diff --git a/LICENSE b/LICENSE
index 81e8cb41..9866f46b 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2018-2022 .NET Foundation
+Copyright (c) 2018-2023 .NET Foundation
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/Oqtane.Client/Extensions/OqtaneServiceCollectionExtensions.cs b/Oqtane.Client/Extensions/OqtaneServiceCollectionExtensions.cs
index d34aa575..bc1d4780 100644
--- a/Oqtane.Client/Extensions/OqtaneServiceCollectionExtensions.cs
+++ b/Oqtane.Client/Extensions/OqtaneServiceCollectionExtensions.cs
@@ -49,7 +49,6 @@ namespace Microsoft.Extensions.DependencyInjection
             services.AddScoped<IUrlMappingService, UrlMappingService>();
             services.AddScoped<IVisitorService, VisitorService>();
             services.AddScoped<ISyncService, SyncService>();
-            services.AddScoped<IApiService, ApiService>();
 
             return services;
         }
diff --git a/Oqtane.Client/Modules/Admin/Api/Edit.razor b/Oqtane.Client/Modules/Admin/Api/Edit.razor
deleted file mode 100644
index e451fec8..00000000
--- a/Oqtane.Client/Modules/Admin/Api/Edit.razor
+++ /dev/null
@@ -1,75 +0,0 @@
-@namespace Oqtane.Modules.Admin.Apis
-@inherits ModuleBase
-@inject IApiService ApiService
-@inject NavigationManager NavigationManager
-@inject IStringLocalizer<Edit> Localizer
-@inject IStringLocalizer<SharedResources> SharedLocalizer
-
-<div class="container">
-	<div class="row mb-1 align-items-center">
-		<Label Class="col-sm-3" For="entityname" HelpText="The name of the entity" ResourceKey="EntityName">Entity: </Label>
-		<div class="col-sm-9">
-			<input id="entityname" class="form-control" @bind="@_entityname" readonly />
-		</div>
-	</div>
-	<br />
-	<div class="row mb-1 align-items-center">
-		@if (_permissions != null)
-		{
-			<PermissionGrid EntityName="@_entityname" PermissionNames="@_permissionnames" Permissions="@_permissions" @ref="_permissionGrid" />
-		}
-    </div>
-</div>
-<button type="button" class="btn btn-success" @onclick="SaveModuleDefinition">@SharedLocalizer["Save"]</button>
-<NavLink class="btn btn-secondary" href="@NavigateUrl()">@SharedLocalizer["Cancel"]</NavLink>
-
-@code {
-	private string _entityname;
-	private string _permissionnames;
-	private string _permissions;
-
-#pragma warning disable 649
-	private PermissionGrid _permissionGrid;
-#pragma warning restore 649
-
-	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
-
-	protected override async Task OnInitializedAsync()
-	{
-		try
-		{
-			_entityname = PageState.QueryString["entity"];
-			var api = await ApiService.GetApiAsync(PageState.Site.SiteId, _entityname);
-			if (api != null)
-			{
-				var apis = await ApiService.GetApisAsync(PageState.Site.SiteId);
-				_permissionnames = apis.SingleOrDefault(item => item.EntityName == _entityname).Permissions;
-				_permissions = api.Permissions;
-			}
-		}
-		catch (Exception ex)
-		{
-			await logger.LogError(ex, "Error Loading API {EntityName} {Error}", _entityname, ex.Message);
-			AddModuleMessage(Localizer["Error.Module.Load"], MessageType.Error);
-		}
-	}
-
-	private async Task SaveModuleDefinition()
-	{
-		try
-		{
-			var api = new Api();
-			api.SiteId = PageState.Site.SiteId;
-			api.EntityName = _entityname;
-			api.Permissions = _permissionGrid.GetPermissions();
-			await ApiService.UpdateApiAsync(api);
-			await logger.LogInformation("API Saved {Api}", api);
-			NavigationManager.NavigateTo(NavigateUrl());
-		}
-		catch (Exception ex)
-		{
-			await logger.LogError(ex, "Error Saving Api {EntityName} {Error}", _entityname, ex.Message);
-			AddModuleMessage(Localizer["Error.Module.Save"], MessageType.Error);
-		}
-	}
-}
diff --git a/Oqtane.Client/Modules/Admin/Api/Index.razor b/Oqtane.Client/Modules/Admin/Api/Index.razor
deleted file mode 100644
index 539a8479..00000000
--- a/Oqtane.Client/Modules/Admin/Api/Index.razor
+++ /dev/null
@@ -1,36 +0,0 @@
-@namespace Oqtane.Modules.Admin.Apis
-@inherits ModuleBase
-@inject IApiService ApiService
-@inject IStringLocalizer<Index> Localizer
-@inject IStringLocalizer<SharedResources> SharedLocalizer
-
-@if (_apis == null)
-{
-    <p><em>@SharedLocalizer["Loading"]</em></p>
-}
-else
-{
-    <Pager Items="@_apis">
-        <Header>
-            <th style="width: 1px;">&nbsp;</th>
-            <th>@Localizer["Entity"]</th>
-			<th>@Localizer["Permissions"]</th>
-		</Header>
-        <Row>
-			<td><ActionLink Action="Edit" Parameters="@($"entity=" + context.EntityName)" ResourceKey="Edit" /></td>
-            <td>@context.EntityName</td>
-			<td>@context.Permissions</td>
-		</Row>
-    </Pager>
-}
-
-@code {
-    private List<Api> _apis;
-
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
-
-    protected override async Task OnParametersSetAsync()
-    {
-        _apis = await ApiService.GetApisAsync(PageState.Site.SiteId);
-    }
-}
diff --git a/Oqtane.Client/Modules/Admin/Dashboard/Index.razor b/Oqtane.Client/Modules/Admin/Dashboard/Index.razor
index 97127ba3..e491042a 100644
--- a/Oqtane.Client/Modules/Admin/Dashboard/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Dashboard/Index.razor
@@ -20,13 +20,16 @@
 </div>
 
 @code {
-    private List<Page> _pages;
+	private List<Page> _pages;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous;
 
-    protected override void OnInitialized()
-    {
-        var admin = PageState.Pages.FirstOrDefault(item => item.Path == "admin");
-        _pages = PageState.Pages.Where(item => item.ParentId == admin?.PageId).ToList();
+	protected override void OnInitialized()
+	{
+		var admin = PageState.Pages.FirstOrDefault(item => item.Path == "admin");
+		if (admin != null)
+		{
+			_pages = PageState.Pages.Where(item => item.ParentId == admin?.PageId).ToList();
+		}
     }
 }
diff --git a/Oqtane.Client/Modules/Admin/Login/Index.razor b/Oqtane.Client/Modules/Admin/Login/Index.razor
index d237190b..22fa249f 100644
--- a/Oqtane.Client/Modules/Admin/Login/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Login/Index.razor
@@ -1,3 +1,4 @@
+@using System.Net
 @namespace Oqtane.Modules.Admin.Login
 @inherits ModuleBase
 @inject NavigationManager NavigationManager
@@ -205,7 +206,7 @@
 						var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider
 							.GetService(typeof(IdentityAuthenticationStateProvider));
 						authstateprovider.NotifyAuthenticationChanged();
-						NavigationManager.NavigateTo(NavigateUrl(_returnUrl, true));
+						NavigationManager.NavigateTo(NavigateUrl(WebUtility.UrlDecode(_returnUrl), true));
 					}
 					else
 					{
diff --git a/Oqtane.Client/Modules/Admin/Logs/Index.razor b/Oqtane.Client/Modules/Admin/Logs/Index.razor
index d763a5de..79f2a7b9 100644
--- a/Oqtane.Client/Modules/Admin/Logs/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Logs/Index.razor
@@ -106,12 +106,6 @@ else
 	{
 		try
 		{
-			// external link to log item will display Details component
-			if (PageState.QueryString.ContainsKey("id") && int.TryParse(PageState.QueryString["id"], out int id))
-			{
-				NavigationManager.NavigateTo(EditUrl(PageState.Page.Path, ModuleState.ModuleId, "Detail", $"/{id}"));
-			}
-
 			if (UrlParameters.ContainsKey("level"))
 			{
 				_level = UrlParameters["level"];
@@ -241,4 +235,15 @@ else
 		_page = page;	
 	}
 
+	protected override void OnAfterRender(bool firstRender)
+	{
+		if (firstRender)
+		{
+			// external link to log item will display Details component
+			if (PageState.QueryString.ContainsKey("id") && int.TryParse(PageState.QueryString["id"], out int id))
+			{
+				NavigationManager.NavigateTo(EditUrl(PageState.Page.Path, ModuleState.ModuleId, "Detail", $"/{id}"));
+			}
+		}
+	}
 }
diff --git a/Oqtane.Client/Modules/Admin/ModuleCreator/Index.razor b/Oqtane.Client/Modules/Admin/ModuleCreator/Index.razor
index 65e99da5..bd5689f6 100644
--- a/Oqtane.Client/Modules/Admin/ModuleCreator/Index.razor
+++ b/Oqtane.Client/Modules/Admin/ModuleCreator/Index.razor
@@ -131,7 +131,7 @@ else
 					moduleDefinition = await ModuleDefinitionService.CreateModuleDefinitionAsync(moduleDefinition);
 
 					var settings = await SettingService.GetModuleSettingsAsync(ModuleState.ModuleId);
-					SettingService.SetSetting(settings, "ModuleDefinitionName", moduleDefinition.ModuleDefinitionName);
+					settings = SettingService.SetSetting(settings, "ModuleDefinitionName", moduleDefinition.ModuleDefinitionName);
 					await SettingService.UpdateModuleSettingsAsync(settings, ModuleState.ModuleId);
 
 					GetLocation();
@@ -174,7 +174,7 @@ else
     private bool IsValid(string name)
     {
         // must contain letters, underscores and digits and first character must be letter or underscore
-        return !string.IsNullOrEmpty(name) && name.ToLower() != "module" && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
+		return !string.IsNullOrEmpty(name) && name.ToLower() != "module" && !name.ToLower().Contains("oqtane") && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
     }
 
     private void TemplateChanged(ChangeEventArgs e)
diff --git a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Create.razor b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Create.razor
index 78aac9fa..c1c50169 100644
--- a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Create.razor
+++ b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Create.razor
@@ -139,7 +139,7 @@
     private bool IsValid(string name)
     {
         // must contain letters, underscores and digits and first character must be letter or underscore
-        return !string.IsNullOrEmpty(name) && name.ToLower() != "module" && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
+		return !string.IsNullOrEmpty(name) && name.ToLower() != "module" && !name.ToLower().Contains("oqtane") && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
     }
 
     private void TemplateChanged(ChangeEventArgs e)
diff --git a/Oqtane.Client/Modules/Admin/Pages/Add.razor b/Oqtane.Client/Modules/Admin/Pages/Add.razor
index de004f44..bd0cd704 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Add.razor
@@ -157,7 +157,8 @@
             </TabPanel>
         }
     </TabStrip>
-    <button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
+	<br />
+	<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
     <button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
 </form>
 
diff --git a/Oqtane.Client/Modules/Admin/Pages/Edit.razor b/Oqtane.Client/Modules/Admin/Pages/Edit.razor
index 23db89db..144a4dad 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Edit.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Edit.razor
@@ -148,7 +148,8 @@
                         </div>
                     </div>
                 </Section>
-                <br /><br />
+                <br />
+				<br />
                 <AuditInfo CreatedBy="@_createdby" CreatedOn="@_createdon" ModifiedBy="@_modifiedby" ModifiedOn="@_modifiedon" DeletedBy="@_deletedby" DeletedOn="@_deletedon"></AuditInfo>
             }
         </TabPanel>
@@ -189,7 +190,8 @@
             <br />
         }
     </TabStrip>
-    <button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
+	<br />
+	<button type="button" class="btn btn-success" @onclick="SavePage">@SharedLocalizer["Save"]</button>
     <button type="button" class="btn btn-secondary" @onclick="Cancel">@SharedLocalizer["Cancel"]</button>
 </form>
 
diff --git a/Oqtane.Client/Modules/Admin/Profiles/ModuleInfo.cs b/Oqtane.Client/Modules/Admin/Profiles/ModuleInfo.cs
new file mode 100644
index 00000000..3aac2e6f
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/Profiles/ModuleInfo.cs
@@ -0,0 +1,20 @@
+using Oqtane.Documentation;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Modules.Admin.Profiles
+{
+    [PrivateApi("Mark this as private, since it's not very useful in the public docs")]
+    public class ModuleInfo : IModule
+    {
+        public ModuleDefinition ModuleDefinition => new ModuleDefinition
+        {
+            Name = "Profiles",
+            Description = "Manage Profiles",
+            Categories = "Admin",
+            Version = Constants.Version,
+            PermissionNames = $"{PermissionNames.View},{PermissionNames.Edit}," +
+                $"{EntityNames.Profile}:{PermissionNames.Write}:{RoleNames.Admin}"
+        };
+    }
+}
diff --git a/Oqtane.Client/Modules/Admin/Roles/Add.razor b/Oqtane.Client/Modules/Admin/Roles/Add.razor
index f20a721d..9116cfe7 100644
--- a/Oqtane.Client/Modules/Admin/Roles/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Roles/Add.razor
@@ -42,7 +42,7 @@
     private string _description = string.Empty;
     private string _isautoassigned = "False";
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
     private async Task SaveRole()
     {
diff --git a/Oqtane.Client/Modules/Admin/Roles/Edit.razor b/Oqtane.Client/Modules/Admin/Roles/Edit.razor
index b217acce..3da2f6ad 100644
--- a/Oqtane.Client/Modules/Admin/Roles/Edit.razor
+++ b/Oqtane.Client/Modules/Admin/Roles/Edit.razor
@@ -49,7 +49,7 @@
     private string _modifiedby;
     private DateTime _modifiedon;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
     protected override async Task OnInitializedAsync()
     {
diff --git a/Oqtane.Client/Modules/Admin/Roles/Index.razor b/Oqtane.Client/Modules/Admin/Roles/Index.razor
index 2bb4ac87..6677548d 100644
--- a/Oqtane.Client/Modules/Admin/Roles/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Roles/Index.razor
@@ -10,7 +10,7 @@
 }
 else
 {
-    <ActionLink Action="Add" Text="Add Role" ResourceKey="AddRole" />
+	<ActionLink Action="Add" Text="Add Role" Security="SecurityAccessLevel.Edit" ResourceKey="AddRole" />
 
     <Pager Items="@_roles">
         <Header>
@@ -20,9 +20,9 @@ else
             <th>@SharedLocalizer["Name"]</th>
         </Header>
         <Row>
-            <td><ActionLink Action="Edit" Parameters="@($"id=" + context.RoleId.ToString())" Disabled="@(context.IsSystem)" ResourceKey="Edit" /></td>
-            <td><ActionDialog Header="Delete Role" Message="@string.Format(Localizer["Confirm.DeleteUser"], context.Name)" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteRole(context))" Disabled="@(context.IsSystem)" ResourceKey="DeleteRole" /></td>
-            <td><ActionLink Action="Users" Parameters="@($"id=" + context.RoleId.ToString())" ResourceKey="Users" /></td>
+			<td><ActionLink Action="Edit" Parameters="@($"id=" + context.RoleId.ToString())" Security="SecurityAccessLevel.Edit" Disabled="@(context.IsSystem)" ResourceKey="Edit" /></td>
+            <td><ActionDialog Header="Delete Role" Message="@string.Format(Localizer["Confirm.DeleteUser"], context.Name)" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await DeleteRole(context))" Disabled="@(context.IsSystem)" ResourceKey="DeleteRole" /></td>
+			<td><ActionLink Action="Users" Parameters="@($"id=" + context.RoleId.ToString())" Security="SecurityAccessLevel.Edit" ResourceKey="Users" /></td>
             <td>@context.Name</td>
         </Row>
     </Pager>
@@ -31,7 +31,7 @@ else
 @code {
     private List<Role> _roles;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.View;
 
     protected override async Task OnParametersSetAsync()
     {
diff --git a/Oqtane.Client/Modules/Admin/Roles/ModuleInfo.cs b/Oqtane.Client/Modules/Admin/Roles/ModuleInfo.cs
new file mode 100644
index 00000000..de80be0a
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/Roles/ModuleInfo.cs
@@ -0,0 +1,21 @@
+using Oqtane.Documentation;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Modules.Admin.Roles
+{
+    [PrivateApi("Mark this as private, since it's not very useful in the public docs")]
+    public class ModuleInfo : IModule
+    {
+        public ModuleDefinition ModuleDefinition => new ModuleDefinition
+        {
+            Name = "Roles",
+            Description = "Manage Roles",
+            Categories = "Admin",
+            Version = Constants.Version,
+            PermissionNames = $"{PermissionNames.View},{PermissionNames.Edit}," +
+                $"{EntityNames.Role}:{PermissionNames.Write}:{RoleNames.Admin}," +
+                $"{EntityNames.UserRole}:{PermissionNames.Write}:{RoleNames.Admin}"
+        };
+    }
+}
diff --git a/Oqtane.Client/Modules/Admin/Roles/Users.razor b/Oqtane.Client/Modules/Admin/Roles/Users.razor
index 359bc113..d0eb0aac 100644
--- a/Oqtane.Client/Modules/Admin/Roles/Users.razor
+++ b/Oqtane.Client/Modules/Admin/Roles/Users.razor
@@ -23,13 +23,7 @@ else
             <div class="row mb-1 align-items-center">
                 <Label Class="col-sm-3" For="user" HelpText="Select a user" ResourceKey="User">User: </Label>
                 <div class="col-sm-9">
-                    <select id="user" class="form-select" @bind="@userid" required>
-                        <option value="-1">&lt;@Localizer["User.Select"]&gt;</option>
-                        @foreach (UserRole userrole in users)
-                        {
-                            <option value="@(userrole.UserId)">@userrole.User.DisplayName</option>
-                        }
-                    </select>
+					<AutoComplete OnSearch="GetUsers" Placeholder="@Localizer["User.Select"]" @ref="user" />
                 </div>
             </div>
             <div class="row mb-1 align-items-center">
@@ -64,7 +58,7 @@ else
                             <td>@context.EffectiveDate</td>
                             <td>@context.ExpiryDate</td>
                             <td>
-                                <ActionDialog Header="Remove User" Message="@string.Format(Localizer["Confirm.User.DeleteRole"], context.User.DisplayName)" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" Disabled="@(context.Role.IsAutoAssigned || PageState.User.Username == UserNames.Host)" ResourceKey="DeleteUserRole" />
+								<ActionDialog Header="Remove User" Message="@string.Format(Localizer["Confirm.User.DeleteRole"], context.User.DisplayName)" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" Disabled="@(context.Role.IsAutoAssigned || context.User.Username == UserNames.Host || context.User.UserId == PageState.User.UserId)" ResourceKey="DeleteUserRole" />
                             </td>
                         </Row>
                     </Pager>
@@ -75,81 +69,96 @@ else
 }
 
 @code {
-    private ElementReference form;
-    private bool validated = false;
+	private ElementReference form;
+	private bool validated = false;
 
-    private int roleid;
-    private string name = string.Empty;
-    private List<UserRole> users;
-    private int userid = -1;
-    private DateTime? effectivedate = null;
-    private DateTime? expirydate = null;
-    private List<UserRole> userroles;
+	private int roleid;
+	private string name = string.Empty;
+	private AutoComplete user;
+	private DateTime? effectivedate = null;
+	private DateTime? expirydate = null;
+	private List<UserRole> userroles;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
-    protected override async Task OnInitializedAsync()
-    {
-        try
-        {
-            roleid = Int32.Parse(PageState.QueryString["id"]);
-            Role role = await RoleService.GetRoleAsync(roleid);
-            name = role.Name;
-            users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
-            await GetUserRoles();
-        }
-        catch (Exception ex)
-        {
-            await logger.LogError(ex, "Error Loading Users {Error}", ex.Message);
-            AddModuleMessage(Localizer["Error.User.Load"], MessageType.Error);
-        }
-    }
+	protected override async Task OnInitializedAsync()
+	{
+		try
+		{
+			roleid = Int32.Parse(PageState.QueryString["id"]);
+			Role role = await RoleService.GetRoleAsync(roleid);
+			name = role.Name;
+			await GetUserRoles();
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Loading Users {Error}", ex.Message);
+			AddModuleMessage(Localizer["Error.User.Load"], MessageType.Error);
+		}
+	}
 
-    private async Task GetUserRoles()
-    {
-        try
-        {
-            userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, name);
-        }
-        catch (Exception ex)
-        {
-            await logger.LogError(ex, "Error Loading User Roles {RoleId} {Error}", roleid, ex.Message);
-            AddModuleMessage(Localizer["Error.User.LoadRole"], MessageType.Error);
-        }
-    }
+	private async Task<Dictionary<string, string>> GetUsers(string filter)
+	{
+		try
+		{
+			var users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered);
+			return users.Where(item => item.User.DisplayName.Contains(filter, StringComparison.OrdinalIgnoreCase))
+				.ToDictionary(item => item.UserId.ToString(), item => item.User.DisplayName);
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Loading Users {filter} {Error}", filter, ex.Message);
+			AddModuleMessage(Localizer["Error.User.Load"], MessageType.Error);
+		}
+		return new Dictionary<string, string>();
+	}
 
-    private async Task SaveUserRole()
-    {
-        validated = true;
-        var interop = new Interop(JSRuntime);
-        if (await interop.FormValid(form))
-        {
-            try
-            {
-                if (userid != -1)
-                {
-                    var userrole = userroles.Where(item => item.UserId == userid && item.RoleId == roleid).FirstOrDefault();
-                    if (userrole != null)
-                    {
-                        userrole.EffectiveDate = effectivedate;
-                        userrole.ExpiryDate = expirydate;
-                        await UserRoleService.UpdateUserRoleAsync(userrole);
-                    }
-                    else
-                    {
-                        userrole = new UserRole();
-                        userrole.UserId = userid;
-                        userrole.RoleId = roleid;
-                        userrole.EffectiveDate = effectivedate;
-                        userrole.ExpiryDate = expirydate;
+	private async Task GetUserRoles()
+	{
+		try
+		{
+			userroles = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, name);
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Loading User Roles {RoleId} {Error}", roleid, ex.Message);
+			AddModuleMessage(Localizer["Error.User.LoadRole"], MessageType.Error);
+		}
+	}
 
-                        await UserRoleService.AddUserRoleAsync(userrole);
-                    }
+	private async Task SaveUserRole()
+	{
+		validated = true;
+		var interop = new Interop(JSRuntime);
+		if (await interop.FormValid(form))
+		{
+			try
+			{
+				if (!string.IsNullOrEmpty(user.Key) && int.TryParse(user.Key, out int userid))
+				{
+					var userrole = userroles.Where(item => item.UserId == userid && item.RoleId == roleid).FirstOrDefault();
+					if (userrole != null)
+					{
+						userrole.EffectiveDate = effectivedate;
+						userrole.ExpiryDate = expirydate;
+						await UserRoleService.UpdateUserRoleAsync(userrole);
+					}
+					else
+					{
+						userrole = new UserRole();
+						userrole.UserId = userid;
+						userrole.RoleId = roleid;
+						userrole.EffectiveDate = effectivedate;
+						userrole.ExpiryDate = expirydate;
 
-                    await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
-                    AddModuleMessage(Localizer["Success.User.AssignedRole"], MessageType.Success);
-                    await GetUserRoles();
-                    StateHasChanged();
+						await UserRoleService.AddUserRoleAsync(userrole);
+					}
+
+					await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
+					AddModuleMessage(Localizer["Success.User.AssignedRole"], MessageType.Success);
+					await GetUserRoles();
+					user.Clear();
+					StateHasChanged();
                 }
                 else
                 {
diff --git a/Oqtane.Client/Modules/Admin/Site/Index.razor b/Oqtane.Client/Modules/Admin/Site/Index.razor
index 367d31de..bb9a7660 100644
--- a/Oqtane.Client/Modules/Admin/Site/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Site/Index.razor
@@ -127,7 +127,7 @@
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
-                    <Label Class="col-sm-3" For="username" HelpText="Enter the username for your SMTP account" ResourceKey="SmptUsername">Username: </Label>
+                    <Label Class="col-sm-3" For="username" HelpText="Enter the username for your SMTP account" ResourceKey="SmtpUsername">Username: </Label>
                     <div class="col-sm-9">
                         <input id="username" class="form-control" @bind="@_smtpusername" />
                     </div>
@@ -142,12 +142,21 @@
                     </div>
                 </div>
                 <div class="row mb-1 align-items-center">
-                    <Label Class="col-sm-3" For="sender" HelpText="Enter the email which emails will be sent from. Please note that this email address may need to be authorized with the SMTP server." ResourceKey="SmptSender">Email Sender: </Label>
+                    <Label Class="col-sm-3" For="sender" HelpText="Enter the email which emails will be sent from. Please note that this email address may need to be authorized with the SMTP server." ResourceKey="SmtpSender">Email Sender: </Label>
                     <div class="col-sm-9">
                         <input id="sender" class="form-control" @bind="@_smtpsender" />
                     </div>
                 </div>
-                <div class="row mb-1 align-items-center">
+				<div class="row mb-1 align-items-center">
+					<Label Class="col-sm-3" For="relay" HelpText="Only specify this option if you have properly configured an SMTP Relay Service to route your outgoing mail. This option will send notifications from the user's email rather than from the Email Sender specified above." ResourceKey="SmtpRelay">Relay Configured? </Label>
+					<div class="col-sm-9">
+						<select id="relay" class="form-select" @bind="@_smtprelay" required>
+							<option value="True">@SharedLocalizer["Yes"]</option>
+							<option value="False">@SharedLocalizer["No"]</option>
+						</select>
+					</div>
+				</div>
+				<div class="row mb-1 align-items-center">
 					<Label Class="col-sm-3" For="retention" HelpText="Number of days of notifications to retain" ResourceKey="Retention">Retention (Days): </Label>
 					<div class="col-sm-9">
 						<input id="retention" class="form-control" @bind="@_retention" />
@@ -275,7 +284,10 @@
                     <div class="row mb-1 align-items-center">
                         <Label Class="col-sm-3" For="connectionstring" HelpText="The connection information for the database" ResourceKey="ConnectionString">Connection: </Label>
                         <div class="col-sm-9">
-                            <textarea id="connectionstring" class="form-control" @bind="@_connectionstring" rows="2" readonly></textarea>
+							<div class="input-group">
+								<input id="connectionstring" type="@_connectionstringtype" class="form-control" @bind="@_connectionstring" readonly />
+								<button type="button" class="btn btn-secondary" @onclick="@ToggleConnectionString">@_connectionstringtoggle</button>
+							</div>
                         </div>
                     </div>
                 </div>
@@ -320,6 +332,7 @@
 	private string _smtppasswordtype = "password";
 	private string _togglesmtppassword = string.Empty;
 	private string _smtpsender = string.Empty;
+	private string _smtprelay = "False";
 	private string _retention = string.Empty;
 	private string _pwaisenabled;
 	private int _pwaappiconfileid = -1;
@@ -329,6 +342,8 @@
 	private string _tenant = string.Empty;
 	private string _database = string.Empty;
 	private string _connectionstring = string.Empty;
+	private string _connectionstringtype = "password";
+	private string _connectionstringtoggle = string.Empty;
 	private string _createdby;
 	private DateTime _createdon;
 	private string _modifiedby;
@@ -343,6 +358,7 @@
 	{
 		try
 		{
+			_connectionstringtoggle = SharedLocalizer["ShowPassword"];
 			_themeList = await ThemeService.GetThemesAsync();
 			Site site = await SiteService.GetSiteAsync(PageState.Site.SiteId);
 			if (site != null)
@@ -393,6 +409,7 @@
 				_smtppassword = SettingService.GetSetting(settings, "SMTPPassword", string.Empty);
 				_togglesmtppassword = SharedLocalizer["ShowPassword"];
 				_smtpsender = SettingService.GetSetting(settings, "SMTPSender", string.Empty);
+				_smtprelay = SettingService.GetSetting(settings, "SMTPRelay", "False");
 				_retention = SettingService.GetSetting(settings, "NotificationRetention", "30");
 
 				if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
@@ -449,6 +466,20 @@
 		}
 	}
 
+	private void ToggleConnectionString()
+	{
+		if (_connectionstringtype == "password")
+		{
+			_connectionstringtype = "text";
+			_connectionstringtoggle = SharedLocalizer["HidePassword"];
+		}
+		else
+		{
+			_connectionstringtype = "password";
+			_connectionstringtoggle = SharedLocalizer["ShowPassword"];
+		}
+	}
+
 	private async Task SaveSite()
 	{
 		validated = true;
@@ -532,6 +563,7 @@
 						settings = SettingService.SetSetting(settings, "SMTPUsername", _smtpusername, true);
 						settings = SettingService.SetSetting(settings, "SMTPPassword", _smtppassword, true);
 						settings = SettingService.SetSetting(settings, "SMTPSender", _smtpsender, true);
+						settings = SettingService.SetSetting(settings, "SMTPRelay", _smtprelay, true);
 						settings = SettingService.SetSetting(settings, "NotificationRetention", _retention, true);
 						await SettingService.UpdateSiteSettingsAsync(settings, site.SiteId);
 
@@ -602,12 +634,12 @@
 			try
 			{
 				var settings = await SettingService.GetSiteSettingsAsync(PageState.Site.SiteId);
-				SettingService.SetSetting(settings, "SMTPHost", _smtphost, true);
-				SettingService.SetSetting(settings, "SMTPPort", _smtpport, true);
-				SettingService.SetSetting(settings, "SMTPSSL", _smtpssl, true);
-				SettingService.SetSetting(settings, "SMTPUsername", _smtpusername, true);
-				SettingService.SetSetting(settings, "SMTPPassword", _smtppassword, true);
-				SettingService.SetSetting(settings, "SMTPSender", _smtpsender, true);
+				settings = SettingService.SetSetting(settings, "SMTPHost", _smtphost, true);
+				settings = SettingService.SetSetting(settings, "SMTPPort", _smtpport, true);
+				settings = SettingService.SetSetting(settings, "SMTPSSL", _smtpssl, true);
+				settings = SettingService.SetSetting(settings, "SMTPUsername", _smtpusername, true);
+				settings = SettingService.SetSetting(settings, "SMTPPassword", _smtppassword, true);
+				settings = SettingService.SetSetting(settings, "SMTPSender", _smtpsender, true);
 				await SettingService.UpdateSiteSettingsAsync(settings, PageState.Site.SiteId);
 				await logger.LogInformation("Site SMTP Settings Saved");
 
diff --git a/Oqtane.Client/Modules/Admin/Sites/Add.razor b/Oqtane.Client/Modules/Admin/Sites/Add.razor
index a8b7d495..509928f8 100644
--- a/Oqtane.Client/Modules/Admin/Sites/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Sites/Add.razor
@@ -315,7 +315,7 @@ else
 				_urls = Regex.Replace(_urls, @"\r\n?|\n", ",");
 				var duplicates = new List<string>();
 				var aliases = await AliasService.GetAliasesAsync();
-				foreach (string name in _urls.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
+				foreach (string name in _urls.Split(',', StringSplitOptions.RemoveEmptyEntries))
 				{
 					if (aliases.Exists(item => item.Name == name))
 					{
diff --git a/Oqtane.Client/Modules/Admin/Sql/Index.razor b/Oqtane.Client/Modules/Admin/Sql/Index.razor
index 3e149596..c6bc3408 100644
--- a/Oqtane.Client/Modules/Admin/Sql/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Sql/Index.razor
@@ -16,7 +16,7 @@ else
     <div class="container">
 
         <div class="row mb-1 align-items-center">
-            <Label Class="col-sm-3" For="tenant" HelpText="Select the tenant for the SQL server" ResourceKey="Tenant">Tenant: </Label>
+			<Label Class="col-sm-3" For="tenant" HelpText="Select the tenant associated with the database server" ResourceKey="Tenant">Tenant: </Label>
             <div class="col-sm-9">
                 <select id="tenant" class="form-select" value="@_tenantid" @onchange="(e => TenantChanged(e))">
                     <option value="-1">&lt;@Localizer["Tenant.Select"]&gt;</option>
@@ -45,9 +45,9 @@ else
 				</div>
 			</div>
             <div class="row mb-1 align-items-center">
-                <Label Class="col-sm-3" For="sqlQeury" HelpText="Enter the query for the SQL server" ResourceKey="SqlQuery">SQL Query: </Label>
+                <Label Class="col-sm-3" For="sqlQuery" HelpText="Enter the SQL query for the database server" ResourceKey="SqlQuery">SQL Query: </Label>
                 <div class="col-sm-9">
-                    <textarea id="sqlQeury" class="form-control" @bind="@_sql" rows="3"></textarea>
+                    <textarea id="sqlQuery" class="form-control" @bind="@_sql" rows="3"></textarea>
                 </div>
             </div>
         }
diff --git a/Oqtane.Client/Modules/Admin/SystemInfo/Index.razor b/Oqtane.Client/Modules/Admin/SystemInfo/Index.razor
index 38291a66..239d3e9b 100644
--- a/Oqtane.Client/Modules/Admin/SystemInfo/Index.razor
+++ b/Oqtane.Client/Modules/Admin/SystemInfo/Index.razor
@@ -147,6 +147,18 @@
         <a class="btn btn-primary" href="swagger/index.html" target="_new">@Localizer["Access.ApiFramework"]</a>&nbsp;
         <ActionDialog Header="Restart Application" Message="Are You Sure You Wish To Restart The Application?" Action="Restart Application" Security="SecurityAccessLevel.Host" Class="btn btn-danger" OnClick="@(async () => await RestartApplication())" ResourceKey="RestartApplication" />
     </TabPanel>
+    <TabPanel Name="Log" Heading="Log" ResourceKey="Log">
+        <div class="container">
+            <div class="row mb-1 align-items-center">
+                <Label Class="col-sm-3" For="log" HelpText="System log information for current day" ResourceKey="Log">Log: </Label>
+                <div class="col-sm-9">
+                    <textarea id="log" class="form-control" rows="10" @bind="@_log" readonly />
+                </div>
+            </div>
+		</div>
+		<br /><br />
+		<button type="button" class="btn btn-danger" @onclick="ClearLog">@Localizer["Clear"]</button>
+	</TabPanel>
 </TabStrip>
 <br /><br />
 
@@ -172,6 +184,8 @@
 	private string _swagger = string.Empty;
 	private string _packageservice = string.Empty;
 
+	private string _log = string.Empty;
+
 	protected override async Task OnInitializedAsync()
 	{
 		_version = Constants.Version;
@@ -191,37 +205,58 @@
 			_workingset = (Convert.ToInt64(systeminfo["WorkingSet"].ToString()) / 1000000).ToString() + " MB";
 		}
 
-		systeminfo = await SystemService.GetSystemInfoAsync();
+		systeminfo = await SystemService.GetSystemInfoAsync("configuration");
 		if (systeminfo != null)
 		{
 			_installationid = systeminfo["InstallationId"].ToString();
-            _detailederrors = systeminfo["DetailedErrors"].ToString();
-            _logginglevel = systeminfo["Logging:LogLevel:Default"].ToString();
-            _notificationlevel = systeminfo["Logging:LogLevel:Notify"].ToString();
-            _swagger = systeminfo["UseSwagger"].ToString();
-            _packageservice = systeminfo["PackageService"].ToString();
+			_detailederrors = systeminfo["DetailedErrors"].ToString();
+			_logginglevel = systeminfo["Logging:LogLevel:Default"].ToString();
+			_notificationlevel = systeminfo["Logging:LogLevel:Notify"].ToString();
+			_swagger = systeminfo["UseSwagger"].ToString();
+			_packageservice = systeminfo["PackageService"].ToString();
+		}
+
+		systeminfo = await SystemService.GetSystemInfoAsync("log");
+		if (systeminfo != null)
+		{
+			_log = systeminfo["Log"].ToString();
 		}
 	}
 
-    private async Task SaveConfig()
-    {
-        try
-        {
-            var settings = new Dictionary<string, object>();
-            settings.Add("DetailedErrors", _detailederrors);
-            settings.Add("Logging:LogLevel:Default", _logginglevel);
-            settings.Add("Logging:LogLevel:Notify", _notificationlevel);
-            settings.Add("UseSwagger", _swagger);
-            settings.Add("PackageService", _packageservice);
-            await SystemService.UpdateSystemInfoAsync(settings);
-            AddModuleMessage(Localizer["Success.UpdateConfig.Restart"], MessageType.Success);
-        }
-        catch (Exception ex)
-        {
-            await logger.LogError(ex, "Error Saving Configuration");
-            AddModuleMessage(Localizer["Error.UpdateConfig"], MessageType.Error);
-        }
-    }
+	private async Task SaveConfig()
+	{
+		try
+		{
+			var settings = new Dictionary<string, object>();
+			settings.Add("DetailedErrors", _detailederrors);
+			settings.Add("Logging:LogLevel:Default", _logginglevel);
+			settings.Add("Logging:LogLevel:Notify", _notificationlevel);
+			settings.Add("UseSwagger", _swagger);
+			settings.Add("PackageService", _packageservice);
+			await SystemService.UpdateSystemInfoAsync(settings);
+			AddModuleMessage(Localizer["Success.UpdateConfig.Restart"], MessageType.Success);
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Saving Configuration");
+			AddModuleMessage(Localizer["Error.UpdateConfig"], MessageType.Error);
+		}
+	}
+
+	private async Task ClearLog()
+	{
+		try
+		{
+			await SystemService.UpdateSystemInfoAsync("Log", "Clear");
+			_log = string.Empty;
+			AddModuleMessage(Localizer["Success.ClearLog"], MessageType.Success);
+		}
+		catch (Exception ex)
+		{
+			await logger.LogError(ex, "Error Clearing Log");
+			AddModuleMessage(Localizer["Error.ClearLog"], MessageType.Error);
+		}
+	}
 
     private async Task RestartApplication()
     {
diff --git a/Oqtane.Client/Modules/Admin/Themes/Create.razor b/Oqtane.Client/Modules/Admin/Themes/Create.razor
index ef3ab372..e685e3e1 100644
--- a/Oqtane.Client/Modules/Admin/Themes/Create.razor
+++ b/Oqtane.Client/Modules/Admin/Themes/Create.razor
@@ -121,7 +121,7 @@
     private bool IsValid(string name)
     {
         // must contain letters, underscores and digits and first character must be letter or underscore
-        return !string.IsNullOrEmpty(name) && name.ToLower() != "theme" && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
+		return !string.IsNullOrEmpty(name) && name.ToLower() != "theme" && !name.ToLower().Contains("oqtane") && Regex.IsMatch(name, "^[A-Za-z_][A-Za-z0-9_]*$");
     }
 
     private void TemplateChanged(ChangeEventArgs e)
diff --git a/Oqtane.Client/Modules/Admin/UserProfile/Index.razor b/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
index 54b53348..a56235ef 100644
--- a/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
+++ b/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
@@ -305,7 +305,14 @@ else
 	}
 
 	private string GetProfileValue(string SettingName, string DefaultValue)
-		=> SettingService.GetSetting(settings, SettingName, DefaultValue);
+	{
+		string value = SettingService.GetSetting(settings, SettingName, DefaultValue);
+		if (value.Contains("]"))
+		{
+			value = value.Substring(value.IndexOf("]") + 1);
+		}
+		return value;
+	}
 
 	private async Task Save()
 	{
diff --git a/Oqtane.Client/Modules/Admin/Users/Add.razor b/Oqtane.Client/Modules/Admin/Users/Add.razor
index ee0fdc8e..3eb37216 100644
--- a/Oqtane.Client/Modules/Admin/Users/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Users/Add.razor
@@ -104,7 +104,7 @@
     private Dictionary<string, string> settings;
     private string category = string.Empty;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
     protected override async Task OnInitializedAsync()
     {
@@ -121,8 +121,15 @@
         }
     }
 
-    private string GetProfileValue(string SettingName, string DefaultValue)
-        => SettingService.GetSetting(settings, SettingName, DefaultValue);
+	private string GetProfileValue(string SettingName, string DefaultValue)
+	{
+		string value = SettingService.GetSetting(settings, SettingName, DefaultValue);
+		if (value.Contains("]"))
+		{
+			value = value.Substring(value.IndexOf("]") + 1);
+		}
+		return value;
+	}
 
     private async Task SaveUser()
     {
diff --git a/Oqtane.Client/Modules/Admin/Users/Edit.razor b/Oqtane.Client/Modules/Admin/Users/Edit.razor
index 6fffed9c..e4a23e6d 100644
--- a/Oqtane.Client/Modules/Admin/Users/Edit.razor
+++ b/Oqtane.Client/Modules/Admin/Users/Edit.razor
@@ -174,7 +174,7 @@ else
 	private string deletedby;
 	private DateTime? deletedon;
 
-	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
 	protected override async Task OnParametersSetAsync()
 	{
@@ -223,7 +223,14 @@ else
 	}
 
 	private string GetProfileValue(string SettingName, string DefaultValue)
-		=> SettingService.GetSetting(settings, SettingName, DefaultValue);
+	{
+		string value = SettingService.GetSetting(settings, SettingName, DefaultValue);
+		if (value.Contains("]"))
+		{
+			value = value.Substring(value.IndexOf("]") + 1);
+		}
+		return value;
+	}
 
 	private async Task SaveUser()
 	{
diff --git a/Oqtane.Client/Modules/Admin/Users/Index.razor b/Oqtane.Client/Modules/Admin/Users/Index.razor
index 13d67f4f..40124c61 100644
--- a/Oqtane.Client/Modules/Admin/Users/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Users/Index.razor
@@ -20,7 +20,7 @@ else
 			<div class="container">
 				<div class="row mb-1 align-items-center">
 					<div class="col-sm-4">
-						<ActionLink Action="Add" Text="Add User" ResourceKey="AddUser" />
+						<ActionLink Action="Add" Text="Add User" Security="SecurityAccessLevel.Edit" ResourceKey="AddUser" />
 					</div>
 					<div class="col-sm-4">
 						<input class="form-control" @bind="@_search" />
@@ -41,21 +41,21 @@ else
 				</Header>
 				<Row>
 					<td>
-						<ActionLink Action="Edit" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="EditUser" />
+						<ActionLink Action="Edit" Parameters="@($"id=" + context.UserId.ToString())" Security="SecurityAccessLevel.Edit" ResourceKey="EditUser" />
 					</td>
 					<td>
-						<ActionDialog Header="Delete User" Message="@string.Format(Localizer["Confirm.User.Delete"], context.User.DisplayName)" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" Disabled="@(context.UserId == PageState.User.UserId)" ResourceKey="DeleteUser" />
+						<ActionDialog Header="Delete User" Message="@string.Format(Localizer["Confirm.User.Delete"], context.User.DisplayName)" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" Disabled="@(context.UserId == PageState.User.UserId)" ResourceKey="DeleteUser" />
 					</td>
 					<td>
-						<ActionLink Action="Roles" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="Roles" />
+						<ActionLink Action="Roles" Parameters="@($"id=" + context.UserId.ToString())" Security="SecurityAccessLevel.Edit" ResourceKey="Roles" />
 					</td>
 					<td>@context.User.Username</td>
 					<td>@((MarkupString)string.Format("<a href=\"mailto:{0}\">{1}</a>", @context.User.Email, @context.User.DisplayName))</td>
-					<td>@string.Format("{0:dd-MMM-yyyy HH:mm:ss}", context.User.LastLoginOn)</td>
+					<td>@((context.User.LastLoginOn != DateTime.MinValue) ? string.Format("{0:dd-MMM-yyyy HH:mm:ss}", context.User.LastLoginOn) : "")</td>
 				</Row>
 			</Pager>
-	</TabPanel>
-        <TabPanel Name="Settings" Heading="Settings" ResourceKey="Settings">
+		</TabPanel>
+        <TabPanel Name="Settings" Heading="Settings" ResourceKey="Settings" Security="SecurityAccessLevel.Admin">
 			<div class="container">
 				<Section Name="User" Heading="User Settings" ResourceKey="UserSettings">
 					<div class="row mb-1 align-items-center">
@@ -406,7 +406,7 @@ else
 	private string _lifetime;
 	private string _token;
 
-	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+	public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.View;
 
 	protected override async Task OnInitializedAsync()
 	{
@@ -456,7 +456,8 @@ else
 			_togglesecret = SharedLocalizer["ShowPassword"];
 			_issuer = SettingService.GetSetting(settings, "JwtOptions:Issuer", PageState.Uri.Scheme + "://" + PageState.Alias.Name);
 			_audience = SettingService.GetSetting(settings, "JwtOptions:Audience", "");
-			_lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20");		}
+			_lifetime = SettingService.GetSetting(settings, "JwtOptions:Lifetime", "20");
+		}
 	}
 
 	private async Task LoadUsersAsync(bool load)
@@ -522,7 +523,7 @@ else
 	private async Task UpdateUserSettingsAsync()
 	{
 		Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
-		SettingService.SetSetting(settings, settingSearch, _search);
+		settings = SettingService.SetSetting(settings, settingSearch, _search);
 		await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
 	}
 
diff --git a/Oqtane.Client/Modules/Admin/Users/ModuleInfo.cs b/Oqtane.Client/Modules/Admin/Users/ModuleInfo.cs
new file mode 100644
index 00000000..b77c443c
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/Users/ModuleInfo.cs
@@ -0,0 +1,21 @@
+using Oqtane.Documentation;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Modules.Admin.Users
+{
+    [PrivateApi("Mark this as private, since it's not very useful in the public docs")]
+    public class ModuleInfo : IModule
+    {
+        public ModuleDefinition ModuleDefinition => new ModuleDefinition
+        {
+            Name = "Users",
+            Description = "Manage Users",
+            Categories = "Admin",
+            Version = Constants.Version,
+            PermissionNames = $"{PermissionNames.View},{PermissionNames.Edit}," +
+                $"{EntityNames.User}:{PermissionNames.Write}:{RoleNames.Admin}," +
+                $"{EntityNames.UserRole}:{PermissionNames.Write}:{RoleNames.Admin}"
+        };
+    }
+}
diff --git a/Oqtane.Client/Modules/Admin/Users/Roles.razor b/Oqtane.Client/Modules/Admin/Users/Roles.razor
index 0fcc3229..9135a9f6 100644
--- a/Oqtane.Client/Modules/Admin/Users/Roles.razor
+++ b/Oqtane.Client/Modules/Admin/Users/Roles.razor
@@ -63,7 +63,7 @@ else
                 <td>@context.EffectiveDate</td>
                 <td>@context.ExpiryDate</td>
                 <td>
-                    <ActionDialog Header="Remove Role" Message="@string.Format(Localizer["Confirm.User.RemoveRole"], context.Role.Name)" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" Disabled="@(context.Role.IsAutoAssigned || (context.Role.Name == RoleNames.Host && userid == PageState.User.UserId))" ResourceKey="DeleteUserRole" />
+                    <ActionDialog Header="Remove Role" Message="@string.Format(Localizer["Confirm.User.RemoveRole"], context.Role.Name)" Action="Delete" Security="SecurityAccessLevel.Edit" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" Disabled="@(context.Role.IsAutoAssigned || (context.Role.Name == RoleNames.Host && userid == PageState.User.UserId))" ResourceKey="DeleteUserRole" />
                 </td>
             </Row>
         </Pager>
@@ -79,7 +79,7 @@ else
     private string expirydate = string.Empty;
     private List<UserRole> userroles;
 
-    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Admin;
+    public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Edit;
 
     protected override async Task OnInitializedAsync()
     {
diff --git a/Oqtane.Client/Modules/Controls/FileManager.razor b/Oqtane.Client/Modules/Controls/FileManager.razor
index 8ce2e9a5..e0c3b5a7 100644
--- a/Oqtane.Client/Modules/Controls/FileManager.razor
+++ b/Oqtane.Client/Modules/Controls/FileManager.razor
@@ -6,7 +6,7 @@
 @inject IStringLocalizer<FileManager> Localizer
 @inject IStringLocalizer<SharedResources> SharedLocalizer
 
-@if (_folders != null)
+@if (_initialized)
 {
     <div id="@Id" class="container-fluid px-0">
         <div class="row">
@@ -87,6 +87,7 @@
 }
 
 @code {
+	private bool _initialized = false;
 	private List<Folder> _folders;
 	private List<File> _files = new List<File>();
 	private string _fileinputid = string.Empty;
@@ -205,6 +206,8 @@
 		_fileinputid = "FileInput_" + _guid;
 		_progressinfoid = "ProgressInfo_" + _guid;
 		_progressbarid = "ProgressBar_" + _guid;
+
+		_initialized = true;
 	}
 
 	private async Task GetFiles()
diff --git a/Oqtane.Client/Modules/Controls/PermissionGrid.razor b/Oqtane.Client/Modules/Controls/PermissionGrid.razor
index 9fdb0d31..4fcdc5ac 100644
--- a/Oqtane.Client/Modules/Controls/PermissionGrid.razor
+++ b/Oqtane.Client/Modules/Controls/PermissionGrid.razor
@@ -17,8 +17,8 @@
                         <th scope="col">@Localizer["Role"]</th>
                         @foreach (PermissionString permission in _permissions)
                         {
-                            <th style="text-align: center; width: 1px;">@Localizer[permission.PermissionName]</th>
-                        }
+							<th style="text-align: center; width: 1px;">@((MarkupString)GetPermissionName(permission).Replace(" ", "<br />"))</th>
+						}
                     </tr>
                     @foreach (Role role in _roles)
                     {
@@ -28,7 +28,7 @@
                             {
                                 var p = permission;
                                 <td style="text-align: center;">
-                                    <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, role.Name) Disabled=@GetPermissionDisabled(role.Name) OnChange="@(e => PermissionChanged(e, p.PermissionName, role.Name))" />
+									<TriStateCheckBox Value=@GetPermissionValue(p.Permissions, role.Name) Disabled="@GetPermissionDisabled(p.EntityName, p.PermissionName, role.Name)" OnChange="@(e => PermissionChanged(e, p.EntityName, p.PermissionName, role.Name))" />
                                 </td>
                             }
                         </tr>
@@ -66,7 +66,7 @@
                                 {
                                     var p = permission;
                                     <td style="text-align: center; width: 1px;">
-                                        <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, userid) Disabled=false OnChange="@(e => PermissionChanged(e, p.PermissionName, userid))" />
+										<TriStateCheckBox Value=@GetPermissionValue(p.Permissions, userid) Disabled="@GetPermissionDisabled(p.EntityName, p.PermissionName, "")" OnChange="@(e => PermissionChanged(e, p.EntityName, p.PermissionName, userid))" />
                                     </td>
                                 }
                             </tr>
@@ -129,10 +129,25 @@
 
 		_permissions = new List<PermissionString>();
 
-		foreach (string permissionname in _permissionnames.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
+		foreach (string permissionname in _permissionnames.Split(',', StringSplitOptions.RemoveEmptyEntries))
 		{
-			// initialize with admin role
-			_permissions.Add(new PermissionString { PermissionName = permissionname, Permissions = RoleNames.Admin });
+			// permission names can be in the form of "EntityName:PermissionName:Roles"
+			if (permissionname.Contains(":"))
+			{
+				var segments = permissionname.Split(':');
+				if (segments.Length == 3)
+				{
+					if (!segments[2].Contains(RoleNames.Admin))
+					{
+						segments[2] = RoleNames.Admin + ";" + segments[2]; // ensure admin access
+					}
+					_permissions.Add(new PermissionString { EntityName = segments[0], PermissionName = segments[1], Permissions = segments[2] });
+				}
+			}
+			else
+			{
+				_permissions.Add(new PermissionString { EntityName = EntityName, PermissionName = permissionname, Permissions = RoleNames.Admin });
+			}
 		}
 
 		if (!string.IsNullOrEmpty(Permissions))
@@ -140,14 +155,15 @@
 			// populate permissions
 			foreach (PermissionString permissionstring in UserSecurity.GetPermissionStrings(Permissions))
 			{
-				if (_permissions.Find(item => item.PermissionName == permissionstring.PermissionName) != null)
+				int index = _permissions.FindIndex(item => item.EntityName == permissionstring.EntityName && item.PermissionName == permissionstring.PermissionName);
+				if (index != -1)
 				{
-					_permissions[_permissions.FindIndex(item => item.PermissionName == permissionstring.PermissionName)].Permissions = permissionstring.Permissions;
+					_permissions[index].Permissions = permissionstring.Permissions;
 				}
 
 				if (permissionstring.Permissions.Contains("["))
 				{
-					foreach (string user in permissionstring.Permissions.Split(new char[] { '[' }, StringSplitOptions.RemoveEmptyEntries))
+					foreach (string user in permissionstring.Permissions.Split('[', StringSplitOptions.RemoveEmptyEntries))
 					{
 						if (user.Contains("]"))
 						{
@@ -163,6 +179,16 @@
 		}
 	}
 
+	private string GetPermissionName(PermissionString permission)
+	{
+		var permissionname = Localizer[permission.PermissionName].ToString();
+		if (!string.IsNullOrEmpty(EntityName))
+		{
+			permissionname += " " + Localizer[permission.EntityName].ToString();
+		}
+		return permissionname;
+	}
+
 	private bool? GetPermissionValue(string permissions, string securityKey)
 	{
 		if ((";" + permissions + ";").Contains(";" + "!" + securityKey + ";"))
@@ -182,8 +208,24 @@
 		}
 	}
 
-	private bool GetPermissionDisabled(string roleName)
-		=> (roleName == RoleNames.Admin && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) ? true : false;
+	private bool GetPermissionDisabled(string entityName, string permissionName, string roleName)
+	{
+		if (roleName == RoleNames.Admin && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
+		{
+			return true;
+		}
+		else
+		{
+			if (entityName != EntityName && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin))
+			{
+				return true;
+			}
+			else
+			{
+				return false;
+			}
+		}
+	}
 
 	private async Task<Dictionary<string, string>> GetUsers(string filter)
 	{
@@ -209,14 +251,15 @@
 		_user.Clear();
 	}
 
-	private void PermissionChanged(bool? value, string permissionName, string securityId)
+	private void PermissionChanged(bool? value, string entityName, string permissionName, string securityId)
 	{
 		var selected = value;
-		var permission = _permissions.Find(item => item.PermissionName == permissionName);
-		if (permission != null)
+		int index = _permissions.FindIndex(item => item.EntityName == entityName && item.PermissionName == permissionName);
+		if (index != -1)
 		{
-			var ids = permission.Permissions.Split(';').ToList();
+			var permission = _permissions[index];
 
+			var ids = permission.Permissions.Split(';').ToList();
 			ids.Remove(securityId); // remove grant permission
 			ids.Remove("!" + securityId); // remove deny permission
 
@@ -232,7 +275,7 @@
 					break; // permission not specified
 			}
 
-			_permissions[_permissions.FindIndex(item => item.PermissionName == permissionName)].Permissions = string.Join(";", ids.ToArray());
+			_permissions[index].Permissions = string.Join(";", ids.ToArray());
 		}
 	}
 
@@ -245,9 +288,9 @@
 	private void ValidatePermissions()
 	{
 		PermissionString permission;
-		for (int i = 0; i < _permissions.Count; i++)
+		for (int index = 0; index < _permissions.Count; index++)
 		{
-			permission = _permissions[i];
+			permission = _permissions[index];
 			List<string> ids = permission.Permissions.Split(';', StringSplitOptions.RemoveEmptyEntries).ToList();
 			ids.Remove("!" + RoleNames.Everyone); // remove deny all users
 			ids.Remove("!" + RoleNames.Unauthenticated); // remove deny unauthenticated
@@ -263,7 +306,7 @@
 				}
 			}
 			permission.Permissions = string.Join(";", ids.ToArray());
-            _permissions[i] = permission;
+            _permissions[index] = permission;
         }
     }
 }
diff --git a/Oqtane.Client/Modules/ModuleBase.cs b/Oqtane.Client/Modules/ModuleBase.cs
index 77ad0423..42963461 100644
--- a/Oqtane.Client/Modules/ModuleBase.cs
+++ b/Oqtane.Client/Modules/ModuleBase.cs
@@ -315,15 +315,10 @@ namespace Oqtane.Modules
         {
             int pageId = ModuleState.PageId;
             int moduleId = ModuleState.ModuleId;
-            int? userId = null;
-            if (PageState.User != null)
-            {
-                userId = PageState.User.UserId;
-            }
             string category = GetType().AssemblyQualifiedName;
             string feature = Utilities.GetTypeNameLastSegment(category, 1);
 
-            await LoggingService.Log(alias, pageId, moduleId, userId, category, feature, function, level, exception, message, args);
+            await LoggingService.Log(alias, pageId, moduleId, PageState.User?.UserId, category, feature, function, level, exception, message, args);
         }
 
         public class Logger
diff --git a/Oqtane.Client/Oqtane.Client.csproj b/Oqtane.Client/Oqtane.Client.csproj
index 8756d3d7..af1c1427 100644
--- a/Oqtane.Client/Oqtane.Client.csproj
+++ b/Oqtane.Client/Oqtane.Client.csproj
@@ -5,7 +5,7 @@
     <OutputType>Exe</OutputType>
     <RazorLangVersion>3.0</RazorLangVersion>
     <Configurations>Debug;Release</Configurations>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -13,7 +13,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
diff --git a/Oqtane.Client/Resources/Modules/Admin/Roles/Users.resx b/Oqtane.Client/Resources/Modules/Admin/Roles/Users.resx
index e85706e7..99a8f2fa 100644
--- a/Oqtane.Client/Resources/Modules/Admin/Roles/Users.resx
+++ b/Oqtane.Client/Resources/Modules/Admin/Roles/Users.resx
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -121,7 +121,7 @@
     <value>User: </value>
   </data>
   <data name="User.Select" xml:space="preserve">
-    <value>Select User</value>
+    <value>Enter User's Name</value>
   </data>
   <data name="Users" xml:space="preserve">
     <value>Users</value>
@@ -129,9 +129,6 @@
   <data name="Error.User.Load" xml:space="preserve">
     <value>Error Loading Users</value>
   </data>
-  <data name="Error.User.LoadRole" xml:space="preserve">
-    <value>Error Loading User Roles</value>
-  </data>
   <data name="Success.User.AssignedRole" xml:space="preserve">
     <value>User Assigned To Role</value>
   </data>
@@ -151,7 +148,7 @@
     <value>The role you are assigning users to</value>
   </data>
   <data name="User.HelpText" xml:space="preserve">
-    <value>Select a user</value>
+    <value>Enter the name of a user</value>
   </data>
   <data name="EffectiveDate.HelpText" xml:space="preserve">
     <value>The date that this role assignment is active</value>
diff --git a/Oqtane.Client/Resources/Modules/Admin/Site/Index.resx b/Oqtane.Client/Resources/Modules/Admin/Site/Index.resx
index 4b204eab..e74d0343 100644
--- a/Oqtane.Client/Resources/Modules/Admin/Site/Index.resx
+++ b/Oqtane.Client/Resources/Modules/Admin/Site/Index.resx
@@ -195,13 +195,13 @@
   <data name="UseSsl.HelpText" xml:space="preserve">
     <value>Specify if SSL is required for your SMTP server</value>
   </data>
-  <data name="SmptUsername.HelpText" xml:space="preserve">
+  <data name="SmtpUsername.HelpText" xml:space="preserve">
     <value>Enter the username for your SMTP account</value>
   </data>
   <data name="SmtpPassword.HelpText" xml:space="preserve">
     <value>Enter the password for your SMTP account</value>
   </data>
-  <data name="SmptSender.HelpText" xml:space="preserve">
+  <data name="SmtpSender.HelpText" xml:space="preserve">
     <value>Enter the email which emails will be sent from. Please note that this email address may need to be authorized with the SMTP server.</value>
   </data>
   <data name="EnablePWA.HelpText" xml:space="preserve">
@@ -243,13 +243,13 @@
   <data name="UseSsl.Text" xml:space="preserve">
     <value>SSL Enabled: </value>
   </data>
-  <data name="SmptUsername.Text" xml:space="preserve">
+  <data name="SmtpUsername.Text" xml:space="preserve">
     <value>Username: </value>
   </data>
   <data name="SmtpPassword.Text" xml:space="preserve">
     <value>Password: </value>
   </data>
-  <data name="SmptSender.Text" xml:space="preserve">
+  <data name="SmtpSender.Text" xml:space="preserve">
     <value>Email Sender: </value>
   </data>
   <data name="EnablePWA.Text" xml:space="preserve">
@@ -339,4 +339,10 @@
   <data name="HomePage.Text" xml:space="preserve">
     <value>Home Page:</value>
   </data>
+  <data name="SmtpRelay.HelpText" xml:space="preserve">
+    <value>Only specify this option if you have properly configured an SMTP Relay Service to route your outgoing mail. This option will send notifications from the user's email rather than from the Email Sender specified above.</value>
+  </data>
+  <data name="SmtpRelay.Text" xml:space="preserve">
+    <value>Relay Configured?</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/Oqtane.Client/Resources/Modules/Admin/Sql/Index.resx b/Oqtane.Client/Resources/Modules/Admin/Sql/Index.resx
index 9654eac7..ab2f651f 100644
--- a/Oqtane.Client/Resources/Modules/Admin/Sql/Index.resx
+++ b/Oqtane.Client/Resources/Modules/Admin/Sql/Index.resx
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <root>
   <!-- 
     Microsoft ResX Schema 
@@ -133,10 +133,10 @@
     <value>No Results Returned</value>
   </data>
   <data name="Tenant.HelpText" xml:space="preserve">
-    <value>Select the tenant for the SQL server</value>
+    <value>Select the tenant associated with the database server</value>
   </data>
   <data name="SqlQuery.HelpText" xml:space="preserve">
-    <value>Enter the query for the SQL server</value>
+    <value>Enter the SQL query for the database server</value>
   </data>
   <data name="SqlQuery.Text" xml:space="preserve">
     <value>SQL Query: </value>
diff --git a/Oqtane.Client/Resources/Modules/Admin/SystemInfo/Index.resx b/Oqtane.Client/Resources/Modules/Admin/SystemInfo/Index.resx
index 9876218b..c5c328cd 100644
--- a/Oqtane.Client/Resources/Modules/Admin/SystemInfo/Index.resx
+++ b/Oqtane.Client/Resources/Modules/Admin/SystemInfo/Index.resx
@@ -210,7 +210,10 @@
   <data name="Options.Heading" xml:space="preserve">
     <value>Options</value>
   </data>
-  <data name="Register" xml:space="preserve">
+  <data name="Log.Heading" xml:space="preserve">
+    <value>Log</value>
+  </data>
+    <data name="Register" xml:space="preserve">
     <value>Please Register Me For Major Product Updates And Security Bulletins</value>
   </data>
   <data name="Success.Register" xml:space="preserve">
@@ -276,4 +279,19 @@
   <data name="Environment.Text" xml:space="preserve">
     <value>Environment:</value>
   </data>
+  <data name="Log.Text" xml:space="preserve">
+    <value>Log:</value>
+  </data>
+  <data name="Log.HelpText" xml:space="preserve">
+    <value>System log information for current day</value>
+  </data>
+  <data name="Clear" xml:space="preserve">
+    <value>Clear</value>
+  </data>
+  <data name="Success.ClearLog" xml:space="preserve">
+    <value>System Log Has Been Successfully Cleared</value>
+  </data>
+  <data name="Error.ClearLog" xml:space="preserve">
+    <value>Ann Error Occurred Clearing The System Log</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/Oqtane.Client/Services/ApiService.cs b/Oqtane.Client/Services/ApiService.cs
deleted file mode 100644
index 1c05c7ec..00000000
--- a/Oqtane.Client/Services/ApiService.cs
+++ /dev/null
@@ -1,32 +0,0 @@
-using System.Net.Http;
-using System.Threading.Tasks;
-using System.Collections.Generic;
-using Oqtane.Documentation;
-using Oqtane.Shared;
-using Oqtane.Models;
-
-namespace Oqtane.Services
-{
-    [PrivateApi("Don't show in the documentation, as everything should use the Interface")]
-    public class ApiService : ServiceBase, IApiService
-    {
-        public ApiService(HttpClient http, SiteState siteState) : base(http, siteState) { }
-
-        private string Apiurl => CreateApiUrl("Api");
-
-        public async Task<List<Api>> GetApisAsync(int siteId)
-        {
-            return await GetJsonAsync<List<Api>>($"{Apiurl}?siteid={siteId}");
-        }
-
-        public async Task<Api> GetApiAsync(int siteId, string entityName)
-        {
-            return await GetJsonAsync<Api>($"{Apiurl}/{siteId}/{entityName}");
-        }
-
-        public async Task UpdateApiAsync(Api api)
-        {
-            await PostJsonAsync(Apiurl, api);
-        }
-    }
-}
diff --git a/Oqtane.Client/Services/Interfaces/IApiService.cs b/Oqtane.Client/Services/Interfaces/IApiService.cs
deleted file mode 100644
index 845061f9..00000000
--- a/Oqtane.Client/Services/Interfaces/IApiService.cs
+++ /dev/null
@@ -1,31 +0,0 @@
-using System.Collections.Generic;
-using System.Threading.Tasks;
-using Oqtane.Models;
-
-namespace Oqtane.Services
-{
-    /// <summary>
-    /// Service to retrieve and update API information.
-    /// </summary>
-    public interface IApiService
-    {
-        /// <summary>
-        /// returns a list of APIs
-        /// </summary>
-        /// <returns></returns>
-        Task<List<Api>> GetApisAsync(int siteId);
-
-        /// <summary>
-        /// returns a specific API
-        /// </summary>
-        /// <returns></returns>
-        Task<Api> GetApiAsync(int siteId, string entityName);
-
-        /// <summary>
-        /// Updates an API
-        /// </summary>
-        /// <param name="api"></param>
-        /// <returns></returns>
-        Task UpdateApiAsync(Api api);
-    }
-}
diff --git a/Oqtane.Client/Services/Interfaces/ISettingService.cs b/Oqtane.Client/Services/Interfaces/ISettingService.cs
index b2d7908f..949db56d 100644
--- a/Oqtane.Client/Services/Interfaces/ISettingService.cs
+++ b/Oqtane.Client/Services/Interfaces/ISettingService.cs
@@ -62,7 +62,7 @@ namespace Oqtane.Services
         /// <summary>
         /// Returns a key-value dictionary of all page module settings for the given page module
         /// </summary>
-        /// <param name="pageId"></param>
+        /// <param name="pageModuleId"></param>
         /// <returns></returns>
         Task<Dictionary<string, string>> GetPageModuleSettingsAsync(int pageModuleId);
 
@@ -107,7 +107,7 @@ namespace Oqtane.Services
         /// <summary>
         /// Returns a key-value dictionary of all user settings for the given user
         /// </summary>
-        /// <param name="pageId"></param>
+        /// <param name="userId"></param>
         /// <returns></returns>
         Task<Dictionary<string, string>> GetUserSettingsAsync(int userId);
 
@@ -122,7 +122,7 @@ namespace Oqtane.Services
         /// <summary>
         /// Returns a key-value dictionary of all folder settings for the given folder
         /// </summary>
-        /// <param name="pageId"></param>
+        /// <param name="folderId"></param>
         /// <returns></returns>
         Task<Dictionary<string, string>> GetFolderSettingsAsync(int folderId);
 
@@ -148,6 +148,21 @@ namespace Oqtane.Services
         /// <returns></returns>
         Task UpdateHostSettingsAsync(Dictionary<string, string> hostSettings);
 
+        /// <summary>
+        /// Returns a key-value dictionary of all settings for the given visitor
+        /// </summary>
+        /// <param name="visitorId"></param>
+        /// <returns></returns>
+        Task<Dictionary<string, string>> GetVisitorSettingsAsync(int visitorId);
+
+        /// <summary>
+        /// Updates a visitor setting
+        /// </summary>
+        /// <param name="visitorSettings"></param>
+        /// <param name="visitorId"></param>
+        /// <returns></returns>
+        Task UpdateVisitorSettingsAsync(Dictionary<string, string> visitorSettings, int visitorId);
+
         /// <summary>
         /// Returns a key-value dictionary of all settings for the given entityName
         /// </summary>
diff --git a/Oqtane.Client/Services/SettingService.cs b/Oqtane.Client/Services/SettingService.cs
index b06a2d41..4b4cbc12 100644
--- a/Oqtane.Client/Services/SettingService.cs
+++ b/Oqtane.Client/Services/SettingService.cs
@@ -111,6 +111,26 @@ namespace Oqtane.Services
             await UpdateSettingsAsync(hostSettings, EntityNames.Host, -1);
         }
 
+        public async Task<Dictionary<string, string>> GetVisitorSettingsAsync(int visitorId)
+        {
+            if (visitorId != -1)
+            {
+                return await GetSettingsAsync(EntityNames.Visitor, visitorId);
+            }
+            else
+            {
+                return new Dictionary<string, string>();
+            }
+        }
+
+        public async Task UpdateVisitorSettingsAsync(Dictionary<string, string> visitorSettings, int visitorId)
+        {
+            if (visitorId != -1)
+            {
+                await UpdateSettingsAsync(visitorSettings, EntityNames.Visitor, visitorId);
+            }
+        }
+
         public async Task<Dictionary<string, string>> GetSettingsAsync(string entityName, int entityId)
         {
             var dictionary = new Dictionary<string, string>();
diff --git a/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor b/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
index 1b63b090..e72a20d4 100644
--- a/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
+++ b/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
@@ -33,7 +33,7 @@
     }
 }
 
-@if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, PageState.Page.Permissions))
+@if (_canViewAdminDashboard || UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, PageState.Page.Permissions))
 {
     <button type="button" class="btn @ButtonClass" data-bs-toggle="offcanvas" data-bs-target="#offcanvasControlPanel" aria-controls="offcanvasControlPanel">
         <span class="oi oi-cog"></span>
@@ -46,16 +46,17 @@
 		</div>
 		<div class="@BodyClass">
 			<div class="container-fluid">
-				@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin))
+				@if (_canViewAdminDashboard)
 				{
 					<div class="row d-flex">
 						<div class="col">
 							<button type="button" data-bs-dismiss="offcanvas" class="btn btn-primary col-12" @onclick=@(async () => Navigate("Admin"))>@Localizer["AdminDash"]</button>
 						</div>
 					</div>
-
 					<hr class="app-rule" />
-
+				}
+				@if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin))
+				{
 					<div class="row">
 						<div class="col text-center">
 							<label class="control-label">@Localizer["Page.Manage"] </label>
@@ -80,144 +81,149 @@
 							}
 						</div>
 					</div>
-				}
+					<hr class="app-rule" />
 
-				@if (_deleteConfirmation)
-				{
-					<div class="app-admin-modal">
-						<div class="modal" tabindex="-1" role="dialog">
-							<div class="modal-dialog">
-								<div class="modal-content">
-									<div class="modal-header">
-										<h5 class="modal-title">@Localizer["Page.Delete"]</h5>
-										<button type="button" class="btn-close" aria-label="Close" @onclick="ConfirmDelete"></button>
-									</div>
-									<div class="modal-body">
-										<p>Are You Sure You Want To Delete This Page?</p>
-									</div>
-									<div class="modal-footer">
-										<button type="button" class="btn btn-danger" @onclick="DeletePage">@SharedLocalizer["Delete"]</button>
-										<button type="button" class="btn btn-secondary" @onclick="ConfirmDelete">@SharedLocalizer["Cancel"]</button>
+					@if (_deleteConfirmation)
+					{
+						<div class="app-admin-modal">
+							<div class="modal" tabindex="-1" role="dialog">
+								<div class="modal-dialog">
+									<div class="modal-content">
+										<div class="modal-header">
+											<h5 class="modal-title">@Localizer["Page.Delete"]</h5>
+											<button type="button" class="btn-close" aria-label="Close" @onclick="ConfirmDelete"></button>
+										</div>
+										<div class="modal-body">
+											<p>Are You Sure You Want To Delete This Page?</p>
+										</div>
+										<div class="modal-footer">
+											<button type="button" class="btn btn-danger" @onclick="DeletePage">@SharedLocalizer["Delete"]</button>
+											<button type="button" class="btn btn-secondary" @onclick="ConfirmDelete">@SharedLocalizer["Cancel"]</button>
+										</div>
 									</div>
 								</div>
 							</div>
 						</div>
-					</div>
+					}
 				}
-				<hr class="app-rule" />
-				<div class="row">
-					<div class="col text-center">
-						<label for="Module" class="control-label">@Localizer["Module.Manage"] </label>
-						<select class="form-select" @bind="@ModuleType">
-							<option value="new">@Localizer["Module.AddNew"]</option>
-							<option value="existing">@Localizer["Module.AddExisting"]</option>
-						</select>
-						@if (ModuleType == "new")
-						{
-							@if (_moduleDefinitions != null)
-							{
-								<select class="form-select" @onchange="(e => CategoryChanged(e))">
-									@foreach (var category in _categories)
-									{
-										if (category == Category)
-										{
-											<option value="@category" selected>@category @Localizer["Modules"]</option>
-										}
-										else
-										{
-											<option value="@category">@category @Localizer["Modules"]</option>
-										}
-									}
-								</select>
-								<select class="form-select" @onchange="(e => ModuleChanged(e))">
-									@if (ModuleDefinitionName == "-")
-									{
-										<option value="-" selected>&lt;@Localizer["Module.Select"]&gt;</option>
-									}
-									else
-									{
-										<option value="-">&lt;@Localizer["Module.Select"]&gt;</option>
-									}
-									@foreach (var moduledefinition in _moduleDefinitions)
-									{
-										if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.Utilize, moduledefinition.Permissions))
-										{
-											if (moduledefinition.Runtimes == "" || moduledefinition.Runtimes.Contains(PageState.Runtime.ToString()))
-											{
-												<option value="@moduledefinition.ModuleDefinitionName">@moduledefinition.Name</option>
-											}
-										}
-									}
-								</select>
-							}
-						}
-						else
-						{
-							<select class="form-select" @onchange="(e => PageChanged(e))">
-								<option value="-">&lt;@Localizer["Page.Select"]&gt;</option>
-								@foreach (Page p in _pages)
-								{
-									<option value="@p.PageId">@p.Name</option>
-								}
-							</select>
-							<select class="form-select" @bind="@ModuleId">
-								<option value="-">&lt;@Localizer["Module.Select"]&gt;</option>
-								@foreach (Module module in _modules)
-								{
-									<option value="@module.ModuleId">@module.Title</option>
-								}
-							</select>
-						}
-					</div>
-				</div>
-				<div class="row">
-					<div class="col text-center">
-						<label for="Title" class="control-label">@Localizer["Title"] </label>
-						<input type="text" name="Title" class="form-control" @bind="@Title" />
-					</div>
-				</div>
-				@if (_pane.Length > 1)
+
+				@if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, PageState.Page.Permissions))
 				{
 					<div class="row">
 						<div class="col text-center">
-							<label for="Pane" class="control-label">@Localizer["Pane"] </label>
-							<select class="form-select" @bind="@Pane">
-								@foreach (string pane in PageState.Page.Panes)
+							<label for="Module" class="control-label">@Localizer["Module.Manage"] </label>
+							<select class="form-select" @bind="@ModuleType">
+								<option value="new">@Localizer["Module.AddNew"]</option>
+								<option value="existing">@Localizer["Module.AddExisting"]</option>
+							</select>
+							@if (ModuleType == "new")
+							{
+								@if (_moduleDefinitions != null)
 								{
-									<option value="@pane">@pane Pane</option>
+									<select class="form-select" @onchange="(e => CategoryChanged(e))">
+										@foreach (var category in _categories)
+										{
+											if (category == Category)
+											{
+												<option value="@category" selected>@category @Localizer["Modules"]</option>
+											}
+											else
+											{
+												<option value="@category">@category @Localizer["Modules"]</option>
+											}
+										}
+									</select>
+									<select class="form-select" @onchange="(e => ModuleChanged(e))">
+										@if (ModuleDefinitionName == "-")
+										{
+											<option value="-" selected>&lt;@Localizer["Module.Select"]&gt;</option>
+										}
+										else
+										{
+											<option value="-">&lt;@Localizer["Module.Select"]&gt;</option>
+										}
+										@foreach (var moduledefinition in _moduleDefinitions)
+										{
+											if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.Utilize, moduledefinition.Permissions))
+											{
+												if (moduledefinition.Runtimes == "" || moduledefinition.Runtimes.Contains(PageState.Runtime.ToString()))
+												{
+													<option value="@moduledefinition.ModuleDefinitionName">@moduledefinition.Name</option>
+												}
+											}
+										}
+									</select>
+								}
+							}
+							else
+							{
+								<select class="form-select" @onchange="(e => PageChanged(e))">
+									<option value="-">&lt;@Localizer["Page.Select"]&gt;</option>
+									@foreach (Page p in _pages)
+									{
+										<option value="@p.PageId">@p.Name</option>
+									}
+								</select>
+								<select class="form-select" @bind="@ModuleId">
+									<option value="-">&lt;@Localizer["Module.Select"]&gt;</option>
+									@foreach (Module module in _modules)
+									{
+										<option value="@module.ModuleId">@module.Title</option>
+									}
+								</select>
+							}
+						</div>
+					</div>
+					<div class="row">
+						<div class="col text-center">
+							<label for="Title" class="control-label">@Localizer["Title"] </label>
+							<input type="text" name="Title" class="form-control" @bind="@Title" />
+						</div>
+					</div>
+					@if (_pane.Length > 1)
+					{
+						<div class="row">
+							<div class="col text-center">
+								<label for="Pane" class="control-label">@Localizer["Pane"] </label>
+								<select class="form-select" @bind="@Pane">
+									@foreach (string pane in PageState.Page.Panes)
+									{
+										<option value="@pane">@pane Pane</option>
+									}
+								</select>
+							</div>
+						</div>
+					}
+					<div class="row">
+						<div class="col text-center">
+							<label for="Container" class="control-label">@Localizer["Container"] </label>
+							<select class="form-select" @bind="@ContainerType">
+								@foreach (var container in _containers)
+								{
+									<option value="@container.TypeName">@container.Name</option>
 								}
 							</select>
 						</div>
 					</div>
+					<div class="row">
+						<div class="col text-center">
+							<label for="visibility" class="control-label">@Localizer["Visibility"]</label>
+							<select class="form-select" @bind="@Visibility">
+								<option value="view">@Localizer["VisibilityView"]</option>
+								<option value="edit">@Localizer["VisibilityEdit"]</option>
+							</select>
+						</div>
+					</div>
+					<button type="button" class="btn btn-primary col-12 mt-4" @onclick="@AddModule">@Localizer["Page.Module.Add"]</button>
+					@((MarkupString)Message)
 				}
-				<div class="row">
-					<div class="col text-center">
-						<label for="Container" class="control-label">@Localizer["Container"] </label>
-						<select class="form-select" @bind="@ContainerType">
-							@foreach (var container in _containers)
-							{
-								<option value="@container.TypeName">@container.Name</option>
-							}
-						</select>
-					</div>
-				</div>
-				<div class="row">
-					<div class="col text-center">
-						<label for="visibility" class="control-label">@Localizer["Visibility"]</label>
-						<select class="form-select" @bind="@Visibility">
-							<option value="view">@Localizer["VisibilityView"]</option>
-							<option value="edit">@Localizer["VisibilityEdit"]</option>
-						</select>
-					</div>
-				</div>
-				<button type="button" class="btn btn-primary col-12 mt-4" @onclick="@AddModule">@Localizer["Page.Module.Add"]</button>
-				@((MarkupString) Message)
 			</div>
 		</div>
 	</div>
 }
 
 @code{
+	private bool _canViewAdminDashboard = false;
 	private bool _showEditMode = false;
 	private bool _deleteConfirmation = false;
 	private List<string> _categories = new List<string>();
@@ -286,6 +292,7 @@
 
 	protected override async Task OnParametersSetAsync()
 	{
+		_canViewAdminDashboard = CanViewAdminDashboard();
 		_showEditMode = false;
 		if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.Edit, PageState.Page.Permissions))
 		{
@@ -321,6 +328,22 @@
 		}
 	}
 
+	private bool CanViewAdminDashboard()
+	{
+		var admin = PageState.Pages.FirstOrDefault(item => item.Path == "admin");
+		if (admin != null)
+		{
+			foreach (var page in PageState.Pages.Where(item => item.ParentId == admin?.PageId))
+			{
+				if (UserSecurity.IsAuthorized(PageState.User, PermissionNames.View, page.Permissions))
+				{
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+
 	private void CategoryChanged(ChangeEventArgs e)
 	{
 		Category = (string)e.Value;
@@ -380,6 +403,8 @@
 						// set module view permissions to page edit permissions
 						permissions.Find(p => p.PermissionName == PermissionNames.View).Permissions = permissions.Find(p => p.PermissionName == PermissionNames.Edit).Permissions;
 					}
+					// set entityname
+					permissions.ForEach(item => item.EntityName = EntityNames.Module);
 					module.Permissions = UserSecurity.SetPermissionStrings(permissions);
 
 					module = await ModuleService.AddModuleAsync(module);
@@ -465,12 +490,10 @@
 			case "Admin":
 			// get admin dashboard moduleid
 				module = PageState.Modules.FirstOrDefault(item => item.ModuleDefinitionName == Constants.AdminDashboardModule);
-
 				if (module != null)
 				{
 					NavigationManager.NavigateTo(EditUrl(PageState.Page.Path, module.ModuleId, "Index", ""));
 				}
-
 				break;
 			case "Add":
 			case "Edit":
@@ -551,19 +574,19 @@
 			{
 				page.IsDeleted = true;
 				await PageService.UpdatePageAsync(page);
-				await logger.Log(page.PageId, null, PageState.User.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page);
+				await logger.Log(page.PageId, null, PageState.User?.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page);
 				NavigationManager.NavigateTo(NavigateUrl(""));
 			}
 			else // personalized page
 			{
 				await PageService.DeletePageAsync(page.PageId);
-				await logger.Log(page.PageId, null, PageState.User.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page);
+				await logger.Log(page.PageId, null, PageState.User?.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, null, "Page Deleted {Page}", page);
 				NavigationManager.NavigateTo(NavigateUrl());
 			}
 		}
 		catch (Exception ex)
 		{
-			await logger.Log(page.PageId, null, PageState.User.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, ex, "Page Deleted {Page} {Error}", page, ex.Message);
+			await logger.Log(page.PageId, null, PageState.User?.UserId, GetType().AssemblyQualifiedName, "ControlPanel", LogFunction.Delete, LogLevel.Information, ex, "Page Deleted {Page} {Error}", page, ex.Message);
 		}
 	}
 
@@ -596,8 +619,8 @@
     private async Task UpdateSettingsAsync()
     {
         Dictionary<string, string> settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
-        SettingService.SetSetting(settings, settingCategory, _category);
-        SettingService.SetSetting(settings, settingPane, _pane);
+		settings = SettingService.SetSetting(settings, settingCategory, _category);
+        settings = SettingService.SetSetting(settings, settingPane, _pane);
         await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
     }
 
diff --git a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
index facebb15..9c0f2192 100644
--- a/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
+++ b/Oqtane.Client/Themes/Controls/Theme/LoginBase.cs
@@ -1,8 +1,10 @@
 using System;
+using System.Net;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Components;
 using Microsoft.JSInterop;
 using Oqtane.Enums;
+using Oqtane.Models;
 using Oqtane.Providers;
 using Oqtane.Security;
 using Oqtane.Services;
@@ -22,20 +24,18 @@ namespace Oqtane.Themes.Controls
 
         protected void LoginUser()
         {
-            var returnurl = PageState.Alias.Path;
-            if (PageState.Page.Path != "/")
-            {
-                returnurl += "/" + PageState.Page.Path;
-            }
-            NavigationManager.NavigateTo(NavigateUrl("login", "?returnurl=" + returnurl));
+            Route route = new Route(PageState.Uri.AbsoluteUri, PageState.Alias.Path);
+            NavigationManager.NavigateTo(NavigateUrl("login", "?returnurl=" + WebUtility.UrlEncode(route.PathAndQuery)));
         }
 
         protected async Task LogoutUser()
         {
-            await LoggingService.Log(PageState.Alias, PageState.Page.PageId, null, PageState.User.UserId, GetType().AssemblyQualifiedName, "Logout", LogFunction.Security, LogLevel.Information, null, "User Logout For Username {Username}", PageState.User.Username);
+            await LoggingService.Log(PageState.Alias, PageState.Page.PageId, null, PageState.User?.UserId, GetType().AssemblyQualifiedName, "Logout", LogFunction.Security, LogLevel.Information, null, "User Logout For Username {Username}", PageState.User?.Username);
 
-            // check if anonymous user can access page
-            var url = PageState.Alias.Path + "/" + PageState.Page.Path;
+            Route route = new Route(PageState.Uri.AbsoluteUri, PageState.Alias.Path);
+            var url = route.PathAndQuery;
+
+            // verify if anonymous users can access page
             if (!UserSecurity.IsAuthorized(null, PermissionNames.View, PageState.Page.Permissions))
             {
                 url = PageState.Alias.Path;
diff --git a/Oqtane.Client/UI/ModuleInstance.razor b/Oqtane.Client/UI/ModuleInstance.razor
index 273892b9..f05ef9be 100644
--- a/Oqtane.Client/UI/ModuleInstance.razor
+++ b/Oqtane.Client/UI/ModuleInstance.razor
@@ -87,10 +87,9 @@ else
 		// retrieve friendly localized error
 		_error =  Localizer["Error.Module.Exception"];
 		// log error
-		int? userId = (PageState.User != null) ? PageState.User.UserId : null;
 		string category = GetType().AssemblyQualifiedName;
 		string feature = Utilities.GetTypeNameLastSegment(category, 1);
-		await LoggingService.Log(null, ModuleState.PageId, ModuleState.ModuleId, userId, category, feature, LogFunction.Other, LogLevel.Error, exception, "An Unexpected Error Has Occurred In {ModuleDefinitionName}: {Error}", ModuleState.ModuleDefinitionName, exception.Message);
+		await LoggingService.Log(null, ModuleState.PageId, ModuleState.ModuleId, PageState.User?.UserId, category, feature, LogFunction.Other, LogLevel.Error, exception, "An Unexpected Error Has Occurred In {ModuleDefinitionName}: {Error}", ModuleState.ModuleDefinitionName, exception.Message);
 		await base.OnErrorAsync(exception);
 		return;
 	}
diff --git a/Oqtane.Client/UI/SiteRouter.razor b/Oqtane.Client/UI/SiteRouter.razor
index f003bd49..5545758b 100644
--- a/Oqtane.Client/UI/SiteRouter.razor
+++ b/Oqtane.Client/UI/SiteRouter.razor
@@ -250,7 +250,7 @@
 					if (user == null)
 					{
 						// redirect to login page if user not logged in as they may need to be authenticated
-						NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "login", "?returnurl=" + route.AbsolutePath));
+						NavigationManager.NavigateTo(Utilities.NavigateUrl(SiteState.Alias.Path, "login", "?returnurl=" + WebUtility.UrlEncode(route.PathAndQuery)));
 					}
 					else
 					{
@@ -299,18 +299,24 @@
 			{
 				query = query.Substring(1); // ignore "?"
 			}
-			foreach (string kvp in query.Split(new[] { '&' }, StringSplitOptions.RemoveEmptyEntries))
+			foreach (string kvp in query.Split('&', StringSplitOptions.RemoveEmptyEntries))
 			{
 				if (kvp != "")
 				{
 					if (kvp.Contains("="))
 					{
 						string[] pair = kvp.Split('=');
-						querystring.Add(pair[0], pair[1]);
+						if (!querystring.ContainsKey(pair[0]))
+						{
+							querystring.Add(pair[0], pair[1]);
+						}
 					}
 					else
 					{
-						querystring.Add(kvp, "true"); // default parameter when no value is provided
+						if (!querystring.ContainsKey(kvp))
+						{
+							querystring.Add(kvp, "true"); // default parameter when no value is provided
+						}
 					}
 				}
 			}
@@ -358,7 +364,7 @@
 			}
 			if (!string.IsNullOrEmpty(panes))
 			{
-				page.Panes = panes.Replace(";", ",").Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).ToList();
+				page.Panes = panes.Replace(";", ",").Split(',', StringSplitOptions.RemoveEmptyEntries).ToList();
 				if (!page.Panes.Contains(PaneNames.Default) && !page.Panes.Contains(PaneNames.Admin))
 				{
 					_error = "The Current Theme Does Not Contain A Default Or Admin Pane";
@@ -407,7 +413,7 @@
 					// check if the module defines custom action routes
 					if (module.ModuleDefinition.ControlTypeRoutes != "")
 					{
-						foreach (string route in module.ModuleDefinition.ControlTypeRoutes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+						foreach (string route in module.ModuleDefinition.ControlTypeRoutes.Split(';', StringSplitOptions.RemoveEmptyEntries))
 						{
 							if (route.StartsWith(action + "="))
 							{
diff --git a/Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj b/Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj
index 2165fe58..88374492 100644
--- a/Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj
+++ b/Oqtane.Database.MySQL/Oqtane.Database.MySQL.csproj
@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
diff --git a/Oqtane.Database.MySQL/Oqtane.Database.MySQL.nuspec b/Oqtane.Database.MySQL/Oqtane.Database.MySQL.nuspec
index 22472224..dfce873c 100644
--- a/Oqtane.Database.MySQL/Oqtane.Database.MySQL.nuspec
+++ b/Oqtane.Database.MySQL/Oqtane.Database.MySQL.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.MySQL</id>
-        <version>3.2.1</version>
+        <version>3.3.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane MySQL Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>
diff --git a/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj b/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj
index 4e5cc103..975d8b1e 100644
--- a/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj
+++ b/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.csproj
@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
diff --git a/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.nuspec b/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.nuspec
index 3c18059e..4c3466bf 100644
--- a/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.nuspec
+++ b/Oqtane.Database.PostgreSQL/Oqtane.Database.PostgreSQL.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.PostgreSQL</id>
-        <version>3.2.1</version>
+        <version>3.3.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane PostgreSQL Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>
diff --git a/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj b/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj
index 7fd3c6d3..cfbda3c5 100644
--- a/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj
+++ b/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.csproj
@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
diff --git a/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.nuspec b/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.nuspec
index f409c2b6..de65787d 100644
--- a/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.nuspec
+++ b/Oqtane.Database.SqlServer/Oqtane.Database.SqlServer.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.SqlServer</id>
-        <version>3.2.1</version>
+        <version>3.3.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane SQL Server Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>
diff --git a/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj b/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj
index 6f93f18c..4837dd37 100644
--- a/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj
+++ b/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.csproj
@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -10,7 +10,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
diff --git a/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.nuspec b/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.nuspec
index d026867b..96309218 100644
--- a/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.nuspec
+++ b/Oqtane.Database.Sqlite/Oqtane.Database.Sqlite.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
     <metadata>
         <id>Oqtane.Database.Sqlite</id>
-        <version>3.2.1</version>
+        <version>3.3.1</version>
         <authors>Shaun Walker</authors>
         <owners>.NET Foundation</owners>
         <title>Oqtane SQLite Provider</title>
@@ -12,7 +12,7 @@
         <requireLicenseAcceptance>false</requireLicenseAcceptance>
         <license type="expression">MIT</license>
         <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+        <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
         <icon>icon.png</icon>
         <tags>oqtane</tags>
     </metadata>
diff --git a/Oqtane.Maui/Oqtane.Maui.csproj b/Oqtane.Maui/Oqtane.Maui.csproj
index a239a32b..88a6875b 100644
--- a/Oqtane.Maui/Oqtane.Maui.csproj
+++ b/Oqtane.Maui/Oqtane.Maui.csproj
@@ -6,7 +6,7 @@
 		<!-- Uncomment to also build the tizen app. You will need to install tizen by following this: https://github.com/Samsung/Tizen.NET -->
 		<!-- <TargetFrameworks>$(TargetFrameworks);net6.0-tizen</TargetFrameworks> -->
 		<OutputType>Exe</OutputType>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -14,7 +14,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane.Maui</RootNamespace>
@@ -31,7 +31,7 @@
 		<ApplicationIdGuid>0E29FC31-1B83-48ED-B6E0-9F3C67B775D4</ApplicationIdGuid>
     
 		<!-- Versions -->
-		<ApplicationDisplayVersion>3.2.1</ApplicationDisplayVersion>
+		<ApplicationDisplayVersion>3.3.1</ApplicationDisplayVersion>
 		<ApplicationVersion>1</ApplicationVersion>
 
 		<SupportedOSPlatformVersion Condition="$([MSBuild]::GetTargetPlatformIdentifier('$(TargetFramework)')) == 'ios'">14.2</SupportedOSPlatformVersion>
@@ -71,8 +71,8 @@
     <PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" />
     <PackageReference Include="Microsoft.Extensions.Localization" Version="6.0.3" />
     <PackageReference Include="System.Net.Http.Json" Version="6.0.0" />
-    <PackageReference Include="Oqtane.Client" Version="3.2.1" />
-    <PackageReference Include="Oqtane.Shared" Version="3.2.1" />
+    <PackageReference Include="Oqtane.Client" Version="3.3.1" />
+    <PackageReference Include="Oqtane.Shared" Version="3.3.1" />
   </ItemGroup>
 
 </Project>
diff --git a/Oqtane.Package/Oqtane.Client.nuspec b/Oqtane.Package/Oqtane.Client.nuspec
index e00d316e..478fe7b4 100644
--- a/Oqtane.Package/Oqtane.Client.nuspec
+++ b/Oqtane.Package/Oqtane.Client.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Client</id>
-    <version>3.2.1</version>
+    <version>3.3.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>
diff --git a/Oqtane.Package/Oqtane.Framework.nuspec b/Oqtane.Package/Oqtane.Framework.nuspec
index 6770b223..d78dee7a 100644
--- a/Oqtane.Package/Oqtane.Framework.nuspec
+++ b/Oqtane.Package/Oqtane.Framework.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Framework</id>
-    <version>3.2.1</version>
+    <version>3.3.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -11,8 +11,8 @@
     <copyright>.NET Foundation</copyright>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
-    <projectUrl>https://github.com/oqtane/oqtane.framework/releases/download/v3.2.1/Oqtane.Framework.3.2.1.Upgrade.zip</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+    <projectUrl>https://github.com/oqtane/oqtane.framework/releases/download/v3.3.1/Oqtane.Framework.3.3.1.Upgrade.zip</projectUrl>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane framework</tags>
   </metadata>
diff --git a/Oqtane.Package/Oqtane.Server.nuspec b/Oqtane.Package/Oqtane.Server.nuspec
index 62de57e5..98a91a26 100644
--- a/Oqtane.Package/Oqtane.Server.nuspec
+++ b/Oqtane.Package/Oqtane.Server.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Server</id>
-    <version>3.2.1</version>
+    <version>3.3.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>
diff --git a/Oqtane.Package/Oqtane.Shared.nuspec b/Oqtane.Package/Oqtane.Shared.nuspec
index 7611f471..991a4eb2 100644
--- a/Oqtane.Package/Oqtane.Shared.nuspec
+++ b/Oqtane.Package/Oqtane.Shared.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Shared</id>
-    <version>3.2.1</version>
+    <version>3.3.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>
diff --git a/Oqtane.Package/Oqtane.Updater.nuspec b/Oqtane.Package/Oqtane.Updater.nuspec
index ee1e61f4..dbebd9d7 100644
--- a/Oqtane.Package/Oqtane.Updater.nuspec
+++ b/Oqtane.Package/Oqtane.Updater.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Oqtane.Updater</id>
-    <version>3.2.1</version>
+    <version>3.3.1</version>
     <authors>Shaun Walker</authors>
     <owners>.NET Foundation</owners>
     <title>Oqtane Framework</title>
@@ -12,7 +12,7 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/oqtane/oqtane.framework</projectUrl>
-    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</releaseNotes>
+    <releaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</releaseNotes>
     <icon>icon.png</icon>
     <tags>oqtane</tags>
   </metadata>
diff --git a/Oqtane.Package/install.ps1 b/Oqtane.Package/install.ps1
index 81b2aefc..40923eab 100644
--- a/Oqtane.Package/install.ps1
+++ b/Oqtane.Package/install.ps1
@@ -1 +1 @@
-Compress-Archive -Path "..\Oqtane.Server\bin\Release\net6.0\publish\*" -DestinationPath "Oqtane.Framework.3.2.1.Install.zip" -Force 
\ No newline at end of file
+Compress-Archive -Path "..\Oqtane.Server\bin\Release\net6.0\publish\*" -DestinationPath "Oqtane.Framework.3.3.1.Install.zip" -Force 
\ No newline at end of file
diff --git a/Oqtane.Package/release.cmd b/Oqtane.Package/release.cmd
index 7aeb6ec9..05404321 100644
--- a/Oqtane.Package/release.cmd
+++ b/Oqtane.Package/release.cmd
@@ -13,6 +13,23 @@ rmdir /Q/S "..\Oqtane.Server\bin\Release\net6.0\publish"
 dotnet publish ..\Oqtane.Server\Oqtane.Server.csproj /p:Configuration=Release
 del /F/Q/S "..\Oqtane.Server\bin\Release\net6.0\publish\wwwroot\Content" > NUL
 rmdir /Q/S "..\Oqtane.Server\bin\Release\net6.0\publish\wwwroot\Content"
+setlocal ENABLEDELAYEDEXPANSION
+set retain=Oqtane.Modules.Admin.Login,Oqtane.Modules.HtmlText,Templates
+for /D %%i in ("..\Oqtane.Server\bin\Release\net6.0\publish\wwwroot\Modules\*") do (
+set /A found=0
+for %%j in (%retain%) do (
+if "%%~nxi" == "%%j" set /A found=1
+)
+if not !found! == 1 rmdir /Q/S "%%i"
+)
+set retain=Oqtane.Themes.BlazorTheme,Oqtane.Themes.OqtaneTheme,Templates
+for /D %%i in ("..\Oqtane.Server\bin\Release\net6.0\publish\wwwroot\Themes\*") do (
+set /A found=0
+for %%j in (%retain%) do (
+if "%%~nxi" == "%%j" set /A found=1
+)
+if not !found! == 1 rmdir /Q/S "%%i"
+)
 del "..\Oqtane.Server\bin\Release\net6.0\publish\appsettings.json"
 ren "..\Oqtane.Server\bin\Release\net6.0\publish\appsettings.release.json" "appsettings.json"
 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe ".\install.ps1"
diff --git a/Oqtane.Package/upgrade.ps1 b/Oqtane.Package/upgrade.ps1
index f762eabb..8714a9cd 100644
--- a/Oqtane.Package/upgrade.ps1
+++ b/Oqtane.Package/upgrade.ps1
@@ -1 +1 @@
-Compress-Archive -Path "..\Oqtane.Server\bin\Release\net6.0\publish\*" -DestinationPath "Oqtane.Framework.3.2.1.Upgrade.zip" -Force 
\ No newline at end of file
+Compress-Archive -Path "..\Oqtane.Server\bin\Release\net6.0\publish\*" -DestinationPath "Oqtane.Framework.3.3.1.Upgrade.zip" -Force 
\ No newline at end of file
diff --git a/Oqtane.Server/Controllers/ApiController.cs b/Oqtane.Server/Controllers/ApiController.cs
deleted file mode 100644
index 3d37816e..00000000
--- a/Oqtane.Server/Controllers/ApiController.cs
+++ /dev/null
@@ -1,172 +0,0 @@
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Authorization;
-using System.Collections.Generic;
-using Oqtane.Shared;
-using Oqtane.Models;
-using Oqtane.Infrastructure;
-using Oqtane.Enums;
-using System.Net;
-using Oqtane.Repository;
-using Oqtane.Extensions;
-using System.Reflection;
-using System;
-using System.Linq;
-
-namespace Oqtane.Controllers
-{
-    [Route(ControllerRoutes.ApiRoute)]
-    public class ApiController : Controller
-    {
-        private readonly IPermissionRepository _permissions;
-        private readonly IRoleRepository _roles;
-        private readonly ILogManager _logger;
-        private readonly Alias _alias;
-
-        public ApiController(IPermissionRepository permissions, IRoleRepository roles, ILogManager logger, ITenantManager tenantManager)
-        {
-            _permissions = permissions;
-            _roles = roles;
-            _logger = logger;
-            _alias = tenantManager.GetAlias();
-        }
-
-        // GET: api/<controller>?siteid=x
-        [HttpGet]
-        [Authorize(Roles = RoleNames.Admin)]
-        public List<Api> Get(string siteid)
-        {
-            int SiteId;
-            if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId)
-            {
-                var apis = new List<Api>();
-
-                var assemblies = AppDomain.CurrentDomain.GetOqtaneAssemblies();
-                foreach (var assembly in assemblies)
-                {
-                    // iterate controllers
-                    foreach (var type in assembly.GetTypes().Where(type => typeof(Controller).IsAssignableFrom(type)))
-                    {
-                        // iterate controller methods with authorize attribute
-                        var actions = type.GetMethods(BindingFlags.Public | BindingFlags.Instance)
-                            .Where(m => m.GetCustomAttributes<AuthorizeAttribute>().Any());
-                        foreach(var action in actions)
-                        {
-                            // get policy
-                            var policy = action.GetCustomAttribute<AuthorizeAttribute>().Policy;
-                            if (!string.IsNullOrEmpty(policy) && policy.Contains(":") && !policy.Contains(Constants.RequireEntityId))
-                            {
-                                // parse policy
-                                var segments = policy.Split(':');
-                                if (!apis.Any(item => item.EntityName == segments[0]))
-                                {
-                                    apis.Add(new Api { SiteId = SiteId, EntityName = segments[0], Permissions = segments[1] });
-                                }
-                                else
-                                {
-                                    // concatenate permissions
-                                    var permissions = apis.SingleOrDefault(item => item.EntityName == segments[0]).Permissions;
-                                    if (!permissions.Split(',').Contains(segments[1]))
-                                    {
-                                        apis.SingleOrDefault(item => item.EntityName == segments[0]).Permissions += "," + segments[1];
-                                    }
-                                }
-                            }
-                        }
-                    }
-                }
-
-                return apis;
-            }
-            else
-            {
-                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Api Get Attempt {SiteId}", siteid);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
-                return null;
-            }
-        }
-
-        // GET: api/<controller>/1/user
-        [HttpGet("{siteid}/{entityname}")]
-        [Authorize(Roles = RoleNames.Admin)]
-        public Api Get(int siteid, string entityname)
-        {
-            if (siteid == _alias.SiteId)
-            {
-                var permissions = _permissions.GetPermissions(siteid, entityname);
-                if (permissions == null || permissions.ToList().Count == 0)
-                {
-                    permissions = GetPermissions(siteid, entityname);
-                }
-                return new Api { SiteId = siteid, EntityName = entityname, Permissions = permissions.EncodePermissions() };
-            }
-            else
-            {
-                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Api Get Attempt {SiteId} {EntityName}", siteid, entityname);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
-                return null;
-            }
-        }
-
-        // POST: api/<controller>
-        [HttpPost]
-        [Authorize(Roles = RoleNames.Admin)]
-        public void Post([FromBody] Api api)
-        {
-            if (ModelState.IsValid && api.SiteId == _alias.SiteId)
-            {
-                _permissions.UpdatePermissions(api.SiteId, api.EntityName, -1, api.Permissions);
-                _logger.Log(LogLevel.Information, this, LogFunction.Update, "Api Updated {Api}", api);
-            }
-            else
-            {
-                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Api Post Attempt {Api}", api);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
-            }
-        }
-
-        private List<Permission> GetPermissions(int siteid, string entityname)
-        {
-            var permissions = new List<Permission>();
-
-            var assemblies = AppDomain.CurrentDomain.GetOqtaneAssemblies();
-            foreach (var assembly in assemblies)
-            {
-                // iterate controllers
-                foreach (var type in assembly.GetTypes().Where(type => typeof(Controller).IsAssignableFrom(type)))
-                {
-                    // iterate controller methods with authorize attribute
-                    var actions = type.GetMethods(BindingFlags.Public | BindingFlags.Instance)
-                        .Where(m => m.GetCustomAttributes<AuthorizeAttribute>().Any());
-                    foreach (var action in actions)
-                    {
-                        // get policy
-                        var policy = action.GetCustomAttribute<AuthorizeAttribute>().Policy;
-                        if (!string.IsNullOrEmpty(policy) && policy.Contains(":") && !policy.Contains(Constants.RequireEntityId))
-                        {
-                            // parse policy
-                            var segments = policy.Split(':');
-                            // entity match
-                            if (segments[0] == entityname && segments.Length > 2)
-                            {
-                                var roles = _roles.GetRoles(siteid);
-                                foreach (var rolename in (segments[2]).Split(','))
-                                {
-                                    var role = roles.FirstOrDefault(item => item.Name == rolename);
-                                    if (role != null)
-                                    {
-                                        if (!permissions.Any(item => item.EntityName == entityname && item.PermissionName == segments[1] && item.RoleId == role.RoleId))
-                                        {
-                                            permissions.Add(new Permission { SiteId = siteid, EntityName = entityname, EntityId = -1, PermissionName = segments[1], RoleId = role.RoleId, Role = role, UserId = null, IsAuthorized = true });
-                                        }
-                                    }
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-
-            return permissions;
-        }
-    }
-}
diff --git a/Oqtane.Server/Controllers/FileController.cs b/Oqtane.Server/Controllers/FileController.cs
index cd6a9087..5473b154 100644
--- a/Oqtane.Server/Controllers/FileController.cs
+++ b/Oqtane.Server/Controllers/FileController.cs
@@ -20,7 +20,6 @@ using SixLabors.ImageSharp;
 using SixLabors.ImageSharp.Processing;
 using SixLabors.ImageSharp.Formats.Png;
 using System.Net.Http;
-using Oqtane.Migrations.Tenant;
 
 // ReSharper disable StringIndexOfIsCultureSpecific.1
 
@@ -142,7 +141,7 @@ namespace Oqtane.Controllers
             {
                 if (File.Name != file.Name || File.FolderId != file.FolderId)
                 {
-                    file.Folder = _folders.GetFolder(file.FolderId);
+                    file.Folder = _folders.GetFolder(file.FolderId, false);
                     string folderpath = _folders.GetFolderPath(file.Folder);
                     if (!Directory.Exists(folderpath))
                     {
@@ -151,7 +150,7 @@ namespace Oqtane.Controllers
                     System.IO.File.Move(_files.GetFilePath(File), Path.Combine(folderpath, file.Name));
                 }
 
-                var newfile = CreateFile(file.Name, file.Folder.FolderId, _files.GetFilePath(file));
+                var newfile = CreateFile(File.Name, file.Folder.FolderId, _files.GetFilePath(file));
                 if (newfile != null)
                 {
                     file.Extension = newfile.Extension;
@@ -659,10 +658,10 @@ namespace Oqtane.Controllers
             var file = _files.GetFile(folderid, filename);
 
             int size = 0;
-            var folder = _folders.GetFolder(folderid);
+            var folder = _folders.GetFolder(folderid, false);
             if (folder.Capacity != 0)
             {
-                foreach (var f in _files.GetFiles(folderid))
+                foreach (var f in _files.GetFiles(folderid, false))
                 {
                     size += f.Size;
                 }
diff --git a/Oqtane.Server/Controllers/ModuleController.cs b/Oqtane.Server/Controllers/ModuleController.cs
index dbc57f07..e292ef35 100644
--- a/Oqtane.Server/Controllers/ModuleController.cs
+++ b/Oqtane.Server/Controllers/ModuleController.cs
@@ -47,7 +47,6 @@ namespace Oqtane.Controllers
             int SiteId;
             if (int.TryParse(siteid, out SiteId) && SiteId == _alias.SiteId)
             {
-                List<ModuleDefinition> moduledefinitions = _moduleDefinitions.GetModuleDefinitions(SiteId).ToList();
                 List<Setting> settings = _settings.GetSettings(EntityNames.Module).ToList();
 
                 foreach (PageModule pagemodule in _pageModules.GetPageModules(SiteId))
@@ -75,7 +74,6 @@ namespace Oqtane.Controllers
                         module.Order = pagemodule.Order;
                         module.ContainerType = pagemodule.ContainerType;
 
-                        module.ModuleDefinition = moduledefinitions.Find(item => item.ModuleDefinitionName == module.ModuleDefinitionName);
                         module.Settings = settings.Where(item => item.EntityId == pagemodule.ModuleId)
                             .Where(item => !item.IsPrivate || _userPermissions.IsAuthorized(User, PermissionNames.Edit, pagemodule.Module.Permissions))
                             .ToDictionary(setting => setting.SettingName, setting => setting.SettingValue);
diff --git a/Oqtane.Server/Controllers/PageController.cs b/Oqtane.Server/Controllers/PageController.cs
index b363dc35..80d56d78 100644
--- a/Oqtane.Server/Controllers/PageController.cs
+++ b/Oqtane.Server/Controllers/PageController.cs
@@ -281,7 +281,7 @@ namespace Oqtane.Controllers
                 // synchronize module permissions
                 if (added.Count > 0 || removed.Count > 0)
                 {
-                    foreach (PageModule pageModule in _pageModules.GetPageModules(page.PageId, "").ToList())
+                    foreach (PageModule pageModule in _pageModules.GetPageModules(page.SiteId).Where(item => item.PageId == page.PageId).ToList())
                     {
                         var modulePermissions = _permissionRepository.GetPermissions(pageModule.Module.SiteId, EntityNames.Module, pageModule.Module.ModuleId).ToList();
                         // permissions added
diff --git a/Oqtane.Server/Controllers/PageModuleController.cs b/Oqtane.Server/Controllers/PageModuleController.cs
index af3d3890..86a949f3 100644
--- a/Oqtane.Server/Controllers/PageModuleController.cs
+++ b/Oqtane.Server/Controllers/PageModuleController.cs
@@ -120,7 +120,8 @@ namespace Oqtane.Controllers
             if (page != null && page.SiteId == _alias.SiteId && _userPermissions.IsAuthorized(User, page.SiteId, EntityNames.Page, pageid, PermissionNames.Edit))
             {
                 int order = 1;
-                List<PageModule> pagemodules = _pageModules.GetPageModules(pageid, pane).OrderBy(item => item.Order).ToList();
+                List<PageModule> pagemodules = _pageModules.GetPageModules(page.SiteId)
+                    .Where(item => item.PageId == pageid && item.Pane == pane).OrderBy(item => item.Order).ToList();
                 foreach (PageModule pagemodule in pagemodules)
                 {
                     if (pagemodule.Order != order)
diff --git a/Oqtane.Server/Controllers/ProfileController.cs b/Oqtane.Server/Controllers/ProfileController.cs
index 66d9e788..04f2c1bd 100644
--- a/Oqtane.Server/Controllers/ProfileController.cs
+++ b/Oqtane.Server/Controllers/ProfileController.cs
@@ -28,7 +28,7 @@ namespace Oqtane.Controllers
 
         // GET: api/<controller>?siteid=x
         [HttpGet]
-        [Authorize(Policy = $"{EntityNames.Profile}:{PermissionNames.Read}:{RoleNames.Registered}")]
+        [Authorize(Roles = RoleNames.Registered)]
         public IEnumerable<Profile> Get(string siteid)
         {
             int SiteId;
@@ -46,7 +46,7 @@ namespace Oqtane.Controllers
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
-        [Authorize(Policy = $"{EntityNames.Profile}:{PermissionNames.Read}:{RoleNames.Registered}")]
+        [Authorize(Roles = RoleNames.Registered)]
         public Profile Get(int id)
         {
             var profile = _profiles.GetProfile(id);
diff --git a/Oqtane.Server/Controllers/RoleController.cs b/Oqtane.Server/Controllers/RoleController.cs
index 82c1aadb..7a48bdc0 100644
--- a/Oqtane.Server/Controllers/RoleController.cs
+++ b/Oqtane.Server/Controllers/RoleController.cs
@@ -28,7 +28,7 @@ namespace Oqtane.Controllers
 
         // GET: api/<controller>?siteid=x&global=true/false
         [HttpGet]
-        [Authorize(Policy = $"{EntityNames.Role}:{PermissionNames.Read}:{RoleNames.Registered}")]
+        [Authorize(Roles = RoleNames.Registered)]
         public IEnumerable<Role> Get(string siteid, string global)
         {
             int SiteId;
@@ -50,7 +50,7 @@ namespace Oqtane.Controllers
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
-        [Authorize(Policy = $"{EntityNames.Role}:{PermissionNames.Read}:{RoleNames.Registered}")]
+        [Authorize(Roles = RoleNames.Registered)]
         public Role Get(int id)
         {
             var role = _roles.GetRole(id);
diff --git a/Oqtane.Server/Controllers/SettingController.cs b/Oqtane.Server/Controllers/SettingController.cs
index a3a04231..f60a5add 100644
--- a/Oqtane.Server/Controllers/SettingController.cs
+++ b/Oqtane.Server/Controllers/SettingController.cs
@@ -46,7 +46,7 @@ namespace Oqtane.Controllers
             _identityCache = identityCache;
             _logger = logger;
             _alias = tenantManager.GetAlias();
-            _visitorCookie = "APP_VISITOR_" + _alias.SiteId.ToString();
+            _visitorCookie = Constants.VisitorCookiePrefix + _alias.SiteId.ToString();
         }
 
         // GET: api/<controller>
@@ -64,8 +64,12 @@ namespace Oqtane.Controllers
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Settings {EntityName} {EntityId}", entityName, entityId);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                // suppress unauthorized visitor logging as it is usually caused by clients that do not support cookies 
+                if (entityName != EntityNames.Visitor) 
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Settings {EntityName} {EntityId}", entityName, entityId);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
             }
             return settings;
         }
@@ -85,8 +89,11 @@ namespace Oqtane.Controllers
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Setting {EntityName} {SettingId}", entityName, id);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                if (entityName != EntityNames.Visitor)
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Read, "User Not Authorized To Access Setting {EntityName} {SettingId}", entityName, id);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
                 return null;
             }
         }
@@ -103,8 +110,11 @@ namespace Oqtane.Controllers
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Create, "User Not Authorized To Add Setting {Setting}", setting);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                if (setting.EntityName != EntityNames.Visitor)
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Create, "User Not Authorized To Add Setting {Setting}", setting);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
                 setting = null;
             }
             return setting;
@@ -122,8 +132,11 @@ namespace Oqtane.Controllers
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Update, "User Not Authorized To Update Setting {Setting}", setting);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                if (setting.EntityName != EntityNames.Visitor)
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Update, "User Not Authorized To Update Setting {Setting}", setting);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
                 setting = null;
             }
             return setting;
@@ -142,8 +155,11 @@ namespace Oqtane.Controllers
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Delete, "User Not Authorized To Delete Setting {Setting}", setting);
-                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                if (entityName != EntityNames.Visitor)
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Delete, "User Not Authorized To Delete Setting {Setting}", setting);
+                    HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                }
             }
         }
 
@@ -212,13 +228,14 @@ namespace Oqtane.Controllers
                     authorized = true;
                     if (permissionName == PermissionNames.Edit)
                     {
-                        authorized = User.IsInRole(RoleNames.Admin) || (_userPermissions.GetUser(User).UserId == entityId);
+                        authorized = _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, -1, PermissionNames.Write, RoleNames.Admin) || (_userPermissions.GetUser(User).UserId == entityId);
                     }
                     break;
                 case EntityNames.Visitor:
                     authorized = User.IsInRole(RoleNames.Admin);
                     if (!authorized)
                     {
+                        // a visitor may have cookies disabled
                         if (int.TryParse(Request.Cookies[_visitorCookie], out int visitorId))
                         {
                             authorized = (visitorId == entityId);
@@ -226,13 +243,11 @@ namespace Oqtane.Controllers
                     }
                     break;
                 default: // custom entity
+                    authorized = true;
                     if (permissionName == PermissionNames.Edit)
                     {
-                        authorized = User.IsInRole(RoleNames.Admin) || _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, entityId, permissionName);
-                    }
-                    else
-                    {
-                        authorized = true;
+                        authorized = _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, entityId, permissionName) ||
+                            _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, -1, PermissionNames.Write, RoleNames.Admin);
                     }
                     break;
             }
diff --git a/Oqtane.Server/Controllers/SqlController.cs b/Oqtane.Server/Controllers/SqlController.cs
index 985f91d6..d755ed84 100644
--- a/Oqtane.Server/Controllers/SqlController.cs
+++ b/Oqtane.Server/Controllers/SqlController.cs
@@ -53,7 +53,7 @@ namespace Oqtane.Controllers
             catch (Exception ex)
             {
                 results.Add(new Dictionary<string, string>() { { "Error", ex.Message } });
-                _logger.Log(LogLevel.Error, this, LogFunction.Other, ex, "Sql Query {Query} Executed on Tenant {TenantId} Resulted In An Error {Error}", sqlquery.Query, sqlquery.TenantId, ex.Message);
+                _logger.Log(LogLevel.Warning, this, LogFunction.Other, "Sql Query {Query} Executed on Tenant {TenantId} Resulted In An Error {Error}", sqlquery.Query, sqlquery.TenantId, ex.Message);
             }
             sqlquery.Results = results;
             return sqlquery;
diff --git a/Oqtane.Server/Controllers/SystemController.cs b/Oqtane.Server/Controllers/SystemController.cs
index efe0d9e8..e6fb098c 100644
--- a/Oqtane.Server/Controllers/SystemController.cs
+++ b/Oqtane.Server/Controllers/SystemController.cs
@@ -6,6 +6,7 @@ using System;
 using Microsoft.AspNetCore.Hosting;
 using Oqtane.Infrastructure;
 using Microsoft.AspNetCore.Http.Features;
+using System.IO;
 
 namespace Oqtane.Controllers
 {
@@ -53,6 +54,15 @@ namespace Oqtane.Controllers
                     systeminfo.Add("UseSwagger", _configManager.GetSetting("UseSwagger", "true"));
                     systeminfo.Add("PackageService", _configManager.GetSetting("PackageService", "true"));
                     break;
+                case "log":
+                    string log = "";
+                    string path = Path.Combine(_environment.ContentRootPath, "Content", "Log", "error.log");
+                    if (System.IO.File.Exists(path))
+                    {
+                        log = System.IO.File.ReadAllText(path);
+                    }
+                    systeminfo.Add("Log", log);
+                    break;
             }
 
             return systeminfo;
@@ -74,7 +84,7 @@ namespace Oqtane.Controllers
         {
             foreach(KeyValuePair<string, object> kvp in settings)
             {
-                _configManager.AddOrUpdateSetting(kvp.Key, kvp.Value, false);
+                UpdateSetting(kvp.Key, kvp.Value);
             }
         }
 
@@ -83,7 +93,24 @@ namespace Oqtane.Controllers
         [Authorize(Roles = RoleNames.Host)]
         public void Put(string key, object value)
         {
-            _configManager.AddOrUpdateSetting(key, value, false);
+            UpdateSetting(key, value);
+        }
+
+        private void UpdateSetting(string key, object value)
+        {
+            switch (key)
+            {
+                case "Log":
+                    string path = Path.Combine(_environment.ContentRootPath, "Content", "Log", "error.log");
+                    if (System.IO.File.Exists(path))
+                    {
+                        System.IO.File.Delete(path);
+                    }
+                    break;
+                default:
+                    _configManager.AddOrUpdateSetting(key, value, false);
+                    break;
+            }
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/UserController.cs b/Oqtane.Server/Controllers/UserController.cs
index b872a6a2..01c7c61a 100644
--- a/Oqtane.Server/Controllers/UserController.cs
+++ b/Oqtane.Server/Controllers/UserController.cs
@@ -29,23 +29,25 @@ namespace Oqtane.Controllers
         private readonly ITenantManager _tenantManager;
         private readonly INotificationRepository _notifications;
         private readonly IFolderRepository _folders;
-        private readonly ISyncManager _syncManager;
         private readonly ISiteRepository _sites;
+        private readonly IUserPermissions _userPermissions;
         private readonly IJwtManager _jwtManager;
+        private readonly ISyncManager _syncManager;
         private readonly ILogManager _logger;
 
-        public UserController(IUserRepository users, IUserRoleRepository userRoles, UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, ITenantManager tenantManager, INotificationRepository notifications, IFolderRepository folders, ISyncManager syncManager, ISiteRepository sites, IJwtManager jwtManager, ILogManager logger)
+        public UserController(IUserRepository users, IUserRoleRepository userRoles, UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, ITenantManager tenantManager, INotificationRepository notifications, IFolderRepository folders, ISiteRepository sites, IUserPermissions userPermissions, IJwtManager jwtManager, ISyncManager syncManager, ILogManager logger)
         {
             _users = users;
             _userRoles = userRoles;
             _identityUserManager = identityUserManager;
             _identitySignInManager = identitySignInManager;
             _tenantManager = tenantManager;
-            _folders = folders;
             _notifications = notifications;
-            _syncManager = syncManager;
+            _folders = folders;
             _sites = sites;
+            _userPermissions = userPermissions;
             _jwtManager = jwtManager;
+            _syncManager = syncManager;
             _logger = logger;
         }
 
@@ -105,7 +107,7 @@ namespace Oqtane.Controllers
                 user.TwoFactorCode = "";
                 user.TwoFactorExpiry = null;
 
-                if (!User.IsInRole(RoleNames.Admin) && User.Identity.Name?.ToLower() != user.Username.ToLower())
+                if (!_userPermissions.IsAuthorized(User, user.SiteId, EntityNames.User, -1, PermissionNames.Write, RoleNames.Admin) && User.Identity.Name?.ToLower() != user.Username.ToLower())
                 {
                     user.Email = "";
                     user.PhotoFileId = null;
@@ -148,8 +150,8 @@ namespace Oqtane.Controllers
             User newUser = null;
 
             bool verified;
-            bool allowregistration;
-            if (User.IsInRole(RoleNames.Admin))
+            bool allowregistration;            
+            if (_userPermissions.IsAuthorized(User, user.SiteId, EntityNames.User, -1, PermissionNames.Write, RoleNames.Admin))
             {
                 verified = true;
                 allowregistration = true;
@@ -241,7 +243,8 @@ namespace Oqtane.Controllers
         [Authorize]
         public async Task<User> Put(int id, [FromBody] User user)
         {
-            if (ModelState.IsValid && user.SiteId == _tenantManager.GetAlias().SiteId && _users.GetUser(user.UserId, false) != null && (User.IsInRole(RoleNames.Admin) || User.Identity.Name == user.Username))
+            if (ModelState.IsValid && user.SiteId == _tenantManager.GetAlias().SiteId && _users.GetUser(user.UserId, false) != null
+                && (_userPermissions.IsAuthorized(User, user.SiteId, EntityNames.User, -1, PermissionNames.Write, RoleNames.Admin) || User.Identity.Name == user.Username))
             {
                 IdentityUser identityuser = await _identityUserManager.FindByNameAsync(user.Username);
                 if (identityuser != null)
@@ -287,7 +290,7 @@ namespace Oqtane.Controllers
 
         // DELETE api/<controller>/5?siteid=x
         [HttpDelete("{id}")]
-        [Authorize(Roles = RoleNames.Admin)]
+        [Authorize(Policy = $"{EntityNames.User}:{PermissionNames.Write}:{RoleNames.Admin}")]
         public async Task Delete(int id, string siteid)
         {
             int SiteId;
diff --git a/Oqtane.Server/Controllers/UserRoleController.cs b/Oqtane.Server/Controllers/UserRoleController.cs
index 05101732..ab083144 100644
--- a/Oqtane.Server/Controllers/UserRoleController.cs
+++ b/Oqtane.Server/Controllers/UserRoleController.cs
@@ -10,6 +10,7 @@ using System.Linq;
 using System.Net;
 using Oqtane.Security;
 using System;
+using Oqtane.Modules.Admin.Roles;
 
 namespace Oqtane.Controllers
 {
@@ -93,7 +94,7 @@ namespace Oqtane.Controllers
                 userrole.User.TwoFactorCode = "";
                 userrole.User.TwoFactorExpiry = null;
 
-                if (!User.IsInRole(RoleNames.Admin) && userid != userrole.User.UserId)
+                if (!_userPermissions.IsAuthorized(User, userrole.User.SiteId, EntityNames.User, -1, PermissionNames.Write, RoleNames.Admin) && userid != userrole.User.UserId)
                 {
                     userrole.User.Email = "";
                     userrole.User.PhotoFileId = null;
@@ -115,7 +116,7 @@ namespace Oqtane.Controllers
 
         // POST api/<controller>
         [HttpPost]
-        [Authorize(Roles = RoleNames.Admin)]
+        [Authorize(Policy = $"{EntityNames.UserRole}:{PermissionNames.Write}:{RoleNames.Admin}")]
         public UserRole Post([FromBody] UserRole userRole)
         {
             var role = _roles.GetRole(userRole.RoleId);
@@ -138,7 +139,7 @@ namespace Oqtane.Controllers
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        [Authorize(Roles = RoleNames.Admin)]
+        [Authorize(Policy = $"{EntityNames.UserRole}:{PermissionNames.Write}:{RoleNames.Admin}")]
         public UserRole Put(int id, [FromBody] UserRole userRole)
         {
             var role = _roles.GetRole(userRole.RoleId);
@@ -160,7 +161,7 @@ namespace Oqtane.Controllers
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
-        [Authorize(Roles = RoleNames.Admin)]
+        [Authorize(Policy = $"{EntityNames.UserRole}:{PermissionNames.Write}:{RoleNames.Admin}")]
         public void Delete(int id)
         {
             UserRole userrole = _userRoles.GetUserRole(id);
diff --git a/Oqtane.Server/Controllers/VisitorController.cs b/Oqtane.Server/Controllers/VisitorController.cs
index dfb9a63c..c4a8de73 100644
--- a/Oqtane.Server/Controllers/VisitorController.cs
+++ b/Oqtane.Server/Controllers/VisitorController.cs
@@ -50,7 +50,7 @@ namespace Oqtane.Controllers
             bool authorized = User.IsInRole(RoleNames.Admin);
             if (!authorized)
             {
-                var visitorCookie = "APP_VISITOR_" + _alias.SiteId.ToString();
+                var visitorCookie = Constants.VisitorCookiePrefix + _alias.SiteId.ToString();
                 if (int.TryParse(Request.Cookies[visitorCookie], out int visitorId))
                 {
                     authorized = (visitorId == id);
diff --git a/Oqtane.Server/Extensions/PermissionExtension.cs b/Oqtane.Server/Extensions/PermissionExtension.cs
index a4b44036..ba02e294 100644
--- a/Oqtane.Server/Extensions/PermissionExtension.cs
+++ b/Oqtane.Server/Extensions/PermissionExtension.cs
@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Linq;
 using System.Text;
 using System.Text.Json;
@@ -11,20 +11,22 @@ namespace Oqtane.Extensions
         public static string EncodePermissions(this IEnumerable<Permission> permissionList)
         {
             List<PermissionString> permissionstrings = new List<PermissionString>();
+            string entityname = "";
             string permissionname = "";
             string permissions = "";
             StringBuilder permissionsbuilder = new StringBuilder();
             string securityid = "";
-            foreach (Permission permission in permissionList.OrderBy(item => item.PermissionName))
+            foreach (Permission permission in permissionList.OrderBy(item => item.EntityName).ThenBy(item => item.PermissionName))
             {
-                // permission collections are grouped by permissionname
-                if (permissionname != permission.PermissionName)
+                // permission collections are grouped by entityname and permissionname
+                if (entityname != permission.EntityName || permissionname != permission.PermissionName)
                 {
                     permissions = permissionsbuilder.ToString();
                     if (permissions != "")
                     {
-                        permissionstrings.Add(new PermissionString { PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
+                        permissionstrings.Add(new PermissionString { EntityName = entityname, PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
                     }
+                    entityname = permission.EntityName;
                     permissionname = permission.PermissionName;
                     permissionsbuilder = new StringBuilder();
                 }
@@ -56,7 +58,7 @@ namespace Oqtane.Extensions
             permissions = permissionsbuilder.ToString();
             if (permissions != "")
             {
-                permissionstrings.Add(new PermissionString { PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
+                permissionstrings.Add(new PermissionString { EntityName = entityname, PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
             }
             return JsonSerializer.Serialize(permissionstrings);
         }
diff --git a/Oqtane.Server/Infrastructure/DatabaseManager.cs b/Oqtane.Server/Infrastructure/DatabaseManager.cs
index 0889a84c..ed4a730c 100644
--- a/Oqtane.Server/Infrastructure/DatabaseManager.cs
+++ b/Oqtane.Server/Infrastructure/DatabaseManager.cs
@@ -62,7 +62,7 @@ namespace Oqtane.Infrastructure
                         }
                         catch (Exception ex)
                         {
-                            result.Message = "Master Database Not Installed Correctly. " + ex.Message;
+                            result.Message = "Master Database Not Installed Correctly. " + ex.ToString();
                         }
                     }
                     else // cannot connect
@@ -74,7 +74,7 @@ namespace Oqtane.Infrastructure
                         }
                         catch (Exception ex)
                         {
-                            result.Message = "Cannot Connect To Master Database. " + ex.Message;
+                            result.Message = "Cannot Connect To Master Database. " + ex.ToString();
                         }
                     }
                 }
@@ -247,7 +247,7 @@ namespace Oqtane.Infrastructure
             }
             catch (Exception ex)
             {
-                result.Message = ex.Message;
+                result.Message = ex.ToString();
                 _filelogger.LogError(Utilities.LogMessage(this, result.Message));
             }
 
@@ -286,7 +286,7 @@ namespace Oqtane.Infrastructure
                 }
                 catch (Exception ex)
                 {
-                    result.Message = "An Error Occurred Creating The Database. This Is Usually Related To Your User Not Having Sufficient Rights To Perform This Operation. Please Note That You Can Also Create The Database Manually Prior To Initiating The Install Wizard. " + ex.Message;
+                    result.Message = "An Error Occurred Creating The Database. This Is Usually Related To Your User Not Having Sufficient Rights To Perform This Operation. Please Note That You Can Also Create The Database Manually Prior To Initiating The Install Wizard. " + ex.ToString();
                     _filelogger.LogError(Utilities.LogMessage(this, result.Message));
                 }
             }
@@ -327,7 +327,7 @@ namespace Oqtane.Infrastructure
                     }
                     catch (Exception ex)
                     {
-                        result.Message = "An Error Occurred Provisioning The Master Database. This Is Usually Related To The Master Database Not Being In A Supported State. " + ex.Message;
+                        result.Message = "An Error Occurred Provisioning The Master Database. This Is Usually Related To The Master Database Not Being In A Supported State. " + ex.ToString();
                         _filelogger.LogError(Utilities.LogMessage(this, result.Message));
                     }
                 }
@@ -370,7 +370,7 @@ namespace Oqtane.Infrastructure
                             tenant = db.Tenant.FirstOrDefault(item => item.Name == install.TenantName);
                         }
 
-                        var aliasNames = install.Aliases.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Select(sValue => sValue.Trim()).ToArray();
+                        var aliasNames = install.Aliases.Split(',', StringSplitOptions.RemoveEmptyEntries).Select(sValue => sValue.Trim()).ToArray();
                         var firstAlias = aliasNames[0];
                         foreach (var aliasName in aliasNames)
                         {
@@ -406,7 +406,7 @@ namespace Oqtane.Infrastructure
         {
             var result = new Installation { Success = false, Message = string.Empty };
 
-            var versions = Constants.ReleaseVersions.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
+            var versions = Constants.ReleaseVersions.Split(',', StringSplitOptions.RemoveEmptyEntries);
 
             using (var scope = _serviceScopeFactory.CreateScope())
             {
@@ -435,7 +435,7 @@ namespace Oqtane.Infrastructure
                         }
                         catch (Exception ex)
                         {
-                            result.Message = "An Error Occurred Migrating A Tenant Database. This Is Usually Related To A Tenant Database Not Being In A Supported State. " + ex.Message;
+                            result.Message = "An Error Occurred Migrating A Tenant Database. This Is Usually Related To A Tenant Database Not Being In A Supported State. " + ex.ToString();
                             _filelogger.LogError(Utilities.LogMessage(this, result.Message));
                         }
 
@@ -456,7 +456,7 @@ namespace Oqtane.Infrastructure
                             }
                             catch (Exception ex)
                             {
-                                result.Message = "An Error Occurred Executing Upgrade Logic. " + ex.Message;
+                                result.Message = "An Error Occurred Executing Upgrade Logic. " + ex.ToString();
                                 _filelogger.LogError(Utilities.LogMessage(this, result.Message));
                             }
                         }
@@ -486,7 +486,7 @@ namespace Oqtane.Infrastructure
                 {
                     if (!string.IsNullOrEmpty(moduleDefinition.ReleaseVersions))
                     {
-                        var versions = moduleDefinition.ReleaseVersions.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
+                        var versions = moduleDefinition.ReleaseVersions.Split(',', StringSplitOptions.RemoveEmptyEntries);
                         using (var db = GetInstallationContext())
                         {
                             if (!string.IsNullOrEmpty(moduleDefinition.ServerManagerType))
@@ -526,7 +526,7 @@ namespace Oqtane.Infrastructure
                                                 }
                                                 catch (Exception ex)
                                                 {
-                                                    result.Message = "An Error Occurred Installing " + moduleDefinition.Name + " Version " + versions[i] + " - " + ex.Message;
+                                                    result.Message = "An Error Occurred Installing " + moduleDefinition.Name + " Version " + versions[i] + " - " + ex.ToString();
                                                 }
                                             }
                                         }
@@ -575,7 +575,7 @@ namespace Oqtane.Infrastructure
                     {
                         // set the alias explicitly so the tenant can be resolved
                         var aliases = scope.ServiceProvider.GetRequiredService<IAliasRepository>();
-                        var aliasNames = install.Aliases.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Select(sValue => sValue.Trim()).ToArray();
+                        var aliasNames = install.Aliases.Split(',', StringSplitOptions.RemoveEmptyEntries).Select(sValue => sValue.Trim()).ToArray();
                         var firstAlias = aliasNames[0];
                         var alias = aliases.GetAliases().FirstOrDefault(item => item.Name == firstAlias);
                         var tenantManager = scope.ServiceProvider.GetRequiredService<ITenantManager>();
@@ -664,7 +664,7 @@ namespace Oqtane.Infrastructure
                 }
                 catch (Exception ex)
                 {
-                    result.Message = "An Error Occurred Creating Site. " + ex.Message;
+                    result.Message = "An Error Occurred Creating Site. " + ex.ToString();
                 }
             }
 
@@ -737,7 +737,7 @@ namespace Oqtane.Infrastructure
                                         }
                                         catch (Exception ex)
                                         {
-                                            logger.Log(alias.SiteId, Shared.LogLevel.Error, "Site Migration", LogFunction.Other, "An Error Occurred Executing Site Migration {Type} For {Alias} And Version {Version} {Error}", upgrade.Value, alias.Name, version, ex.Message);
+                                            logger.Log(alias.SiteId, Shared.LogLevel.Error, "Site Migration", LogFunction.Other, ex, "An Error Occurred Executing Site Migration {Type} For {Alias} And Version {Version}", upgrade.Value, alias.Name, version);
                                         }
                                     }
                                 }
diff --git a/Oqtane.Server/Infrastructure/Jobs/NotificationJob.cs b/Oqtane.Server/Infrastructure/Jobs/NotificationJob.cs
index 9ad9bbfd..13141b66 100644
--- a/Oqtane.Server/Infrastructure/Jobs/NotificationJob.cs
+++ b/Oqtane.Server/Infrastructure/Jobs/NotificationJob.cs
@@ -66,7 +66,7 @@ namespace Oqtane.Infrastructure
                     List<Notification> notifications = notificationRepository.GetNotifications(site.SiteId, -1, -1).ToList();
                     foreach (Notification notification in notifications)
                     {
-                        // get sender and receiver information if not provided
+                        // get sender and receiver information from user object if not provided
                         if ((string.IsNullOrEmpty(notification.FromEmail) || string.IsNullOrEmpty(notification.FromDisplayName)) && notification.FromUserId != null)
                         {
                             var user = userRepository.GetUser(notification.FromUserId.Value);
@@ -96,31 +96,41 @@ namespace Oqtane.Infrastructure
                         else
                         {
                             MailMessage mailMessage = new MailMessage();
-                            mailMessage.From = new MailAddress(settings["SMTPSender"], site.Name);
-                            mailMessage.Subject = notification.Subject;
-                            if (!string.IsNullOrEmpty(notification.FromEmail) && !string.IsNullOrEmpty(notification.FromDisplayName))
+
+                            // sender
+                            if (settings.ContainsKey("SMTPRelay") && settings["SMTPRelay"] == "True" && !string.IsNullOrEmpty(notification.FromEmail))
                             {
-                                mailMessage.Body = "From: " + notification.FromDisplayName + "<" + notification.FromEmail + ">" + "\n";
+                                if (!string.IsNullOrEmpty(notification.FromDisplayName))
+                                {
+                                    mailMessage.From = new MailAddress(notification.FromEmail, notification.FromDisplayName);
+                                }
+                                else
+                                {
+                                    mailMessage.From = new MailAddress(notification.FromEmail);
+                                }
                             }
                             else
                             {
-                                mailMessage.Body = "From: " + site.Name + "\n";
+                                mailMessage.From = new MailAddress(settings["SMTPSender"], (!string.IsNullOrEmpty(notification.FromDisplayName)) ? notification.FromDisplayName : site.Name);
                             }
-                            mailMessage.Body += "Sent: " + notification.CreatedOn + "\n";
-                            if (!string.IsNullOrEmpty(notification.ToEmail) && !string.IsNullOrEmpty(notification.ToDisplayName))
+
+                            // recipient
+                            if (!string.IsNullOrEmpty(notification.ToDisplayName))
                             {
                                 mailMessage.To.Add(new MailAddress(notification.ToEmail, notification.ToDisplayName));
-                                mailMessage.Body += "To: " + notification.ToDisplayName + "<" + notification.ToEmail + ">" + "\n";
                             }
                             else
                             {
                                 mailMessage.To.Add(new MailAddress(notification.ToEmail));
-                                mailMessage.Body += "To: " + notification.ToEmail + "\n";
                             }
-                            mailMessage.Body += "Subject: " + notification.Subject + "\n\n";
-                            mailMessage.Body += notification.Body;
 
-                            // set encoding
+                            // subject
+                            mailMessage.Subject = notification.Subject;
+
+                            //body
+                            mailMessage.Body = notification.Body;
+
+                            // encoding
                             mailMessage.SubjectEncoding = System.Text.Encoding.UTF8;
                             mailMessage.BodyEncoding = System.Text.Encoding.UTF8;
 
diff --git a/Oqtane.Server/Infrastructure/Middleware/TenantMiddleware.cs b/Oqtane.Server/Infrastructure/Middleware/TenantMiddleware.cs
index 87dc89c8..c3386bdd 100644
--- a/Oqtane.Server/Infrastructure/Middleware/TenantMiddleware.cs
+++ b/Oqtane.Server/Infrastructure/Middleware/TenantMiddleware.cs
@@ -43,10 +43,10 @@ namespace Oqtane.Infrastructure
                     });
                     context.Items.Add(Constants.HttpContextSiteSettingsKey, sitesettings);
 
-                    // rewrite path by removing alias path prefix from api and pages requests (for consistent routing)
+                    // rewrite path by removing alias path prefix from reserved route (api,pages,files) requests for consistent routes
                     if (!string.IsNullOrEmpty(alias.Path))
                     {
-                        if (path.StartsWith("/" + alias.Path) && (path.Contains("/api/") || path.Contains("/pages/")))
+                        if (path.StartsWith("/" + alias.Path) && (Constants.ReservedRoutes.Any(item => path.Contains("/" + item + "/"))))
                         {
                             context.Request.Path = path.Replace("/" + alias.Path, "");
                         }
diff --git a/Oqtane.Server/Infrastructure/SiteTemplates/DefaultSiteTemplate.cs b/Oqtane.Server/Infrastructure/SiteTemplates/DefaultSiteTemplate.cs
index 29058fea..a63773ba 100644
--- a/Oqtane.Server/Infrastructure/SiteTemplates/DefaultSiteTemplate.cs
+++ b/Oqtane.Server/Infrastructure/SiteTemplates/DefaultSiteTemplate.cs
@@ -68,7 +68,7 @@ namespace Oqtane.SiteTemplates
                             new Permission(PermissionNames.View, RoleNames.Admin, true),
                             new Permission(PermissionNames.Edit, RoleNames.Admin, true)
                         }.EncodePermissions(),
-                        Content = "<p>Copyright (c) 2018-2022 .NET Foundation</p>" +
+                        Content = "<p>Copyright (c) 2018-2023 .NET Foundation</p>" +
                         "<p>Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:</p>" +
                         "<p>The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.</p>" +
                         "<p>THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.</p>"
diff --git a/Oqtane.Server/Infrastructure/TenantManager.cs b/Oqtane.Server/Infrastructure/TenantManager.cs
index 53dd8d73..226f1d0a 100644
--- a/Oqtane.Server/Infrastructure/TenantManager.cs
+++ b/Oqtane.Server/Infrastructure/TenantManager.cs
@@ -37,7 +37,7 @@ namespace Oqtane.Infrastructure
                 {
                     // legacy support for client api requests which would include the alias as a path prefix ( ie. {alias}/api/[controller] )
                     int aliasId;
-                    string[] segments = httpcontext.Request.Path.Value.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
+                    string[] segments = httpcontext.Request.Path.Value.Split('/', StringSplitOptions.RemoveEmptyEntries);
                     if (segments.Length > 1 && Shared.Constants.ReservedRoutes.Contains(segments[1]) && int.TryParse(segments[0], out aliasId))
                     {
                         alias = _aliasRepository.GetAliases().ToList().FirstOrDefault(item => item.AliasId == aliasId);
diff --git a/Oqtane.Server/Infrastructure/UpgradeManager.cs b/Oqtane.Server/Infrastructure/UpgradeManager.cs
index 3e7c0231..90d8f17a 100644
--- a/Oqtane.Server/Infrastructure/UpgradeManager.cs
+++ b/Oqtane.Server/Infrastructure/UpgradeManager.cs
@@ -308,43 +308,45 @@ namespace Oqtane.Infrastructure
 
         private void Upgrade_3_3_0(Tenant tenant, IServiceScope scope)
         {
-            var pageTemplates = new List<PageTemplate>();
-
-            pageTemplates.Add(new PageTemplate
+            try
             {
-                Name = "API Management",
-                Parent = "Admin",
-                Order = 35,
-                Path = "admin/apis",
-                Icon = Icons.CloudDownload, 
-                IsNavigation = true,
-                IsPersonalizable = false,
-                PagePermissions = new List<Permission>
+                var roles = scope.ServiceProvider.GetRequiredService<IRoleRepository>();
+                var pages = scope.ServiceProvider.GetRequiredService<IPageRepository>();
+                var modules = scope.ServiceProvider.GetRequiredService<IModuleRepository>();
+                var permissions = scope.ServiceProvider.GetRequiredService<IPermissionRepository>();
+                var siteRepository = scope.ServiceProvider.GetRequiredService<ISiteRepository>();
+                foreach (Site site in siteRepository.GetSites().ToList())
                 {
-                    new Permission(PermissionNames.View, RoleNames.Admin, true),
-                    new Permission(PermissionNames.Edit, RoleNames.Admin, true)
-                }.EncodePermissions(),
-                PageTemplateModules = new List<PageTemplateModule>
-                {
-                    new PageTemplateModule
+                    int roleid = roles.GetRoles(site.SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered).RoleId;
+
+                    int pageid = pages.GetPages(site.SiteId).FirstOrDefault(item => item.Path == "admin").PageId;
+                    var permission = new Permission
                     {
-                        ModuleDefinitionName = typeof(Oqtane.Modules.Admin.Visitors.Index).ToModuleDefinitionName(), Title = "Visitor Management", Pane = PaneNames.Default,
-                        ModulePermissions = new List<Permission>
-                        {
-                            new Permission(PermissionNames.View, RoleNames.Admin, true),
-                            new Permission(PermissionNames.Edit, RoleNames.Admin, true)
-                        }.EncodePermissions(),
-                        Content = ""
-                    }
+                        SiteId = site.SiteId,
+                        EntityName = EntityNames.Page,
+                        EntityId = pageid,
+                        PermissionName = PermissionNames.View,
+                        RoleId = roleid,
+                        IsAuthorized = true
+                    };
+                    permissions.AddPermission(permission);
+
+                    int moduleid = modules.GetModules(site.SiteId).FirstOrDefault(item => item.ModuleDefinitionName == "Oqtane.Modules.Admin.Dashboard, Oqtane.Client").ModuleId;
+                    permission = new Permission
+                    {
+                        SiteId = site.SiteId,
+                        EntityName = EntityNames.Module,
+                        EntityId = moduleid,
+                        PermissionName = PermissionNames.View,
+                        RoleId = roleid,
+                        IsAuthorized = true
+                    };
+                    permissions.AddPermission(permission);
                 }
-            });
-
-            var pages = scope.ServiceProvider.GetRequiredService<IPageRepository>();
-
-            var sites = scope.ServiceProvider.GetRequiredService<ISiteRepository>();
-            foreach (Site site in sites.GetSites().ToList())
+            }
+            catch (Exception ex)
             {
-                sites.CreatePages(site, pageTemplates);
+                Debug.WriteLine($"Oqtane Error: Error In 3.3.0 Upgrade Logic - {ex}");
             }
         }
     }
diff --git a/Oqtane.Server/Migrations/Tenant/03030201_AddFolderFileIsDeletedColumns.cs b/Oqtane.Server/Migrations/Tenant/03030201_AddFolderFileIsDeletedColumns.cs
new file mode 100644
index 00000000..ad954a7d
--- /dev/null
+++ b/Oqtane.Server/Migrations/Tenant/03030201_AddFolderFileIsDeletedColumns.cs
@@ -0,0 +1,35 @@
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Oqtane.Databases.Interfaces;
+using Oqtane.Migrations.EntityBuilders;
+using Oqtane.Repository;
+
+namespace Oqtane.Migrations.Tenant
+{
+    [DbContext(typeof(TenantDBContext))]
+    [Migration("Tenant.03.03.02.01")]
+    public class AddFolderFileIsDeletedColumns : MultiDatabaseMigration
+    {
+        public AddFolderFileIsDeletedColumns(IDatabase database) : base(database)
+        {
+        }
+
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            // IsDeleted columns were removed in 3.2.2 however SQLite does not support column removal so they had to be restored
+            if (ActiveDatabase.Name != "Sqlite")
+            {
+                var folderEntityBuilder = new FolderEntityBuilder(migrationBuilder, ActiveDatabase);
+                folderEntityBuilder.AddBooleanColumn("IsDeleted", true);
+
+                var fileEntityBuilder = new FileEntityBuilder(migrationBuilder, ActiveDatabase);
+                fileEntityBuilder.AddBooleanColumn("IsDeleted", true);
+            }
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            // not implemented
+        }
+    }
+}
diff --git a/Oqtane.Server/Oqtane.Server.csproj b/Oqtane.Server/Oqtane.Server.csproj
index 7b53a44e..405c4d36 100644
--- a/Oqtane.Server/Oqtane.Server.csproj
+++ b/Oqtane.Server/Oqtane.Server.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <Configurations>Debug;Release</Configurations>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -11,7 +11,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
diff --git a/Oqtane.Server/Pages/Login.cshtml.cs b/Oqtane.Server/Pages/Login.cshtml.cs
index 40202a16..7fa4bb87 100644
--- a/Oqtane.Server/Pages/Login.cshtml.cs
+++ b/Oqtane.Server/Pages/Login.cshtml.cs
@@ -1,3 +1,4 @@
+using System.Net;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
@@ -43,6 +44,10 @@ namespace Oqtane.Pages
             {
                 returnurl = "";
             }
+            else
+            {
+                returnurl = WebUtility.UrlDecode(returnurl);
+            }
             if (!returnurl.StartsWith("/"))
             {
                 returnurl = "/" + returnurl;
diff --git a/Oqtane.Server/Pages/_Host.cshtml.cs b/Oqtane.Server/Pages/_Host.cshtml.cs
index 8b3044da..bf49849b 100644
--- a/Oqtane.Server/Pages/_Host.cshtml.cs
+++ b/Oqtane.Server/Pages/_Host.cshtml.cs
@@ -20,7 +20,6 @@ using Oqtane.Enums;
 using Oqtane.Security;
 using Oqtane.Extensions;
 using Oqtane.Themes;
-using Oqtane.UI;
 
 namespace Oqtane.Pages
 {
@@ -285,7 +284,7 @@ namespace Oqtane.Pages
                 // check if cookie already exists
                 Visitor visitor = null;
                 bool addcookie = false;
-                var VisitorCookie = "APP_VISITOR_" + SiteId.ToString();
+                var VisitorCookie = Constants.VisitorCookiePrefix + SiteId.ToString();
                 if (!int.TryParse(Request.Cookies[VisitorCookie], out VisitorId))
                 {
                     // if enabled use IP Address correlation
diff --git a/Oqtane.Server/Repository/AliasRepository.cs b/Oqtane.Server/Repository/AliasRepository.cs
index cbe3bd9c..1f914e6c 100644
--- a/Oqtane.Server/Repository/AliasRepository.cs
+++ b/Oqtane.Server/Repository/AliasRepository.cs
@@ -67,7 +67,7 @@ namespace Oqtane.Repository
             Alias alias = null;
 
             List<Alias> aliases = GetAliases().ToList();
-            var segments = url.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
+            var segments = url.Split('/', StringSplitOptions.RemoveEmptyEntries);
 
             // iterate segments to find keywords
             int start = segments.Length;
diff --git a/Oqtane.Server/Repository/Context/DBContextBase.cs b/Oqtane.Server/Repository/Context/DBContextBase.cs
index 926bdcf2..6d876d47 100644
--- a/Oqtane.Server/Repository/Context/DBContextBase.cs
+++ b/Oqtane.Server/Repository/Context/DBContextBase.cs
@@ -31,7 +31,7 @@ namespace Oqtane.Repository
             _accessor = httpContextAccessor;
         }
 
-        public IDatabase ActiveDatabase { get; private set; }
+        public IDatabase ActiveDatabase { get; set; }
 
         protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
         {
diff --git a/Oqtane.Server/Repository/FileRepository.cs b/Oqtane.Server/Repository/FileRepository.cs
index bd76e18f..cd56a3e4 100644
--- a/Oqtane.Server/Repository/FileRepository.cs
+++ b/Oqtane.Server/Repository/FileRepository.cs
@@ -1,4 +1,3 @@
-using System;
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
@@ -27,10 +26,23 @@ namespace Oqtane.Repository
         }
 
         public IEnumerable<File> GetFiles(int folderId)
+        {
+            return GetFiles(folderId, true);
+        }
+
+        public IEnumerable<File> GetFiles(int folderId, bool tracking)
         {
             var alias = _tenants.GetAlias();
             IEnumerable<Permission> permissions = _permissions.GetPermissions(alias.SiteId, EntityNames.Folder, folderId).ToList();
-            IEnumerable<File> files = _db.File.Where(item => item.FolderId == folderId).Include(item => item.Folder);
+            IEnumerable<File> files;
+            if (tracking)
+            {
+                files = _db.File.Where(item => item.FolderId == folderId).Include(item => item.Folder);
+            }
+            else
+            {
+                files = _db.File.AsNoTracking().Where(item => item.FolderId == folderId).Include(item => item.Folder);
+            }
             foreach (File file in files)
             {
                 file.Folder.Permissions = permissions.EncodePermissions();
@@ -41,6 +53,7 @@ namespace Oqtane.Repository
 
         public File AddFile(File file)
         {
+            file.IsDeleted = false;
             _db.File.Add(file);
             _db.SaveChanges();
             file.Folder = _folderRepository.GetFolder(file.FolderId);
@@ -134,7 +147,7 @@ namespace Oqtane.Repository
         public string GetFilePath(File file)
         {
             if (file == null) return null;
-            var folder = file.Folder ?? _db.Folder.Find(file.FolderId);
+            var folder = file.Folder ?? _db.Folder.AsNoTracking().FirstOrDefault(item => item.FolderId == file.FolderId);
             var filepath = Path.Combine(_folderRepository.GetFolderPath(folder), file.Name);
             return filepath;
         }
diff --git a/Oqtane.Server/Repository/FolderRepository.cs b/Oqtane.Server/Repository/FolderRepository.cs
index d82ac0e4..111f7c79 100644
--- a/Oqtane.Server/Repository/FolderRepository.cs
+++ b/Oqtane.Server/Repository/FolderRepository.cs
@@ -37,6 +37,7 @@ namespace Oqtane.Repository
 
         public Folder AddFolder(Folder folder)
         {
+            folder.IsDeleted = false;
             _db.Folder.Add(folder);
             _db.SaveChanges();
             _permissions.UpdatePermissions(folder.SiteId, EntityNames.Folder, folder.FolderId, folder.Permissions);
diff --git a/Oqtane.Server/Repository/Interfaces/IFileRepository.cs b/Oqtane.Server/Repository/Interfaces/IFileRepository.cs
index 556d02de..214b03d8 100644
--- a/Oqtane.Server/Repository/Interfaces/IFileRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IFileRepository.cs
@@ -6,6 +6,7 @@ namespace Oqtane.Repository
     public interface IFileRepository
     {
         IEnumerable<File> GetFiles(int folderId);
+        IEnumerable<File> GetFiles(int folderId, bool tracking);
         File AddFile(File file);
         File UpdateFile(File file);
         File GetFile(int fileId);
diff --git a/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs b/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
index 6085fcc2..a3ac66e5 100644
--- a/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
@@ -6,7 +6,6 @@ namespace Oqtane.Repository
     public interface IPageModuleRepository
     {
         IEnumerable<PageModule> GetPageModules(int siteId);
-        IEnumerable<PageModule> GetPageModules(int pageId, string pane);
         PageModule AddPageModule(PageModule pageModule);
         PageModule UpdatePageModule(PageModule pageModule);
         PageModule GetPageModule(int pageModuleId);
diff --git a/Oqtane.Server/Repository/PageModuleRepository.cs b/Oqtane.Server/Repository/PageModuleRepository.cs
index fa4ba0d2..76e63766 100644
--- a/Oqtane.Server/Repository/PageModuleRepository.cs
+++ b/Oqtane.Server/Repository/PageModuleRepository.cs
@@ -10,46 +10,28 @@ namespace Oqtane.Repository
     public class PageModuleRepository : IPageModuleRepository
     {
         private TenantDBContext _db;
+        private readonly IModuleDefinitionRepository _moduleDefinitions;
         private readonly IPermissionRepository _permissions;
 
-        public PageModuleRepository(TenantDBContext context, IPermissionRepository permissions)
+        public PageModuleRepository(TenantDBContext context, IModuleDefinitionRepository moduleDefinitions, IPermissionRepository permissions)
         {
             _db = context;
+            _moduleDefinitions = moduleDefinitions;
             _permissions = permissions;
         }
 
         public IEnumerable<PageModule> GetPageModules(int siteId)
         {
-            IEnumerable<PageModule> pagemodules = _db.PageModule
+            var pagemodules = _db.PageModule
                 .Include(item => item.Module) // eager load modules
-                .Where(item => item.Module.SiteId == siteId);
+                .Where(item => item.Module.SiteId == siteId).ToList();
             if (pagemodules.Any())
             {
-                IEnumerable<Permission> permissions = _permissions.GetPermissions(siteId, EntityNames.Module).ToList();
-                foreach (PageModule pagemodule in pagemodules)
+                var moduledefinitions = _moduleDefinitions.GetModuleDefinitions(siteId).ToList();
+                var permissions = _permissions.GetPermissions(siteId, EntityNames.Module).ToList();
+                for (int index = 0; index < pagemodules.Count; index++)
                 {
-                    pagemodule.Module.Permissions = permissions.Where(item => item.EntityId == pagemodule.ModuleId).EncodePermissions();
-                }
-            }
-            return pagemodules;
-        }
-
-        public IEnumerable<PageModule> GetPageModules(int pageId, string pane)
-        {
-            IEnumerable<PageModule> pagemodules = _db.PageModule
-                .Include(item => item.Module) // eager load modules
-                .Where(item => item.PageId == pageId);
-            if (pane != "" && pagemodules.Any())
-            {
-                pagemodules = pagemodules.Where(item => item.Pane == pane);
-            }
-            if (pagemodules.Any())
-            {
-                var siteId = pagemodules.FirstOrDefault().Module.SiteId;
-                IEnumerable<Permission> permissions = _permissions.GetPermissions(siteId, EntityNames.Module).ToList();
-                foreach (PageModule pagemodule in pagemodules)
-                {
-                    pagemodule.Module.Permissions = permissions.Where(item => item.EntityId == pagemodule.ModuleId).EncodePermissions();
+                    pagemodules[index] = GetPageModule(pagemodules[index], moduledefinitions, permissions);
                 }
             }
             return pagemodules;
@@ -89,7 +71,9 @@ namespace Oqtane.Repository
             }
             if (pagemodule != null)
             {
-                pagemodule.Module.Permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module, pagemodule.ModuleId)?.EncodePermissions();
+                var moduledefinitions = _moduleDefinitions.GetModuleDefinitions(pagemodule.Module.SiteId).ToList();
+                var permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module).ToList();
+                pagemodule = GetPageModule(pagemodule, moduledefinitions, permissions);
             }
             return pagemodule;
         }
@@ -100,7 +84,9 @@ namespace Oqtane.Repository
                 .SingleOrDefault(item => item.PageId == pageId && item.ModuleId == moduleId);
             if (pagemodule != null)
             {
-                pagemodule.Module.Permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module, pagemodule.ModuleId)?.EncodePermissions();
+                var moduledefinitions = _moduleDefinitions.GetModuleDefinitions(pagemodule.Module.SiteId).ToList();
+                var permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module).ToList();
+                pagemodule = GetPageModule(pagemodule, moduledefinitions, permissions);
             }
             return pagemodule;
         }
@@ -111,5 +97,30 @@ namespace Oqtane.Repository
             _db.PageModule.Remove(pageModule);
             _db.SaveChanges();
         }
+
+        private PageModule GetPageModule(PageModule pageModule, List<ModuleDefinition> moduleDefinitions, List<Permission> modulePermissions)
+        {
+            var permissions = modulePermissions.Where(item => item.EntityId == pageModule.ModuleId).ToList();
+
+            // moduledefinition permissionnames can specify permissions for other entities (ie. API permissions)
+            pageModule.Module.ModuleDefinition = moduleDefinitions.Find(item => item.ModuleDefinitionName == pageModule.Module.ModuleDefinitionName);
+            if (pageModule.Module.ModuleDefinition != null && !string.IsNullOrEmpty(pageModule.Module.ModuleDefinition.PermissionNames) && pageModule.Module.ModuleDefinition.PermissionNames.Contains(":"))
+            {
+                foreach (var permissionname in pageModule.Module.ModuleDefinition.PermissionNames.Split(",", System.StringSplitOptions.RemoveEmptyEntries))
+                {
+                    if (permissionname.Contains(":"))
+                    {
+                        // moduledefinition permissionnames can be in the form of "EntityName:PermissionName:Roles"
+                        var segments = permissionname.Split(':');
+                        if (segments.Length == 3 && segments[0] != EntityNames.Module)
+                        {
+                            permissions.AddRange(_permissions.GetPermissions(pageModule.Module.SiteId, segments[0], segments[1]).Where(item => item.EntityId == -1));
+                        }
+                    }
+                }
+            }
+            pageModule.Module.Permissions = permissions?.EncodePermissions();
+            return pageModule;
+        }
     }
 }
diff --git a/Oqtane.Server/Repository/PermissionRepository.cs b/Oqtane.Server/Repository/PermissionRepository.cs
index 7db1a807..d6e3d75f 100644
--- a/Oqtane.Server/Repository/PermissionRepository.cs
+++ b/Oqtane.Server/Repository/PermissionRepository.cs
@@ -79,23 +79,53 @@ namespace Oqtane.Repository
 
         public void UpdatePermissions(int siteId, string entityName, int entityId, string permissionStrings)
         {
-            // get current permissions and delete
-            IEnumerable<Permission> permissions = _db.Permission
-                .Where(item => item.EntityName == entityName)
-                .Where(item => item.EntityId == entityId)
-                .Where(item => item.SiteId == siteId);
-            foreach (Permission permission in permissions)
+            bool modified = false;
+            var existing = new List<Permission>();
+            var permissions = DecodePermissions(permissionStrings, siteId, entityName, entityId);
+            foreach (var permission in permissions)
             {
-                _db.Permission.Remove(permission);
+                if (!existing.Any(item => item.EntityName == permission.EntityName && item.PermissionName == permission.PermissionName))
+                {
+                    existing.AddRange(GetPermissions(siteId, permission.EntityName, permission.PermissionName)
+                        .Where(item => item.EntityId == entityId || item.EntityId == -1));
+                }
+
+                var current = existing.FirstOrDefault(item => item.EntityName == permission.EntityName && item.EntityId == permission.EntityId
+                    && item.PermissionName == permission.PermissionName && item.RoleId == permission.RoleId && item.UserId == permission.UserId);
+                if (current != null)
+                {
+                    if (current.IsAuthorized != permission.IsAuthorized)
+                    {
+                        current.IsAuthorized = permission.IsAuthorized;
+                        current.Role = null; // remove linked reference to Role which can cause errors in EF Core change tracking
+                        _db.Entry(current).State = EntityState.Modified;
+                        modified = true;
+                    }
+                }
+                else
+                {
+                    _db.Permission.Add(permission);
+                    modified = true;
+                }
             }
-            // add permissions
-            permissions = DecodePermissions(permissionStrings, siteId, entityName, entityId);
-            foreach (Permission permission in permissions)
+            foreach (var permission in existing)
             {
-                _db.Permission.Add(permission);
+                if (!permissions.Any(item => item.EntityName == permission.EntityName && item.PermissionName == permission.PermissionName
+                    && item.EntityId == permission.EntityId && item.RoleId == permission.RoleId && item.UserId == permission.UserId))
+                {
+                    permission.Role = null; // remove linked reference to Role which can cause errors in EF Core change tracking
+                    _db.Permission.Remove(permission);
+                    modified = true;
+                }
+            }
+            if (modified)
+            {
+                _db.SaveChanges();
+                foreach (var entityname in permissions.Select(item => item.EntityName).Distinct())
+                {
+                    ClearCache(siteId, entityname);
+                }
             }
-            _db.SaveChanges();
-            ClearCache(siteId, entityName);
         }
 
         public Permission GetPermission(int permissionId)
@@ -195,13 +225,27 @@ namespace Oqtane.Repository
             string securityid = "";
             foreach (PermissionString permissionstring in JsonSerializer.Deserialize<List<PermissionString>>(permissionStrings))
             {
-                foreach (string id in permissionstring.Permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                foreach (string id in permissionstring.Permissions.Split(';', StringSplitOptions.RemoveEmptyEntries))
                 {
                     securityid = id;
                     Permission permission = new Permission();
                     permission.SiteId = siteId;
-                    permission.EntityName = entityName;
-                    permission.EntityId = entityId;
+                    if (!string.IsNullOrEmpty(permissionstring.EntityName))
+                    {
+                        permission.EntityName = permissionstring.EntityName;
+                    }
+                    else
+                    {
+                        permission.EntityName = entityName;
+                    }
+                    if (permission.EntityName == entityName)
+                    {
+                        permission.EntityId = entityId;
+                    }
+                    else
+                    {
+                        permission.EntityId = -1;
+                    }
                     permission.PermissionName = permissionstring.PermissionName;
                     permission.RoleId = null;
                     permission.UserId = null;
diff --git a/Oqtane.Server/Repository/SiteRepository.cs b/Oqtane.Server/Repository/SiteRepository.cs
index fbb5e5da..46360cab 100644
--- a/Oqtane.Server/Repository/SiteRepository.cs
+++ b/Oqtane.Server/Repository/SiteRepository.cs
@@ -431,6 +431,7 @@ namespace Oqtane.Repository
                 PagePermissions = new List<Permission>
                 {
                     new Permission(PermissionNames.View, RoleNames.Admin, true),
+                    new Permission(PermissionNames.View, RoleNames.Registered, true),
                     new Permission(PermissionNames.Edit, RoleNames.Admin, true)
                 }.EncodePermissions(),
                 PageTemplateModules = new List<PageTemplateModule>
@@ -441,6 +442,7 @@ namespace Oqtane.Repository
                         ModulePermissions = new List<Permission>
                         {
                             new Permission(PermissionNames.View, RoleNames.Admin, true),
+                            new Permission(PermissionNames.View, RoleNames.Registered, true),
                             new Permission(PermissionNames.Edit, RoleNames.Admin, true)
                         }.EncodePermissions(),
                         Content = ""
diff --git a/Oqtane.Server/Security/AuthorizationPolicyProvider.cs b/Oqtane.Server/Security/AuthorizationPolicyProvider.cs
index 56dda318..e523ff96 100644
--- a/Oqtane.Server/Security/AuthorizationPolicyProvider.cs
+++ b/Oqtane.Server/Security/AuthorizationPolicyProvider.cs
@@ -1,5 +1,4 @@
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Options;
 using Oqtane.Shared;
 using System.Threading.Tasks;
@@ -17,30 +16,32 @@ namespace Oqtane.Security
 
         public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
         {
-            // check static policies first
+            // get policy
             policyName = GetPolicyName(policyName);
             var policy = await base.GetPolicyAsync(policyName);
 
             if (policy == null)
             {
+                // policy names must be in the form of "EntityName:PermissionName:Roles"
                 if (policyName.Contains(':'))
                 {
-                    // policy names must be in the form of "EntityName:PermissionName:Roles" ie. "Module:Edit:Administrators" (roles are comma delimited)
-                    var policySegments = policyName.Split(':');
-                    if (policySegments.Length >= 3)
+                    var segments = policyName.Split(':');
+                    if (segments.Length == 3)
                     {
-                        // check for optional RequireEntityId segment
-                        var requireEntityId = false;
-                        if (policySegments.Length == 4 && policySegments[3] == Constants.RequireEntityId)
-                        {
-                            requireEntityId = true;
-                        }
-                        policy = new AuthorizationPolicyBuilder()
-                            .AddRequirements(new PermissionRequirement(policySegments[0], policySegments[1], policySegments[2], requireEntityId))
-                            .Build();
+                        // create policy
+                        var builder = new AuthorizationPolicyBuilder();
+                        builder.AddRequirements(new PermissionRequirement(segments[0], segments[1], segments[2]));
+                        policy = builder.Build();
 
                         // add policy to the AuthorizationOptions
-                        _options.AddPolicy(policyName, policy);
+                        try
+                        {
+                            _options.AddPolicy(policyName, policy);
+                        }
+                        catch
+                        {
+                            // race condition - policy already added by another thread
+                        }
                     }
                 }
             }
@@ -51,8 +52,8 @@ namespace Oqtane.Security
         private string GetPolicyName(string policyName)
         {
             // backward compatibility for legacy static policy names
-            if (policyName == PolicyNames.ViewModule) policyName = $"{EntityNames.Module}:{PermissionNames.View}:{RoleNames.Admin}:{Constants.RequireEntityId}";
-            if (policyName == PolicyNames.EditModule) policyName = $"{EntityNames.Module}:{PermissionNames.Edit}:{RoleNames.Admin}:{Constants.RequireEntityId}";
+            if (policyName == PolicyNames.ViewModule) policyName = $"{EntityNames.Module}:{PermissionNames.View}:{RoleNames.Admin}";
+            if (policyName == PolicyNames.EditModule) policyName = $"{EntityNames.Module}:{PermissionNames.Edit}:{RoleNames.Admin}";
             return policyName;
         }
     }
diff --git a/Oqtane.Server/Security/PermissionHandler.cs b/Oqtane.Server/Security/PermissionHandler.cs
index bc05c3f5..cc77b325 100644
--- a/Oqtane.Server/Security/PermissionHandler.cs
+++ b/Oqtane.Server/Security/PermissionHandler.cs
@@ -34,28 +34,26 @@ namespace Oqtane.Security
                 }
 
                 int entityId = -1;
-                if (requirement.RequireEntityId)
+
+                // get entityid from querystring based on a parameter format of auth{entityname}id (ie. authmoduleid ) 
+                if (ctx.Request.Query.ContainsKey("auth" + requirement.EntityName.ToLower() + "id"))
                 {
-                    // get entityid from querystring based on a parameter format of auth{entityname}id (ie. authmoduleid ) 
-                    if (ctx.Request.Query.ContainsKey("auth" + requirement.EntityName.ToLower() + "id"))
+                    if (!int.TryParse(ctx.Request.Query["auth" + requirement.EntityName.ToLower() + "id"], out entityId))
                     {
-                        if (!int.TryParse(ctx.Request.Query["auth" + requirement.EntityName.ToLower() + "id"], out entityId))
+                        entityId = -1;
+                    }
+                }
+
+                // legacy support for deprecated CreateAuthorizationPolicyUrl(string url, int entityId)
+                if (entityId == -1)
+                {
+                    if (ctx.Request.Query.ContainsKey("entityid"))
+                    {
+                        if (!int.TryParse(ctx.Request.Query["entityid"], out entityId))
                         {
                             entityId = -1;
                         }
                     }
-
-                    // legacy support for deprecated CreateAuthorizationPolicyUrl(string url, int entityId)
-                    if (entityId == -1)
-                    {
-                        if (ctx.Request.Query.ContainsKey("entityid"))
-                        {
-                            if (!int.TryParse(ctx.Request.Query["entityid"], out entityId))
-                            {
-                                entityId = -1;
-                            }
-                        }
-                    }
                 }
 
                 // validate permissions
diff --git a/Oqtane.Server/Security/PermissionRequirement.cs b/Oqtane.Server/Security/PermissionRequirement.cs
index e937f647..701dc9cd 100644
--- a/Oqtane.Server/Security/PermissionRequirement.cs
+++ b/Oqtane.Server/Security/PermissionRequirement.cs
@@ -8,16 +8,13 @@ namespace Oqtane.Security
 
         public string PermissionName { get; }
 
-        public string Roles { get; }
+        public string Roles { get; } // semi-colon delimited
 
-        public bool RequireEntityId { get; }
-
-        public PermissionRequirement(string entityName, string permissionName, string roles, bool requireEntityId)
+        public PermissionRequirement(string entityName, string permissionName, string roles)
         {
             EntityName = entityName;
             PermissionName = permissionName;
             Roles = roles;
-            RequireEntityId = requireEntityId;
         }
     }
 }
diff --git a/Oqtane.Server/Security/UserPermissions.cs b/Oqtane.Server/Security/UserPermissions.cs
index 0f795ec5..cf0217c4 100644
--- a/Oqtane.Server/Security/UserPermissions.cs
+++ b/Oqtane.Server/Security/UserPermissions.cs
@@ -40,7 +40,7 @@ namespace Oqtane.Security
             }
             else
             {
-                return UserSecurity.IsAuthorized(GetUser(principal), roles.Replace(",",";"));
+                return UserSecurity.IsAuthorized(GetUser(principal), roles);
             }
         }
 
diff --git a/Oqtane.Server/wwwroot/Modules/Templates/External/[Owner].[Module].sln b/Oqtane.Server/wwwroot/Modules/Templates/External/[Owner].[Module].sln
index 6171a1c3..5c90cbac 100644
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/[Owner].[Module].sln
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/[Owner].[Module].sln
@@ -3,6 +3,8 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 16
 VisualStudioVersion = 16.0.28621.142
 MinimumVisualStudioVersion = 10.0.40219.1
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Oqtane.Server", "..\oqtane.framework\Oqtane.Server\Oqtane.Server.csproj", "{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}"
+EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "[Owner].[Module].Client", "Client\[Owner].[Module].Client.csproj", "{AA8E58A1-CD09-4208-BF66-A8BB341FD669}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "[Owner].[Module].Server", "Server\[Owner].[Module].Server.csproj", "{04B05448-788F-433D-92C0-FED35122D45A}"
@@ -17,6 +19,10 @@ Global
 		Release|Any CPU = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Release|Any CPU.Build.0 = Release|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Release|Any CPU.ActiveCfg = Release|Any CPU
diff --git a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.MySQL.nupkg.bak b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.MySQL.nupkg.bak
index b1a41580..1cf1c4aa 100644
Binary files a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.MySQL.nupkg.bak and b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.MySQL.nupkg.bak differ
diff --git a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.PostgreSQL.nupkg.bak b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.PostgreSQL.nupkg.bak
index 2b66afc9..7818fe9c 100644
Binary files a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.PostgreSQL.nupkg.bak and b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.PostgreSQL.nupkg.bak differ
diff --git a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.SqlServer.nupkg.bak b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.SqlServer.nupkg.bak
index 4721d0a2..698281c9 100644
Binary files a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.SqlServer.nupkg.bak and b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.SqlServer.nupkg.bak differ
diff --git a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.Sqlite.nupkg.bak b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.Sqlite.nupkg.bak
index 2a754910..3ea9ff6b 100644
Binary files a/Oqtane.Server/wwwroot/Packages/Oqtane.Database.Sqlite.nupkg.bak and b/Oqtane.Server/wwwroot/Packages/Oqtane.Database.Sqlite.nupkg.bak differ
diff --git a/Oqtane.Server/wwwroot/Themes/Templates/External/[Owner].[Theme].sln b/Oqtane.Server/wwwroot/Themes/Templates/External/[Owner].[Theme].sln
index c38196bb..842aaf4f 100644
--- a/Oqtane.Server/wwwroot/Themes/Templates/External/[Owner].[Theme].sln
+++ b/Oqtane.Server/wwwroot/Themes/Templates/External/[Owner].[Theme].sln
@@ -3,6 +3,8 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 16
 VisualStudioVersion = 16.0.28621.142
 MinimumVisualStudioVersion = 10.0.40219.1
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Oqtane.Server", "..\oqtane.framework\Oqtane.Server\Oqtane.Server.csproj", "{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}"
+EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "[Owner].[Theme].Client", "Client\[Owner].[Theme].Client.csproj", "{AA8E58A1-CD09-4208-BF66-A8BB341FD669}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "[Owner].[Theme].Package", "Package\[Owner].[Theme].Package.csproj", "{C5CE512D-CBB7-4545-AF0F-9B6591A0C3A7}"
@@ -13,6 +15,10 @@ Global
 		Release|Any CPU = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3AB6FCC9-EFEB-4C0E-A2CF-8103914C5196}.Release|Any CPU.Build.0 = Release|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{AA8E58A1-CD09-4208-BF66-A8BB341FD669}.Release|Any CPU.ActiveCfg = Release|Any CPU
diff --git a/Oqtane.Shared/Models/Api.cs b/Oqtane.Shared/Models/Api.cs
deleted file mode 100644
index 0f3c6b68..00000000
--- a/Oqtane.Shared/Models/Api.cs
+++ /dev/null
@@ -1,23 +0,0 @@
-namespace Oqtane.Models
-{
-    /// <summary>
-    /// API management 
-    /// </summary>
-    public class Api
-    {
-        /// <summary>
-        /// Reference to a <see cref="Site"/> 
-        /// </summary>
-        public int SiteId { get; set; }
-
-        /// <summary>
-        /// The Entity Name
-        /// </summary>
-        public string EntityName { get; set; }
-
-        /// <summary>
-        /// The permissions for the entity
-        /// </summary>
-        public string Permissions { get; set; }
-    }
-}
diff --git a/Oqtane.Shared/Models/File.cs b/Oqtane.Shared/Models/File.cs
index 2e240403..e90b6af1 100644
--- a/Oqtane.Shared/Models/File.cs
+++ b/Oqtane.Shared/Models/File.cs
@@ -55,6 +55,11 @@ namespace Oqtane.Models
         /// </summary>
         public string Description { get; set; }
 
+        /// <summary>
+        /// Deprecated - not used
+        /// </summary>
+        public bool? IsDeleted { get; set; }
+
         /// <summary>
         /// Object reference to the <see cref="Folder"/> object.
         /// Use this if you need to determine what <see cref="Site"/> the file belongs to. 
diff --git a/Oqtane.Shared/Models/Folder.cs b/Oqtane.Shared/Models/Folder.cs
index c7627714..90bf87bd 100644
--- a/Oqtane.Shared/Models/Folder.cs
+++ b/Oqtane.Shared/Models/Folder.cs
@@ -59,6 +59,11 @@ namespace Oqtane.Models
         /// </summary>
         public bool IsSystem { get; set; }
 
+        /// <summary>
+        /// Deprecated - not used
+        /// </summary>
+        public bool? IsDeleted { get; set; }
+
         /// <summary>
         /// TODO: todoc what would this contain?
         /// </summary>
diff --git a/Oqtane.Shared/Models/PermissionString.cs b/Oqtane.Shared/Models/PermissionString.cs
index cdee673b..44bcfc36 100644
--- a/Oqtane.Shared/Models/PermissionString.cs
+++ b/Oqtane.Shared/Models/PermissionString.cs
@@ -5,13 +5,18 @@ namespace Oqtane.Models
     /// </summary>
     public class PermissionString
     {
+        /// <summary>
+        /// A term describing the entity
+        /// </summary>
+        public string EntityName { get; set; }
+
         /// <summary>
         /// A term describing a set of permissions
         /// </summary>
         public string PermissionName { get; set; }
 
         /// <summary>
-        /// The permissions addressed with this name
+        /// The permissions
         /// </summary>
         public string Permissions { get; set; }
     }
diff --git a/Oqtane.Shared/Models/Route.cs b/Oqtane.Shared/Models/Route.cs
index 9b4cc683..43385d8f 100644
--- a/Oqtane.Shared/Models/Route.cs
+++ b/Oqtane.Shared/Models/Route.cs
@@ -24,6 +24,7 @@ namespace Oqtane.Models
             Query = uri.Query;
             Fragment = uri.Fragment;
             AbsolutePath = uri.AbsolutePath;
+            PathAndQuery = uri.PathAndQuery;
             AliasPath = aliaspath;
             PagePath = AbsolutePath;
             ModuleId = "";
@@ -90,6 +91,11 @@ namespace Oqtane.Models
         /// </summary>
         public string AbsolutePath { get; set; }
 
+        /// <summary>
+        /// The absolute path for the route including the querystring
+        /// </summary>
+        public string PathAndQuery { get; set; }
+
         /// <summary>
         /// An absolute path may contain an alias path
         /// </summary>
diff --git a/Oqtane.Shared/Oqtane.Shared.csproj b/Oqtane.Shared/Oqtane.Shared.csproj
index 39a44605..84f9d81e 100644
--- a/Oqtane.Shared/Oqtane.Shared.csproj
+++ b/Oqtane.Shared/Oqtane.Shared.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <Configurations>Debug;Release</Configurations>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -11,7 +11,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
diff --git a/Oqtane.Shared/Security/UserSecurity.cs b/Oqtane.Shared/Security/UserSecurity.cs
index 16169495..36cb21c9 100644
--- a/Oqtane.Shared/Security/UserSecurity.cs
+++ b/Oqtane.Shared/Security/UserSecurity.cs
@@ -62,7 +62,7 @@ namespace Oqtane.Security
 
             if (permissions != null)
             {
-                foreach (string permission in permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                foreach (string permission in permissions.Split(';', StringSplitOptions.RemoveEmptyEntries))
                 {
                     bool? allowed = VerifyPermission(userId, roles, permission);
                     if (allowed.HasValue)
@@ -155,7 +155,7 @@ namespace Oqtane.Security
                     identity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.Admin));
                     identity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.Registered));
                 }
-                foreach (string role in user.Roles.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                foreach (string role in user.Roles.Split(';', StringSplitOptions.RemoveEmptyEntries))
                 {
                     if (!identity.Claims.Any(item => item.Type == ClaimTypes.Role && item.Value == role))
                     {
diff --git a/Oqtane.Shared/Shared/Constants.cs b/Oqtane.Shared/Shared/Constants.cs
index 2931b58a..15e9af81 100644
--- a/Oqtane.Shared/Shared/Constants.cs
+++ b/Oqtane.Shared/Shared/Constants.cs
@@ -4,8 +4,8 @@ namespace Oqtane.Shared
 {
     public class Constants
     {
-        public static readonly string Version = "3.2.1";
-        public const string ReleaseVersions = "1.0.0,1.0.1,1.0.2,1.0.3,1.0.4,2.0.0,2.0.1,2.0.2,2.1.0,2.2.0,2.3.0,2.3.1,3.0.0,3.0.1,3.0.2,3.0.3,3.1.0,3.1.1,3.1.2,3.1.3,3.1.4,3.2.0,3.2.1";
+        public static readonly string Version = "3.3.1";
+        public const string ReleaseVersions = "1.0.0,1.0.1,1.0.2,1.0.3,1.0.4,2.0.0,2.0.1,2.0.2,2.1.0,2.2.0,2.3.0,2.3.1,3.0.0,3.0.1,3.0.2,3.0.3,3.1.0,3.1.1,3.1.2,3.1.3,3.1.4,3.2.0,3.2.1,3.3.0,3.3.1";
         public const string PackageId = "Oqtane.Framework";
         public const string ClientId = "Oqtane.Client";
         public const string UpdaterPackageId = "Oqtane.Updater";
@@ -73,8 +73,7 @@ namespace Oqtane.Shared
         public static readonly string HttpContextSiteSettingsKey = "SiteSettings";
 
         public static readonly string MauiUserAgent = "MAUI";
-
-        public static readonly string RequireEntityId = "RequireEntityId";
+        public static readonly string VisitorCookiePrefix = "APP_VISITOR_";
 
         // Obsolete constants
 
diff --git a/Oqtane.Shared/Shared/SiteState.cs b/Oqtane.Shared/Shared/SiteState.cs
index 411c60ab..7dcea082 100644
--- a/Oqtane.Shared/Shared/SiteState.cs
+++ b/Oqtane.Shared/Shared/SiteState.cs
@@ -8,7 +8,7 @@ namespace Oqtane.Shared
         public Alias Alias { get; set; }
         public string AntiForgeryToken { get; set; } // passed from server for use in service calls on client
         public string AuthorizationToken { get; set; } // passed from server for use in service calls on client
-        public string RemoteIPAddress { get; set; } // passed from server as cannot be reliable retrieved on client
+        public string RemoteIPAddress { get; set; } // passed from server as cannot be reliably retrieved on client
 
 
         private dynamic _properties;
diff --git a/Oqtane.Test/Oqtane.Test.csproj b/Oqtane.Test/Oqtane.Test.csproj
index 45840dbc..75b42bef 100644
--- a/Oqtane.Test/Oqtane.Test.csproj
+++ b/Oqtane.Test/Oqtane.Test.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <Configurations>Debug;Release</Configurations>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -11,7 +11,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
diff --git a/Oqtane.Updater/Oqtane.Updater.csproj b/Oqtane.Updater/Oqtane.Updater.csproj
index b1a4b43e..fee19fbd 100644
--- a/Oqtane.Updater/Oqtane.Updater.csproj
+++ b/Oqtane.Updater/Oqtane.Updater.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
     <OutputType>Exe</OutputType>
-    <Version>3.2.1</Version>
+    <Version>3.3.1</Version>
     <Product>Oqtane</Product>
     <Authors>Shaun Walker</Authors>
     <Company>.NET Foundation</Company>
@@ -11,7 +11,7 @@
     <Copyright>.NET Foundation</Copyright>
     <PackageProjectUrl>https://www.oqtane.org</PackageProjectUrl>
     <PackageLicenseUrl>https://github.com/oqtane/oqtane.framework/blob/dev/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1</PackageReleaseNotes>
+    <PackageReleaseNotes>https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1</PackageReleaseNotes>
     <RepositoryUrl>https://github.com/oqtane/oqtane.framework</RepositoryUrl>
     <RepositoryType>Git</RepositoryType>
     <RootNamespace>Oqtane</RootNamespace>
diff --git a/README.md b/README.md
index 2c192639..300e2ec9 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Latest Release
 
-[3.2.1](https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1) was released on Oct 17 and is primarily focused on stabilization. This includes performance improvements to the client startup logic for Blazor Hybrid and Blazor WebAssembly, improvements to base url handling and static resources for component resusability in .NET MAUI, support for Roles in OpenID Connect integrations, as well as a new capability to capture server-side events in your custom code. This release includes 21 pull requests by 4 different contributors, pushing the total number of project commits all-time to 3093. The Oqtane framework continues to evolve at a rapid pace to meet the needs of .NET developers.
+[3.3.1](https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1) was released on Jan 14, 2023 and is primarily focused on flexibility, as the permissions system has been enhanced to support a new type of API permissions that provide developers with additional opportunities to create sophisticated modern web applications. This release also includes performance optimizations, enhancements to file management, and numerous user experience improvements including the addition of a new AutoComplete component. This release includes 51 pull requests by 3 different contributors, pushing the total number of project commits all-time over 3200. The Oqtane framework continues to evolve at a rapid pace to meet the needs of .NET developers.
 
 # Oqtane Framework
 
@@ -47,17 +47,23 @@ This project is open source, and therefore is a work in progress...
 
 4.0.0 ( Q1 2023 )
 - [ ] Migration to .NET 7
-
-3.3.0 ( Q4 2022 )
-- [x] Dynamic authorization policies
+- [ ] Permission serialization optimization
 - [ ] Folder Providers
 
+[3.3.1](https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.1) ( Jan 14, 2023 )
+- [x] Stabilization improvements 
+
+[3.3.0](https://github.com/oqtane/oqtane.framework/releases/tag/v3.3.0) ( Jan 12, 2023 )
+- [x] Dynamic Authorization Policies
+- [x] Entity-Level Permissions
+- [x] Extended Module Permissions
+
 [3.2.1](https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.1) ( Oct 17, 2022 )
 - [x] Stabilization improvements  
 - [x] Server Event System
 
 [3.2.0](https://github.com/oqtane/oqtane.framework/releases/tag/v3.2.0) ( Sep 13, 2022 )
-- [x] MAUI / Blazor Hybrid support 
+- [x] .NET MAUI / Blazor Hybrid support 
 - [x] Upgrade to Bootstrap 5.2
 
 [3.1.3](https://github.com/oqtane/oqtane.framework/releases/tag/v3.1.3) ( Jun 27, 2022 )
@@ -167,6 +173,8 @@ Oqtane was created by [Shaun Walker](https://www.linkedin.com/in/shaunbrucewalke
 
 # Release Announcements
 
+[Oqtane 3.3](https://www.oqtane.org/blog/!/54/oqtane-3-3-0-released)
+
 [Oqtane 3.2](https://www.oqtane.org/blog/!/50/oqtane-3-2-for-net-maui-blazor-hybrid)
 
 [Oqtane 3.1](https://www.oqtane.org/blog/!/41/oqtane-3-1-released)