Conditional View Access For Discoverable Applications in MyAccount

components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/AdvancedApplicationConfiguration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ * Copyright (c) 2025, WSO2 LLC. (http://www.wso2.com).
  *
  * WSO2 LLC. licenses this file to you under the Apache License,
  * Version 2.0 (the "License"); you may not use this file except
@@ -27,6 +27,7 @@
 import org.wso2.carbon.identity.api.server.application.management.v1.AdditionalSpProperty;
 import org.wso2.carbon.identity.api.server.application.management.v1.AdvancedApplicationConfigurationAttestationMetaData;
 import org.wso2.carbon.identity.api.server.application.management.v1.Certificate;
+import org.wso2.carbon.identity.api.server.application.management.v1.DiscoverableGroup;
 import org.wso2.carbon.identity.api.server.application.management.v1.TrustedAppConfiguration;
 import javax.validation.constraints.*;
 
@@ -40,6 +41,7 @@ public class AdvancedApplicationConfiguration  {
 
     private Boolean saas;
     private Boolean discoverableByEndUsers;
+    private List<DiscoverableGroup> discoverableGroups = null;
     private Certificate certificate;
     private Boolean skipLoginConsent;
     private Boolean skipLogoutConsent;
@@ -90,6 +92,37 @@ public void setDiscoverableByEndUsers(Boolean discoverableByEndUsers) {
         this.discoverableByEndUsers = discoverableByEndUsers;
     }
 
+    /**
+    * List of groups from user stores where users in those groups can discover the application.
+    **/
+    public AdvancedApplicationConfiguration discoverableGroups(List<DiscoverableGroup> discoverableGroups) {
+
+        this.discoverableGroups = discoverableGroups;
+        return this;
+    }
+
+    @ApiModelProperty(value = "List of groups from user stores where users in those groups can discover the application.")
+    @JsonProperty("discoverableGroups")
+    @Valid
+    public List<DiscoverableGroup> getDiscoverableGroups() {
+
+        return discoverableGroups;
+    }
+
+    public void setDiscoverableGroups(List<DiscoverableGroup> discoverableGroups) {
+
+        this.discoverableGroups = discoverableGroups;
+    }
+
+    public AdvancedApplicationConfiguration addDiscoverableGroupsItem(DiscoverableGroup discoverableGroupsItem) {
+
+        if (this.discoverableGroups == null) {
+            this.discoverableGroups = new ArrayList<>();
+        }
+        this.discoverableGroups.add(discoverableGroupsItem);
+        return this;
+    }
+
     /**
     **/
     public AdvancedApplicationConfiguration certificate(Certificate certificate) {
@@ -317,6 +350,7 @@ public boolean equals(java.lang.Object o) {
         AdvancedApplicationConfiguration advancedApplicationConfiguration = (AdvancedApplicationConfiguration) o;
         return Objects.equals(this.saas, advancedApplicationConfiguration.saas) &&
             Objects.equals(this.discoverableByEndUsers, advancedApplicationConfiguration.discoverableByEndUsers) &&
+            Objects.equals(this.discoverableGroups, advancedApplicationConfiguration.discoverableGroups) &&
             Objects.equals(this.certificate, advancedApplicationConfiguration.certificate) &&
             Objects.equals(this.skipLoginConsent, advancedApplicationConfiguration.skipLoginConsent) &&
             Objects.equals(this.skipLogoutConsent, advancedApplicationConfiguration.skipLogoutConsent) &&
@@ -332,7 +366,7 @@ public boolean equals(java.lang.Object o) {
 
     @Override
     public int hashCode() {
-        return Objects.hash(saas, discoverableByEndUsers, certificate, skipLoginConsent, skipLogoutConsent, useExternalConsentPage, returnAuthenticatedIdpList, enableAuthorization, fragment, enableAPIBasedAuthentication, attestationMetaData, trustedAppConfiguration, additionalSpProperties);
+        return Objects.hash(saas, discoverableByEndUsers, discoverableGroups, certificate, skipLoginConsent, skipLogoutConsent, useExternalConsentPage, returnAuthenticatedIdpList, enableAuthorization, fragment, enableAPIBasedAuthentication, attestationMetaData, trustedAppConfiguration, additionalSpProperties);
     }
 
     @Override
@@ -343,6 +377,7 @@ public String toString() {
 
         sb.append("    saas: ").append(toIndentedString(saas)).append("\n");
         sb.append("    discoverableByEndUsers: ").append(toIndentedString(discoverableByEndUsers)).append("\n");
+        sb.append("    discoverableGroups: ").append(toIndentedString(discoverableGroups)).append("\n");
         sb.append("    certificate: ").append(toIndentedString(certificate)).append("\n");
         sb.append("    skipLoginConsent: ").append(toIndentedString(skipLoginConsent)).append("\n");
         sb.append("    skipLogoutConsent: ").append(toIndentedString(skipLogoutConsent)).append("\n");

components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApi.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023-2024, WSO2 LLC. (http://www.wso2.com).
+ * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com).
  *
  * WSO2 LLC. licenses this file to you under the Apache License,
  * Version 2.0 (the "License"); you may not use this file except
@@ -629,6 +629,29 @@ public Response getCustomProtocolMetadata(@ApiParam(value = "Inbound Authenticat
         return delegate.getCustomProtocolMetadata(inboundProtocolId );
     }
 
+    @Valid
+    @GET
+    @Path("/meta/groups")
+
+    @Produces({ "application/json" })
+    @ApiOperation(value = "Retrieve the list of groups available for the application. ", notes = "This API provides the capability to retrieve the list of groups available for the application. <br>   <b>Permission required:</b> <br>       * /permission/admin/manage/identity/applicationmgt/view <br>   <b>Scope required:</b> <br>       * internal_application_mgt_view ", response = GroupBasicInfo.class, responseContainer = "List", authorizations = {
+        @Authorization(value = "BasicAuth"),
+        @Authorization(value = "OAuth2", scopes = {
+
+        })
+    }, tags={ "Application Metadata", })
+    @ApiResponses(value = { 
+        @ApiResponse(code = 200, message = "OK", response = GroupBasicInfo.class, responseContainer = "List"),
+        @ApiResponse(code = 401, message = "Unauthorized", response = Void.class),
+        @ApiResponse(code = 403, message = "Forbidden", response = Void.class),
+        @ApiResponse(code = 404, message = "Not Found", response = Error.class),
+        @ApiResponse(code = 500, message = "Server Error", response = Error.class)
+    })
+    public Response getGroups(    @Valid@ApiParam(value = "The domain name of the user store used to filter the groups.  /applications/meta/groups?domain=PRIMARY ")  @QueryParam("domain") String domain,     @Valid@ApiParam(value = "Condition to filter the retrieval of records. Supports 'sw', 'co', 'ew', and 'eq' operations with 'and', 'or' logical operators. Please note that 'and' and 'or' operators in filters follow the general precedence of logical operators ex: A and B or C and D = (A and B) or (C and D)). Currently supports only filtering based on the 'name', the 'clientId', and the 'issuer' attributes.  /applications?filter=name+eq+user_portal <br> /applications?filter=name+co+prod+or+clientId+co+123 ")  @QueryParam("filter") String filter) {
+
+        return delegate.getGroups(domain,  filter );
+    }
+
     @Valid
     @GET
     @Path("/{applicationId}/inbound-protocols/")

components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApiService.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com).
+ * Copyright (c) 2024-2025, WSO2 LLC. (http://www.wso2.com).
  *
  * WSO2 LLC. licenses this file to you under the Apache License,
  * Version 2.0 (the "License"); you may not use this file except
@@ -40,6 +40,7 @@
 import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolMetaData;
 import org.wso2.carbon.identity.api.server.application.management.v1.Error;
 import java.io.File;
+import org.wso2.carbon.identity.api.server.application.management.v1.GroupBasicInfo;
 import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem;
 import org.wso2.carbon.identity.api.server.application.management.v1.OIDCMetaData;
 import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration;
@@ -104,6 +105,8 @@ public interface ApplicationsApiService {
 
       public Response getCustomProtocolMetadata(String inboundProtocolId);
 
+      public Response getGroups(String domain, String filter);
+
       public Response getInboundAuthenticationConfigurations(String applicationId);
 
       public Response getInboundOAuthConfiguration(String applicationId);

components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/DiscoverableGroup.java

@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 2025, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.api.server.application.management.v1;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import java.util.ArrayList;
+import java.util.List;
+import org.wso2.carbon.identity.api.server.application.management.v1.GroupBasicInfo;
+import javax.validation.constraints.*;
+
+
+import io.swagger.annotations.*;
+import java.util.Objects;
+import javax.validation.Valid;
+import javax.xml.bind.annotation.*;
+
+public class DiscoverableGroup  {
+
+    private String userStore;
+    private List<GroupBasicInfo> groups = new ArrayList<>();
+
+
+    /**
+    * The user store domain to which the groups belong.
+    **/
+    public DiscoverableGroup userStore(String userStore) {
+
+        this.userStore = userStore;
+        return this;
+    }
+
+    @ApiModelProperty(example = "PRIMARY", required = true, value = "The user store domain to which the groups belong.")
+    @JsonProperty("userStore")
+    @Valid
+    @NotNull(message = "Property userStore cannot be null.")
+    public String getUserStore() {
+
+        return userStore;
+    }
+
+    public void setUserStore(String userStore) {
+
+        this.userStore = userStore;
+    }
+
+    /**
+    * List of groups configured for discoverability.
+    **/
+    public DiscoverableGroup groups(List<GroupBasicInfo> groups) {
+
+        this.groups = groups;
+        return this;
+    }
+
+    @ApiModelProperty(required = true, value = "List of groups configured for discoverability.")
+    @JsonProperty("groups")
+    @Valid
+    @NotNull(message = "Property groups cannot be null.")
+    @Size(min=1)
+    public List<GroupBasicInfo> getGroups() {
+
+        return groups;
+    }
+
+    public void setGroups(List<GroupBasicInfo> groups) {
+
+        this.groups = groups;
+    }
+
+    public DiscoverableGroup addGroupsItem(GroupBasicInfo groupsItem) {
+
+        this.groups.add(groupsItem);
+        return this;
+    }
+
+
+
+    @Override
+    public boolean equals(java.lang.Object o) {
+
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        DiscoverableGroup discoverableGroup = (DiscoverableGroup) o;
+        return Objects.equals(this.userStore, discoverableGroup.userStore) &&
+            Objects.equals(this.groups, discoverableGroup.groups);
+    }
+
+    @Override
+    public int hashCode() {
+
+        return Objects.hash(userStore, groups);
+    }
+
+    @Override
+    public String toString() {
+
+        StringBuilder sb = new StringBuilder();
+        sb.append("class DiscoverableGroup {\n");
+        sb.append("    userStore: ").append(toIndentedString(userStore)).append("\n");
+        sb.append("    groups: ").append(toIndentedString(groups)).append("\n");
+        sb.append("}");
+        return sb.toString();
+    }
+
+    /**
+    * Convert the given object to string with each line indented by 4 spaces
+    * (except the first line).
+    */
+    private String toIndentedString(java.lang.Object o) {
+
+        if (o == null) {
+            return "null";
+        }
+        return o.toString().replace("\n", "\n");
+    }
+}