wso2 · ZiyamSanthosh · Dec 19, 2025
diff --git a/...on.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/pom.xml b/...on.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.common/pom.xml
@@ -82,6 +82,11 @@
             <artifactId>org.wso2.carbon.identity.scim2.common</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.framework</groupId>
+            <artifactId>org.wso2.carbon.identity.fraud.detection.core</artifactId>
+            <scope>provided</scope>
+        </dependency>
     </dependencies>
 
 </project>
diff --git a/...rc/main/java/org/wso2/carbon/identity/api/server/configs/common/ConfigsServiceHolder.java b/...rc/main/java/org/wso2/carbon/identity/api/server/configs/common/ConfigsServiceHolder.java
@@ -23,6 +23,7 @@
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
 import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataManagementService;
 import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService;
+import org.wso2.carbon.identity.fraud.detection.core.service.FraudDetectionConfigsService;
 import org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService;
 import org.wso2.carbon.identity.oauth2.impersonation.services.ImpersonationConfigMgtService;
 import org.wso2.carbon.identity.oauth2.token.handler.clientauth.jwt.core.JWTClientAuthenticatorMgtService;
@@ -94,6 +95,13 @@ private static class ClaimMetaDataManagementServiceHolder {
                         .getOSGiService(ClaimMetadataManagementService.class, null);
     }
 
+    private static class FraudDetectionConfigsServiceHolder {
+
+        static final FraudDetectionConfigsService SERVICE =
+                (FraudDetectionConfigsService) PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                        .getOSGiService(FraudDetectionConfigsService.class, null);
+    }
+
     /**
      * Get ApplicationManagementService osgi service.
      *
@@ -183,4 +191,14 @@ public static ClaimMetadataManagementService getClaimMetadataManagementService()
 
         return ClaimMetaDataManagementServiceHolder.SERVICE;
     }
+
+    /**
+     * Get FraudDetectionConfigsService osgi service.
+     *
+     * @return FraudDetectionConfigsService
+     */
+    public static FraudDetectionConfigsService getFraudDetectionConfigsService() {
+
+        return FraudDetectionConfigsServiceHolder.SERVICE;
+    }
 }
diff --git a/...gs.common/src/main/java/org/wso2/carbon/identity/api/server/configs/common/Constants.java b/...gs.common/src/main/java/org/wso2/carbon/identity/api/server/configs/common/Constants.java
@@ -208,7 +208,14 @@ public enum ErrorMessage {
                 "Server encountered an error while deleting the Passive STS inbound auth configs."),
         ERROR_CODE_IMP_CONFIG_DELETE("65022",
                 "Unable to delete Impersonation configuration.",
-                "Server encountered an error while deleting the Impersonation configuration of %s.");
+                "Server encountered an error while deleting the Impersonation configuration of %s."),
+
+        ERROR_CODE_FRAUD_DETECTION_CONFIG_RETRIEVE("65023",
+                "Unable to retrieve Fraud Detection configuration.",
+                "Server encountered an error while retrieving the Fraud Detection configuration."),
+        ERROR_CODE_FRAUD_DETECTION_CONFIG_UPDATE("65024",
+                "Unable to update Fraud Detection configuration.",
+                "Server encountered an error while updating the Fraud Detection configuration.");
 
         private final String code;
         private final String message;

diff --git a/...carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.v1/pom.xml b/...carbon.identity.api.server.configs/org.wso2.carbon.identity.api.server.configs.v1/pom.xml
@@ -185,6 +185,11 @@
             <artifactId>org.wso2.carbon.logging.service</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.framework</groupId>
+            <artifactId>org.wso2.carbon.identity.fraud.detection.core</artifactId>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>commons-beanutils</groupId>
             <artifactId>commons-beanutils</artifactId>

diff --git a/...er.configs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApi.java b/...er.configs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApi.java
@@ -31,6 +31,7 @@
 import org.wso2.carbon.identity.api.server.configs.v1.model.DCRConfig;
 import org.wso2.carbon.identity.api.server.configs.v1.model.DCRPatch;
 import org.wso2.carbon.identity.api.server.configs.v1.model.Error;
+import org.wso2.carbon.identity.api.server.configs.v1.model.FraudDetectionConfig;
 import org.wso2.carbon.identity.api.server.configs.v1.model.ImpersonationConfiguration;
 import org.wso2.carbon.identity.api.server.configs.v1.model.ImpersonationPatch;
 import org.wso2.carbon.identity.api.server.configs.v1.model.InboundAuthPassiveSTSConfig;
@@ -182,6 +183,30 @@ public Response getConfigs() {
         return delegate.getConfigs();
     }
 
+    @Valid
+    @GET
+    @Path("/fraud-detection")
+
+    @Produces({ "application/json" })
+    @ApiOperation(value = "Get fraud detection configs.", notes = "Retrieve fraud detection related configurations of a tenant.", response = FraudDetectionConfig.class, authorizations = {
+        @Authorization(value = "BasicAuth"),
+        @Authorization(value = "OAuth2", scopes = {
+
+        })
+    }, tags={ "Fraud Detection", })
+    @ApiResponses(value = { 
+        @ApiResponse(code = 200, message = "Successfully retrieved.", response = FraudDetectionConfig.class),
+        @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+        @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+        @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+        @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+        @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+    })
+    public Response getFraudDetectionConfigs() {
+
+        return delegate.getFraudDetectionConfigs();
+    }
+
     @Valid
     @GET
     @Path("/home-realm-identifiers")
@@ -661,6 +686,30 @@ public Response deleteImpersonationConfiguration() {
         return delegate.deleteImpersonationConfiguration();
     }
 
+    @Valid
+    @PUT
+    @Path("/fraud-detection")
+    @Consumes({ "application/json" })
+    @Produces({ "application/json" })
+    @ApiOperation(value = "Update fraud detection configs.", notes = "Update fraud detection related configuration of a tenant.", response = FraudDetectionConfig.class, authorizations = {
+            @Authorization(value = "BasicAuth"),
+            @Authorization(value = "OAuth2", scopes = {
+
+            })
+    }, tags={ "Fraud Detection", })
+    @ApiResponses(value = {
+            @ApiResponse(code = 200, message = "Successfully updated.", response = FraudDetectionConfig.class),
+            @ApiResponse(code = 400, message = "Bad Request", response = Error.class),
+            @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+            @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+            @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+            @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+    })
+    public Response updateFraudDetectionConfigs(@ApiParam(value = "" ,required=true) @Valid FraudDetectionConfig fraudDetectionConfig) {
+
+        return delegate.updateFraudDetectionConfigs(fraudDetectionConfig );
+    }
+
     @Valid
     @PUT
     @Path("/provisioning/inbound/scim")

diff --git a/...igs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApiService.java b/...igs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/ConfigsApiService.java
@@ -57,6 +57,8 @@ public interface ConfigsApiService {
 
       public Response getConfigs();
 
+      public Response getFraudDetectionConfigs();
+
       public Response getHomeRealmIdentifiers();
 
       public Response getImpersonationConfiguration();
@@ -96,6 +98,8 @@ public interface ConfigsApiService {
 
       public Response deleteImpersonationConfiguration();
 
+      public Response updateFraudDetectionConfigs(FraudDetectionConfig fraudDetectionConfig);
+
       public Response updateInboundScimConfigs(ScimConfig scimConfig);
 
       public Response updatePassiveSTSInboundAuthConfig(InboundAuthPassiveSTSConfig inboundAuthPassiveSTSConfig);

diff --git a/...igs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/model/EventConfig.java b/...igs.v1/src/gen/java/org/wso2/carbon/identity/api/server/configs/v1/model/EventConfig.java
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.configs.v1.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.ArrayList;
+import java.util.List;
+import org.wso2.carbon.identity.api.server.configs.v1.model.EventProperty;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class EventConfig  {
+
+    private String eventName;
+    private Boolean enabled;
+    private List<EventProperty> properties = null;
+
+
+    /**
+    * Name of the event
+    **/
+    public EventConfig eventName(String eventName) {
+
+        this.eventName = eventName;
+        return this;
+    }
+
+    @ApiModelProperty(example = "Event.User_registration", value = "Name of the event")
+    @JsonProperty("eventName")
+    @Valid
+    public String getEventName() {
+        return eventName;
+    }
+    public void setEventName(String eventName) {
+        this.eventName = eventName;
+    }
+
+    /**
+    * If true, publish the event related data to the fraud detector.
+    **/
+    public EventConfig enabled(Boolean enabled) {
+
+        this.enabled = enabled;
+        return this;
+    }
+
+    @ApiModelProperty(example = "true", value = "If true, publish the event related data to the fraud detector.")
+    @JsonProperty("enabled")
+    @Valid
+    public Boolean getEnabled() {
+        return enabled;
+    }
+    public void setEnabled(Boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    /**
+    **/
+    public EventConfig properties(List<EventProperty> properties) {
+
+        this.properties = properties;
+        return this;
+    }
+
+    @ApiModelProperty(value = "")
+    @JsonProperty("properties")
+    @Valid
+    public List<EventProperty> getProperties() {
+        return properties;
+    }
+    public void setProperties(List<EventProperty> properties) {
+        this.properties = properties;
+    }
+
+    public EventConfig addPropertiesItem(EventProperty propertiesItem) {
+        if (this.properties == null) {
+            this.properties = new ArrayList<>();
+        }
+        this.properties.add(propertiesItem);
+        return this;
+    }
+
+
+
+    @Override
+    public boolean equals(java.lang.Object o) {
+
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        EventConfig eventConfig = (EventConfig) o;
+        return Objects.equals(this.eventName, eventConfig.eventName) &&
+            Objects.equals(this.enabled, eventConfig.enabled) &&
+            Objects.equals(this.properties, eventConfig.properties);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(eventName, enabled, properties);
+    }
+
+    @Override
+    public String toString() {
+
+        StringBuilder sb = new StringBuilder();
+        sb.append("class EventConfig {\n");
+
+        sb.append("    eventName: ").append(toIndentedString(eventName)).append("\n");
+        sb.append("    enabled: ").append(toIndentedString(enabled)).append("\n");
+        sb.append("    properties: ").append(toIndentedString(properties)).append("\n");
+        sb.append("}");
+        return sb.toString();
+    }
+
+    /**
+    * Convert the given object to string with each line indented by 4 spaces
+    * (except the first line).
+    */
+    private String toIndentedString(java.lang.Object o) {
+
+        if (o == null) {
+            return "null";
+        }
+        return o.toString().replace("\n", "\n");
+    }
+}
+