleware/passport/third-party-common.js
+++ b/packages/auth/src/middleware/passport/third-party-common.js
@@ -1,11 +1,12 @@
 const env = require("../../environment")
 const jwt = require("jsonwebtoken")
-const database = require("../../db")
-const { StaticDatabases, generateGlobalUserID } = require("../../db/utils")
+const { generateGlobalUserID } = require("../../db/utils")
 const { authError } = require("./utils")
 const { newid } = require("../../hashing")
 const { createASession } = require("../../security/sessions")
 const { getGlobalUserByEmail } = require("../../utils")
+const { getGlobalDB, getTenantId } = require("../../tenancy")
+const fetch = require("node-fetch")
 
 /**
  * Common authentication logic for third parties. e.g. OAuth, OIDC.
@@ -15,19 +16,21 @@ exports.authenticateThirdParty = async function (
   requireLocalAccount = true,
   done
 ) {
-  if (!thirdPartyUser.provider)
+  if (!thirdPartyUser.provider) {
     return authError(done, "third party user provider required")
-  if (!thirdPartyUser.userId)
+  }
+  if (!thirdPartyUser.userId) {
     return authError(done, "third party user id required")
-  if (!thirdPartyUser.email)
+  }
+  if (!thirdPartyUser.email) {
     return authError(done, "third party user email required")
-
-  const db = database.getDB(StaticDatabases.GLOBAL.name)
-
-  let dbUser
+  }
 
   // use the third party id
   const userId = generateGlobalUserID(thirdPartyUser.userId)
+  const db = getGlobalDB()
+
+  let dbUser
 
   // try to load by id
   try {
@@ -65,7 +68,7 @@ exports.authenticateThirdParty = async function (
     }
   }
 
-  dbUser = syncUser(dbUser, thirdPartyUser)
+  dbUser = await syncUser(dbUser, thirdPartyUser)
 
   // create or sync the user
   const response = await db.post(dbUser)
@@ -73,7 +76,8 @@ exports.authenticateThirdParty = async function (
 
   // authenticate
   const sessionId = newid()
-  await createASession(dbUser._id, sessionId)
+  const tenantId = getTenantId()
+  await createASession(dbUser._id, { sessionId, tenantId })
 
   dbUser.token = jwt.sign(
     {
@@ -86,10 +90,26 @@ exports.authenticateThirdParty = async function (
   return done(null, dbUser)
 }
 
+async function syncProfilePicture(user, thirdPartyUser) {
+  const pictureUrl = thirdPartyUser.profile._json.picture
+  if (pictureUrl) {
+    const response = await fetch(pictureUrl)
+
+    if (response.status === 200) {
+      const type = response.headers.get("content-type")
+      if (type.startsWith("image/")) {
+        user.pictureUrl = pictureUrl
+      }
+    }
+  }
+
+  return user
+}
+
 /**
  * @returns a user that has been sync'd with third party information
  */
-function syncUser(user, thirdPartyUser) {
+async function syncUser(user, thirdPartyUser) {
   // provider
   user.provider = thirdPartyUser.provider
   user.providerType = thirdPartyUser.providerType
@@ -112,6 +132,8 @@ function syncUser(user, thirdPartyUser) {
       }
     }
 
+    user = await syncProfilePicture(user, thirdPartyUser)
+
     // profile
     user.thirdPartyProfile = {
       ...profile._json,
diff --git a/packages/auth/src/middleware/tenancy.js b/packages/auth/src/middleware/tenancy.js
new file mode 100644
index 0000000000..b80b9a6763
--- /dev/null
+++ b/packages/auth/src/middleware/tenancy.js
@@ -0,0 +1,14 @@
+const { setTenantId } = require("../tenancy")
+const ContextFactory = require("../tenancy/FunctionContext")
+const { buildMatcherRegex, matches } = require("./matchers")
+
+module.exports = (allowQueryStringPatterns, noTenancyPatterns) => {
+  const allowQsOptions = buildMatcherRegex(allowQueryStringPatterns)
+  const noTenancyOptions = buildMatcherRegex(noTenancyPatterns)
+
+  return ContextFactory.getMiddleware(ctx => {
+    const allowNoTenant = !!matches(ctx, noTenancyOptions)
+    const allowQs = !!matches(ctx, allowQsOptions)
+    setTenantId(ctx, { allowQs, allowNoTenant })
+  })
+}
diff --git a/packages/auth/src/security/sessions.js b/packages/auth/src/security/sessions.js
index 4051df7123..328f74c794 100644
--- a/packages/auth/src/security/sessions.js
+++ b/packages/auth/src/security/sessions.js
@@ -12,12 +12,13 @@ function makeSessionID(userId, sessionId) {
   return `${userId}/${sessionId}`
 }
 
-exports.createASession = async (userId, sessionId) => {
+exports.createASession = async (userId, session) => {
   const client = await redis.getSessionClient()
-  const session = {
+  const sessionId = session.sessionId
+  session = {
     createdAt: new Date().toISOString(),
     lastAccessedAt: new Date().toISOString(),
-    sessionId,
+    ...session,
     userId,
   }
   await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)
diff --git a/packages/auth/src/tenancy/FunctionContext.js b/packages/auth/src/tenancy/FunctionContext.js
new file mode 100644
index 0000000000..d97a3a30b4
--- /dev/null
+++ b/packages/auth/src/tenancy/FunctionContext.js
@@ -0,0 +1,73 @@
+const cls = require("cls-hooked")
+const { newid } = require("../hashing")
+
+const REQUEST_ID_KEY = "requestId"
+
+class FunctionContext {
+  static getMiddleware(updateCtxFn = null) {
+    const namespace = this.createNamespace()
+
+    return async function (ctx, next) {
+      await new Promise(
+        namespace.bind(function (resolve, reject) {
+          // store a contextual request ID that can be used anywhere (audit logs)
+          namespace.set(REQUEST_ID_KEY, newid())
+          namespace.bindEmitter(ctx.req)
+          namespace.bindEmitter(ctx.res)
+
+          if (updateCtxFn) {
+            updateCtxFn(ctx)
+          }
+          next().then(resolve).catch(reject)
+        })
+      )
+    }
+  }
+
+  static run(callback) {
+    const namespace = this.createNamespace()
+
+    return namespace.runAndReturn(callback)
+  }
+
+  static setOnContext(key, value) {
+    const namespace = this.createNamespace()
+    namespace.set(key, value)
+  }
+
+  static getContextStorage() {
+    if (this._namespace && this._namespace.active) {
+      let contextData = this._namespace.active
+      delete contextData.id
+      delete contextData._ns_name
+      return contextData
+    }
+
+    return {}
+  }
+
+  static getFromContext(key) {
+    const context = this.getContextStorage()
+    if (context) {
+      return context[key]
+    } else {
+      return null
+    }
+  }
+
+  static destroyNamespace() {
+    if (this._namespace) {
+      cls.destroyNamespace("session")
+      this._namespace = null
+    }
+  }
+
+  static createNamespace() {
+    if (!this._namespace) {
+      this._namespace = cls.createNamespace("session")
+    }
+    return this._namespace
+  }
+}
+
+module.exports = FunctionContext
diff --git a/packages/auth/src/tenancy/context.js b/packages/auth/src/tenancy/context.js
new file mode 100644
index 0000000000..f3f1f541e9
--- /dev/null
+++ b/packages/auth/src/tenancy/context.js
@@ -0,0 +1,81 @@
+const env = require("../environment")
+const { Headers } = require("../../constants")
+const cls = require("./FunctionContext")
+
+exports.DEFAULT_TENANT_ID = "default"
+
+exports.isDefaultTenant = () => {
+  return exports.getTenantId() === exports.DEFAULT_TENANT_ID
+}
+
+exports.isMultiTenant = () => {
+  return env.MULTI_TENANCY
+}
+
+const TENANT_ID = "tenantId"
+
+// used for automations, API endpoints should always be in context already
+exports.doInTenant = (tenantId, task) => {
+  return cls.run(() => {
+    // set the tenant id
+    cls.setOnContext(TENANT_ID, tenantId)
+
+    // invoke the task
+    const result = task()
+
+    return result
+  })
+}
+
+exports.updateTenantId = tenantId => {
+  cls.setOnContext(TENANT_ID, tenantId)
+}
+
+exports.setTenantId = (
+  ctx,
+  opts = { allowQs: false, allowNoTenant: false }
+) => {
+  let tenantId
+  // exit early if not multi-tenant
+  if (!exports.isMultiTenant()) {
+    cls.setOnContext(TENANT_ID, this.DEFAULT_TENANT_ID)
+    return
+  }
+
+  const allowQs = opts && opts.allowQs
+  const allowNoTenant = opts && opts.allowNoTenant
+  const header = ctx.request.headers[Headers.TENANT_ID]
+  const user = ctx.user || {}
+  if (allowQs) {
+    const query = ctx.request.query || {}
+    tenantId = query.tenantId
+  }
+  // override query string (if allowed) by user, or header
+  // URL params cannot be used in a middleware, as they are
+  // processed later in the chain
+  tenantId = user.tenantId || header || tenantId
+
+  if (!tenantId && !allowNoTenant) {
+    ctx.throw(403, "Tenant id not set")
+  }
+  // check tenant ID just incase no tenant was allowed
+  if (tenantId) {
+    cls.setOnContext(TENANT_ID, tenantId)
+  }
+}
+
+exports.isTenantIdSet = () => {
+  const tenantId = cls.getFromContext(TENANT_ID)
+  return !!tenantId
+}
+
+exports.getTenantId = () => {
+  if (!exports.isMultiTenant()) {
+    return exports.DEFAULT_TENANT_ID
+  }
+  const tenantId = cls.getFromContext(TENANT_ID)
+  if (!tenantId) {
+    throw Error("Tenant id not found")
+  }
+  return tenantId
+}
diff --git a/packages/auth/src/tenancy/index.js b/packages/auth/src/tenancy/index.js
new file mode 100644
index 0000000000..2fe257d885
--- /dev/null
+++ b/packages/auth/src/tenancy/index.js
@@ -0,0 +1,4 @@
+module.exports = {
+  ...require("./context"),
+  ...require("./tenancy"),
+}
diff --git a/packages/auth/src/tenancy/tenancy.js b/packages/auth/src/tenancy/tenancy.js
new file mode 100644
index 0000000000..6e18ea7154
--- /dev/null
+++ b/packages/auth/src/tenancy/tenancy.js
@@ -0,0 +1,105 @@
+const { getDB } = require("../db")
+const { SEPARATOR, StaticDatabases } = require("../db/constants")
+const { getTenantId, DEFAULT_TENANT_ID, isMultiTenant } = require("./context")
+const env = require("../environment")
+
+const TENANT_DOC = StaticDatabases.PLATFORM_INFO.docs.tenants
+const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
+
+exports.addTenantToUrl = url => {
+  const tenantId = getTenantId()
+
+  if (isMultiTenant()) {
+    const char = url.indexOf("?") === -1 ? "?" : "&"
+    url += `${char}tenantId=${tenantId}`
+  }
+
+  return url
+}
+
+exports.doesTenantExist = async tenantId => {
+  const db = getDB(PLATFORM_INFO_DB)
+  let tenants
+  try {
+    tenants = await db.get(TENANT_DOC)
+  } catch (err) {
+    // if theres an error the doc doesn't exist, no tenants exist
+    return false
+  }
+  return (
+    tenants &&
+    Array.isArray(tenants.tenantIds) &&
+    tenants.tenantIds.indexOf(tenantId) !== -1
+  )
+}
+
+exports.tryAddTenant = async (tenantId, userId, email) => {
+  const db = getDB(PLATFORM_INFO_DB)
+  const getDoc = async id => {
+    if (!id) {
+      return null
+    }
+    try {
+      return await db.get(id)
+    } catch (err) {
+      return { _id: id }
+    }
+  }
+  let [tenants, userIdDoc, emailDoc] = await Promise.all([
+    getDoc(TENANT_DOC),
+    getDoc(userId),
+    getDoc(email),
+  ])
+  if (!Array.isArray(tenants.tenantIds)) {
+    tenants = {
+      _id: TENANT_DOC,
+      tenantIds: [],
+    }
+  }
+  let promises = []
+  if (userIdDoc) {
+    userIdDoc.tenantId = tenantId
+    promises.push(db.put(userIdDoc))
+  }
+  if (emailDoc) {
+    emailDoc.tenantId = tenantId
+    promises.push(db.put(emailDoc))
+  }
+  if (tenants.tenantIds.indexOf(tenantId) === -1) {
+    tenants.tenantIds.push(tenantId)
+    promises.push(db.put(tenants))
+  }
+  await Promise.all(promises)
+}
+
+exports.getGlobalDB = (tenantId = null) => {
+  // tenant ID can be set externally, for example user API where
+  // new tenants are being created, this may be the case
+  if (!tenantId) {
+    tenantId = getTenantId()
+  }
+
+  let dbName
+
+  if (tenantId === DEFAULT_TENANT_ID) {
+    dbName = StaticDatabases.GLOBAL.name
+  } else {
+    dbName = `${tenantId}${SEPARATOR}${StaticDatabases.GLOBAL.name}`
+  }
+
+  return getDB(dbName)
+}
+
+exports.lookupTenantId = async userId => {
+  const db = getDB(StaticDatabases.PLATFORM_INFO.name)
+  let tenantId = env.MULTI_TENANCY ? DEFAULT_TENANT_ID : null
+  try {
+    const doc = await db.get(userId)
+    if (doc && doc.tenantId) {
+      tenantId = doc.tenantId
+    }
+  } catch (err) {
+    // just return the default
+  }
+  return tenantId
+}
diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js
index 6bc1e0e3a6..5936948fd7 100644
--- a/packages/auth/src/utils.js
+++ b/packages/auth/src/utils.js
@@ -1,14 +1,9 @@
-const {
-  DocumentTypes,
-  SEPARATOR,
-  ViewNames,
-  StaticDatabases,
-} = require("./db/utils")
+const { DocumentTypes, SEPARATOR, ViewNames } = require("./db/utils")
 const jwt = require("jsonwebtoken")
 const { options } = require("./middleware/passport/jwt")
 const { createUserEmailView } = require("./db/views")
-const { getDB } = require("./db")
 const { Headers } = require("./constants")
+const { getGlobalDB } = require("./tenancy")
 
 const APP_PREFIX = DocumentTypes.APP + SEPARATOR
 
@@ -111,7 +106,7 @@ exports.getGlobalUserByEmail = async email => {
   if (email == null) {
     throw "Must supply an email address to view"
   }
-  const db = getDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   try {
     let users = (
       await db.query(`database/${ViewNames.USER_BY_EMAIL}`, {
@@ -123,7 +118,7 @@ exports.getGlobalUserByEmail = async email => {
     return users.length <= 1 ? users[0] : users
   } catch (err) {
     if (err != null && err.name === "not_found") {
-      await createUserEmailView()
+      await createUserEmailView(db)
       return exports.getGlobalUserByEmail(email)
     } else {
       throw err
diff --git a/packages/auth/tenancy.js b/packages/auth/tenancy.js
new file mode 100644
index 0000000000..9ca808b74e
--- /dev/null
+++ b/packages/auth/tenancy.js
@@ -0,0 +1 @@
+module.exports = require("./src/tenancy")
diff --git a/packages/auth/yarn.lock b/packages/auth/yarn.lock
index 8957ecb0fc..b6be8ad1e8 100644
--- a/packages/auth/yarn.lock
+++ b/packages/auth/yarn.lock
@@ -798,6 +798,13 @@ ast-types@0.9.6:
   resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.9.6.tgz#102c9e9e9005d3e7e3829bf0c4fa24ee862ee9b9"
   integrity sha1-ECyenpAF0+fjgpvwxPok7oYu6bk=
 
+async-hook-jl@^1.7.6:
+  version "1.7.6"
+  resolved "https://registry.yarnpkg.com/async-hook-jl/-/async-hook-jl-1.7.6.tgz#4fd25c2f864dbaf279c610d73bf97b1b28595e68"
+  integrity sha512-gFaHkFfSxTjvoxDMYqDuGHlcRyUuamF8s+ZTtJdDzqjws4mCt7v0vuV79/E2Wr2/riMQgtG4/yUtXWs1gZ7JMg==
+  dependencies:
+    stack-chain "^1.3.7"
+
 async@~2.1.4:
   version "2.1.5"
   resolved "https://registry.yarnpkg.com/async/-/async-2.1.5.tgz#e587c68580994ac67fc56ff86d3ac56bdbe810bc"
@@ -1144,6 +1151,15 @@ clone-buffer@1.0.0:
   resolved "https://registry.yarnpkg.com/clone-buffer/-/clone-buffer-1.0.0.tgz#e3e25b207ac4e701af721e2cb5a16792cac3dc58"
   integrity sha1-4+JbIHrE5wGvch4staFnksrD3Fg=
 
+cls-hooked@^4.2.2:
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/cls-hooked/-/cls-hooked-4.2.2.tgz#ad2e9a4092680cdaffeb2d3551da0e225eae1908"
+  integrity sha512-J4Xj5f5wq/4jAvcdgoGsL3G103BtWpZrMo8NEinRltN+xpTZdI+M38pyQqhuFU/P792xkMFvnKSf+Lm81U1bxw==
+  dependencies:
+    async-hook-jl "^1.7.6"
+    emitter-listener "^1.0.1"
+    semver "^5.4.1"
+
 cluster-key-slot@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/cluster-key-slot/-/cluster-key-slot-1.1.0.tgz#30474b2a981fb12172695833052bc0d01336d10d"
@@ -1444,6 +1460,13 @@ electron-to-chromium@^1.3.723:
   resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.775.tgz#046517d1f2cea753e06fff549995b9dc45e20082"
   integrity sha512-EGuiJW4yBPOTj2NtWGZcX93ZE8IGj33HJAx4d3ouE2zOfW2trbWU+t1e0yzLr1qQIw81++txbM3BH52QwSRE6Q==
 
+emitter-listener@^1.0.1:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/emitter-listener/-/emitter-listener-1.1.2.tgz#56b140e8f6992375b3d7cb2cab1cc7432d9632e8"
+  integrity sha512-Bt1sBAGFHY9DKY+4/2cV6izcKJUf5T7/gkdmkxzX/qv9CcGH8xSwVRW5mtX03SWJtRTWSOpzCuWN9rBFYZepZQ==
+  dependencies:
+    shimmer "^1.2.0"
+
 emittery@^0.7.1:
   version "0.7.2"
   resolved "https://registry.yarnpkg.com/emittery/-/emittery-0.7.2.tgz#25595908e13af0f5674ab419396e2fb394cdfa82"
@@ -4035,7 +4058,7 @@ saxes@^5.0.1:
   dependencies:
     xmlchars "^2.2.0"
 
-"semver@2 || 3 || 4 || 5", semver@^5.5.0, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0, semver@^5.6.0:
   version "5.7.1"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
   integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
@@ -4096,6 +4119,11 @@ shellwords@^0.1.1:
   resolved "https://registry.yarnpkg.com/shellwords/-/shellwords-0.1.1.tgz#d6b9181c1a48d397324c84871efbcfc73fc0654b"
   integrity sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==
 
+shimmer@^1.2.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/shimmer/-/shimmer-1.2.1.tgz#610859f7de327b587efebf501fb43117f9aff337"
+  integrity sha512-sQTKC1Re/rM6XyFM6fIAGHRPVGvyXfgzIDvzoq608vM+jeyVD0Tu1E6Np0Kc2zAIFWIj963V2800iF/9LPieQw==
+
 signal-exit@^3.0.0, signal-exit@^3.0.2:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c"
@@ -4250,6 +4278,11 @@ sshpk@^1.7.0:
     safer-buffer "^2.0.2"
     tweetnacl "~0.14.0"
 
+stack-chain@^1.3.7:
+  version "1.3.7"
+  resolved "https://registry.yarnpkg.com/stack-chain/-/stack-chain-1.3.7.tgz#d192c9ff4ea6a22c94c4dd459171e3f00cea1285"
+  integrity sha1-0ZLJ/06moiyUxN1FkXHj8AzqEoU=
+
 stack-utils@^2.0.2:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-2.0.3.tgz#cd5f030126ff116b78ccb3c027fe302713b61277"
diff --git a/packages/bbui/package.json b/packages/bbui/package.json
index c80e7ed349..6ed8013d34 100644
--- a/packages/bbui/package.json
+++ b/packages/bbui/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/bbui",
   "description": "A UI solution used in the different Budibase projects.",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "license": "AGPL-3.0",
   "svelte": "src/index.js",
   "module": "dist/bbui.es.js",
@@ -45,7 +45,7 @@
     "@spectrum-css/buttongroup": "^3.0.2",
     "@spectrum-css/checkbox": "^3.0.2",
     "@spectrum-css/dialog": "^3.0.1",
-    "@spectrum-css/divider": "^1.0.1",
+    "@spectrum-css/divider": "^1.0.3",
     "@spectrum-css/dropzone": "^3.0.2",
     "@spectrum-css/fieldgroup": "^3.0.2",
     "@spectrum-css/fieldlabel": "^3.0.1",
@@ -65,6 +65,7 @@
     "@spectrum-css/search": "^3.0.2",
     "@spectrum-css/sidenav": "^3.0.2",
     "@spectrum-css/statuslight": "^3.0.2",
+    "@spectrum-css/stepper": "^3.0.3",
     "@spectrum-css/switch": "^1.0.2",
     "@spectrum-css/table": "^3.0.1",
     "@spectrum-css/tabs": "^3.0.1",
diff --git a/packages/bbui/src/ActionMenu/ActionMenu.svelte b/packages/bbui/src/ActionMenu/ActionMenu.svelte
index 45bb65b527..08425e8f59 100644
--- a/packages/bbui/src/ActionMenu/ActionMenu.svelte
+++ b/packages/bbui/src/ActionMenu/ActionMenu.svelte
@@ -23,8 +23,11 @@
     dropdown.show()
   }
 
-  const openMenu = () => {
-    if (!disabled) show()
+  const openMenu = event => {
+    if (!disabled) {
+      event.stopPropagation()
+      show()
+    }
   }
 
   setContext("actionMenu", { show, hide })
diff --git a/packages/bbui/src/ColorPicker/ColorPicker.svelte b/packages/bbui/src/ColorPicker/ColorPicker.svelte
index 4d248d6190..ff6a292d1b 100644
--- a/packages/bbui/src/ColorPicker/ColorPicker.svelte
+++ b/packages/bbui/src/ColorPicker/ColorPicker.svelte
@@ -19,7 +19,7 @@
   const dispatch = createEventDispatcher()
   const categories = [
     {
-      label: "Grays",
+      label: "Theme",
       colors: [
         "gray-50",
         "gray-75",
@@ -72,6 +72,9 @@
         "blue-700",
         "indigo-700",
         "magenta-700",
+
+        "static-white",
+        "static-black",
       ],
     },
   ]
@@ -101,9 +104,19 @@
   }
 
   const getCheckColor = value => {
-    return /^.*(white|(gray-(50|75|100|200|300|400|500)))\)$/.test(value)
-      ? "var(--spectrum-global-color-gray-900)"
-      : "var(--spectrum-global-color-gray-50)"
+    // Use dynamic color for theme grays
+    if (value?.includes("gray")) {
+      return /^.*(gray-(50|75|100|200|300|400|500))\)$/.test(value)
+        ? "var(--spectrum-global-color-gray-900)"
+        : "var(--spectrum-global-color-gray-50)"
+    }
+
+    // Use black check for static white
+    if (value?.includes("static-black")) {
+      return "var(--spectrum-global-color-static-gray-50)"
+    }
+
+    return "var(--spectrum-global-color-static-gray-900)"
   }
 </script>
 
diff --git a/packages/bbui/src/Form/Checkbox.svelte b/packages/bbui/src/Form/Checkbox.svelte
index 90a2cddda5..6aa88f6dee 100644
--- a/packages/bbui/src/Form/Checkbox.svelte
+++ b/packages/bbui/src/Form/Checkbox.svelte
@@ -9,6 +9,7 @@
   export let text = null
   export let disabled = false
   export let error = null
+  export let size = "M"
 
   const dispatch = createEventDispatcher()
   const onChange = e => {
@@ -18,5 +19,5 @@
 </script>
 
 <Field {label} {labelPosition} {error}>
-  <Checkbox {error} {disabled} {text} {value} on:change={onChange} />
+  <Checkbox {error} {disabled} {text} {value} {size} on:change={onChange} />
 </Field>
diff --git a/packages/bbui/src/Form/Core/Checkbox.svelte b/packages/bbui/src/Form/Core/Checkbox.svelte
index e9a6b56fd9..ca3cef383f 100644
--- a/packages/bbui/src/Form/Core/Checkbox.svelte
+++ b/packages/bbui/src/Form/Core/Checkbox.svelte
@@ -8,15 +8,18 @@
   export let id = null
   export let text = null
   export let disabled = false
+  export let size
 
   const dispatch = createEventDispatcher()
   const onChange = event => {
     dispatch("change", event.target.checked)
   }
+
+  $: sizeClass = `spectrum-Checkbox--size${size || "M"}`
 </script>
 
 <label
-  class="spectrum-Checkbox spectrum-Checkbox--sizeM spectrum-Checkbox--emphasized"
+  class="spectrum-Checkbox spectrum-Checkbox--emphasized {sizeClass}"
   class:is-invalid={!!error}
 >
   <input
diff --git a/packages/bbui/src/Form/Core/Dropzone.svelte b/packages/bbui/src/Form/Core/Dropzone.svelte
index 3512ec989a..a543dea1d4 100644
--- a/packages/bbui/src/Form/Core/Dropzone.svelte
+++ b/packages/bbui/src/Form/Core/Dropzone.svelte
@@ -5,6 +5,7 @@
   import { createEventDispatcher } from "svelte"
   import { generateID } from "../../utils/helpers"
   import Icon from "../../Icon/Icon.svelte"
+  import Link from "../../Link/Link.svelte"
 
   const BYTES_IN_KB = 1000
   const BYTES_IN_MB = 1000000
@@ -117,7 +118,13 @@
     {#if gallery}
       <div class="gallery">
         <div class="title">
-          <div class="filename">{selectedImage.name}</div>
+          <div class="filename">
+            {#if selectedUrl}
+              <Link href={selectedUrl}>{selectedImage.name}</Link>
+            {:else}
+              {selectedImage.name}
+            {/if}
+          </div>
           {#if selectedImage.size}
             <div class="filesize">
               {#if selectedImage.size <= BYTES_IN_MB}
diff --git a/packages/bbui/src/Form/Core/Multiselect.svelte b/packages/bbui/src/Form/Core/Multiselect.svelte
index 107e910a60..3eb1add267 100644
--- a/packages/bbui/src/Form/Core/Multiselect.svelte
+++ b/packages/bbui/src/Form/Core/Multiselect.svelte
@@ -11,6 +11,8 @@
   export let getOptionLabel = option => option
   export let getOptionValue = option => option
   export let readonly = false
+  export let autocomplete = false
+  export let sort = false
 
   const dispatch = createEventDispatcher()
   $: selectedLookupMap = getSelectedLookupMap(value)
@@ -77,8 +79,10 @@
   {fieldText}
   {options}
   isPlaceholder={!value?.length}
+  {autocomplete}
   {isOptionSelected}
   {getOptionLabel}
   {getOptionValue}
   onSelectOption={toggleOption}
+  {sort}
 />
diff --git a/packages/bbui/src/Form/Core/Picker.svelte b/packages/bbui/src/Form/Core/Picker.svelte
index e2456271c7..8acbc4e1a6 100644
--- a/packages/bbui/src/Form/Core/Picker.svelte
+++ b/packages/bbui/src/Form/Core/Picker.svelte
@@ -5,6 +5,7 @@
   import { fly } from "svelte/transition"
   import { createEventDispatcher } from "svelte"
   import clickOutside from "../../Actions/click_outside"
+  import Search from "./Search.svelte"
 
   export let id = null
   export let disabled = false
@@ -23,14 +24,51 @@
   export let readonly = false
   export let quiet = false
   export let autoWidth = false
+  export let autocomplete = false
+  export let sort = false
+
   const dispatch = createEventDispatcher()
+  let searchTerm = null
+
+  $: sortedOptions = getSortedOptions(options, getOptionLabel, sort)
+  $: filteredOptions = getFilteredOptions(
+    sortedOptions,
+    searchTerm,
+    getOptionLabel
+  )
+
   const onClick = () => {
     dispatch("click")
     if (readonly) {
       return
     }
+    searchTerm = null
     open = true
   }
+
+  const getSortedOptions = (options, getLabel, sort) => {
+    if (!options?.length || !Array.isArray(options)) {
+      return []
+    }
+    if (!sort) {
+      return options
+    }
+    return options.sort((a, b) => {
+      const labelA = getLabel(a)
+      const labelB = getLabel(b)
+      return labelA > labelB ? 1 : -1
+    })
+  }
+
+  const getFilteredOptions = (options, term, getLabel) => {
+    if (autocomplete && term) {
+      const lowerCaseTerm = term.toLowerCase()
+      return options.filter(option =>
+        getLabel(option)?.toLowerCase().includes(lowerCaseTerm)
+      )
+    }
+    return options
+  }
 </script>
 
 <button
@@ -81,6 +119,14 @@
     class="spectrum-Popover spectrum-Popover--bottom spectrum-Picker-popover is-open"
     class:auto-width={autoWidth}
   >
+    {#if autocomplete}
+      <Search
+        value={searchTerm}
+        on:change={event => (searchTerm = event.detail)}
+        {disabled}
+        placeholder="Search"
+      />
+    {/if}
     <ul class="spectrum-Menu" role="listbox">
       {#if placeholderOption}
         <li
@@ -101,8 +147,8 @@
           </svg>
         </li>
       {/if}
-      {#if options && Array.isArray(options)}
-        {#each options as option, idx}
+      {#if filteredOptions.length}
+        {#each filteredOptions as option, idx}
           <li
             class="spectrum-Menu-item"
             class:is-selected={isOptionSelected(getOptionValue(option, idx))}
@@ -121,9 +167,9 @@
                 />
               </span>
             {/if}
-            <span class="spectrum-Menu-itemLabel"
-              >{getOptionLabel(option, idx)}</span
-            >
+            <span class="spectrum-Menu-itemLabel">
+              {getOptionLabel(option, idx)}
+            </span>
             <svg
               class="spectrum-Icon spectrum-UIIcon-Checkmark100 spectrum-Menu-checkmark spectrum-Menu-itemIcon"
               focusable="false"
@@ -173,4 +219,23 @@
     padding-top: 5px;
     padding-right: 10px;
   }
+  .spectrum-Popover :global(.spectrum-Search) {
+    margin-top: -1px;
+    margin-left: -1px;
+    width: calc(100% + 2px);
+  }
+  .spectrum-Popover :global(.spectrum-Search input) {
+    height: auto;
+    border-bottom-left-radius: 0;
+    border-bottom-right-radius: 0;
+    padding-top: var(--spectrum-global-dimension-size-100);
+    padding-bottom: var(--spectrum-global-dimension-size-100);
+  }
+  .spectrum-Popover :global(.spectrum-Search .spectrum-ClearButton) {
+    right: 1px;
+    top: 2px;
+  }
+  .spectrum-Popover :global(.spectrum-Search .spectrum-Textfield-icon) {
+    top: 9px;
+  }
 </style>
diff --git a/packages/bbui/src/Form/Core/Search.svelte b/packages/bbui/src/Form/Core/Search.svelte
index b26c9567c0..dd70f1eaca 100644
--- a/packages/bbui/src/Form/Core/Search.svelte
+++ b/packages/bbui/src/Form/Core/Search.svelte
@@ -95,4 +95,7 @@
   .is-disabled {
     pointer-events: none;
   }
+  .spectrum-Search-clearButton {
+    position: absolute;
+  }
 </style>
diff --git a/packages/bbui/src/Form/Core/Select.svelte b/packages/bbui/src/Form/Core/Select.svelte
index a815ae2948..413b11dd34 100644
--- a/packages/bbui/src/Form/Core/Select.svelte
+++ b/packages/bbui/src/Form/Core/Select.svelte
@@ -14,6 +14,8 @@
   export let readonly = false
   export let quiet = false
   export let autoWidth = false
+  export let autocomplete = false
+  export let sort = false
 
   const dispatch = createEventDispatcher()
   let open = false
@@ -70,6 +72,8 @@
   {getOptionValue}
   {getOptionIcon}
   {fieldIcon}
+  {autocomplete}
+  {sort}
   isPlaceholder={value == null || value === ""}
   placeholderOption={placeholder}
   isOptionSelected={option => option === value}
diff --git a/packages/bbui/src/Form/Core/Stepper.svelte b/packages/bbui/src/Form/Core/Stepper.svelte
new file mode 100644
index 0000000000..895dc2d3de
--- /dev/null
+++ b/packages/bbui/src/Form/Core/Stepper.svelte
@@ -0,0 +1,172 @@
+<script>
+  import "@spectrum-css/textfield/dist/index-vars.css"
+  import "@spectrum-css/actionbutton/dist/index-vars.css"
+  import "@spectrum-css/stepper/dist/index-vars.css"
+  import { createEventDispatcher } from "svelte"
+
+  export let value = null
+  export let placeholder = null
+  export let disabled = false
+  export let error = null
+  export let id = null
+  export let readonly = false
+  export let updateOnChange = true
+  export let quiet = false
+  export let min
+  export let max
+  export let step
+
+  const dispatch = createEventDispatcher()
+  let focus = false
+
+  // We need to keep the field value bound to a different variable in order
+  // to properly handle erroneous values. If we don't do this then it is
+  // possible for the field to show stale text which does not represent the
+  // real value. The reactive statement is to ensure that external changes to
+  // the value prop are reflected.
+  let fieldValue = value
+  $: fieldValue = value
+
+  // Ensure step is always a numeric value defaulting to 1
+  $: step = step == null || isNaN(step) ? 1 : step
+
+  const updateValue = value => {
+    if (readonly) {
+      return
+    }
+    const float = parseFloat(value)
+    value = isNaN(float) ? null : float
+    if (value != null) {
+      if (min != null && value < min) {
+        value = min
+      } else if (max != null && value > max) {
+        value = max
+      }
+    }
+    dispatch("change", value)
+    fieldValue = value
+  }
+
+  const onFocus = () => {
+    if (readonly) {
+      return
+    }
+    focus = true
+  }
+
+  const onBlur = event => {
+    if (readonly) {
+      return
+    }
+    focus = false
+    updateValue(event.target.value)
+  }
+
+  const onInput = event => {
+    if (readonly || !updateOnChange) {
+      return
+    }
+    updateValue(event.target.value)
+  }
+
+  const updateValueOnEnter = event => {
+    if (readonly) {
+      return
+    }
+    if (event.key === "Enter") {
+      updateValue(event.target.value)
+    }
+  }
+
+  const stepUp = () => {
+    if (value == null || isNaN(value)) {
+      updateValue(step)
+    } else {
+      updateValue(value + step)
+    }
+  }
+
+  const stepDown = () => {
+    if (value == null || isNaN(value)) {
+      updateValue(step)
+    } else {
+      updateValue(value - step)
+    }
+  }
+</script>
+
+<div
+  class="spectrum-Stepper"
+  class:spectrum-Stepper--quiet={quiet}
+  class:is-invalid={!!error}
+  class:is-disabled={disabled}
+  class:is-focused={focus}
+>
+  {#if error}
+    <svg
+      class="spectrum-Icon spectrum-Icon--sizeM spectrum-Textfield-validationIcon"
+      focusable="false"
+      aria-hidden="true"
+    >
+      <use xlink:href="#spectrum-icon-18-Alert" />
+    </svg>
+  {/if}
+
+  <div class="spectrum-Textfield spectrum-Stepper-textfield">
+    <input
+      {disabled}
+      {readonly}
+      {id}
+      bind:value={fieldValue}
+      placeholder={placeholder || ""}
+      type="number"
+      class="spectrum-Textfield-input spectrum-Stepper-input"
+      on:click
+      on:blur
+      on:focus
+      on:input
+      on:keyup
+      on:blur={onBlur}
+      on:focus={onFocus}
+      on:input={onInput}
+      on:keyup={updateValueOnEnter}
+    />
+  </div>
+  <span class="spectrum-Stepper-buttons">
+    <button
+      class="spectrum-ActionButton spectrum-ActionButton--sizeM spectrum-Stepper-stepUp"
+      tabindex="-1"
+      on:click={stepUp}
+    >
+      <svg
+        class="spectrum-Icon spectrum-UIIcon-ChevronUp75"
+        focusable="false"
+        aria-hidden="true"
+      >
+        <use xlink:href="#spectrum-css-icon-Chevron75" />
+      </svg>
+    </button>
+    <button
+      class="spectrum-ActionButton spectrum-ActionButton--sizeM spectrum-Stepper-stepDown"
+      tabindex="-1"
+      on:click={stepDown}
+    >
+      <svg
+        class="spectrum-Icon spectrum-UIIcon-ChevronDown75"
+        focusable="false"
+        aria-hidden="true"
+      >
+        <use xlink:href="#spectrum-css-icon-Chevron75" />
+      </svg>
+    </button>
+  </span>
+</div>
+
+<style>
+  .spectrum-Stepper {
+    width: 100%;
+  }
+  .spectrum-Stepper::before {
+    display: none;
+  }
+</style>
diff --git a/packages/bbui/src/Form/Core/index.js b/packages/bbui/src/Form/Core/index.js
index a31c5941ec..440c4a1b15 100644
--- a/packages/bbui/src/Form/Core/index.js
+++ b/packages/bbui/src/Form/Core/index.js
@@ -9,3 +9,4 @@ export { default as CoreSwitch } from "./Switch.svelte"
 export { default as CoreSearch } from "./Search.svelte"
 export { default as CoreDatePicker } from "./DatePicker.svelte"
 export { default as CoreDropzone } from "./Dropzone.svelte"
+export { default as CoreStepper } from "./Stepper.svelte"
diff --git a/packages/bbui/src/Form/Multiselect.svelte b/packages/bbui/src/Form/Multiselect.svelte
index 1bb0039914..957dcccddf 100644
--- a/packages/bbui/src/Form/Multiselect.svelte
+++ b/packages/bbui/src/Form/Multiselect.svelte
@@ -13,6 +13,7 @@
   export let options = []
   export let getOptionLabel = option => option
   export let getOptionValue = option => option
+  export let sort = false
 
   const dispatch = createEventDispatcher()
   const onChange = e => {
@@ -29,6 +30,7 @@
     {value}
     {options}
     {placeholder}
+    {sort}
     {getOptionLabel}
     {getOptionValue}
     on:change={onChange}
diff --git a/packages/bbui/src/Form/Select.svelte b/packages/bbui/src/Form/Select.svelte
index eecc719a9a..b6547c0a98 100644
--- a/packages/bbui/src/Form/Select.svelte
+++ b/packages/bbui/src/Form/Select.svelte
@@ -16,6 +16,7 @@
   export let getOptionIcon = option => option?.icon
   export let quiet = false
   export let autoWidth = false
+  export let sort = false
 
   const dispatch = createEventDispatcher()
   const onChange = e => {
@@ -41,6 +42,7 @@
     {options}
     {placeholder}
     {autoWidth}
+    {sort}
     {getOptionLabel}
     {getOptionValue}
     {getOptionIcon}
diff --git a/packages/bbui/src/Form/Stepper.svelte b/packages/bbui/src/Form/Stepper.svelte
new file mode 100644
index 0000000000..9eff2e368e
--- /dev/null
+++ b/packages/bbui/src/Form/Stepper.svelte
@@ -0,0 +1,45 @@
+<script>
+  import Field from "./Field.svelte"
+  import Stepper from "./Core/Stepper.svelte"
+  import { createEventDispatcher } from "svelte"
+
+  export let value = null
+  export let label = null
+  export let labelPosition = "above"
+  export let placeholder = null
+  export let disabled = false
+  export let readonly = false
+  export let error = null
+  export let updateOnChange = true
+  export let quiet = false
+  export let min = null
+  export let max = null
+  export let step = 1
+
+  const dispatch = createEventDispatcher()
+  const onChange = e => {
+    value = e.detail
+    dispatch("change", e.detail)
+  }
+</script>
+
+<Field {label} {labelPosition} {error}>
+  <Stepper
+    {updateOnChange}
+    {error}
+    {disabled}
+    {readonly}
+    {value}
+    {placeholder}
+    {quiet}
+    {min}
+    {max}
+    {step}
+    on:change={onChange}
+    on:click
+    on:input
+    on:blur
+    on:focus
+    on:keyup
+  />
+</Field>
diff --git a/packages/bbui/src/Layout/Layout.svelte b/packages/bbui/src/Layout/Layout.svelte
index 86fd844ca1..af60675582 100644
--- a/packages/bbui/src/Layout/Layout.svelte
+++ b/packages/bbui/src/Layout/Layout.svelte
@@ -48,6 +48,9 @@
     padding-top: var(--spacing-l);
     padding-bottom: var(--spacing-l);
   }
+  .gap-XXS {
+    grid-gap: var(--spacing-xs);
+  }
   .gap-XS {
     grid-gap: var(--spacing-s);
   }
diff --git a/packages/bbui/src/Menu/Item.svelte b/packages/bbui/src/Menu/Item.svelte
index b6ab8862df..a5609683a8 100644
--- a/packages/bbui/src/Menu/Item.svelte
+++ b/packages/bbui/src/Menu/Item.svelte
@@ -19,7 +19,7 @@
 
 <li
   data-cy={dataCy}
-  on:click|preventDefault={onClick}
+  on:click|preventDefault={disabled ? null : onClick}
   class="spectrum-Menu-item"
   class:is-disabled={disabled}
   role="menuitem"
diff --git a/packages/bbui/src/Modal/Modal.svelte b/packages/bbui/src/Modal/Modal.svelte
index c93467bc75..f805dec0ad 100644
--- a/packages/bbui/src/Modal/Modal.svelte
+++ b/packages/bbui/src/Modal/Modal.svelte
@@ -70,6 +70,7 @@
     >
       <div class="modal-wrapper" on:mousedown|self={cancel}>
         <div class="modal-inner-wrapper" on:mousedown|self={cancel}>
+          <slot name="outside" />
           <div
             use:focusFirstInput
             class="spectrum-Modal is-open"
@@ -93,6 +94,7 @@
     z-index: 999;
     overflow: auto;
     overflow-x: hidden;
+    background: rgba(0, 0, 0, 0.75);
   }
 
   .modal-wrapper {
@@ -112,6 +114,7 @@
     justify-content: center;
     align-items: flex-start;
     width: 0;
+    position: relative;
   }
 
   .spectrum-Modal {
@@ -122,6 +125,7 @@
     --spectrum-dialog-confirm-border-radius: var(
       --spectrum-global-dimension-size-100
     );
+    max-width: 100%;
   }
   :global(.spectrum--lightest .spectrum-Modal.inline) {
     border: var(--border-light);
diff --git a/packages/bbui/src/Modal/ModalContent.svelte b/packages/bbui/src/Modal/ModalContent.svelte
index e6d4ab5f0f..bba72e6093 100644
--- a/packages/bbui/src/Modal/ModalContent.svelte
+++ b/packages/bbui/src/Modal/ModalContent.svelte
@@ -15,6 +15,7 @@
   export let showCloseIcon = true
   export let onConfirm = undefined
   export let disabled = false
+  export let showDivider = true
 
   const { hide, cancel } = getContext(Context.Modal)
   let loading = false
@@ -41,11 +42,17 @@
   aria-modal="true"
 >
   <div class="spectrum-Dialog-grid">
-    <h1 class="spectrum-Dialog-heading spectrum-Dialog-heading--noHeader">
-      {title}
-    </h1>
-
-    <Divider size="M" />
+    {#if title}
+      <h1
+        class="spectrum-Dialog-heading spectrum-Dialog-heading--noHeader"
+        class:noDivider={!showDivider}
+      >
+        {title}
+      </h1>
+      {#if showDivider}
+        <Divider size="M" />
+      {/if}
+    {/if}
     <!-- TODO: Remove content-grid class once Layout components are in bbui -->
     <section class="spectrum-Dialog-content content-grid">
       <slot />
@@ -72,8 +79,8 @@
       </div>
     {/if}
     {#if showCloseIcon}
-      <div class="close-icon" on:click={hide}>
-        <Icon hoverable name="Close" />
+      <div class="close-icon">
+        <Icon hoverable name="Close" on:click={cancel} />
       </div>
     {/if}
   </div>
@@ -96,6 +103,9 @@
   .spectrum-Dialog-heading {
     font-family: var(--font-sans);
   }
+  .spectrum-Dialog-heading.noDivider {
+    margin-bottom: 12px;
+  }
 
   .spectrum-Dialog-buttonGroup {
     gap: var(--spectrum-global-dimension-static-size-200);
diff --git a/packages/bbui/src/Notification/Notification.svelte b/packages/bbui/src/Notification/Notification.svelte
new file mode 100644
index 0000000000..cebc859bda
--- /dev/null
+++ b/packages/bbui/src/Notification/Notification.svelte
@@ -0,0 +1,20 @@
+<script>
+  export let type = "info"
+  export let icon = "Info"
+  export let message = ""
+</script>
+
+<div class="spectrum-Toast spectrum-Toast--{type}">
+  {#if icon}
+    <svg
+      class="spectrum-Icon spectrum-Icon--sizeM spectrum-Toast-typeIcon"
+      focusable="false"
+      aria-hidden="true"
+    >
+      <use xlink:href="#spectrum-icon-18-{icon}" />
+    </svg>
+  {/if}
+  <div class="spectrum-Toast-body">
+    <div class="spectrum-Toast-content">{message || ""}</div>
+  </div>
+</div>
diff --git a/packages/bbui/src/Notification/NotificationDisplay.svelte b/packages/bbui/src/Notification/NotificationDisplay.svelte
index 89e7666cc7..9d96bf7e70 100644
--- a/packages/bbui/src/Notification/NotificationDisplay.svelte
+++ b/packages/bbui/src/Notification/NotificationDisplay.svelte
@@ -2,30 +2,16 @@
   import "@spectrum-css/toast/dist/index-vars.css"
   import Portal from "svelte-portal"
   import { flip } from "svelte/animate"
-  import { fly } from "svelte/transition"
   import { notifications } from "../Stores/notifications"
+  import Notification from "./Notification.svelte"
+  import { fly } from "svelte/transition"
 </script>
 
 <Portal target=".modal-container">
   <div class="notifications">
     {#each $notifications as { type, icon, message, id } (id)}
-      <div
-        animate:flip
-        transition:fly={{ y: -30 }}
-        class="spectrum-Toast spectrum-Toast--{type} notification-offset"
-      >
-        {#if icon}
-          <svg
-            class="spectrum-Icon spectrum-Icon--sizeM spectrum-Toast-typeIcon"
-            focusable="false"
-            aria-hidden="true"
-          >
-            <use xlink:href="#spectrum-icon-18-{icon}" />
-          </svg>
-        {/if}
-        <div class="spectrum-Toast-body">
-          <div class="spectrum-Toast-content">{message}</div>
-        </div>
+      <div animate:flip transition:fly={{ y: -30 }}>
+        <Notification {type} {icon} {message} />
       </div>
     {/each}
   </div>
@@ -34,7 +20,7 @@
 <style>
   .notifications {
     position: fixed;
-    top: 10px;
+    top: 20px;
     left: 0;
     right: 0;
     margin: 0 auto;
@@ -45,8 +31,6 @@
     justify-content: flex-start;
     align-items: center;
     pointer-events: none;
-  }
-  .notification-offset {
-    margin-bottom: 10px;
+    gap: 10px;
   }
 </style>
diff --git a/packages/bbui/src/Tabs/Tab.svelte b/packages/bbui/src/Tabs/Tab.svelte
index b0f59c76f0..3644280edf 100644
--- a/packages/bbui/src/Tabs/Tab.svelte
+++ b/packages/bbui/src/Tabs/Tab.svelte
@@ -30,6 +30,7 @@
   on:click={onClick}
   class:is-selected={$selected.title === title}
   class="spectrum-Tabs-item"
+  class:emphasized={$selected.title === title && $selected.emphasized}
   tabindex="0"
 >
   {#if icon}
@@ -49,3 +50,9 @@
     <slot />
   </Portal>
 {/if}
+
+<style>
+  .emphasized {
+    color: var(--spectrum-global-color-blue-600);
+  }
+</style>
diff --git a/packages/bbui/src/Tabs/Tabs.svelte b/packages/bbui/src/Tabs/Tabs.svelte
index 77a8526a15..2a4017e605 100644
--- a/packages/bbui/src/Tabs/Tabs.svelte
+++ b/packages/bbui/src/Tabs/Tabs.svelte
@@ -6,9 +6,11 @@
   export let selected
   export let vertical = false
   export let noPadding = false
+  export let quiet = false
+  export let emphasized = false
 
   let _id = id()
-  const tab = writable({ title: selected, id: _id })
+  const tab = writable({ title: selected, id: _id, emphasized })
   setContext("tab", tab)
 
   let container
@@ -56,7 +58,9 @@
 
 <div
   bind:this={container}
-  class="selected-border spectrum-Tabs spectrum-Tabs--{vertical
+  class:quiet
+  class="selected-border spectrum-Tabs {quiet &&
+    'spectrum-Tabs--quiet'} spectrum-Tabs--{vertical
     ? 'vertical'
     : 'horizontal'}"
 >
@@ -64,7 +68,8 @@
   {#if $tab.info}
     <div
       class="spectrum-Tabs-selectionIndicator indicator-transition"
-      style="width: {width}; height: {height}; left: {left}; top: {top};"
+      style="{emphasized &&
+        'background-color: var(--spectrum-global-color-blue-400)'}; width: {width}; height: {height}; left: {left}; top: {top};"
     />
   {/if}
 </div>
@@ -75,6 +80,10 @@
 />
 
 <style>
+  .quiet {
+    border-bottom: none !important;
+  }
+
   .spectrum-Tabs {
     padding-left: var(--spacing-xl);
     padding-right: var(--spacing-xl);
diff --git a/packages/bbui/src/index.js b/packages/bbui/src/index.js
index 4d045e504b..08ece6b93c 100644
--- a/packages/bbui/src/index.js
+++ b/packages/bbui/src/index.js
@@ -5,6 +5,7 @@ import "@spectrum-css/icon/dist/index-vars.css"
 
 // Components
 export { default as Input } from "./Form/Input.svelte"
+export { default as Stepper } from "./Form/Stepper.svelte"
 export { default as TextArea } from "./Form/TextArea.svelte"
 export { default as Select } from "./Form/Select.svelte"
 export { default as Combobox } from "./Form/Combobox.svelte"
@@ -38,6 +39,7 @@ export { default as MenuItem } from "./Menu/Item.svelte"
 export { default as Modal } from "./Modal/Modal.svelte"
 export { default as ModalContent } from "./Modal/ModalContent.svelte"
 export { default as NotificationDisplay } from "./Notification/NotificationDisplay.svelte"
+export { default as Notification } from "./Notification/Notification.svelte"
 export { default as SideNavigation } from "./SideNavigation/Navigation.svelte"
 export { default as SideNavigationItem } from "./SideNavigation/Item.svelte"
 export { default as DatePicker } from "./Form/DatePicker.svelte"
diff --git a/packages/bbui/yarn.lock b/packages/bbui/yarn.lock
index 91facea650..a3b20aa862 100644
--- a/packages/bbui/yarn.lock
+++ b/packages/bbui/yarn.lock
@@ -104,10 +104,10 @@
   resolved "https://registry.yarnpkg.com/@spectrum-css/dialog/-/dialog-3.0.2.tgz#ae4db17c9772d822c538474f66bf838cea02217f"
   integrity sha512-9aToA1fO5kE3ednoTKGKmaS8+X6noFJ4PvwZD1FgAZIA842PgHNW6e6hPw+MngZvqKqNcZsiuiJeRCq7TRkd4g==
 
-"@spectrum-css/divider@^1.0.1":
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/@spectrum-css/divider/-/divider-1.0.2.tgz#40a9d5fba56cbcc3dbad53408886d2d35159ce40"
-  integrity sha512-piNbNcJ4W3lsnhrhru3SBh1et6lfKKexGKSP3gRFFlbjTT1+/AZGeztqYvdBwE523b7A9xJFekl5Fc0VJ1Flow==
+"@spectrum-css/divider@^1.0.3":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/divider/-/divider-1.0.3.tgz#639e2ebaa0834efa40f42397668bbd5c153ea385"
+  integrity sha512-Zy4Rn40w8UtzMh3wx/U9+CepSCpm1aOCGftHgWDub0XZuVTzh0c1WwyzTuLCx2Hf21z5VRGNiDh8bGEEzSbtNA==
   dependencies:
     "@spectrum-css/vars" "^3.0.2"
 
@@ -206,6 +206,11 @@
   resolved "https://registry.yarnpkg.com/@spectrum-css/statuslight/-/statuslight-3.0.2.tgz#dc54b6cd113413dcdb909c486b5d7bae60db65c5"
   integrity sha512-xodB8g8vGJH20XmUj9ZsPlM1jHrGeRbvmVXkz0q7YvQrYAhim8pP3W+XKKZAletPFAuu8cmUOc6SWn6i4X4z6w==
 
+"@spectrum-css/stepper@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/stepper/-/stepper-3.0.3.tgz#ae89846886431e3edeee060207b8f81540f73a34"
+  integrity sha512-prAD61ImlOTs9b6PfB3cB08x4lAfxtvnW+RZiTYky0E8GgZdrc/MfCkL5/oqQaIQUtyQv/3Lb7ELAf/0K8QTXw==
+
 "@spectrum-css/switch@^1.0.2":
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/switch/-/switch-1.0.2.tgz#f0b4c69271964573e02b08e90998096e49e1de44"
diff --git a/packages/builder/cypress/integration/createScreen.js b/packages/builder/cypress/integration/createScreen.js
index 4e166daaec..26c7cdd846 100644
--- a/packages/builder/cypress/integration/createScreen.js
+++ b/packages/builder/cypress/integration/createScreen.js
@@ -7,5 +7,15 @@ context("Screen Tests", () => {
 
   it("Should successfully create a screen", () => {
     cy.createScreen("Test Screen", "/test")
+    cy.get(".nav-items-container").within(() => {
+      cy.contains("/test").should("exist")
+    })
+  })
+
+  it("Should update the url", () => {
+    cy.createScreen("Test Screen", "test with spaces")
+    cy.get(".nav-items-container").within(() => {
+      cy.contains("/test-with-spaces").should("exist")
+    })
   })
 })
diff --git a/packages/builder/cypress/support/commands.js b/packages/builder/cypress/support/commands.js
index d7452284a4..261b840577 100644
--- a/packages/builder/cypress/support/commands.js
+++ b/packages/builder/cypress/support/commands.js
@@ -160,7 +160,4 @@ Cypress.Commands.add("createScreen", (screenName, route) => {
     cy.get("input").eq(1).type(route)
     cy.get(".spectrum-Button--cta").click()
   })
-  cy.get(".nav-items-container").within(() => {
-    cy.contains(route).should("exist")
-  })
 })
diff --git a/packages/builder/package.json b/packages/builder/package.json
index fc2a50e8d8..3b397c681a 100644
--- a/packages/builder/package.json
+++ b/packages/builder/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/builder",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "license": "AGPL-3.0",
   "private": true,
   "scripts": {
@@ -65,10 +65,10 @@
     }
   },
   "dependencies": {
-    "@budibase/bbui": "^0.9.115",
-    "@budibase/client": "^0.9.115",
+    "@budibase/bbui": "^0.9.116-alpha.0",
+    "@budibase/client": "^0.9.116-alpha.0",
     "@budibase/colorpicker": "1.1.2",
-    "@budibase/string-templates": "^0.9.115",
+    "@budibase/string-templates": "^0.9.116-alpha.0",
     "@sentry/browser": "5.19.1",
     "@spectrum-css/page": "^3.0.1",
     "@spectrum-css/vars": "^3.0.1",
diff --git a/packages/builder/src/builderStore/dataBinding.js b/packages/builder/src/builderStore/dataBinding.js
index 6d7cad1cd0..00eaaf0249 100644
--- a/packages/builder/src/builderStore/dataBinding.js
+++ b/packages/builder/src/builderStore/dataBinding.js
@@ -17,7 +17,13 @@ export const getBindableProperties = (asset, componentId) => {
   const contextBindings = getContextBindings(asset, componentId)
   const userBindings = getUserBindings()
   const urlBindings = getUrlBindings(asset)
-  return [...contextBindings, ...userBindings, ...urlBindings]
+  const deviceBindings = getDeviceBindings()
+  return [
+    ...deviceBindings,
+    ...urlBindings,
+    ...contextBindings,
+    ...userBindings,
+  ]
 }
 
 /**
@@ -114,71 +120,79 @@ const getContextBindings = (asset, componentId) => {
   // Create bindings for each data provider
   dataProviders.forEach(component => {
     const def = store.actions.components.getDefinition(component._component)
-    const contextDefinition = def.context
-    let schema
-    let readablePrefix
+    const contexts = Array.isArray(def.context) ? def.context : [def.context]
 
-    if (contextDefinition.type === "form") {
-      // Forms do not need table schemas
-      // Their schemas are built from their component field names
-      schema = buildFormSchema(component)
-      readablePrefix = "Fields"
-    } else if (contextDefinition.type === "static") {
-      // Static contexts are fully defined by the components
-      schema = {}
-      const values = contextDefinition.values || []
-      values.forEach(value => {
-        schema[value.key] = { name: value.label, type: "string" }
-      })
-    } else if (contextDefinition.type === "schema") {
-      // Schema contexts are generated dynamically depending on their data
-      const datasource = getDatasourceForProvider(asset, component)
-      if (!datasource) {
+    // Create bindings for each context block provided by this data provider
+    contexts.forEach(context => {
+      if (!context?.type) {
         return
       }
-      const info = getSchemaForDatasource(asset, datasource)
-      schema = info.schema
-      readablePrefix = info.table?.name
-    }
-    if (!schema) {
-      return
-    }
 
-    const keys = Object.keys(schema).sort()
+      let schema
+      let readablePrefix
 
-    // Create bindable properties for each schema field
-    const safeComponentId = makePropSafe(component._id)
-    keys.forEach(key => {
-      const fieldSchema = schema[key]
-
-      // Make safe runtime binding and replace certain bindings with a
-      // new property to help display components
-      let runtimeBoundKey = key
-      if (fieldSchema.type === "link") {
-        runtimeBoundKey = `${key}_text`
-      } else if (fieldSchema.type === "attachment") {
-        runtimeBoundKey = `${key}_first`
+      if (context.type === "form") {
+        // Forms do not need table schemas
+        // Their schemas are built from their component field names
+        schema = buildFormSchema(component)
+        readablePrefix = "Fields"
+      } else if (context.type === "static") {
+        // Static contexts are fully defined by the components
+        schema = {}
+        const values = context.values || []
+        values.forEach(value => {
+          schema[value.key] = { name: value.label, type: "string" }
+        })
+      } else if (context.type === "schema") {
+        // Schema contexts are generated dynamically depending on their data
+        const datasource = getDatasourceForProvider(asset, component)
+        if (!datasource) {
+          return
+        }
+        const info = getSchemaForDatasource(asset, datasource)
+        schema = info.schema
+        readablePrefix = info.table?.name
       }
-      const runtimeBinding = `${safeComponentId}.${makePropSafe(
-        runtimeBoundKey
-      )}`
-
-      // Optionally use a prefix with readable bindings
-      let readableBinding = component._instanceName
-      if (readablePrefix) {
-        readableBinding += `.${readablePrefix}`
+      if (!schema) {
+        return
       }
-      readableBinding += `.${fieldSchema.name || key}`
 
-      // Create the binding object
-      bindings.push({
-        type: "context",
-        runtimeBinding,
-        readableBinding,
-        // Field schema and provider are required to construct relationship
-        // datasource options, based on bindable properties
-        fieldSchema,
-        providerId: component._id,
+      const keys = Object.keys(schema).sort()
+
+      // Create bindable properties for each schema field
+      const safeComponentId = makePropSafe(component._id)
+      keys.forEach(key => {
+        const fieldSchema = schema[key]
+
+        // Make safe runtime binding and replace certain bindings with a
+        // new property to help display components
+        let runtimeBoundKey = key
+        if (fieldSchema.type === "link") {
+          runtimeBoundKey = `${key}_text`
+        } else if (fieldSchema.type === "attachment") {
+          runtimeBoundKey = `${key}_first`
+        }
+        const runtimeBinding = `${safeComponentId}.${makePropSafe(
+          runtimeBoundKey
+        )}`
+
+        // Optionally use a prefix with readable bindings
+        let readableBinding = component._instanceName
+        if (readablePrefix) {
+          readableBinding += `.${readablePrefix}`
+        }
+        readableBinding += `.${fieldSchema.name || key}`
+
+        // Create the binding object
+        bindings.push({
+          type: "context",
+          runtimeBinding,
+          readableBinding,
+          // Field schema and provider are required to construct relationship
+          // datasource options, based on bindable properties
+          fieldSchema,
+          providerId: component._id,
+        })
       })
     })
   })
@@ -221,6 +235,27 @@ const getUserBindings = () => {
   return bindings
 }
 
+/**
+ * Gets all device bindings that are globally available.
+ */
+const getDeviceBindings = () => {
+  let bindings = []
+  if (get(store).clientFeatures?.deviceAwareness) {
+    const safeDevice = makePropSafe("device")
+    bindings.push({
+      type: "context",
+      runtimeBinding: `${safeDevice}.${makePropSafe("mobile")}`,
+      readableBinding: `Device.Mobile`,
+    })
+    bindings.push({
+      type: "context",
+      runtimeBinding: `${safeDevice}.${makePropSafe("tablet")}`,
+      readableBinding: `Device.Tablet`,
+    })
+  }
+  return bindings
+}
+
 /**
  * Gets all bindable properties from URL parameters.
  */
diff --git a/packages/builder/src/builderStore/store/frontend.js b/packages/builder/src/builderStore/store/frontend.js
index 3339ea07d6..192ade9e5d 100644
--- a/packages/builder/src/builderStore/store/frontend.js
+++ b/packages/builder/src/builderStore/store/frontend.js
@@ -20,7 +20,12 @@ import { fetchComponentLibDefinitions } from "../loadComponentLibraries"
 import api from "../api"
 import { FrontendTypes } from "constants"
 import analytics from "analytics"
-import { findComponentType, findComponentParent } from "../storeUtils"
+import {
+  findComponentType,
+  findComponentParent,
+  findClosestMatchingComponent,
+  findAllMatchingComponents,
+} from "../storeUtils"
 import { uuid } from "../uuid"
 import { removeBindings } from "../dataBinding"
 
@@ -35,6 +40,7 @@ const INITIAL_FRONTEND_STATE = {
   clientFeatures: {
     spectrumThemes: false,
     intelligentLoading: false,
+    deviceAwareness: false,
   },
   currentFrontEndType: "none",
   selectedScreenId: "",
@@ -333,6 +339,18 @@ export const getFrontendStore = () => {
         if (definition.hasChildren) {
           extras._children = []
         }
+        if (componentName.endsWith("/formstep")) {
+          const parentForm = findClosestMatchingComponent(
+            get(currentAsset).props,
+            get(selectedComponent)._id,
+            component => component._component.endsWith("/form")
+          )
+          const formSteps = findAllMatchingComponents(parentForm, component =>
+            component._component.endsWith("/formstep")
+          )
+          extras.step = formSteps.length + 1
+          extras._instanceName = `Step ${formSteps.length + 1}`
+        }
 
         return {
           _id: uuid(),
diff --git a/packages/builder/src/builderStore/store/screenTemplates/rowDetailScreen.js b/packages/builder/src/builderStore/store/screenTemplates/rowDetailScreen.js
index a1a1e17fd5..ec737fe36b 100644
--- a/packages/builder/src/builderStore/store/screenTemplates/rowDetailScreen.js
+++ b/packages/builder/src/builderStore/store/screenTemplates/rowDetailScreen.js
@@ -86,7 +86,7 @@ const createScreen = table => {
           valueType: "Binding",
         },
       ],
-      limit: table.type === "external" ? undefined : 1,
+      limit: 1,
       paginate: false,
     })
 
@@ -94,6 +94,7 @@ const createScreen = table => {
     .instanceName("Repeater")
     .customProps({
       dataProvider: `{{ literal ${makePropSafe(provider._json._id)} }}`,
+      noRowsMessage: "We couldn't find a row to display",
     })
 
   const form = makeMainForm()
diff --git a/packages/builder/src/builderStore/store/screenTemplates/utils/commonComponents.js b/packages/builder/src/builderStore/store/screenTemplates/utils/commonComponents.js
index aaf25f6d03..1a64a8958f 100644
--- a/packages/builder/src/builderStore/store/screenTemplates/utils/commonComponents.js
+++ b/packages/builder/src/builderStore/store/screenTemplates/utils/commonComponents.js
@@ -161,7 +161,11 @@ export function makeDatasourceFormComponents(datasource) {
           placeholder: field,
         })
       if (fieldType === "options") {
-        component.customProps({ placeholder: "Choose an option " })
+        component.customProps({
+          placeholder: "Choose an option",
+          optionsType: "select",
+          optionsSource: "schema",
+        })
       }
       if (fieldType === "link") {
         let placeholder =
diff --git a/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte b/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
index 06a0df1afa..3ba59f36a6 100644
--- a/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
+++ b/packages/builder/src/components/automation/SetupPanel/SetupPanel.svelte
@@ -60,7 +60,7 @@
     bind:block={$automationStore.selectedBlock}
     {webhookModal}
   />
-{:else if $automationStore.selectedAutomation}
+{:else if automation}
   <div class="block-label">{automation.name}</div>
   <Button secondary on:click={testAutomation}>Test Automation</Button>
 {/if}
diff --git a/packages/builder/src/components/backend/DataTable/RowFieldControl.svelte b/packages/builder/src/components/backend/DataTable/RowFieldControl.svelte
index 078dbf25b2..0724016679 100644
--- a/packages/builder/src/components/backend/DataTable/RowFieldControl.svelte
+++ b/packages/builder/src/components/backend/DataTable/RowFieldControl.svelte
@@ -19,6 +19,7 @@
     data-cy="{meta.name}-select"
     bind:value
     options={meta.constraints.inclusion}
+    sort
   />
 {:else if type === "datetime"}
   <DatePicker {label} bind:value />
diff --git a/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte b/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
index 7f02b3c215..35722481db 100644
--- a/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
+++ b/packages/builder/src/components/backend/DataTable/modals/CreateEditColumn.svelte
@@ -172,6 +172,11 @@
         alt: `Many ${table.name} rows → many ${linkTable.name} rows`,
         value: RelationshipTypes.MANY_TO_MANY,
       },
+      {
+        name: `One ${linkName} row → many ${thisName} rows`,
+        alt: `One ${linkTable.name} rows → many ${table.name} rows`,
+        value: RelationshipTypes.ONE_TO_MANY,
+      },
       {
         name: `One ${thisName} row → many ${linkName} rows`,
         alt: `One ${table.name} rows → many ${linkTable.name} rows`,
diff --git a/packages/builder/src/components/backend/DataTable/modals/CreateEditRow.svelte b/packages/builder/src/components/backend/DataTable/modals/CreateEditRow.svelte
index 06ab8fd4a9..ce52287c99 100644
--- a/packages/builder/src/components/backend/DataTable/modals/CreateEditRow.svelte
+++ b/packages/builder/src/components/backend/DataTable/modals/CreateEditRow.svelte
@@ -31,7 +31,12 @@
         .flat()
       // Prevent modal closing if there were errors
       return false
-    } else if (rowResponse.status === 400 || rowResponse.status === 500) {
+    } else if (rowResponse.status === 400 && rowResponse.validationErrors) {
+      errors = Object.keys(rowResponse.validationErrors).map(field => ({
+        message: `${field} ${rowResponse.validationErrors[field][0]}`,
+      }))
+      return false
+    } else if (rowResponse.status === 500) {
       errors = [{ message: rowResponse.message }]
       return false
     }
diff --git a/packages/builder/src/components/backend/DatasourceNavigator/modals/UpdateDatasourceModal.svelte b/packages/builder/src/components/backend/DatasourceNavigator/modals/UpdateDatasourceModal.svelte
new file mode 100644
index 0000000000..f93af59a38
--- /dev/null
+++ b/packages/builder/src/components/backend/DatasourceNavigator/modals/UpdateDatasourceModal.svelte
@@ -0,0 +1,59 @@
+<script>
+  import { datasources } from "stores/backend"
+  import { notifications } from "@budibase/bbui"
+  import { Input, ModalContent, Modal } from "@budibase/bbui"
+  import analytics from "analytics"
+
+  let error = ""
+  let modal
+  let name
+
+  export let datasource
+  export let onCancel = undefined
+
+  export const show = () => {
+    name = datasource?.name
+    modal.show()
+  }
+  export const hide = () => {
+    modal.hide()
+  }
+
+  function checkValid(evt) {
+    const datasourceName = evt.target.value
+    if ($datasources?.list.some(ds => ds.name === datasourceName)) {
+      error = `Datasource with name ${datasourceName} already exists. Please choose another name.`
+      return
+    }
+    error = ""
+  }
+
+  async function updateDatasource() {
+    const updatedDatasource = {
+      ...datasource,
+      name,
+    }
+    await datasources.save(updatedDatasource)
+    notifications.success(`Datasource ${name} updated successfully.`)
+    analytics.captureEvent("Datasource Updated", updatedDatasource)
+    hide()
+  }
+</script>
+
+<Modal bind:this={modal} on:hide={onCancel}>
+  <ModalContent
+    title="Edit Datasource"
+    size="L"
+    confirmText="Save"
+    onConfirm={updateDatasource}
+    disabled={error || !name || !datasource?.type}
+  >
+    <Input
+      data-cy="datasource-name-input"
+      label="Datasource Name"
+      on:input={checkValid}
+      bind:value={name}
+      {error}
+    />
+  </ModalContent>
+</Modal>
diff --git a/packages/builder/src/components/backend/DatasourceNavigator/popovers/EditDatasourcePopover.svelte b/packages/builder/src/components/backend/DatasourceNavigator/popovers/EditDatasourcePopover.svelte
index 71a85f38fb..d837535267 100644
--- a/packages/builder/src/components/backend/DatasourceNavigator/popovers/EditDatasourcePopover.svelte
+++ b/packages/builder/src/components/backend/DatasourceNavigator/popovers/EditDatasourcePopover.svelte
@@ -4,10 +4,12 @@
   import { notifications } from "@budibase/bbui"
   import { ActionMenu, MenuItem, Icon } from "@budibase/bbui"
   import ConfirmDialog from "components/common/ConfirmDialog.svelte"
+  import UpdateDatasourceModal from "components/backend/DatasourceNavigator/modals/UpdateDatasourceModal.svelte"
 
   export let datasource
 
   let confirmDeleteDialog
+  let updateDatasourceDialog
 
   async function deleteDatasource() {
     const wasSelectedSource = $datasources.selected
@@ -24,6 +26,7 @@
   <div slot="control" class="icon">
     <Icon size="S" hoverable name="MoreSmallList" />
   </div>
+  <MenuItem icon="Edit" on:click={updateDatasourceDialog.show}>Edit</MenuItem>
   <MenuItem icon="Delete" on:click={confirmDeleteDialog.show}>Delete</MenuItem>
 </ActionMenu>
 
@@ -37,6 +40,7 @@
   <i>{datasource.name}?</i>
   This action cannot be undone.
 </ConfirmDialog>
+<UpdateDatasourceModal {datasource} bind:this={updateDatasourceDialog} />
 
 <style>
   div.icon {
diff --git a/packages/builder/src/components/backend/TableNavigator/TableDataImport.svelte b/packages/builder/src/components/backend/TableNavigator/TableDataImport.svelte
index 8ce2ebe7f9..2bbbb471c2 100644
--- a/packages/builder/src/components/backend/TableNavigator/TableDataImport.svelte
+++ b/packages/builder/src/components/backend/TableNavigator/TableDataImport.svelte
@@ -153,6 +153,7 @@
       label="Display Column"
       bind:value={primaryDisplay}
       options={fields}
+      sort
     />
   </div>
 {/if}
diff --git a/packages/builder/src/components/common/LinkedRowSelector.svelte b/packages/builder/src/components/common/LinkedRowSelector.svelte
index 080f09809d..1f3dea137f 100644
--- a/packages/builder/src/components/common/LinkedRowSelector.svelte
+++ b/packages/builder/src/components/common/LinkedRowSelector.svelte
@@ -47,6 +47,7 @@
     getOptionValue={row => row._id}
     on:change={e => (linkedIds = e.detail ? [e.detail] : [])}
     {label}
+    sort
   />
 {:else}
   <Multiselect
@@ -55,5 +56,6 @@
     options={rows}
     getOptionLabel={getPrettyName}
     getOptionValue={row => row._id}
+    sort
   />
 {/if}
diff --git a/packages/builder/src/components/common/bindings/BindingPanel.svelte b/packages/builder/src/components/common/bindings/BindingPanel.svelte
index 6290bd2a3d..fdf708dc4e 100644
--- a/packages/builder/src/components/common/bindings/BindingPanel.svelte
+++ b/packages/builder/src/components/common/bindings/BindingPanel.svelte
@@ -38,7 +38,7 @@
       </section>
       {#if filteredColumns?.length}
         <section>
-          <div class="heading">Columns</div>
+          <div class="heading">Bindable Values</div>
           <ul>
             {#each filteredColumns as { readableBinding }}
               <li
diff --git a/packages/builder/src/components/design/AppPreview/ComponentSelectionList.svelte b/packages/builder/src/components/design/AppPreview/ComponentSelectionList.svelte
index d8881a8d96..9893b07404 100644
--- a/packages/builder/src/components/design/AppPreview/ComponentSelectionList.svelte
+++ b/packages/builder/src/components/design/AppPreview/ComponentSelectionList.svelte
@@ -46,7 +46,7 @@
     <ActionMenu disabled={!item.isCategory}>
       <ActionButton
         icon={item.icon}
-        disabled={isChildAllowed(item, $selectedComponent)}
+        disabled={!item.isCategory && isChildAllowed(item, $selectedComponent)}
         quiet
         size="S"
         slot="control"
@@ -66,6 +66,7 @@
             dataCy={`component-${item.name}`}
             icon={item.icon}
             on:click={() => onItemChosen(item)}
+            disabled={isChildAllowed(item, $selectedComponent)}
           >
             {item.name}
           </MenuItem>
diff --git a/packages/builder/src/components/design/AppPreview/CurrentItemPreview.svelte b/packages/builder/src/components/design/AppPreview/CurrentItemPreview.svelte
index 607061013d..38441d4323 100644
--- a/packages/builder/src/components/design/AppPreview/CurrentItemPreview.svelte
+++ b/packages/builder/src/components/design/AppPreview/CurrentItemPreview.svelte
@@ -58,7 +58,7 @@
   // By deleting all _rev properties we can avoid this and increase
   // performance.
   $: json = JSON.stringify(previewData)
-  $: strippedJson = json.replaceAll(/"_rev":\s*"[^"]+"/g, `"_rev":""`)
+  $: strippedJson = json.replace(/"_rev":\s*"[^"]+"/g, `"_rev":""`)
 
   // Update the iframe with the builder info to render the correct preview
   const refreshContent = message => {
diff --git a/packages/builder/src/components/design/AppPreview/componentStructure.json b/packages/builder/src/components/design/AppPreview/componentStructure.json
index 81962cd849..cea20a7dcf 100644
--- a/packages/builder/src/components/design/AppPreview/componentStructure.json
+++ b/packages/builder/src/components/design/AppPreview/componentStructure.json
@@ -10,6 +10,7 @@
     "icon": "Form",
     "children": [
       "form",
+      "formstep",
       "fieldgroup",
       "stringfield",
       "numberfield",
@@ -49,6 +50,7 @@
     "children": [
       "heading",
       "text",
+      "divider",
       "image",
       "backgroundimage",
       "link",
diff --git a/packages/builder/src/components/design/NavigationPanel/NewScreenModal.svelte b/packages/builder/src/components/design/NavigationPanel/NewScreenModal.svelte
index a4c057abba..ed0c764956 100644
--- a/packages/builder/src/components/design/NavigationPanel/NewScreenModal.svelte
+++ b/packages/builder/src/components/design/NavigationPanel/NewScreenModal.svelte
@@ -84,6 +84,7 @@
     if (!event.detail.startsWith("/")) {
       route = "/" + event.detail
     }
+    route = route.replace(/ +/g, "-")
   }
 </script>
 
diff --git a/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte b/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
index 972a2bb7fe..f047e9316b 100644
--- a/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/ComponentSettingsSection.svelte
@@ -32,9 +32,29 @@
     if (!control) {
       return false
     }
-    if (setting.dependsOn && isEmpty(componentInstance[setting.dependsOn])) {
-      return false
+
+    // Parse dependant settings
+    if (setting.dependsOn) {
+      let dependantSetting = setting.dependsOn
+      let dependantValue = null
+      if (typeof setting.dependsOn === "object") {
+        dependantSetting = setting.dependsOn.setting
+        dependantValue = setting.dependsOn.value
+      }
+      if (!dependantSetting) {
+        return false
+      }
+
+      // If no specific value is depended upon, check if a value exists at all
+      // for the dependent setting
+      if (dependantValue == null) {
+        return !isEmpty(componentInstance[dependantSetting])
+      }
+
+      // Otherwise check the value matches
+      return componentInstance[dependantSetting] === dependantValue
     }
+
     return true
   }
 </script>
@@ -51,7 +71,7 @@
     />
   {/if}
   {#if settings && settings.length > 0}
-    {#each settings as setting}
+    {#each settings as setting (setting.key)}
       {#if canRenderControl(setting)}
         <PropertyControl
           type={setting.type}
@@ -63,10 +83,13 @@
           {componentInstance}
           onChange={val => updateProp(setting.key, val)}
           props={{
-            options: setting.options,
-            placeholder: setting.placeholder,
+            options: setting.options || [],
+            placeholder: setting.placeholder || null,
+            min: setting.min || null,
+            max: setting.max || null,
           }}
           {bindings}
+          {componentDefinition}
         />
       {/if}
     {/each}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/AttachmentFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/AttachmentFieldSelect.svelte
deleted file mode 100644
index 44557157ba..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/AttachmentFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="attachment" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/BooleanFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/BooleanFieldSelect.svelte
deleted file mode 100644
index 131a375b22..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/BooleanFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="boolean" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
index 006039edda..638fd44de6 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ConditionalUIDrawer.svelte
@@ -282,12 +282,12 @@
     gap: var(--spacing-l);
     display: grid;
     align-items: center;
-    grid-template-columns: auto 1fr auto 1fr 1fr 1fr 1fr auto auto;
+    grid-template-columns: auto 160px auto 1fr 130px 130px 1fr auto auto;
     border-radius: var(--border-radius-s);
     transition: background-color ease-in-out 130ms;
   }
   .condition.update {
-    grid-template-columns: auto 1fr 1fr auto 1fr auto 1fr 1fr 1fr 1fr auto;
+    grid-template-columns: auto 160px 1fr auto 1fr auto 1fr 130px 130px 1fr auto auto;
   }
   .condition:hover {
     background-color: var(--spectrum-global-color-gray-100);
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DateTimeFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DateTimeFieldSelect.svelte
deleted file mode 100644
index c3b9b052c4..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/DateTimeFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="datetime" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
index 2e2a318610..4ff746a034 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/EventEditor.svelte
@@ -33,7 +33,7 @@
 
   $: selectedActionComponent =
     selectedAction &&
-    actionTypes.find(t => t.name === selectedAction[EVENT_TYPE_KEY]).component
+    actionTypes.find(t => t.name === selectedAction[EVENT_TYPE_KEY])?.component
 
   // Select the first action if we delete an action
   $: {
@@ -116,7 +116,7 @@
     </ActionMenu>
   </Layout>
   <Layout noPadding>
-    {#if selectedAction}
+    {#if selectedActionComponent}
       <div class="selected-action-container">
         <svelte:component
           this={selectedActionComponent}
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ChangeFormStep.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ChangeFormStep.svelte
new file mode 100644
index 0000000000..ca2df71c6d
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ChangeFormStep.svelte
@@ -0,0 +1,68 @@
+<script>
+  import { Select, Label, Stepper } from "@budibase/bbui"
+  import { currentAsset, store } from "builderStore"
+  import { getActionProviderComponents } from "builderStore/dataBinding"
+  import { onMount } from "svelte"
+
+  export let parameters
+
+  $: actionProviders = getActionProviderComponents(
+    $currentAsset,
+    $store.selectedComponentId,
+    "ChangeFormStep"
+  )
+
+  const typeOptions = [
+    {
+      label: "Next step",
+      value: "next",
+    },
+    {
+      label: "Previous step",
+      value: "prev",
+    },
+    {
+      label: "First step",
+      value: "first",
+    },
+    {
+      label: "Specific step",
+      value: "specific",
+    },
+  ]
+
+  onMount(() => {
+    if (!parameters.type) {
+      parameters.type = "next"
+    }
+  })
+</script>
+
+<div class="root">
+  <Label small>Form</Label>
+  <Select
+    placeholder={null}
+    bind:value={parameters.componentId}
+    options={actionProviders}
+    getOptionLabel={x => x._instanceName}
+    getOptionValue={x => x._id}
+  />
+  <Label small>Step</Label>
+  <Select bind:value={parameters.type} options={typeOptions} />
+  {#if parameters.type === "specific"}
+    <Label small>Number</Label>
+    <Stepper bind:value={parameters.number} />
+  {/if}
+</div>
+
+<style>
+  .root {
+    display: grid;
+    column-gap: var(--spacing-l);
+    row-gap: var(--spacing-s);
+    grid-template-columns: 60px 1fr;
+    align-items: center;
+    max-width: 400px;
+    margin: 0 auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte
index 74eae6283c..b3bf7ebf7c 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ClearForm.svelte
@@ -29,7 +29,7 @@
     row-gap: var(--spacing-s);
     grid-template-columns: 60px 1fr;
     align-items: center;
-    max-width: 800px;
+    max-width: 400px;
     margin: 0 auto;
   }
 </style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte
new file mode 100644
index 0000000000..873c9ccf65
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/CloseScreenModal.svelte
@@ -0,0 +1,16 @@
+<script>
+  import { Body } from "@budibase/bbui"
+</script>
+
+<div class="root">
+  <Body size="S">This action doesn't require any additional settings.</Body>
+  <Body size="S">
+    This action won't do anything if there isn't a screen modal open.
+  </Body>
+</div>
+
+<style>
+  .root {
+    margin: 0 auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/LogOut.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/LogOut.svelte
index 8782127243..3434d63480 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/LogOut.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/LogOut.svelte
@@ -8,7 +8,6 @@
 
 <style>
   .root {
-    max-width: 800px;
     margin: 0 auto;
   }
 </style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
index d5ce80a236..d90b645315 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/NavigateTo.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { Label } from "@budibase/bbui"
+  import { Label, Checkbox } from "@budibase/bbui"
   import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
 
   export let parameters
@@ -15,19 +15,17 @@
     on:change={value => (parameters.url = value.detail)}
     {bindings}
   />
+  <div />
+  <Checkbox text="Open screen in modal" bind:value={parameters.peek} />
 </div>
 
 <style>
   .root {
-    display: flex;
-    flex-direction: row;
-    align-items: baseline;
-    max-width: 800px;
+    display: grid;
+    align-items: center;
+    gap: var(--spacing-m);
+    grid-template-columns: auto 1fr;
+    max-width: 400px;
     margin: 0 auto;
   }
-
-  .root :global(> div) {
-    flex: 1;
-    margin-left: var(--spacing-l);
-  }
 </style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ValidateForm.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ValidateForm.svelte
index 462597f265..e572dc6c1c 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ValidateForm.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/ValidateForm.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { Select, Label } from "@budibase/bbui"
+  import { Select, Label, Checkbox } from "@budibase/bbui"
   import { currentAsset, store } from "builderStore"
   import { getActionProviderComponents } from "builderStore/dataBinding"
 
@@ -20,6 +20,11 @@
     getOptionLabel={x => x._instanceName}
     getOptionValue={x => x._id}
   />
+  <div />
+  <Checkbox
+    text="Validate only current step"
+    bind:value={parameters.onlyCurrentStep}
+  />
 </div>
 
 <style>
@@ -29,7 +34,7 @@
     row-gap: var(--spacing-s);
     grid-template-columns: 60px 1fr;
     align-items: center;
-    max-width: 800px;
+    max-width: 400px;
     margin: 0 auto;
   }
 </style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
index bfbf97701b..9cf2461b77 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/index.js
@@ -6,6 +6,8 @@ import TriggerAutomation from "./TriggerAutomation.svelte"
 import ValidateForm from "./ValidateForm.svelte"
 import LogOut from "./LogOut.svelte"
 import ClearForm from "./ClearForm.svelte"
+import CloseScreenModal from "./CloseScreenModal.svelte"
+import ChangeFormStep from "./ChangeFormStep.svelte"
 
 // Defines which actions are available to configure in the front end.
 // Unfortunately the "name" property is used as the identifier so please don't
@@ -47,4 +49,12 @@ export default [
     name: "Clear Form",
     component: ClearForm,
   },
+  {
+    name: "Close Screen Modal",
+    component: CloseScreenModal,
+  },
+  {
+    name: "Change Form Step",
+    component: ChangeFormStep,
+  },
 ]
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte
new file mode 100644
index 0000000000..d41d28e4e3
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte
@@ -0,0 +1,182 @@
+<script>
+  import {
+    DatePicker,
+    Icon,
+    Button,
+    Select,
+    Combobox,
+    Input,
+    DrawerContent,
+    Layout,
+    Body,
+  } from "@budibase/bbui"
+  import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
+  import { generate } from "shortid"
+  import { OperatorOptions, getValidOperatorsForType } from "helpers/lucene"
+
+  export let schemaFields
+  export let filters = []
+  export let bindings = []
+
+  const BannedTypes = ["link", "attachment", "formula"]
+
+  $: fieldOptions = (schemaFields ?? [])
+    .filter(field => !BannedTypes.includes(field.type))
+    .map(field => field.name)
+
+  const addFilter = () => {
+    filters = [
+      ...filters,
+      {
+        id: generate(),
+        field: null,
+        operator: OperatorOptions.Equals.value,
+        value: null,
+        valueType: "Value",
+      },
+    ]
+  }
+
+  const removeFilter = id => {
+    filters = filters.filter(field => field.id !== id)
+  }
+
+  const duplicateFilter = id => {
+    const existingFilter = filters.find(filter => filter.id === id)
+    const duplicate = { ...existingFilter, id: generate() }
+    filters = [...filters, duplicate]
+  }
+
+  const onFieldChange = (expression, field) => {
+    // Update the field type
+    expression.type = schemaFields.find(x => x.name === field)?.type
+
+    // Ensure a valid operator is set
+    const validOperators = getValidOperatorsForType(expression.type).map(
+      x => x.value
+    )
+    if (!validOperators.includes(expression.operator)) {
+      expression.operator = validOperators[0] ?? OperatorOptions.Equals.value
+      onOperatorChange(expression, expression.operator)
+    }
+  }
+
+  const onOperatorChange = (expression, operator) => {
+    const noValueOptions = [
+      OperatorOptions.Empty.value,
+      OperatorOptions.NotEmpty.value,
+    ]
+    expression.noValue = noValueOptions.includes(operator)
+    if (expression.noValue) {
+      expression.value = null
+    }
+  }
+
+  const getFieldOptions = field => {
+    const schema = schemaFields.find(x => x.name === field)
+    return schema?.constraints?.inclusion || []
+  }
+</script>
+
+<DrawerContent>
+  <div class="container">
+    <Layout noPadding>
+      <Body size="S">
+        {#if !filters?.length}
+          Add your first filter column.
+        {:else}
+          Results are filtered to only those which match all of the following
+          constraints.
+        {/if}
+      </Body>
+      {#if filters?.length}
+        <div class="fields">
+          {#each filters as filter, idx}
+            <Select
+              bind:value={filter.field}
+              options={fieldOptions}
+              on:change={e => onFieldChange(filter, e.detail)}
+              placeholder="Column"
+            />
+            <Select
+              disabled={!filter.field}
+              options={getValidOperatorsForType(filter.type)}
+              bind:value={filter.operator}
+              on:change={e => onOperatorChange(filter, e.detail)}
+              placeholder={null}
+            />
+            <Select
+              disabled={filter.noValue || !filter.field}
+              options={["Value", "Binding"]}
+              bind:value={filter.valueType}
+              placeholder={null}
+            />
+            {#if filter.valueType === "Binding"}
+              <DrawerBindableInput
+                disabled={filter.noValue}
+                title={`Value for "${filter.field}"`}
+                value={filter.value}
+                placeholder="Value"
+                {bindings}
+                on:change={event => (filter.value = event.detail)}
+              />
+            {:else if ["string", "longform", "number"].includes(filter.type)}
+              <Input disabled={filter.noValue} bind:value={filter.value} />
+            {:else if filter.type === "options"}
+              <Combobox
+                disabled={filter.noValue}
+                options={getFieldOptions(filter.field)}
+                bind:value={filter.value}
+              />
+            {:else if filter.type === "boolean"}
+              <Combobox
+                disabled={filter.noValue}
+                options={[
+                  { label: "True", value: "true" },
+                  { label: "False", value: "false" },
+                ]}
+                bind:value={filter.value}
+              />
+            {:else if filter.type === "datetime"}
+              <DatePicker disabled={filter.noValue} bind:value={filter.value} />
+            {:else}
+              <DrawerBindableInput disabled />
+            {/if}
+            <Icon
+              name="Duplicate"
+              hoverable
+              size="S"
+              on:click={() => duplicateFilter(filter.id)}
+            />
+            <Icon
+              name="Close"
+              hoverable
+              size="S"
+              on:click={() => removeFilter(filter.id)}
+            />
+          {/each}
+        </div>
+      {/if}
+      <div>
+        <Button icon="AddCircle" size="M" secondary on:click={addFilter}>
+          Add filter
+        </Button>
+      </div>
+    </Layout>
+  </div>
+</DrawerContent>
+
+<style>
+  .container {
+    width: 100%;
+    max-width: 1000px;
+    margin: 0 auto;
+  }
+  .fields {
+    display: grid;
+    column-gap: var(--spacing-l);
+    row-gap: var(--spacing-s);
+    align-items: center;
+    grid-template-columns: 1fr 120px 120px 1fr auto auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
index adcf7ec29b..58b767353b 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterEditor.svelte
@@ -1,19 +1,11 @@
 <script>
-  import {
-    notifications,
-    ActionButton,
-    Button,
-    Drawer,
-    Body,
-    DrawerContent,
-    Layout,
-  } from "@budibase/bbui"
+  import { notifications, ActionButton, Button, Drawer } from "@budibase/bbui"
   import { createEventDispatcher } from "svelte"
   import {
     getDatasourceForProvider,
     getSchemaForDatasource,
   } from "builderStore/dataBinding"
-  import LuceneFilterBuilder from "./LuceneFilterBuilder.svelte"
+  import FilterDrawer from "./FilterDrawer.svelte"
   import { currentAsset } from "builderStore"
 
   const dispatch = createEventDispatcher()
@@ -25,9 +17,6 @@
   let drawer
   let tempValue = value || []
 
-  $: numFilters = Array.isArray(tempValue)
-    ? tempValue.length
-    : Object.keys(tempValue || {}).length
   $: dataSource = getDatasourceForProvider($currentAsset, componentInstance)
   $: schema = getSchemaForDatasource($currentAsset, dataSource)?.schema
   $: schemaFields = Object.values(schema || {})
@@ -43,17 +32,10 @@
 <ActionButton on:click={drawer.show}>Define filters</ActionButton>
 <Drawer bind:this={drawer} title="Filtering">
   <Button cta slot="buttons" on:click={saveFilter}>Save</Button>
-  <DrawerContent slot="body">
-    <Layout noPadding>
-      <Body size="S">
-        {#if !numFilters}
-          Add your first filter column.
-        {:else}
-          Results are filtered to only those which match all of the following
-          constraints.
-        {/if}
-      </Body>
-      <LuceneFilterBuilder bind:value={tempValue} {schemaFields} {bindings} />
-    </Layout>
-  </DrawerContent>
+  <FilterDrawer
+    slot="body"
+    bind:filters={tempValue}
+    {bindings}
+    {schemaFields}
+  />
 </Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte
deleted file mode 100644
index be46169f57..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/LuceneFilterBuilder.svelte
+++ /dev/null
@@ -1,151 +0,0 @@
-<script>
-  import {
-    DatePicker,
-    ActionButton,
-    Button,
-    Select,
-    Combobox,
-    Input,
-  } from "@budibase/bbui"
-  import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
-  import { generate } from "shortid"
-  import { OperatorOptions, getValidOperatorsForType } from "helpers/lucene"
-
-  export let schemaFields
-  export let value
-  export let bindings = []
-
-  const BannedTypes = ["link", "attachment"]
-  $: fieldOptions = (schemaFields ?? [])
-    .filter(field => !BannedTypes.includes(field.type))
-    .map(field => field.name)
-
-  const addField = () => {
-    value = [
-      ...value,
-      {
-        id: generate(),
-        field: null,
-        operator: OperatorOptions.Equals.value,
-        value: null,
-        valueType: "Value",
-      },
-    ]
-  }
-
-  const removeField = id => {
-    value = value.filter(field => field.id !== id)
-  }
-
-  const onFieldChange = (expression, field) => {
-    // Update the field type
-    expression.type = schemaFields.find(x => x.name === field)?.type
-
-    // Ensure a valid operator is set
-    const validOperators = getValidOperatorsForType(expression.type).map(
-      x => x.value
-    )
-    if (!validOperators.includes(expression.operator)) {
-      expression.operator = validOperators[0] ?? OperatorOptions.Equals.value
-      onOperatorChange(expression, expression.operator)
-    }
-  }
-
-  const onOperatorChange = (expression, operator) => {
-    const noValueOptions = [
-      OperatorOptions.Empty.value,
-      OperatorOptions.NotEmpty.value,
-    ]
-    expression.noValue = noValueOptions.includes(operator)
-    if (expression.noValue) {
-      expression.value = null
-    }
-  }
-
-  const getFieldOptions = field => {
-    const schema = schemaFields.find(x => x.name === field)
-    return schema?.constraints?.inclusion || []
-  }
-</script>
-
-{#if value?.length}
-  <div class="fields">
-    {#each value as expression, idx}
-      <Select
-        bind:value={expression.field}
-        options={fieldOptions}
-        on:change={e => onFieldChange(expression, e.detail)}
-        placeholder="Column"
-      />
-      <Select
-        disabled={!expression.field}
-        options={getValidOperatorsForType(expression.type)}
-        bind:value={expression.operator}
-        on:change={e => onOperatorChange(expression, e.detail)}
-        placeholder={null}
-      />
-      <Select
-        disabled={expression.noValue || !expression.field}
-        options={["Value", "Binding"]}
-        bind:value={expression.valueType}
-        placeholder={null}
-      />
-      {#if expression.valueType === "Binding"}
-        <DrawerBindableInput
-          disabled={expression.noValue}
-          title={`Value for "${expression.field}"`}
-          value={expression.value}
-          placeholder="Value"
-          {bindings}
-          on:change={event => (expression.value = event.detail)}
-        />
-      {:else if ["string", "longform", "number"].includes(expression.type)}
-        <Input disabled={expression.noValue} bind:value={expression.value} />
-      {:else if expression.type === "options"}
-        <Combobox
-          disabled={expression.noValue}
-          options={getFieldOptions(expression.field)}
-          bind:value={expression.value}
-        />
-      {:else if expression.type === "boolean"}
-        <Combobox
-          disabled={expression.noValue}
-          options={[
-            { label: "True", value: "true" },
-            { label: "False", value: "false" },
-          ]}
-          bind:value={expression.value}
-        />
-      {:else if expression.type === "datetime"}
-        <DatePicker
-          disabled={expression.noValue}
-          bind:value={expression.value}
-        />
-      {:else}
-        <DrawerBindableInput disabled />
-      {/if}
-
-      <ActionButton
-        size="S"
-        quiet
-        icon="Close"
-        on:click={() => removeField(expression.id)}
-      />
-    {/each}
-  </div>
-{/if}
-<div>
-  <Button icon="AddCircle" size="M" secondary on:click={addField}>
-    Add expression
-  </Button>
-</div>
-
-<style>
-  .fields {
-    display: grid;
-    column-gap: var(--spacing-l);
-    row-gap: var(--spacing-s);
-    align-items: center;
-    grid-template-columns: 1fr 120px 120px 1fr auto;
-  }
-</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FormFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FormFieldSelect.svelte
index 0926561640..f8e4b18fe4 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FormFieldSelect.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FormFieldSelect.svelte
@@ -23,6 +23,7 @@
   const getOptions = (schema, fieldType) => {
     let entries = Object.entries(schema ?? {})
     if (fieldType) {
+      fieldType = fieldType.split("/")[1]
       entries = entries.filter(entry => entry[1].type === fieldType)
     }
     return entries.map(entry => entry[0])
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/LongFormFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/LongFormFieldSelect.svelte
deleted file mode 100644
index 65dd54d53a..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/LongFormFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="longform" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/NumberFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/NumberFieldSelect.svelte
deleted file mode 100644
index 2006aca0bb..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/NumberFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="number" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsDrawer.svelte
new file mode 100644
index 0000000000..340c1eb107
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsDrawer.svelte
@@ -0,0 +1,82 @@
+<script>
+  import {
+    Icon,
+    Button,
+    Input,
+    DrawerContent,
+    Layout,
+    Body,
+  } from "@budibase/bbui"
+  import { generate } from "shortid"
+
+  export let options = []
+
+  const removeOption = id => {
+    options = options.filter(option => option.id !== id)
+  }
+
+  const addOption = () => {
+    options = [
+      ...options,
+      {
+        id: generate(),
+        label: null,
+        value: null,
+      },
+    ]
+  }
+</script>
+
+<DrawerContent>
+  <div class="container">
+    <Layout noPadding gap="S">
+      {#if !options.length}
+        <Body size="S">Add an option to get started.</Body>
+      {/if}
+      {#if options?.length}
+        <div class="options">
+          {#each options as option (option.id)}
+            <Input
+              placeholder="Label"
+              bind:value={option.label}
+              label="Label"
+              labelPosition="left"
+            />
+            <Input
+              placeholder="Value"
+              bind:value={option.value}
+              label="Value"
+              labelPosition="left"
+            />
+            <Icon
+              name="Close"
+              hoverable
+              size="S"
+              on:click={() => removeOption(option.id)}
+            />
+          {/each}
+        </div>
+      {/if}
+      <div>
+        <Button icon="AddCircle" size="M" on:click={addOption} secondary>
+          Add Option
+        </Button>
+      </div>
+    </Layout>
+  </div>
+</DrawerContent>
+
+<style>
+  .container {
+    width: 100%;
+    max-width: 800px;
+    margin: 0 auto;
+  }
+  .options {
+    display: grid;
+    column-gap: var(--spacing-l);
+    row-gap: var(--spacing-s);
+    align-items: center;
+    grid-template-columns: 1fr 1fr auto;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsEditor.svelte
new file mode 100644
index 0000000000..4d74ea9940
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsEditor/OptionsEditor.svelte
@@ -0,0 +1,28 @@
+<script>
+  import { ActionButton, Button, Drawer } from "@budibase/bbui"
+  import { createEventDispatcher } from "svelte"
+  import OptionsDrawer from "./OptionsDrawer.svelte"
+
+  const dispatch = createEventDispatcher()
+
+  export let value
+
+  let drawer
+  let tempValue = value || []
+
+  const saveFilter = async () => {
+    // Filter out incomplete options
+    tempValue = tempValue.filter(option => option.value && option.label)
+    dispatch("change", tempValue)
+    drawer.hide()
+  }
+</script>
+
+<ActionButton on:click={drawer.show}>Define Options</ActionButton>
+<Drawer bind:this={drawer} title="Options">
+  <svelte:fragment slot="description">
+    Define the options for this picker.
+  </svelte:fragment>
+  <Button cta slot="buttons" on:click={saveFilter}>Save</Button>
+  <OptionsDrawer bind:options={tempValue} slot="body" />
+</Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsFieldSelect.svelte
deleted file mode 100644
index a01b837797..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/OptionsFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="options" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/RelationshipFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/RelationshipFieldSelect.svelte
deleted file mode 100644
index 5cdb25a112..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/RelationshipFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="link" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/StringFieldSelect.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/StringFieldSelect.svelte
deleted file mode 100644
index 62765676e3..0000000000
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/StringFieldSelect.svelte
+++ /dev/null
@@ -1,5 +0,0 @@
-<script>
-  import FormFieldSelect from "./FormFieldSelect.svelte"
-</script>
-
-<FormFieldSelect {...$$props} on:change type="string" />
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationDrawer.svelte
new file mode 100644
index 0000000000..b4da2e8e6e
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationDrawer.svelte
@@ -0,0 +1,363 @@
+<script>
+  import {
+    Button,
+    Icon,
+    DrawerContent,
+    Layout,
+    Select,
+    Heading,
+    Body,
+    Input,
+    DatePicker,
+  } from "@budibase/bbui"
+  import { currentAsset, selectedComponent } from "builderStore"
+  import { findClosestMatchingComponent } from "builderStore/storeUtils"
+  import { getSchemaForDatasource } from "builderStore/dataBinding"
+  import DrawerBindableInput from "components/common/bindings/DrawerBindableInput.svelte"
+  import { generate } from "shortid"
+
+  export let rules = []
+  export let bindings = []
+  export let type
+
+  const Constraints = {
+    Required: {
+      label: "Required",
+      value: "required",
+    },
+    MinLength: {
+      label: "Min length",
+      value: "minLength",
+    },
+    MaxLength: {
+      label: "Max length",
+      value: "maxLength",
+    },
+    MaxValue: {
+      label: "Max value",
+      value: "maxValue",
+    },
+    MinValue: {
+      label: "Min value",
+      value: "minValue",
+    },
+    Equal: {
+      label: "Must equal",
+      value: "equal",
+    },
+    NotEqual: {
+      label: "Must not equal",
+      value: "notEqual",
+    },
+    Regex: {
+      label: "Must match regex",
+      value: "regex",
+    },
+    NotRegex: {
+      label: "Must not match regex",
+      value: "notRegex",
+    },
+    Contains: {
+      label: "Must contain row ID",
+      value: "contains",
+    },
+    NotContains: {
+      label: "Must not contain row ID",
+      value: "notContains",
+    },
+  }
+  const ConstraintMap = {
+    ["string"]: [
+      Constraints.Required,
+      Constraints.MaxLength,
+      Constraints.Equal,
+      Constraints.NotEqual,
+      Constraints.Regex,
+      Constraints.NotRegex,
+    ],
+    ["number"]: [
+      Constraints.Required,
+      Constraints.MaxValue,
+      Constraints.MinValue,
+      Constraints.Equal,
+      Constraints.NotEqual,
+    ],
+    ["boolean"]: [
+      Constraints.Required,
+      Constraints.Equal,
+      Constraints.NotEqual,
+    ],
+    ["datetime"]: [
+      Constraints.Required,
+      Constraints.MaxValue,
+      Constraints.MinValue,
+      Constraints.Equal,
+      Constraints.NotEqual,
+    ],
+    ["attachment"]: [Constraints.Required],
+    ["link"]: [
+      Constraints.Required,
+      Constraints.Contains,
+      Constraints.NotContains,
+      Constraints.MinLength,
+      Constraints.MaxLength,
+    ],
+  }
+
+  $: dataSourceSchema = getDataSourceSchema($currentAsset, $selectedComponent)
+  $: field = $selectedComponent?.field
+  $: schemaRules = parseRulesFromSchema(field, dataSourceSchema || {})
+  $: fieldType = type?.split("/")[1] || "string"
+  $: constraintOptions = getConstraintsForType(fieldType)
+
+  const getConstraintsForType = type => {
+    return ConstraintMap[type]
+  }
+
+  const getDataSourceSchema = (asset, component) => {
+    if (!asset || !component) {
+      return null
+    }
+    const formParent = findClosestMatchingComponent(
+      asset.props,
+      component._id,
+      component => component._component.endsWith("/form")
+    )
+    return getSchemaForDatasource(asset, formParent?.dataSource)
+  }
+
+  const parseRulesFromSchema = (field, dataSourceSchema) => {
+    if (!field || !dataSourceSchema) {
+      return []
+    }
+    const fieldSchema = dataSourceSchema.schema?.[field]
+    const constraints = fieldSchema?.constraints
+    if (!constraints) {
+      return []
+    }
+    let rules = []
+
+    // Required constraint
+    if (
+      field === dataSourceSchema?.table?.primaryDisplay ||
+      constraints.presence?.allowEmpty === false
+    ) {
+      rules.push({
+        constraint: "required",
+        error: "Required field",
+      })
+    }
+
+    // String length constraint
+    if (exists(constraints.length?.maximum)) {
+      const length = constraints.length.maximum
+      rules.push({
+        constraint: "maxLength",
+        value: length,
+        error: `Maximum ${length} characters`,
+      })
+    }
+
+    // Min / max number constraint
+    if (exists(constraints.numericality?.greaterThanOrEqualTo)) {
+      const min = constraints.numericality.greaterThanOrEqualTo
+      rules.push({
+        constraint: "minValue",
+        value: min,
+        error: `Minimum value is ${min}`,
+      })
+    }
+    if (exists(constraints.numericality?.lessThanOrEqualTo)) {
+      const max = constraints.numericality.lessThanOrEqualTo
+      rules.push({
+        constraint: "maxValue",
+        value: max,
+        error: `Maximum value is ${max}`,
+      })
+    }
+
+    return rules
+  }
+
+  const exists = value => {
+    return value != null && value !== ""
+  }
+
+  const addRule = () => {
+    rules = [
+      ...(rules || []),
+      {
+        valueType: "Binding",
+        type: fieldType,
+        id: generate(),
+      },
+    ]
+  }
+
+  const removeRule = id => {
+    rules = rules.filter(link => link.id !== id)
+  }
+
+  const duplicateRule = id => {
+    const existingRule = rules.find(rule => rule.id === id)
+    const newRule = { ...existingRule, id: generate() }
+    rules = [...rules, newRule]
+  }
+</script>
+
+<DrawerContent>
+  <div class="container">
+    <Layout noPadding gap="M">
+      <Layout noPadding gap={schemaRules?.length ? "S" : "XS"}>
+        <Heading size="XS">Schema validation rules</Heading>
+        {#if schemaRules?.length}
+          <div class="links">
+            {#each schemaRules as rule}
+              <div class="rule schema">
+                <Select
+                  placeholder="Constraint"
+                  value={rule.constraint}
+                  options={constraintOptions}
+                  disabled
+                />
+                <Select
+                  placeholder={null}
+                  value="Value"
+                  options={["Binding", "Value"]}
+                  disabled
+                />
+                <DrawerBindableInput
+                  placeholder="Constraint value"
+                  value={rule.value}
+                  {bindings}
+                  disabled
+                />
+                <DrawerBindableInput
+                  placeholder="Error message"
+                  value={rule.error}
+                  {bindings}
+                  disabled
+                />
+                <div />
+              </div>
+            {/each}
+          </div>
+        {:else}
+          <Body size="S">
+            There are no built-in validation rules from the schema.
+          </Body>
+        {/if}
+      </Layout>
+      <Layout noPadding gap="S">
+        <Heading size="XS">Custom validation rules</Heading>
+        {#if rules?.length}
+          <div class="links">
+            {#each rules as rule (rule.id)}
+              <div class="rule">
+                <Select
+                  bind:value={rule.constraint}
+                  options={constraintOptions}
+                  placeholder="Constraint"
+                />
+                <Select
+                  disabled={rule.constraint === "required"}
+                  placeholder={null}
+                  bind:value={rule.valueType}
+                  options={["Binding", "Value"]}
+                />
+
+                {#if rule.valueType === "Binding"}
+                  <!-- Bindings always get a bindable input -->
+                  <DrawerBindableInput
+                    placeholder="Constraint value"
+                    value={rule.value}
+                    {bindings}
+                    disabled={rule.constraint === "required"}
+                    on:change={e => (rule.value = e.detail)}
+                  />
+                {:else if ["maxLength", "minLength", "regex", "notRegex", "contains", "notContains"].includes(rule.constraint)}
+                  <!-- Certain constraints always need string values-->
+                  <Input
+                    bind:value={rule.value}
+                    placeholder="Constraint value"
+                  />
+                {:else}
+                  <!-- Otherwise we render a component based on the type -->
+                  {#if ["string", "number", "options", "longform"].includes(rule.type)}
+                    <Input
+                      disabled={rule.constraint === "required"}
+                      bind:value={rule.value}
+                      placeholder="Constraint value"
+                    />
+                  {:else if rule.type === "boolean"}
+                    <Select
+                      disabled={rule.constraint === "required"}
+                      options={[
+                        { label: "True", value: "true" },
+                        { label: "False", value: "false" },
+                      ]}
+                      bind:value={rule.value}
+                    />
+                  {:else if rule.type === "datetime"}
+                    <DatePicker
+                      enableTime={false}
+                      disabled={rule.constraint === "required"}
+                      bind:value={rule.value}
+                    />
+                  {:else}
+                    <DrawerBindableInput disabled />
+                  {/if}
+                {/if}
+                <DrawerBindableInput
+                  placeholder="Error message"
+                  value={rule.error}
+                  {bindings}
+                  on:change={e => (rule.error = e.detail)}
+                />
+                <Icon
+                  name="Duplicate"
+                  hoverable
+                  size="S"
+                  on:click={() => duplicateRule(rule.id)}
+                />
+                <Icon
+                  name="Close"
+                  hoverable
+                  size="S"
+                  on:click={() => removeRule(rule.id)}
+                />
+              </div>
+            {/each}
+          </div>
+        {/if}
+        <div class="button">
+          <Button secondary icon="Add" on:click={addRule}>Add Rule</Button>
+        </div>
+      </Layout>
+    </Layout>
+  </div>
+</DrawerContent>
+
+<style>
+  .container {
+    width: 100%;
+    max-width: 1000px;
+    margin: 0 auto;
+  }
+  .links {
+    display: flex;
+    flex-direction: column;
+    justify-content: flex-start;
+    align-items: stretch;
+    gap: var(--spacing-m);
+  }
+
+  .rule {
+    gap: var(--spacing-l);
+    display: grid;
+    align-items: center;
+    grid-template-columns: 190px 120px 1fr 1fr auto auto;
+    border-radius: var(--border-radius-s);
+    transition: background-color ease-in-out 130ms;
+  }
+</style>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationEditor.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationEditor.svelte
new file mode 100644
index 0000000000..6c62c9f5af
--- /dev/null
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/ValidationEditor/ValidationEditor.svelte
@@ -0,0 +1,33 @@
+<script>
+  import { Button, ActionButton, Drawer } from "@budibase/bbui"
+  import { createEventDispatcher } from "svelte"
+  import ValidationDrawer from "./ValidationDrawer.svelte"
+
+  export let value = []
+  export let bindings = []
+  export let componentDefinition
+  export let type
+
+  let drawer
+
+  const dispatch = createEventDispatcher()
+  const save = () => {
+    dispatch("change", value)
+    drawer.hide()
+  }
+</script>
+
+<ActionButton on:click={drawer.show}>Configure validation</ActionButton>
+<Drawer bind:this={drawer} title="Validation Rules">
+  <svelte:fragment slot="description">
+    Configure validation rules for this field.
+  </svelte:fragment>
+  <Button cta slot="buttons" on:click={save}>Save</Button>
+  <ValidationDrawer
+    slot="body"
+    bind:rules={value}
+    {type}
+    {bindings}
+    {componentDefinition}
+  />
+</Drawer>
diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/componentSettings.js b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/componentSettings.js
index 8435971714..213ffbbc92 100644
--- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/componentSettings.js
+++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/componentSettings.js
@@ -1,4 +1,4 @@
-import { Checkbox, Input, Select } from "@budibase/bbui"
+import { Checkbox, Input, Select, Stepper } from "@budibase/bbui"
 import DataSourceSelect from "./DataSourceSelect.svelte"
 import DataProviderSelect from "./DataProviderSelect.svelte"
 import EventsEditor from "./EventsEditor"
@@ -12,14 +12,9 @@ import SectionSelect from "./SectionSelect.svelte"
 import NavigationEditor from "./NavigationEditor/NavigationEditor.svelte"
 import FilterEditor from "./FilterEditor/FilterEditor.svelte"
 import URLSelect from "./URLSelect.svelte"
-import StringFieldSelect from "./StringFieldSelect.svelte"
-import NumberFieldSelect from "./NumberFieldSelect.svelte"
-import OptionsFieldSelect from "./OptionsFieldSelect.svelte"
-import BooleanFieldSelect from "./BooleanFieldSelect.svelte"
-import LongFormFieldSelect from "./LongFormFieldSelect.svelte"
-import DateTimeFieldSelect from "./DateTimeFieldSelect.svelte"
-import AttachmentFieldSelect from "./AttachmentFieldSelect.svelte"
-import RelationshipFieldSelect from "./RelationshipFieldSelect.svelte"
+import OptionsEditor from "./OptionsEditor/OptionsEditor.svelte"
+import FormFieldSelect from "./FormFieldSelect.svelte"
+import ValidationEditor from "./ValidationEditor/ValidationEditor.svelte"
 
 const componentMap = {
   text: Input,
@@ -27,26 +22,35 @@ const componentMap = {
   dataSource: DataSourceSelect,
   dataProvider: DataProviderSelect,
   boolean: Checkbox,
-  number: Input,
+  number: Stepper,
   event: EventsEditor,
   table: TableSelect,
   color: ColorPicker,
   icon: IconSelect,
   field: FieldSelect,
   multifield: MultiFieldSelect,
+  options: OptionsEditor,
   schema: SchemaSelect,
   section: SectionSelect,
   navigation: NavigationEditor,
   filter: FilterEditor,
   url: URLSelect,
-  "field/string": StringFieldSelect,
-  "field/number": NumberFieldSelect,
-  "field/options": OptionsFieldSelect,
-  "field/boolean": BooleanFieldSelect,
-  "field/longform": LongFormFieldSelect,
-  "field/datetime": DateTimeFieldSelect,
-  "field/attachment": AttachmentFieldSelect,
-  "field/link": RelationshipFieldSelect,
+  "field/string": FormFieldSelect,
+  "field/number": FormFieldSelect,
+  "field/options": FormFieldSelect,
+  "field/boolean": FormFieldSelect,
+  "field/longform": FormFieldSelect,
+  "field/datetime": FormFieldSelect,
+  "field/attachment": FormFieldSelect,
+  "field/link": FormFieldSelect,
+  // Some validation types are the same as others, so not all types are
+  // explicitly listed here. e.g. options uses string validation
+  "validation/string": ValidationEditor,
+  "validation/number": ValidationEditor,
+  "validation/boolean": ValidationEditor,
+  "validation/datetime": ValidationEditor,
+  "validation/attachment": ValidationEditor,
+  "validation/link": ValidationEditor,
 }
 
 export const getComponentForSettingType = type => {
diff --git a/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte b/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
index 79f262eaae..d782d1cd44 100644
--- a/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
+++ b/packages/builder/src/components/design/PropertiesPanel/ScreenSettingsSection.svelte
@@ -11,7 +11,11 @@
   export let componentInstance
   export let bindings
 
-  function setAssetProps(name, value) {
+  function setAssetProps(name, value, parser) {
+    if (parser && typeof parser === "function") {
+      value = parser(value)
+    }
+
     const selectedAsset = get(currentAsset)
     store.update(state => {
       if (
@@ -29,7 +33,12 @@
 
   const screenSettings = [
     // { key: "description", label: "Description", control: Input },
-    { key: "routing.route", label: "Route", control: Input },
+    {
+      key: "routing.route",
+      label: "Route",
+      control: Input,
+      parser: val => val.replace(/ +/g, "-"),
+    },
     { key: "routing.roleId", label: "Access", control: RoleSelect },
     { key: "layoutId", label: "Layout", control: LayoutSelect },
   ]
@@ -44,7 +53,7 @@
         label={def.label}
         key={def.key}
         value={deepGet($currentAsset, def.key)}
-        onChange={val => setAssetProps(def.key, val)}
+        onChange={val => setAssetProps(def.key, val, def.parser)}
         {bindings}
       />
     {/each}
diff --git a/packages/builder/src/components/design/PropertiesPanel/componentStyles.js b/packages/builder/src/components/design/PropertiesPanel/componentStyles.js
index d0e67431bc..4e6b5dc166 100644
--- a/packages/builder/src/components/design/PropertiesPanel/componentStyles.js
+++ b/packages/builder/src/components/design/PropertiesPanel/componentStyles.js
@@ -14,6 +14,7 @@ export const margin = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -34,6 +35,7 @@ export const margin = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -54,6 +56,7 @@ export const margin = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -74,6 +77,7 @@ export const margin = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -101,6 +105,7 @@ export const padding = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -121,6 +126,7 @@ export const padding = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -141,6 +147,7 @@ export const padding = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
@@ -161,6 +168,7 @@ export const padding = {
       options: [
         { label: "4px", value: "4px" },
         { label: "8px", value: "8px" },
+        { label: "12px", value: "12px" },
         { label: "16px", value: "16px" },
         { label: "20px", value: "20px" },
         { label: "32px", value: "32px" },
diff --git a/packages/builder/src/components/feedback/NPSFeedbackForm.svelte b/packages/builder/src/components/feedback/NPSFeedbackForm.svelte
index e0ba0e7525..4c5bb46c63 100644
--- a/packages/builder/src/components/feedback/NPSFeedbackForm.svelte
+++ b/packages/builder/src/components/feedback/NPSFeedbackForm.svelte
@@ -31,8 +31,8 @@
 
   // Data to send off
   let rating
-  let improvements
-  let comment
+  let improvements = ""
+  let comment = ""
 
   function selectNumber(n) {
     rating = n
@@ -106,11 +106,7 @@
           <Detail size="S">STEP 2 OF 3</Detail>
           <ButtonGroup>
             <Button secondary on:click={() => (step -= 1)}>Previous</Button>
-            <Button
-              disabled={!improvements}
-              primary
-              on:click={() => (step += 1)}>Next</Button
-            >
+            <Button primary on:click={() => (step += 1)}>Next</Button>
           </ButtonGroup>
         </div>
       {:else}
@@ -121,9 +117,7 @@
           <Detail size="S">STEP 3 OF 3</Detail>
           <ButtonGroup>
             <Button secondary on:click={() => (step -= 1)}>Previous</Button>
-            <Button disabled={!comment} cta on:click={submitFeedback}
-              >Complete</Button
-            >
+            <Button cta on:click={submitFeedback}>Complete</Button>
           </ButtonGroup>
         </div>
       {/if}
diff --git a/packages/builder/src/components/integration/ExtraQueryConfig.svelte b/packages/builder/src/components/integration/ExtraQueryConfig.svelte
new file mode 100644
index 0000000000..303beb1e4b
--- /dev/null
+++ b/packages/builder/src/components/integration/ExtraQueryConfig.svelte
@@ -0,0 +1,48 @@
+<script>
+  import { Select, Label, Input } from "@budibase/bbui"
+
+  /**
+   * This component takes the query object and populates the 'extra' property
+   * when a datasource has specified a configuration for these fields in SCHEMA.extra
+   */
+  export let populateExtraQuery
+  export let config
+  export let query
+
+  $: extraFields = Object.keys(config).map(key => ({
+    ...config[key],
+    key,
+  }))
+
+  $: extraQueryFields = query.fields.extra || {}
+</script>
+
+{#each extraFields as { key, displayName, type }}
+  <div class="config-field">
+    <Label>{displayName}</Label>
+    {#if type === "string"}
+      <Input
+        on:change={() => populateExtraQuery(extraQueryFields)}
+        bind:value={extraQueryFields[key]}
+      />
+    {/if}
+
+    {#if type === "list"}
+      <Select
+        on:change={() => populateExtraQuery(extraQueryFields)}
+        bind:value={extraQueryFields[key]}
+        options={config[key].data[query.queryVerb]}
+        getOptionLabel={current => current}
+      />
+    {/if}
+  </div>
+{/each}
+
+<style>
+  .config-field {
+    display: grid;
+    grid-template-columns: 20% 1fr;
+    grid-gap: var(--spacing-l);
+    align-items: center;
+  }
+</style>
diff --git a/packages/builder/src/components/integration/QueryViewer.svelte b/packages/builder/src/components/integration/QueryViewer.svelte
index 5c2523d519..da93033cef 100644
--- a/packages/builder/src/components/integration/QueryViewer.svelte
+++ b/packages/builder/src/components/integration/QueryViewer.svelte
@@ -15,6 +15,7 @@
   } from "@budibase/bbui"
   import { notifications, Divider } from "@budibase/bbui"
   import api from "builderStore/api"
+  import ExtraQueryConfig from "./ExtraQueryConfig.svelte"
   import IntegrationQueryEditor from "components/integration/index.svelte"
   import ExternalDataSourceTable from "components/backend/DataTable/ExternalDataSourceTable.svelte"
   import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte"
@@ -60,6 +61,14 @@
     fields = fields
   }
 
+  function resetDependentFields() {
+    if (query.fields.extra) query.fields.extra = {}
+  }
+
+  function populateExtraQuery(extraQueryFields) {
+    query.fields.extra = extraQueryFields
+  }
+
   async function previewQuery() {
     try {
       const response = await api.post(`/api/queries/preview`, {
@@ -127,11 +136,19 @@
         <Label>Function</Label>
         <Select
           bind:value={query.queryVerb}
+          on:change={resetDependentFields}
           options={Object.keys(queryConfig)}
           getOptionLabel={verb =>
             queryConfig[verb]?.displayName || capitalise(verb)}
         />
       </div>
+      {#if integrationInfo?.extra && query.queryVerb}
+        <ExtraQueryConfig
+          {query}
+          {populateExtraQuery}
+          config={integrationInfo.extra}
+        />
+      {/if}
       <ParameterBuilder bind:parameters={query.parameters} bindable={false} />
     {/if}
   </div>
diff --git a/packages/builder/src/components/start/AppCard.svelte b/packages/builder/src/components/start/AppCard.svelte
index 3e19bfa022..670ef16b60 100644
--- a/packages/builder/src/components/start/AppCard.svelte
+++ b/packages/builder/src/components/start/AppCard.svelte
@@ -54,9 +54,7 @@
           </MenuItem>
         {/if}
         {#if !app.deployed}
-          <MenuItem on:click={() => updateApp(app)} icon="Edit">
-            Update
-          </MenuItem>
+          <MenuItem on:click={() => updateApp(app)} icon="Edit">Edit</MenuItem>
           <MenuItem on:click={() => deleteApp(app)} icon="Delete">
             Delete
           </MenuItem>
diff --git a/packages/builder/src/components/start/AppRow.svelte b/packages/builder/src/components/start/AppRow.svelte
index f8ecbf3320..e953027192 100644
--- a/packages/builder/src/components/start/AppRow.svelte
+++ b/packages/builder/src/components/start/AppRow.svelte
@@ -83,7 +83,7 @@
       </MenuItem>
     {/if}
     {#if !app.deployed}
-      <MenuItem on:click={() => updateApp(app)} icon="Edit">Update</MenuItem>
+      <MenuItem on:click={() => updateApp(app)} icon="Edit">Edit</MenuItem>
       <MenuItem on:click={() => deleteApp(app)} icon="Delete">Delete</MenuItem>
     {/if}
   </ActionMenu>
diff --git a/packages/builder/src/components/start/CreateAppModal.svelte b/packages/builder/src/components/start/CreateAppModal.svelte
index 93eeec77bb..b70190c706 100644
--- a/packages/builder/src/components/start/CreateAppModal.svelte
+++ b/packages/builder/src/components/start/CreateAppModal.svelte
@@ -16,6 +16,7 @@
   import { onMount } from "svelte"
   import { capitalise } from "helpers"
   import { goto } from "@roxi/routify"
+  import { APP_NAME_REGEX } from "constants"
 
   export let template
 
@@ -23,7 +24,13 @@
   const errors = writable({})
   const touched = writable({})
   const validator = {
-    name: string().required("Your application must have a name"),
+    name: string()
+      .trim()
+      .required("Your application must have a name")
+      .matches(
+        APP_NAME_REGEX,
+        "App name must be letters, numbers and spaces only"
+      ),
     file: template ? mixed().required("Please choose a file to import") : null,
   }
 
@@ -35,7 +42,9 @@
     await hostingStore.actions.fetchDeployedApps()
     const existingAppNames = svelteGet(hostingStore).deployedAppNames
     validator.name = string()
+      .trim()
       .required("Your application must have a name")
+      .matches(APP_NAME_REGEX, "App name must be letters and numbers only")
       .test(
         "non-existing-app-name",
         "Another app with the same name already exists",
@@ -74,7 +83,7 @@
     try {
       // Create form data to create app
       let data = new FormData()
-      data.append("name", $values.name)
+      data.append("name", $values.name.trim())
       data.append("useTemplate", template != null)
       if (template) {
         data.append("templateName", template.name)
diff --git a/packages/builder/src/components/start/UpdateAppModal.svelte b/packages/builder/src/components/start/UpdateAppModal.svelte
index dbbc000d1f..83b5710db8 100644
--- a/packages/builder/src/components/start/UpdateAppModal.svelte
+++ b/packages/builder/src/components/start/UpdateAppModal.svelte
@@ -12,12 +12,19 @@
   import { string, object } from "yup"
   import { onMount } from "svelte"
   import { capitalise } from "helpers"
+  import { APP_NAME_REGEX } from "constants"
 
   const values = writable({ name: null })
   const errors = writable({})
   const touched = writable({})
   const validator = {
-    name: string().required("Your application must have a name"),
+    name: string()
+      .trim()
+      .required("Your application must have a name")
+      .matches(
+        APP_NAME_REGEX,
+        "App name must be letters, numbers and spaces only"
+      ),
   }
 
   export let app
@@ -37,7 +44,12 @@
     await hostingStore.actions.fetchDeployedApps()
     const existingAppNames = svelteGet(hostingStore).deployedAppNames
     validator.name = string()
+      .trim()
       .required("Your application must have a name")
+      .matches(
+        APP_NAME_REGEX,
+        "App name must be letters, numbers and spaces only"
+      )
       .test(
         "non-existing-app-name",
         "Another app with the same name already exists",
@@ -65,7 +77,7 @@
   async function updateApp() {
     try {
       // Update App
-      await apps.update(app.instance._id, $values.name)
+      await apps.update(app.instance._id, $values.name.trim())
       hide()
     } catch (error) {
       console.error(error)
@@ -91,15 +103,12 @@
 
 <Modal bind:this={modal} on:hide={onCancel} on:show={onShow}>
   <ModalContent
-    title={"Update app"}
-    confirmText={"Update app"}
+    title={"Edit app"}
+    confirmText={"Save"}
     onConfirm={updateApp}
     disabled={!(valid && dirty)}
   >
-    <Body size="S">
-      Give your new app a name, and choose which groups have access (paid plans
-      only).
-    </Body>
+    <Body size="S">Update the name of your app.</Body>
     <Input
       bind:value={$values.name}
       error={$touched.name && $errors.name}
diff --git a/packages/builder/src/components/upgrade/UpgradeModal.svelte b/packages/builder/src/components/upgrade/UpgradeModal.svelte
new file mode 100644
index 0000000000..f73dcf335f
--- /dev/null
+++ b/packages/builder/src/components/upgrade/UpgradeModal.svelte
@@ -0,0 +1,32 @@
+<script>
+  import { Modal, ModalContent, Button } from "@budibase/bbui"
+
+  let upgradeModal
+
+  const onConfirm = () => {
+    window.open("https://accounts.budibase.com/install", "_blank")
+  }
+</script>
+
+<div>
+  <Button
+    on:click={upgradeModal.show}
+    quiet
+    primary
+    size="M"
+    icon="DownloadFromCloud">Self-host Budibase</Button
+  >
+</div>
+<Modal bind:this={upgradeModal}>
+  <ModalContent
+    size="M"
+    {onConfirm}
+    title="Upgrade to self-hosted"
+    confirmText="Upgrade"
+  >
+    <span
+      >Upgrade to Budibase self-hosting for free, and get SSO, unlimited apps,
+      and more - and it only takes a few minutes!</span
+    >
+  </ModalContent>
+</Modal>
diff --git a/packages/builder/src/constants/index.js b/packages/builder/src/constants/index.js
index aefc1fab0e..a892eb2129 100644
--- a/packages/builder/src/constants/index.js
+++ b/packages/builder/src/constants/index.js
@@ -33,3 +33,5 @@ export const LAYOUT_NAMES = {
 }
 
 export const BUDIBASE_INTERNAL_DB = "bb_internal"
+
+export const APP_NAME_REGEX = /^[\w\s]+$/
diff --git a/packages/builder/src/pages/builder/_layout.svelte b/packages/builder/src/pages/builder/_layout.svelte
index 43a5d205d9..b1f6d7e733 100644
--- a/packages/builder/src/pages/builder/_layout.svelte
+++ b/packages/builder/src/pages/builder/_layout.svelte
@@ -4,7 +4,10 @@
   import { onMount } from "svelte"
 
   let loaded = false
+
+  $: multiTenancyEnabled = $admin.multiTenancy
   $: hasAdminUser = !!$admin?.checklist?.adminUser
+  $: tenantSet = $auth.tenantSet
 
   onMount(async () => {
     await admin.init()
@@ -12,9 +15,14 @@
     loaded = true
   })
 
-  // Force creation of an admin user if one doesn't exist
   $: {
-    if (loaded && !hasAdminUser) {
+    const apiReady = $admin.loaded && $auth.loaded
+    // if tenant is not set go to it
+    if (loaded && apiReady && multiTenancyEnabled && !tenantSet) {
+      $redirect("./auth/org")
+    }
+    // Force creation of an admin user if one doesn't exist
+    else if (loaded && apiReady && !hasAdminUser) {
       $redirect("./admin")
     }
   }
@@ -29,7 +37,7 @@
       !$isActive("./invite")
     ) {
       const returnUrl = encodeURIComponent(window.location.pathname)
-      $redirect("./auth/login?", { returnUrl })
+      $redirect("./auth?", { returnUrl })
     } else if ($auth?.user?.forceResetPassword) {
       $redirect("./auth/reset")
     }
diff --git a/packages/builder/src/pages/builder/admin/index.svelte b/packages/builder/src/pages/builder/admin/index.svelte
index f8cbc21455..4d7e39db81 100644
--- a/packages/builder/src/pages/builder/admin/index.svelte
+++ b/packages/builder/src/pages/builder/admin/index.svelte
@@ -6,20 +6,25 @@
     Layout,
     Input,
     Body,
+    ActionButton,
   } from "@budibase/bbui"
   import { goto } from "@roxi/routify"
   import api from "builderStore/api"
-  import { admin } from "stores/portal"
+  import { admin, auth } from "stores/portal"
   import PasswordRepeatInput from "components/common/users/PasswordRepeatInput.svelte"
   import Logo from "assets/bb-emblem.svg"
 
   let adminUser = {}
   let error
 
+  $: tenantId = $auth.tenantId
+  $: multiTenancyEnabled = $admin.multiTenancy
+
   async function save() {
     try {
+      adminUser.tenantId = tenantId
       // Save the admin user
-      const response = await api.post(`/api/admin/users/init`, adminUser)
+      const response = await api.post(`/api/global/users/init`, adminUser)
       const json = await response.json()
       if (response.status !== 200) {
         throw new Error(json.message)
@@ -47,9 +52,22 @@
         <Input label="Email" bind:value={adminUser.email} />
         <PasswordRepeatInput bind:password={adminUser.password} bind:error />
       </Layout>
-      <Button cta disabled={error} on:click={save}>
-        Create super admin user
-      </Button>
+      <Layout gap="XS" noPadding>
+        <Button cta disabled={error} on:click={save}>
+          Create super admin user
+        </Button>
+        {#if multiTenancyEnabled}
+          <ActionButton
+            quiet
+            on:click={() => {
+              admin.unload()
+              $goto("../auth/org")
+            }}
+          >
+            Change organisation
+          </ActionButton>
+        {/if}
+      </Layout>
     </Layout>
   </div>
 </section>
diff --git a/packages/builder/src/pages/builder/app/[application]/_layout.svelte b/packages/builder/src/pages/builder/app/[application]/_layout.svelte
index 7b0d09844f..a7626370e0 100644
--- a/packages/builder/src/pages/builder/app/[application]/_layout.svelte
+++ b/packages/builder/src/pages/builder/app/[application]/_layout.svelte
@@ -7,14 +7,14 @@
   import VersionModal from "components/deploy/VersionModal.svelte"
   import NPSFeedbackForm from "components/feedback/NPSFeedbackForm.svelte"
   import { get } from "builderStore/api"
-  import { auth } from "stores/portal"
+  import { auth, admin } from "stores/portal"
   import { isActive, goto, layout } from "@roxi/routify"
   import Logo from "assets/bb-emblem.svg"
   import { capitalise } from "helpers"
+  import UpgradeModal from "../../../../components/upgrade/UpgradeModal.svelte"
 
   // Get Package and set store
   export let application
-
   let promise = getPackage()
   $: selected = capitalise(
     $layout.children.find(layout => $isActive(layout.path))?.title ?? "data"
@@ -92,6 +92,9 @@
         <ActionGroup />
       </div>
       <div class="toprightnav">
+        {#if $admin.sandbox}
+          <UpgradeModal />
+        {/if}
         <VersionModal />
         <RevertModal />
         <Icon name="Play" hoverable on:click={previewApp} />
diff --git a/packages/builder/src/pages/builder/apps/index.svelte b/packages/builder/src/pages/builder/apps/index.svelte
index 69b6e770f6..c1bdc31cd4 100644
--- a/packages/builder/src/pages/builder/apps/index.svelte
+++ b/packages/builder/src/pages/builder/apps/index.svelte
@@ -54,7 +54,11 @@
             </Layout>
             <ActionMenu align="right">
               <div slot="control" class="avatar">
-                <Avatar size="M" initials={$auth.initials} />
+                <Avatar
+                  size="M"
+                  initials={$auth.initials}
+                  url={$auth.user.pictureUrl}
+                />
                 <Icon size="XL" name="ChevronDown" />
               </div>
               <MenuItem icon="UserEdit" on:click={() => userInfoModal.show()}>
diff --git a/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte b/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
index c9a6aba218..0acaa127cc 100644
--- a/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
+++ b/packages/builder/src/pages/builder/auth/_components/GoogleButton.svelte
@@ -1,14 +1,18 @@
 <script>
   import { ActionButton } from "@budibase/bbui"
   import GoogleLogo from "assets/google-logo.png"
-  import { organisation } from "stores/portal"
+  import { auth, organisation } from "stores/portal"
 
+  let show
+
+  $: tenantId = $auth.tenantId
   $: show = $organisation.google
 </script>
 
 {#if show}
   <ActionButton
-    on:click={() => window.open("/api/admin/auth/google", "_blank")}
+    on:click={() =>
+      window.open(`/api/global/auth/${tenantId}/google`, "_blank")}
   >
     <div class="inner">
       <img src={GoogleLogo} alt="google icon" />
diff --git a/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte b/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
index 22ecad1620..bae68b6548 100644
--- a/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
+++ b/packages/builder/src/pages/builder/auth/_components/OIDCButton.svelte
@@ -6,7 +6,7 @@
   import OktaLogo from "assets/okta-logo.png"
   import OneLoginLogo from "assets/onelogin-logo.png"
 
-  import { oidc, organisation } from "stores/portal"
+  import { oidc, organisation, auth } from "stores/portal"
   import { onMount } from "svelte"
 
   $: show = $organisation.oidc
@@ -31,7 +31,10 @@
 {#if show}
   <ActionButton
     on:click={() =>
-      window.open(`/api/admin/auth/oidc/configs/${$oidc.uuid}`, "_blank")}
+      window.open(
+        `/api/global/auth/${$auth.tenantId}/oidc/configs/${$oidc.uuid}`,
+        "_blank"
+      )}
   >
     <div class="inner">
       <img {src} alt="oidc icon" />
diff --git a/packages/builder/src/pages/builder/auth/forgot.svelte b/packages/builder/src/pages/builder/auth/forgot.svelte
index 85301b3f02..2503a99eb2 100644
--- a/packages/builder/src/pages/builder/auth/forgot.svelte
+++ b/packages/builder/src/pages/builder/auth/forgot.svelte
@@ -6,10 +6,12 @@
     Layout,
     Body,
     Heading,
+    ActionButton,
   } from "@budibase/bbui"
   import { organisation, auth } from "stores/portal"
   import Logo from "assets/bb-emblem.svg"
   import { onMount } from "svelte"
+  import { goto } from "@roxi/routify"
 
   let email = ""
 
@@ -41,9 +43,12 @@
         </Body>
         <Input label="Email" bind:value={email} />
       </Layout>
-      <Button cta on:click={forgot} disabled={!email}>
-        Reset your password
-      </Button>
+      <Layout gap="XS" nopadding>
+        <Button cta on:click={forgot} disabled={!email}>
+          Reset your password
+        </Button>
+        <ActionButton quiet on:click={() => $goto("../")}>Back</ActionButton>
+      </Layout>
     </Layout>
   </div>
 </div>
diff --git a/packages/builder/src/pages/builder/auth/index.svelte b/packages/builder/src/pages/builder/auth/index.svelte
index 12570aeeb5..a2a02e65c1 100644
--- a/packages/builder/src/pages/builder/auth/index.svelte
+++ b/packages/builder/src/pages/builder/auth/index.svelte
@@ -1,4 +1,24 @@
 <script>
   import { redirect } from "@roxi/routify"
-  $redirect("./login")
+  import { auth, admin } from "stores/portal"
+  import { onMount } from "svelte"
+
+  $: tenantSet = $auth.tenantSet
+  $: multiTenancyEnabled = $admin.multiTenancy
+
+  let loaded = false
+
+  $: {
+    if (loaded && multiTenancyEnabled && !tenantSet) {
+      $redirect("./org")
+    } else if (loaded) {
+      $redirect("./login")
+    }
+  }
+
+  onMount(async () => {
+    await admin.init()
+    await auth.checkQueryString()
+    loaded = true
+  })
 </script>
diff --git a/packages/builder/src/pages/builder/auth/login.svelte b/packages/builder/src/pages/builder/auth/login.svelte
index 8ce27b98bb..783e5a4903 100644
--- a/packages/builder/src/pages/builder/auth/login.svelte
+++ b/packages/builder/src/pages/builder/auth/login.svelte
@@ -10,7 +10,7 @@
     notifications,
   } from "@budibase/bbui"
   import { goto, params } from "@roxi/routify"
-  import { auth, organisation, oidc } from "stores/portal"
+  import { auth, organisation, oidc, admin } from "stores/portal"
   import GoogleButton from "./_components/GoogleButton.svelte"
   import OIDCButton from "./_components/OIDCButton.svelte"
   import Logo from "assets/bb-emblem.svg"
@@ -18,8 +18,10 @@
 
   let username = ""
   let password = ""
+  let loaded = false
 
   $: company = $organisation.company || "Budibase"
+  $: multiTenancyEnabled = $admin.multiTenancy
 
   async function login() {
     try {
@@ -27,7 +29,6 @@
         username,
         password,
       })
-      notifications.success("Logged in successfully")
       if ($auth?.user?.forceResetPassword) {
         $goto("./reset")
       } else {
@@ -50,6 +51,7 @@
 
   onMount(async () => {
     await organisation.init()
+    loaded = true
   })
 </script>
 
@@ -61,8 +63,10 @@
         <img alt="logo" src={$organisation.logoUrl || Logo} />
         <Heading>Sign in to {company}</Heading>
       </Layout>
-      <GoogleButton />
-      <OIDCButton oidcIcon={$oidc.logo} oidcName={$oidc.name} />
+      {#if loaded}
+        <GoogleButton />
+        <OIDCButton oidcIcon={$oidc.logo} oidcName={$oidc.name} />
+      {/if}
       <Divider noGrid />
       <Layout gap="XS" noPadding>
         <Body size="S" textAlign="center">Sign in with email</Body>
@@ -79,6 +83,17 @@
         <ActionButton quiet on:click={() => $goto("./forgot")}>
           Forgot password?
         </ActionButton>
+        {#if multiTenancyEnabled}
+          <ActionButton
+            quiet
+            on:click={() => {
+              admin.unload()
+              $goto("./org")
+            }}
+          >
+            Change organisation
+          </ActionButton>
+        {/if}
       </Layout>
     </Layout>
   </div>
diff --git a/packages/builder/src/pages/builder/auth/org.svelte b/packages/builder/src/pages/builder/auth/org.svelte
new file mode 100644
index 0000000000..785cf05914
--- /dev/null
+++ b/packages/builder/src/pages/builder/auth/org.svelte
@@ -0,0 +1,73 @@
+<script>
+  import { Body, Button, Divider, Heading, Input, Layout } from "@budibase/bbui"
+  import { goto } from "@roxi/routify"
+  import { auth, admin } from "stores/portal"
+  import Logo from "assets/bb-emblem.svg"
+  import { get } from "svelte/store"
+  import { onMount } from "svelte"
+
+  let tenantId = get(auth).tenantSet ? get(auth).tenantId : ""
+  $: multiTenancyEnabled = $admin.multiTenancy
+
+  async function setOrg() {
+    if (tenantId == null || tenantId === "") {
+      tenantId = "default"
+    }
+    await auth.setOrg(tenantId)
+    // re-init now org selected
+    await admin.init()
+    $goto("../")
+  }
+
+  function handleKeydown(evt) {
+    if (evt.key === "Enter") setOrg()
+  }
+
+  onMount(async () => {
+    await auth.checkQueryString()
+    if (!multiTenancyEnabled) {
+      $goto("../")
+    } else {
+      admin.unload()
+    }
+  })
+</script>
+
+<svelte:window on:keydown={handleKeydown} />
+<div class="login">
+  <div class="main">
+    <Layout>
+      <Layout noPadding justifyItems="center">
+        <img alt="logo" src={Logo} />
+        <Heading>Set Budibase organisation</Heading>
+      </Layout>
+      <Divider noGrid />
+      <Layout gap="XS" noPadding>
+        <Body size="S" textAlign="center">Set organisation</Body>
+        <Input label="Organisation" bind:value={tenantId} />
+      </Layout>
+      <Layout gap="XS" noPadding>
+        <Button cta on:click={setOrg}>Set organisation</Button>
+      </Layout>
+    </Layout>
+  </div>
+</div>
+
+<style>
+  .login {
+    width: 100%;
+    height: 100%;
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+  }
+
+  .main {
+    width: 300px;
+  }
+
+  img {
+    width: 48px;
+  }
+</style>
diff --git a/packages/builder/src/pages/builder/index.svelte b/packages/builder/src/pages/builder/index.svelte
index a4fe10f10d..fba581a046 100644
--- a/packages/builder/src/pages/builder/index.svelte
+++ b/packages/builder/src/pages/builder/index.svelte
@@ -2,13 +2,15 @@
   import { redirect } from "@roxi/routify"
   import { auth } from "stores/portal"
 
+  auth.checkQueryString()
+
   $: {
     if (!$auth.user) {
-      $redirect("./auth/login")
+      $redirect(`./auth`)
     } else if ($auth.user.builder?.global) {
-      $redirect("./portal")
+      $redirect(`./portal`)
     } else {
-      $redirect("./apps")
+      $redirect(`./apps`)
     }
   }
 </script>
diff --git a/packages/builder/src/pages/builder/portal/_layout.svelte b/packages/builder/src/pages/builder/portal/_layout.svelte
index 4bc0b46167..20bdc9cb54 100644
--- a/packages/builder/src/pages/builder/portal/_layout.svelte
+++ b/packages/builder/src/pages/builder/portal/_layout.svelte
@@ -100,7 +100,11 @@
         <div />
         <ActionMenu align="right">
           <div slot="control" class="avatar">
-            <Avatar size="M" initials={$auth.initials} />
+            <Avatar
+              size="M"
+              initials={$auth.initials}
+              url={$auth.user.pictureUrl}
+            />
             <Icon size="XL" name="ChevronDown" />
           </div>
           <MenuItem icon="UserEdit" on:click={() => userInfoModal.show()}>
diff --git a/packages/builder/src/pages/builder/portal/manage/auth/index.svelte b/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
index 13a5f3e04c..be3775bb29 100644
--- a/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/auth/index.svelte
@@ -7,7 +7,6 @@
   import OneLoginLogo from "assets/onelogin-logo.png"
   import OidcLogoPng from "assets/oidc-logo.png"
   import { isEqual, cloneDeep } from "lodash/fp"
-
   import {
     Button,
     Heading,
@@ -22,36 +21,51 @@
   } from "@budibase/bbui"
   import { onMount } from "svelte"
   import api from "builderStore/api"
-  import { organisation } from "stores/portal"
+  import { organisation, auth, admin } from "stores/portal"
   import { uuid } from "builderStore/uuid"
 
+  $: tenantId = $auth.tenantId
+  $: multiTenancyEnabled = $admin.multiTenancy
+
   const ConfigTypes = {
     Google: "google",
     OIDC: "oidc",
-    // Github: "github",
-    // AzureAD: "ad",
   }
 
-  const GoogleConfigFields = {
-    Google: ["clientID", "clientSecret", "callbackURL"],
-  }
-  const GoogleConfigLabels = {
-    Google: {
-      clientID: "Client ID",
-      clientSecret: "Client secret",
-      callbackURL: "Callback URL",
-    },
+  function callbackUrl(tenantId, end) {
+    let url = `/api/global/auth`
+    if (multiTenancyEnabled && tenantId) {
+      url += `/${tenantId}`
+    }
+    url += end
+    return url
   }
 
-  const OIDCConfigFields = {
-    Oidc: ["configUrl", "clientID", "clientSecret"],
+  $: GoogleConfigFields = {
+    Google: [
+      { name: "clientID", label: "Client ID" },
+      { name: "clientSecret", label: "Client secret" },
+      {
+        name: "callbackURL",
+        label: "Callback URL",
+        readonly: true,
+        placeholder: callbackUrl(tenantId, "/google/callback"),
+      },
+    ],
   }
-  const OIDCConfigLabels = {
-    Oidc: {
-      configUrl: "Config URL",
-      clientID: "Client ID",
-      clientSecret: "Client Secret",
-    },
+
+  $: OIDCConfigFields = {
+    Oidc: [
+      { name: "configUrl", label: "Config URL" },
+      { name: "clientID", label: "Client ID" },
+      { name: "clientSecret", label: "Client Secret" },
+      {
+        name: "callbackURL",
+        label: "Callback URL",
+        readonly: true,
+        placeholder: callbackUrl(tenantId, "/oidc/callback"),
+      },
+    ],
   }
 
   let iconDropdownOptions = [
@@ -109,17 +123,13 @@
 
   // Create a flag so that it will only try to save completed forms
   $: partialGoogle =
-    providers.google?.config?.clientID ||
-    providers.google?.config?.clientSecret ||
-    providers.google?.config?.callbackURL
+    providers.google?.config?.clientID || providers.google?.config?.clientSecret
   $: partialOidc =
     providers.oidc?.config?.configs[0].configUrl ||
     providers.oidc?.config?.configs[0].clientID ||
     providers.oidc?.config?.configs[0].clientSecret
   $: googleComplete =
-    providers.google?.config?.clientID &&
-    providers.google?.config?.clientSecret &&
-    providers.google?.config?.callbackURL
+    providers.google?.config?.clientID && providers.google?.config?.clientSecret
   $: oidcComplete =
     providers.oidc?.config?.configs[0].configUrl &&
     providers.oidc?.config?.configs[0].clientID &&
@@ -129,7 +139,7 @@
     let data = new FormData()
     data.append("file", file)
     const res = await api.post(
-      `/api/admin/configs/upload/logos_oidc/${file.name}`,
+      `/api/global/configs/upload/logos_oidc/${file.name}`,
       data,
       {}
     )
@@ -149,17 +159,21 @@
     let calls = []
     docs.forEach(element => {
       if (element.type === ConfigTypes.OIDC) {
-        //Add a UUID here so each config is distinguishable when it arrives at the login page.
-        element.config.configs.forEach(config => {
-          !config.uuid && (config.uuid = uuid())
-        })
+        //Add a UUID here so each config is distinguishable when it arrives at the login page
+        for (let config of element.config.configs) {
+          if (!config.uuid) {
+            config.uuid = uuid()
+          }
+          // callback urls shouldn't be included
+          delete config.callbackURL
+        }
         if (partialOidc) {
           if (!oidcComplete) {
             notifications.error(
               `Please fill in all required ${ConfigTypes.OIDC} fields`
             )
           } else {
-            calls.push(api.post(`/api/admin/configs`, element))
+            calls.push(api.post(`/api/global/configs`, element))
             // turn the save button grey when clicked
             oidcSaveButtonDisabled = true
             originalOidcDoc = cloneDeep(providers.oidc)
@@ -173,7 +187,7 @@
               `Please fill in all required ${ConfigTypes.Google} fields`
             )
           } else {
-            calls.push(api.post(`/api/admin/configs`, element))
+            calls.push(api.post(`/api/global/configs`, element))
             googleSaveButtonDisabled = true
             originalGoogleDoc = cloneDeep(providers.google)
           }
@@ -206,7 +220,7 @@
     await organisation.init()
     // fetch the configs for oauth
     const googleResponse = await api.get(
-      `/api/admin/configs/${ConfigTypes.Google}`
+      `/api/global/configs/${ConfigTypes.Google}`
     )
     const googleDoc = await googleResponse.json()
 
@@ -227,7 +241,7 @@
 
     //Get the list of user uploaded logos and push it to the dropdown options.
     //This needs to be done before the config call so they're available when the dropdown renders
-    const res = await api.get(`/api/admin/configs/logos_oidc`)
+    const res = await api.get(`/api/global/configs/logos_oidc`)
     const configSettings = await res.json()
 
     if (configSettings.config) {
@@ -242,17 +256,16 @@
         })
       })
     }
-    const oidcResponse = await api.get(`/api/admin/configs/${ConfigTypes.OIDC}`)
+    const oidcResponse = await api.get(
+      `/api/global/configs/${ConfigTypes.OIDC}`
+    )
     const oidcDoc = await oidcResponse.json()
     if (!oidcDoc._id) {
-      console.log("hi")
-
       providers.oidc = {
         type: ConfigTypes.OIDC,
         config: { configs: [{ activated: true }] },
       }
     } else {
-      console.log("hello")
       originalOidcDoc = cloneDeep(oidcDoc)
       providers.oidc = oidcDoc
     }
@@ -295,8 +308,12 @@
     <Layout gap="XS" noPadding>
       {#each GoogleConfigFields.Google as field}
         <div class="form-row">
-          <Label size="L">{GoogleConfigLabels.Google[field]}</Label>
-          <Input bind:value={providers.google.config[field]} />
+          <Label size="L">{field.label}</Label>
+          <Input
+            bind:value={providers.google.config[field.name]}
+            readonly={field.readonly}
+            placeholder={field.placeholder}
+          />
         </div>
       {/each}
       <div class="form-row">
@@ -335,14 +352,14 @@
     <Layout gap="XS" noPadding>
       {#each OIDCConfigFields.Oidc as field}
         <div class="form-row">
-          <Label size="L">{OIDCConfigLabels.Oidc[field]}</Label>
-          <Input bind:value={providers.oidc.config.configs[0][field]} />
+          <Label size="L">{field.label}</Label>
+          <Input
+            bind:value={providers.oidc.config.configs[0][field.name]}
+            readonly={field.readonly}
+            placeholder={field.placeholder}
+          />
         </div>
       {/each}
-      <div class="form-row">
-        <Label size="L">Callback URL</Label>
-        <Input readonly placeholder="/api/admin/auth/oidc/callback" />
-      </div>
       <br />
       <Body size="S">
         To customize your login button, fill out the fields below.
diff --git a/packages/builder/src/pages/builder/portal/manage/email/index.svelte b/packages/builder/src/pages/builder/portal/manage/email/index.svelte
index 4a2b21b691..f94d2bcd0f 100644
--- a/packages/builder/src/pages/builder/portal/manage/email/index.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/email/index.svelte
@@ -53,7 +53,7 @@
       delete smtp.config.auth
     }
     // Save your SMTP config
-    const response = await api.post(`/api/admin/configs`, smtp)
+    const response = await api.post(`/api/global/configs`, smtp)
 
     if (response.status !== 200) {
       const error = await response.text()
@@ -75,7 +75,9 @@
   async function fetchSmtp() {
     loading = true
     // fetch the configs for smtp
-    const smtpResponse = await api.get(`/api/admin/configs/${ConfigTypes.SMTP}`)
+    const smtpResponse = await api.get(
+      `/api/global/configs/${ConfigTypes.SMTP}`
+    )
     const smtpDoc = await smtpResponse.json()
 
     if (!smtpDoc._id) {
@@ -92,8 +94,13 @@
     requireAuth = smtpConfig.config.auth != null
     // always attach the auth for the forms purpose -
     // this will be removed later if required
-    smtpConfig.config.auth = {
-      type: "login",
+    if (!smtpDoc.config) {
+      smtpDoc.config = {}
+    }
+    if (!smtpDoc.config.auth) {
+      smtpConfig.config.auth = {
+        type: "login",
+      }
     }
   }
 
diff --git a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
index ebb01bd336..c0f21bb554 100644
--- a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
+++ b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
@@ -47,8 +47,8 @@
   })
   let selectedApp
 
-  const userFetch = fetchData(`/api/admin/users/${userId}`)
-  const apps = fetchData(`/api/admin/roles`)
+  const userFetch = fetchData(`/api/global/users/${userId}`)
+  const apps = fetchData(`/api/global/roles`)
 
   async function deleteUser() {
     const res = await users.delete(userId)
diff --git a/packages/builder/src/pages/index.svelte b/packages/builder/src/pages/index.svelte
index 4c97b49763..477097f726 100644
--- a/packages/builder/src/pages/index.svelte
+++ b/packages/builder/src/pages/index.svelte
@@ -1,4 +1,11 @@
 <script>
   import { redirect } from "@roxi/routify"
-  $redirect("./builder")
+  import { auth } from "../stores/portal"
+  import { onMount } from "svelte"
+
+  auth.checkQueryString()
+
+  onMount(() => {
+    $redirect(`./builder`)
+  })
 </script>
diff --git a/packages/builder/src/stores/backend/datasources.js b/packages/builder/src/stores/backend/datasources.js
index bb4a94b63b..5c6ed3f2cb 100644
--- a/packages/builder/src/stores/backend/datasources.js
+++ b/packages/builder/src/stores/backend/datasources.js
@@ -59,9 +59,16 @@ export function createDatasourcesStore() {
       return json
     },
     save: async datasource => {
-      let url = "/api/datasources"
+      let response
+      if (datasource._id) {
+        response = await api.put(
+          `/api/datasources/${datasource._id}`,
+          datasource
+        )
+      } else {
+        response = await api.post("/api/datasources", datasource)
+      }
 
-      const response = await api.post(url, datasource)
       const json = await response.json()
 
       if (response.status !== 200) {
diff --git a/packages/builder/src/stores/portal/admin.js b/packages/builder/src/stores/portal/admin.js
index 33eb23a64d..25688ac70c 100644
--- a/packages/builder/src/stores/portal/admin.js
+++ b/packages/builder/src/stores/portal/admin.js
@@ -1,12 +1,24 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 export function createAdminStore() {
-  const { subscribe, set } = writable({})
+  const DEFAULT_CONFIG = {
+    loaded: false,
+    multiTenancy: false,
+    sandbox: false,
+    onboardingProgress: 0,
+    checklist: { apps: 0, smtp: false, adminUser: false, sso: false },
+  }
+
+  const admin = writable(DEFAULT_CONFIG)
 
   async function init() {
     try {
-      const response = await api.get("/api/admin/configs/checklist")
+      const tenantId = get(auth).tenantId
+      const response = await api.get(
+        `/api/global/configs/checklist?tenantId=${tenantId}`
+      )
       const json = await response.json()
 
       const onboardingSteps = Object.keys(json)
@@ -16,20 +28,51 @@ export function createAdminStore() {
         0
       )
 
-      set({
-        checklist: json,
-        onboardingProgress: (stepsComplete / onboardingSteps.length) * 100,
+      await getFlags()
+      admin.update(store => {
+        store.loaded = true
+        store.checklist = json
+        store.onboardingProgress =
+          (stepsComplete / onboardingSteps.length) * 100
+        return store
       })
     } catch (err) {
-      set({
-        checklist: null,
+      admin.update(store => {
+        store.checklist = null
+        return store
       })
     }
   }
 
+  async function getFlags() {
+    let multiTenancyEnabled = false
+    let sandbox = false
+    try {
+      const response = await api.get(`/api/system/flags`)
+      const json = await response.json()
+      multiTenancyEnabled = json.multiTenancy
+      sandbox = json.sandbox
+    } catch (err) {
+      // just let it stay disabled
+    }
+    admin.update(store => {
+      store.multiTenancy = multiTenancyEnabled
+      store.sandbox = sandbox
+      return store
+    })
+  }
+
+  function unload() {
+    admin.update(store => {
+      store.loaded = false
+      return store
+    })
+  }
+
   return {
-    subscribe,
+    subscribe: admin.subscribe,
     init,
+    unload,
   }
 }
 
diff --git a/packages/builder/src/stores/portal/auth.js b/packages/builder/src/stores/portal/auth.js
index ef91c114f6..fe8f87cfb2 100644
--- a/packages/builder/src/stores/portal/auth.js
+++ b/packages/builder/src/stores/portal/auth.js
@@ -1,74 +1,124 @@
 import { derived, writable, get } from "svelte/store"
 import api from "../../builderStore/api"
+import { admin } from "stores/portal"
 
 export function createAuthStore() {
-  const user = writable(null)
-  const store = derived(user, $user => {
+  const auth = writable({
+    user: null,
+    tenantId: "default",
+    tenantSet: false,
+    loaded: false,
+  })
+  const store = derived(auth, $store => {
     let initials = null
     let isAdmin = false
     let isBuilder = false
-    if ($user) {
-      if ($user.firstName) {
-        initials = $user.firstName[0]
-        if ($user.lastName) {
-          initials += $user.lastName[0]
+    if ($store.user) {
+      const user = $store.user
+      if (user.firstName) {
+        initials = user.firstName[0]
+        if (user.lastName) {
+          initials += user.lastName[0]
         }
-      } else if ($user.email) {
-        initials = $user.email[0]
+      } else if (user.email) {
+        initials = user.email[0]
       } else {
         initials = "Unknown"
       }
-      isAdmin = !!$user.admin?.global
-      isBuilder = !!$user.builder?.global
+      isAdmin = !!user.admin?.global
+      isBuilder = !!user.builder?.global
     }
     return {
-      user: $user,
+      user: $store.user,
+      tenantId: $store.tenantId,
+      tenantSet: $store.tenantSet,
+      loaded: $store.loaded,
       initials,
       isAdmin,
       isBuilder,
     }
   })
 
+  function setUser(user) {
+    auth.update(store => {
+      store.loaded = true
+      store.user = user
+      if (user) {
+        store.tenantId = user.tenantId || "default"
+        store.tenantSet = true
+      }
+      return store
+    })
+  }
+
+  async function setOrganisation(tenantId) {
+    const prevId = get(store).tenantId
+    auth.update(store => {
+      store.tenantId = tenantId
+      store.tenantSet = !!tenantId
+      return store
+    })
+    if (prevId !== tenantId) {
+      // re-init admin after setting org
+      await admin.init()
+    }
+  }
+
   return {
     subscribe: store.subscribe,
+    checkQueryString: async () => {
+      const urlParams = new URLSearchParams(window.location.search)
+      if (urlParams.has("tenantId")) {
+        const tenantId = urlParams.get("tenantId")
+        await setOrganisation(tenantId)
+      }
+    },
+    setOrg: async tenantId => {
+      await setOrganisation(tenantId)
+    },
     checkAuth: async () => {
-      const response = await api.get("/api/admin/users/self")
+      const response = await api.get("/api/global/users/self")
       if (response.status !== 200) {
-        user.set(null)
+        setUser(null)
       } else {
         const json = await response.json()
-        user.set(json)
+        setUser(json)
       }
     },
     login: async creds => {
-      const response = await api.post(`/api/admin/auth`, creds)
+      const tenantId = get(store).tenantId
+      const response = await api.post(
+        `/api/global/auth/${tenantId}/login`,
+        creds
+      )
       const json = await response.json()
       if (response.status === 200) {
-        user.set(json.user)
+        setUser(json.user)
       } else {
         throw "Invalid credentials"
       }
       return json
     },
     logout: async () => {
-      const response = await api.post(`/api/admin/auth/logout`)
+      const response = await api.post(`/api/global/auth/logout`)
       if (response.status !== 200) {
         throw "Unable to create logout"
       }
       await response.json()
-      user.set(null)
+      setUser(null)
     },
     updateSelf: async fields => {
-      const newUser = { ...get(user), ...fields }
-      const response = await api.post("/api/admin/users/self", newUser)
+      const newUser = { ...get(auth).user, ...fields }
+      const response = await api.post("/api/global/users/self", newUser)
       if (response.status === 200) {
-        user.set(newUser)
+        setUser(newUser)
       } else {
         throw "Unable to update user details"
       }
     },
     forgotPassword: async email => {
-      const response = await api.post(`/api/admin/auth/reset`, {
+      const tenantId = get(store).tenantId
+      const response = await api.post(`/api/global/auth/${tenantId}/reset`, {
         email,
       })
       if (response.status !== 200) {
@@ -77,17 +127,21 @@ export function createAuthStore() {
       await response.json()
     },
     resetPassword: async (password, code) => {
-      const response = await api.post(`/api/admin/auth/reset/update`, {
-        password,
-        resetCode: code,
-      })
+      const tenantId = get(store).tenantId
+      const response = await api.post(
+        `/api/global/auth/${tenantId}/reset/update`,
+        {
+          password,
+          resetCode: code,
+        }
+      )
       if (response.status !== 200) {
         throw "Unable to reset password"
       }
       await response.json()
     },
     createUser: async user => {
-      const response = await api.post(`/api/admin/users`, user)
+      const response = await api.post(`/api/global/users`, user)
       if (response.status !== 200) {
         throw "Unable to create user"
       }
diff --git a/packages/builder/src/stores/portal/email.js b/packages/builder/src/stores/portal/email.js
index 4ec6d72d3e..a015480141 100644
--- a/packages/builder/src/stores/portal/email.js
+++ b/packages/builder/src/stores/portal/email.js
@@ -9,11 +9,11 @@ export function createEmailStore() {
     templates: {
       fetch: async () => {
         // fetch the email template definitions
-        const response = await api.get(`/api/admin/template/definitions`)
+        const response = await api.get(`/api/global/template/definitions`)
         const definitions = await response.json()
 
         // fetch the email templates themselves
-        const templatesResponse = await api.get(`/api/admin/template/email`)
+        const templatesResponse = await api.get(`/api/global/template/email`)
         const templates = await templatesResponse.json()
 
         store.set({
@@ -23,7 +23,7 @@ export function createEmailStore() {
       },
       save: async template => {
         // Save your template config
-        const response = await api.post(`/api/admin/template`, template)
+        const response = await api.post(`/api/global/template`, template)
         const json = await response.json()
         if (response.status !== 200) throw new Error(json.message)
         template._rev = json._rev
diff --git a/packages/builder/src/stores/portal/oidc.js b/packages/builder/src/stores/portal/oidc.js
index d8d06f12a9..3e3a7048ca 100644
--- a/packages/builder/src/stores/portal/oidc.js
+++ b/packages/builder/src/stores/portal/oidc.js
@@ -1,5 +1,6 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 const OIDC_CONFIG = {
   logo: undefined,
@@ -12,10 +13,13 @@ export function createOidcStore() {
   const { set, subscribe } = store
 
   async function init() {
-    const res = await api.get(`/api/admin/configs/publicOidc`)
+    const tenantId = get(auth).tenantId
+    const res = await api.get(
+      `/api/global/configs/public/oidc?tenantId=${tenantId}`
+    )
     const json = await res.json()
 
-    if (json.status === 400) {
+    if (json.status === 400 || Object.keys(json).length === 0) {
       set(OIDC_CONFIG)
     } else {
       // Just use the first config for now. We will be support multiple logins buttons later on.
diff --git a/packages/builder/src/stores/portal/organisation.js b/packages/builder/src/stores/portal/organisation.js
index df950b92a0..03bfa6ca28 100644
--- a/packages/builder/src/stores/portal/organisation.js
+++ b/packages/builder/src/stores/portal/organisation.js
@@ -1,5 +1,6 @@
 import { writable, get } from "svelte/store"
 import api from "builderStore/api"
+import { auth } from "stores/portal"
 
 const DEFAULT_CONFIG = {
   platformUrl: "http://localhost:10000",
@@ -15,7 +16,8 @@ export function createOrganisationStore() {
   const { subscribe, set } = store
 
   async function init() {
-    const res = await api.get(`/api/admin/configs/public`)
+    const tenantId = get(auth).tenantId
+    const res = await api.get(`/api/global/configs/public?tenantId=${tenantId}`)
     const json = await res.json()
 
     if (json.status === 400) {
@@ -26,7 +28,7 @@ export function createOrganisationStore() {
   }
 
   async function save(config) {
-    const res = await api.post("/api/admin/configs", {
+    const res = await api.post("/api/global/configs", {
       type: "settings",
       config: { ...get(store), ...config },
       _rev: get(store)._rev,
diff --git a/packages/builder/src/stores/portal/users.js b/packages/builder/src/stores/portal/users.js
index 8a19f79809..17299dc056 100644
--- a/packages/builder/src/stores/portal/users.js
+++ b/packages/builder/src/stores/portal/users.js
@@ -6,7 +6,7 @@ export function createUsersStore() {
   const { subscribe, set } = writable([])
 
   async function init() {
-    const response = await api.get(`/api/admin/users`)
+    const response = await api.get(`/api/global/users`)
     const json = await response.json()
     set(json)
   }
@@ -23,12 +23,12 @@ export function createUsersStore() {
         global: true,
       }
     }
-    const response = await api.post(`/api/admin/users/invite`, body)
+    const response = await api.post(`/api/global/users/invite`, body)
     return await response.json()
   }
 
   async function acceptInvite(inviteCode, password) {
-    const response = await api.post("/api/admin/users/invite/accept", {
+    const response = await api.post("/api/global/users/invite/accept", {
       inviteCode,
       password,
     })
@@ -47,20 +47,20 @@ export function createUsersStore() {
     if (admin) {
       body.admin = { global: true }
     }
-    const response = await api.post("/api/admin/users", body)
+    const response = await api.post("/api/global/users", body)
     await init()
     return await response.json()
   }
 
   async function del(id) {
-    const response = await api.delete(`/api/admin/users/${id}`)
+    const response = await api.delete(`/api/global/users/${id}`)
     update(users => users.filter(user => user._id !== id))
     return await response.json()
   }
 
   async function save(data) {
     try {
-      const res = await post(`/api/admin/users`, data)
+      const res = await post(`/api/global/users`, data)
       return await res.json()
     } catch (error) {
       console.log(error)
diff --git a/packages/cli/package.json b/packages/cli/package.json
index 49473b8d8e..7715268732 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/cli",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "description": "Budibase CLI, for developers, self hosting and migrations.",
   "main": "src/index.js",
   "bin": {
diff --git a/packages/client/package.json b/packages/client/package.json
index 37c562368d..9141a5dfcb 100644
--- a/packages/client/package.json
+++ b/packages/client/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/client",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "license": "MPL-2.0",
   "module": "dist/budibase-client.js",
   "main": "dist/budibase-client.js",
@@ -18,9 +18,9 @@
     "dev:builder": "rollup -cw"
   },
   "dependencies": {
-    "@budibase/bbui": "^0.9.115",
-    "@budibase/standard-components": "^0.9.115",
-    "@budibase/string-templates": "^0.9.115",
+    "@budibase/bbui": "^0.9.116-alpha.0",
+    "@budibase/standard-components": "^0.9.116-alpha.0",
+    "@budibase/string-templates": "^0.9.116-alpha.0",
     "regexparam": "^1.3.0",
     "shortid": "^2.2.15",
     "svelte-spa-router": "^3.0.5"
diff --git a/packages/client/src/api/api.js b/packages/client/src/api/api.js
index b915f14fd1..5449c3f219 100644
--- a/packages/client/src/api/api.js
+++ b/packages/client/src/api/api.js
@@ -38,15 +38,15 @@ const makeApiCall = async ({ method, url, body, json = true }) => {
       case 200:
         return response.json()
       case 401:
-        notificationStore.danger("Invalid credentials")
+        notificationStore.actions.error("Invalid credentials")
         return handleError(`Invalid credentials`)
       case 404:
-        notificationStore.danger("Not found")
+        notificationStore.actions.warning("Not found")
         return handleError(`${url}: Not Found`)
       case 400:
         return handleError(`${url}: Bad Request`)
       case 403:
-        notificationStore.danger(
+        notificationStore.actions.error(
           "Your session has expired, or you don't have permission to access that data"
         )
         return handleError(`${url}: Forbidden`)
diff --git a/packages/client/src/api/auth.js b/packages/client/src/api/auth.js
index 6ea105d9f9..68ca5dbc80 100644
--- a/packages/client/src/api/auth.js
+++ b/packages/client/src/api/auth.js
@@ -13,7 +13,7 @@ export const logIn = async ({ email, password }) => {
     return API.error("Please enter your password")
   }
   return await API.post({
-    url: "/api/admin/auth",
+    url: "/api/global/auth",
     body: { username: email, password },
   })
 }
@@ -23,7 +23,7 @@ export const logIn = async ({ email, password }) => {
  */
 export const fetchSelf = async () => {
   const user = await API.get({ url: "/api/self" })
-  if (user?._id) {
+  if (user && user._id) {
     if (user.roleId === "PUBLIC") {
       // Don't try to enrich a public user as it will 403
       return user
diff --git a/packages/client/src/api/automations.js b/packages/client/src/api/automations.js
index 4dd5958568..2b989f85ae 100644
--- a/packages/client/src/api/automations.js
+++ b/packages/client/src/api/automations.js
@@ -9,7 +9,7 @@ export const triggerAutomation = async (automationId, fields) => {
     body: { fields },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Automation triggered")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Automation triggered")
   return res
 }
diff --git a/packages/client/src/api/queries.js b/packages/client/src/api/queries.js
index 715841f0fa..a6ef1a763f 100644
--- a/packages/client/src/api/queries.js
+++ b/packages/client/src/api/queries.js
@@ -7,7 +7,7 @@ import API from "./api"
 export const executeQuery = async ({ queryId, parameters }) => {
   const query = await API.get({ url: `/api/queries/${queryId}` })
   if (query?.datasourceId == null) {
-    notificationStore.danger("That query couldn't be found")
+    notificationStore.actions.error("That query couldn't be found")
     return
   }
   const res = await API.post({
@@ -17,9 +17,9 @@ export const executeQuery = async ({ queryId, parameters }) => {
     },
   })
   if (res.error) {
-    notificationStore.danger("An error has occurred")
+    notificationStore.actions.error("An error has occurred")
   } else if (!query.readable) {
-    notificationStore.success("Query executed successfully")
+    notificationStore.actions.success("Query executed successfully")
     dataSourceStore.actions.invalidateDataSource(query.datasourceId)
   }
   return res
diff --git a/packages/client/src/api/rows.js b/packages/client/src/api/rows.js
index 14d696351d..21f8ec1f98 100644
--- a/packages/client/src/api/rows.js
+++ b/packages/client/src/api/rows.js
@@ -27,8 +27,8 @@ export const saveRow = async row => {
     body: row,
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row saved")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row saved")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(row.tableId)
@@ -48,8 +48,8 @@ export const updateRow = async row => {
     body: row,
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row updated")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row updated")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(row.tableId)
@@ -72,8 +72,8 @@ export const deleteRow = async ({ tableId, rowId, revId }) => {
     },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success("Row deleted")
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success("Row deleted")
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(tableId)
@@ -95,8 +95,8 @@ export const deleteRows = async ({ tableId, rows }) => {
     },
   })
   res.error
-    ? notificationStore.danger("An error has occurred")
-    : notificationStore.success(`${rows.length} row(s) deleted`)
+    ? notificationStore.actions.error("An error has occurred")
+    : notificationStore.actions.success(`${rows.length} row(s) deleted`)
 
   // Refresh related datasources
   dataSourceStore.actions.invalidateDataSource(tableId)
diff --git a/packages/client/src/components/ClientApp.svelte b/packages/client/src/components/ClientApp.svelte
index 1fffaac4fe..11347821a9 100644
--- a/packages/client/src/components/ClientApp.svelte
+++ b/packages/client/src/components/ClientApp.svelte
@@ -4,7 +4,7 @@
   import Component from "./Component.svelte"
   import NotificationDisplay from "./NotificationDisplay.svelte"
   import ConfirmationDisplay from "./ConfirmationDisplay.svelte"
-  import Provider from "./Provider.svelte"
+  import PeekScreenDisplay from "./PeekScreenDisplay.svelte"
   import SDK from "../sdk"
   import {
     createContextStore,
@@ -15,12 +15,13 @@
     builderStore,
     appStore,
   } from "../store"
-  import { TableNames, ActionTypes } from "../constants"
   import SettingsBar from "./preview/SettingsBar.svelte"
   import SelectionIndicator from "./preview/SelectionIndicator.svelte"
   import HoverIndicator from "./preview/HoverIndicator.svelte"
   import { Layout, Heading, Body } from "@budibase/bbui"
   import ErrorSVG from "../../../builder/assets/error.svg"
+  import UserBindingsProvider from "./UserBindingsProvider.svelte"
+  import DeviceBindingsProvider from "./DeviceBindingsProvider.svelte"
 
   // Provide contexts
   setContext("sdk", SDK)
@@ -40,16 +41,6 @@
     }
   })
 
-  // Register this as a refreshable datasource so that user changes cause
-  // the user object to be refreshed
-  $: actions = [
-    {
-      type: ActionTypes.RefreshDatasource,
-      callback: () => authStore.actions.fetchUser(),
-      metadata: { dataSource: { type: "table", tableId: TableNames.USERS } },
-    },
-  ]
-
   // Handle no matching route - this is likely a permission error
   $: {
     if (dataLoaded && $routeStore.routerLoaded && !$routeStore.activeRoute) {
@@ -92,29 +83,32 @@
         </Layout>
       </div>
     {:else if $screenStore.activeLayout}
-      <Provider key="user" data={$authStore} {actions}>
-        <div id="app-root" class:preview={$builderStore.inBuilder}>
-          {#key $screenStore.activeLayout._id}
-            <Component instance={$screenStore.activeLayout.props} />
+      <UserBindingsProvider>
+        <DeviceBindingsProvider>
+          <div id="app-root" class:preview={$builderStore.inBuilder}>
+            {#key $screenStore.activeLayout._id}
+              <Component instance={$screenStore.activeLayout.props} />
+            {/key}
+          </div>
+          <NotificationDisplay />
+          <ConfirmationDisplay />
+          <PeekScreenDisplay />
+          <!-- Key block needs to be outside the if statement or it breaks -->
+          {#key $builderStore.selectedComponentId}
+            {#if $builderStore.inBuilder}
+              <SettingsBar />
+            {/if}
           {/key}
-        </div>
-        <NotificationDisplay />
-        <ConfirmationDisplay />
-        <!-- Key block needs to be outside the if statement or it breaks -->
-        {#key $builderStore.selectedComponentId}
+          <!--
+              We don't want to key these by componentID as they control their own
+              re-mounting to avoid flashes.
+            -->
           {#if $builderStore.inBuilder}
-            <SettingsBar />
+            <SelectionIndicator />
+            <HoverIndicator />
           {/if}
-        {/key}
-        <!--
-            We don't want to key these by componentID as they control their own
-            re-mounting to avoid flashes.
-          -->
-        {#if $builderStore.inBuilder}
-          <SelectionIndicator />
-          <HoverIndicator />
-        {/if}
-      </Provider>
+        </DeviceBindingsProvider>
+      </UserBindingsProvider>
     {/if}
   </div>
 {/if}
diff --git a/packages/client/src/components/Component.svelte b/packages/client/src/components/Component.svelte
index 8c7437e523..a10c88f410 100644
--- a/packages/client/src/components/Component.svelte
+++ b/packages/client/src/components/Component.svelte
@@ -63,6 +63,7 @@
   $: selected =
     $builderStore.inBuilder &&
     $builderStore.selectedComponentId === instance._id
+  $: inSelectedPath = $builderStore.selectedComponentPath?.includes(id)
   $: interactive = $builderStore.previewType === "layout" || insideScreenslot
   $: evaluateConditions(enrichedSettings?._conditions)
   $: componentSettings = { ...enrichedSettings, ...conditionalSettings }
@@ -74,7 +75,6 @@
     styles: { ...instance._styles, id, empty, interactive },
     empty,
     selected,
-    props: componentSettings,
     name,
   })
 
@@ -175,13 +175,12 @@
 </script>
 
 {#key propsHash}
-  {#if constructor && componentSettings && visible}
+  {#if constructor && componentSettings && (visible || inSelectedPath)}
     <div
       class={`component ${id}`}
       data-type={interactive ? "component" : ""}
       data-id={id}
       data-name={name}
-      class:hidden={!visible}
     >
       <svelte:component this={constructor} {...componentSettings}>
         {#if children.length}
diff --git a/packages/client/src/components/DeviceBindingsProvider.svelte b/packages/client/src/components/DeviceBindingsProvider.svelte
new file mode 100644
index 0000000000..864068cd17
--- /dev/null
+++ b/packages/client/src/components/DeviceBindingsProvider.svelte
@@ -0,0 +1,31 @@
+<script>
+  import Provider from "./Provider.svelte"
+  import { onMount } from "svelte"
+
+  let width = window.innerWidth
+  const tabletBreakpoint = 768
+  const desktopBreakpoint = 1280
+  const resizeObserver = new ResizeObserver(entries => {
+    if (entries?.[0]) {
+      width = entries[0].contentRect?.width
+    }
+  })
+
+  $: data = {
+    mobile: width && width < tabletBreakpoint,
+    tablet: width && width >= tabletBreakpoint && width < desktopBreakpoint,
+  }
+
+  onMount(() => {
+    const doc = document.documentElement
+    resizeObserver.observe(doc)
+
+    return () => {
+      resizeObserver.unobserve(doc)
+    }
+  })
+</script>
+
+<Provider key="device" {data}>
+  <slot />
+</Provider>
diff --git a/packages/client/src/components/NotificationDisplay.svelte b/packages/client/src/components/NotificationDisplay.svelte
index 1a960c383a..f03fb692fd 100644
--- a/packages/client/src/components/NotificationDisplay.svelte
+++ b/packages/client/src/components/NotificationDisplay.svelte
@@ -1,36 +1,34 @@
 <script>
-  import { flip } from "svelte/animate"
+  import { notificationStore } from "../store"
+  import { Notification } from "@budibase/bbui"
   import { fly } from "svelte/transition"
-  import { getContext } from "svelte"
-  const { notifications } = getContext("sdk")
-
-  export let themes = {
-    danger: "#E26D69",
-    success: "#84C991",
-    warning: "#f0ad4e",
-    info: "#5bc0de",
-    default: "#aaaaaa",
-  }
 </script>
 
 <div class="notifications">
-  {#each $notifications as notification (notification.id)}
-    <div
-      animate:flip
-      class="toast"
-      style="background: {themes[notification.type]};"
-      transition:fly={{ y: -30 }}
-    >
-      <div class="content">{notification.message}</div>
-      {#if notification.icon}<i class={notification.icon} />{/if}
-    </div>
-  {/each}
+  {#if $notificationStore}
+    {#key $notificationStore.id}
+      <div
+        in:fly={{
+          duration: 300,
+          y: -20,
+          delay: $notificationStore.delay ? 300 : 0,
+        }}
+        out:fly={{ y: -20, duration: 150 }}
+      >
+        <Notification
+          type={$notificationStore.type}
+          message={$notificationStore.message}
+          icon={$notificationStore.icon}
+        />
+      </div>
+    {/key}
+  {/if}
 </div>
 
 <style>
   .notifications {
     position: fixed;
-    top: 10px;
+    top: 20px;
     left: 0;
     right: 0;
     margin: 0 auto;
@@ -42,19 +40,4 @@
     align-items: center;
     pointer-events: none;
   }
-
-  .toast {
-    flex: 0 0 auto;
-    margin-bottom: 10px;
-    border-radius: var(--border-radius-s);
-    /* The toasts now support being auto sized, so this static width could be removed */
-    width: 40vw;
-  }
-
-  .content {
-    padding: 10px;
-    display: block;
-    color: white;
-    font-weight: 600;
-  }
 </style>
diff --git a/packages/client/src/components/PeekScreenDisplay.svelte b/packages/client/src/components/PeekScreenDisplay.svelte
new file mode 100644
index 0000000000..6d6e8c39c7
--- /dev/null
+++ b/packages/client/src/components/PeekScreenDisplay.svelte
@@ -0,0 +1,120 @@
+<script>
+  import {
+    peekStore,
+    dataSourceStore,
+    notificationStore,
+    routeStore,
+  } from "../store"
+  import { Modal, ModalContent, ActionButton } from "@budibase/bbui"
+  import { onDestroy } from "svelte"
+
+  let iframe
+  let listenersAttached = false
+
+  const invalidateDataSource = event => {
+    const { dataSourceId } = event.detail
+    dataSourceStore.actions.invalidateDataSource(dataSourceId)
+  }
+
+  const proxyNotification = event => {
+    const { message, type, icon } = event.detail
+    notificationStore.actions.send(message, type, icon)
+  }
+
+  const attachListeners = () => {
+    // Mirror datasource invalidation to keep the parent window up to date
+    iframe.contentWindow.addEventListener(
+      "invalidate-datasource",
+      invalidateDataSource
+    )
+    // Listen for a close event to close the screen peek
+    iframe.contentWindow.addEventListener(
+      "close-screen-modal",
+      peekStore.actions.hidePeek
+    )
+    // Proxy notifications back to the parent window instead of iframe
+    iframe.contentWindow.addEventListener("notification", proxyNotification)
+  }
+
+  const handleCancel = () => {
+    peekStore.actions.hidePeek()
+    iframe.contentWindow.removeEventListener(
+      "invalidate-datasource",
+      invalidateDataSource
+    )
+    iframe.contentWindow.removeEventListener(
+      "close-screen-modal",
+      peekStore.actions.hidePeek
+    )
+    iframe.contentWindow.removeEventListener("notification", proxyNotification)
+  }
+
+  const handleFullscreen = () => {
+    if ($peekStore.external) {
+      window.location = $peekStore.href
+    } else {
+      routeStore.actions.navigate($peekStore.url)
+      handleCancel()
+    }
+  }
+
+  $: {
+    if (iframe && !listenersAttached) {
+      attachListeners()
+      listenersAttached = true
+    } else if (!iframe) {
+      listenersAttached = false
+    }
+  }
+
+  onDestroy(() => {
+    if (iframe) {
+      handleCancel()
+    }
+  })
+</script>
+
+{#if $peekStore.showPeek}
+  <Modal fixed on:cancel={handleCancel}>
+    <div class="actions spectrum--darkest" slot="outside">
+      <ActionButton size="S" quiet icon="OpenIn" on:click={handleFullscreen}>
+        Full screen
+      </ActionButton>
+      <ActionButton size="S" quiet icon="Close" on:click={handleCancel}>
+        Close
+      </ActionButton>
+    </div>
+    <ModalContent
+      showCancelButton={false}
+      showConfirmButton={false}
+      size="L"
+      showDivider={false}
+      showCloseIcon={false}
+    >
+      <iframe title="Peek" bind:this={iframe} src={$peekStore.href} />
+    </ModalContent>
+  </Modal>
+{/if}
+
+<style>
+  iframe {
+    margin: -40px;
+    border: none;
+    width: calc(100% + 80px);
+    height: 640px;
+    max-height: calc(100vh - 120px);
+    transition: width 1s ease, height 1s ease, top 1s ease, left 1s ease;
+    border-radius: var(--spectrum-global-dimension-size-100);
+  }
+
+  .actions {
+    display: flex;
+    flex-direction: row;
+    justify-content: flex-end;
+    align-items: center;
+    position: absolute;
+    top: 0;
+    width: 640px;
+    max-width: 100%;
+  }
+</style>
diff --git a/packages/client/src/components/Router.svelte b/packages/client/src/components/Router.svelte
index f3af2e94a4..5632d812b5 100644
--- a/packages/client/src/components/Router.svelte
+++ b/packages/client/src/components/Router.svelte
@@ -1,6 +1,6 @@
 <script>
   import { setContext, getContext } from "svelte"
-  import Router from "svelte-spa-router"
+  import Router, { querystring } from "svelte-spa-router"
   import { routeStore } from "../store"
   import Screen from "./Screen.svelte"
 
@@ -16,6 +16,18 @@
     id: $routeStore.routeSessionId,
   }
 
+  // Keep query params up to date
+  $: {
+    let queryParams = {}
+    if ($querystring) {
+      const urlSearchParams = new URLSearchParams($querystring)
+      for (const [key, value] of urlSearchParams) {
+        queryParams[key] = value
+      }
+    }
+    routeStore.actions.setQueryParams(queryParams)
+  }
+
   const getRouterConfig = routes => {
     let config = {}
     routes.forEach(route => {
diff --git a/packages/client/src/components/UserBindingsProvider.svelte b/packages/client/src/components/UserBindingsProvider.svelte
new file mode 100644
index 0000000000..23774eb43d
--- /dev/null
+++ b/packages/client/src/components/UserBindingsProvider.svelte
@@ -0,0 +1,19 @@
+<script>
+  import Provider from "./Provider.svelte"
+  import { authStore } from "../store"
+  import { ActionTypes, TableNames } from "../constants"
+
+  // Register this as a refreshable datasource so that user changes cause
+  // the user object to be refreshed
+  $: actions = [
+    {
+      type: ActionTypes.RefreshDatasource,
+      callback: () => authStore.actions.fetchUser(),
+      metadata: { dataSource: { type: "table", tableId: TableNames.USERS } },
+    },
+  ]
+</script>
+
+<Provider key="user" data={$authStore} {actions}>
+  <slot />
+</Provider>
diff --git a/packages/client/src/components/preview/IndicatorSet.svelte b/packages/client/src/components/preview/IndicatorSet.svelte
index 74c9f06f0d..3151a8bd75 100644
--- a/packages/client/src/components/preview/IndicatorSet.svelte
+++ b/packages/client/src/components/preview/IndicatorSet.svelte
@@ -61,7 +61,7 @@
     // Sanity limit of 100 active indicators
     const children = Array.from(parents)
       .map(parent => parent?.childNodes?.[0])
-      .filter(child => child != null)
+      .filter(node => node?.nodeType === 1)
       .slice(0, 100)
 
     // If there aren't any nodes then reset
diff --git a/packages/client/src/constants.js b/packages/client/src/constants.js
index 7204b8c951..d2237ba3b9 100644
--- a/packages/client/src/constants.js
+++ b/packages/client/src/constants.js
@@ -7,6 +7,7 @@ export const ActionTypes = {
   RefreshDatasource: "RefreshDatasource",
   SetDataProviderQuery: "SetDataProviderQuery",
   ClearForm: "ClearForm",
+  ChangeFormStep: "ChangeFormStep",
 }
 
 export const ApiVersion = "1"
diff --git a/packages/client/src/sdk.js b/packages/client/src/sdk.js
index 70b5509a83..32b9441849 100644
--- a/packages/client/src/sdk.js
+++ b/packages/client/src/sdk.js
@@ -15,7 +15,7 @@ import { ActionTypes } from "./constants"
 export default {
   API,
   authStore,
-  notifications: notificationStore,
+  notificationStore,
   routeStore,
   screenStore,
   builderStore,
diff --git a/packages/client/src/store/builder.js b/packages/client/src/store/builder.js
index 401ccfcc79..cf6e8afb95 100644
--- a/packages/client/src/store/builder.js
+++ b/packages/client/src/store/builder.js
@@ -1,5 +1,6 @@
 import { writable, derived } from "svelte/store"
 import Manifest from "@budibase/standard-components/manifest.json"
+import { findComponentById, findComponentPathById } from "../utils/components"
 
 const dispatchEvent = (type, data = {}) => {
   window.dispatchEvent(
@@ -9,25 +10,6 @@ const dispatchEvent = (type, data = {}) => {
   )
 }
 
-const findComponentById = (component, componentId) => {
-  if (!component || !componentId) {
-    return null
-  }
-  if (component._id === componentId) {
-    return component
-  }
-  if (!component._children?.length) {
-    return null
-  }
-  for (let child of component._children) {
-    const result = findComponentById(child, componentId)
-    if (result) {
-      return result
-    }
-  }
-  return null
-}
-
 const createBuilderStore = () => {
   const initialState = {
     inBuilder: false,
@@ -37,9 +19,15 @@ const createBuilderStore = () => {
     selectedComponentId: null,
     previewId: null,
     previewType: null,
+    selectedPath: [],
   }
   const writableStore = writable(initialState)
   const derivedStore = derived(writableStore, $state => {
+    // Avoid any of this logic if we aren't in the builder preview
+    if (!$state.inBuilder) {
+      return $state
+    }
+
     // Derive the selected component instance and definition
     const { layout, screen, previewType, selectedComponentId } = $state
     const asset = previewType === "layout" ? layout : screen
@@ -47,10 +35,15 @@ const createBuilderStore = () => {
     const prefix = "@budibase/standard-components/"
     const type = component?._component?.replace(prefix, "")
     const definition = type ? Manifest[type] : null
+
+    // Derive the selected component path
+    const path = findComponentPathById(asset.props, selectedComponentId) || []
+
     return {
       ...$state,
       selectedComponent: component,
       selectedComponentDefinition: definition,
+      selectedComponentPath: path?.map(component => component._id),
     }
   })
 
@@ -67,6 +60,14 @@ const createBuilderStore = () => {
     notifyLoaded: () => {
       dispatchEvent("preview-loaded")
     },
+    setSelectedPath: path => {
+      console.log("set to ")
+      console.log(path)
+      writableStore.update(state => {
+        state.selectedPath = path
+        return state
+      })
+    },
   }
   return {
     ...writableStore,
diff --git a/packages/client/src/store/dataSource.js b/packages/client/src/store/dataSource.js
index 2645c949a2..963548158d 100644
--- a/packages/client/src/store/dataSource.js
+++ b/packages/client/src/store/dataSource.js
@@ -1,5 +1,4 @@
 import { writable, get } from "svelte/store"
-import { notificationStore } from "./notification"
 
 export const createDataSourceStore = () => {
   const store = writable([])
@@ -67,12 +66,17 @@ export const createDataSourceStore = () => {
     const relatedInstances = get(store).filter(instance => {
       return instance.dataSourceId === dataSourceId
     })
-    if (relatedInstances?.length) {
-      notificationStore.blockNotifications(1000)
-    }
     relatedInstances?.forEach(instance => {
       instance.refresh()
     })
+
+    // Emit this as a window event, so parent screens which are iframing us in
+    // can also invalidate the same datasource
+    window.dispatchEvent(
+      new CustomEvent("invalidate-datasource", {
+        detail: { dataSourceId },
+      })
+    )
   }
 
   return {
diff --git a/packages/client/src/store/index.js b/packages/client/src/store/index.js
index 9a6c74e028..43de7bb6da 100644
--- a/packages/client/src/store/index.js
+++ b/packages/client/src/store/index.js
@@ -6,6 +6,7 @@ export { screenStore } from "./screens"
 export { builderStore } from "./builder"
 export { dataSourceStore } from "./dataSource"
 export { confirmationStore } from "./confirmation"
+export { peekStore } from "./peek"
 
 // Context stores are layered and duplicated, so it is not a singleton
 export { createContextStore } from "./context"
diff --git a/packages/client/src/store/notification.js b/packages/client/src/store/notification.js
index 6c40ca275f..e3af9aacd1 100644
--- a/packages/client/src/store/notification.js
+++ b/packages/client/src/store/notification.js
@@ -1,56 +1,63 @@
-import { writable } from "svelte/store"
+import { writable, get } from "svelte/store"
+import { generate } from "shortid"
+import { routeStore } from "./routes"
 
 const NOTIFICATION_TIMEOUT = 3000
 
 const createNotificationStore = () => {
-  const timeoutIds = new Set()
-  const _notifications = writable([], () => {
+  let timeout
+  let block = false
+
+  const store = writable(null, () => {
     return () => {
-      // clear all the timers
-      timeoutIds.forEach(timeoutId => {
-        clearTimeout(timeoutId)
-      })
-      _notifications.set([])
+      clearTimeout(timeout)
     }
   })
-  let block = false
 
   const blockNotifications = (timeout = 1000) => {
     block = true
     setTimeout(() => (block = false), timeout)
   }
 
-  const send = (message, type = "default") => {
+  const send = (message, type = "info", icon) => {
     if (block) {
       return
     }
-    let _id = id()
-    _notifications.update(state => {
-      return [...state, { id: _id, type, message }]
-    })
-    const timeoutId = setTimeout(() => {
-      _notifications.update(state => {
-        return state.filter(({ id }) => id !== _id)
-      })
-    }, NOTIFICATION_TIMEOUT)
-    timeoutIds.add(timeoutId)
-  }
 
-  const { subscribe } = _notifications
+    // If peeking, pass notifications back to parent window
+    if (get(routeStore).queryParams?.peek) {
+      window.dispatchEvent(
+        new CustomEvent("notification", {
+          detail: { message, type, icon },
+        })
+      )
+      return
+    }
+
+    store.set({
+      id: generate(),
+      type,
+      message,
+      icon,
+      delay: get(store) != null,
+    })
+    clearTimeout(timeout)
+    timeout = setTimeout(() => {
+      store.set(null)
+    }, NOTIFICATION_TIMEOUT)
+  }
 
   return {
-    subscribe,
-    send,
-    danger: msg => send(msg, "danger"),
-    warning: msg => send(msg, "warning"),
-    info: msg => send(msg, "info"),
-    success: msg => send(msg, "success"),
-    blockNotifications,
+    subscribe: store.subscribe,
+    actions: {
+      send,
+      info: msg => send(msg, "info", "Info"),
+      success: msg => send(msg, "success", "CheckmarkCircle"),
+      warning: msg => send(msg, "warning", "Alert"),
+      error: msg => send(msg, "error", "Alert"),
+      blockNotifications,
+    },
   }
 }
 
-function id() {
-  return "_" + Math.random().toString(36).substr(2, 9)
-}
-
 export const notificationStore = createNotificationStore()
diff --git a/packages/client/src/store/peek.js b/packages/client/src/store/peek.js
new file mode 100644
index 0000000000..df41f5daff
--- /dev/null
+++ b/packages/client/src/store/peek.js
@@ -0,0 +1,36 @@
+import { writable } from "svelte/store"
+
+const initialState = {
+  showPeek: false,
+  url: null,
+  href: null,
+  external: false,
+}
+
+const createPeekStore = () => {
+  const store = writable(initialState)
+
+  const showPeek = url => {
+    let href = url
+    let external = !url.startsWith("/")
+    if (!external) {
+      href = `${window.location.href.split("#")[0]}#${url}?peek=true`
+    }
+    store.set({
+      showPeek: true,
+      url,
+      href,
+      external,
+    })
+  }
+  const hidePeek = () => {
+    store.set(initialState)
+  }
+
+  return {
+    subscribe: store.subscribe,
+    actions: { showPeek, hidePeek },
+  }
+}
+
+export const peekStore = createPeekStore()
diff --git a/packages/client/src/store/routes.js b/packages/client/src/store/routes.js
index d0e848b68e..e6473fb40c 100644
--- a/packages/client/src/store/routes.js
+++ b/packages/client/src/store/routes.js
@@ -9,6 +9,7 @@ const createRouteStore = () => {
     activeRoute: null,
     routeSessionId: Math.random(),
     routerLoaded: false,
+    queryParams: {},
   }
   const store = writable(initialState)
 
@@ -41,6 +42,17 @@ const createRouteStore = () => {
       return state
     })
   }
+  const setQueryParams = queryParams => {
+    store.update(state => {
+      state.queryParams = {
+        ...queryParams,
+        // Never unset the peek param - screen peek modals should always be
+        // in a peek state, even if they navigate to a different page
+        peek: queryParams.peek || state.queryParams?.peek,
+      }
+      return state
+    })
+  }
   const setActiveRoute = route => {
     store.update(state => {
       state.activeRoute = state.routes.find(x => x.path === route)
@@ -58,6 +70,7 @@ const createRouteStore = () => {
       fetchRoutes,
       navigate,
       setRouteParams,
+      setQueryParams,
       setActiveRoute,
       setRouterLoaded,
     },
diff --git a/packages/client/src/store/screens.js b/packages/client/src/store/screens.js
index 367d9ecfea..702f662f8a 100644
--- a/packages/client/src/store/screens.js
+++ b/packages/client/src/store/screens.js
@@ -1,7 +1,12 @@
-import { derived } from "svelte/store"
+import { derived, get } from "svelte/store"
 import { routeStore } from "./routes"
 import { builderStore } from "./builder"
 import { appStore } from "./app"
+import {
+  findComponentPathById,
+  findChildrenByType,
+  findComponentById,
+} from "../utils/components"
 
 const createScreenStore = () => {
   const store = derived(
@@ -36,8 +41,39 @@ const createScreenStore = () => {
     }
   )
 
+  // Utils to parse component definitions
+  const actions = {
+    findComponentById: componentId => {
+      const { activeScreen, activeLayout } = get(store)
+      let result = findComponentById(activeScreen?.props, componentId)
+      if (result) {
+        return result
+      }
+      return findComponentById(activeLayout?.props)
+    },
+    findComponentPathById: componentId => {
+      const { activeScreen, activeLayout } = get(store)
+      let result = findComponentPathById(activeScreen?.props, componentId)
+      if (result) {
+        return result
+      }
+      return findComponentPathById(activeLayout?.props)
+    },
+    findChildrenByType: (componentId, type) => {
+      const component = actions.findComponentById(componentId)
+      if (!component || !component._children) {
+        return null
+      }
+      let children = []
+      findChildrenByType(component, type, children)
+      console.log(children)
+      return children
+    },
+  }
+
   return {
     subscribe: store.subscribe,
+    actions,
   }
 }
 
diff --git a/packages/client/src/utils/buttonActions.js b/packages/client/src/utils/buttonActions.js
index ea29180d36..e6be6ec03d 100644
--- a/packages/client/src/utils/buttonActions.js
+++ b/packages/client/src/utils/buttonActions.js
@@ -4,6 +4,7 @@ import {
   builderStore,
   confirmationStore,
   authStore,
+  peekStore,
 } from "../store"
 import { saveRow, deleteRow, executeQuery, triggerAutomation } from "../api"
 import { ActionTypes } from "../constants"
@@ -39,13 +40,19 @@ const triggerAutomationHandler = async action => {
 }
 
 const navigationHandler = action => {
-  const { url } = action.parameters
+  const { url, peek } = action.parameters
   if (url) {
-    const external = !url.startsWith("/")
-    if (external) {
-      window.location.href = url
+    // If we're already peeking, don't peek again
+    const isPeeking = get(routeStore).queryParams?.peek
+    if (peek && !isPeeking) {
+      peekStore.actions.showPeek(url)
     } else {
-      routeStore.actions.navigate(action.parameters.url)
+      const external = !url.startsWith("/")
+      if (external) {
+        window.location.href = url
+      } else {
+        routeStore.actions.navigate(action.parameters.url)
+      }
     }
   }
 }
@@ -59,10 +66,15 @@ const queryExecutionHandler = async action => {
   })
 }
 
-const executeActionHandler = async (context, componentId, actionType) => {
+const executeActionHandler = async (
+  context,
+  componentId,
+  actionType,
+  params
+) => {
   const fn = context[`${componentId}_${actionType}`]
   if (fn) {
-    return await fn()
+    return await fn(params)
   }
 }
 
@@ -70,7 +82,8 @@ const validateFormHandler = async (action, context) => {
   return await executeActionHandler(
     context,
     action.parameters.componentId,
-    ActionTypes.ValidateForm
+    ActionTypes.ValidateForm,
+    action.parameters.onlyCurrentStep
   )
 }
 
@@ -94,6 +107,21 @@ const clearFormHandler = async (action, context) => {
   )
 }
 
+const changeFormStepHandler = async (action, context) => {
+  return await executeActionHandler(
+    context,
+    action.parameters.componentId,
+    ActionTypes.ChangeFormStep,
+    action.parameters
+  )
+}
+
+const closeScreenModalHandler = () => {
+  // Emit this as a window event, so parent screens which are iframing us in
+  // can close the modal
+  window.dispatchEvent(new Event("close-screen-modal"))
+}
+
 const handlerMap = {
   ["Save Row"]: saveRowHandler,
   ["Delete Row"]: deleteRowHandler,
@@ -104,6 +132,8 @@ const handlerMap = {
   ["Refresh Datasource"]: refreshDatasourceHandler,
   ["Log Out"]: logoutHandler,
   ["Clear Form"]: clearFormHandler,
+  ["Close Screen Modal"]: closeScreenModalHandler,
+  ["Change Form Step"]: changeFormStepHandler,
 }
 
 const confirmTextMap = {
diff --git a/packages/client/src/utils/componentProps.js b/packages/client/src/utils/componentProps.js
index 5472c57308..a181d1ea4d 100644
--- a/packages/client/src/utils/componentProps.js
+++ b/packages/client/src/utils/componentProps.js
@@ -51,6 +51,12 @@ export const enrichProps = (props, context) => {
           condition.settingValue,
           totalContext
         )
+
+        // If there is an onclick function in here then it won't be serialised
+        // properly, and therefore will not be updated properly.
+        // The solution to this is add a rand which will ensure diffs happen
+        // every time.
+        condition.rand = Math.random()
       }
     })
   }
diff --git a/packages/client/src/utils/components.js b/packages/client/src/utils/components.js
new file mode 100644
index 0000000000..4b1b8a7ada
--- /dev/null
+++ b/packages/client/src/utils/components.js
@@ -0,0 +1,62 @@
+/**
+ * Finds a component instance by ID
+ */
+export const findComponentById = (component, componentId) => {
+  if (!component || !componentId) {
+    return null
+  }
+  if (component._id === componentId) {
+    return component
+  }
+  if (!component._children?.length) {
+    return null
+  }
+  for (let child of component._children) {
+    const result = findComponentById(child, componentId)
+    if (result) {
+      return result
+    }
+  }
+  return null
+}
+
+/**
+ * Finds the component path to a component
+ */
+export const findComponentPathById = (component, componentId, path = []) => {
+  if (!component || !componentId) {
+    return null
+  }
+  path = [...path, component]
+  if (component._id === componentId) {
+    return path
+  }
+  if (!component._children?.length) {
+    return null
+  }
+  for (let child of component._children) {
+    const result = findComponentPathById(child, componentId, path)
+    if (result) {
+      return result
+    }
+  }
+  return null
+}
+
+/**
+ * Finds all children instances of a certain component type of a given component
+ */
+export const findChildrenByType = (component, type, children = []) => {
+  if (!component) {
+    return
+  }
+  if (component._component.endsWith(`/${type}`)) {
+    children.push(component)
+  }
+  if (!component._children?.length) {
+    return
+  }
+  component._children.forEach(child => {
+    findChildrenByType(child, type, children)
+  })
+}
diff --git a/packages/server/.gitignore b/packages/server/.gitignore
index e8589f631d..48207e3dd4 100644
--- a/packages/server/.gitignore
+++ b/packages/server/.gitignore
@@ -7,3 +7,4 @@ public/
 db/dev.db/
 dist
 coverage/
+watchtower-hook.json
\ No newline at end of file
diff --git a/packages/server/Dockerfile b/packages/server/Dockerfile
index 253bcb339d..b2e4efadb9 100644
--- a/packages/server/Dockerfile
+++ b/packages/server/Dockerfile
@@ -1,5 +1,10 @@
 FROM node:12-alpine
 
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-check="scripts/watchtower-hooks/pre-check.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-update="scripts/watchtower-hooks/pre-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-update="scripts/watchtower-hooks/post-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-check="scripts/watchtower-hooks/post-check.sh"
+
 WORKDIR /app
 
 ENV PORT=4001
diff --git a/packages/server/__mocks__/mongodb.ts b/packages/server/__mocks__/mongodb.ts
index d7d8f852c1..06eefefea6 100644
--- a/packages/server/__mocks__/mongodb.ts
+++ b/packages/server/__mocks__/mongodb.ts
@@ -5,11 +5,26 @@ module MongoMock {
     this.connect = jest.fn()
     this.close = jest.fn()
     this.insertOne = jest.fn()
+    this.insertMany = jest.fn(() => ({toArray: () => []}))
     this.find = jest.fn(() => ({toArray: () => []}))
+    this.findOne = jest.fn()
+    this.count = jest.fn()
+    this.deleteOne = jest.fn()
+    this.deleteMany = jest.fn(() => ({toArray: () => []}))
+    this.updateOne = jest.fn()
+    this.updateMany = jest.fn(() => ({toArray: () => []}))
+
 
     this.collection = jest.fn(() => ({
       insertOne: this.insertOne,
       find: this.find,
+      insertMany: this.insertMany,
+      findOne: this.findOne,
+      count: this.count,
+      deleteOne: this.deleteOne,
+      deleteMany: this.deleteMany,
+      updateOne: this.updateOne,
+      updateMany: this.updateMany,
     }))
 
     this.db = () => ({
diff --git a/packages/server/__mocks__/node-fetch.ts b/packages/server/__mocks__/node-fetch.ts
index eaac412854..dfb839fe85 100644
--- a/packages/server/__mocks__/node-fetch.ts
+++ b/packages/server/__mocks__/node-fetch.ts
@@ -16,7 +16,7 @@ module FetchMock {
       }
     }
 
-    if (url.includes("/api/admin")) {
+    if (url.includes("/api/global")) {
       return json({
         email: "test@test.com",
         _id: "us_test@test.com",
diff --git a/packages/server/package.json b/packages/server/package.json
index cd92eaabfa..d16deeb9bd 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/server",
   "email": "hi@budibase.com",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "description": "Budibase Web Server",
   "main": "src/index.js",
   "repository": {
@@ -23,7 +23,9 @@
     "format": "prettier --config ../../.prettierrc.json 'src/**/*.ts' --write",
     "lint": "eslint --fix src/",
     "lint:fix": "yarn run format && yarn run lint",
-    "initialise": "node scripts/initialise.js"
+    "initialise": "node scripts/initialise.js",
+    "multi:enable": "node scripts/multiTenancy.js enable",
+    "multi:disable": "node scripts/multiTenancy.js disable"
   },
   "jest": {
     "preset": "ts-jest",
@@ -60,9 +62,9 @@
   "author": "Budibase",
   "license": "AGPL-3.0-or-later",
   "dependencies": {
-    "@budibase/auth": "^0.9.115",
-    "@budibase/client": "^0.9.115",
-    "@budibase/string-templates": "^0.9.115",
+    "@budibase/auth": "^0.9.116-alpha.0",
+    "@budibase/client": "^0.9.116-alpha.0",
+    "@budibase/string-templates": "^0.9.116-alpha.0",
     "@elastic/elasticsearch": "7.10.0",
     "@koa/router": "8.0.0",
     "@sendgrid/mail": "7.1.1",
@@ -115,7 +117,7 @@
   "devDependencies": {
     "@babel/core": "^7.14.3",
     "@babel/preset-env": "^7.14.4",
-    "@budibase/standard-components": "^0.9.115",
+    "@budibase/standard-components": "^0.9.116-alpha.0",
     "@jest/test-sequencer": "^24.8.0",
     "@types/bull": "^3.15.1",
     "@types/jest": "^26.0.23",
@@ -136,7 +138,8 @@
     "supertest": "^4.0.2",
     "ts-jest": "^27.0.3",
     "ts-node": "^10.0.0",
-    "typescript": "^4.3.4"
+    "typescript": "^4.3.4",
+    "update-dotenv": "^1.1.1"
   },
   "gitHead": "d1836a898cab3f8ab80ee6d8f42be1a9eed7dcdc"
 }
diff --git a/packages/server/scripts/dev/manage.js b/packages/server/scripts/dev/manage.js
index ffd8c6b9e3..2557f88adf 100644
--- a/packages/server/scripts/dev/manage.js
+++ b/packages/server/scripts/dev/manage.js
@@ -33,26 +33,29 @@ async function init() {
   fs.writeFileSync(envoyOutputPath, processStringSync(contents, config))
 
   const envFilePath = path.join(process.cwd(), ".env")
-  const envFileJson = {
-    PORT: 4001,
-    MINIO_URL: "http://localhost:10000/",
-    COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
-    REDIS_URL: "localhost:6379",
-    WORKER_URL: "http://localhost:4002",
-    INTERNAL_API_KEY: "budibase",
-    JWT_SECRET: "testsecret",
-    REDIS_PASSWORD: "budibase",
-    MINIO_ACCESS_KEY: "budibase",
-    MINIO_SECRET_KEY: "budibase",
-    COUCH_DB_PASSWORD: "budibase",
-    COUCH_DB_USER: "budibase",
-    SELF_HOSTED: 1,
+  if (!fs.existsSync(envFilePath)) {
+    const envFileJson = {
+      PORT: 4001,
+      MINIO_URL: "http://localhost:10000/",
+      COUCH_DB_URL: "http://@localhost:10000/db/",
+      REDIS_URL: "localhost:6379",
+      WORKER_URL: "http://localhost:4002",
+      INTERNAL_API_KEY: "budibase",
+      JWT_SECRET: "testsecret",
+      REDIS_PASSWORD: "budibase",
+      MINIO_ACCESS_KEY: "budibase",
+      MINIO_SECRET_KEY: "budibase",
+      COUCH_DB_PASSWORD: "budibase",
+      COUCH_DB_USER: "budibase",
+      SELF_HOSTED: 1,
+      MULTI_TENANCY: "",
+    }
+    let envFile = ""
+    Object.keys(envFileJson).forEach(key => {
+      envFile += `${key}=${envFileJson[key]}\n`
+    })
+    fs.writeFileSync(envFilePath, envFile)
   }
-  let envFile = ""
-  Object.keys(envFileJson).forEach(key => {
-    envFile += `${key}=${envFileJson[key]}\n`
-  })
-  fs.writeFileSync(envFilePath, envFile)
 }
 
 async function up() {
diff --git a/packages/server/scripts/integrations/postgres/init.sql b/packages/server/scripts/integrations/postgres/init.sql
index 5a99520c1e..cc2fc734f8 100644
--- a/packages/server/scripts/integrations/postgres/init.sql
+++ b/packages/server/scripts/integrations/postgres/init.sql
@@ -10,10 +10,11 @@ CREATE TABLE Persons (
 CREATE TABLE Tasks (
     TaskID SERIAL PRIMARY KEY,
     PersonID INT,
+    Completed BOOLEAN,
     TaskName varchar(255),
     CONSTRAINT fkPersons
         FOREIGN KEY(PersonID)
-	    REFERENCES Persons(PersonID)
+            REFERENCES Persons(PersonID)
 );
 CREATE TABLE Products (
     ProductID SERIAL PRIMARY KEY,
@@ -24,15 +25,15 @@ CREATE TABLE Products_Tasks (
     TaskID INT NOT NULL,
     CONSTRAINT fkProducts
         FOREIGN KEY(ProductID)
-	    REFERENCES Products(ProductID),
+            REFERENCES Products(ProductID),
     CONSTRAINT fkTasks
         FOREIGN KEY(TaskID)
-	    REFERENCES Tasks(TaskID),
+            REFERENCES Tasks(TaskID),
     PRIMARY KEY (ProductID, TaskID)
 );
 INSERT INTO Persons (FirstName, LastName, Address, City) VALUES ('Mike', 'Hughes', '123 Fake Street', 'Belfast');
-INSERT INTO Tasks (PersonID, TaskName) VALUES (1, 'assembling');
-INSERT INTO Tasks (PersonID, TaskName) VALUES (1, 'processing');
+INSERT INTO Tasks (PersonID, TaskName, Completed) VALUES (1, 'assembling', TRUE);
+INSERT INTO Tasks (PersonID, TaskName, Completed) VALUES (1, 'processing', FALSE);
 INSERT INTO Products (ProductName) VALUES ('Computers');
 INSERT INTO Products (ProductName) VALUES ('Laptops');
 INSERT INTO Products (ProductName) VALUES ('Chairs');
diff --git a/packages/server/scripts/multiTenancy.js b/packages/server/scripts/multiTenancy.js
new file mode 100644
index 0000000000..89ee7398f3
--- /dev/null
+++ b/packages/server/scripts/multiTenancy.js
@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+const updateDotEnv = require("update-dotenv")
+
+const arg = process.argv.slice(2)[0]
+
+updateDotEnv({
+  MULTI_TENANCY: arg === "enable" ? "1" : "",
+}).then(() => console.log("Updated server!"))
diff --git a/packages/server/scripts/watchtower-hooks/post-check.sh b/packages/server/scripts/watchtower-hooks/post-check.sh
new file mode 100755
index 0000000000..df95917d98
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/post-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/post-update.sh b/packages/server/scripts/watchtower-hooks/post-update.sh
new file mode 100755
index 0000000000..fe57719781
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/post-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/pre-check.sh b/packages/server/scripts/watchtower-hooks/pre-check.sh
new file mode 100755
index 0000000000..ffaa41ad5f
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/pre-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/scripts/watchtower-hooks/pre-update.sh b/packages/server/scripts/watchtower-hooks/pre-update.sh
new file mode 100755
index 0000000000..4584d96fc9
--- /dev/null
+++ b/packages/server/scripts/watchtower-hooks/pre-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/server/src/api/controllers/apikeys.js b/packages/server/src/api/controllers/apikeys.js
index 55422ee603..9b1ddee4c4 100644
--- a/packages/server/src/api/controllers/apikeys.js
+++ b/packages/server/src/api/controllers/apikeys.js
@@ -1,8 +1,30 @@
-const builderDB = require("../../db/builder")
+const { StaticDatabases } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
+
+const KEYS_DOC = StaticDatabases.GLOBAL.docs.apiKeys
+
+async function getBuilderMainDoc() {
+  const db = getGlobalDB()
+  try {
+    return await db.get(KEYS_DOC)
+  } catch (err) {
+    // doesn't exist yet, nothing to get
+    return {
+      _id: KEYS_DOC,
+    }
+  }
+}
+
+async function setBuilderMainDoc(doc) {
+  // make sure to override the ID
+  doc._id = KEYS_DOC
+  const db = getGlobalDB()
+  return db.put(doc)
+}
 
 exports.fetch = async function (ctx) {
   try {
-    const mainDoc = await builderDB.getBuilderMainDoc()
+    const mainDoc = await getBuilderMainDoc()
     ctx.body = mainDoc.apiKeys ? mainDoc.apiKeys : {}
   } catch (err) {
     /* istanbul ignore next */
@@ -15,12 +37,12 @@ exports.update = async function (ctx) {
   const value = ctx.request.body.value
 
   try {
-    const mainDoc = await builderDB.getBuilderMainDoc()
+    const mainDoc = await getBuilderMainDoc()
     if (mainDoc.apiKeys == null) {
       mainDoc.apiKeys = {}
     }
     mainDoc.apiKeys[key] = value
-    const resp = await builderDB.setBuilderMainDoc(mainDoc)
+    const resp = await setBuilderMainDoc(mainDoc)
     ctx.body = {
       _id: resp.id,
       _rev: resp.rev,
diff --git a/packages/server/src/api/controllers/application.js b/packages/server/src/api/controllers/application.js
index a2e254461a..d0de611d74 100644
--- a/packages/server/src/api/controllers/application.js
+++ b/packages/server/src/api/controllers/application.js
@@ -25,7 +25,7 @@ const { BASE_LAYOUTS } = require("../../constants/layouts")
 const { createHomeScreen } = require("../../constants/screens")
 const { cloneDeep } = require("lodash/fp")
 const { processObject } = require("@budibase/string-templates")
-const { getAllApps } = require("../../utilities")
+const { getAllApps } = require("@budibase/auth/db")
 const { USERS_TABLE_SCHEMA } = require("../../constants")
 const {
   getDeployedApps,
@@ -38,6 +38,7 @@ const {
   backupClientLibrary,
   revertClientLibrary,
 } = require("../../utilities/fileSystem/clientLibrary")
+const { getTenantId, isMultiTenant } = require("@budibase/auth/tenancy")
 
 const URL_REGEX_SLASH = /\/|\\/g
 
@@ -93,7 +94,8 @@ async function getAppUrlIfNotInUse(ctx) {
 }
 
 async function createInstance(template) {
-  const baseAppId = generateAppID()
+  const tenantId = isMultiTenant() ? getTenantId() : null
+  const baseAppId = generateAppID(tenantId)
   const appId = generateDevAppID(baseAppId)
 
   const db = new CouchDB(appId)
@@ -128,7 +130,7 @@ async function createInstance(template) {
 exports.fetch = async function (ctx) {
   const dev = ctx.query && ctx.query.status === AppStatus.DEV
   const all = ctx.query && ctx.query.status === AppStatus.ALL
-  const apps = await getAllApps({ CouchDB, dev, all })
+  const apps = await getAllApps(CouchDB, { dev, all })
 
   // get the locks for all the dev apps
   if (dev || all) {
@@ -220,10 +222,12 @@ exports.create = async function (ctx) {
     url: url,
     template: ctx.request.body.template,
     instance: instance,
+    tenantId: getTenantId(),
     updatedAt: new Date().toISOString(),
     createdAt: new Date().toISOString(),
   }
-  await db.put(newApplication, { force: true })
+  const response = await db.put(newApplication, { force: true })
+  newApplication._rev = response.rev
 
   await createEmptyAppPackage(ctx, newApplication)
   /* istanbul ignore next */
@@ -295,7 +299,7 @@ exports.delete = async function (ctx) {
     await deleteApp(ctx.params.appId)
   }
   // make sure the app/role doesn't stick around after the app has been deleted
-  await removeAppFromUserRoles(ctx.params.appId)
+  await removeAppFromUserRoles(ctx, ctx.params.appId)
 
   ctx.status = 200
   ctx.body = result
diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js
index da863f5493..5078218fc7 100644
--- a/packages/server/src/api/controllers/auth.js
+++ b/packages/server/src/api/controllers/auth.js
@@ -22,7 +22,7 @@ exports.fetchSelf = async ctx => {
       const userTable = await db.get(InternalTables.USER_METADATA)
       const metadata = await db.get(userId)
       // specifically needs to make sure is enriched
-      ctx.body = await outputProcessing(appId, userTable, {
+      ctx.body = await outputProcessing(ctx, userTable, {
         ...user,
         ...metadata,
       })
diff --git a/packages/server/src/api/controllers/datasource.js b/packages/server/src/api/controllers/datasource.js
index dabd5a6e96..df1cf7b40e 100644
--- a/packages/server/src/api/controllers/datasource.js
+++ b/packages/server/src/api/controllers/datasource.js
@@ -57,6 +57,28 @@ exports.buildSchemaFromDb = async function (ctx) {
   ctx.body = datasource
 }
 
+exports.update = async function (ctx) {
+  const db = new CouchDB(ctx.appId)
+  const datasourceId = ctx.params.datasourceId
+  const datasource = await db.get(datasourceId)
+  datasource.name = ctx.request.body.name
+
+  const response = await db.put(datasource)
+  datasource._rev = response.rev
+
+  // Drain connection pools when configuration is changed
+  if (datasource.source) {
+    const source = integrations[datasource.source]
+    if (source && source.pool) {
+      await source.pool.end()
+    }
+  }
+
+  ctx.status = 200
+  ctx.message = "Datasource saved successfully."
+  ctx.body = datasource
+}
+
 exports.save = async function (ctx) {
   const db = new CouchDB(ctx.appId)
   const plus = ctx.request.body.plus
diff --git a/packages/server/src/api/controllers/deploy/index.js b/packages/server/src/api/controllers/deploy/index.js
index f5db81e6e8..4608ca6342 100644
--- a/packages/server/src/api/controllers/deploy/index.js
+++ b/packages/server/src/api/controllers/deploy/index.js
@@ -1,6 +1,6 @@
-const PouchDB = require("../../../db")
+const CouchDB = require("../../../db")
 const Deployment = require("./Deployment")
-const { Replication, StaticDatabases } = require("@budibase/auth/db")
+const { Replication } = require("@budibase/auth/db")
 const { DocumentTypes } = require("../../../db/utils")
 
 // the max time we can wait for an invalidation to complete before considering it failed
@@ -31,13 +31,14 @@ async function checkAllDeployments(deployments) {
 async function storeDeploymentHistory(deployment) {
   const appId = deployment.getAppId()
   const deploymentJSON = deployment.getJSON()
-  const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
+  const db = new CouchDB(appId)
 
   let deploymentDoc
   try {
-    deploymentDoc = await db.get(appId)
+    // theres only one deployment doc per app database
+    deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
   } catch (err) {
-    deploymentDoc = { _id: appId, history: {} }
+    deploymentDoc = { _id: DocumentTypes.DEPLOYMENTS, history: {} }
   }
 
   const deploymentId = deploymentJSON._id
@@ -67,7 +68,7 @@ async function deployApp(deployment) {
     })
 
     await replication.replicate()
-    const db = new PouchDB(productionAppId)
+    const db = new CouchDB(productionAppId)
     const appDoc = await db.get(DocumentTypes.APP_METADATA)
     appDoc.appId = productionAppId
     appDoc.instance._id = productionAppId
@@ -98,8 +99,9 @@ async function deployApp(deployment) {
 
 exports.fetchDeployments = async function (ctx) {
   try {
-    const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
-    const deploymentDoc = await db.get(ctx.appId)
+    const appId = ctx.appId
+    const db = new CouchDB(appId)
+    const deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
     const { updated, deployments } = await checkAllDeployments(
       deploymentDoc,
       ctx.user
@@ -115,8 +117,9 @@ exports.fetchDeployments = async function (ctx) {
 
 exports.deploymentProgress = async function (ctx) {
   try {
-    const db = new PouchDB(StaticDatabases.DEPLOYMENTS.name)
-    const deploymentDoc = await db.get(ctx.appId)
+    const appId = ctx.appId
+    const db = new CouchDB(appId)
+    const deploymentDoc = await db.get(DocumentTypes.DEPLOYMENTS)
     ctx.body = deploymentDoc[ctx.params.deploymentId]
   } catch (err) {
     ctx.throw(
diff --git a/packages/server/src/api/controllers/dev.js b/packages/server/src/api/controllers/dev.js
index 6dcd5727fb..d75c4032d7 100644
--- a/packages/server/src/api/controllers/dev.js
+++ b/packages/server/src/api/controllers/dev.js
@@ -9,8 +9,9 @@ const { DocumentTypes } = require("../../db/utils")
 
 async function redirect(ctx, method) {
   const { devPath } = ctx.params
+  const queryString = ctx.originalUrl.split("?")[1] || ""
   const response = await fetch(
-    checkSlashesInUrl(`${env.WORKER_URL}/api/admin/${devPath}`),
+    checkSlashesInUrl(`${env.WORKER_URL}/api/global/${devPath}?${queryString}`),
     request(
       ctx,
       {
diff --git a/packages/server/src/api/controllers/row/internal.js b/packages/server/src/api/controllers/row/internal.js
index 25ebb5375b..e39bc2aff9 100644
--- a/packages/server/src/api/controllers/row/internal.js
+++ b/packages/server/src/api/controllers/row/internal.js
@@ -57,7 +57,7 @@ exports.patch = async ctx => {
   })
 
   if (!validateResult.valid) {
-    throw validateResult.errors
+    throw { validation: validateResult.errors }
   }
 
   // returned row is cleaned and prepared for writing to DB
@@ -105,7 +105,7 @@ exports.save = async function (ctx) {
   })
 
   if (!validateResult.valid) {
-    throw validateResult.errors
+    throw { validation: validateResult.errors }
   }
 
   // make sure link rows are up to date
@@ -161,7 +161,7 @@ exports.fetchView = async ctx => {
         schema: {},
       }
     }
-    rows = await outputProcessing(appId, table, response.rows)
+    rows = await outputProcessing(ctx, table, response.rows)
   }
 
   if (calculation === CALCULATION_TYPES.STATS) {
@@ -204,7 +204,7 @@ exports.fetch = async ctx => {
     )
     rows = response.rows.map(row => row.doc)
   }
-  return outputProcessing(appId, table, rows)
+  return outputProcessing(ctx, table, rows)
 }
 
 exports.find = async ctx => {
@@ -212,7 +212,7 @@ exports.find = async ctx => {
   const db = new CouchDB(appId)
   const table = await db.get(ctx.params.tableId)
   let row = await findRow(ctx, db, ctx.params.tableId, ctx.params.rowId)
-  row = await outputProcessing(appId, table, row)
+  row = await outputProcessing(ctx, table, row)
   return row
 }
 
@@ -291,7 +291,7 @@ exports.search = async ctx => {
   // Enrich search results with relationships
   if (response.rows && response.rows.length) {
     const table = await db.get(tableId)
-    response.rows = await outputProcessing(appId, table, response.rows)
+    response.rows = await outputProcessing(ctx, table, response.rows)
   }
 
   return response
@@ -328,7 +328,7 @@ exports.fetchEnrichedRow = async ctx => {
   })
   // need to include the IDs in these rows for any links they may have
   let linkedRows = await outputProcessing(
-    appId,
+    ctx,
     table,
     response.rows.map(row => row.doc)
   )
diff --git a/packages/server/src/api/controllers/row/internalSearch.js b/packages/server/src/api/controllers/row/internalSearch.js
index c13091d6e8..cc35da40ec 100644
--- a/packages/server/src/api/controllers/row/internalSearch.js
+++ b/packages/server/src/api/controllers/row/internalSearch.js
@@ -1,6 +1,6 @@
 const { SearchIndexes } = require("../../../db/utils")
-const env = require("../../../environment")
 const fetch = require("node-fetch")
+const { getCouchUrl } = require("@budibase/auth/db")
 
 /**
  * Class to build lucene query URLs.
@@ -233,7 +233,9 @@ class QueryBuilder {
   }
 
   async run() {
-    const url = `${env.COUCH_DB_URL}/${this.appId}/_design/database/_search/${SearchIndexes.ROWS}`
+    const url = `${getCouchUrl()}/${this.appId}/_design/database/_search/${
+      SearchIndexes.ROWS
+    }`
     const body = this.buildSearchBody()
     return await runQuery(url, body)
   }
diff --git a/packages/server/src/api/controllers/table/utils.js b/packages/server/src/api/controllers/table/utils.js
index 70e423ca82..154a9ba8f5 100644
--- a/packages/server/src/api/controllers/table/utils.js
+++ b/packages/server/src/api/controllers/table/utils.js
@@ -75,6 +75,7 @@ exports.handleDataImport = async (appId, user, table, dataImport) => {
       const processed = inputProcessing(user, table, row)
       table = processed.table
       row = processed.row
+
       // make sure link rows are up to date
       row = await linkRows.updateLinks({
         appId,
diff --git a/packages/server/src/api/controllers/user.js b/packages/server/src/api/controllers/user.js
index 6778f983c2..935ead38b6 100644
--- a/packages/server/src/api/controllers/user.js
+++ b/packages/server/src/api/controllers/user.js
@@ -17,7 +17,7 @@ function removeGlobalProps(user) {
 
 exports.fetchMetadata = async function (ctx) {
   const database = new CouchDB(ctx.appId)
-  const global = await getGlobalUsers(ctx.appId)
+  const global = await getGlobalUsers(ctx, ctx.appId)
   const metadata = (
     await database.allDocs(
       getUserMetadataParams(null, {
diff --git a/packages/server/src/api/index.js b/packages/server/src/api/index.js
index 6c4188a5dc..c473bf619b 100644
--- a/packages/server/src/api/index.js
+++ b/packages/server/src/api/index.js
@@ -1,5 +1,6 @@
 const Router = require("@koa/router")
-const { buildAuthMiddleware, auditLog } = require("@budibase/auth").auth
+const { buildAuthMiddleware, auditLog, buildTenancyMiddleware } =
+  require("@budibase/auth").auth
 const currentApp = require("../middleware/currentapp")
 const compress = require("koa-compress")
 const zlib = require("zlib")
@@ -9,6 +10,13 @@ const env = require("../environment")
 
 const router = new Router()
 
+const NO_TENANCY_ENDPOINTS = [
+  {
+    route: "/api/analytics",
+    method: "GET",
+  },
+]
+
 router
   .use(
     compress({
@@ -36,6 +44,8 @@ router
       publicAllowed: true,
     })
   )
+  // nothing in the server should allow query string tenants
+  .use(buildTenancyMiddleware(null, NO_TENANCY_ENDPOINTS))
   .use(currentApp)
   .use(auditLog)
 
@@ -48,6 +58,7 @@ router.use(async (ctx, next) => {
     ctx.body = {
       message: err.message,
       status: ctx.status,
+      validationErrors: err.validation,
     }
     if (env.NODE_ENV !== "jest") {
       ctx.log.error(err)
diff --git a/packages/server/src/api/routes/application.js b/packages/server/src/api/routes/application.js
index c2eb19e101..c1d39acbd5 100644
--- a/packages/server/src/api/routes/application.js
+++ b/packages/server/src/api/routes/application.js
@@ -6,11 +6,11 @@ const { BUILDER } = require("@budibase/auth/permissions")
 const router = Router()
 
 router
+  .post("/api/applications", authorized(BUILDER), controller.create)
   .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
   .get("/api/applications", controller.fetch)
   .get("/api/applications/:appId/appPackage", controller.fetchAppPackage)
   .put("/api/applications/:appId", authorized(BUILDER), controller.update)
-  .post("/api/applications", authorized(BUILDER), controller.create)
   .post(
     "/api/applications/:appId/client/update",
     authorized(BUILDER),
diff --git a/packages/server/src/api/routes/datasource.js b/packages/server/src/api/routes/datasource.js
index e645cccd2b..ab5289176a 100644
--- a/packages/server/src/api/routes/datasource.js
+++ b/packages/server/src/api/routes/datasource.js
@@ -66,6 +66,11 @@ router
     authorized(PermissionTypes.TABLE, PermissionLevels.READ),
     datasourceController.find
   )
+  .put(
+    "/api/datasources/:datasourceId",
+    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    datasourceController.update
+  )
   .post(
     "/api/datasources/query",
     authorized(PermissionTypes.TABLE, PermissionLevels.READ),
diff --git a/packages/server/src/api/routes/dev.js b/packages/server/src/api/routes/dev.js
index cd4c6e8fde..7612d332dd 100644
--- a/packages/server/src/api/routes/dev.js
+++ b/packages/server/src/api/routes/dev.js
@@ -8,9 +8,9 @@ const router = Router()
 
 if (env.isDev() || env.isTest()) {
   router
-    .get("/api/admin/:devPath(.*)", controller.redirectGet)
-    .post("/api/admin/:devPath(.*)", controller.redirectPost)
-    .delete("/api/admin/:devPath(.*)", controller.redirectDelete)
+    .get("/api/global/:devPath(.*)", controller.redirectGet)
+    .post("/api/global/:devPath(.*)", controller.redirectPost)
+    .delete("/api/global/:devPath(.*)", controller.redirectDelete)
 }
 
 router
diff --git a/packages/server/src/api/routes/query.js b/packages/server/src/api/routes/query.js
index dd307c9444..2bbadcb40a 100644
--- a/packages/server/src/api/routes/query.js
+++ b/packages/server/src/api/routes/query.js
@@ -30,6 +30,7 @@ function generateQueryValidation() {
       default: Joi.string().allow(""),
     })),
     queryVerb: Joi.string().allow().required(),
+    extra: Joi.object().optional(),
     schema: Joi.object({}).required().unknown(true)
   }))
 }
@@ -39,6 +40,7 @@ function generateQueryPreviewValidation() {
   return joiValidator.body(Joi.object({
     fields: Joi.object().required(),
     queryVerb: Joi.string().allow().required(),
+    extra: Joi.object().optional(),
     datasourceId: Joi.string().required(),
     parameters: Joi.object({}).required().unknown(true)
   }))
diff --git a/packages/server/src/api/routes/tests/row.spec.js b/packages/server/src/api/routes/tests/row.spec.js
index 9515384608..d089d7775d 100644
--- a/packages/server/src/api/routes/tests/row.spec.js
+++ b/packages/server/src/api/routes/tests/row.spec.js
@@ -387,7 +387,7 @@ describe("/rows", () => {
       })
       // the environment needs configured for this
       await setup.switchToSelfHosted(async () => {
-        const enriched = await outputProcessing(config.getAppId(), table, [row])
+        const enriched = await outputProcessing({ appId: config.getAppId() }, table, [row])
         expect(enriched[0].attachment[0].url).toBe(
           `/prod-budi-app-assets/${config.getAppId()}/attachments/test/thing.csv`
         )
diff --git a/packages/server/src/api/routes/tests/utilities/TestFunctions.js b/packages/server/src/api/routes/tests/utilities/TestFunctions.js
index 3ba5b4d694..944d2ac527 100644
--- a/packages/server/src/api/routes/tests/utilities/TestFunctions.js
+++ b/packages/server/src/api/routes/tests/utilities/TestFunctions.js
@@ -3,6 +3,7 @@ const appController = require("../../../controllers/application")
 const CouchDB = require("../../../../db")
 const { AppStatus } = require("../../../../db/utils")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
+const { TENANT_ID } = require("../../../../tests/utilities/structures")
 
 function Request(appId, params) {
   this.appId = appId
@@ -16,8 +17,8 @@ exports.getAllTableRows = async config => {
   return req.body
 }
 
-exports.clearAllApps = async () => {
-  const req = { query: { status: AppStatus.DEV } }
+exports.clearAllApps = async (tenantId = TENANT_ID) => {
+  const req = { query: { status: AppStatus.DEV }, user: { tenantId } }
   await appController.fetch(req)
   const apps = req.body
   if (!apps || apps.length <= 0) {
diff --git a/packages/server/src/automations/steps/outgoingWebhook.js b/packages/server/src/automations/steps/outgoingWebhook.js
index 269e075018..c1edde7b4e 100644
--- a/packages/server/src/automations/steps/outgoingWebhook.js
+++ b/packages/server/src/automations/steps/outgoingWebhook.js
@@ -27,6 +27,7 @@ module.exports.definition = {
     requestMethod: "POST",
     url: "http://",
     requestBody: "{}",
+    headers: "{}",
   },
   schema: {
     inputs: {
@@ -45,6 +46,11 @@ module.exports.definition = {
           title: "JSON Body",
           customType: "wide",
         },
+        headers: {
+          type: "string",
+          title: "Headers",
+          customType: "wide",
+        },
       },
       required: ["requestMethod", "url"],
     },
@@ -65,7 +71,7 @@ module.exports.definition = {
 }
 
 module.exports.run = async function ({ inputs }) {
-  let { requestMethod, url, requestBody } = inputs
+  let { requestMethod, url, requestBody, headers } = inputs
   if (!url.startsWith("http")) {
     url = `http://${url}`
   }
@@ -84,6 +90,15 @@ module.exports.run = async function ({ inputs }) {
     request.headers = {
       "Content-Type": "application/json",
     }
+
+    if (headers && headers.length !== 0) {
+      try {
+        const customHeaders = JSON.parse(headers)
+        request.headers = { ...request.headers, ...customHeaders }
+      } catch (err) {
+        console.error(err)
+      }
+    }
   }
 
   try {
diff --git a/packages/server/src/automations/steps/serverLog.js b/packages/server/src/automations/steps/serverLog.js
index c28309c5c8..7389b65f54 100644
--- a/packages/server/src/automations/steps/serverLog.js
+++ b/packages/server/src/automations/steps/serverLog.js
@@ -19,7 +19,7 @@ module.exports.definition = {
       properties: {
         text: {
           type: "string",
-          title: "URL",
+          title: "Log",
         },
       },
       required: ["text"],
diff --git a/packages/server/src/automations/thread.js b/packages/server/src/automations/thread.js
index 7b6d969a98..aada0ca0ca 100644
--- a/packages/server/src/automations/thread.js
+++ b/packages/server/src/automations/thread.js
@@ -3,6 +3,10 @@ const logic = require("./logic")
 const automationUtils = require("./automationUtils")
 const AutomationEmitter = require("../events/AutomationEmitter")
 const { processObject } = require("@budibase/string-templates")
+const { DEFAULT_TENANT_ID } = require("@budibase/auth").constants
+const CouchDB = require("../db")
+const { DocumentTypes } = require("../db/utils")
+const { doInTenant } = require("@budibase/auth/tenancy")
 
 const FILTER_STEP_ID = logic.BUILTIN_DEFINITIONS.FILTER.stepId
 
@@ -16,6 +20,7 @@ class Orchestrator {
     this._metadata = triggerOutput.metadata
     this._chainCount = this._metadata ? this._metadata.automationChainCount : 0
     this._appId = triggerOutput.appId
+    this._app = null
     // remove from context
     delete triggerOutput.appId
     delete triggerOutput.metadata
@@ -40,8 +45,19 @@ class Orchestrator {
     return step
   }
 
+  async getApp() {
+    const appId = this._appId
+    if (this._app) {
+      return this._app
+    }
+    const db = new CouchDB(appId)
+    this._app = await db.get(DocumentTypes.APP_METADATA)
+    return this._app
+  }
+
   async execute() {
     let automation = this._automation
+    const app = await this.getApp()
     for (let step of automation.definition.steps) {
       let stepFn = await this.getStepFunctionality(step.type, step.stepId)
       step.inputs = await processObject(step.inputs, this._context)
@@ -51,12 +67,15 @@ class Orchestrator {
       )
       // appId is always passed
       try {
-        const outputs = await stepFn({
-          inputs: step.inputs,
-          appId: this._appId,
-          apiKey: automation.apiKey,
-          emitter: this._emitter,
-          context: this._context,
+        let tenantId = app.tenantId || DEFAULT_TENANT_ID
+        const outputs = await doInTenant(tenantId, () => {
+          return stepFn({
+            inputs: step.inputs,
+            appId: this._appId,
+            apiKey: automation.apiKey,
+            emitter: this._emitter,
+            context: this._context,
+          })
         })
         if (step.stepId === FILTER_STEP_ID && !outputs.success) {
           break
diff --git a/packages/server/src/db/builder.js b/packages/server/src/db/builder.js
deleted file mode 100644
index d2bbcd404b..0000000000
--- a/packages/server/src/db/builder.js
+++ /dev/null
@@ -1,38 +0,0 @@
-const CouchDB = require("./index")
-const { StaticDatabases } = require("./utils")
-const env = require("../environment")
-
-const SELF_HOST_ERR = "Unable to access builder DB/doc - not self hosted."
-const BUILDER_DB = StaticDatabases.BUILDER
-
-/**
- * This is the builder database, right now this is a single, static database
- * that is present across the whole system and determines some core functionality
- * for the builder (e.g. storage of API keys). This has been limited to self hosting
- * as it doesn't make as much sense against the currently design Cloud system.
- */
-
-exports.getBuilderMainDoc = async () => {
-  if (!env.SELF_HOSTED) {
-    throw SELF_HOST_ERR
-  }
-  const db = new CouchDB(BUILDER_DB.name)
-  try {
-    return await db.get(BUILDER_DB.baseDoc)
-  } catch (err) {
-    // doesn't exist yet, nothing to get
-    return {
-      _id: BUILDER_DB.baseDoc,
-    }
-  }
-}
-
-exports.setBuilderMainDoc = async doc => {
-  if (!env.SELF_HOSTED) {
-    throw SELF_HOST_ERR
-  }
-  // make sure to override the ID
-  doc._id = BUILDER_DB.baseDoc
-  const db = new CouchDB(BUILDER_DB.name)
-  return db.put(doc)
-}
diff --git a/packages/server/src/db/client.js b/packages/server/src/db/client.js
index d50d72b18d..a453ad8561 100644
--- a/packages/server/src/db/client.js
+++ b/packages/server/src/db/client.js
@@ -1,10 +1,11 @@
 const PouchDB = require("pouchdb")
+const { getCouchUrl } = require("@budibase/auth/db")
 const replicationStream = require("pouchdb-replication-stream")
 const allDbs = require("pouchdb-all-dbs")
 const find = require("pouchdb-find")
 const env = require("../environment")
 
-const COUCH_DB_URL = env.COUCH_DB_URL || "http://localhost:10000/db/"
+const COUCH_DB_URL = getCouchUrl() || "http://localhost:10000/db/"
 
 PouchDB.plugin(replicationStream.plugin)
 PouchDB.plugin(find)
diff --git a/packages/server/src/db/linkedRows/index.js b/packages/server/src/db/linkedRows/index.js
index 754340046d..dece78dcff 100644
--- a/packages/server/src/db/linkedRows/index.js
+++ b/packages/server/src/db/linkedRows/index.js
@@ -60,7 +60,7 @@ async function getLinksForRows(appId, rows) {
   )
 }
 
-async function getFullLinkedDocs(appId, links) {
+async function getFullLinkedDocs(ctx, appId, links) {
   // create DBs
   const db = new CouchDB(appId)
   const linkedRowIds = links.map(link => link.id)
@@ -71,7 +71,7 @@ async function getFullLinkedDocs(appId, links) {
   let [users, other] = partition(linked, linkRow =>
     linkRow._id.startsWith(USER_METDATA_PREFIX)
   )
-  const globalUsers = await getGlobalUsers(appId, users)
+  const globalUsers = await getGlobalUsers(ctx, appId, users)
   users = users.map(user => {
     const globalUser = globalUsers.find(
       globalUser => globalUser && user._id.includes(globalUser._id)
@@ -166,12 +166,13 @@ exports.attachLinkIDs = async (appId, rows) => {
 /**
  * Given a table and a list of rows this will retrieve all of the attached docs and enrich them into the row.
  * This is required for formula fields, this may only be utilised internally (for now).
- * @param {string} appId The app in which the tables/rows/links exist.
+ * @param {object} ctx The request which is looking for rows.
  * @param {object} table The table from which the rows originated.
  * @param {array<object>} rows The rows which are to be enriched.
  * @return {Promise<*>} returns the rows with all of the enriched relationships on it.
  */
-exports.attachFullLinkedDocs = async (appId, table, rows) => {
+exports.attachFullLinkedDocs = async (ctx, table, rows) => {
+  const appId = ctx.appId
   const linkedTableIds = getLinkedTableIDs(table)
   if (linkedTableIds.length === 0) {
     return rows
@@ -182,7 +183,7 @@ exports.attachFullLinkedDocs = async (appId, table, rows) => {
   const links = (await getLinksForRows(appId, rows)).filter(link =>
     rows.some(row => row._id === link.thisId)
   )
-  let linked = await getFullLinkedDocs(appId, links)
+  let linked = await getFullLinkedDocs(ctx, appId, links)
   const linkedTables = []
   for (let row of rows) {
     for (let link of links.filter(link => link.thisId === row._id)) {
diff --git a/packages/server/src/db/utils.js b/packages/server/src/db/utils.js
index 74ddf87176..92734c5e7b 100644
--- a/packages/server/src/db/utils.js
+++ b/packages/server/src/db/utils.js
@@ -34,6 +34,7 @@ const DocumentTypes = {
   DATASOURCE: "datasource",
   DATASOURCE_PLUS: "datasource_plus",
   QUERY: "query",
+  DEPLOYMENTS: "deployments",
 }
 
 const ViewNames = {
@@ -49,13 +50,7 @@ const SearchIndexes = {
   ROWS: "rows",
 }
 
-exports.StaticDatabases = {
-  BUILDER: {
-    name: "builder-db",
-    baseDoc: "builder-doc",
-  },
-  ...StaticDatabases,
-}
+exports.StaticDatabases = StaticDatabases
 
 const BudibaseInternalDB = {
   _id: "bb_internal",
@@ -230,8 +225,12 @@ exports.getLinkParams = (otherProps = {}) => {
  * Generates a new app ID.
  * @returns {string} The new app ID which the app doc can be stored under.
  */
-exports.generateAppID = () => {
-  return `${DocumentTypes.APP}${SEPARATOR}${newid()}`
+exports.generateAppID = (tenantId = null) => {
+  let id = `${DocumentTypes.APP}${SEPARATOR}`
+  if (tenantId) {
+    id += `${tenantId}${SEPARATOR}`
+  }
+  return `${id}${newid()}`
 }
 
 /**
@@ -240,8 +239,8 @@ exports.generateAppID = () => {
  */
 exports.generateDevAppID = appId => {
   const prefix = `${DocumentTypes.APP}${SEPARATOR}`
-  const uuid = appId.split(prefix)[1]
-  return `${DocumentTypes.APP_DEV}${SEPARATOR}${uuid}`
+  const rest = appId.split(prefix)[1]
+  return `${DocumentTypes.APP_DEV}${SEPARATOR}${rest}`
 }
 
 /**
diff --git a/packages/server/src/definitions/datasource.ts b/packages/server/src/definitions/datasource.ts
index 90270dd113..ec6a0db9c9 100644
--- a/packages/server/src/definitions/datasource.ts
+++ b/packages/server/src/definitions/datasource.ts
@@ -49,6 +49,15 @@ export interface QueryDefinition {
   urlDisplay?: boolean
 }
 
+export interface ExtraQueryConfig {
+  [key: string]: {
+    displayName: string
+    type: string
+    required: boolean
+    data?: object
+  }
+}
+
 export interface Integration {
   docs: string
   plus?: boolean
@@ -58,6 +67,7 @@ export interface Integration {
   query: {
     [key: string]: QueryDefinition
   }
+  extra?: ExtraQueryConfig
 }
 
 export interface SearchFilters {
diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js
index 52c680f65a..9f69664ffb 100644
--- a/packages/server/src/environment.js
+++ b/packages/server/src/environment.js
@@ -35,6 +35,7 @@ module.exports = {
   REDIS_URL: process.env.REDIS_URL,
   REDIS_PASSWORD: process.env.REDIS_PASSWORD,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
   // environment
   NODE_ENV: process.env.NODE_ENV,
   JEST_WORKER_ID: process.env.JEST_WORKER_ID,
diff --git a/packages/server/src/integrations/mongodb.ts b/packages/server/src/integrations/mongodb.ts
index af7b49153d..bbab9a0d84 100644
--- a/packages/server/src/integrations/mongodb.ts
+++ b/packages/server/src/integrations/mongodb.ts
@@ -10,7 +10,6 @@ module MongoDBModule {
   interface MongoDBConfig {
     connectionString: string
     db: string
-    collection: string
   }
 
   const SCHEMA: Integration = {
@@ -28,10 +27,6 @@ module MongoDBModule {
         type: DatasourceFieldTypes.STRING,
         required: true,
       },
-      collection: {
-        type: DatasourceFieldTypes.STRING,
-        required: true,
-      },
     },
     query: {
       create: {
@@ -40,6 +35,30 @@ module MongoDBModule {
       read: {
         type: QueryTypes.JSON,
       },
+      update: {
+        type: QueryTypes.JSON,
+      },
+      delete: {
+        type: QueryTypes.JSON,
+      },
+    },
+    extra: {
+      collection: {
+        displayName: "Collection",
+        type: DatasourceFieldTypes.STRING,
+        required: true,
+      },
+      actionTypes: {
+        displayName: "Action Types",
+        type: DatasourceFieldTypes.LIST,
+        required: true,
+        data: {
+          read: ["find", "findOne", "findOneAndUpdate", "count", "distinct"],
+          create: ["insertOne", "insertMany"],
+          update: ["updateOne", "updateMany"],
+          delete: ["deleteOne", "deleteMany"],
+        },
+      },
     },
   }
 
@@ -56,12 +75,27 @@ module MongoDBModule {
       return this.client.connect()
     }
 
-    async create(query: { json: object }) {
+    async create(query: { json: object; extra: { [key: string]: string } }) {
       try {
         await this.connect()
         const db = this.client.db(this.config.db)
-        const collection = db.collection(this.config.collection)
-        return collection.insertOne(query.json)
+        const collection = db.collection(query.extra.collection)
+
+        // For mongodb we add an extra actionType to specify
+        // which method we want to call on the collection
+        switch (query.extra.actionTypes) {
+          case "insertOne": {
+            return collection.insertOne(query.json)
+          }
+          case "insertMany": {
+            return collection.insertOne(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for create`
+            )
+          }
+        }
       } catch (err) {
         console.error("Error writing to mongodb", err)
         throw err
@@ -70,12 +104,34 @@ module MongoDBModule {
       }
     }
 
-    async read(query: { json: object }) {
+    async read(query: { json: object; extra: { [key: string]: string } }) {
       try {
         await this.connect()
         const db = this.client.db(this.config.db)
-        const collection = db.collection(this.config.collection)
-        return collection.find(query.json).toArray()
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "find": {
+            return collection.find(query.json).toArray()
+          }
+          case "findOne": {
+            return collection.findOne(query.json)
+          }
+          case "findOneAndUpdate": {
+            return collection.findOneAndUpdate(query.json)
+          }
+          case "count": {
+            return collection.countDocuments(query.json)
+          }
+          case "distinct": {
+            return collection.distinct(query.json)
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for read`
+            )
+          }
+        }
       } catch (err) {
         console.error("Error querying mongodb", err)
         throw err
@@ -83,6 +139,60 @@ module MongoDBModule {
         await this.client.close()
       }
     }
+
+    async update(query: { json: object; extra: { [key: string]: string } }) {
+      try {
+        await this.connect()
+        const db = this.client.db(this.config.db)
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "updateOne": {
+            return collection.updateOne(query.json)
+          }
+          case "updateMany": {
+            return collection.updateMany(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for update`
+            )
+          }
+        }
+      } catch (err) {
+        console.error("Error writing to mongodb", err)
+        throw err
+      } finally {
+        await this.client.close()
+      }
+    }
+
+    async delete(query: { json: object; extra: { [key: string]: string } }) {
+      try {
+        await this.connect()
+        const db = this.client.db(this.config.db)
+        const collection = db.collection(query.extra.collection)
+
+        switch (query.extra.actionTypes) {
+          case "deleteOne": {
+            return collection.deleteOne(query.json)
+          }
+          case "deleteMany": {
+            return collection.deleteMany(query.json).toArray()
+          }
+          default: {
+            throw new Error(
+              `actionType ${query.extra.actionTypes} does not exist on DB for delete`
+            )
+          }
+        }
+      } catch (err) {
+        console.error("Error writing to mongodb", err)
+        throw err
+      } finally {
+        await this.client.close()
+      }
+    }
   }
 
   module.exports = {
diff --git a/packages/server/src/integrations/tests/mongo.spec.js b/packages/server/src/integrations/tests/mongo.spec.js
index 1e37d5dd70..ce44617eb1 100644
--- a/packages/server/src/integrations/tests/mongo.spec.js
+++ b/packages/server/src/integrations/tests/mongo.spec.js
@@ -8,6 +8,13 @@ class TestConfiguration {
   }
 }
 
+function disableConsole() {
+  jest.spyOn(console, 'error');
+  console.error.mockImplementation(() => {});
+
+  return console.error.mockRestore;
+}
+
 describe("MongoDB Integration", () => {
   let config 
   let indexName = "Users"
@@ -22,7 +29,8 @@ describe("MongoDB Integration", () => {
     }
     const response = await config.integration.create({ 
       index: indexName,
-      json: body
+      json: body,
+      extra: { collection: 'testCollection', actionTypes: 'insertOne'}
     })
     expect(config.integration.client.insertOne).toHaveBeenCalledWith(body)
   })
@@ -31,10 +39,46 @@ describe("MongoDB Integration", () => {
     const query = {
       json: {
         address: "test"
-      }
+      },
+      extra: { collection: 'testCollection', actionTypes: 'find'}
     }
     const response = await config.integration.read(query)
     expect(config.integration.client.find).toHaveBeenCalledWith(query.json)
     expect(response).toEqual(expect.any(Array))
   })
+
+  it("calls the delete method with the correct params", async () => {
+    const query = {
+      json: {
+        id: "test"
+      },
+      extra: { collection: 'testCollection', actionTypes: 'deleteOne'}
+    }
+    const response = await config.integration.delete(query)
+    expect(config.integration.client.deleteOne).toHaveBeenCalledWith(query.json)
+  })
+
+  it("calls the update method with the correct params", async () => {
+    const query = {
+      json: {
+        id: "test"
+      },
+      extra: { collection: 'testCollection', actionTypes: 'updateOne'}
+    }
+    const response = await config.integration.update(query)
+    expect(config.integration.client.updateOne).toHaveBeenCalledWith(query.json)
+  })
+
+  it("throws an error when an invalid query.extra.actionType is passed for each method", async () => {
+    const restore = disableConsole()
+
+    const query = {
+      extra: { collection: 'testCollection', actionTypes: 'deleteOne'}
+    }
+    // Weird, need to do an IIFE for jest to recognize that it throws
+    expect(() => config.integration.read(query)()).toThrow(expect.any(Object))
+
+    restore()
+  })
+
 })
\ No newline at end of file
diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js
index 3c469d5874..f43345b2fe 100644
--- a/packages/server/src/middleware/currentapp.js
+++ b/packages/server/src/middleware/currentapp.js
@@ -70,5 +70,6 @@ module.exports = async (ctx, next) => {
   ) {
     setCookie(ctx, { appId }, Cookies.CurrentApp)
   }
+
   return next()
 }
diff --git a/packages/server/src/tests/utilities/TestConfiguration.js b/packages/server/src/tests/utilities/TestConfiguration.js
index 4b9fe73424..0eb3851d98 100644
--- a/packages/server/src/tests/utilities/TestConfiguration.js
+++ b/packages/server/src/tests/utilities/TestConfiguration.js
@@ -10,16 +10,19 @@ const {
   basicScreen,
   basicLayout,
   basicWebhook,
+  TENANT_ID,
 } = require("./structures")
 const controllers = require("./controllers")
 const supertest = require("supertest")
 const { cleanup } = require("../../utilities/fileSystem")
 const { Cookies, Headers } = require("@budibase/auth").constants
 const { jwt } = require("@budibase/auth").auth
-const { StaticDatabases } = require("@budibase/auth/db")
+const auth = require("@budibase/auth")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 const { createASession } = require("@budibase/auth/sessions")
 const { user: userCache } = require("@budibase/auth/cache")
 const CouchDB = require("../../db")
+auth.init(CouchDB)
 
 const GLOBAL_USER_ID = "us_uuid1"
 const EMAIL = "babs@babs.com"
@@ -52,7 +55,7 @@ class TestConfiguration {
     request.cookies = { set: () => {}, get: () => {} }
     request.config = { jwtSecret: env.JWT_SECRET }
     request.appId = this.appId
-    request.user = { appId: this.appId }
+    request.user = { appId: this.appId, tenantId: TENANT_ID }
     request.query = {}
     request.request = {
       body: config,
@@ -65,7 +68,7 @@ class TestConfiguration {
   }
 
   async globalUser(id = GLOBAL_USER_ID, builder = true, roles) {
-    const db = new CouchDB(StaticDatabases.GLOBAL.name)
+    const db = getGlobalDB(TENANT_ID)
     let existing
     try {
       existing = await db.get(id)
@@ -76,8 +79,9 @@ class TestConfiguration {
       _id: id,
       ...existing,
       roles: roles || {},
+      tenantId: TENANT_ID,
     }
-    await createASession(id, "sessionid")
+    await createASession(id, { sessionId: "sessionid", tenantId: TENANT_ID })
     if (builder) {
       user.builder = { global: true }
     }
@@ -107,6 +111,7 @@ class TestConfiguration {
     const auth = {
       userId: GLOBAL_USER_ID,
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const app = {
       roleId: BUILTIN_ROLE_IDS.ADMIN,
@@ -333,11 +338,15 @@ class TestConfiguration {
     if (!email || !password) {
       await this.createUser()
     }
-    await createASession(userId, "sessionid")
+    await createASession(userId, {
+      sessionId: "sessionid",
+      tenantId: TENANT_ID,
+    })
     // have to fake this
     const auth = {
       userId,
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const app = {
       roleId: roleId,
diff --git a/packages/server/src/tests/utilities/structures.js b/packages/server/src/tests/utilities/structures.js
index 91996a7804..e4b2c7e1f0 100644
--- a/packages/server/src/tests/utilities/structures.js
+++ b/packages/server/src/tests/utilities/structures.js
@@ -4,6 +4,8 @@ const { createHomeScreen } = require("../../constants/screens")
 const { EMPTY_LAYOUT } = require("../../constants/layouts")
 const { cloneDeep } = require("lodash/fp")
 
+exports.TENANT_ID = "default"
+
 exports.basicTable = () => {
   return {
     name: "TestTable",
diff --git a/packages/server/src/utilities/global.js b/packages/server/src/utilities/global.js
index 3ce794b406..2757398586 100644
--- a/packages/server/src/utilities/global.js
+++ b/packages/server/src/utilities/global.js
@@ -1,13 +1,12 @@
-const CouchDB = require("../db")
 const {
   getMultiIDParams,
   getGlobalIDFromUserMetadataID,
-  StaticDatabases,
 } = require("../db/utils")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
 const { getDeployedAppID } = require("@budibase/auth/db")
 const { getGlobalUserParams } = require("@budibase/auth/db")
 const { user: userCache } = require("@budibase/auth/cache")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.updateAppRole = (appId, user) => {
   if (!user.roles) {
@@ -34,18 +33,20 @@ function processUser(appId, user) {
 }
 
 exports.getCachedSelf = async (ctx, appId) => {
+  // this has to be tenant aware, can't depend on the context to find it out
+  // running some middlewares before the tenancy causes context to break
   const user = await userCache.getUser(ctx.user._id)
   return processUser(appId, user)
 }
 
-exports.getGlobalUser = async (appId, userId) => {
-  const db = CouchDB(StaticDatabases.GLOBAL.name)
+exports.getGlobalUser = async (ctx, appId, userId) => {
+  const db = getGlobalDB()
   let user = await db.get(getGlobalIDFromUserMetadataID(userId))
   return processUser(appId, user)
 }
 
-exports.getGlobalUsers = async (appId = null, users = null) => {
-  const db = CouchDB(StaticDatabases.GLOBAL.name)
+exports.getGlobalUsers = async (ctx, appId = null, users = null) => {
+  const db = getGlobalDB()
   let globalUsers
   if (users) {
     const globalIds = users.map(user => getGlobalIDFromUserMetadataID(user._id))
diff --git a/packages/server/src/utilities/index.js b/packages/server/src/utilities/index.js
index 9594092aa1..dec17ab284 100644
--- a/packages/server/src/utilities/index.js
+++ b/packages/server/src/utilities/index.js
@@ -1,14 +1,12 @@
 const env = require("../environment")
 const { OBJ_STORE_DIRECTORY } = require("../constants")
-const { getAllApps } = require("@budibase/auth/db")
 const { sanitizeKey } = require("@budibase/auth/src/objectStore")
 
-const BB_CDN = "https://d14h4vmm231itd.cloudfront.net"
+const BB_CDN = "https://cdn.budi.live"
 
 exports.wait = ms => new Promise(resolve => setTimeout(resolve, ms))
 
 exports.isDev = env.isDev
-exports.getAllApps = getAllApps
 
 /**
  * Makes sure that a URL has the correct number of slashes, while maintaining the
diff --git a/packages/server/src/utilities/redis.js b/packages/server/src/utilities/redis.js
index e1fa632003..6f1cf46606 100644
--- a/packages/server/src/utilities/redis.js
+++ b/packages/server/src/utilities/redis.js
@@ -7,8 +7,10 @@ let devAppClient, debounceClient
 // we init this as we want to keep the connection open all the time
 // reduces the performance hit
 exports.init = async () => {
-  devAppClient = await new Client(utils.Databases.DEV_LOCKS).init()
-  debounceClient = await new Client(utils.Databases.DEBOUNCE).init()
+  devAppClient = new Client(utils.Databases.DEV_LOCKS)
+  debounceClient = new Client(utils.Databases.DEBOUNCE)
+  await devAppClient.init()
+  await debounceClient.init()
 }
 
 exports.shutdown = async () => {
diff --git a/packages/server/src/utilities/rowProcessor.js b/packages/server/src/utilities/rowProcessor.js
index 8467d91c57..c067d4de87 100644
--- a/packages/server/src/utilities/rowProcessor.js
+++ b/packages/server/src/utilities/rowProcessor.js
@@ -199,20 +199,21 @@ exports.inputProcessing = (user = {}, table, row) => {
 /**
  * This function enriches the input rows with anything they are supposed to contain, for example
  * link records or attachment links.
- * @param {string} appId the ID of the application for which rows are being enriched.
+ * @param {object} ctx the request which is looking for enriched rows.
  * @param {object} table the table from which these rows came from originally, this is used to determine
  * the schema of the rows and then enrich.
  * @param {object[]} rows the rows which are to be enriched.
  * @returns {object[]} the enriched rows will be returned.
  */
-exports.outputProcessing = async (appId, table, rows) => {
+exports.outputProcessing = async (ctx, table, rows) => {
+  const appId = ctx.appId
   let wasArray = true
   if (!(rows instanceof Array)) {
     rows = [rows]
     wasArray = false
   }
   // attach any linked row information
-  let enriched = await linkRows.attachFullLinkedDocs(appId, table, rows)
+  let enriched = await linkRows.attachFullLinkedDocs(ctx, table, rows)
 
   // process formulas
   enriched = processFormulas(table, enriched)
diff --git a/packages/server/src/utilities/users.js b/packages/server/src/utilities/users.js
index 6144397bf1..64fbfb7ea2 100644
--- a/packages/server/src/utilities/users.js
+++ b/packages/server/src/utilities/users.js
@@ -3,7 +3,7 @@ const { InternalTables } = require("../db/utils")
 const { getGlobalUser } = require("../utilities/global")
 
 exports.getFullUser = async (ctx, userId) => {
-  const global = await getGlobalUser(ctx.appId, userId)
+  const global = await getGlobalUser(ctx, ctx.appId, userId)
   let metadata
   try {
     // this will throw an error if the db doesn't exist, or there is no appId
diff --git a/packages/server/src/utilities/workerRequests.js b/packages/server/src/utilities/workerRequests.js
index 4a8d10ecb8..066f6e23d4 100644
--- a/packages/server/src/utilities/workerRequests.js
+++ b/packages/server/src/utilities/workerRequests.js
@@ -4,13 +4,17 @@ const { checkSlashesInUrl } = require("./index")
 const { getDeployedAppID } = require("@budibase/auth/db")
 const { updateAppRole, getGlobalUser } = require("./global")
 const { Headers } = require("@budibase/auth/constants")
+const { getTenantId, isTenantIdSet } = require("@budibase/auth/tenancy")
 
-function request(ctx, request, noApiKey) {
+function request(ctx, request) {
   if (!request.headers) {
     request.headers = {}
   }
-  if (!noApiKey) {
+  if (!ctx) {
     request.headers[Headers.API_KEY] = env.INTERNAL_API_KEY
+    if (isTenantIdSet()) {
+      request.headers[Headers.TENANT_ID] = getTenantId()
+    }
   }
   if (request.body && Object.keys(request.body).length > 0) {
     request.headers["Content-Type"] = "application/json"
@@ -29,9 +33,11 @@ function request(ctx, request, noApiKey) {
 
 exports.request = request
 
+// have to pass in the tenant ID as this could be coming from an automation
 exports.sendSmtpEmail = async (to, from, subject, contents) => {
+  // tenant ID will be set in header
   const response = await fetch(
-    checkSlashesInUrl(env.WORKER_URL + `/api/admin/email/send`),
+    checkSlashesInUrl(env.WORKER_URL + `/api/global/email/send`),
     request(null, {
       method: "POST",
       body: {
@@ -74,11 +80,11 @@ exports.getDeployedApps = async ctx => {
 }
 
 exports.getGlobalSelf = async (ctx, appId = null) => {
-  const endpoint = `/api/admin/users/self`
+  const endpoint = `/api/global/users/self`
   const response = await fetch(
     checkSlashesInUrl(env.WORKER_URL + endpoint),
     // we don't want to use API key when getting self
-    request(ctx, { method: "GET" }, true)
+    request(ctx, { method: "GET" })
   )
   if (response.status !== 200) {
     ctx.throw(400, "Unable to get self globally.")
@@ -96,11 +102,11 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
     body = {}
   if (!userId) {
     user = await exports.getGlobalSelf(ctx)
-    endpoint = `/api/admin/users/self`
+    endpoint = `/api/global/users/self`
   } else {
-    user = await getGlobalUser(appId, userId)
+    user = await getGlobalUser(ctx, appId, userId)
     body._id = userId
-    endpoint = `/api/admin/users`
+    endpoint = `/api/global/users`
   }
   body = {
     ...body,
@@ -122,11 +128,11 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
   return response.json()
 }
 
-exports.removeAppFromUserRoles = async appId => {
+exports.removeAppFromUserRoles = async (ctx, appId) => {
   const deployedAppId = getDeployedAppID(appId)
   const response = await fetch(
-    checkSlashesInUrl(env.WORKER_URL + `/api/admin/roles/${deployedAppId}`),
-    request(null, {
+    checkSlashesInUrl(env.WORKER_URL + `/api/global/roles/${deployedAppId}`),
+    request(ctx, {
       method: "DELETE",
     })
   )
diff --git a/packages/server/yarn.lock b/packages/server/yarn.lock
index 2f8515b1d3..9b8c83fada 100644
--- a/packages/server/yarn.lock
+++ b/packages/server/yarn.lock
@@ -10595,6 +10595,11 @@ untildify@^4.0.0:
   resolved "https://registry.yarnpkg.com/untildify/-/untildify-4.0.0.tgz#2bc947b953652487e4600949fb091e3ae8cd919b"
   integrity sha512-KK8xQ1mkzZeg9inewmFVDNkg3l5LUhoq9kN6iWYB/CC9YMG8HA+c1Q8HwDe6dEX7kErrEVNVBO3fWsVq5iDgtw==
 
+update-dotenv@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/update-dotenv/-/update-dotenv-1.1.1.tgz#17146f302f216c3c92419d5a327a45be910050ca"
+  integrity sha512-3cIC18In/t0X/yH793c00qqxcKD8jVCgNOPif/fGQkFpYMGecM9YAc+kaAKXuZsM2dE9I9wFI7KvAuNX22SGMQ==
+
 update-notifier@^4.1.0:
   version "4.1.3"
   resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-4.1.3.tgz#be86ee13e8ce48fb50043ff72057b5bd598e1ea3"
diff --git a/packages/standard-components/manifest.json b/packages/standard-components/manifest.json
index e0603c0f0b..da3736a076 100644
--- a/packages/standard-components/manifest.json
+++ b/packages/standard-components/manifest.json
@@ -1,7 +1,8 @@
 {
   "features": {
     "spectrumThemes": true,
-    "intelligentLoading": true
+    "intelligentLoading": true,
+    "deviceAwareness": true
   },
   "layout": {
     "name": "Layout",
@@ -267,6 +268,10 @@
           {
             "label": "Warning",
             "value": "warning"
+          },
+          {
+            "label": "Over Background",
+            "value": "overBackground"
           }
         ],
         "defaultValue": "primary"
@@ -312,6 +317,39 @@
       }
     ]
   },
+  "divider": {
+    "name": "Divider",
+    "description": "A basic divider",
+    "icon": "Separator",
+    "illegalChildren": ["section"],
+    "settings": [
+      {
+        "type": "select",
+        "label": "Size",
+        "key": "size",
+        "options": [
+          {
+            "label": "Small",
+            "value": "S"
+          },
+          {
+            "label": "Medium",
+            "value": "M"
+          },
+          {
+            "label": "Large",
+            "value": "L"
+          }
+        ],
+        "defaultValue": "M"
+      },
+      {
+        "type": "boolean",
+        "label": "Vertical",
+        "key": "vertical"
+      }
+    ]
+  },
   "repeater": {
     "name": "Repeater",
     "description": "A configurable data list that attaches to your backend tables.",
@@ -331,11 +369,6 @@
         "key": "noRowsMessage",
         "defaultValue": "No rows found"
       },
-      {
-        "type": "filter",
-        "label": "Filtering",
-        "key": "filter"
-      },
       {
         "type": "select",
         "label": "Direction",
@@ -567,6 +600,9 @@
         "showInBar": true,
         "barStyle": "picker",
         "options": [{
+          "label": "Extra Small",
+          "value": "XS"
+        }, {
           "label": "Small",
           "value": "S"
         }, {
@@ -575,6 +611,15 @@
         }, {
           "label": "Large",
           "value": "L"
+        }, {
+          "label": "Extra Large",
+          "value": "XL"
+        }, {
+          "label": "2XL",
+          "value": "XXL"
+        }, {
+          "label": "3XL",
+          "value": "XXXL"
         }]
       },
       {
@@ -661,6 +706,9 @@
         "showInBar": true,
         "barStyle": "picker",
         "options": [{
+          "label": "Extra Small",
+          "value": "XS"
+        }, {
           "label": "Small",
           "value": "S"
         }, {
@@ -669,6 +717,15 @@
         }, {
           "label": "Large",
           "value": "L"
+        }, {
+          "label": "Extra Large",
+          "value": "XL"
+        }, {
+          "label": "2XL",
+          "value": "XXL"
+        }, {
+          "label": "3XL",
+          "value": "XXXL"
         }]
       },
       {
@@ -1645,10 +1702,11 @@
     "name": "Form",
     "icon": "Form",
     "hasChildren": true,
-    "illegalChildren": ["section"],
+    "illegalChildren": ["section", "form"],
     "actions": [
       "ValidateForm",
-      "ClearForm"
+      "ClearForm",
+      "ChangeFormStep"
     ],
     "styles": ["size"],
     "settings": [
@@ -1662,7 +1720,11 @@
       {
         "type": "schema",
         "label": "Schema",
-        "key": "dataSource"
+        "key": "dataSource",
+        "defaultValue": {
+          "name": "Custom",
+          "label": "Custom"
+        }
       },
       {
         "type": "boolean",
@@ -1671,14 +1733,50 @@
         "defaultValue": false
       }
     ],
-    "context": {
-      "type": "form"
-    }
+    "context": [
+      {
+        "type": "static",
+        "values":  [
+          {
+            "label": "Valid",
+            "key": "__valid"
+          },
+          {
+            "label": "Current Step",
+            "key": "__currentStep"
+          },
+          {
+            "label": "Current Step Valid",
+            "key": "__currentStepValid"
+          }
+        ]
+      },
+      {
+        "type": "form"
+      }
+    ]
+  },
+  "formstep": {
+    "name": "Form Step",
+    "icon": "AssetsAdded",
+    "hasChildren": true,
+    "illegalChildren": ["section", "form", "form step"],
+    "styles": ["size"],
+    "settings": [
+      {
+        "type": "number",
+        "label": "Step",
+        "key": "step",
+        "defaultValue": 1,
+        "min": 1
+      }
+    ]
   },
   "fieldgroup": {
     "name": "Field Group",
     "icon": "Group",
     "illegalChildren": ["section"],
+    "styles": ["size"],
     "hasChildren": true,
     "settings": [
       {
@@ -1707,6 +1805,7 @@
     "name": "Text Field",
     "icon": "Text",
     "illegalChildren": ["section"],
+    "styles": ["size"],
     "settings": [
       {
         "type": "field/string",
@@ -1723,17 +1822,28 @@
         "label": "Placeholder",
         "key": "placeholder"
       },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/string",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "numberfield": {
     "name": "Number Field",
     "icon": "123",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1751,17 +1861,28 @@
         "label": "Placeholder",
         "key": "placeholder"
       },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/number",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "passwordfield": {
     "name": "Password Field",
     "icon": "LockClosed",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1779,17 +1900,28 @@
         "label": "Placeholder",
         "key": "placeholder"
       },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/string",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "optionsfield": {
     "name": "Options Picker",
     "icon": "ViewList",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1808,11 +1940,104 @@
         "key": "placeholder",
         "placeholder": "Choose an option"
       },
+      {
+        "type": "select",
+        "label": "Type",
+        "key": "optionsType",
+        "defaultValue": "select",
+        "placeholder": "Pick an options type",
+        "options": [
+          {
+            "label": "Select",
+            "value": "select"
+          },
+          {
+            "label": "Radio buttons",
+            "value": "radio"
+          }
+        ]
+      },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
+      {
+        "type": "boolean",
+        "label": "Autocomplete",
+        "key": "autocomplete",
+        "defaultValue": false,
+        "dependsOn": {
+          "setting": "optionsType",
+          "value": "select"
+        }
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "select",
+        "label": "Options source",
+        "key": "optionsSource",
+        "defaultValue": "schema",
+        "placeholder": "Pick an options source",
+        "options": [
+          {
+            "label": "Schema",
+            "value": "schema"
+          },
+          {
+            "label": "Data provider",
+            "value": "provider"
+          },
+          {
+            "label": "Custom",
+            "value": "custom"
+          }
+        ]
+      },
+      {
+        "type": "dataProvider",
+        "label": "Options Provider",
+        "key": "dataProvider",
+        "dependsOn": {
+          "setting": "optionsSource",
+          "value": "provider"
+        }
+      },
+      {
+        "type": "field",
+        "label": "Label Column",
+        "key": "labelColumn",
+        "dependsOn": {
+          "setting": "optionsSource",
+          "value": "provider"
+        }
+      },
+      {
+        "type": "field",
+        "label": "Value Column",
+        "key": "valueColumn",
+        "dependsOn": {
+          "setting": "optionsSource",
+          "value": "provider"
+        }
+      }, 
+      {
+        "type": "options",
+        "key": "customOptions",
+        "dependsOn": {
+          "setting": "optionsSource",
+          "value": "custom"
+        }
+      },
+      {
+        "type": "validation/string",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
@@ -1836,17 +2061,52 @@
         "label": "Text",
         "key": "text"
       },
+      {
+        "type": "select",
+        "label": "Size",
+        "key": "size",
+        "options": [
+          {
+            "label": "Small",
+            "value": "S"
+          },
+          {
+            "label": "Medium",
+            "value": "M"
+          },
+          {
+            "label": "Large",
+            "value": "L"
+          },
+          {
+            "label": "Extra large",
+            "value": "XL"
+          }
+        ],
+        "defaultValue": "M"
+      },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/boolean",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "longformfield": {
     "name": "Rich Text",
     "icon": "TextParagraph",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1865,17 +2125,28 @@
         "key": "placeholder",
         "placeholder": "Type something..."
       },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/string",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "datetimefield": {
     "name": "Date Picker",
     "icon": "DateInput",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1899,17 +2170,28 @@
         "key": "enableTime",
         "defaultValue": true
       },
+      {
+        "type": "text",
+        "label": "Default value",
+        "key": "defaultValue"
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/datetime",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "attachmentfield": {
     "name": "Attachment",
     "icon": "Attach",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1927,12 +2209,18 @@
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/attachment",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
   "relationshipfield": {
     "name": "Relationship Picker",
     "icon": "TaskList",
+    "styles": ["size"],
     "illegalChildren": ["section"],
     "settings": [
       {
@@ -1950,11 +2238,22 @@
         "label": "Placeholder",
         "key": "placeholder"
       },
+      {
+        "type": "boolean",
+        "label": "Autocomplete",
+        "key": "autocomplete",
+        "defaultValue": false
+      },
       {
         "type": "boolean",
         "label": "Disabled",
         "key": "disabled",
         "defaultValue": false
+      },
+      {
+        "type": "validation/link",
+        "label": "Validation",
+        "key": "validation"
       }
     ]
   },
@@ -2066,6 +2365,7 @@
   "daterangepicker": {
     "name": "Date Range",
     "icon": "Date",
+    "styles": ["size"],
     "hasChildren": false,
     "info": "Your data provider will be automatically filtered to the given date range.",
     "settings": [
diff --git a/packages/standard-components/package.json b/packages/standard-components/package.json
index 7f3780e127..321b4d7627 100644
--- a/packages/standard-components/package.json
+++ b/packages/standard-components/package.json
@@ -29,12 +29,14 @@
   "keywords": [
     "svelte"
   ],
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "license": "MIT",
   "gitHead": "d1836a898cab3f8ab80ee6d8f42be1a9eed7dcdc",
   "dependencies": {
-    "@budibase/bbui": "^0.9.115",
+    "@budibase/bbui": "^0.9.116-alpha.0",
+    "@spectrum-css/button": "^3.0.3",
     "@spectrum-css/card": "^3.0.3",
+    "@spectrum-css/divider": "^1.0.3",
     "@spectrum-css/link": "^3.1.3",
     "@spectrum-css/page": "^3.0.1",
     "@spectrum-css/typography": "^3.0.2",
diff --git a/packages/standard-components/src/Button.svelte b/packages/standard-components/src/Button.svelte
index 22cc286bf4..ed465e3e66 100644
--- a/packages/standard-components/src/Button.svelte
+++ b/packages/standard-components/src/Button.svelte
@@ -1,5 +1,6 @@
 <script>
   import { getContext } from "svelte"
+  import "@spectrum-css/button/dist/index-vars.css"
 
   const { styleable } = getContext("sdk")
   const component = getContext("component")
@@ -27,4 +28,7 @@
     width: fit-content;
     width: -moz-fit-content;
   }
+  .spectrum-Button--overBackground:hover {
+    color: #555;
+  }
 </style>
diff --git a/packages/standard-components/src/Divider.svelte b/packages/standard-components/src/Divider.svelte
new file mode 100644
index 0000000000..97ec9b620c
--- /dev/null
+++ b/packages/standard-components/src/Divider.svelte
@@ -0,0 +1,18 @@
+<script>
+  import { getContext } from "svelte"
+  import "@spectrum-css/divider/dist/index-vars.css"
+
+  const { styleable } = getContext("sdk")
+  const component = getContext("component")
+
+  export let size = "M"
+
+  export let vertical = false
+</script>
+
+<hr
+  use:styleable={$component.styles}
+  class="spectrum-Divider spectrum-Divider--{vertical
+    ? 'vertical'
+    : 'horizontal'} spectrum-Dialog-divider spectrum-Divider--size{size}"
+/>
diff --git a/packages/standard-components/src/Layout.svelte b/packages/standard-components/src/Layout.svelte
index 24c9709895..08e0f290fe 100644
--- a/packages/standard-components/src/Layout.svelte
+++ b/packages/standard-components/src/Layout.svelte
@@ -1,6 +1,7 @@
 <script>
   import { getContext } from "svelte"
   import { Heading, Icon } from "@budibase/bbui"
+  import { routeStore } from "../../client/src/store"
 
   const { styleable, linkable, builderStore } = getContext("sdk")
   const component = getContext("component")
@@ -26,6 +27,14 @@
     Small: "s",
   }
 
+  // Permanently go into peek mode if we ever get the peek flag
+  let isPeeking = false
+  $: {
+    if ($routeStore.queryParams?.peek) {
+      isPeeking = true
+    }
+  }
+
   $: validLinks = links?.filter(link => link.text && link.url) || []
   $: typeClass = navigationClasses[navigation] || "none"
   $: widthClass = widthClasses[width] || "l"
@@ -51,7 +60,7 @@
 
 <div class="layout layout--{typeClass}" use:styleable={$component.styles}>
   {#if typeClass !== "none"}
-    <div class="nav-wrapper" class:sticky>
+    <div class="nav-wrapper" class:sticky class:hidden={isPeeking}>
       <div class="nav nav--{typeClass} size--{widthClass}">
         <div class="nav-header">
           {#if validLinks?.length}
@@ -139,6 +148,9 @@
     border-bottom: 1px solid var(--spectrum-global-color-gray-300);
     box-shadow: 0 0 10px 0 rgba(0, 0, 0, 0.05);
   }
+  .nav-wrapper.hidden {
+    display: none;
+  }
   .layout--top .nav-wrapper.sticky {
     position: sticky;
     top: 0;
diff --git a/packages/standard-components/src/Text.svelte b/packages/standard-components/src/Text.svelte
index ff35eeb38e..d3d341a38e 100644
--- a/packages/standard-components/src/Text.svelte
+++ b/packages/standard-components/src/Text.svelte
@@ -16,6 +16,8 @@
   $: componentText = $builderStore.inBuilder
     ? text || $component.name || "Placeholder text"
     : text || ""
+  $: sizeClass = `spectrum-Body--size${size || "M"}`
+  $: alignClass = `align--${align || "left"}`
 
   // Add color styles to main styles object, otherwise the styleable helper
   // overrides the color when it's passed as inline style.
@@ -41,7 +43,7 @@
   class:bold
   class:italic
   class:underline
-  class="align--{align || 'left'} size--{size || 'M'}"
+  class="spectrum-Body {sizeClass} {alignClass}"
 >
   {componentText}
 </p>
@@ -65,15 +67,6 @@
   .underline {
     text-decoration: underline;
   }
-  .size--S {
-    font-size: 14px;
-  }
-  .size--M {
-    font-size: 16px;
-  }
-  .size--L {
-    font-size: 18px;
-  }
   .align--left {
     text-align: left;
   }
diff --git a/packages/standard-components/src/charts/ApexChart.svelte b/packages/standard-components/src/charts/ApexChart.svelte
index 173bfd8c62..f3d745f4ba 100644
--- a/packages/standard-components/src/charts/ApexChart.svelte
+++ b/packages/standard-components/src/charts/ApexChart.svelte
@@ -22,7 +22,8 @@
     display: flex !important;
     text-transform: capitalize;
   }
-  div :global(.apexcharts-yaxis-label, .apexcharts-xaxis-label) {
+  div :global(.apexcharts-yaxis-label),
+  div :global(.apexcharts-xaxis-label) {
     fill: var(--spectrum-global-color-gray-600);
   }
 
diff --git a/packages/standard-components/src/forms/AttachmentField.svelte b/packages/standard-components/src/forms/AttachmentField.svelte
index fbc36faeca..8c4eaea243 100644
--- a/packages/standard-components/src/forms/AttachmentField.svelte
+++ b/packages/standard-components/src/forms/AttachmentField.svelte
@@ -6,16 +6,17 @@
   export let field
   export let label
   export let disabled = false
+  export let validation
 
   let fieldState
   let fieldApi
 
-  const { API, notifications } = getContext("sdk")
+  const { API, notificationStore } = getContext("sdk")
   const formContext = getContext("form")
   const BYTES_IN_MB = 1000000
 
   const handleFileTooLarge = fileSizeLimit => {
-    notifications.warning(
+    notificationStore.actions.warning(
       `Files cannot exceed ${
         fileSizeLimit / BYTES_IN_MB
       } MB. Please try again with smaller files.`
@@ -35,15 +36,17 @@
   {label}
   {field}
   {disabled}
+  {validation}
   type="attachment"
   bind:fieldState
   bind:fieldApi
   defaultValue={[]}
 >
-  {#if $fieldState}
+  {#if fieldState}
     <CoreDropzone
-      value={$fieldState.value}
-      disabled={$fieldState.disabled}
+      value={fieldState.value}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
       on:change={e => {
         fieldApi.setValue(e.detail)
       }}
diff --git a/packages/standard-components/src/forms/BooleanField.svelte b/packages/standard-components/src/forms/BooleanField.svelte
index 17a3c563bc..1e3bc2fc8c 100644
--- a/packages/standard-components/src/forms/BooleanField.svelte
+++ b/packages/standard-components/src/forms/BooleanField.svelte
@@ -6,26 +6,44 @@
   export let label
   export let text
   export let disabled = false
+  export let size
+  export let validation
+  export let defaultValue
 
   let fieldState
   let fieldApi
+
+  const isTruthy = value => {
+    if (!value) {
+      return false
+    }
+    if (value === true) {
+      return true
+    }
+    if (typeof value === "string" && value.toLowerCase() === "true") {
+      return true
+    }
+    return false
+  }
 </script>
 
 <Field
   {label}
   {field}
   {disabled}
+  {validation}
+  defaultValue={isTruthy(defaultValue)}
   type="boolean"
   bind:fieldState
   bind:fieldApi
-  defaultValue={false}
 >
   {#if fieldState}
     <CoreCheckbox
-      value={$fieldState.value}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      id={$fieldState.fieldId}
+      value={fieldState.value}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
+      id={fieldState.fieldId}
+      {size}
       on:change={e => fieldApi.setValue(e.detail)}
       {text}
     />
diff --git a/packages/standard-components/src/forms/DateTimeField.svelte b/packages/standard-components/src/forms/DateTimeField.svelte
index 9332cfa721..534bb5c0a4 100644
--- a/packages/standard-components/src/forms/DateTimeField.svelte
+++ b/packages/standard-components/src/forms/DateTimeField.svelte
@@ -7,19 +7,55 @@
   export let placeholder
   export let disabled = false
   export let enableTime = false
+  export let validation
+  export let defaultValue
 
   let fieldState
   let fieldApi
+
+  const parseDate = val => {
+    if (!val) {
+      return null
+    }
+    let date
+    if (val instanceof Date) {
+      // Use real date obj if already parsed
+      date = val
+    } else if (isNaN(val)) {
+      // Treat as date string of some sort
+      date = new Date(val)
+    } else {
+      // Treat as numerical timestamp
+      date = new Date(parseInt(val))
+    }
+    const time = date.getTime()
+    if (isNaN(time)) {
+      return null
+    }
+    // By rounding to the nearest second we avoid locking up in an endless
+    // loop in the builder, caused by potentially enriching {{ now }} to every
+    // millisecond.
+    return new Date(Math.floor(time / 1000) * 1000)
+  }
 </script>
 
-<Field {label} {field} {disabled} type="datetime" bind:fieldState bind:fieldApi>
+<Field
+  {label}
+  {field}
+  {disabled}
+  {validation}
+  defaultValue={parseDate(defaultValue)}
+  type="datetime"
+  bind:fieldState
+  bind:fieldApi
+>
   {#if fieldState}
     <CoreDatePicker
-      value={$fieldState.value}
+      value={fieldState.value}
       on:change={e => fieldApi.setValue(e.detail)}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      id={$fieldState.fieldId}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
+      id={fieldState.fieldId}
       {enableTime}
       {placeholder}
     />
diff --git a/packages/standard-components/src/forms/Field.svelte b/packages/standard-components/src/forms/Field.svelte
index fd632c32d7..e490b27dcf 100644
--- a/packages/standard-components/src/forms/Field.svelte
+++ b/packages/standard-components/src/forms/Field.svelte
@@ -1,7 +1,7 @@
 <script>
   import Placeholder from "../Placeholder.svelte"
   import FieldGroupFallback from "./FieldGroupFallback.svelte"
-  import { getContext } from "svelte"
+  import { getContext, onDestroy } from "svelte"
 
   export let label
   export let field
@@ -11,22 +11,39 @@
   export let defaultValue
   export let type
   export let disabled = false
+  export let validation
 
   // Get contexts
   const formContext = getContext("form")
-  const fieldGroupContext = getContext("fieldGroup")
+  const formStepContext = getContext("form-step")
+  const fieldGroupContext = getContext("field-group")
   const { styleable } = getContext("sdk")
   const component = getContext("component")
 
   // Register field with form
   const formApi = formContext?.formApi
   const labelPosition = fieldGroupContext?.labelPosition || "above"
-  const formField = formApi?.registerField(field, defaultValue, disabled)
+  const formField = formApi?.registerField(
+    field,
+    defaultValue,
+    disabled,
+    validation,
+    formStepContext || 1
+  )
 
-  // Expose field properties to parent component
-  fieldState = formField?.fieldState
-  fieldApi = formField?.fieldApi
-  fieldSchema = formField?.fieldSchema
+  // Update form properties in parent component on every store change
+  const unsubscribe = formField?.subscribe(value => {
+    fieldState = value?.fieldState
+    fieldApi = value?.fieldApi
+    fieldSchema = value?.fieldSchema
+  })
+  onDestroy(() => unsubscribe && unsubscribe())
+
+  // Keep validation rules up to date
+  $: updateValidation(validation)
+  const updateValidation = validation => {
+    fieldApi?.updateValidation(validation)
+  }
 
   // Extract label position from field group context
   $: labelPositionClass =
@@ -37,7 +54,7 @@
   <div class="spectrum-Form-item" use:styleable={$component.styles}>
     <label
       class:hidden={!label}
-      for={$fieldState?.fieldId}
+      for={fieldState?.fieldId}
       class={`spectrum-FieldLabel spectrum-FieldLabel--sizeM spectrum-Form-itemLabel ${labelPositionClass}`}
     >
       {label || ""}
@@ -55,8 +72,8 @@
         />
       {:else}
         <slot />
-        {#if $fieldState.error}
-          <div class="error">{$fieldState.error}</div>
+        {#if fieldState.error}
+          <div class="error">{fieldState.error}</div>
         {/if}
       {/if}
     </div>
diff --git a/packages/standard-components/src/forms/FieldGroup.svelte b/packages/standard-components/src/forms/FieldGroup.svelte
index 561572fab8..a2fbe7d103 100644
--- a/packages/standard-components/src/forms/FieldGroup.svelte
+++ b/packages/standard-components/src/forms/FieldGroup.svelte
@@ -5,7 +5,7 @@
 
   const { styleable } = getContext("sdk")
   const component = getContext("component")
-  setContext("fieldGroup", { labelPosition })
+  setContext("field-group", { labelPosition })
 </script>
 
 <div class="wrapper" use:styleable={$component.styles}>
@@ -25,4 +25,7 @@
   .spectrum-Form {
     width: 100%;
   }
+  .spectrum-Form--labelsAbove {
+    gap: var(--spectrum-global-dimension-size-100);
+  }
 </style>
diff --git a/packages/standard-components/src/forms/FieldGroupFallback.svelte b/packages/standard-components/src/forms/FieldGroupFallback.svelte
index 782552a54e..fd0346a9ef 100644
--- a/packages/standard-components/src/forms/FieldGroupFallback.svelte
+++ b/packages/standard-components/src/forms/FieldGroupFallback.svelte
@@ -1,7 +1,7 @@
 <script>
   import { getContext } from "svelte"
 
-  const fieldGroupContext = getContext("fieldGroup")
+  const fieldGroupContext = getContext("field-group")
 </script>
 
 {#if fieldGroupContext}
diff --git a/packages/standard-components/src/forms/Form.svelte b/packages/standard-components/src/forms/Form.svelte
index b08a853437..1fa8d7aa15 100644
--- a/packages/standard-components/src/forms/Form.svelte
+++ b/packages/standard-components/src/forms/Form.svelte
@@ -1,5 +1,5 @@
 <script>
-  import { getContext } from "svelte"
+  import { getContext, onMount } from "svelte"
   import InnerForm from "./InnerForm.svelte"
 
   export let dataSource
@@ -9,6 +9,11 @@
   export let actionType = "Create"
 
   const context = getContext("context")
+  const { API } = getContext("sdk")
+
+  let loaded = false
+  let schema
+  let table
 
   // Returns the closes data context which isn't a built in context
   const getInitialValues = (type, dataSource, context) => {
@@ -29,19 +34,48 @@
     return closestContext || {}
   }
 
+  // Fetches the form schema from this form's dataSource, if one exists
+  const fetchSchema = async () => {
+    if (!dataSource?.tableId) {
+      schema = {}
+      table = null
+    } else {
+      table = await API.fetchTableDefinition(dataSource?.tableId)
+      if (table) {
+        if (dataSource?.type === "query") {
+          schema = {}
+          const params = table.parameters || []
+          params.forEach(param => {
+            schema[param.name] = { ...param, type: "string" }
+          })
+        } else {
+          schema = table.schema || {}
+        }
+      }
+    }
+    loaded = true
+  }
+
   $: initialValues = getInitialValues(actionType, dataSource, $context)
   $: resetKey = JSON.stringify(initialValues)
+
+  // Load the form schema on mount
+  onMount(fetchSchema)
 </script>
 
-{#key resetKey}
-  <InnerForm
-    {dataSource}
-    {theme}
-    {size}
-    {disabled}
-    {actionType}
-    {initialValues}
-  >
-    <slot />
-  </InnerForm>
-{/key}
+{#if loaded}
+  {#key resetKey}
+    <InnerForm
+      {dataSource}
+      {theme}
+      {size}
+      {disabled}
+      {actionType}
+      {schema}
+      {table}
+      {initialValues}
+    >
+      <slot />
+    </InnerForm>
+  {/key}
+{/if}
diff --git a/packages/standard-components/src/forms/FormStep.svelte b/packages/standard-components/src/forms/FormStep.svelte
new file mode 100644
index 0000000000..665205f7d4
--- /dev/null
+++ b/packages/standard-components/src/forms/FormStep.svelte
@@ -0,0 +1,35 @@
+<script>
+  import { getContext, setContext } from "svelte"
+  import Placeholder from "../Placeholder.svelte"
+
+  export let step = 1
+
+  const { styleable, builderStore } = getContext("sdk")
+  const component = getContext("component")
+  const formContext = getContext("form")
+
+  // Set form step context so fields know what step they are within
+  setContext("form-step", step || 1)
+
+  $: formState = formContext?.formState
+  $: currentStep = $formState?.currentStep
+
+  // If in the builder preview, show this step if a child is selected
+  $: {
+    if (
+      formContext &&
+      $builderStore.inBuilder &&
+      $builderStore.selectedComponentPath?.includes($component.id)
+    ) {
+      formContext.formApi.setStep(step)
+    }
+  }
+</script>
+
+{#if !formContext}
+  <Placeholder text="Form steps need to be wrapped in a form" />
+{:else if step === currentStep}
+  <div use:styleable={$component.styles}>
+    <slot />
+  </div>
+{/if}
diff --git a/packages/standard-components/src/forms/InnerForm.svelte b/packages/standard-components/src/forms/InnerForm.svelte
index f6fadfa5cb..660b784fd0 100644
--- a/packages/standard-components/src/forms/InnerForm.svelte
+++ b/packages/standard-components/src/forms/InnerForm.svelte
@@ -1,193 +1,276 @@
 <script>
-  import { setContext, getContext, onMount } from "svelte"
-  import { writable, get } from "svelte/store"
+  import { setContext, getContext } from "svelte"
+  import { derived, get, writable } from "svelte/store"
   import { createValidatorFromConstraints } from "./validation"
   import { generateID } from "../helpers"
 
   export let dataSource
   export let disabled = false
   export let initialValues
+  export let schema
+  export let table
 
   const component = getContext("component")
-  const { styleable, API, Provider, ActionTypes } = getContext("sdk")
+  const { styleable, Provider, ActionTypes } = getContext("sdk")
 
-  let loaded = false
-  let schema
-  let table
-  let fieldMap = {}
+  let fields = []
+  const currentStep = writable(1)
+  const formState = writable({
+    values: {},
+    errors: {},
+    valid: true,
+    currentStep: 1,
+  })
 
-  // Form state contains observable data about the form
-  const formState = writable({ values: initialValues, errors: {}, valid: true })
+  // Reactive derived stores to derive form state from field array
+  $: values = deriveFieldProperty(fields, f => f.fieldState.value)
+  $: errors = deriveFieldProperty(fields, f => f.fieldState.error)
+  $: valid = !Object.values($errors).some(error => error != null)
+
+  // Derive whether the current form step is valid
+  $: currentStepValid = derived(
+    [currentStep, ...fields],
+    ([currentStepValue, ...fieldsValue]) => {
+      return !fieldsValue
+        .filter(f => f.step === currentStepValue)
+        .some(f => f.fieldState.error != null)
+    }
+  )
+
+  // Update form state store from derived stores
+  $: {
+    formState.set({
+      values: $values,
+      errors: $errors,
+      valid,
+      currentStep: $currentStep,
+    })
+  }
+
+  // Generates a derived store from an array of fields, comprised of a map of
+  // extracted values from the field array
+  const deriveFieldProperty = (fieldStores, getProp) => {
+    return derived(fieldStores, fieldValues => {
+      const reducer = (map, field) => ({ ...map, [field.name]: getProp(field) })
+      return fieldValues.reduce(reducer, {})
+    })
+  }
+
+  // Searches the field array for a certain field
+  const getField = name => {
+    return fields.find(field => get(field).name === name)
+  }
 
-  // Form API contains functions to control the form
   const formApi = {
-    registerField: (field, defaultValue = null, fieldDisabled = false) => {
+    registerField: (
+      field,
+      defaultValue = null,
+      fieldDisabled = false,
+      validationRules,
+      step = 1
+    ) => {
       if (!field) {
         return
       }
 
+      // If we've already registered this field then wipe any errors and
+      // return the existing field
+      const existingField = getField(field)
+      if (existingField) {
+        existingField.update(state => {
+          state.fieldState.error = null
+          return state
+        })
+        return existingField
+      }
+
       // Auto columns are always disabled
       const isAutoColumn = !!schema?.[field]?.autocolumn
 
       // Create validation function based on field schema
-      const constraints = schema?.[field]?.constraints
-      const validate = createValidatorFromConstraints(constraints, field, table)
+      const schemaConstraints = schema?.[field]?.constraints
+      const validator = createValidatorFromConstraints(
+        schemaConstraints,
+        validationRules,
+        field,
+        table
+      )
 
-      // Construct field object
-      fieldMap[field] = {
-        fieldState: makeFieldState(
-          field,
+      // Construct field info
+      const fieldInfo = writable({
+        name: field,
+        step: step || 1,
+        fieldState: {
+          fieldId: `id-${generateID()}`,
+          value: initialValues[field] ?? defaultValue,
+          error: null,
+          disabled: disabled || fieldDisabled || isAutoColumn,
           defaultValue,
-          disabled || fieldDisabled || isAutoColumn
-        ),
-        fieldApi: makeFieldApi(field, defaultValue, validate),
+          validator,
+        },
+        fieldApi: makeFieldApi(field, defaultValue),
         fieldSchema: schema?.[field] ?? {},
+      })
+
+      // Add this field
+      fields = [...fields, fieldInfo]
+
+      return fieldInfo
+    },
+    validate: (onlyCurrentStep = false) => {
+      let valid = true
+      let validationFields = fields
+
+      // Reduce fields to only the current step if required
+      if (onlyCurrentStep) {
+        validationFields = fields.filter(f => get(f).step === get(currentStep))
       }
 
-      // Set initial value
-      const initialValue = get(fieldMap[field].fieldState).value
-      formState.update(state => ({
-        ...state,
-        values: {
-          ...state.values,
-          [field]: initialValue,
-        },
-      }))
-
-      return fieldMap[field]
-    },
-    validate: () => {
-      const fields = Object.keys(fieldMap)
-      fields.forEach(field => {
-        const { fieldApi } = fieldMap[field]
-        fieldApi.validate()
+      // Validate fields and check if any are invalid
+      validationFields.forEach(field => {
+        if (!get(field).fieldApi.validate()) {
+          valid = false
+        }
       })
-      return get(formState).valid
+      return valid
     },
     clear: () => {
-      const fields = Object.keys(fieldMap)
+      // Clear the form by clearing each individual field
       fields.forEach(field => {
-        const { fieldApi } = fieldMap[field]
-        fieldApi.clearValue()
+        get(field).fieldApi.clearValue()
       })
     },
+    changeStep: ({ type, number }) => {
+      if (type === "next") {
+        currentStep.update(step => step + 1)
+      } else if (type === "prev") {
+        currentStep.update(step => Math.max(1, step - 1))
+      } else if (type === "first") {
+        currentStep.set(1)
+      } else if (type === "specific" && number && !isNaN(number)) {
+        currentStep.set(number)
+      }
+    },
+    setStep: step => {
+      if (step) {
+        currentStep.set(step)
+      }
+    },
   }
 
-  // Provide both form API and state to children
-  setContext("form", { formApi, formState, dataSource })
-
-  // Action context to pass to children
-  const actions = [
-    { type: ActionTypes.ValidateForm, callback: formApi.validate },
-    { type: ActionTypes.ClearForm, callback: formApi.clear },
-  ]
-
   // Creates an API for a specific field
-  const makeFieldApi = (field, defaultValue, validate) => {
+  const makeFieldApi = field => {
+    // Sets the value for a certain field and invokes validation
     const setValue = (value, skipCheck = false) => {
-      const { fieldState } = fieldMap[field]
+      const fieldInfo = getField(field)
+      const { fieldState } = get(fieldInfo)
+      const { validator } = fieldState
 
       // Skip if the value is the same
-      if (!skipCheck && get(fieldState).value === value) {
+      if (!skipCheck && fieldState.value === value) {
         return
       }
 
-      const newValue = value == null ? defaultValue : value
-      const newError = validate ? validate(newValue) : null
-
       // Update field state
-      fieldState.update(state => {
-        state.value = newValue
-        state.error = newError
+      const error = validator ? validator(value) : null
+      fieldInfo.update(state => {
+        state.fieldState.value = value
+        state.fieldState.error = error
         return state
       })
 
-      // Update form state
-      formState.update(state => {
-        state.values = { ...state.values, [field]: newValue }
-        if (newError) {
-          state.errors = { ...state.errors, [field]: newError }
-        } else {
-          delete state.errors[field]
-        }
-        state.valid = Object.keys(state.errors).length === 0
-        return state
-      })
-
-      return !newError
+      return !error
     }
 
+    // Clears the value of a certain field back to the initial value
     const clearValue = () => {
-      const { fieldState } = fieldMap[field]
-      const newValue = initialValues[field] ?? defaultValue
-      fieldState.update(state => {
-        state.value = newValue
-        state.error = null
+      const fieldInfo = getField(field)
+      const { fieldState } = get(fieldInfo)
+      const newValue = initialValues[field] ?? fieldState.defaultValue
+
+      // Update field state
+      fieldInfo.update(state => {
+        state.fieldState.value = newValue
+        state.fieldState.error = null
+        return state
+      })
+    }
+
+    // Updates the validator rules for a certain field
+    const updateValidation = validationRules => {
+      const fieldInfo = getField(field)
+      const { fieldState } = get(fieldInfo)
+      const { value, error } = fieldState
+
+      // Create new validator
+      const schemaConstraints = schema?.[field]?.constraints
+      const validator = createValidatorFromConstraints(
+        schemaConstraints,
+        validationRules,
+        field,
+        table
+      )
+
+      // Update validator
+      fieldInfo.update(state => {
+        state.fieldState.validator = validator
         return state
       })
 
-      formState.update(state => {
-        state.values = { ...state.values, [field]: newValue }
-        delete state.errors[field]
-        state.valid = Object.keys(state.errors).length === 0
-        return state
-      })
+      // If there is currently an error, run the validator again in case
+      // the error should be cleared by the new validation rules
+      if (error) {
+        setValue(value, true)
+      }
     }
 
     return {
       setValue,
       clearValue,
+      updateValidation,
       validate: () => {
-        const { fieldState } = fieldMap[field]
-        setValue(get(fieldState).value, true)
+        // Validate the field by force setting the same value again
+        const { fieldState } = get(getField(field))
+        return setValue(fieldState.value, true)
       },
     }
   }
 
-  // Creates observable state data about a specific field
-  const makeFieldState = (field, defaultValue, fieldDisabled) => {
-    return writable({
-      field,
-      fieldId: `id-${generateID()}`,
-      value: initialValues[field] ?? defaultValue,
-      error: null,
-      disabled: fieldDisabled,
-    })
-  }
+  // Provide form state and api for full control by children
+  setContext("form", {
+    formState,
+    formApi,
 
-  // Fetches the form schema from this form's dataSource, if one exists
-  const fetchSchema = async () => {
-    if (!dataSource?.tableId) {
-      schema = {}
-      table = null
-    } else {
-      table = await API.fetchTableDefinition(dataSource?.tableId)
-      if (table) {
-        if (dataSource?.type === "query") {
-          schema = {}
-          const params = table.parameters || []
-          params.forEach(param => {
-            schema[param.name] = { ...param, type: "string" }
-          })
-        } else {
-          schema = table.schema || {}
-        }
-      }
-    }
-    loaded = true
-  }
+    // Data source is needed by attachment fields to be able to upload files
+    // to the correct table ID
+    dataSource,
+  })
 
-  // Load the form schema on mount
-  onMount(fetchSchema)
+  // Provide form step context so that forms without any step components
+  // register their fields to step 1
+  setContext("form-step", 1)
+
+  // Action context to pass to children
+  const actions = [
+    { type: ActionTypes.ValidateForm, callback: formApi.validate },
+    { type: ActionTypes.ClearForm, callback: formApi.clear },
+    { type: ActionTypes.ChangeFormStep, callback: formApi.changeStep },
+  ]
+
+  // Create data context to provide
+  $: dataContext = {
+    ...initialValues,
+    ...$values,
+
+    // These static values are prefixed to avoid clashes with actual columns
+    __valid: valid,
+    __currentStep: $currentStep,
+    __currentStepValid: $currentStepValid,
+  }
 </script>
 
-<Provider
-  {actions}
-  data={{ ...$formState.values, tableId: dataSource?.tableId }}
->
+<Provider {actions} data={dataContext}>
   <div use:styleable={$component.styles}>
-    {#if loaded}
-      <slot />
-    {/if}
+    <slot />
   </div>
 </Provider>
diff --git a/packages/standard-components/src/forms/LongFormField.svelte b/packages/standard-components/src/forms/LongFormField.svelte
index 45ea6aa034..81ad42bbcb 100644
--- a/packages/standard-components/src/forms/LongFormField.svelte
+++ b/packages/standard-components/src/forms/LongFormField.svelte
@@ -6,6 +6,8 @@
   export let label
   export let placeholder
   export let disabled = false
+  export let validation
+  export let defaultValue = ""
 
   let fieldState
   let fieldApi
@@ -15,18 +17,19 @@
   {label}
   {field}
   {disabled}
+  {validation}
+  {defaultValue}
   type="longform"
   bind:fieldState
   bind:fieldApi
-  defaultValue=""
 >
   {#if fieldState}
     <CoreTextArea
-      value={$fieldState.value}
+      value={fieldState.value}
       on:change={e => fieldApi.setValue(e.detail)}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      id={$fieldState.fieldId}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
+      id={fieldState.fieldId}
       {placeholder}
     />
   {/if}
diff --git a/packages/standard-components/src/forms/NumberField.svelte b/packages/standard-components/src/forms/NumberField.svelte
index 32eacd5b44..dcaf4e7c43 100644
--- a/packages/standard-components/src/forms/NumberField.svelte
+++ b/packages/standard-components/src/forms/NumberField.svelte
@@ -1,5 +1,18 @@
 <script>
   import StringField from "./StringField.svelte"
+
+  export let defaultValue
+
+  const parseNumber = val => {
+    if (val == null) {
+      return null
+    }
+    return isNaN(val) ? null : parseFloat(val)
+  }
 </script>
 
-<StringField {...$$props} type="number" />
+<StringField
+  {...$$props}
+  type="number"
+  defaultValue={parseNumber(defaultValue)}
+/>
diff --git a/packages/standard-components/src/forms/OptionsField.svelte b/packages/standard-components/src/forms/OptionsField.svelte
index 3955839fd0..c5efa6f58d 100644
--- a/packages/standard-components/src/forms/OptionsField.svelte
+++ b/packages/standard-components/src/forms/OptionsField.svelte
@@ -1,35 +1,105 @@
 <script>
-  import { CoreSelect } from "@budibase/bbui"
+  import { CoreSelect, CoreRadioGroup } from "@budibase/bbui"
   import Field from "./Field.svelte"
 
   export let field
   export let label
   export let placeholder
   export let disabled = false
+  export let optionsType = "select"
+  export let validation
+  export let defaultValue
+  export let optionsSource = "schema"
+  export let dataProvider
+  export let labelColumn
+  export let valueColumn
+  export let customOptions
+  export let autocomplete = false
 
   let fieldState
   let fieldApi
   let fieldSchema
+
+  $: flatOptions = optionsSource == null || optionsSource === "schema"
+  $: options = getOptions(
+    optionsSource,
+    fieldSchema,
+    dataProvider,
+    labelColumn,
+    valueColumn
+  )
+
+  const getOptions = (
+    optionsSource,
+    fieldSchema,
+    dataProvider,
+    labelColumn,
+    valueColumn
+  ) => {
+    // Take options from schema
+    if (optionsSource == null || optionsSource === "schema") {
+      return fieldSchema?.constraints?.inclusion ?? []
+    }
+
+    // Extract options from data provider
+    if (optionsSource === "provider" && valueColumn) {
+      let optionsSet = {}
+      dataProvider?.rows?.forEach(row => {
+        const value = row?.[valueColumn]
+        if (value) {
+          const label = row[labelColumn] || value
+          optionsSet[value] = { value, label }
+        }
+      })
+      return Object.values(optionsSet)
+    }
+
+    // Extract custom options
+    if (optionsSource === "custom" && customOptions) {
+      return customOptions
+    }
+
+    return []
+  }
 </script>
 
 <Field
   {field}
   {label}
   {disabled}
+  {validation}
+  {defaultValue}
   type="options"
   bind:fieldState
   bind:fieldApi
   bind:fieldSchema
 >
   {#if fieldState}
-    <CoreSelect
-      value={$fieldState.value}
-      id={$fieldState.fieldId}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      options={fieldSchema?.constraints?.inclusion ?? []}
-      {placeholder}
-      on:change={e => fieldApi.setValue(e.detail)}
-    />
+    {#if !optionsType || optionsType === "select"}
+      <CoreSelect
+        value={fieldState.value}
+        id={fieldState.fieldId}
+        disabled={fieldState.disabled}
+        error={fieldState.error}
+        {options}
+        {placeholder}
+        on:change={e => fieldApi.setValue(e.detail)}
+        getOptionLabel={flatOptions ? x => x : x => x.label}
+        getOptionValue={flatOptions ? x => x : x => x.value}
+        {autocomplete}
+        sort={true}
+      />
+    {:else if optionsType === "radio"}
+      <CoreRadioGroup
+        value={fieldState.value}
+        id={fieldState.fieldId}
+        disabled={fieldState.disabled}
+        error={fieldState.error}
+        {options}
+        on:change={e => fieldApi.setValue(e.detail)}
+        getOptionLabel={flatOptions ? x => x : x => x.label}
+        getOptionValue={flatOptions ? x => x : x => x.value}
+      />
+    {/if}
   {/if}
 </Field>
diff --git a/packages/standard-components/src/forms/RelationshipField.svelte b/packages/standard-components/src/forms/RelationshipField.svelte
index b695994e75..5f138c8be4 100644
--- a/packages/standard-components/src/forms/RelationshipField.svelte
+++ b/packages/standard-components/src/forms/RelationshipField.svelte
@@ -9,6 +9,8 @@
   export let label
   export let placeholder
   export let disabled = false
+  export let validation
+  export let autocomplete = false
 
   let fieldState
   let fieldApi
@@ -21,8 +23,9 @@
   $: linkedTableId = fieldSchema?.tableId
   $: fetchRows(linkedTableId)
   $: fetchTable(linkedTableId)
-  $: singleValue = flatten($fieldState?.value)?.[0]
-  $: multiValue = flatten($fieldState?.value) ?? []
+  $: singleValue = flatten(fieldState?.value)?.[0]
+  $: multiValue = flatten(fieldState?.value) ?? []
+  $: component = multiselect ? CoreMultiselect : CoreSelect
 
   const fetchTable = async id => {
     if (id) {
@@ -64,6 +67,7 @@
   {label}
   {field}
   {disabled}
+  {validation}
   type="link"
   bind:fieldState
   bind:fieldApi
@@ -72,16 +76,18 @@
 >
   {#if fieldState}
     <svelte:component
-      this={multiselect ? CoreMultiselect : CoreSelect}
+      this={component}
       {options}
+      {autocomplete}
       value={multiselect ? multiValue : singleValue}
       on:change={multiselect ? multiHandler : singleHandler}
-      id={$fieldState.fieldId}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
+      id={fieldState.fieldId}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
       getOptionLabel={getDisplayName}
       getOptionValue={option => option._id}
       {placeholder}
+      sort={true}
     />
   {/if}
 </Field>
diff --git a/packages/standard-components/src/forms/StringField.svelte b/packages/standard-components/src/forms/StringField.svelte
index 30de8621e4..4764cba4d3 100644
--- a/packages/standard-components/src/forms/StringField.svelte
+++ b/packages/standard-components/src/forms/StringField.svelte
@@ -7,6 +7,8 @@
   export let placeholder
   export let type = "text"
   export let disabled = false
+  export let validation
+  export let defaultValue = ""
 
   let fieldState
   let fieldApi
@@ -16,6 +18,8 @@
   {label}
   {field}
   {disabled}
+  {validation}
+  {defaultValue}
   type={type === "number" ? "number" : "string"}
   bind:fieldState
   bind:fieldApi
@@ -23,11 +27,11 @@
   {#if fieldState}
     <CoreTextField
       updateOnChange={false}
-      value={$fieldState.value}
+      value={fieldState.value}
       on:change={e => fieldApi.setValue(e.detail)}
-      disabled={$fieldState.disabled}
-      error={$fieldState.error}
-      id={$fieldState.fieldId}
+      disabled={fieldState.disabled}
+      error={fieldState.error}
+      id={fieldState.fieldId}
       {placeholder}
       {type}
     />
diff --git a/packages/standard-components/src/forms/index.js b/packages/standard-components/src/forms/index.js
index fed371278b..4f3eaa5adb 100644
--- a/packages/standard-components/src/forms/index.js
+++ b/packages/standard-components/src/forms/index.js
@@ -9,3 +9,4 @@ export { default as datetimefield } from "./DateTimeField.svelte"
 export { default as attachmentfield } from "./AttachmentField.svelte"
 export { default as relationshipfield } from "./RelationshipField.svelte"
 export { default as passwordfield } from "./PasswordField.svelte"
+export { default as formstep } from "./FormStep.svelte"
diff --git a/packages/standard-components/src/forms/validation.js b/packages/standard-components/src/forms/validation.js
index b1df80509f..30b6fd7ca7 100644
--- a/packages/standard-components/src/forms/validation.js
+++ b/packages/standard-components/src/forms/validation.js
@@ -1,54 +1,108 @@
 import flatpickr from "flatpickr"
 
-export const createValidatorFromConstraints = (constraints, field, table) => {
-  let checks = []
+/**
+ * Creates a validation function from a combination of schema-level constraints
+ * and custom validation rules
+ * @param schemaConstraints any schema level constraints from the table
+ * @param customRules any custom validation rules
+ * @param field the field name we are evaluating
+ * @param table the definition of the table we are evaluating
+ * @returns {function} a validator function which accepts test values
+ */
+export const createValidatorFromConstraints = (
+  schemaConstraints,
+  customRules,
+  field,
+  table
+) => {
+  let rules = []
 
-  if (constraints) {
+  // Convert schema constraints into validation rules
+  if (schemaConstraints) {
     // Required constraint
     if (
       field === table?.primaryDisplay ||
-      constraints.presence?.allowEmpty === false
+      schemaConstraints.presence?.allowEmpty === false
     ) {
-      checks.push(presenceConstraint)
+      rules.push({
+        type: "string",
+        constraint: "required",
+        error: "Required",
+      })
     }
 
     // String length constraint
-    if (exists(constraints.length?.maximum)) {
-      const length = constraints.length.maximum
-      checks.push(lengthConstraint(length))
+    if (exists(schemaConstraints.length?.maximum)) {
+      const length = schemaConstraints.length.maximum
+      rules.push({
+        type: "string",
+        constraint: "length",
+        value: length,
+        error: `Maximum length is ${length}`,
+      })
     }
 
     // Min / max number constraint
-    if (exists(constraints.numericality?.greaterThanOrEqualTo)) {
-      const min = constraints.numericality.greaterThanOrEqualTo
-      checks.push(numericalConstraint(x => x >= min, `Minimum value is ${min}`))
+    if (exists(schemaConstraints.numericality?.greaterThanOrEqualTo)) {
+      const min = schemaConstraints.numericality.greaterThanOrEqualTo
+      rules.push({
+        type: "number",
+        constraint: "minValue",
+        value: min,
+        error: `Minimum value is ${min}`,
+      })
     }
-    if (exists(constraints.numericality?.lessThanOrEqualTo)) {
-      const max = constraints.numericality.lessThanOrEqualTo
-      checks.push(numericalConstraint(x => x <= max, `Maximum value is ${max}`))
+    if (exists(schemaConstraints.numericality?.lessThanOrEqualTo)) {
+      const max = schemaConstraints.numericality.lessThanOrEqualTo
+      rules.push({
+        type: "number",
+        constraint: "maxValue",
+        value: max,
+        error: `Maximum value is ${max}`,
+      })
     }
 
     // Inclusion constraint
-    if (exists(constraints.inclusion)) {
-      const options = constraints.inclusion
-      checks.push(inclusionConstraint(options))
+    if (exists(schemaConstraints.inclusion)) {
+      const options = schemaConstraints.inclusion || []
+      rules.push({
+        type: "string",
+        constraint: "inclusion",
+        value: options,
+        error: "Invalid value",
+      })
     }
 
     // Date constraint
-    if (exists(constraints.datetime?.earliest)) {
-      const limit = constraints.datetime.earliest
-      checks.push(dateConstraint(limit, true))
+    if (exists(schemaConstraints.datetime?.earliest)) {
+      const limit = schemaConstraints.datetime.earliest
+      const limitString = flatpickr.formatDate(new Date(limit), "F j Y, H:i")
+      rules.push({
+        type: "datetime",
+        constraint: "minValue",
+        value: limit,
+        error: `Earliest date is ${limitString}`,
+      })
     }
-    if (exists(constraints.datetime?.latest)) {
-      const limit = constraints.datetime.latest
-      checks.push(dateConstraint(limit, false))
+    if (exists(schemaConstraints.datetime?.latest)) {
+      const limit = schemaConstraints.datetime.latest
+      const limitString = flatpickr.formatDate(new Date(limit), "F j Y, H:i")
+      rules.push({
+        type: "datetime",
+        constraint: "maxValue",
+        value: limit,
+        error: `Latest date is ${limitString}`,
+      })
     }
   }
 
+  // Add custom validation rules
+  rules = rules.concat(customRules || [])
+
   // Evaluate each constraint
   return value => {
-    for (let check of checks) {
-      const error = check(value)
+    for (let rule of rules) {
+      const error = evaluateRule(rule, value)
       if (error) {
         return error
       }
@@ -57,61 +111,197 @@ export const createValidatorFromConstraints = (constraints, field, table) => {
   }
 }
 
-const exists = value => value != null && value !== ""
-
-const presenceConstraint = value => {
-  let invalid
-  if (Array.isArray(value)) {
-    invalid = value.length === 0
-  } else {
-    invalid = value == null || value === ""
-  }
-  return invalid ? "Required" : null
-}
-
-const lengthConstraint = maxLength => value => {
-  if (value && value.length > maxLength) {
-    return `Maximum ${maxLength} characters`
-  }
-  return null
-}
-
-const numericalConstraint = (constraint, error) => value => {
-  if (value == null || value === "") {
-    return null
-  }
-  if (isNaN(value)) {
-    return "Must be a number"
-  }
-  const number = parseFloat(value)
-  if (!constraint(number)) {
-    return error
-  }
-  return null
-}
-
-const inclusionConstraint =
-  (options = []) =>
-  value => {
-    if (value == null || value === "") {
-      return null
-    }
-    if (!options.includes(value)) {
-      return "Invalid value"
-    }
+/**
+ * Evaluates a validation rule against a value and optionally returns
+ * an error if the validation fails.
+ * @param rule the rule object to evaluate
+ * @param value the value to validate against
+ * @returns {null|*} an error if validation fails or null if it passes
+ */
+const evaluateRule = (rule, value) => {
+  if (!rule) {
     return null
   }
 
-const dateConstraint = (dateString, isEarliest) => {
-  const dateLimit = Date.parse(dateString)
-  return value => {
-    if (value == null || value === "") {
+  // Determine the correct handler for this rule
+  const handler = handlerMap[rule.constraint]
+  if (!handler) {
+    return null
+  }
+
+  // Coerce input value into correct type
+  value = parseType(value, rule.type)
+
+  // Evaluate the rule
+  const pass = handler(value, rule)
+  return pass ? null : rule.error || "Error"
+}
+
+/**
+ * Parses a value to the specified type so that values are always compared
+ * in the same format.
+ * @param value the value to parse
+ * @param type the type to parse
+ * @returns {boolean|string|*|number|null} the parsed value, or null if invalid
+ */
+const parseType = (value, type) => {
+  // Treat nulls or empty strings as null
+  if (!exists(value) || !type) {
+    return null
+  }
+
+  // Parse as string
+  if (type === "string") {
+    if (typeof value === "string" || Array.isArray(value)) {
+      return value
+    }
+    if (value.length === 0) {
       return null
     }
-    const dateValue = Date.parse(value)
-    const valid = isEarliest ? dateValue >= dateLimit : dateValue <= dateLimit
-    const adjective = isEarliest ? "Earliest" : "Latest"
-    const limitString = flatpickr.formatDate(new Date(dateLimit), "F j Y, H:i")
-    return valid ? null : `${adjective} is ${limitString}`
+    return `${value}`
   }
+
+  // Parse as number
+  if (type === "number") {
+    if (isNaN(value)) {
+      return null
+    }
+    return parseFloat(value)
+  }
+
+  // Parse as date
+  if (type === "datetime") {
+    if (value instanceof Date) {
+      return value.getTime()
+    }
+    const time = isNaN(value) ? Date.parse(value) : new Date(value).getTime()
+    return isNaN(time) ? null : time
+  }
+
+  // Parse as boolean
+  if (type === "boolean") {
+    if (typeof value === "string") {
+      return value.toLowerCase() === "true"
+    }
+    return value === true
+  }
+
+  // Parse attachments, treating no elements as null
+  if (type === "attachment") {
+    if (!Array.isArray(value) || !value.length) {
+      return null
+    }
+    return value
+  }
+
+  // Parse links, treating no elements as null
+  if (type === "link") {
+    if (!Array.isArray(value) || !value.length) {
+      return null
+    }
+    return value
+  }
+
+  // If some unknown type, treat as null to avoid breaking validators
+  return null
+}
+
+// Evaluates a required constraint
+const requiredHandler = value => {
+  return value != null
+}
+
+// Evaluates a min length constraint
+const minLengthHandler = (value, rule) => {
+  const limit = parseType(rule.value, "number")
+  return value && value.length >= limit
+}
+
+// Evaluates a max length constraint
+const maxLengthHandler = (value, rule) => {
+  const limit = parseType(rule.value, "number")
+  return value == null || value.length <= limit
+}
+
+// Evaluates a min value constraint
+const minValueHandler = (value, rule) => {
+  // Use same type as the value so that things can be compared
+  const limit = parseType(rule.value, rule.type)
+  return value && value >= limit
+}
+
+// Evaluates a max value constraint
+const maxValueHandler = (value, rule) => {
+  // Use same type as the value so that things can be compared
+  const limit = parseType(rule.value, rule.type)
+  return value == null || value <= limit
+}
+
+// Evaluates an inclusion constraint
+const inclusionHandler = (value, rule) => {
+  return value == null || rule.value.includes(value)
+}
+
+// Evaluates an equal constraint
+const equalHandler = (value, rule) => {
+  const ruleValue = parseType(rule.value, rule.type)
+  return value === ruleValue
+}
+
+// Evaluates a not equal constraint
+const notEqualHandler = (value, rule) => {
+  const ruleValue = parseType(rule.value, rule.type)
+  if (value == null && ruleValue == null) {
+    return true
+  }
+  return value !== ruleValue
+}
+
+// Evaluates a regex constraint
+const regexHandler = (value, rule) => {
+  const regex = parseType(rule.value, "string")
+  return new RegExp(regex).test(value)
+}
+
+// Evaluates a not regex constraint
+const notRegexHandler = (value, rule) => {
+  return !regexHandler(value, rule)
+}
+
+// Evaluates a contains constraint
+const containsHandler = (value, rule) => {
+  const expectedValue = parseType(rule.value, "string")
+  return value && value.includes(expectedValue)
+}
+
+// Evaluates a not contains constraint
+const notContainsHandler = (value, rule) => {
+  return !containsHandler(value, rule)
+}
+
+/**
+ * Map of constraint types to handlers.
+ */
+const handlerMap = {
+  required: requiredHandler,
+  minLength: minLengthHandler,
+  maxLength: maxLengthHandler,
+  minValue: minValueHandler,
+  maxValue: maxValueHandler,
+  inclusion: inclusionHandler,
+  equal: equalHandler,
+  notEqual: notEqualHandler,
+  regex: regexHandler,
+  notRegex: notRegexHandler,
+  contains: containsHandler,
+  notContains: notContainsHandler,
+}
+
+/**
+ * Helper to check for null, undefined or empty string values
+ * @param value the value to test
+ * @returns {boolean} whether the value exists or not
+ */
+const exists = value => {
+  return value != null && value !== ""
 }
diff --git a/packages/standard-components/src/index.js b/packages/standard-components/src/index.js
index a137c8c3dc..ace3b907c6 100644
--- a/packages/standard-components/src/index.js
+++ b/packages/standard-components/src/index.js
@@ -17,6 +17,7 @@ export { default as Placeholder } from "./Placeholder.svelte"
 export { default as container } from "./Container.svelte"
 export { default as section } from "./Section.svelte"
 export { default as dataprovider } from "./DataProvider.svelte"
+export { default as divider } from "./Divider.svelte"
 export { default as screenslot } from "./ScreenSlot.svelte"
 export { default as button } from "./Button.svelte"
 export { default as repeater } from "./Repeater.svelte"
diff --git a/packages/standard-components/vite.config.js b/packages/standard-components/vite.config.js
index 2eecfbaf44..a7aa32a568 100644
--- a/packages/standard-components/vite.config.js
+++ b/packages/standard-components/vite.config.js
@@ -1,4 +1,4 @@
-import svelte from "@sveltejs/vite-plugin-svelte"
+import { svelte } from "@sveltejs/vite-plugin-svelte"
 const path = require("path")
 
 export default ({ mode }) => {
diff --git a/packages/standard-components/yarn.lock b/packages/standard-components/yarn.lock
index ee036d6a67..02f8e21f00 100644
--- a/packages/standard-components/yarn.lock
+++ b/packages/standard-components/yarn.lock
@@ -2,24 +2,164 @@
 # yarn lockfile v1
 
 
-"@rollup/pluginutils@^4.1.0":
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/@rollup/pluginutils/-/pluginutils-4.1.0.tgz#0dcc61c780e39257554feb7f77207dceca13c838"
-  integrity sha512-TrBhfJkFxA+ER+ew2U2/fHbebhLT/l/2pRk0hfj9KusXUuRXd2v0R58AfaZK9VXDQ4TogOSEmICVrQAA3zFnHQ==
+"@adobe/spectrum-css-workflow-icons@^1.2.1":
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/@adobe/spectrum-css-workflow-icons/-/spectrum-css-workflow-icons-1.2.1.tgz#7e2cb3fcfb5c8b12d7275afafbb6ec44913551b4"
+  integrity sha512-uVgekyBXnOVkxp+CUssjN/gefARtudZC8duEn1vm0lBQFwGRZFlDEzU1QC+aIRWCrD1Z8OgRpmBYlSZ7QS003w==
+
+"@budibase/bbui@^0.9.115":
+  version "0.9.115"
+  resolved "https://registry.yarnpkg.com/@budibase/bbui/-/bbui-0.9.115.tgz#6aa0226908812052cd02628d6d604b95a3d55b92"
+  integrity sha512-HysxPp8POetLWj1pucrhn4Na+KllKvHRmBV7qU9XE1BVL9B2pLa6rPoZeLYrdMQmBW070bmXSdUuYDWZqEYYog==
+  dependencies:
+    "@adobe/spectrum-css-workflow-icons" "^1.2.1"
+    "@spectrum-css/actionbutton" "^1.0.1"
+    "@spectrum-css/actiongroup" "^1.0.1"
+    "@spectrum-css/avatar" "^3.0.2"
+    "@spectrum-css/button" "^3.0.1"
+    "@spectrum-css/buttongroup" "^3.0.2"
+    "@spectrum-css/checkbox" "^3.0.2"
+    "@spectrum-css/dialog" "^3.0.1"
+    "@spectrum-css/divider" "^1.0.1"
+    "@spectrum-css/dropzone" "^3.0.2"
+    "@spectrum-css/fieldgroup" "^3.0.2"
+    "@spectrum-css/fieldlabel" "^3.0.1"
+    "@spectrum-css/icon" "^3.0.1"
+    "@spectrum-css/illustratedmessage" "^3.0.2"
+    "@spectrum-css/inputgroup" "^3.0.2"
+    "@spectrum-css/label" "^2.0.10"
+    "@spectrum-css/link" "^3.1.1"
+    "@spectrum-css/menu" "^3.0.1"
+    "@spectrum-css/modal" "^3.0.1"
+    "@spectrum-css/pagination" "^3.0.3"
+    "@spectrum-css/picker" "^1.0.1"
+    "@spectrum-css/popover" "^3.0.1"
+    "@spectrum-css/progressbar" "^1.0.2"
+    "@spectrum-css/progresscircle" "^1.0.2"
+    "@spectrum-css/radio" "^3.0.2"
+    "@spectrum-css/search" "^3.0.2"
+    "@spectrum-css/sidenav" "^3.0.2"
+    "@spectrum-css/statuslight" "^3.0.2"
+    "@spectrum-css/switch" "^1.0.2"
+    "@spectrum-css/table" "^3.0.1"
+    "@spectrum-css/tabs" "^3.0.1"
+    "@spectrum-css/tags" "^3.0.2"
+    "@spectrum-css/textfield" "^3.0.1"
+    "@spectrum-css/toast" "^3.0.1"
+    "@spectrum-css/tooltip" "^3.0.3"
+    "@spectrum-css/treeview" "^3.0.2"
+    "@spectrum-css/typography" "^3.0.1"
+    "@spectrum-css/underlay" "^2.0.9"
+    "@spectrum-css/vars" "^3.0.1"
+    dayjs "^1.10.4"
+    svelte-flatpickr "^3.1.0"
+    svelte-portal "^1.0.0"
+
+"@rollup/pluginutils@^4.1.1":
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/@rollup/pluginutils/-/pluginutils-4.1.1.tgz#1d4da86dd4eded15656a57d933fda2b9a08d47ec"
+  integrity sha512-clDjivHqWGXi7u+0d2r2sBi4Ie6VLEAzWMIkvJLnDmxoOhBYOTfzGbOQBA32THHm11/LiJbd01tJUpJsbshSWQ==
   dependencies:
     estree-walker "^2.0.1"
     picomatch "^2.2.2"
 
+"@spectrum-css/actionbutton@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/actionbutton/-/actionbutton-1.0.3.tgz#8f7342a69b303c5acdcfa0a59f5e9267b9f3cb30"
+  integrity sha512-P9qoCPSiZ1SB6ZYqK5hub0vGty00YYqonQE0KTjtb1i+T1nYR/87vWqVPERx9j63uhgZncjwFYaThTvRqye7eQ==
+
+"@spectrum-css/actiongroup@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/actiongroup/-/actiongroup-1.0.3.tgz#4713ce65e6f5c72c404a7b638fbc3b4fd7e3874f"
+  integrity sha512-NlB9Q4ZlWixXxymoPIYG6g2hkwAGKFodHWPFfxHD8ddkjXWRB9G2akUP7cfsJ4DcYn4VisUORCOYQwqDiSmboQ==
+
+"@spectrum-css/avatar@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/avatar/-/avatar-3.0.2.tgz#4f1826223eae330e64b6d3cc899e9bc2e98dac95"
+  integrity sha512-wEczvSqxttTWSiL3cOvXV/RmGRwSkw2w6+slcHhnf0kb7ovymMM+9oz8vvEpEsSeo5u598bc+7ktrKFpAd6soQ==
+
+"@spectrum-css/button@^3.0.1", "@spectrum-css/button@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/button/-/button-3.0.3.tgz#2df1efaab6c7e0b3b06cb4b59e1eae59c7f1fc84"
+  integrity sha512-6CnLPqqtaU/PcSSIGeGRi0iFIIxIUByYLKFO6zn5NEUc12KQ28dJ4PLwB6WBa0L8vRoAGlnWWH2ZZweTijbXgg==
+
+"@spectrum-css/buttongroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/buttongroup/-/buttongroup-3.0.3.tgz#719d868845ac9d2c4f939c1b9f6044507902d5aa"
+  integrity sha512-eXl8U4QWMWXqyTu654FdQdEGnmczgOYlpIFSHyCMVjhtPqZp2xwnLFiGh6LKw+bLio6eeOZ0L+vpk1GcoYqgkw==
+
 "@spectrum-css/card@^3.0.3":
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/@spectrum-css/card/-/card-3.0.3.tgz#56b2e2da6b80c1583228baa279de7407383bfb6b"
   integrity sha512-+oKLUI2a0QmQP9EzySeq/G4FpUkkdaDNbuEbqCj2IkPMc/2v/nwzsPhh1fj2UIghGAiiUwXfPpzax1e8fyhQUg==
 
-"@spectrum-css/link@^3.1.3":
+"@spectrum-css/checkbox@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/checkbox/-/checkbox-3.0.3.tgz#8577067fc8b97e4609f92bd242364937a533a7bb"
+  integrity sha512-QVG9uMHq+lh70Dh6mDNnY+vEvNz2p7VC6xgLfDYfijp2qeiqYPq72fQK6p/SiyqPk96ZACzNRwgeROU6Xf6Wgg==
+
+"@spectrum-css/dialog@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/dialog/-/dialog-3.0.3.tgz#7715a4ea435e753afb623d99ca5917ed1bcd6f34"
+  integrity sha512-AhmKgfRIVyTe3ABiJ8lLUQL34VB/H6fN16na2LlbDRJvyRMzkdN1Xf2i6U3f4OMd3qQ8Gm5xat4BvMxIQPBAUQ==
+
+"@spectrum-css/divider@^1.0.1", "@spectrum-css/divider@^1.0.3":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/divider/-/divider-1.0.3.tgz#639e2ebaa0834efa40f42397668bbd5c153ea385"
+  integrity sha512-Zy4Rn40w8UtzMh3wx/U9+CepSCpm1aOCGftHgWDub0XZuVTzh0c1WwyzTuLCx2Hf21z5VRGNiDh8bGEEzSbtNA==
+  dependencies:
+    "@spectrum-css/vars" "^3.0.2"
+
+"@spectrum-css/dropzone@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/dropzone/-/dropzone-3.0.3.tgz#aee71697a2c195947599d7541b858c3c198741dc"
+  integrity sha512-ujrswdtB6bHigklyHsm6zomFd6rUnKJ3xVVRjroVF4+ouK4DxK5tX0iVd0EW6AOfOjx4Cc28uyFot3fpxp+MQw==
+
+"@spectrum-css/fieldgroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/fieldgroup/-/fieldgroup-3.0.3.tgz#85d85da048d08200f25ceab378026dd2b11e0bb2"
+  integrity sha512-wXUXTXN1CPnR7M4Ltd+3uh7BfcNGUV1+Xe0/h0tCpq/j+S2Sd4xo7/pUMdU19sIDrAAtpEFp1tt+nouHcU5HGQ==
+
+"@spectrum-css/fieldlabel@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/fieldlabel/-/fieldlabel-3.0.3.tgz#f73c04d20734d4718ffb620dc46458904685b449"
+  integrity sha512-nEvIkEXCD5n4fW67Unq6Iu7VXoauEd/JGpfTY02VsC5p4FJLnwKfPDbJUuUsqClAxqw7nAsmXVKtn4zQFf5yPQ==
+
+"@spectrum-css/icon@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/icon/-/icon-3.0.3.tgz#5c612822380927087aebd526855d82ed2c3e2cba"
+  integrity sha512-hyloKOejPCXhP3MBNsm3SjR9j8xT1R1S19p32KW/0Qhj+VMUtfyEPmevyFptpn7wcovQccdl/vZVIVDuML/imw==
+
+"@spectrum-css/illustratedmessage@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/illustratedmessage/-/illustratedmessage-3.0.2.tgz#6a480be98b027e050b086e7899e40d87adb0a8c0"
+  integrity sha512-dqnE8X27bGcO0HN8+dYx8O4o0dNNIAqeivOzDHhe2El+V4dTzMrNIerF6G0NLm3GjVf6XliwmitsZK+K6FmbtA==
+
+"@spectrum-css/inputgroup@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/inputgroup/-/inputgroup-3.0.3.tgz#00c9a370ddc2c55cf0f37dd6069faa9501fd7eb5"
+  integrity sha512-FqRJTiLL7jiGfzDVXWUGVLqHryJjCcqQIrqAi+Tq0oenapzsBe2qc/zIrKgh2wtMI+NTIBLXTECvij3L1HlqAg==
+
+"@spectrum-css/label@^2.0.10":
+  version "2.0.10"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/label/-/label-2.0.10.tgz#2368651d7636a19385b5d300cdf6272db1916001"
+  integrity sha512-xCbtEiQkZIlLdWFikuw7ifDCC21DOC/KMgVrrVJHXFc4KRQe9LTZSqmGF3tovm+CSq1adE59mYoTbojVQ9YuEQ==
+
+"@spectrum-css/link@^3.1.1", "@spectrum-css/link@^3.1.3":
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/@spectrum-css/link/-/link-3.1.3.tgz#b0e560a7e0acdb4a2b329b6669696aa3438f5993"
   integrity sha512-8Pmy5d73MwKcATTPaj+fSrZYnIw7GmfX40AvpC1xx5LauOxsbUb4AVNp1kn2H8rrOBmxF7czyhoBBhEiv66QUg==
 
+"@spectrum-css/menu@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/menu/-/menu-3.0.3.tgz#46a9b221bb5f470a2f8a934bdfd512d84d2fdc4d"
+  integrity sha512-qKA9J/MrikNKIpCEHsAazG2vY3im5tjGCmo6p9Pdnu8/aQMsiuZDHZayukeCttJUZkrb9guDVL9OIHlK5RZvcQ==
+
+"@spectrum-css/modal@^3.0.1":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/modal/-/modal-3.0.2.tgz#58b6621cab65f90788d310374f40df1f7090473f"
+  integrity sha512-YnIivJhoaao7Otu+HV7sgebPyFbO6sd/oMvTN/Rb2wwgnaMnIIuIRdGandSrcgotN2uNgs+P0knG6mv/xA1/dg==
+
 "@spectrum-css/page@^3.0.1":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/page/-/page-3.0.2.tgz#8f0c03d25f5565fb13115541a8fcaf0e1d3a8ee0"
@@ -27,41 +167,122 @@
   dependencies:
     "@spectrum-css/vars" "^3.0.2"
 
-"@spectrum-css/typography@^3.0.2":
+"@spectrum-css/pagination@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/pagination/-/pagination-3.0.3.tgz#b204c3ada384c4af751a354bc428346d82eeea65"
+  integrity sha512-OJ/v9GeNXJOZ9Yr9LDBYPrR2NCiLOWP9wANT/a5sqFuugRnQbn/HYMnRp9TBxwpDY6ihaPo0T/wi7kLiAJFdDw==
+
+"@spectrum-css/picker@^1.0.1":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/picker/-/picker-1.0.3.tgz#21379bcf8ae94277deeb6ad65dcd9e2bbfacb487"
+  integrity sha512-oHLGxBx5BwVCSGo7/T1C9PTHX1+/5AmVjyLiTJ4UoIdSJmOERw9YcRZbcGZgBJNWbxcjr4TyGtwj1EcSjEy97w==
+
+"@spectrum-css/popover@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/popover/-/popover-3.0.3.tgz#6fb69873474fb968afb738eacb9e121f93e83a09"
+  integrity sha512-KvmXv4TV19FBx39KfmgVlDYtvtBqv/8RRK7RRLDDHGViTxZtShjVsVpwIgfkfgn4iJztCnXpWzFqRXWUu2XCpQ==
+
+"@spectrum-css/progressbar@^1.0.2":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/progressbar/-/progressbar-1.0.3.tgz#f70bcc38a2a21cff2f422ec825724ebbb9455e67"
+  integrity sha512-vJHplefUuy8+NjCw1X7fLbqHVGNVBpvGFXNAeaIj4SFf4ygxiUq/5c9iRhhsCQixEsJlfD/b7BnGXU7BUDkr6Q==
+
+"@spectrum-css/progresscircle@^1.0.2":
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/progresscircle/-/progresscircle-1.0.2.tgz#258ea9170fb70f795edda03e38a61d93bef4487c"
+  integrity sha512-JLULpyzjIY95lzlWR1yE1gv4l1K6p+scQ+edmuZZUHBzwM3pUtkvHJmUlA9TYdResUYW6Uka60VRdY6lZ8gnFQ==
+
+"@spectrum-css/radio@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/radio/-/radio-3.0.3.tgz#25c3bc5e9c30a8a8ae728717b7c7fb736cdae640"
+  integrity sha512-LaLGfz/eGNR2iyqouXYILIA+pKRqF769iPdwM0REm5RpWvMQDD7rPZ/kWlg18owjaFsyllEp25gEjmhRJIIVOw==
+
+"@spectrum-css/search@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/search/-/search-3.0.3.tgz#3415dc106aca0d5dd996e87084a1b47c2b95a882"
+  integrity sha512-kdLpKTt0obljuhS1q1tukujRlvSs8sBwij76D4Qp8KpMzwePfZyvv1kYzuWPNZfTeISxWsmyZ6Wxd1uvzjn+UA==
+
+"@spectrum-css/sidenav@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/sidenav/-/sidenav-3.0.3.tgz#132141fbd2500a927c312fa4e1d712c438b3d597"
+  integrity sha512-cQ+CgwjxGftrcc79i1XnGd66QTl7H7zopSU0UTV4Qq7hvqfrjjWxfZ6b+3tezrrhNlDope1ff9o8sm67PsPXtg==
+
+"@spectrum-css/statuslight@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/statuslight/-/statuslight-3.0.2.tgz#dc54b6cd113413dcdb909c486b5d7bae60db65c5"
+  integrity sha512-xodB8g8vGJH20XmUj9ZsPlM1jHrGeRbvmVXkz0q7YvQrYAhim8pP3W+XKKZAletPFAuu8cmUOc6SWn6i4X4z6w==
+
+"@spectrum-css/switch@^1.0.2":
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/switch/-/switch-1.0.2.tgz#f0b4c69271964573e02b08e90998096e49e1de44"
+  integrity sha512-zqmHpgWPNg1gEwdUNFYV3CBX5JaeALfIqcJIxE0FLZqr9d1C4+oLE0ItIFzt1bwr4bFAOmkEpvtiY+amluzGxQ==
+
+"@spectrum-css/table@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/table/-/table-3.0.3.tgz#7f7f19905ef3275cbf907ce3a5818e63c30b2caf"
+  integrity sha512-nxwzVjLPsXoY/v4sdxOVYLcC+cEbGgJyLcLclT5LT9MGSbngFeUMJzzVR4EvehzuN4dH7hrATG7Mbuq29Mf0Hg==
+
+"@spectrum-css/tabs@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tabs/-/tabs-3.0.3.tgz#51dd6f168c897b0fdc3a7e9f901df7bd2288b4fc"
+  integrity sha512-iLP1I72bJWz9APdQB1jiw+pOv5a7N+hYOCJvRoc56Us/hJKVzowkyGRe3uH+8v36nCG9bHxiAQNLoU8eXisVrg==
+
+"@spectrum-css/tags@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tags/-/tags-3.0.3.tgz#fc76d2735cdc442de91b7eb3bee49a928c0767ac"
+  integrity sha512-SL8vPxVDfWcY5VdIuyl0TImEXcOU1I7yCyXkk7MudMwfnYs81FaIyY32hFV9OHj0Tz/36UzRzc7AVMSuRQ53pw==
+
+"@spectrum-css/textfield@^3.0.1":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/textfield/-/textfield-3.0.2.tgz#907f62d2dc82852dd6236a820be99e252b531631"
+  integrity sha512-nkFgAb0cP4jUodkUBErMNfyF78jJLtgL1Mrr9/rvGpGobo10IAbb8zZY4CkZ64o8XmMy/85+wZTKcx+KHatqpg==
+
+"@spectrum-css/toast@^3.0.1":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/toast/-/toast-3.0.3.tgz#97c1527384707600832ecda35643ed304615250f"
+  integrity sha512-CjLeaMs+cjUXojCCRtbj0YkD2BoZW16kjj2o5omkEpUTjA34IJ8xJ1a+CCtDILWekhXvN0MBN4sbumcnwcnx8w==
+
+"@spectrum-css/tooltip@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/tooltip/-/tooltip-3.0.3.tgz#26b8ca3b3d30e29630244d85eb4fc11d0c841281"
+  integrity sha512-ztRF7WW1FzyNavXBRc+80z67UoOrY9wl3cMYsVD3MpDnyxdzP8cjza1pCcolKBaFqRTcQKkxKw3GWtGICRKR5A==
+
+"@spectrum-css/treeview@^3.0.2":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/treeview/-/treeview-3.0.3.tgz#aeda5175158b9f8d7529cb2b394428eb2a428046"
+  integrity sha512-D5gGzZC/KtRArdx86Mesc9+99W9nTbUOeyYGqoJoAfJSOttoT6Tk5CrDvlCmAqjKf5rajemAkGri1ChqvUIwkw==
+
+"@spectrum-css/typography@^3.0.1", "@spectrum-css/typography@^3.0.2":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/typography/-/typography-3.0.2.tgz#ea3ca0a60e18064527819d48c8c4364cab4fcd38"
   integrity sha512-5ZOLmQe0edzsDMyhghUd4hBb5uxGsFrxzf+WasfcUw9klSfTsRZ09n1BsaaWbgrLjlMQ+EEHS46v5VNo0Ms2CA==
 
+"@spectrum-css/underlay@^2.0.9":
+  version "2.0.10"
+  resolved "https://registry.yarnpkg.com/@spectrum-css/underlay/-/underlay-2.0.10.tgz#8b75b646605a311850f6620caa18d4996cd64ed7"
+  integrity sha512-PmsmkzeGD/rY4pp3ILXHt9w8BW7uaEqXe08hQRS7rGki7wqCpG4mE0/8N3yEcA3QxWQclmG9gdkg5uz6wMmYzA==
+
 "@spectrum-css/vars@^3.0.1", "@spectrum-css/vars@^3.0.2":
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/@spectrum-css/vars/-/vars-3.0.2.tgz#ea9062c3c98dfc6ba59e5df14a03025ad8969999"
   integrity sha512-vzS9KqYXot4J3AEER/u618MXWAS+IoMvYMNrOoscKiLLKYQWenaueakUWulFonToPd/9vIpqtdbwxznqrK5qDw==
 
 "@sveltejs/vite-plugin-svelte@^1.0.0-next.5":
-  version "1.0.0-next.10"
-  resolved "https://registry.yarnpkg.com/@sveltejs/vite-plugin-svelte/-/vite-plugin-svelte-1.0.0-next.10.tgz#15526067ea2edd334420b1e14602e29b370be25e"
-  integrity sha512-ImvxbhPePm2hWNTKBSA3LHAYGwiEjHjvvgfPLXm4R87sfZ+BMXql9jBmDpzUC/URBLT4BB3Jxos/i523qkJBHg==
+  version "1.0.0-next.15"
+  resolved "https://registry.yarnpkg.com/@sveltejs/vite-plugin-svelte/-/vite-plugin-svelte-1.0.0-next.15.tgz#12e853677387aa0891b03bf69afcc678fbf8f8e2"
+  integrity sha512-8yGX7PxaqtvWw+GHiO2DV7lZ4M7DwIrFq+PgZGZ9X09PuoSeaWszm76GWQXJMKHoPPhdA9084662en9qbv4aRw==
   dependencies:
-    "@rollup/pluginutils" "^4.1.0"
-    chalk "^4.1.1"
+    "@rollup/pluginutils" "^4.1.1"
     debug "^4.3.2"
-    hash-sum "^2.0.0"
+    kleur "^4.1.4"
+    magic-string "^0.25.7"
     require-relative "^0.8.7"
-    slash "^4.0.0"
-    source-map "^0.7.3"
-    svelte-hmr "^0.14.2"
-
-ansi-styles@^4.1.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937"
-  integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==
-  dependencies:
-    color-convert "^2.0.1"
+    svelte-hmr "^0.14.7"
 
 apexcharts@^3.19.2, apexcharts@^3.22.1:
-  version "3.27.1"
-  resolved "https://registry.yarnpkg.com/apexcharts/-/apexcharts-3.27.1.tgz#b0e6dd3b3ace028f29b32fcd88e19a2420a18089"
-  integrity sha512-2pfw3pxeWhI0ap5lfxyfGNGoGScfEwfc8XnTpbnzgRdr1AOH5JJN9hh3MvfwrC9TQQfJYC2TZc8P/q9qXUj1bQ==
+  version "3.27.3"
+  resolved "https://registry.yarnpkg.com/apexcharts/-/apexcharts-3.27.3.tgz#1b921ac64dea2f28a2b1aad4b396b38464223849"
+  integrity sha512-1ZrqiQT0VahkqW0kVjf5QVURYGaHMlGN08BoIZG2c2U/gY2AtnEoFN4r9q4d/pYYYKvI9AyLBHq0otzcVGrHAw==
   dependencies:
     svg.draggable.js "^2.2.2"
     svg.easing.js "^2.0.0"
@@ -70,35 +291,15 @@ apexcharts@^3.19.2, apexcharts@^3.22.1:
     svg.resize.js "^1.4.3"
     svg.select.js "^3.0.1"
 
-chalk@^4.1.1:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.1.tgz#c80b3fab28bf6371e6863325eee67e618b77e6ad"
-  integrity sha512-diHzdDKxcU+bAsUboHLPEDQiw0qEe0qd7SYUn3HgcFlWgbDcfLGswOHYeGrHKzG9z6UYf01d9VFMfZxPM1xZSg==
-  dependencies:
-    ansi-styles "^4.1.0"
-    supports-color "^7.1.0"
-
-color-convert@^2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-2.0.1.tgz#72d3a68d598c9bdb3af2ad1e84f21d896abd4de3"
-  integrity sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==
-  dependencies:
-    color-name "~1.1.4"
-
-color-name@~1.1.4:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
-  integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
-
 colorette@^1.2.2:
   version "1.2.2"
   resolved "https://registry.yarnpkg.com/colorette/-/colorette-1.2.2.tgz#cbcc79d5e99caea2dbf10eb3a26fd8b3e6acfa94"
   integrity sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==
 
-dayjs@^1.10.5:
-  version "1.10.5"
-  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.5.tgz#5600df4548fc2453b3f163ebb2abbe965ccfb986"
-  integrity sha512-BUFis41ikLz+65iH6LHQCDm4YPMj5r1YFLdupPIyM4SGcXMmtiLQ7U37i+hGS8urIuqe7I/ou3IS1jVc4nbN4g==
+dayjs@^1.10.4, dayjs@^1.10.5:
+  version "1.10.6"
+  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.6.tgz#288b2aa82f2d8418a6c9d4df5898c0737ad02a63"
+  integrity sha512-AztC/IOW4L1Q41A86phW5Thhcrco3xuAA+YX/BLpLWWjRcTj5TOt/QImBLmCKlrF7u7k47arTnOyL6GnbG8Hvw==
 
 debug@^4.3.2:
   version "4.3.2"
@@ -107,10 +308,10 @@ debug@^4.3.2:
   dependencies:
     ms "2.1.2"
 
-esbuild@^0.12.5:
-  version "0.12.8"
-  resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.12.8.tgz#ac90da77cb3bfbf49ab815200bcef7ffe1a3348f"
-  integrity sha512-sx/LwlP/SWTGsd9G4RlOPrXnIihAJ2xwBUmzoqe2nWwbXORMQWtAGNJNYLBJJqa3e9PWvVzxdrtyFZJcr7D87g==
+esbuild@^0.12.8:
+  version "0.12.18"
+  resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.12.18.tgz#e5db16372188c2b4d395f7f55fdade27f6a119fa"
+  integrity sha512-arWhBQSy+oiBAp8VRRCFvAU+3jyf0gGacABLO3haMHboXCDjzq4WUqyQklst2XRuFS8MXgap+9uvODqj9Iygpg==
 
 estree-walker@^2.0.1:
   version "2.0.2"
@@ -122,7 +323,7 @@ flatpickr@^4.5.2:
   resolved "https://registry.yarnpkg.com/flatpickr/-/flatpickr-4.6.9.tgz#9a13383e8a6814bda5d232eae3fcdccb97dc1499"
   integrity sha512-F0azNNi8foVWKSF+8X+ZJzz8r9sE1G4hl06RyceIaLvyltKvDl6vqk9Lm/6AUUCi5HWaIjiUbk7UpeE/fOXOpw==
 
-fsevents@~2.3.1:
+fsevents@~2.3.2:
   version "2.3.2"
   resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.2.tgz#8a526f78b8fdf4623b709e0b975c52c24c02fd1a"
   integrity sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==
@@ -132,11 +333,6 @@ function-bind@^1.1.1:
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
   integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==
 
-has-flag@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b"
-  integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==
-
 has@^1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
@@ -144,18 +340,25 @@ has@^1.0.3:
   dependencies:
     function-bind "^1.1.1"
 
-hash-sum@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/hash-sum/-/hash-sum-2.0.0.tgz#81d01bb5de8ea4a214ad5d6ead1b523460b0b45a"
-  integrity sha512-WdZTbAByD+pHfl/g9QSsBIIwy8IT+EsPiKDs0KNX+zSHhdDLFKdZu0BQHljvO+0QI/BasbMSUa8wYNCZTvhslg==
-
 is-core-module@^2.2.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.4.0.tgz#8e9fc8e15027b011418026e98f0e6f4d86305cc1"
-  integrity sha512-6A2fkfq1rfeQZjxrZJGerpLCTHRNEBiSgnu0+obeJpEPZRUooHgsizvzv0ZjJwOz3iWIHdJtVWJ/tmPr3D21/A==
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.5.0.tgz#f754843617c70bfd29b7bd87327400cda5c18491"
+  integrity sha512-TXCMSDsEHMEEZ6eCA8rwRDbLu55MRGmrctljsBX/2v1d9/GzqHOxW5c5oPSgrUt2vBFXebu9rGqckXGPWOlYpg==
   dependencies:
     has "^1.0.3"
 
+kleur@^4.1.4:
+  version "4.1.4"
+  resolved "https://registry.yarnpkg.com/kleur/-/kleur-4.1.4.tgz#8c202987d7e577766d039a8cd461934c01cda04d"
+  integrity sha512-8QADVssbrFjivHWQU7KkMgptGTl6WAcSdlbBPY4uNF+mWr6DGcKrvY2w4FQJoXch7+fKMjj0dRrL75vk3k23OA==
+
+magic-string@^0.25.7:
+  version "0.25.7"
+  resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.7.tgz#3f497d6fd34c669c6798dcb821f2ef31f5445051"
+  integrity sha512-4CrMT5DOHTDk4HYDlzmwu4FVCcIYI8gauveasrdCu2IKIFOJ3f0v/8MDGJCDL9oD2ppz/Av1b0Nj345H9M+XIA==
+  dependencies:
+    sourcemap-codec "^1.4.4"
+
 ms@2.1.2:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009"
@@ -176,10 +379,10 @@ picomatch@^2.2.2:
   resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.0.tgz#f1f061de8f6a4bf022892e2d128234fb98302972"
   integrity sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==
 
-postcss@^8.3.0:
-  version "8.3.0"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.3.0.tgz#b1a713f6172ca427e3f05ef1303de8b65683325f"
-  integrity sha512-+ogXpdAjWGa+fdYY5BQ96V/6tAo+TdSSIMP5huJBIygdWwKtVoB5JWZ7yUd4xZ8r+8Kvvx4nyg/PQ071H4UtcQ==
+postcss@^8.3.6:
+  version "8.3.6"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.3.6.tgz#2730dd76a97969f37f53b9a6096197be311cc4ea"
+  integrity sha512-wG1cc/JhRgdqB6WHEuyLTedf3KIRuD0hG6ldkFEZNCjRxiC+3i6kkWUUbiJQayP28iwG35cEmAbe98585BYV0A==
   dependencies:
     colorette "^1.2.2"
     nanoid "^3.1.23"
@@ -190,7 +393,7 @@ require-relative@^0.8.7:
   resolved "https://registry.yarnpkg.com/require-relative/-/require-relative-0.8.7.tgz#7999539fc9e047a37928fa196f8e1563dabd36de"
   integrity sha1-eZlTn8ngR6N5KPoZb44VY9q9Nt4=
 
-resolve@^1.19.0:
+resolve@^1.20.0:
   version "1.20.0"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.20.0.tgz#629a013fb3f70755d6f0b7935cc1c2c5378b1975"
   integrity sha512-wENBPt4ySzg4ybFQW2TT1zMQucPK95HSh/nq2CFTZVOGut2+pQvSsgtda4d26YrYcr067wjbmzOG8byDPBX63A==
@@ -199,33 +402,21 @@ resolve@^1.19.0:
     path-parse "^1.0.6"
 
 rollup@^2.38.5:
-  version "2.51.1"
-  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.51.1.tgz#87bcd4095fe79b14c9bec0edc7ffa44e4827f793"
-  integrity sha512-8xfDbAtBleXotb6qKEHWuo/jkn94a9dVqGc7Rwl3sqspCVlnCfbRek7ldhCARSi7h32H0xR4QThm1t9zHN+3uw==
+  version "2.56.0"
+  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.56.0.tgz#daa832955d2b58f1ed52a3c4c85b7d1adaf076d0"
+  integrity sha512-weEafgbjbHCnrtJPNyCrhYnjP62AkF04P0BcV/1mofy1+gytWln4VVB1OK462cq2EAyWzRDpTMheSP/o+quoiA==
   optionalDependencies:
-    fsevents "~2.3.1"
-
-slash@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/slash/-/slash-4.0.0.tgz#2422372176c4c6c5addb5e2ada885af984b396a7"
-  integrity sha512-3dOsAHXXUkQTpOYcoAxLIorMTp4gIQr5IW3iVb7A7lFIp0VHhnynm9izx6TssdrIcVIESAlVjtnO2K8bg+Coew==
+    fsevents "~2.3.2"
 
 source-map-js@^0.6.2:
   version "0.6.2"
   resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-0.6.2.tgz#0bb5de631b41cfbda6cfba8bd05a80efdfd2385e"
   integrity sha512-/3GptzWzu0+0MBQFrDKzw/DvvMTUORvgY6k6jd/VS6iCR4RDTKWH6v6WPwQoUO8667uQEf9Oe38DxAYWY5F/Ug==
 
-source-map@^0.7.3:
-  version "0.7.3"
-  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.7.3.tgz#5302f8169031735226544092e64981f751750383"
-  integrity sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==
-
-supports-color@^7.1.0:
-  version "7.2.0"
-  resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.2.0.tgz#1b7dcdcb32b8138801b3e478ba6a51caa89648da"
-  integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==
-  dependencies:
-    has-flag "^4.0.0"
+sourcemap-codec@^1.4.4:
+  version "1.4.8"
+  resolved "https://registry.yarnpkg.com/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz#ea804bd94857402e6992d05a38ef1ae35a9ab4c4"
+  integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
 
 svelte-apexcharts@^1.0.2:
   version "1.0.2"
@@ -235,21 +426,26 @@ svelte-apexcharts@^1.0.2:
     apexcharts "^3.19.2"
 
 svelte-flatpickr@^3.1.0:
-  version "3.1.1"
-  resolved "https://registry.yarnpkg.com/svelte-flatpickr/-/svelte-flatpickr-3.1.1.tgz#c79da72a4acab252ed39bac8168f30f79db3ff80"
-  integrity sha512-z/sV/AMTqyybeWPCjoWYUOyuMmu9qX2c2f2cRqYos9K9sM5L3CqagtvfVy7GZQrnEYe+K7l/gGDCAyxJNp2+gA==
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/svelte-flatpickr/-/svelte-flatpickr-3.2.0.tgz#7af5455670aa1836db1c286f5c827d9bae7df74c"
+  integrity sha512-4JsPP7xFBPpvGNiFxfbYjv+SrGoGSRMvEdY7c+wHz37PM33NLE+IUmz7FQRNaHyVelmrTyAHPY1CNrI7cmTPhA==
   dependencies:
     flatpickr "^4.5.2"
 
-svelte-hmr@^0.14.2:
-  version "0.14.4"
-  resolved "https://registry.yarnpkg.com/svelte-hmr/-/svelte-hmr-0.14.4.tgz#b7ef2bfeef23916e0e912828c50645ca572ac355"
-  integrity sha512-kItFF7vqzStckSigoFmMnxJpTOdB9TWnQAW6Js+yAB4277tLbJIIE5KBlGHNmJNpA7MguqidsPB27Uw5UzQPCA==
+svelte-hmr@^0.14.7:
+  version "0.14.7"
+  resolved "https://registry.yarnpkg.com/svelte-hmr/-/svelte-hmr-0.14.7.tgz#7fa8261c7b225d9409f0a86f3b9ea5c3ca6f6607"
+  integrity sha512-pDrzgcWSoMaK6AJkBWkmgIsecW0GChxYZSZieIYfCP0v2oPyx2CYU/zm7TBIcjLVUPP714WxmViE9Thht4etog==
+
+svelte-portal@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/svelte-portal/-/svelte-portal-1.0.0.tgz#36a47c5578b1a4d9b4dc60fa32a904640ec4cdd3"
+  integrity sha512-nHf+DS/jZ6jjnZSleBMSaZua9JlG5rZv9lOGKgJuaZStfevtjIlUJrkLc3vbV8QdBvPPVmvcjTlazAzfKu0v3Q==
 
 svelte@^3.38.2:
-  version "3.38.2"
-  resolved "https://registry.yarnpkg.com/svelte/-/svelte-3.38.2.tgz#55e5c681f793ae349b5cc2fe58e5782af4275ef5"
-  integrity sha512-q5Dq0/QHh4BLJyEVWGe7Cej5NWs040LWjMbicBGZ+3qpFWJ1YObRmUDZKbbovddLC9WW7THTj3kYbTOFmU9fbg==
+  version "3.42.1"
+  resolved "https://registry.yarnpkg.com/svelte/-/svelte-3.42.1.tgz#d4b4d9068cce911835f7c6b8ff1d290e1a0b5657"
+  integrity sha512-XtExLd2JAU3T7M2g/DkO3UNj/3n1WdTXrfL63OZ5nZq7nAqd9wQw+lR4Pv/wkVbrWbAIPfLDX47UjFdmnY+YtQ==
 
 svg.draggable.js@^2.2.2:
   version "2.2.2"
@@ -307,13 +503,13 @@ svg.select.js@^3.0.1:
     svg.js "^2.6.5"
 
 vite@^2.1.5:
-  version "2.3.7"
-  resolved "https://registry.yarnpkg.com/vite/-/vite-2.3.7.tgz#3023892419367465e1af1739578f8663d04243b2"
-  integrity sha512-Y0xRz11MPYu/EAvzN94+FsOZHbSvO6FUvHv127CyG7mV6oDoay2bw+g5y9wW3Blf8OY3chaz3nc/DcRe1IQ3Nw==
+  version "2.4.4"
+  resolved "https://registry.yarnpkg.com/vite/-/vite-2.4.4.tgz#8c402a07ad45f168f6eb5428bead38f3e4363e47"
+  integrity sha512-m1wK6pFJKmaYA6AeZIUXyiAgUAAJzVXhIMYCdZUpCaFMGps0v0IlNJtbmPvkUhVEyautalajmnW5X6NboUPsnw==
   dependencies:
-    esbuild "^0.12.5"
-    postcss "^8.3.0"
-    resolve "^1.19.0"
+    esbuild "^0.12.8"
+    postcss "^8.3.6"
+    resolve "^1.20.0"
     rollup "^2.38.5"
   optionalDependencies:
-    fsevents "~2.3.1"
+    fsevents "~2.3.2"
diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json
index 7685401b77..64631a554c 100644
--- a/packages/string-templates/package.json
+++ b/packages/string-templates/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@budibase/string-templates",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "description": "Handlebars wrapper for Budibase templating.",
   "main": "src/index.cjs",
   "module": "dist/bundle.mjs",
diff --git a/packages/string-templates/src/index.cjs b/packages/string-templates/src/index.cjs
index 573ea76f12..05f8c69f5a 100644
--- a/packages/string-templates/src/index.cjs
+++ b/packages/string-templates/src/index.cjs
@@ -126,6 +126,7 @@ module.exports.isValid = string => {
     "object",
     "array",
     "cannot read property",
+    "undefined",
   ]
   // this is a portion of a specific string always output by handlebars in the case of a syntax error
   const invalidCases = [`expecting '`]
diff --git a/packages/worker/.gitignore b/packages/worker/.gitignore
index 713d5006da..0467f6a505 100644
--- a/packages/worker/.gitignore
+++ b/packages/worker/.gitignore
@@ -1,2 +1,3 @@
 node_modules/
 .env
+watchtower-hook.json
\ No newline at end of file
diff --git a/packages/worker/Dockerfile b/packages/worker/Dockerfile
index 76b35dfdd0..517e24678f 100644
--- a/packages/worker/Dockerfile
+++ b/packages/worker/Dockerfile
@@ -1,5 +1,10 @@
 FROM node:12-alpine
 
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-check="scripts/watchtower-hooks/pre-check.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.pre-update="scripts/watchtower-hooks/pre-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-update="scripts/watchtower-hooks/post-update.sh"
+LABEL com.centurylinklabs.watchtower.lifecycle.post-check="scripts/watchtower-hooks/post-check.sh"
+
 WORKDIR /app
 
 # copy files and install dependencies
diff --git a/packages/worker/package.json b/packages/worker/package.json
index 720ceb30a4..7a37301b44 100644
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@budibase/worker",
   "email": "hi@budibase.com",
-  "version": "0.9.115",
+  "version": "0.9.116-alpha.0",
   "description": "Budibase background service",
   "main": "src/index.js",
   "repository": {
@@ -16,13 +16,15 @@
     "build:docker": "docker build . -t worker-service",
     "dev:stack:init": "node ./scripts/dev/manage.js init",
     "dev:builder": "npm run dev:stack:init && nodemon src/index.js",
-    "test": "jest --runInBand"
+    "test": "jest --runInBand",
+    "multi:enable": "node scripts/multiTenancy.js enable",
+    "multi:disable": "node scripts/multiTenancy.js disable"
   },
   "author": "Budibase",
   "license": "AGPL-3.0-or-later",
   "dependencies": {
-    "@budibase/auth": "^0.9.115",
-    "@budibase/string-templates": "^0.9.115",
+    "@budibase/auth": "^0.9.116-alpha.0",
+    "@budibase/string-templates": "^0.9.116-alpha.0",
     "@koa/router": "^8.0.0",
     "@techpass/passport-openidconnect": "^0.3.0",
     "aws-sdk": "^2.811.0",
@@ -52,7 +54,8 @@
     "jest": "^26.6.3",
     "nodemon": "^2.0.7",
     "pouchdb-adapter-memory": "^7.2.2",
-    "supertest": "^6.1.3"
+    "supertest": "^6.1.3",
+    "update-dotenv": "^1.1.1"
   },
   "jest": {
     "testEnvironment": "node",
diff --git a/packages/worker/scripts/dev/manage.js b/packages/worker/scripts/dev/manage.js
index b9d28b6278..3879bbeaae 100644
--- a/packages/worker/scripts/dev/manage.js
+++ b/packages/worker/scripts/dev/manage.js
@@ -4,26 +4,30 @@ const fs = require("fs")
 
 async function init() {
   const envFilePath = path.join(process.cwd(), ".env")
-  const envFileJson = {
-    SELF_HOSTED: 1,
-    PORT: 4002,
-    CLUSTER_PORT: 10000,
-    JWT_SECRET: "testsecret",
-    INTERNAL_API_KEY: "budibase",
-    MINIO_ACCESS_KEY: "budibase",
-    MINIO_SECRET_KEY: "budibase",
-    COUCH_DB_USER: "budibase",
-    COUCH_DB_PASSWORD: "budibase",
-    REDIS_URL: "localhost:6379",
-    REDIS_PASSWORD: "budibase",
-    MINIO_URL: "http://localhost:10000/",
-    COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
+  if (!fs.existsSync(envFilePath)) {
+    const envFileJson = {
+      SELF_HOSTED: 1,
+      PORT: 4002,
+      CLUSTER_PORT: 10000,
+      JWT_SECRET: "testsecret",
+      INTERNAL_API_KEY: "budibase",
+      MINIO_ACCESS_KEY: "budibase",
+      MINIO_SECRET_KEY: "budibase",
+      REDIS_URL: "localhost:6379",
+      REDIS_PASSWORD: "budibase",
+      MINIO_URL: "http://localhost:10000/",
+      COUCH_DB_URL: "http://budibase:budibase@localhost:10000/db/",
+      COUCH_DB_USERNAME: "budibase",
+      COUCH_DB_PASSWORD: "budibase",
+      // empty string is false
+      MULTI_TENANCY: "",
+    }
+    let envFile = ""
+    Object.keys(envFileJson).forEach(key => {
+      envFile += `${key}=${envFileJson[key]}\n`
+    })
+    fs.writeFileSync(envFilePath, envFile)
   }
-  let envFile = ""
-  Object.keys(envFileJson).forEach(key => {
-    envFile += `${key}=${envFileJson[key]}\n`
-  })
-  fs.writeFileSync(envFilePath, envFile)
 }
 
 // if more than init required use this to determine the command type
diff --git a/packages/worker/scripts/jestSetup.js b/packages/worker/scripts/jestSetup.js
index 07648f693f..374edfb946 100644
--- a/packages/worker/scripts/jestSetup.js
+++ b/packages/worker/scripts/jestSetup.js
@@ -3,3 +3,4 @@ const env = require("../src/environment")
 env._set("NODE_ENV", "jest")
 env._set("JWT_SECRET", "test-jwtsecret")
 env._set("LOG_LEVEL", "silent")
+env._set("MULTI_TENANCY", true)
diff --git a/packages/worker/scripts/multiTenancy.js b/packages/worker/scripts/multiTenancy.js
new file mode 100644
index 0000000000..3921a78979
--- /dev/null
+++ b/packages/worker/scripts/multiTenancy.js
@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+const updateDotEnv = require("update-dotenv")
+
+const arg = process.argv.slice(2)[0]
+
+updateDotEnv({
+  MULTI_TENANCY: arg === "enable" ? "1" : "",
+}).then(() => console.log("Updated worker!"))
diff --git a/packages/worker/scripts/watchtower-hooks/post-check.sh b/packages/worker/scripts/watchtower-hooks/post-check.sh
new file mode 100755
index 0000000000..df95917d98
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/post-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/post-update.sh b/packages/worker/scripts/watchtower-hooks/post-update.sh
new file mode 100755
index 0000000000..fe57719781
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/post-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "post-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/pre-check.sh b/packages/worker/scripts/watchtower-hooks/pre-check.sh
new file mode 100755
index 0000000000..ffaa41ad5f
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/pre-check.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-check" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/scripts/watchtower-hooks/pre-update.sh b/packages/worker/scripts/watchtower-hooks/pre-update.sh
new file mode 100755
index 0000000000..4584d96fc9
--- /dev/null
+++ b/packages/worker/scripts/watchtower-hooks/pre-update.sh
@@ -0,0 +1 @@
+echo '{ "current-hook" : "pre-update" }' > 'watchtower-hook.json'
\ No newline at end of file
diff --git a/packages/worker/src/api/controllers/app.js b/packages/worker/src/api/controllers/app.js
index e3dbaf5f1a..287f129ad0 100644
--- a/packages/worker/src/api/controllers/app.js
+++ b/packages/worker/src/api/controllers/app.js
@@ -1,22 +1,12 @@
-const { DocumentTypes, getAllDbs } = require("@budibase/auth").db
+const { getAllApps } = require("@budibase/auth/db")
 const CouchDB = require("../../db")
 
-const APP_PREFIX = "app_"
 const URL_REGEX_SLASH = /\/|\\/g
 
 exports.getApps = async ctx => {
-  const dbs = await getAllDbs()
-  const appDbNames = dbs.filter(dbName => dbName.startsWith(APP_PREFIX))
-  const appPromises = appDbNames.map(db =>
-    new CouchDB(db, { skip_setup: true }).get(DocumentTypes.APP_METADATA)
-  )
-
-  const apps = await Promise.allSettled(appPromises)
+  const apps = await getAllApps(CouchDB, { dev: true })
   const body = {}
   for (let app of apps) {
-    if (app.status !== "fulfilled") {
-      continue
-    }
     app = app.value
     let url = app.url || encodeURI(`${app.name}`)
     url = `/${url.replace(URL_REGEX_SLASH, "")}`
diff --git a/packages/worker/src/api/controllers/admin/auth.js b/packages/worker/src/api/controllers/global/auth.js
similarity index 80%
rename from packages/worker/src/api/controllers/admin/auth.js
rename to packages/worker/src/api/controllers/global/auth.js
index 3cdfc1b774..2ae0bbafea 100644
--- a/packages/worker/src/api/controllers/admin/auth.js
+++ b/packages/worker/src/api/controllers/global/auth.js
@@ -2,15 +2,31 @@ const authPkg = require("@budibase/auth")
 const { google } = require("@budibase/auth/src/middleware")
 const { oidc } = require("@budibase/auth/src/middleware")
 const { Configs, EmailTemplatePurpose } = require("../../../constants")
-const CouchDB = require("../../../db")
 const { sendEmail, isEmailConfigured } = require("../../../utilities/email")
 const { setCookie, getCookie, clearCookie, getGlobalUserByEmail, hash } =
   authPkg.utils
 const { Cookies } = authPkg.constants
 const { passport } = authPkg.auth
 const { checkResetPasswordCode } = require("../../../utilities/redis")
+const {
+  getGlobalDB,
+  getTenantId,
+  isMultiTenant,
+} = require("@budibase/auth/tenancy")
+const env = require("../../../environment")
 
-const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
+function googleCallbackUrl(config) {
+  // incase there is a callback URL from before
+  if (config && config.callbackURL) {
+    return config.callbackURL
+  }
+  let callbackUrl = `/api/global/auth`
+  if (isMultiTenant()) {
+    callbackUrl += `/${getTenantId()}`
+  }
+  callbackUrl += `/google/callback`
+  return callbackUrl
+}
 
 async function authInternal(ctx, user, err = null, info = null) {
   if (err) {
@@ -66,6 +82,7 @@ exports.reset = async ctx => {
       })
     }
   } catch (err) {
+    console.log(err)
     // don't throw any kind of error to the user, this might give away something
   }
   ctx.body = {
@@ -80,7 +97,7 @@ exports.resetUpdate = async ctx => {
   const { resetCode, password } = ctx.request.body
   try {
     const userId = await checkResetPasswordCode(resetCode)
-    const db = new CouchDB(GLOBAL_DB)
+    const db = getGlobalDB()
     const user = await db.get(userId)
     user.password = await hash(password)
     await db.put(user)
@@ -102,12 +119,14 @@ exports.logout = async ctx => {
  * On a successful login, you will be redirected to the googleAuth callback route.
  */
 exports.googlePreAuth = async (ctx, next) => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
+
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.GOOGLE,
-    group: ctx.query.group,
+    workspace: ctx.query.workspace,
   })
-  const strategy = await google.strategyFactory(config)
+  let callbackUrl = googleCallbackUrl(config)
+  const strategy = await google.strategyFactory(config, callbackUrl)
 
   return passport.authenticate(strategy, {
     scope: ["profile", "email"],
@@ -115,13 +134,14 @@ exports.googlePreAuth = async (ctx, next) => {
 }
 
 exports.googleAuth = async (ctx, next) => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.GOOGLE,
-    group: ctx.query.group,
+    workspace: ctx.query.workspace,
   })
-  const strategy = await google.strategyFactory(config)
+  const callbackUrl = googleCallbackUrl(config)
+  const strategy = await google.strategyFactory(config, callbackUrl)
 
   return passport.authenticate(
     strategy,
@@ -135,8 +155,7 @@ exports.googleAuth = async (ctx, next) => {
 }
 
 async function oidcStrategyFactory(ctx, configId) {
-  const db = new CouchDB(GLOBAL_DB)
-
+  const db = getGlobalDB()
   const config = await authPkg.db.getScopedConfig(db, {
     type: Configs.OIDC,
     group: ctx.query.group,
@@ -144,9 +163,12 @@ async function oidcStrategyFactory(ctx, configId) {
 
   const chosenConfig = config.configs.filter(c => c.uuid === configId)[0]
 
-  // require https callback in production
-  const protocol = process.env.NODE_ENV === "production" ? "https" : "http"
-  const callbackUrl = `${protocol}://${ctx.host}/api/admin/auth/oidc/callback`
+  const protocol = env.NODE_ENV === "production" ? "https" : "http"
+  let callbackUrl = `${protocol}://${ctx.host}/api/global/auth`
+  if (isMultiTenant()) {
+    callbackUrl += `/${getTenantId()}`
+  }
+  callbackUrl += `/oidc/callback`
 
   return oidc.strategyFactory(chosenConfig, callbackUrl)
 }
diff --git a/packages/worker/src/api/controllers/admin/configs.js b/packages/worker/src/api/controllers/global/configs.js
similarity index 74%
rename from packages/worker/src/api/controllers/admin/configs.js
rename to packages/worker/src/api/controllers/global/configs.js
index 0b90d8fb5a..1208fda485 100644
--- a/packages/worker/src/api/controllers/admin/configs.js
+++ b/packages/worker/src/api/controllers/global/configs.js
@@ -1,29 +1,25 @@
-const CouchDB = require("../../../db")
 const {
   generateConfigID,
-  StaticDatabases,
   getConfigParams,
   getGlobalUserParams,
   getScopedFullConfig,
-  getAllDbs,
-} = require("@budibase/auth").db
+  getAllApps,
+} = require("@budibase/auth/db")
 const { Configs } = require("../../../constants")
 const email = require("../../../utilities/email")
 const { upload, ObjectStoreBuckets } = require("@budibase/auth").objectStore
-
-const APP_PREFIX = "app_"
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const CouchDB = require("../../../db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
-  const { type, group, user, config } = ctx.request.body
+  const db = getGlobalDB()
+  const { type, workspace, user, config } = ctx.request.body
 
   // Config does not exist yet
   if (!ctx.request.body._id) {
     ctx.request.body._id = generateConfigID({
       type,
-      group,
+      workspace,
       user,
     })
   }
@@ -52,7 +48,7 @@ exports.save = async function (ctx) {
 }
 
 exports.fetch = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getConfigParams(
       { type: ctx.params.type },
@@ -66,17 +62,19 @@ exports.fetch = async function (ctx) {
 
 /**
  * Gets the most granular config for a particular configuration type.
- * The hierarchy is type -> group -> user.
+ * The hierarchy is type -> workspace -> user.
  */
 exports.find = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
-  const { userId, groupId } = ctx.query
-  if (groupId && userId) {
-    const group = await db.get(groupId)
-    const userInGroup = group.users.some(groupUser => groupUser === userId)
-    if (!ctx.user.admin && !userInGroup) {
-      ctx.throw(400, `User is not in specified group: ${group}.`)
+  const { userId, workspaceId } = ctx.query
+  if (workspaceId && userId) {
+    const workspace = await db.get(workspaceId)
+    const userInWorkspace = workspace.users.some(
+      workspaceUser => workspaceUser === userId
+    )
+    if (!ctx.user.admin && !userInWorkspace) {
+      ctx.throw(400, `User is not in specified workspace: ${workspace}.`)
     }
   }
 
@@ -85,7 +83,7 @@ exports.find = async function (ctx) {
     const scopedConfig = await getScopedFullConfig(db, {
       type: ctx.params.type,
       user: userId,
-      group: groupId,
+      workspace: workspaceId,
     })
 
     if (scopedConfig) {
@@ -100,7 +98,7 @@ exports.find = async function (ctx) {
 }
 
 exports.publicOidc = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   try {
     // Find the config with the most granular scope based on context
     const oidcConfig = await getScopedFullConfig(db, {
@@ -110,14 +108,11 @@ exports.publicOidc = async function (ctx) {
     if (!oidcConfig) {
       ctx.body = {}
     } else {
-      const partialOidcCofig = oidcConfig.config.configs.map(config => {
-        return {
-          logo: config.logo,
-          name: config.name,
-          uuid: config.uuid,
-        }
-      })
-      ctx.body = partialOidcCofig
+      ctx.body = oidcConfig.config.configs.map(config => ({
+        logo: config.logo,
+        name: config.name,
+        uuid: config.uuid,
+      }))
     }
   } catch (err) {
     ctx.throw(err.status, err)
@@ -125,7 +120,7 @@ exports.publicOidc = async function (ctx) {
 }
 
 exports.publicSettings = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   try {
     // Find the config with the most granular scope based on context
@@ -141,7 +136,7 @@ exports.publicSettings = async function (ctx) {
       type: Configs.OIDC,
     })
 
-    let config = {}
+    let config
     if (!publicConfig) {
       config = {
         config: {},
@@ -152,18 +147,16 @@ exports.publicSettings = async function (ctx) {
 
     // google button flag
     if (googleConfig && googleConfig.config) {
-      const googleActivated =
-        googleConfig.config.activated == undefined || // activated by default for configs pre-activated flag
-        googleConfig.config.activated
-      config.config.google = googleActivated
+      // activated by default for configs pre-activated flag
+      config.config.google =
+        googleConfig.config.activated == null || googleConfig.config.activated
     } else {
       config.config.google = false
     }
 
     // oidc button flag
     if (oidcConfig && oidcConfig.config) {
-      const oidcActivated = oidcConfig.config.configs[0].activated
-      config.config.oidc = oidcActivated
+      config.config.oidc = oidcConfig.config.configs[0].activated
     } else {
       config.config.oidc = false
     }
@@ -192,7 +185,7 @@ exports.upload = async function (ctx) {
 
   // add to configuration structure
   // TODO: right now this only does a global level
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let cfgStructure = await getScopedFullConfig(db, { type })
   if (!cfgStructure) {
     cfgStructure = {
@@ -212,7 +205,7 @@ exports.upload = async function (ctx) {
 }
 
 exports.destroy = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const { id, rev } = ctx.params
 
   try {
@@ -224,14 +217,13 @@ exports.destroy = async function (ctx) {
 }
 
 exports.configChecklist = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
 
   try {
     // TODO: Watch get started video
 
     // Apps exist
-    let dbs = await getAllDbs()
-    const appDbNames = dbs.filter(dbName => dbName.startsWith(APP_PREFIX))
+    const apps = await getAllApps(CouchDB, { idsOnly: true })
 
     // They have set up SMTP
     const smtpConfig = await getScopedFullConfig(db, {
@@ -247,7 +239,7 @@ exports.configChecklist = async function (ctx) {
     const oidcConfig = await getScopedFullConfig(db, {
       type: Configs.OIDC,
     })
-    // They have set up an admin user
+    // They have set up an global user
     const users = await db.allDocs(
       getGlobalUserParams(null, {
         include_docs: true,
@@ -256,7 +248,7 @@ exports.configChecklist = async function (ctx) {
     const adminUser = users.rows.some(row => row.doc.admin)
 
     ctx.body = {
-      apps: appDbNames.length,
+      apps: apps.length,
       smtp: !!smtpConfig,
       adminUser,
       sso: !!googleConfig || !!oidcConfig,
diff --git a/packages/worker/src/api/controllers/admin/email.js b/packages/worker/src/api/controllers/global/email.js
similarity index 58%
rename from packages/worker/src/api/controllers/admin/email.js
rename to packages/worker/src/api/controllers/global/email.js
index 6e16fd060c..57b78a6d7a 100644
--- a/packages/worker/src/api/controllers/admin/email.js
+++ b/packages/worker/src/api/controllers/global/email.js
@@ -1,19 +1,16 @@
 const { sendEmail } = require("../../../utilities/email")
-const CouchDB = require("../../../db")
-const authPkg = require("@budibase/auth")
-
-const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.sendEmail = async ctx => {
-  const { groupId, email, userId, purpose, contents, from, subject } =
+  let { workspaceId, email, userId, purpose, contents, from, subject } =
     ctx.request.body
   let user
   if (userId) {
-    const db = new CouchDB(GLOBAL_DB)
+    const db = getGlobalDB()
     user = await db.get(userId)
   }
   const response = await sendEmail(email, purpose, {
-    groupId,
+    workspaceId,
     user,
     contents,
     from,
diff --git a/packages/worker/src/api/controllers/admin/roles.js b/packages/worker/src/api/controllers/global/roles.js
similarity index 90%
rename from packages/worker/src/api/controllers/admin/roles.js
rename to packages/worker/src/api/controllers/global/roles.js
index 3cd99f8c4f..1aae07241e 100644
--- a/packages/worker/src/api/controllers/admin/roles.js
+++ b/packages/worker/src/api/controllers/global/roles.js
@@ -7,8 +7,9 @@ const {
 const CouchDB = require("../../../db")
 
 exports.fetch = async ctx => {
+  const tenantId = ctx.user.tenantId
   // always use the dev apps as they'll be most up to date (true)
-  const apps = await getAllApps({ CouchDB, all: true })
+  const apps = await getAllApps(CouchDB, { tenantId, all: true })
   const promises = []
   for (let app of apps) {
     // use dev app IDs
diff --git a/packages/worker/src/api/controllers/admin/sessions.js b/packages/worker/src/api/controllers/global/sessions.js
similarity index 100%
rename from packages/worker/src/api/controllers/admin/sessions.js
rename to packages/worker/src/api/controllers/global/sessions.js
diff --git a/packages/worker/src/api/controllers/admin/templates.js b/packages/worker/src/api/controllers/global/templates.js
similarity index 86%
rename from packages/worker/src/api/controllers/admin/templates.js
rename to packages/worker/src/api/controllers/global/templates.js
index ab9c52cb5a..0dc2b8abab 100644
--- a/packages/worker/src/api/controllers/admin/templates.js
+++ b/packages/worker/src/api/controllers/global/templates.js
@@ -1,16 +1,14 @@
-const { generateTemplateID, StaticDatabases } = require("@budibase/auth").db
-const CouchDB = require("../../../db")
+const { generateTemplateID } = require("@budibase/auth/db")
 const {
   TemplateMetadata,
   TemplateBindings,
   GLOBAL_OWNER,
 } = require("../../../constants")
 const { getTemplates } = require("../../../constants/templates")
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let template = ctx.request.body
   if (!template.ownerId) {
     template.ownerId = GLOBAL_OWNER
@@ -70,7 +68,7 @@ exports.find = async ctx => {
 }
 
 exports.destroy = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   await db.remove(ctx.params.id, ctx.params.rev)
   ctx.message = `Template ${ctx.params.id} deleted.`
   ctx.status = 200
diff --git a/packages/worker/src/api/controllers/admin/users.js b/packages/worker/src/api/controllers/global/users.js
similarity index 64%
rename from packages/worker/src/api/controllers/admin/users.js
rename to packages/worker/src/api/controllers/global/users.js
index f524379266..24b00fe3a6 100644
--- a/packages/worker/src/api/controllers/admin/users.js
+++ b/packages/worker/src/api/controllers/global/users.js
@@ -1,17 +1,30 @@
-const CouchDB = require("../../../db")
-const { generateGlobalUserID, getGlobalUserParams, StaticDatabases } =
-  require("@budibase/auth").db
+const {
+  generateGlobalUserID,
+  getGlobalUserParams,
+
+  StaticDatabases,
+} = require("@budibase/auth/db")
 const { hash, getGlobalUserByEmail } = require("@budibase/auth").utils
 const { UserStatus, EmailTemplatePurpose } = require("../../../constants")
+const { DEFAULT_TENANT_ID } = require("@budibase/auth/constants")
 const { checkInviteCode } = require("../../../utilities/redis")
 const { sendEmail } = require("../../../utilities/email")
 const { user: userCache } = require("@budibase/auth/cache")
 const { invalidateSessions } = require("@budibase/auth/sessions")
+const CouchDB = require("../../../db")
+const env = require("../../../environment")
+const {
+  getGlobalDB,
+  getTenantId,
+  doesTenantExist,
+  tryAddTenant,
+  updateTenantId,
+} = require("@budibase/auth/tenancy")
 
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
 
 async function allUsers() {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getGlobalUserParams(null, {
       include_docs: true,
@@ -20,16 +33,21 @@ async function allUsers() {
   return response.rows.map(row => row.doc)
 }
 
-exports.save = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
-  const { email, password, _id } = ctx.request.body
-
+async function saveUser(user, tenantId) {
+  if (!tenantId) {
+    throw "No tenancy specified."
+  }
+  // need to set the context for this request, as specified
+  updateTenantId(tenantId)
+  // specify the tenancy incase we're making a new admin user (public)
+  const db = getGlobalDB(tenantId)
+  let { email, password, _id } = user
   // make sure another user isn't using the same email
   let dbUser
   if (email) {
     dbUser = await getGlobalUserByEmail(email)
     if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) {
-      ctx.throw(400, "Email address already in use.")
+      throw "Email address already in use."
     }
   } else {
     dbUser = await db.get(_id)
@@ -42,14 +60,16 @@ exports.save = async ctx => {
   } else if (dbUser) {
     hashedPassword = dbUser.password
   } else {
-    ctx.throw(400, "Password must be specified.")
+    throw "Password must be specified."
   }
 
-  let user = {
+  _id = _id || generateGlobalUserID()
+  user = {
     ...dbUser,
-    ...ctx.request.body,
-    _id: _id || generateGlobalUserID(),
+    ...user,
+    _id,
     password: hashedPassword,
+    tenantId,
   }
   // make sure the roles object is always present
   if (!user.roles) {
@@ -64,23 +84,37 @@ exports.save = async ctx => {
       password: hashedPassword,
       ...user,
     })
+    await tryAddTenant(tenantId, _id, email)
     await userCache.invalidateUser(response.id)
-    ctx.body = {
+    return {
       _id: response.id,
       _rev: response.rev,
       email,
     }
   } catch (err) {
     if (err.status === 409) {
-      ctx.throw(400, "User exists already")
+      throw "User exists already"
     } else {
-      ctx.throw(err.status, err)
+      throw err
     }
   }
 }
 
+exports.save = async ctx => {
+  try {
+    ctx.body = await saveUser(ctx.request.body, getTenantId())
+  } catch (err) {
+    ctx.throw(err.status || 400, err)
+  }
+}
+
 exports.adminUser = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const { email, password, tenantId } = ctx.request.body
+  if (await doesTenantExist(tenantId)) {
+    ctx.throw(403, "Organisation already exists.")
+  }
+
+  const db = getGlobalDB(tenantId)
   const response = await db.allDocs(
     getGlobalUserParams(null, {
       include_docs: true,
@@ -88,11 +122,13 @@ exports.adminUser = async ctx => {
   )
 
   if (response.rows.some(row => row.doc.admin)) {
-    ctx.throw(403, "You cannot initialise once an admin user has been created.")
+    ctx.throw(
+      403,
+      "You cannot initialise once an global user has been created."
+    )
   }
 
-  const { email, password } = ctx.request.body
-  ctx.request.body = {
+  const user = {
     email: email,
     password: password,
     roles: {},
@@ -102,12 +138,17 @@ exports.adminUser = async ctx => {
     admin: {
       global: true,
     },
+    tenantId,
+  }
+  try {
+    ctx.body = await saveUser(user, tenantId)
+  } catch (err) {
+    ctx.throw(err.status || 400, err)
   }
-  await exports.save(ctx)
 }
 
 exports.destroy = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const dbUser = await db.get(ctx.params.id)
   await db.remove(dbUser._id, dbUser._rev)
   await userCache.invalidateUser(dbUser._id)
@@ -119,8 +160,8 @@ exports.destroy = async ctx => {
 
 exports.removeAppRole = async ctx => {
   const { appId } = ctx.params
-  const db = new CouchDB(GLOBAL_DB)
-  const users = await allUsers()
+  const db = getGlobalDB()
+  const users = await allUsers(ctx)
   const bulk = []
   const cacheInvalidations = []
   for (let user of users) {
@@ -149,7 +190,7 @@ exports.getSelf = async ctx => {
 }
 
 exports.updateSelf = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const user = await db.get(ctx.user._id)
   if (ctx.request.body.password) {
     ctx.request.body.password = await hash(ctx.request.body.password)
@@ -170,7 +211,7 @@ exports.updateSelf = async ctx => {
 
 // called internally by app server user fetch
 exports.fetch = async ctx => {
-  const users = await allUsers()
+  const users = await allUsers(ctx)
   // user hashed password shouldn't ever be returned
   for (let user of users) {
     if (user) {
@@ -182,7 +223,7 @@ exports.fetch = async ctx => {
 
 // called internally by app server user find
 exports.find = async ctx => {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   let user
   try {
     user = await db.get(ctx.params.id)
@@ -196,12 +237,38 @@ exports.find = async ctx => {
   ctx.body = user
 }
 
+exports.tenantLookup = async ctx => {
+  const id = ctx.params.id
+  // lookup, could be email or userId, either will return a doc
+  const db = new CouchDB(PLATFORM_INFO_DB)
+  let tenantId = null
+  try {
+    const doc = await db.get(id)
+    if (doc && doc.tenantId) {
+      tenantId = doc.tenantId
+    }
+  } catch (err) {
+    if (!env.MULTI_TENANCY) {
+      tenantId = DEFAULT_TENANT_ID
+    } else {
+      ctx.throw(400, "No tenant found.")
+    }
+  }
+  ctx.body = {
+    tenantId,
+  }
+}
+
 exports.invite = async ctx => {
-  const { email, userInfo } = ctx.request.body
+  let { email, userInfo } = ctx.request.body
   const existing = await getGlobalUserByEmail(email)
   if (existing) {
     ctx.throw(400, "Email address already in use.")
   }
+  if (!userInfo) {
+    userInfo = {}
+  }
+  userInfo.tenantId = getTenantId()
   await sendEmail(email, EmailTemplatePurpose.INVITATION, {
     subject: "{{ company }} platform invitation",
     info: userInfo,
@@ -214,18 +281,18 @@ exports.invite = async ctx => {
 exports.inviteAccept = async ctx => {
   const { inviteCode, password, firstName, lastName } = ctx.request.body
   try {
-    // info is an extension of the user object that was stored by admin
+    // info is an extension of the user object that was stored by global
     const { email, info } = await checkInviteCode(inviteCode)
-    // only pass through certain props for accepting
-    ctx.request.body = {
-      firstName,
-      lastName,
-      password,
-      email,
-      ...info,
-    }
-    // this will flesh out the body response
-    await exports.save(ctx)
+    ctx.body = await saveUser(
+      {
+        firstName,
+        lastName,
+        password,
+        email,
+        ...info,
+      },
+      info.tenantId
+    )
   } catch (err) {
     ctx.throw(400, "Unable to create new user, invitation invalid.")
   }
diff --git a/packages/worker/src/api/controllers/admin/groups.js b/packages/worker/src/api/controllers/global/workspaces.js
similarity index 53%
rename from packages/worker/src/api/controllers/admin/groups.js
rename to packages/worker/src/api/controllers/global/workspaces.js
index 330fb38282..95a1ec296d 100644
--- a/packages/worker/src/api/controllers/admin/groups.js
+++ b/packages/worker/src/api/controllers/global/workspaces.js
@@ -1,20 +1,17 @@
-const CouchDB = require("../../../db")
-const { getGroupParams, generateGroupID, StaticDatabases } =
-  require("@budibase/auth").db
-
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
+const { getWorkspaceParams, generateWorkspaceID } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.save = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
-  const groupDoc = ctx.request.body
+  const db = getGlobalDB()
+  const workspaceDoc = ctx.request.body
 
-  // Group does not exist yet
-  if (!groupDoc._id) {
-    groupDoc._id = generateGroupID()
+  // workspace does not exist yet
+  if (!workspaceDoc._id) {
+    workspaceDoc._id = generateWorkspaceID()
   }
 
   try {
-    const response = await db.post(groupDoc)
+    const response = await db.post(workspaceDoc)
     ctx.body = {
       _id: response.id,
       _rev: response.rev,
@@ -25,9 +22,9 @@ exports.save = async function (ctx) {
 }
 
 exports.fetch = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const response = await db.allDocs(
-    getGroupParams(undefined, {
+    getWorkspaceParams(undefined, {
       include_docs: true,
     })
   )
@@ -35,7 +32,7 @@ exports.fetch = async function (ctx) {
 }
 
 exports.find = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   try {
     ctx.body = await db.get(ctx.params.id)
   } catch (err) {
@@ -44,12 +41,12 @@ exports.find = async function (ctx) {
 }
 
 exports.destroy = async function (ctx) {
-  const db = new CouchDB(GLOBAL_DB)
+  const db = getGlobalDB()
   const { id, rev } = ctx.params
 
   try {
     await db.remove(id, rev)
-    ctx.body = { message: "Group deleted successfully" }
+    ctx.body = { message: "Workspace deleted successfully" }
   } catch (err) {
     ctx.throw(err.status, err)
   }
diff --git a/packages/worker/src/api/controllers/system/flags.js b/packages/worker/src/api/controllers/system/flags.js
new file mode 100644
index 0000000000..b439c9ee3a
--- /dev/null
+++ b/packages/worker/src/api/controllers/system/flags.js
@@ -0,0 +1,8 @@
+const env = require("../../../environment")
+
+exports.fetch = async ctx => {
+  ctx.body = {
+    multiTenancy: !!env.MULTI_TENANCY,
+    sandbox: !!env.SANDBOX,
+  }
+}
diff --git a/packages/worker/src/api/controllers/system/tenants.js b/packages/worker/src/api/controllers/system/tenants.js
new file mode 100644
index 0000000000..e053216dd9
--- /dev/null
+++ b/packages/worker/src/api/controllers/system/tenants.js
@@ -0,0 +1,33 @@
+const CouchDB = require("../../../db")
+const { StaticDatabases } = require("@budibase/auth/db")
+
+exports.exists = async ctx => {
+  const tenantId = ctx.request.params
+  const db = new CouchDB(StaticDatabases.PLATFORM_INFO.name)
+  let exists = false
+  try {
+    const tenantsDoc = await db.get(StaticDatabases.PLATFORM_INFO.docs.tenants)
+    if (tenantsDoc) {
+      exists = tenantsDoc.tenantIds.indexOf(tenantId) !== -1
+    }
+  } catch (err) {
+    // if error it doesn't exist
+  }
+  ctx.body = {
+    exists,
+  }
+}
+
+exports.fetch = async ctx => {
+  const db = new CouchDB(StaticDatabases.PLATFORM_INFO.name)
+  let tenants = []
+  try {
+    const tenantsDoc = await db.get(StaticDatabases.PLATFORM_INFO.docs.tenants)
+    if (tenantsDoc) {
+      tenants = tenantsDoc.tenantIds
+    }
+  } catch (err) {
+    // if error it doesn't exist
+  }
+  ctx.body = tenants
+}
diff --git a/packages/worker/src/api/index.js b/packages/worker/src/api/index.js
index 39ae320cc6..7ee933c14a 100644
--- a/packages/worker/src/api/index.js
+++ b/packages/worker/src/api/index.js
@@ -2,55 +2,60 @@ const Router = require("@koa/router")
 const compress = require("koa-compress")
 const zlib = require("zlib")
 const { routes } = require("./routes")
-const { buildAuthMiddleware, auditLog } = require("@budibase/auth").auth
+const { buildAuthMiddleware, auditLog, buildTenancyMiddleware } =
+  require("@budibase/auth").auth
 
 const PUBLIC_ENDPOINTS = [
-  {
-    route: "/api/admin/users/init",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/users/invite/accept",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/auth",
-    method: "POST",
-  },
-  {
-    route: "/api/admin/auth/google",
-    method: "GET",
-  },
+  // old deprecated endpoints kept for backwards compat
   {
     route: "/api/admin/auth/google/callback",
     method: "GET",
   },
-  {
-    route: "/api/admin/auth/oidc",
-    method: "GET",
-  },
   {
     route: "/api/admin/auth/oidc/callback",
     method: "GET",
   },
   {
-    route: "/api/admin/auth/reset",
+    // this covers all of the POST auth routes
+    route: "/api/global/auth/:tenantId",
     method: "POST",
   },
   {
-    route: "/api/admin/configs/checklist",
+    // this covers all of the GET auth routes
+    route: "/api/global/auth/:tenantId",
     method: "GET",
   },
   {
-    route: "/api/apps",
+    // this covers all of the public config routes
+    route: "/api/global/configs/public",
     method: "GET",
   },
   {
-    route: "/api/admin/configs/public",
+    route: "/api/global/configs/checklist",
     method: "GET",
   },
   {
-    route: "/api/admin/configs/publicOidc",
+    route: "/api/global/users/init",
+    method: "POST",
+  },
+  {
+    route: "/api/global/users/invite/accept",
+    method: "POST",
+  },
+  {
+    route: "api/system/flags",
+    method: "GET",
+  },
+]
+
+const NO_TENANCY_ENDPOINTS = [
+  ...PUBLIC_ENDPOINTS,
+  {
+    route: "/api/system",
+    method: "ALL",
+  },
+  {
+    route: "/api/global/users/self",
     method: "GET",
   },
 ]
@@ -71,9 +76,10 @@ router
   )
   .use("/health", ctx => (ctx.status = 200))
   .use(buildAuthMiddleware(PUBLIC_ENDPOINTS))
+  .use(buildTenancyMiddleware(PUBLIC_ENDPOINTS, NO_TENANCY_ENDPOINTS))
   // for now no public access is allowed to worker (bar health check)
   .use((ctx, next) => {
-    if (!ctx.isAuthenticated) {
+    if (!ctx.isAuthenticated && !ctx.publicEndpoint) {
       ctx.throw(403, "Unauthorized - no public worker access")
     }
     return next()
diff --git a/packages/worker/src/api/routes/admin/auth.js b/packages/worker/src/api/routes/admin/auth.js
deleted file mode 100644
index 9a7ef5ebac..0000000000
--- a/packages/worker/src/api/routes/admin/auth.js
+++ /dev/null
@@ -1,45 +0,0 @@
-const Router = require("@koa/router")
-const authController = require("../../controllers/admin/auth")
-const joiValidator = require("../../../middleware/joi-validator")
-const Joi = require("joi")
-
-const router = Router()
-
-function buildAuthValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    username: Joi.string().required(),
-    password: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-function buildResetValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    email: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-function buildResetUpdateValidation() {
-  // prettier-ignore
-  return joiValidator.body(Joi.object({
-    resetCode: Joi.string().required(),
-    password: Joi.string().required(),
-  }).required().unknown(false))
-}
-
-router
-  .post("/api/admin/auth", buildAuthValidation(), authController.authenticate)
-  .post("/api/admin/auth/reset", buildResetValidation(), authController.reset)
-  .post(
-    "/api/admin/auth/reset/update",
-    buildResetUpdateValidation(),
-    authController.resetUpdate
-  )
-  .post("/api/admin/auth/logout", authController.logout)
-  .get("/api/admin/auth/google", authController.googlePreAuth)
-  .get("/api/admin/auth/google/callback", authController.googleAuth)
-  .get("/api/admin/auth/oidc/configs/:configId", authController.oidcPreAuth)
-  .get("/api/admin/auth/oidc/callback", authController.oidcAuth)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/admin/roles.js b/packages/worker/src/api/routes/admin/roles.js
deleted file mode 100644
index 2deef6b3fe..0000000000
--- a/packages/worker/src/api/routes/admin/roles.js
+++ /dev/null
@@ -1,11 +0,0 @@
-const Router = require("@koa/router")
-const controller = require("../../controllers/admin/roles")
-const adminOnly = require("../../../middleware/adminOnly")
-
-const router = Router()
-
-router
-  .get("/api/admin/roles", adminOnly, controller.fetch)
-  .get("/api/admin/roles/:appId", adminOnly, controller.find)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/admin/sessions.js b/packages/worker/src/api/routes/admin/sessions.js
deleted file mode 100644
index 9cf5f58f8b..0000000000
--- a/packages/worker/src/api/routes/admin/sessions.js
+++ /dev/null
@@ -1,14 +0,0 @@
-const Router = require("@koa/router")
-const controller = require("../../controllers/admin/sessions")
-const adminOnly = require("../../../middleware/adminOnly")
-
-const router = Router()
-
-router
-  .get("/api/admin/sessions", adminOnly, controller.fetch)
-  .get("/api/admin/sessions/self", controller.selfSessions)
-  .get("/api/admin/sessions/:userId", adminOnly, controller.find)
-  .delete("/api/admin/sessions/:userId", adminOnly, controller.invalidateUser)
-  .delete("/api/admin/sessions/self/:sessionId", controller.invalidateSession)
-
-module.exports = router
diff --git a/packages/worker/src/api/routes/global/auth.js b/packages/worker/src/api/routes/global/auth.js
new file mode 100644
index 0000000000..5e39f79135
--- /dev/null
+++ b/packages/worker/src/api/routes/global/auth.js
@@ -0,0 +1,83 @@
+const Router = require("@koa/router")
+const authController = require("../../controllers/global/auth")
+const joiValidator = require("../../../middleware/joi-validator")
+const Joi = require("joi")
+const { updateTenantId } = require("@budibase/auth/tenancy")
+
+const router = Router()
+
+function buildAuthValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    username: Joi.string().required(),
+    password: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function buildResetValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    email: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function buildResetUpdateValidation() {
+  // prettier-ignore
+  return joiValidator.body(Joi.object({
+    resetCode: Joi.string().required(),
+    password: Joi.string().required(),
+  }).required().unknown(false))
+}
+
+function updateTenant(ctx, next) {
+  if (ctx.params) {
+    updateTenantId(ctx.params.tenantId)
+  }
+  return next()
+}
+
+router
+  .post(
+    "/api/global/auth/:tenantId/login",
+    buildAuthValidation(),
+    updateTenant,
+    authController.authenticate
+  )
+  .post(
+    "/api/global/auth/:tenantId/reset",
+    buildResetValidation(),
+    updateTenant,
+    authController.reset
+  )
+  .post(
+    "/api/global/auth/:tenantId/reset/update",
+    buildResetUpdateValidation(),
+    updateTenant,
+    authController.resetUpdate
+  )
+  .post("/api/global/auth/logout", authController.logout)
+  .get(
+    "/api/global/auth/:tenantId/google",
+    updateTenant,
+    authController.googlePreAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/google/callback",
+    updateTenant,
+    authController.googleAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/oidc/configs/:configId",
+    updateTenant,
+    authController.oidcPreAuth
+  )
+  .get(
+    "/api/global/auth/:tenantId/oidc/callback",
+    updateTenant,
+    authController.oidcAuth
+  )
+  // deprecated - used by the default system before tenancy
+  .get("/api/admin/auth/google/callback", authController.googleAuth)
+  .get("/api/admin/auth/oidc/callback", authController.oidcAuth)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/admin/configs.js b/packages/worker/src/api/routes/global/configs.js
similarity index 82%
rename from packages/worker/src/api/routes/admin/configs.js
rename to packages/worker/src/api/routes/global/configs.js
index 6873d82757..f6cac4d3b2 100644
--- a/packages/worker/src/api/routes/admin/configs.js
+++ b/packages/worker/src/api/routes/global/configs.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/configs")
+const controller = require("../../controllers/global/configs")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
@@ -37,7 +37,6 @@ function googleValidation() {
   return Joi.object({
     clientID: Joi.string().required(),
     clientSecret: Joi.string().required(),
-    callbackURL: Joi.string().required(),
     activated: Joi.boolean().required(),
   }).unknown(true)
 }
@@ -64,7 +63,7 @@ function buildConfigSaveValidation() {
   return joiValidator.body(Joi.object({
     _id: Joi.string().optional(),
     _rev: Joi.string().optional(),
-    group: Joi.string().optional(),
+    workspace: Joi.string().optional(),
     type: Joi.string().valid(...Object.values(Configs)).required(),
     config: Joi.alternatives()
       .conditional("type", {
@@ -97,24 +96,24 @@ function buildConfigGetValidation() {
 
 router
   .post(
-    "/api/admin/configs",
+    "/api/global/configs",
     adminOnly,
     buildConfigSaveValidation(),
     controller.save
   )
-  .delete("/api/admin/configs/:id/:rev", adminOnly, controller.destroy)
-  .get("/api/admin/configs", controller.fetch)
-  .get("/api/admin/configs/checklist", controller.configChecklist)
+  .delete("/api/global/configs/:id/:rev", adminOnly, controller.destroy)
+  .get("/api/global/configs", controller.fetch)
+  .get("/api/global/configs/checklist", controller.configChecklist)
   .get(
-    "/api/admin/configs/all/:type",
+    "/api/global/configs/all/:type",
     buildConfigGetValidation(),
     controller.fetch
   )
-  .get("/api/admin/configs/public", controller.publicSettings)
-  .get("/api/admin/configs/publicOidc", controller.publicOidc)
-  .get("/api/admin/configs/:type", buildConfigGetValidation(), controller.find)
+  .get("/api/global/configs/public", controller.publicSettings)
+  .get("/api/global/configs/public/oidc", controller.publicOidc)
+  .get("/api/global/configs/:type", buildConfigGetValidation(), controller.find)
   .post(
-    "/api/admin/configs/upload/:type/:name",
+    "/api/global/configs/upload/:type/:name",
     adminOnly,
     buildUploadValidation(),
     controller.upload
diff --git a/packages/worker/src/api/routes/admin/email.js b/packages/worker/src/api/routes/global/email.js
similarity index 80%
rename from packages/worker/src/api/routes/admin/email.js
rename to packages/worker/src/api/routes/global/email.js
index a36dc5de91..fecbc02cd7 100644
--- a/packages/worker/src/api/routes/admin/email.js
+++ b/packages/worker/src/api/routes/global/email.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/email")
+const controller = require("../../controllers/global/email")
 const { EmailTemplatePurpose } = require("../../../constants")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
@@ -12,15 +12,15 @@ function buildEmailSendValidation() {
   return joiValidator.body(Joi.object({
     email: Joi.string().email(),
     purpose: Joi.string().valid(...Object.values(EmailTemplatePurpose)),
-    groupId: Joi.string().allow("", null),
-    fromt: Joi.string().allow("", null),
+    workspaceId: Joi.string().allow("", null),
+    from: Joi.string().allow("", null),
     contents: Joi.string().allow("", null),
     subject: Joi.string().allow("", null),
   }).required().unknown(true))
 }
 
 router.post(
-  "/api/admin/email/send",
+  "/api/global/email/send",
   buildEmailSendValidation(),
   adminOnly,
   controller.sendEmail
diff --git a/packages/worker/src/api/routes/global/roles.js b/packages/worker/src/api/routes/global/roles.js
new file mode 100644
index 0000000000..c73fb317cf
--- /dev/null
+++ b/packages/worker/src/api/routes/global/roles.js
@@ -0,0 +1,11 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/global/roles")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/global/roles", adminOnly, controller.fetch)
+  .get("/api/global/roles/:appId", adminOnly, controller.find)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/global/sessions.js b/packages/worker/src/api/routes/global/sessions.js
new file mode 100644
index 0000000000..5ba6747e68
--- /dev/null
+++ b/packages/worker/src/api/routes/global/sessions.js
@@ -0,0 +1,14 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/global/sessions")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/global/sessions", adminOnly, controller.fetch)
+  .get("/api/global/sessions/self", controller.selfSessions)
+  .get("/api/global/sessions/:userId", adminOnly, controller.find)
+  .delete("/api/global/sessions/:userId", adminOnly, controller.invalidateUser)
+  .delete("/api/global/sessions/self/:sessionId", controller.invalidateSession)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/admin/templates.js b/packages/worker/src/api/routes/global/templates.js
similarity index 66%
rename from packages/worker/src/api/routes/admin/templates.js
rename to packages/worker/src/api/routes/global/templates.js
index 52ab24878b..e4580d444c 100644
--- a/packages/worker/src/api/routes/admin/templates.js
+++ b/packages/worker/src/api/routes/global/templates.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/templates")
+const controller = require("../../controllers/global/templates")
 const joiValidator = require("../../../middleware/joi-validator")
 const Joi = require("joi")
 const { TemplatePurpose, TemplateTypes } = require("../../../constants")
@@ -21,17 +21,17 @@ function buildTemplateSaveValidation() {
 }
 
 router
-  .get("/api/admin/template/definitions", controller.definitions)
+  .get("/api/global/template/definitions", controller.definitions)
   .post(
-    "/api/admin/template",
+    "/api/global/template",
     adminOnly,
     buildTemplateSaveValidation(),
     controller.save
   )
-  .get("/api/admin/template", controller.fetch)
-  .get("/api/admin/template/:type", controller.fetchByType)
-  .get("/api/admin/template/:ownerId", controller.fetchByOwner)
-  .get("/api/admin/template/:id", controller.find)
-  .delete("/api/admin/template/:id/:rev", adminOnly, controller.destroy)
+  .get("/api/global/template", controller.fetch)
+  .get("/api/global/template/:type", controller.fetchByType)
+  .get("/api/global/template/:ownerId", controller.fetchByOwner)
+  .get("/api/global/template/:id", controller.find)
+  .delete("/api/global/template/:id/:rev", adminOnly, controller.destroy)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/admin/users.js b/packages/worker/src/api/routes/global/users.js
similarity index 71%
rename from packages/worker/src/api/routes/admin/users.js
rename to packages/worker/src/api/routes/global/users.js
index e302725232..8359835952 100644
--- a/packages/worker/src/api/routes/admin/users.js
+++ b/packages/worker/src/api/routes/global/users.js
@@ -1,5 +1,5 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/users")
+const controller = require("../../controllers/global/users")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
@@ -11,6 +11,7 @@ function buildAdminInitValidation() {
     Joi.object({
       email: Joi.string().required(),
       password: Joi.string().required(),
+      tenantId: Joi.string().required(),
     })
       .required()
       .unknown(false)
@@ -61,39 +62,40 @@ function buildInviteAcceptValidation() {
 
 router
   .post(
-    "/api/admin/users",
+    "/api/global/users",
     adminOnly,
     buildUserSaveValidation(),
     controller.save
   )
-  .get("/api/admin/users", adminOnly, controller.fetch)
-  .delete("/api/admin/roles/:appId", adminOnly, controller.removeAppRole)
-  .delete("/api/admin/users/:id", adminOnly, controller.destroy)
-  .get("/api/admin/roles/:appId")
+  .get("/api/global/users", adminOnly, controller.fetch)
+  .delete("/api/global/roles/:appId", adminOnly, controller.removeAppRole)
+  .delete("/api/global/users/:id", adminOnly, controller.destroy)
+  .get("/api/global/roles/:appId")
   .post(
-    "/api/admin/users/invite",
+    "/api/global/users/invite",
     adminOnly,
     buildInviteValidation(),
     controller.invite
   )
-  // non-admin endpoints
+  // non-global endpoints
   .post(
-    "/api/admin/users/self",
+    "/api/global/users/self",
     buildUserSaveValidation(true),
     controller.updateSelf
   )
   .post(
-    "/api/admin/users/invite/accept",
+    "/api/global/users/invite/accept",
     buildInviteAcceptValidation(),
     controller.inviteAccept
   )
   .post(
-    "/api/admin/users/init",
+    "/api/global/users/init",
     buildAdminInitValidation(),
     controller.adminUser
   )
-  .get("/api/admin/users/self", controller.getSelf)
-  // admin endpoint but needs to come at end (blocks other endpoints otherwise)
-  .get("/api/admin/users/:id", adminOnly, controller.find)
+  .get("/api/global/users/self", controller.getSelf)
+  .get("/api/global/users/tenant/:id", adminOnly, controller.tenantLookup)
+  // global endpoint but needs to come at end (blocks other endpoints otherwise)
+  .get("/api/global/users/:id", adminOnly, controller.find)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/admin/groups.js b/packages/worker/src/api/routes/global/workspaces.js
similarity index 68%
rename from packages/worker/src/api/routes/admin/groups.js
rename to packages/worker/src/api/routes/global/workspaces.js
index 4611e67079..cab76b7763 100644
--- a/packages/worker/src/api/routes/admin/groups.js
+++ b/packages/worker/src/api/routes/global/workspaces.js
@@ -1,12 +1,12 @@
 const Router = require("@koa/router")
-const controller = require("../../controllers/admin/groups")
+const controller = require("../../controllers/global/workspaces")
 const joiValidator = require("../../../middleware/joi-validator")
 const adminOnly = require("../../../middleware/adminOnly")
 const Joi = require("joi")
 
 const router = Router()
 
-function buildGroupSaveValidation() {
+function buildWorkspaceSaveValidation() {
   // prettier-ignore
   return joiValidator.body(Joi.object({
     _id: Joi.string().optional(),
@@ -26,13 +26,13 @@ function buildGroupSaveValidation() {
 
 router
   .post(
-    "/api/admin/groups",
+    "/api/global/workspaces",
     adminOnly,
-    buildGroupSaveValidation(),
+    buildWorkspaceSaveValidation(),
     controller.save
   )
-  .get("/api/admin/groups", controller.fetch)
-  .delete("/api/admin/groups/:id", adminOnly, controller.destroy)
-  .get("/api/admin/groups/:id", controller.find)
+  .delete("/api/global/workspaces/:id", adminOnly, controller.destroy)
+  .get("/api/global/workspaces", controller.fetch)
+  .get("/api/global/workspaces/:id", controller.find)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/index.js b/packages/worker/src/api/routes/index.js
index 21ec324880..a4ed4d7da4 100644
--- a/packages/worker/src/api/routes/index.js
+++ b/packages/worker/src/api/routes/index.js
@@ -1,21 +1,25 @@
-const userRoutes = require("./admin/users")
-const configRoutes = require("./admin/configs")
-const groupRoutes = require("./admin/groups")
-const templateRoutes = require("./admin/templates")
-const emailRoutes = require("./admin/email")
-const authRoutes = require("./admin/auth")
-const roleRoutes = require("./admin/roles")
-const sessionRoutes = require("./admin/sessions")
+const userRoutes = require("./global/users")
+const configRoutes = require("./global/configs")
+const workspaceRoutes = require("./global/workspaces")
+const templateRoutes = require("./global/templates")
+const emailRoutes = require("./global/email")
+const authRoutes = require("./global/auth")
+const roleRoutes = require("./global/roles")
+const sessionRoutes = require("./global/sessions")
+const flagRoutes = require("./system/flags")
+const tenantsRoutes = require("./system/tenants")
 const appRoutes = require("./app")
 
 exports.routes = [
   configRoutes,
   userRoutes,
-  groupRoutes,
+  workspaceRoutes,
   authRoutes,
   appRoutes,
   templateRoutes,
+  tenantsRoutes,
   emailRoutes,
   sessionRoutes,
   roleRoutes,
+  flagRoutes,
 ]
diff --git a/packages/worker/src/api/routes/system/flags.js b/packages/worker/src/api/routes/system/flags.js
new file mode 100644
index 0000000000..f2f5c5712f
--- /dev/null
+++ b/packages/worker/src/api/routes/system/flags.js
@@ -0,0 +1,8 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/system/flags")
+
+const router = Router()
+
+router.get("/api/system/flags", controller.fetch)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/system/tenants.js b/packages/worker/src/api/routes/system/tenants.js
new file mode 100644
index 0000000000..223ba9f26e
--- /dev/null
+++ b/packages/worker/src/api/routes/system/tenants.js
@@ -0,0 +1,11 @@
+const Router = require("@koa/router")
+const controller = require("../../controllers/system/tenants")
+const adminOnly = require("../../../middleware/adminOnly")
+
+const router = Router()
+
+router
+  .get("/api/system/tenants/:tenantId/exists", controller.exists)
+  .get("/api/system/tenants", adminOnly, controller.fetch)
+
+module.exports = router
diff --git a/packages/worker/src/api/routes/tests/auth.spec.js b/packages/worker/src/api/routes/tests/auth.spec.js
index ceccf7edaf..dacff30ce3 100644
--- a/packages/worker/src/api/routes/tests/auth.spec.js
+++ b/packages/worker/src/api/routes/tests/auth.spec.js
@@ -1,10 +1,11 @@
 const setup = require("./utilities")
-const { Cookies } = require("@budibase/auth").constants
+
+const TENANT_ID = "default"
 
 jest.mock("nodemailer")
 const sendMailMock = setup.emailMock()
 
-describe("/api/admin/auth", () => {
+describe("/api/global/auth", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
   let code
@@ -25,7 +26,7 @@ describe("/api/admin/auth", () => {
     await config.saveSettingsConfig()
     await config.createUser("test@test.com")
     const res = await request
-      .post(`/api/admin/auth/reset`)
+      .post(`/api/global/auth/${TENANT_ID}/reset`)
       .send({
         email: "test@test.com",
       })
@@ -35,14 +36,14 @@ describe("/api/admin/auth", () => {
     expect(sendMailMock).toHaveBeenCalled()
     const emailCall = sendMailMock.mock.calls[0][0]
     // after this URL there should be a code
-    const parts = emailCall.html.split("http://localhost:10000/builder/auth/reset?code=")
-    code = parts[1].split("\"")[0]
+    const parts = emailCall.html.split(`http://localhost:10000/builder/auth/reset?code=`)
+    code = parts[1].split("\"")[0].split("&")[0]
     expect(code).toBeDefined()
   })
 
   it("should allow resetting user password with code", async () => {
     const res = await request
-      .post(`/api/admin/auth/reset/update`)
+      .post(`/api/global/auth/${TENANT_ID}/reset/update`)
       .send({
         password: "newpassword",
         resetCode: code,
@@ -75,13 +76,13 @@ describe("/api/admin/auth", () => {
     afterEach(() => {
       expect(strategyFactory).toBeCalledWith(
         chosenConfig, 
-        `http://127.0.0.1:4003/api/admin/auth/oidc/callback` // calculated url
+        `http://127.0.0.1:4003/api/global/auth/${TENANT_ID}/oidc/callback` // calculated url
       )
     })
 
-    describe("/api/admin/auth/oidc/configs", () => {
+    describe("oidc configs", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc/configs/${configId}`)
+        await request.get(`/api/global/auth/${TENANT_ID}/oidc/configs/${configId}`)
 
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
           scope: ["profile", "email"],
@@ -90,9 +91,9 @@ describe("/api/admin/auth", () => {
       })
     })
 
-    describe("/api/admin/auth/oidc/callback", () => {
+    describe("oidc callback", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc/callback`)
+        await request.get(`/api/global/auth/${TENANT_ID}/oidc/callback`)
                      .set(config.getOIDConfigCookie(configId))
       
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
diff --git a/packages/worker/src/api/routes/tests/configs.spec.js b/packages/worker/src/api/routes/tests/configs.spec.js
index 13ba2bd3bc..10feb77b37 100644
--- a/packages/worker/src/api/routes/tests/configs.spec.js
+++ b/packages/worker/src/api/routes/tests/configs.spec.js
@@ -1,30 +1,27 @@
 const setup = require("./utilities")
 
 // mock the email system
-const sendMailMock = jest.fn()
 jest.mock("nodemailer")
 const nodemailer = require("nodemailer")
 nodemailer.createTransport.mockReturnValue({
   verify: jest.fn()
 })
 
-describe("/api/admin/configs/checklist", () => {
+describe("/api/global/configs/checklist", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
   beforeAll(async () => {
-    await config.init(false)
+    await config.init()
   })
 
   afterAll(setup.afterAll)
 
   it("should return the correct checklist status based on the state of the budibase installation", async () => {
-    // initially configure settings
-    await config.saveAdminUser()
     await config.saveSmtpConfig()
 
     const res = await request
-      .get(`/api/admin/configs/checklist`)
+      .get(`/api/global/configs/checklist`)
       .set(config.defaultHeaders())
       .expect("Content-Type", /json/)
       .expect(200)
diff --git a/packages/worker/src/api/routes/tests/email.spec.js b/packages/worker/src/api/routes/tests/email.spec.js
index 797b0326ed..c8c93658f7 100644
--- a/packages/worker/src/api/routes/tests/email.spec.js
+++ b/packages/worker/src/api/routes/tests/email.spec.js
@@ -1,5 +1,6 @@
 const setup = require("./utilities")
 const { EmailTemplatePurpose } = require("../../../constants")
+const { TENANT_ID } = require("./utilities/structures")
 
 // mock the email system
 const sendMailMock = jest.fn()
@@ -10,7 +11,7 @@ nodemailer.createTransport.mockReturnValue({
   verify: jest.fn()
 })
 
-describe("/api/admin/email", () => {
+describe("/api/global/email", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
@@ -25,10 +26,11 @@ describe("/api/admin/email", () => {
     await config.saveSmtpConfig()
     await config.saveSettingsConfig()
     const res = await request
-      .post(`/api/admin/email/send`)
+      .post(`/api/global/email/send`)
       .send({
         email: "test@test.com",
         purpose: EmailTemplatePurpose.INVITATION,
+        tenantId: TENANT_ID,
       })
       .set(config.defaultHeaders())
       .expect("Content-Type", /json/)
diff --git a/packages/worker/src/api/routes/tests/realEmail.spec.js b/packages/worker/src/api/routes/tests/realEmail.spec.js
index acc0c7acc9..845e31d911 100644
--- a/packages/worker/src/api/routes/tests/realEmail.spec.js
+++ b/packages/worker/src/api/routes/tests/realEmail.spec.js
@@ -6,7 +6,7 @@ const fetch = require("node-fetch")
 // need a longer timeout for getting these
 jest.setTimeout(30000)
 
-describe("/api/admin/email", () => {
+describe("/api/global/email", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
 
@@ -21,7 +21,7 @@ describe("/api/admin/email", () => {
     await config.saveSettingsConfig()
     const user = await config.getUser("test@test.com")
     const res = await request
-      .post(`/api/admin/email/send`)
+      .post(`/api/global/email/send`)
       .send({
         email: "test@test.com",
         purpose,
diff --git a/packages/worker/src/api/routes/tests/users.spec.js b/packages/worker/src/api/routes/tests/users.spec.js
index bf5b67ab1a..f03f9e60be 100644
--- a/packages/worker/src/api/routes/tests/users.spec.js
+++ b/packages/worker/src/api/routes/tests/users.spec.js
@@ -1,9 +1,10 @@
 const setup = require("./utilities")
+const { TENANT_ID } = require("./utilities/structures")
 
 jest.mock("nodemailer")
 const sendMailMock = setup.emailMock()
 
-describe("/api/admin/users", () => {
+describe("/api/global/users", () => {
   let request = setup.getRequest()
   let config = setup.getConfig()
   let code
@@ -19,7 +20,7 @@ describe("/api/admin/users", () => {
     await config.saveSmtpConfig()
     await config.saveSettingsConfig()
     const res = await request
-      .post(`/api/admin/users/invite`)
+      .post(`/api/global/users/invite`)
       .send({
         email: "invite@test.com",
       })
@@ -31,13 +32,13 @@ describe("/api/admin/users", () => {
     const emailCall = sendMailMock.mock.calls[0][0]
     // after this URL there should be a code
     const parts = emailCall.html.split("http://localhost:10000/builder/invite?code=")
-    code = parts[1].split("\"")[0]
+    code = parts[1].split("\"")[0].split("&")[0]
     expect(code).toBeDefined()
   })
 
   it("should be able to create new user from invite", async () => {
     const res = await request
-      .post(`/api/admin/users/invite/accept`)
+      .post(`/api/global/users/invite/accept`)
       .send({
         password: "newpassword",
         inviteCode: code,
diff --git a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
index 812dbe51e2..7f84de6b7d 100644
--- a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
+++ b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
@@ -7,6 +7,11 @@ const { Configs, LOGO_URL } = require("../../../../constants")
 const { getGlobalUserByEmail } = require("@budibase/auth").utils
 const { createASession } = require("@budibase/auth/sessions")
 const { newid } = require("../../../../../../auth/src/hashing")
+const { TENANT_ID } = require("./structures")
+const auth = require("@budibase/auth")
+const CouchDB = require("../../../../db")
+const { doInTenant } = require("@budibase/auth/tenancy")
+auth.init(CouchDB)
 
 class TestConfiguration {
   constructor(openServer = true) {
@@ -28,7 +33,7 @@ class TestConfiguration {
     request.cookies = { set: () => {}, get: () => {} }
     request.config = { jwtSecret: env.JWT_SECRET }
     request.appId = this.appId
-    request.user = { appId: this.appId }
+    request.user = { appId: this.appId, tenantId: TENANT_ID }
     request.query = {}
     request.request = {
       body: config,
@@ -36,7 +41,9 @@ class TestConfiguration {
     if (params) {
       request.params = params
     }
-    await controlFunc(request)
+    await doInTenant(TENANT_ID, () => {
+      return controlFunc(request)
+    })
     return request.body
   }
 
@@ -58,8 +65,11 @@ class TestConfiguration {
         null,
         controllers.users.save
       )
-      await createASession("us_uuid1", "sessionid")
     }
+    await createASession("us_uuid1", {
+      sessionId: "sessionid",
+      tenantId: TENANT_ID,
+    })
   }
 
   async end() {
@@ -79,6 +89,7 @@ class TestConfiguration {
       _id: "us_uuid1",
       userId: "us_uuid1",
       sessionId: "sessionid",
+      tenantId: TENANT_ID,
     }
     const authToken = jwt.sign(user, env.JWT_SECRET)
     return {
@@ -88,7 +99,9 @@ class TestConfiguration {
   }
 
   async getUser(email) {
-    return getGlobalUserByEmail(email)
+    return doInTenant(TENANT_ID, () => {
+      return getGlobalUserByEmail(email)
+    })
   }
 
   async createUser(email = "test@test.com", password = "test") {
@@ -152,7 +165,6 @@ class TestConfiguration {
       {
         type: Configs.GOOGLE,
         config: {
-          callbackURL: "http://somecallbackurl",
           clientID: "clientId",
           clientSecret: "clientSecret",
         },
@@ -231,6 +243,7 @@ class TestConfiguration {
       {
         email: "testuser@test.com",
         password: "test@test.com",
+        tenantId: TENANT_ID,
       },
       null,
       controllers.users.adminUser
diff --git a/packages/worker/src/api/routes/tests/utilities/controllers.js b/packages/worker/src/api/routes/tests/utilities/controllers.js
index b0d2441c0a..45216ae634 100644
--- a/packages/worker/src/api/routes/tests/utilities/controllers.js
+++ b/packages/worker/src/api/routes/tests/utilities/controllers.js
@@ -1,7 +1,7 @@
 module.exports = {
-  email: require("../../../controllers/admin/email"),
-  groups: require("../../../controllers/admin/groups"),
-  config: require("../../../controllers/admin/configs"),
-  templates: require("../../../controllers/admin/templates"),
-  users: require("../../../controllers/admin/users"),
+  email: require("../../../controllers/global/email"),
+  workspaces: require("../../../controllers/global/workspaces"),
+  config: require("../../../controllers/global/configs"),
+  templates: require("../../../controllers/global/templates"),
+  users: require("../../../controllers/global/users"),
 }
diff --git a/packages/worker/src/api/routes/tests/utilities/structures.js b/packages/worker/src/api/routes/tests/utilities/structures.js
new file mode 100644
index 0000000000..16701ac3d7
--- /dev/null
+++ b/packages/worker/src/api/routes/tests/utilities/structures.js
@@ -0,0 +1 @@
+exports.TENANT_ID = "default"
diff --git a/packages/worker/src/constants/index.js b/packages/worker/src/constants/index.js
index 231ff37ee2..a2bc818674 100644
--- a/packages/worker/src/constants/index.js
+++ b/packages/worker/src/constants/index.js
@@ -8,10 +8,6 @@ exports.UserStatus = {
   INACTIVE: "inactive",
 }
 
-exports.Groups = {
-  ALL_USERS: "all_users",
-}
-
 exports.Configs = Configs
 
 exports.ConfigUploads = {
diff --git a/packages/worker/src/constants/templates/index.js b/packages/worker/src/constants/templates/index.js
index c677f504c4..ac5427ba1f 100644
--- a/packages/worker/src/constants/templates/index.js
+++ b/packages/worker/src/constants/templates/index.js
@@ -6,8 +6,8 @@ const {
   GLOBAL_OWNER,
 } = require("../index")
 const { join } = require("path")
-const CouchDB = require("../../db")
-const { getTemplateParams, StaticDatabases } = require("@budibase/auth").db
+const { getTemplateParams } = require("@budibase/auth/db")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 exports.EmailTemplates = {
   [EmailTemplatePurpose.PASSWORD_RECOVERY]: readStaticFile(
@@ -50,7 +50,7 @@ exports.addBaseTemplates = (templates, type = null) => {
 }
 
 exports.getTemplates = async ({ ownerId, type, id } = {}) => {
-  const db = new CouchDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   const response = await db.allDocs(
     getTemplateParams(ownerId || GLOBAL_OWNER, id, {
       include_docs: true,
diff --git a/packages/worker/src/db/index.js b/packages/worker/src/db/index.js
index d6d035cff1..632e19280d 100644
--- a/packages/worker/src/db/index.js
+++ b/packages/worker/src/db/index.js
@@ -1,9 +1,10 @@
 const PouchDB = require("pouchdb")
 const allDbs = require("pouchdb-all-dbs")
 const env = require("../environment")
+const { getCouchUrl } = require("@budibase/auth/db")
 
 // level option is purely for testing (development)
-const COUCH_DB_URL = env.COUCH_DB_URL || "http://localhost:10000/db/"
+const COUCH_DB_URL = getCouchUrl() || "http://localhost:10000/db/"
 
 let POUCH_DB_DEFAULTS = {
   prefix: COUCH_DB_URL,
diff --git a/packages/worker/src/environment.js b/packages/worker/src/environment.js
index 384230b9b3..07549331ea 100644
--- a/packages/worker/src/environment.js
+++ b/packages/worker/src/environment.js
@@ -17,6 +17,7 @@ if (!LOADED && isDev() && !isTest()) {
 }
 
 module.exports = {
+  NODE_ENV: process.env.NODE_ENV,
   SELF_HOSTED: process.env.SELF_HOSTED,
   PORT: process.env.PORT,
   CLUSTER_PORT: process.env.CLUSTER_PORT,
@@ -30,9 +31,8 @@ module.exports = {
   REDIS_URL: process.env.REDIS_URL,
   REDIS_PASSWORD: process.env.REDIS_PASSWORD,
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
-  /* TODO: to remove - once deployment removed */
-  COUCH_DB_USERNAME: process.env.COUCH_DB_USERNAME,
-  COUCH_DB_PASSWORD: process.env.COUCH_DB_PASSWORD,
+  MULTI_TENANCY: process.env.MULTI_TENANCY,
+  SANDBOX: process.env.SANDBOX,
   _set(key, value) {
     process.env[key] = value
     module.exports[key] = value
diff --git a/packages/worker/src/utilities/email.js b/packages/worker/src/utilities/email.js
index dc13bb948a..c32ff05cf5 100644
--- a/packages/worker/src/utilities/email.js
+++ b/packages/worker/src/utilities/email.js
@@ -1,14 +1,13 @@
 const nodemailer = require("nodemailer")
-const CouchDB = require("../db")
-const { StaticDatabases, getScopedConfig } = require("@budibase/auth").db
+const { getScopedConfig } = require("@budibase/auth/db")
 const { EmailTemplatePurpose, TemplateTypes, Configs } = require("../constants")
 const { getTemplateByPurpose } = require("../constants/templates")
 const { getSettingsTemplateContext } = require("./templates")
 const { processString } = require("@budibase/string-templates")
 const { getResetPasswordCode, getInviteCode } = require("../utilities/redis")
+const { getGlobalDB } = require("@budibase/auth/tenancy")
 
 const TEST_MODE = false
-const GLOBAL_DB = StaticDatabases.GLOBAL.name
 const TYPE = TemplateTypes.EMAIL
 
 const FULL_EMAIL_PURPOSES = [
@@ -101,31 +100,30 @@ async function buildEmail(purpose, email, context, { user, contents } = {}) {
 /**
  * Utility function for finding most valid SMTP configuration.
  * @param {object} db The CouchDB database which is to be looked up within.
- * @param {string|null} groupId If using finer grain control of configs a group can be used.
+ * @param {string|null} workspaceId If using finer grain control of configs a workspace can be used.
  * @return {Promise<object|null>} returns the SMTP configuration if it exists
  */
-async function getSmtpConfiguration(db, groupId = null) {
+async function getSmtpConfiguration(db, workspaceId = null) {
   const params = {
     type: Configs.SMTP,
   }
-  if (groupId) {
-    params.group = groupId
+  if (workspaceId) {
+    params.workspace = workspaceId
   }
   return getScopedConfig(db, params)
 }
 
 /**
  * Checks if a SMTP config exists based on passed in parameters.
- * @param groupId
  * @return {Promise<boolean>} returns true if there is a configuration that can be used.
  */
-exports.isEmailConfigured = async (groupId = null) => {
+exports.isEmailConfigured = async (workspaceId = null) => {
   // when "testing" simply return true
   if (TEST_MODE) {
     return true
   }
-  const db = new CouchDB(GLOBAL_DB)
-  const config = await getSmtpConfiguration(db, groupId)
+  const db = getGlobalDB()
+  const config = await getSmtpConfiguration(db, workspaceId)
   return config != null
 }
 
@@ -134,7 +132,7 @@ exports.isEmailConfigured = async (groupId = null) => {
  * send an email using it.
  * @param {string} email The email address to send to.
  * @param {string} purpose The purpose of the email being sent (e.g. reset password).
- * @param {string|undefined} groupId If finer grain controls being used then this will lookup config for group.
+ * @param {string|undefined} workspaceId If finer grain controls being used then this will lookup config for workspace.
  * @param {object|undefined} user If sending to an existing user the object can be provided, this is used in the context.
  * @param {string|undefined} from If sending from an address that is not what is configured in the SMTP config.
  * @param {string|undefined} contents If sending a custom email then can supply contents which will be added to it.
@@ -146,10 +144,10 @@ exports.isEmailConfigured = async (groupId = null) => {
 exports.sendEmail = async (
   email,
   purpose,
-  { groupId, user, from, contents, subject, info } = {}
+  { workspaceId, user, from, contents, subject, info } = {}
 ) => {
-  const db = new CouchDB(GLOBAL_DB)
-  let config = (await getSmtpConfiguration(db, groupId)) || {}
+  const db = getGlobalDB()
+  let config = (await getSmtpConfiguration(db, workspaceId)) || {}
   if (Object.keys(config).length === 0 && !TEST_MODE) {
     throw "Unable to find SMTP configuration."
   }
@@ -160,7 +158,10 @@ exports.sendEmail = async (
   const message = {
     from: from || config.from,
     to: email,
-    html: await buildEmail(purpose, email, context, { user, contents }),
+    html: await buildEmail(purpose, email, context, {
+      user,
+      contents,
+    }),
   }
   if (subject || config.subject) {
     message.subject = await processString(subject || config.subject, context)
diff --git a/packages/worker/src/utilities/redis.js b/packages/worker/src/utilities/redis.js
index 6e55795de1..6dd4491bc4 100644
--- a/packages/worker/src/utilities/redis.js
+++ b/packages/worker/src/utilities/redis.js
@@ -43,8 +43,10 @@ async function getACode(db, code, deleteCode = true) {
 }
 
 exports.init = async () => {
-  pwResetClient = await new Client(utils.Databases.PW_RESETS).init()
-  invitationClient = await new Client(utils.Databases.INVITATIONS).init()
+  pwResetClient = new Client(utils.Databases.PW_RESETS)
+  invitationClient = new Client(utils.Databases.INVITATIONS)
+  await pwResetClient.init()
+  await invitationClient.init()
 }
 
 /**
diff --git a/packages/worker/src/utilities/templates.js b/packages/worker/src/utilities/templates.js
index 3ac897c10f..4dee52b531 100644
--- a/packages/worker/src/utilities/templates.js
+++ b/packages/worker/src/utilities/templates.js
@@ -1,5 +1,4 @@
-const CouchDB = require("../db")
-const { getScopedConfig, StaticDatabases } = require("@budibase/auth").db
+const { getScopedConfig } = require("@budibase/auth/db")
 const {
   Configs,
   InternalTemplateBindings,
@@ -8,12 +7,13 @@ const {
 } = require("../constants")
 const { checkSlashesInUrl } = require("./index")
 const env = require("../environment")
+const { getGlobalDB, addTenantToUrl } = require("@budibase/auth/tenancy")
 
 const LOCAL_URL = `http://localhost:${env.CLUSTER_PORT || 10000}`
 const BASE_COMPANY = "Budibase"
 
 exports.getSettingsTemplateContext = async (purpose, code = null) => {
-  const db = new CouchDB(StaticDatabases.GLOBAL.name)
+  const db = getGlobalDB()
   // TODO: use more granular settings in the future if required
   let settings = (await getScopedConfig(db, { type: Configs.SETTINGS })) || {}
   if (!settings || !settings.platformUrl) {
@@ -27,7 +27,9 @@ exports.getSettingsTemplateContext = async (purpose, code = null) => {
     [InternalTemplateBindings.COMPANY]: settings.company || BASE_COMPANY,
     [InternalTemplateBindings.DOCS_URL]:
       settings.docsUrl || "https://docs.budibase.com/",
-    [InternalTemplateBindings.LOGIN_URL]: checkSlashesInUrl(`${URL}/login`),
+    [InternalTemplateBindings.LOGIN_URL]: checkSlashesInUrl(
+      addTenantToUrl(`${URL}/login`)
+    ),
     [InternalTemplateBindings.CURRENT_DATE]: new Date().toISOString(),
     [InternalTemplateBindings.CURRENT_YEAR]: new Date().getFullYear(),
   }
@@ -36,13 +38,13 @@ exports.getSettingsTemplateContext = async (purpose, code = null) => {
     case EmailTemplatePurpose.PASSWORD_RECOVERY:
       context[InternalTemplateBindings.RESET_CODE] = code
       context[InternalTemplateBindings.RESET_URL] = checkSlashesInUrl(
-        `${URL}/builder/auth/reset?code=${code}`
+        addTenantToUrl(`${URL}/builder/auth/reset?code=${code}`)
       )
       break
     case EmailTemplatePurpose.INVITATION:
       context[InternalTemplateBindings.INVITE_CODE] = code
       context[InternalTemplateBindings.INVITE_URL] = checkSlashesInUrl(
-        `${URL}/builder/invite?code=${code}`
+        addTenantToUrl(`${URL}/builder/invite?code=${code}`)
       )
       break
   }
diff --git a/packages/worker/yarn.lock b/packages/worker/yarn.lock
index 1d4227363f..335e7c6806 100644
--- a/packages/worker/yarn.lock
+++ b/packages/worker/yarn.lock
@@ -5796,6 +5796,11 @@ unset-value@^1.0.0:
     has-value "^0.3.1"
     isobject "^3.0.0"
 
+update-dotenv@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/update-dotenv/-/update-dotenv-1.1.1.tgz#17146f302f216c3c92419d5a327a45be910050ca"
+  integrity sha512-3cIC18In/t0X/yH793c00qqxcKD8jVCgNOPif/fGQkFpYMGecM9YAc+kaAKXuZsM2dE9I9wFI7KvAuNX22SGMQ==
+
 update-notifier@^4.1.0:
   version "4.1.3"
   resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-4.1.3.tgz#be86ee13e8ce48fb50043ff72057b5bd598e1ea3"
diff --git a/scripts/pinVersions.js b/scripts/pinVersions.js
new file mode 100644
index 0000000000..ecc605ad28
--- /dev/null
+++ b/scripts/pinVersions.js
@@ -0,0 +1,37 @@
+const fs = require("fs")
+const path = require("path")
+
+const MONOREPO_ROOT = "packages"
+
+const packages = fs.readdirSync(MONOREPO_ROOT)
+
+function pinDeps(dependencies) {
+	for (let dependency in dependencies) {
+		if (dependency.startsWith("@budibase")) {
+			dependencies[dependency] = dependencies[dependency].replace("^", "")
+		}
+	}
+}
+
+// iterate over the monorepo packages
+for (let pkg of packages) {
+	const pkgPath = path.join(MONOREPO_ROOT, pkg)
+
+	// only directories
+	if (fs.statSync(pkgPath).isDirectory()) {
+
+
+		// get the package JSON file
+		const pkgJsonPath = path.join(pkgPath, "package.json")
+		const pkgJson = require(`../${pkgJsonPath}`)
+
+		// find any budibase dependencies, and pin them
+		pinDeps(pkgJson.dependencies)
+		pinDeps(pkgJson.devDependencies)
+
+		// update the package JSON files
+		fs.writeFileSync(pkgJsonPath, JSON.stringify(pkgJson, null, 2))
+	}
+}
+
+console.log("Pinned dev versions for budibase packages successfully.")
\ No newline at end of file
diff --git a/scripts/release_helm_chart.sh b/scripts/release_helm_chart.sh
new file mode 100755
index 0000000000..b1594cca91
--- /dev/null
+++ b/scripts/release_helm_chart.sh
@@ -0,0 +1,3 @@
+cd docs
+helm package ../hosting/kubernetes/budibase
+helm repo index . --url https://budibase.github.io/budibase
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 553702ffcb..00422fa638 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2448,6 +2448,11 @@ humanize-ms@^1.2.1:
   dependencies:
     ms "^2.0.0"
 
+husky@^7.0.1:
+  version "7.0.1"
+  resolved "https://registry.yarnpkg.com/husky/-/husky-7.0.1.tgz#579f4180b5da4520263e8713cc832942b48e1f1c"
+  integrity sha512-gceRaITVZ+cJH9sNHqx5tFwbzlLCVxtVZcusME8JYQ8Edy5mpGDOqD8QBCdMhpyo9a+JXddnujQ4rpY2Ff9SJA==
+
 iconv-lite@^0.4.24, iconv-lite@~0.4.13:
   version "0.4.24"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"