Merge branch 'master' into 'master'

Add remote session host and port into iot-server.sh

See merge request entgra/product-iots!87

.gitlab-ci.yml

@@ -8,6 +8,10 @@ cache:
 build:
   stage: build
   script:
+    - rm -rf ~/.m2/repository/org/wso2/carbon/devicemgt
+    - rm -rf ~/.m2/repository/org/wso2/carbon/devicemgt-plugins
+    - rm -rf ~/.m2/repository/org/wso2/carbon/org/wso2/iot
+    - rm -rf ~/.m2/repository/io/entgra
     - mvn $MAVEN_CLI_OPTS clean install
   tags:
     - OracleJDK1.8

modules/components/org.wso2.iot.core.admin.styles/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-components</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

modules/components/org.wso2.iot.core.admin.styles/src/main/resources/web/product/about.html

@@ -18,13 +18,13 @@
 <html>
 <head>
     <meta http-equiv="content-type" content=""/>
-    <title>Entgra IoT 4.0.0</title>
+    <title>Entgra IoT 4.1.0</title>
     <link href="./tools/cmd/css/gs-dist-doc.css" rel="stylesheet"
           type="text/css" media="all"/>
 </head>
 
 <body>
-<h1>Entgra IoT 4.0.0</h1>
+<h1>Entgra IoT 4.1.0</h1>
 
 <p>
     With its modular, extensible, and customizable capabilities,

modules/components/pom.xml

@@ -23,7 +23,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

modules/cxf-filters/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

modules/distribution/pom.xml

@@ -22,7 +22,7 @@
 	<parent>
 		<groupId>io.entgra.iot</groupId>
 		<artifactId>entgra-iot-server-parent</artifactId>
-		<version>4.0.0-RC</version>
+		<version>4.1.1-SNAPSHOT</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 
@@ -515,7 +515,7 @@
 									<classpath refid="maven.compile.classpath" />
 									<classpath refid="maven.runtime.classpath" />
 
-									<fileset file="${basedir}/../p2-profile/iot-core-profile/target/wso2carbon-core-${carbon.kernel.version}/dbscripts/apimgt/h2.sql" />
+									<fileset file="${basedir}/src/core/resources/dbscripts/apimgt/h2.sql" />
 								</sql>
 								<echo message="##################### END ####################" />
 							</tasks>

modules/distribution/src/assembly/bin.xml

@@ -382,21 +382,6 @@
             </excludes>
         </fileSet>
 
-        <!-- Copying API Manager Publisher and Store Jaggery apps -->
-        <fileSet>
-            <directory>
-                ../p2-profile/iot-core-profile/target/wso2carbon-core-${carbon.kernel.version}/wso2/deployment/server/jaggeryapps/api-publisher
-            </directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-publisher</outputDirectory>
-            <excludes>
-                <exclude>publisherLogo/**</exclude>
-                <exclude>publisherTheme/**</exclude>
-                <exclude>publisherSite/**</exclude>
-                <exclude>footer/**</exclude>
-                <exclude>localstyles.css</exclude>
-<!--                <exclude>**/jaggery.conf</exclude>-->
-            </excludes>
-        </fileSet>
         <!--<fileSet>-->
             <!--<directory>-->
                 <!--../p2-profile/iot-core-profile/target/wso2carbon-core-${carbon.kernel.version}/wso2/deployment/server/jaggeryapps/store/-->
@@ -413,24 +398,6 @@
             <!--</excludes>-->
         <!--</fileSet>-->
 
-        <!-- Copying API Manager Store Jaggery app -->
-        <fileSet>
-            <directory>
-                ../p2-profile/iot-core-profile/target/wso2carbon-core-${carbon.kernel.version}/wso2/deployment/server/jaggeryapps/api-store/
-            </directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-store
-            </outputDirectory>
-            <excludes>
-                <exclude>storeLogo/**</exclude>
-                <exclude>storeSite/**</exclude>
-                <exclude>base-page/**</exclude>
-                <exclude>login/**</exclude>
-                <exclude>styles-layout.css</exclude>
-                <exclude>**/site/conf/site.json</exclude>
-                <exclude>**/jaggery.conf</exclude>
-            </excludes>
-        </fileSet>
-
 <!--        <fileSet>-->
 <!--            <directory>-->
 <!--                ../p2-profile/iot-core-profile/target/wso2carbon-core-${carbon.kernel.version}/wso2/deployment/server/jaggeryapps/social/-->
@@ -1101,24 +1068,6 @@
             <outputDirectory>${pom.artifactId}-${pom.version}/conf/tomcat</outputDirectory>
         </file>
 
-        <!-- Copying config file for enabling sso in api-store-->
-        <file>
-            <source>src/core/jaggeryapps/api-store/site/conf/site.json</source>
-            <outputDirectory>
-                ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-store/site/conf
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-
-        <!-- Copying config file for enabling sso in api-publisher-->
-        <file>
-            <source>src/core/jaggeryapps/api-publisher/site/conf/site.json</source>
-            <outputDirectory>
-                ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-publisher/site/conf
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-
         <!-- Copying synapse.properties file -->
         <file>
             <source>src/core/conf/synapse.properties</source>
@@ -1458,13 +1407,6 @@
             <filtered>true</filtered>
             <fileMode>644</fileMode>
         </file>
-        <file>
-            <source>src/core/jaggeryapps/api-store/jaggery.conf</source>
-            <outputDirectory>
-                ${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps/api-store/
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
 
         <file>
             <source>src/core/jaggeryapps/privacy-policies/jaggery.conf</source>
@@ -1809,6 +1751,42 @@
             <source>src/core/resources/dbscripts/postgresql.sql</source>
             <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts</outputDirectory>
         </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/db2.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/h2.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/mssql.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/mysql.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/mysql5.7.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/mysql_cluster.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/oracle.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/oracle_rac.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
+        <file>
+            <source>src/core/resources/dbscripts/apimgt/postgresql.sql</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+        </file>
         <!-- ********************************* End of Carbon DB Copying ********************************* -->
     </files>
 </assembly>

modules/distribution/src/assembly/filter.properties

@@ -18,7 +18,7 @@
 
 product.name=Entgra IoT Server
 product.key=IoT
-product.version=4.0.0-SNAPSHOT
+product.version=4.1.0-SNAPSHOT
 product.doc.version=360
 
 carbon.version=4.4.26

modules/distribution/src/core/bin/iot-server.sh

@@ -340,6 +340,8 @@ do
     -Dagent-bundle="org.wso2.carbon.emm.mdmagent" \
     -Diot.reporting.event.host="" \
     -Diot.reporting.webapp.host="" \
+    -Diot.remotesession.server.host="localhost" \
+    -Diot.remotesession.server.https.port="9443" \
     org.wso2.carbon.bootstrap.Bootstrap $*
     status=$?
 done

modules/distribution/src/core/bin/yajsw/wrapper.conf

@@ -75,16 +75,17 @@ placeHolderSoGenPropsComeHere=
 wrapper.java.command = ${java_home}\\bin\\java
 wrapper.java.classpath.1 = ${java_home}\\lib\\tools.jar
 wrapper.java.classpath.2 = ${carbon_home}\\bin\\*.jar
+wrapper.java.classpath.3 = ${carbon_home}\\wso2\\components\\plugins\\commons-lang_2.6.0.wso2v1.jar
 wrapper.app.parameter.1 = org.wso2.carbon.bootstrap.Bootstrap
 wrapper.app.parameter.2 = RUN
-wrapper.java.additional.1 = -Xbootclasspath\/a:${carbon_home}\\lib\\xboot\\*.jar
+wrapper.java.additional.1 = -Xbootclasspath\/a:${carbon_home}\\wso2\\lib\\xboot\\*.jar
 wrapper.java.additional.2 = -Xms256m
 wrapper.java.additional.3 = -Xmx1024m
 wrapper.java.additional.4 = -XX:MaxPermSize=512m
 wrapper.java.additional.5 = -XX:+HeapDumpOnOutOfMemoryError
 wrapper.java.additional.6 = -XX:HeapDumpPath=${carbon_home}\\repository\\logs\\heap-dump.hprof
 wrapper.java.additional.7 = -Dcom.sun.management.jmxremote
-wrapper.java.additional.8 = -Djava.endorsed.dirs=${carbon_home}\\wso2\\lib\\endorsed;${java_home}\\jre\\lib\\endorsed;${java_home}\\wso2\\lib\\endorsed
+wrapper.java.additional.8 = -Djava.endorsed.dirs=${carbon_home}\\wso2\\lib\\endorsed;${java_home}\\jre\\lib\\endorsed
 wrapper.java.additional.9 = -Dcarbon.registry.root=\/
 wrapper.java.additional.10 = -Dcarbon.home=${carbon_home}
 wrapper.java.additional.11 = -Dwso2.server.standalone=true

modules/distribution/src/core/conf/identity/identity.xml

@@ -134,9 +134,9 @@
         <OAuth2UserInfoEPUrl>${carbon.protocol}://${carbon.host}:${carbon.management.port}/oauth2/userinfo</OAuth2UserInfoEPUrl>
         <OIDCCheckSessionEPUrl>${carbon.protocol}://${carbon.host}:${carbon.management.port}/oidc/checksession</OIDCCheckSessionEPUrl>
         <OIDCLogoutEPUrl>${carbon.protocol}://${carbon.host}:${carbon.management.port}/oidc/logout</OIDCLogoutEPUrl>
-        <OAuth2ConsentPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/authenticationendpoint/oauth2_authz.do</OAuth2ConsentPage>
+        <OAuth2ConsentPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/devicemgt/consent.do</OAuth2ConsentPage>
         <OAuth2ErrorPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/authenticationendpoint/oauth2_error.do</OAuth2ErrorPage>
-        <OIDCConsentPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/authenticationendpoint/oauth2_consent.do</OIDCConsentPage>
+        <OIDCConsentPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/devicemgt/consent.do</OIDCConsentPage>
         <OIDCLogoutConsentPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/authenticationendpoint/oauth2_logout_consent.do</OIDCLogoutConsentPage>
         <OIDCLogoutPage>${carbon.protocol}://${carbon.host}:${carbon.management.port}/authenticationendpoint/oauth2_logout.do</OIDCLogoutPage>
         <OIDCWebFingerEPUrl>${carbon.protocol}://${carbon.host}:${carbon.management.port}/.well-known/webfinger</OIDCWebFingerEPUrl>
@@ -151,7 +151,7 @@
         <!-- Default validity period for user access tokens in seconds -->
         <UserAccessTokenDefaultValidityPeriod>3600</UserAccessTokenDefaultValidityPeriod>
         <!-- Validity period for refresh token -->
-        <RefreshTokenValidityPeriod>15552000</RefreshTokenValidityPeriod>
+        <RefreshTokenValidityPeriod>1555200000</RefreshTokenValidityPeriod>
         <!-- Timestamp skew in seconds -->
         <TimestampSkew>300</TimestampSkew>
         <!-- Enable OAuth caching -->

modules/distribution/src/core/conf/tomcat/catalina-server.xml

@@ -29,7 +29,7 @@
                    port="9763"
                    redirectPort="9443"
                    bindOnInit="false"
-                   maxHttpHeaderSize="8192"
+                   maxHttpHeaderSize="16384"
                    acceptorThreadCount="2"
                    maxThreads="250"
                    minSpareThreads="50"
@@ -54,7 +54,7 @@
                    port="9443"
                    bindOnInit="false"
                    sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
-                   maxHttpHeaderSize="8192"
+                   maxHttpHeaderSize="16384"
                    acceptorThreadCount="2"
                    maxThreads="250"
                    minSpareThreads="50"

modules/distribution/src/core/jaggeryapps/api-publisher/site/conf/site.json

@@ -1,59 +0,0 @@
-{
-    "theme" : {
-        "base" : "wso2",
-        "subtheme" : "modern"
-    },
-    "context" : "/api-publisher",
-    "enableRestrictByRoles" : "true",
-    "enableSelectedTenantSubscription" : "true",
-    "ssoConfiguration" : {
-        "enabled" : "false",
-        "issuer" : "API_PUBLISHER",
-        "identityProviderURL" : "https://localhost:9443/samlsso",
-        "keyStorePassword" : "",
-        "identityAlias" : "",
-        "verifyAssertionValidityPeriod":"true",
-        "timestampSkewInSeconds":"300",
-        "audienceRestrictionsEnabled":"true",
-        "responseSigningEnabled":"true",
-        "assertionSigningEnabled":"true",
-        "keyStoreName" :"",
-        "signRequests" : "true",
-	    "assertionEncryptionEnabled" : "false",
-        "idpInit" : "false",
-        "idpInitSSOURL" : "https://localhost:9443/samlsso?spEntityID=API_PUBLISHER",
-        "loginUserNameAttribute" : ""
-        //"identityProviderLogoutURL" : "https://localhost:9443/samlsso",
-        //"externalLogoutPage" : "https://localhost:9443/samlsso?slo=true"
-        //"acsURL" : "https://localhost:9443/publisher/jagg/jaggery_acs.jag", //use only if Assertion Consumer Service URL needs to be sent along with SAML request 
-        //"nameIdPolicy" : "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", //If not specified, 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' will be used
-    },
-
-    "oidcConfiguration" : {
-      "enabled" : "false",
-      "issuer" : "API_PUBLISHER",
-      "identityProviderURI" : "http://localhost:8080/openid-connect-server-webapp/",
-      "authorizationEndpointURI" : "http://localhost:8080/openid-connect-server-webapp/authorize",
-      "tokenEndpointURI" : "http://localhost:8080/openid-connect-server-webapp/token",
-      "userInfoURI" : "http://localhost:8080/openid-connect-server-webapp/userinfo",
-      "jwksURI" : "http://localhost:8080/openid-connect-server-webapp/jwk",
-      "logoutEndpointURI" : "http://localhost:8080/openid-connect-server-webapp/logout",
-      "authHttpMethod": "POST",
-      "clientConfiguration" : {
-        "clientId" : "client_am_publisher",
-        "clientSecret" : "secret",
-        "responseType" : "code",
-        "authorizationType" : "authorization_code",
-        "scope" : "phone email address openid profile",
-        "redirectURI" : "https://localhost:9443/publisher/jagg/jaggery_oidc_acs.jag",
-        "postLogoutRedirectURI" : "https://localhost:9443/store/"
-      }
-    },
-
-    "reverseProxy" : {
-        "enabled" : false,    // values true , false , "auto" - will look for  X-Forwarded-* headers
-        "host" : "sample.proxydomain.com", // If reverse proxy do not have a domain name use IP
-        "context":"",
-      //"regContext":"" // Use only if different path is used for registry
-    },
-}

modules/distribution/src/core/jaggeryapps/api-store/jaggery.conf

@@ -1,86 +0,0 @@
-{
-    "welcomeFiles":["site/pages/list-apis.jag", "index.html"],
-
-    "logLevel" : "info",
-    
-    "errorPages":
-         {
-            "401":"/site/pages/error-pages/401.html",
-            "403":"/site/pages/error-pages/403.html",
-            "404":"/site/pages/error-pages/404.html",
-            "500":"/site/pages/error-pages/500.html"
-         }
-    ,
-
-    "securityConstraints":[
-            {
-                "securityConstraint":{
-                    "webResourceCollection":{
-                        "name":"site",
-                        "urlPatterns":["/site/conf/site.json"],
-                        "methods":["GET", "POST", "PUT", "DELETE", "PATCH"]
-                    },
-                    "authRoles":["admin"]
-                }
-            }
-        ],
-
-    "urlMappings":[
-        {
-            "url":"/apis/info",
-            "path":"/site/pages/item-info.jag"
-        },
-        {
-            "url":"/apis/widget",
-            "path":"/site/pages/widget.jag"
-        },
-        {
-            "url":"/apis/list",
-            "path":"/site/pages/list-apis.jag"
-        },
-        {
-            "url":"/forum/api/topic/*",
-            "path":"/site/blocks/forum/controller/topics.jag"
-        },
-        {
-             "url":"/forum/api/reply/*",
-             "path":"/site/blocks/forum/controller/reply.jag"
-        },
-        {
-            "url":"/forum/*",
-            "path":"/site/pages/forum.jag"
-        },
-        {
-             "url":"/api-docs/*",
-             "path":"/site/blocks/api-doc/ajax/get.jag"
-        }
-    ],
-
-    "filters":[
-        {
-            "name":"HttpHeaderSecurityFilter",
-            "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
-            "params" : [{"name" : "hstsEnabled", "value" : "false"}]
-        },
-        {
-            "name": "ContentTypeBasedCachePreventionFilter",
-            "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
-            "params" : [
-                {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
-                {"name" : "filterAction", "value" : "enforce"},
-                {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
-            ]
-        }
-    ],
-
-    "filterMappings":[
-        {
-            "name":"HttpHeaderSecurityFilter",
-            "url":"*"
-        },
-        {
-            "name":"ContentTypeBasedCachePreventionFilter",
-            "url":"*"
-        }
-    ]
-}

modules/distribution/src/core/jaggeryapps/api-store/site/conf/site.json

@@ -1,56 +0,0 @@
-{
-    "theme" : {
-        "base" : "wso2"
-    },
-    "context" : "/api-store",
-    "showPublicStoreURL":true,
-    "showThemesMenu":false,
-    "tagWiseMode" :"false",
-    "tagGroupKey" :"-group",
-    "ssoConfiguration" : {
-        "enabled" : "true",
-        "issuer" : "API_STORE",
-        "identityProviderURL" : "https://localhost:9443/samlsso",
-        "keyStorePassword" : "",
-        "identityAlias" : "",
-        "responseSigningEnabled":"true",
-        "assertionSigningEnabled":"true",
-        "keyStoreName" :"",
-        "passive" : "true",
-        "signRequests" : "true",
-        "assertionEncryptionEnabled" : "false"
-    },
-    "oidcConfiguration" : {
-      "enabled" : "false",
-      "issuer" : "API_STORE",
-      "identityProviderURI" : "http://localhost:8080/openid-connect-server-webapp/",
-      "authorizationEndpointURI" : "http://localhost:8080/openid-connect-server-webapp/authorize",
-      "tokenEndpointURI" : "http://localhost:8080/openid-connect-server-webapp/token",
-      "userInfoURI" : "http://localhost:8080/openid-connect-server-webapp/userinfo",
-      "jwksURI" : "http://localhost:8080/openid-connect-server-webapp/jwk",
-      "clientConfiguration" : {
-        "clientId" : "client_am_store",
-        "clientSecret" : "secret",
-        "responseType" : "code",
-        "authorizationType" : "authorization_code",
-        "scope" : "phone email address openid profile",
-        "redirectURI" : "https://localhost:9443/api-store/jagg/jaggery_oidc_acs.jag",
-        "clientAlgorithm" : "RS256"
-      }
-    },
-    "mutualAuthConfiguration" : {
-      "enabled" : "false"
-    },
-    "forum" : {
-        "topicsPerPage" : "5",
-        "repliesPerPage" : "5",
-        "resourceIdentifier" : "common"
-    },
-    "reverseProxy" : {
-        "enabled" : false,
-        "host" : "sample.proxydomain.com",
-        "context":""
-    },
-  "mapExistingAuthApps" : false
-
-}

modules/distribution/src/core/jaggeryapps/windows-web-agent/jaggery.conf

@@ -1,125 +0,0 @@
-{
-  "displayName": "EMM Web Agent",
-  "logLevel": "error",
-  "initScripts": ["/app/modules/init.js"],
-  "urlMappings": [
-      {
-        "url": "/enrollment",
-        "path": "/lib/pages.jag"
-      },
-      {
-        "url": "/enrollment/windows/login",
-        "path": "/app/modules/enrollments/windows/agent-controller.jag"
-      },
-      {
-        "url": "/enrollment/windows/enroll",
-        "path": "/app/modules/enrollments/windows/agent-enroll.jag"
-      },
-      {
-        "url": "/enrollment/ios/download-certificate",
-        "path": "/app/modules/enrollments/ios/certificate.jag"
-      },
-      {
-        "url": "/enrollment/ios/download-agent",
-        "path": "/app/modules/enrollments/ios/agent.jag"
-      },
-      {
-        "url": "/enrollment/ios/login",
-        "path": "/app/modules/enrollments/ios/agent-controller.jag"
-      },
-      {
-        "url": "/enrollment/ios/enroll",
-        "path": "/app/modules/enrollments/ios/agent-enroll.jag"
-      },
-      {
-        "url": "/enrollment/ios/check",
-        "path": "/app/modules/enrollments/ios/agent-check.jag"
-      },
-      {
-        "url": "/api/invoker/*",
-        "path": "/api/invoker-api.jag"
-      },
-      {
-        "url": "/uuf/login",
-        "path": "/lib/modules/auth/login.jag"
-      },
-      {
-        "url": "/uuf/logout",
-        "path": "/lib/modules/auth/logout.jag"
-      },
-      {
-        "url": "/uuf/sso/acs",
-        "path": "/lib/modules/auth/acs.jag"
-      },
-      {
-        "url": "/public/*",
-        "path": "/lib/static-files.jag"
-      },
-      {
-        "url": "/unit/*",
-        "path": "/lib/units.jag"
-      },
-      {
-        "url": "/*",
-        "path": "/lib/pages.jag"
-      }
-  ],
-  "securityConstraints": [
-    {
-      "securityConstraint": {
-        "webResourceCollection": {
-          "name": "WINDOWS-WEB-AGENT",
-          "urlPatterns": [
-            "/*"
-          ]
-        },
-        "userDataConstraint": {
-          "transportGuarantee": "CONFIDENTIAL"
-        }
-      }
-    },
-    {
-      "securityConstraint": {
-        "webResourceCollection": {
-          "name": "WINDOWS-WEB-AGENT-http",
-          "urlPatterns": [
-            "/public/*",
-            "/enrollments/windows/*",
-            "/enrollment/windows/*"
-          ]
-        },
-        "userDataConstraint": {
-          "transportGuarantee": "NONE"
-        }
-      }
-    }
-  ],
-  "filters": [
-    {
-            "name": "ContentTypeBasedCachePreventionFilter",
-            "class": "org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter",
-            "params" : [
-                {"name" : "patterns", "value" : "text/html\" ,application/json\" ,text/plain"},
-                {"name" : "filterAction", "value" : "enforce"},
-                {"name" : "httpHeaders", "value" : "Cache-Control: no-store, no-cache, must-revalidate, private"}
-            ]
-    },
-    {
-      "name":"HttpHeaderSecurityFilter",
-      "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
-      "params" : [{"name" : "hstsEnabled", "value" : "false"}]
-    }
-
-  ],
-  "filterMappings": [
-    {
-      "name":"HttpHeaderSecurityFilter",
-       "url":"*"
-    },
-    {
-        "name":"ContentTypeBasedCachePreventionFilter",
-        "url":"*"
-    }
-
-  ]
-}

modules/distribution/src/core/release-notes.html

@@ -8,37 +8,20 @@
 
 <a href='https://opensource.org/licenses/Apache-2.0'><img src='https://img.shields.io/badge/License-Apache%202.0-blue.svg'></a><br/>
 
-<h1>Release Note - Entgra IoT Server Version 4.0.0</h1>
+<h1>Release Note - Entgra IoT Server Version 4.1.0</h1>
 
-<h2>We are pleased to announce Entgra IoT Server 4.0.0.</h2>
+<h2>We are pleased to announce Entgra IoT Server 4.1.0.</h2>
 
 <p>Entgra IoT Server is the successor of Entgra IoT server and includes capability to manage mobile devices(MDM), manage applications(MAM) and IoT devices in a single environment. It provides best of breed technologies for device manufacturers to develop connected smart products as well as anyone looking for a well established EMM solution to manage devices in their organisations. Entgra IoTs 3.8.0 pays special focus to Kiosk devices and many other EMM improvements.
 </p>
 
-<h4>What's new in Entgra IoTS 4.0.0</h4>
-
-<ul>
-	<li>Windows PC support added to the platform</li>
-	<li>MacOS support added to the platform</li>
-	<li>Windows PC Install Apps API level support</li>
-	<li>MacOS App install API level support</li>
-	<li>Fully rewritten App manager for performance</li>
-	<li>Defining policy type(General/corrective)</li>
-	<li>Corrective policy for policy violations</li>
-	<li>Sim change status reporting</li>
-	<li>Display extensive device information</li>
-	<li>Schedule webclip/enterprise/public app uninstall</li>
-	<li>Adding custom apps for IoT devices</li>
-	<li>Enable/Disable lock task mode</li>
-</ul>
-
 <h4>Documentation</h4>
 
-Documentations: <a href='https://entgra-documentation.gitlab.io/v3.8.0/'> Entgra IoT Server Documentation</a>
+Documentations: <a href='https://entgra-documentation.gitlab.io/v4.1.0/'> Entgra IoT Server Documentation</a>
 
 <h4>Known Issues</h4>
 
-The known set of issues this version can be found <a href='https://gitlab.com/entgra/product-iots/issues?scope=all&utf8=✓&state=opened&milestone_title=IoT%203.8.0-GA'> here.</a>
+The known set of issues this version can be found <a href='https://gitlab.com/entgra/product-iots/issues?scope=all&utf8=✓&state=opened'> here.</a>
 
 <h3>Engaging with Community</h3>
 

modules/distribution/src/core/resources/dbscripts/apimgt/db2.sql

@@ -8,7 +8,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server')
 CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER NOT NULL,
             CONSUMER_KEY VARCHAR (255) NOT NULL,
-            CONSUMER_SECRET VARCHAR (512),
+            CONSUMER_SECRET VARCHAR (2048),
             USERNAME VARCHAR (255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -18,6 +18,10 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID))
 /
@@ -30,6 +34,13 @@ REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
     = (NEXTVAL FOR IDN_OAUTH_CONSUMER_APPS_SEQUENCE);
   END
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID, SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)
+/
 CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR (512) NOT NULL,
             REQUEST_TOKEN_SECRET VARCHAR (512),
@@ -55,8 +66,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
 /
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255) NOT NULL,
-            ACCESS_TOKEN VARCHAR (255) NOT NULL,
+            ACCESS_TOKEN VARCHAR (2048) NOT NULL,
-            REFRESH_TOKEN VARCHAR (255),
+            REFRESH_TOKEN VARCHAR (2048),
             CONSUMER_KEY_ID INTEGER NOT NULL,
             AUTHZ_USER VARCHAR (100) NOT NULL,
             TENANT_ID INTEGER NOT NULL,
@@ -71,6 +82,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE' NOT NULL,
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL,
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR (512),
+            REFRESH_TOKEN_HASH VARCHAR (512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -83,12 +96,15 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED)
 /
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH)
+/
+
 CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255) NOT NULL,
-            AUTHORIZATION_CODE VARCHAR (512) NOT NULL,
+            AUTHORIZATION_CODE VARCHAR (2048) NOT NULL,
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR (1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100) NOT NULL,
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR (50) NOT NULL,
@@ -99,10 +115,14 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR(255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR (512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE)
 /
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID)
+/
+
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255) NOT NULL,
             TOKEN_SCOPE VARCHAR (60) NOT NULL,
@@ -112,11 +132,10 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 /
 CREATE TABLE IDN_OAUTH2_SCOPE (
             SCOPE_ID INTEGER NOT NULL,
-            SCOPE_KEY VARCHAR (100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR (255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR (512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INTEGER DEFAULT 0 NOT NULL,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-            ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID))
 /
 CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
@@ -131,14 +150,18 @@ BEGIN ATOMIC
 
 END
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE)
+/
 CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR (255) NOT NULL,
             SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE)
-)/
+/
-
 CREATE TABLE IDN_SCIM_GROUP (
             ID INTEGER NOT NULL,
             TENANT_ID INTEGER NOT NULL,
@@ -210,7 +233,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234 NOT NULL,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY))
 /
 CREATE TABLE IDN_IDENTITY_META_DATA (
@@ -256,6 +279,7 @@ CREATE TABLE SP_APP (
         IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
         IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
         IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
 	    SUBJECT_CLAIM_URI VARCHAR (512),
 	    IS_SAAS_APP CHAR(1) DEFAULT '0',
 	    IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -304,6 +328,7 @@ CREATE TABLE SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -359,6 +384,7 @@ CREATE TABLE SP_CLAIM_MAPPING (
 	    	SP_CLAIM VARCHAR (512) NOT NULL ,
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+		IS_MANDATORY VARCHAR(128) DEFAULT '0',
 	    	DEFAULT_VALUE VARCHAR(255),
 	    	PRIMARY KEY (ID))
 /
@@ -424,6 +450,7 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR (
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
 	    	BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+	    	RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
 	    	PRIMARY KEY (ID))
 /
 CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
@@ -439,6 +466,26 @@ CREATE TRIGGER SP_PROV_CONNECTOR_TRIG NO CASCADE
 /
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
 /
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER SP_AUTH_SCRIPT_TRIG NO CASCADE
+            BEFORE INSERT
+            ON SP_AUTH_SCRIPT
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR SP_AUTH_SCRIPT_SEQ);
+                END
+/
 CREATE TABLE IDP (
 			ID INTEGER NOT NULL,
 			TENANT_ID INTEGER NOT NULL,
@@ -474,9 +521,6 @@ CREATE TRIGGER IDP_TRIG NO CASCADE
                     SET (NEW.ID) = (NEXTVAL FOR IDP_SEQ);
                 END
 /
-
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost')/
-
 CREATE TABLE IDP_ROLE (
 			ID INTEGER NOT NULL,
 			IDP_ID INTEGER NOT NULL,
@@ -583,10 +627,6 @@ CREATE TRIGGER IDP_AUTHENTICATOR_TRIG NO CASCADE
                 END
 /
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso')/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties')/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests')/
-
 CREATE TABLE IDP_METADATA (
             ID INTEGER NOT NULL,
             IDP_ID INTEGER NOT NULL,
@@ -610,10 +650,6 @@ CREATE TRIGGER IDP_METADATA_TRIG NO CASCADE
                     SET (NEW.ID) = (NEXTVAL FOR IDP_METADATA_SEQ);
                 END
 /
-
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout')/
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout')/
-
 CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER NOT NULL,
             TENANT_ID INTEGER NOT NULL,
@@ -637,9 +673,6 @@ CREATE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG NO CASCADE
                 END
 /
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0')/
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0')/
-
 CREATE TABLE IDP_PROVISIONING_CONFIG (
             ID INTEGER NOT NULL,
             TENANT_ID INTEGER NOT NULL,
@@ -647,6 +680,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE)
@@ -790,7 +824,7 @@ CREATE TABLE WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     TENANT_ID INTEGER NOT NULL DEFAULT -1,
     PRIMARY KEY (PROFILE_NAME, TENANT_ID))
@@ -863,9 +897,484 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
 /
 
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1 NOT NULL,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500),
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE))
+/
+
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1 NOT NULL,
+  SALT_VALUE  VARCHAR(255) NOT NULL,
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+  )
+/
+
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE TRIGGER IDN_PASSWORD_HISTORY_DATA NO CASCADE
+    BEFORE INSERT
+    ON IDN_PASSWORD_HISTORY_DATA
+    REFERENCING NEW AS NEW
+    FOR EACH ROW MODE DB2SQL
+      BEGIN ATOMIC
+        SET (NEW.ID) = (NEXTVAL FOR IDN_PASSWORD_HISTORY_DATA_SEQ);
+      END
+/
+
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CLAIM_DIALECT_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_CLAIM_DIALECT
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_DIALECT_SEQ);
+                END
+/
+
+CREATE TABLE IDN_CLAIM (
+  ID INTEGER NOT NULL,
+  DIALECT_ID INTEGER NOT NULL,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CLAIM_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_CLAIM
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_SEQ);
+                END
+/
+
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL,
+  LOCAL_CLAIM_ID INTEGER NOT NULL,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPED_ATTRIBUTE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ);
+                END
+/
+
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL,
+  LOCAL_CLAIM_ID INTEGER NOT NULL,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CLAIM_PROPERTY_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_CLAIM_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_PROPERTY_SEQ);
+                END
+/
+
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CLAIM_MAPPING_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPING
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPING_SEQ);
+                END
+/
+
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_SAML2_ASSERTION_STORE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_SAML2_ASSERTION_STORE_SEQ);
+                END
+/
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (JWT_ID))
+/
+
+
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_PROPERTY_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+                BEGIN ATOMIC
+                    SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_PROPERTY_SEQ);
+                END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQUEST_OBJECT_REF_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_REFERENCE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQUEST_OBJECT_REF_SEQ);
+               END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL,
+  REQ_OBJECT_ID INTEGER ,
+  CLAIM_ATTRIBUTE VARCHAR(255),
+  ESSENTIAL CHAR(1) NOT NULL DEFAULT '0',
+  VALUE VARCHAR(255),
+  IS_USERINFO CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIMS_TRIG NO CASCADE
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_CLAIMS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ);
+               END
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL,
+  REQ_OBJECT_CLAIMS_ID INTEGER,
+  CLAIM_VALUES VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES
+            REFERENCING NEW AS NEW
+            FOR EACH ROW MODE DB2SQL
+               BEGIN ATOMIC
+                   SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ);
+               END
+/
+
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER NOT NULL,
+            NAME VARCHAR(100) NOT NULL,
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER NOT NULL,
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID),
+            PRIMARY KEY (ID))
+/
+CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER IDN_CERTIFICATE_TRIGGER NO CASCADE BEFORE INSERT ON IDN_CERTIFICATE
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+  BEGIN ATOMIC
+    SET (NEW.ID)
+    = (NEXTVAL FOR IDN_CERTIFICATE_SEQUENCE);
+  END
+/
 
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER NOT NULL ,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PII_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PII_CATEGORY
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PII_CATEGORY_SEQ);
+
+END
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER NOT NULL,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PURPOSE_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PURPOSE_SEQ);
+
+END
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER NOT NULL,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_PURPOSE_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE_CATEGORY
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_PURPOSE_CATEGORY_SEQ);
+
+END
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER NOT NULL,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234 NOT NULL,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_RECEIPT_SP_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_RECEIPT_SP_ASSOC
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_RECEIPT_SP_ASSOC_SEQ);
+
+END
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER NOT NULL,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TRIGGER CM_SP_PURPOSE_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_SP_PURPOSE_ASSOC
+REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL
+
+BEGIN ATOMIC
+
+    SET (NEW.ID)
+       = (NEXTVAL FOR CM_SP_PURPOSE_ASSOC_SEQ);
+
+END
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_PII_CAT_ASSOC_SEQ
+  START WITH 1
+  INCREMENT BY 1 NOCACHE
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')/
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')/
+
+-- End of CONSENT-MGT Tables --
 
 -- Start of API-MGT Tables --
 CREATE TABLE AM_SUBSCRIBER (
@@ -949,7 +1458,7 @@ CREATE TABLE AM_SUBSCRIPTION (
 
 CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING (
             SUBSCRIPTION_ID INTEGER NOT NULL,
-            ACCESS_TOKEN VARCHAR(255) NOT NULL,
+            ACCESS_TOKEN VARCHAR(512) NOT NULL,
             KEY_TYPE VARCHAR(512) NOT NULL,
             FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON DELETE RESTRICT,
             PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
@@ -1045,7 +1554,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION (
             WF_REF VARCHAR(255) NOT NULL,
             APP_ID INT NOT NULL,
             TOKEN_TYPE VARCHAR(30) NOT NULL,
-            TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+            TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
             INPUTS VARCHAR(1000),
             ALLOWED_DOMAINS VARCHAR(256),
             VALIDITY_PERIOD BIGINT,
@@ -1275,7 +1784,7 @@ CREATE TABLE AM_THROTTLE_TIER_PERMISSIONS (
 CREATE TABLE AM_BLOCK_CONDITIONS (
   CONDITION_ID INT NOT NULL  GENERATED ALWAYS AS IDENTITY (START WITH 1 INCREMENT BY 1),
   TYPE varchar(45) DEFAULT NULL,
-  VALUE varchar(45) DEFAULT NULL,
+  VALUE varchar(512) DEFAULT NULL,
   ENABLED varchar(45) DEFAULT NULL,
   DOMAIN varchar(45) DEFAULT NULL,
   UUID VARCHAR(256) NOT NULL,
@@ -1283,12 +1792,42 @@ CREATE TABLE AM_BLOCK_CONDITIONS (
   UNIQUE (UUID)
 ) /
 
+CREATE TABLE AM_CERTIFICATE_METADATA (
+  TENANT_ID INT NOT NULL,
+  ALIAS VARCHAR(45) NOT NULL,
+  END_POINT VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT)
+) /
+
+CREATE TABLE AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INT NOT NULL,
+    GROUP_ID VARCHAR(512) NOT NULL,
+    TENANT VARCHAR(255) NOT NULL,
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE
+) /
+
+CREATE TABLE AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP(0) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED SMALLINT NOT NULL DEFAULT 0,
+  FILE_CONTENT BLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+) /
+
+CREATE TABLE AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER NOT NULL,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP(0) NOT NULL,
+    PRIMARY KEY (ID)
+) /
 -- End of API-MGT Tables --
 
 -- Performance indexes start--
-
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME)/
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN)/
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE)/
 create index IDX_AAI_CTX on AM_API (CONTEXT)/
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY)/
@@ -1300,5 +1839,3 @@ create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE)/
 create index IDX_AS_AITIAI on AM_SUBSCRIPTION (API_ID,TIER_ID,APPLICATION_ID)/
 create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE)/
 create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY)/
-
--- Performance indexes end--

modules/distribution/src/core/resources/dbscripts/apimgt/h2.sql

@@ -9,7 +9,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
 CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER NOT NULL AUTO_INCREMENT,
             CONSUMER_KEY VARCHAR (255),
-            CONSUMER_SECRET VARCHAR (512),
+            CONSUMER_SECRET VARCHAR (2048),
             USERNAME VARCHAR (255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -19,10 +19,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID)
 );
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR (512),
             REQUEST_TOKEN_SECRET VARCHAR (512),
@@ -50,8 +61,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR (255),
+            ACCESS_TOKEN VARCHAR (2048),
-            REFRESH_TOKEN VARCHAR (255),
+            REFRESH_TOKEN VARCHAR (2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
@@ -66,6 +77,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR (512),
+            REFRESH_TOKEN_HASH VARCHAR (512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -76,12 +89,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR (512),
+            AUTHORIZATION_CODE VARCHAR (2048),
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR (1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
@@ -92,10 +107,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR (255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR (512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 );
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255),
             TOKEN_SCOPE VARCHAR (60),
@@ -106,17 +124,22 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
             SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT,
-            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR(255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR(512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INTEGER NOT NULL DEFAULT 0,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-            ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID)
 );
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR(255) NOT NULL,
-            SCOPE_ID INTEGER (11) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
             FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
@@ -174,7 +197,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 );
 
@@ -220,6 +243,7 @@ CREATE TABLE IF NOT EXISTS SP_APP (
 	    	IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
         IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
         IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
 	    	SUBJECT_CLAIM_URI VARCHAR (512),
 	    	IS_SAAS_APP CHAR(1) DEFAULT '0',
 	    	IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -243,6 +267,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -276,6 +301,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
 	   	SP_CLAIM VARCHAR (512) NOT NULL ,
 	   	APP_ID INTEGER NOT NULL,
 	   	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+		IS_MANDATORY VARCHAR(128) DEFAULT '0',
 	   	DEFAULT_VALUE VARCHAR(255),
 	   	PRIMARY KEY (ID));
 
@@ -308,10 +334,20 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
 	    	BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+	    	RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
 	    	PRIMARY KEY (ID));
 
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
 
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID));
+
 CREATE TABLE IF NOT EXISTS IDP (
 			ID INTEGER AUTO_INCREMENT,
 			TENANT_ID INTEGER,
@@ -336,8 +372,6 @@ CREATE TABLE IF NOT EXISTS IDP (
 			PRIMARY KEY (ID),
 			UNIQUE (TENANT_ID, NAME));
 
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
-
 CREATE TABLE IF NOT EXISTS IDP_ROLE (
 			ID INTEGER AUTO_INCREMENT,
 			IDP_ID INTEGER,
@@ -388,10 +422,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
             UNIQUE (TENANT_ID, IDP_ID, NAME),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
-
 CREATE TABLE IF NOT EXISTS IDP_METADATA (
             ID INTEGER AUTO_INCREMENT,
             IDP_ID INTEGER,
@@ -403,9 +433,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA (
             CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
 
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
-
 CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -417,9 +444,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
             FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
-
 CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -427,6 +451,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
@@ -514,7 +539,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     TENANT_ID INTEGER DEFAULT -1,
     PRIMARY KEY (PROFILE_NAME, TENANT_ID)
@@ -573,6 +598,277 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
 );
+
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH),
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID),
+);
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255),
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+);
+
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) NOT NULL DEFAULT '0',
+  VALUE VARCHAR(255) ,
+  IS_USERINFO CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER DEFAULT 0,
+            PRIMARY KEY(ID),
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+);
+
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-MGT Tables --
 
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
@@ -753,7 +1049,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INT,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -978,7 +1274,7 @@ CREATE TABLE IF NOT EXISTS AM_THROTTLE_TIER_PERMISSIONS (
 CREATE TABLE `AM_BLOCK_CONDITIONS` (
   `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT,
   `TYPE` varchar(45) DEFAULT NULL,
-  `VALUE` varchar(45) DEFAULT NULL,
+  `VALUE` varchar(512) DEFAULT NULL,
   `ENABLED` varchar(45) DEFAULT NULL,
   `DOMAIN` varchar(45) DEFAULT NULL,
   `UUID` VARCHAR(256),
@@ -986,4 +1282,37 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` (
   UNIQUE (UUID)
 );
 
+CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` (
+  `TENANT_ID` INT(11) NOT NULL,
+  `ALIAS` VARCHAR(45) NOT NULL,
+  `END_POINT` VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`),
+);
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512) NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED tinyint(1) DEFAULT 0,
+  FILE_CONTENT MEDIUMBLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER(11) NOT NULL AUTO_INCREMENT,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+);
+
 -- End of API-MGT Tables --

modules/distribution/src/core/resources/dbscripts/apimgt/mssql.sql

@@ -11,7 +11,7 @@ IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[I
 CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
   ID INTEGER IDENTITY,
   CONSUMER_KEY VARCHAR(255),
-            CONSUMER_SECRET VARCHAR(512),
+  CONSUMER_SECRET VARCHAR(2048),
   USERNAME VARCHAR(255),
   TENANT_ID INTEGER DEFAULT 0,
   USER_DOMAIN VARCHAR(50),
@@ -21,10 +21,22 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
   GRANT_TYPES VARCHAR(1024),
   PKCE_MANDATORY CHAR(1) DEFAULT '0',
   PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+  APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+  USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+  APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+  REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
   CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
   PRIMARY KEY (ID)
 );
 
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_VALIDATORS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH1A_REQUEST_TOKEN]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN (
   REQUEST_TOKEN VARCHAR(512),
@@ -55,8 +67,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_ACCESS_TOKEN]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
   TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR(255),
+  ACCESS_TOKEN VARCHAR(2048),
-            REFRESH_TOKEN VARCHAR(255),
+  REFRESH_TOKEN VARCHAR(2048),
   CONSUMER_KEY_ID INTEGER,
   AUTHZ_USER VARCHAR (100),
   TENANT_ID INTEGER,
@@ -71,6 +83,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
   TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
   TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
   SUBJECT_IDENTIFIER VARCHAR(255),
+  ACCESS_TOKEN_HASH VARCHAR(512),
+  REFRESH_TOKEN_HASH VARCHAR(512),
   PRIMARY KEY (TOKEN_ID),
   FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
   CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -81,16 +95,18 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 IF EXISTS (SELECT NAME FROM SYSINDEXES WHERE NAME = 'IDX_AT_CK_AU')
 DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT_CK_AU
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_AUTHORIZATION_CODE]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
   CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR(512),
+  AUTHORIZATION_CODE VARCHAR(2048),
   CONSUMER_KEY_ID INTEGER,
   CALLBACK_URL VARCHAR(1024),
-            SCOPE VARCHAR(2048),
+  SCOPE VARCHAR(4096),
   AUTHZ_USER VARCHAR (100),
   TENANT_ID INTEGER,
   USER_DOMAIN VARCHAR(50),
@@ -101,10 +117,13 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
   SUBJECT_IDENTIFIER VARCHAR(255),
   PKCE_CODE_CHALLENGE VARCHAR (255),
   PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+  AUTHORIZATION_CODE_HASH VARCHAR(512),
   PRIMARY KEY (CODE_ID),
   FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 );
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
+
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_ACCESS_TOKEN_SCOPE]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
   TOKEN_ID VARCHAR (255),
@@ -117,21 +136,27 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH2_SCOPE (
   SCOPE_ID INTEGER IDENTITY,
-  			SCOPE_KEY VARCHAR(100) NOT NULL,
+  NAME VARCHAR(255) NOT NULL,
-  			NAME VARCHAR(255) NULL,
+  DISPLAY_NAME VARCHAR(255) NOT NULL,
-  			DESCRIPTION VARCHAR(512) NULL,
+  DESCRIPTION VARCHAR(512),
-  			TENANT_ID INTEGER NOT NULL DEFAULT 0,
+  TENANT_ID INTEGER NOT NULL DEFAULT -1,
-			ROLES VARCHAR (500) NULL,
   PRIMARY KEY (SCOPE_ID)
 );
 
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_BINDING]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+  SCOPE_ID INTEGER NOT NULL,
+  SCOPE_BINDING VARCHAR(255),
+  FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_RESOURCE_SCOPE]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE (
   RESOURCE_PATH VARCHAR(255) NOT NULL,
   SCOPE_ID INTEGER NOT NULL,
   TENANT_ID INTEGER DEFAULT -1,
   PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+  FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
 );
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SCIM_GROUP]') AND TYPE IN (N'U'))
@@ -192,7 +217,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
   TENANT_ID INTEGER DEFAULT -1234,
   USER_NAME VARCHAR(255) NOT NULL,
   DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+  DATA_VALUE VARCHAR(2048),
   PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 );
 
@@ -243,11 +268,14 @@ CREATE TABLE SP_APP (
   IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
   IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
   IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+  ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
   SUBJECT_CLAIM_URI VARCHAR (512),
   IS_SAAS_APP CHAR(1) DEFAULT '0',
   IS_DUMB_MODE CHAR(1) DEFAULT '0',
   PRIMARY KEY (ID),
-	CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID));
+  CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID)
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_METADATA]') AND TYPE IN (N'U'))
 CREATE TABLE SP_METADATA (
@@ -259,7 +287,8 @@ CREATE TABLE SP_METADATA (
   TENANT_ID INTEGER DEFAULT -1,
   PRIMARY KEY (ID),
   CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME),
-            FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_INBOUND_AUTH]') AND TYPE IN (N'U'))
 CREATE TABLE SP_INBOUND_AUTH (
@@ -267,11 +296,14 @@ CREATE TABLE SP_INBOUND_AUTH (
   TENANT_ID INTEGER NOT NULL,
   INBOUND_AUTH_KEY VARCHAR (255),
   INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+  INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
   PROP_NAME VARCHAR (255),
   PROP_VALUE VARCHAR (1024) ,
   APP_ID INTEGER NOT NULL,
   PRIMARY KEY (ID),
-            CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_STEP]') AND TYPE IN (N'U'))
 CREATE TABLE SP_AUTH_STEP (
@@ -282,7 +314,9 @@ CREATE TABLE SP_AUTH_STEP (
   IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
   IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
   PRIMARY KEY (ID),
-            CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_FEDERATED_IDP]') AND TYPE IN (N'U'))
 CREATE TABLE SP_FEDERATED_IDP (
@@ -290,7 +324,9 @@ CREATE TABLE SP_FEDERATED_IDP (
   TENANT_ID INTEGER NOT NULL,
   AUTHENTICATOR_ID INTEGER NOT NULL,
   PRIMARY KEY (ID, AUTHENTICATOR_ID),
-	    CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE);
+  CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_CLAIM_MAPPING]') AND TYPE IN (N'U'))
 CREATE TABLE SP_CLAIM_MAPPING (
@@ -300,9 +336,12 @@ CREATE TABLE SP_CLAIM_MAPPING (
   SP_CLAIM VARCHAR (512) NOT NULL ,
   APP_ID INTEGER NOT NULL,
   IS_REQUESTED VARCHAR(128) DEFAULT '0',
+  IS_MANDATORY VARCHAR(128) DEFAULT '0',
   DEFAULT_VALUE VARCHAR(255),
   PRIMARY KEY (ID),
-            CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_ROLE_MAPPING]') AND TYPE IN (N'U'))
 CREATE TABLE SP_ROLE_MAPPING (
@@ -312,7 +351,9 @@ CREATE TABLE SP_ROLE_MAPPING (
   SP_ROLE VARCHAR (255) NOT NULL ,
   APP_ID INTEGER NOT NULL,
   PRIMARY KEY (ID),
-            CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_REQ_PATH_AUTHENTICATOR]') AND TYPE IN (N'U'))
 CREATE TABLE SP_REQ_PATH_AUTHENTICATOR (
@@ -321,7 +362,9 @@ CREATE TABLE SP_REQ_PATH_AUTHENTICATOR (
   AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
   APP_ID INTEGER NOT NULL,
   PRIMARY KEY (ID),
-            CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_PROVISIONING_CONNECTOR]') AND TYPE IN (N'U'))
 CREATE TABLE SP_PROVISIONING_CONNECTOR (
@@ -332,8 +375,21 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR (
   APP_ID INTEGER NOT NULL,
   IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
   BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+  RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
   PRIMARY KEY (ID),
-            CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE);
+  CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+);
+
+IF NOT EXISTS(SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_SCRIPT]') AND TYPE IN (N'U'))
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER IDENTITY NOT NULL,
+  TENANT_ID  INTEGER          NOT NULL,
+  APP_ID     INTEGER          NOT NULL,
+  TYPE       VARCHAR(255)     NOT NULL,
+  CONTENT    VARBINARY(MAX)    DEFAULT NULL,
+  IS_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID)
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP]') AND TYPE IN (N'U'))
 CREATE TABLE IDP (
@@ -358,9 +414,8 @@ CREATE TABLE IDP (
   IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
   PRIMARY KEY (ID),
   DISPLAY_NAME VARCHAR(255),
-			UNIQUE (TENANT_ID, NAME));
+  UNIQUE (TENANT_ID, NAME)
-
+);
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_ROLE (
@@ -370,7 +425,8 @@ CREATE TABLE IDP_ROLE (
   ROLE VARCHAR(254),
   PRIMARY KEY (ID),
   UNIQUE (IDP_ID, ROLE),
-			FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE_MAPPING]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_ROLE_MAPPING (
@@ -381,7 +437,8 @@ CREATE TABLE IDP_ROLE_MAPPING (
   LOCAL_ROLE VARCHAR(253),
   PRIMARY KEY (ID),
   UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
-			FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_CLAIM (
@@ -391,7 +448,8 @@ CREATE TABLE IDP_CLAIM (
   CLAIM VARCHAR(254),
   PRIMARY KEY (ID),
   UNIQUE (IDP_ID, CLAIM),
-			FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM_MAPPING]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_CLAIM_MAPPING (
@@ -403,7 +461,8 @@ CREATE TABLE IDP_CLAIM_MAPPING (
     IS_REQUESTED VARCHAR(128) DEFAULT '0',
   PRIMARY KEY (ID),
   UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
-			FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_AUTHENTICATOR (
@@ -415,11 +474,8 @@ CREATE TABLE IDP_AUTHENTICATOR (
   DISPLAY_NAME VARCHAR(255),
   PRIMARY KEY (ID),
   UNIQUE (TENANT_ID, IDP_ID, NAME),
-            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
-
+);
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_METADATA]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_METADATA (
@@ -431,10 +487,8 @@ CREATE TABLE IDP_METADATA (
   TENANT_ID INTEGER DEFAULT -1,
   PRIMARY KEY (ID),
   CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
-            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
-
+);
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR_PROPERTY]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
@@ -446,10 +500,8 @@ CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
   IS_SECRET CHAR (1) DEFAULT '0',
   PRIMARY KEY (ID),
   UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
-            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
+  FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
-
+);
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_CONFIG]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_PROVISIONING_CONFIG (
@@ -459,9 +511,11 @@ CREATE TABLE IDP_PROVISIONING_CONFIG (
   PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
   IS_ENABLED CHAR (1) DEFAULT '0',
   IS_BLOCKING CHAR (1) DEFAULT '0',
+  IS_RULES_ENABLED CHAR (1) DEFAULT '0',
   PRIMARY KEY (ID),
   UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
-            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROV_CONFIG_PROPERTY]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_PROV_CONFIG_PROPERTY (
@@ -475,7 +529,8 @@ CREATE TABLE IDP_PROV_CONFIG_PROPERTY (
   IS_SECRET CHAR (1) DEFAULT '0',
   PRIMARY KEY (ID),
   UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
-            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+  FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_ENTITY]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_PROVISIONING_ENTITY (
@@ -490,7 +545,8 @@ CREATE TABLE IDP_PROVISIONING_ENTITY (
   PRIMARY KEY (ID),
   UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
   UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
-            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+  FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_LOCAL_CLAIM]') AND TYPE IN (N'U'))
 CREATE TABLE IDP_LOCAL_CLAIM (
@@ -502,7 +558,8 @@ CREATE TABLE IDP_LOCAL_CLAIM (
   IS_REQUESTED VARCHAR(128) DEFAULT '0',
   PRIMARY KEY (ID),
   UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
-            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_ASSOCIATED_ID]') AND TYPE IN (N'U'))
 CREATE TABLE IDN_ASSOCIATED_ID (
@@ -523,7 +580,8 @@ CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
   TENANT_ID INTEGER,
   DOMAIN_NAME VARCHAR(255) NOT NULL,
   USER_NAME VARCHAR(255) NOT NULL,
-            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[FIDO_DEVICE_STORE]') AND TYPE IN (N'U'))
 CREATE TABLE FIDO_DEVICE_STORE (
@@ -533,7 +591,8 @@ CREATE TABLE FIDO_DEVICE_STORE (
   TIME_REGISTERED DATETIME,
   KEY_HANDLE VARCHAR(200) NOT NULL,
   DEVICE_DATA VARCHAR(2048) NOT NULL,
-      PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+  PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)
+);
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST]') AND TYPE IN (N'U'))
 CREATE TABLE WF_REQUEST (
@@ -554,7 +613,7 @@ CREATE TABLE WF_BPS_PROFILE (
   HOST_URL_MANAGER VARCHAR(255),
   HOST_URL_WORKER VARCHAR(255),
   USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+  PASSWORD VARCHAR(1023),
   CALLBACK_HOST VARCHAR (45),
   TENANT_ID INTEGER DEFAULT -1,
   PRIMARY KEY (PROFILE_NAME, TENANT_ID)
@@ -620,6 +679,282 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
 );
 
 
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_RECOVERY_DATA]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED DATETIME NOT NULL,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_PASSWORD_HISTORY_DATA]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL IDENTITY ,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED DATETIME NOT NULL,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH),
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_DIALECT]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL IDENTITY,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CLAIM (
+  ID INTEGER NOT NULL IDENTITY,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPED_ATTRIBUTE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL IDENTITY,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL IDENTITY,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL IDENTITY,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE ,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE NO ACTION ,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SAML2_ASSERTION_STORE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL IDENTITY,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_JTI]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_JTI  (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME DATETIME NOT NULL,
+  TIME_CREATED DATETIME NOT NULL,
+  PRIMARY KEY (JWT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL IDENTITY,
+  TENANT_ID  INTEGER ,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL ,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_REFERENCE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL IDENTITY,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE ,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID),
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_CLAIMS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL IDENTITY,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJ_CLAIM_VALUES]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL IDENTITY,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CERTIFICATE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_CERTIFICATE (
+             ID INTEGER IDENTITY,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM VARBINARY(MAX),
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+);
+
+-- Start of CONSENT-MGT Tables --
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PII_CATEGORY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER      NOT NULL  IDENTITY,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT]') AND TYPE IN (N'U'))
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   DATETIME    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER      NOT NULL  IDENTITY,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_CATEGORY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER      NOT NULL  IDENTITY,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT_SP_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER      NOT NULL  IDENTITY,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER      NOT NULL  IDENTITY,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID),
+  FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID),
+  PRIMARY KEY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PURPOSE_CAT_ASSC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID),
+  FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID),
+  FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U'))
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID),
+  FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID),
+  FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+);
+
+IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_CONSENT_RECEIPT_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME),
+  FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-Mgt Tables --
 
 IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_SUBSCRIBER]') AND TYPE IN (N'U'))
@@ -716,7 +1051,7 @@ IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[A
 
 CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING (
     SUBSCRIPTION_ID INTEGER,
-    ACCESS_TOKEN VARCHAR(255),
+    ACCESS_TOKEN VARCHAR(512),
     KEY_TYPE VARCHAR(512) NOT NULL,
     FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE,
     PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
@@ -742,7 +1077,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INTEGER,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -1072,7 +1407,7 @@ IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[A
 CREATE TABLE AM_BLOCK_CONDITIONS (
   CONDITION_ID INTEGER IDENTITY(1,1),
   TYPE varchar(45) DEFAULT NULL,
-  VALUE varchar(45) DEFAULT NULL,
+  VALUE varchar(512) DEFAULT NULL,
   ENABLED varchar(45) DEFAULT NULL,
   DOMAIN varchar(45) DEFAULT NULL,
   UUID VARCHAR(256),
@@ -1080,13 +1415,49 @@ CREATE TABLE AM_BLOCK_CONDITIONS (
   UNIQUE (UUID)
 );
 
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_CERTIFICATE_METADATA]') AND TYPE IN (N'U'))
+CREATE TABLE AM_CERTIFICATE_METADATA (
+  TENANT_ID INTEGER NOT NULL,
+  ALIAS VARCHAR(45) NOT NULL,
+  END_POINT VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APPLICATION_GROUP_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512),
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_USAGE_UPLOADED_FILES]') AND TYPE IN (N'U'))
+CREATE TABLE AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN VARCHAR(255) NOT NULL,
+  FILE_NAME VARCHAR(255) NOT NULL,
+  FILE_TIMESTAMP DATETIME DEFAULT GETDATE(),
+  FILE_PROCESSED INTEGER DEFAULT 0,
+  FILE_CONTENT VARBINARY(MAX) DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+);
+
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_LC_PUBLISH_EVENTS]') AND TYPE IN (N'U'))
+CREATE TABLE AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER NOT NULL IDENTITY,
+    TENANT_DOMAIN VARCHAR(255) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME DATETIME DEFAULT GETDATE(),
+    PRIMARY KEY (ID)
+);
 -- End of API-MGT Tables --
 
 
 --Permance indexes start--
 
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME);
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN);
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE);
 create index IDX_AAI_CTX on AM_API (CONTEXT);
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);

modules/distribution/src/core/resources/dbscripts/apimgt/mysql.sql

@@ -10,7 +10,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
 CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER NOT NULL AUTO_INCREMENT,
             CONSUMER_KEY VARCHAR(255),
-            CONSUMER_SECRET VARCHAR(512),
+            CONSUMER_SECRET VARCHAR(2048),
             USERNAME VARCHAR(255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -20,10 +20,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID)
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR(255),
             REQUEST_TOKEN_SECRET VARCHAR(512),
@@ -51,8 +62,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN VARCHAR(2048),
-            REFRESH_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
@@ -67,6 +78,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR(512),
+            REFRESH_TOKEN_HASH VARCHAR(512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -77,12 +90,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR(512),
+            AUTHORIZATION_CODE VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR(1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
@@ -93,10 +108,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR(255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR(512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255),
             TOKEN_SCOPE VARCHAR (60),
@@ -106,21 +124,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 )ENGINE INNODB;
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
-            SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT,
+            SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT,
-            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR(255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR(512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INT(11) NOT NULL DEFAULT 0,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-            ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID)
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR(255) NOT NULL,
-            SCOPE_ID INTEGER (11) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
 CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
@@ -175,7 +198,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 )ENGINE INNODB;
 
@@ -222,6 +245,7 @@ CREATE TABLE IF NOT EXISTS SP_APP (
 	    	IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
         IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
         IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
 	    	SUBJECT_CLAIM_URI VARCHAR (512),
 	    	IS_SAAS_APP CHAR(1) DEFAULT '0',
 	    	IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -247,6 +271,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -283,6 +308,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
             APP_ID INTEGER NOT NULL,
             IS_REQUESTED VARCHAR(128) DEFAULT '0',
+	    IS_MANDATORY VARCHAR(128) DEFAULT '0',
             DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID)
 )ENGINE INNODB;
@@ -318,11 +344,21 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
             APP_ID INTEGER NOT NULL,
             IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             PRIMARY KEY (ID)
 )ENGINE INNODB;
 
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
 
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID));
+
 CREATE TABLE IF NOT EXISTS IDP (
 			ID INTEGER AUTO_INCREMENT,
 			TENANT_ID INTEGER,
@@ -348,8 +384,6 @@ CREATE TABLE IF NOT EXISTS IDP (
 			UNIQUE (TENANT_ID, NAME)
 )ENGINE INNODB;
 
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
-
 CREATE TABLE IF NOT EXISTS IDP_ROLE (
 			ID INTEGER AUTO_INCREMENT,
 			IDP_ID INTEGER,
@@ -405,10 +439,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
-
 CREATE TABLE IF NOT EXISTS IDP_METADATA (
             ID INTEGER AUTO_INCREMENT,
             IDP_ID INTEGER,
@@ -421,9 +451,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
-
 CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -436,9 +463,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
-
 CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -446,6 +470,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
@@ -539,7 +564,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     CALLBACK_USERNAME VARCHAR (45),
     CALLBACK_PASSWORD VARCHAR (255),
@@ -601,8 +626,279 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY(ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) DEFAULT '0' ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+             ID INTEGER NOT NULL AUTO_INCREMENT,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM BLOB,
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+)ENGINE INNODB;
+
+
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+)ENGINE INNODB;
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-MGT Tables --
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
     SUBSCRIBER_ID INTEGER AUTO_INCREMENT,
@@ -686,7 +982,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
 
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
     SUBSCRIPTION_ID INTEGER,
-    ACCESS_TOKEN VARCHAR(255),
+    ACCESS_TOKEN VARCHAR(512),
     KEY_TYPE VARCHAR(255) NOT NULL,
     FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
     PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
@@ -781,7 +1077,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INT,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -1010,7 +1306,7 @@ ENGINE = InnoDB;
 CREATE TABLE `AM_BLOCK_CONDITIONS` (
   `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT,
   `TYPE` varchar(45) DEFAULT NULL,
-  `VALUE` varchar(45) DEFAULT NULL,
+  `VALUE` varchar(512) DEFAULT NULL,
   `ENABLED` varchar(45) DEFAULT NULL,
   `DOMAIN` varchar(45) DEFAULT NULL,
   `UUID` VARCHAR(254),
@@ -1018,17 +1314,47 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` (
   UNIQUE (`UUID`)
 ) ENGINE=InnoDB;
 
+CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` (
+  `TENANT_ID` INT(11) NOT NULL,
+  `ALIAS` VARCHAR(45) NOT NULL,
+  `END_POINT` VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512)NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED tinyint(1) DEFAULT FALSE,
+  FILE_CONTENT MEDIUMBLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER(11) NOT NULL AUTO_INCREMENT,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+) ENGINE=InnoDB;
+
 -- End of API-MGT Tables --
 
 -- Performance indexes start--
 
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME);
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN);
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE);
-create index IDX_AAI_CTX on AM_API (CONTEXT);
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);
 create index IDX_AAUM_AI on AM_API_URL_MAPPING (API_ID);
-create index IDX_AAUM_TT on AM_API_URL_MAPPING (THROTTLING_TIER);
 create index IDX_AATP_DQT on AM_API_THROTTLE_POLICY (DEFAULT_QUOTA_TYPE);
 create index IDX_ACG_QT on AM_CONDITION_GROUP (QUOTA_TYPE);
 create index IDX_APS_QT on AM_POLICY_SUBSCRIPTION (QUOTA_TYPE);

modules/distribution/src/core/resources/dbscripts/apimgt/mysql5.7.sql

@@ -10,7 +10,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
 CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER NOT NULL AUTO_INCREMENT,
             CONSUMER_KEY VARCHAR(255),
-            CONSUMER_SECRET VARCHAR(512),
+            CONSUMER_SECRET VARCHAR(2048),
             USERNAME VARCHAR(255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -20,10 +20,21 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID)
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR(255),
             REQUEST_TOKEN_SECRET VARCHAR(512),
@@ -51,22 +62,24 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN VARCHAR(2048),
-            REFRESH_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
             USER_TYPE VARCHAR (25),
             GRANT_TYPE VARCHAR (50),
-            TIME_CREATED TIMESTAMP,
+            TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-            REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            REFRESH_TOKEN_TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
             VALIDITY_PERIOD BIGINT,
             REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
             TOKEN_SCOPE_HASH VARCHAR(32),
             TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR(512),
+            REFRESH_TOKEN_HASH VARCHAR(512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -77,12 +90,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR(512),
+            AUTHORIZATION_CODE VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR(1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
@@ -93,10 +108,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR(255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR(512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255),
             TOKEN_SCOPE VARCHAR (60),
@@ -106,21 +124,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 )ENGINE INNODB;
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
-            SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT,
+            SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT,
-            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR(255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR(512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INT(11) NOT NULL DEFAULT 0,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-            ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID)
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR(255) NOT NULL,
-            SCOPE_ID INTEGER (11) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
 CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
@@ -175,7 +198,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 )ENGINE INNODB;
 
@@ -222,6 +245,7 @@ CREATE TABLE IF NOT EXISTS SP_APP (
 	    	IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
         IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
         IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
 	    	SUBJECT_CLAIM_URI VARCHAR (512),
 	    	IS_SAAS_APP CHAR(1) DEFAULT '0',
 	    	IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -247,6 +271,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -283,6 +308,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
             APP_ID INTEGER NOT NULL,
             IS_REQUESTED VARCHAR(128) DEFAULT '0',
+	    IS_MANDATORY VARCHAR(128) DEFAULT '0',
             DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID)
 )ENGINE INNODB;
@@ -318,11 +344,21 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
             APP_ID INTEGER NOT NULL,
             IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             PRIMARY KEY (ID)
 )ENGINE INNODB;
 
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
 
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID));
+
 CREATE TABLE IF NOT EXISTS IDP (
 			ID INTEGER AUTO_INCREMENT,
 			TENANT_ID INTEGER,
@@ -348,8 +384,6 @@ CREATE TABLE IF NOT EXISTS IDP (
 			UNIQUE (TENANT_ID, NAME)
 )ENGINE INNODB;
 
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
-
 CREATE TABLE IF NOT EXISTS IDP_ROLE (
 			ID INTEGER AUTO_INCREMENT,
 			IDP_ID INTEGER,
@@ -405,10 +439,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
-
 CREATE TABLE IF NOT EXISTS IDP_METADATA (
             ID INTEGER AUTO_INCREMENT,
             IDP_ID INTEGER,
@@ -421,9 +451,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
-
 CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -436,9 +463,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
 )ENGINE INNODB;
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
-
 CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -446,6 +470,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
@@ -539,7 +564,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     CALLBACK_USERNAME VARCHAR (45),
     CALLBACK_PASSWORD VARCHAR (255),
@@ -601,8 +626,279 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
 )ENGINE INNODB;
 
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY(ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS  IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+             ID INTEGER NOT NULL AUTO_INCREMENT,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM BLOB,
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+)ENGINE INNODB;
+
+
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)ENGINE INNODB;
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+)ENGINE INNODB;
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-MGT Tables --
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
     SUBSCRIBER_ID INTEGER AUTO_INCREMENT,
@@ -686,7 +982,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
 
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
     SUBSCRIPTION_ID INTEGER,
-    ACCESS_TOKEN VARCHAR(255),
+    ACCESS_TOKEN VARCHAR(512),
     KEY_TYPE VARCHAR(512) NOT NULL,
     FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
     PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
@@ -781,7 +1077,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INT,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -1009,7 +1305,7 @@ ENGINE = InnoDB;
 CREATE TABLE `AM_BLOCK_CONDITIONS` (
   `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT,
   `TYPE` varchar(45) DEFAULT NULL,
-  `VALUE` varchar(45) DEFAULT NULL,
+  `VALUE` varchar(512) DEFAULT NULL,
   `ENABLED` varchar(45) DEFAULT NULL,
   `DOMAIN` varchar(45) DEFAULT NULL,
   `UUID` VARCHAR(256),
@@ -1017,12 +1313,43 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` (
   UNIQUE (`UUID`)
 ) ENGINE=InnoDB;
 
+CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` (
+  `TENANT_ID` INT(11) NOT NULL,
+  `ALIAS` VARCHAR(45) NOT NULL,
+  `END_POINT` VARCHAR(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512) NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED tinyint(1) DEFAULT FALSE,
+  FILE_CONTENT MEDIUMBLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER(11) NOT NULL AUTO_INCREMENT,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+) ENGINE=InnoDB;
 -- End of API-MGT Tables --
 
 -- Performance indexes start--
 
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME);
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN);
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE);
 create index IDX_AAI_CTX on AM_API (CONTEXT);
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);

modules/distribution/src/core/resources/dbscripts/apimgt/mysql_cluster.sql

@@ -19,13 +19,24 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID)
 )ENGINE NDB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE NDB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR(255),
-            REQUEST_TOKEN_SECRET VARCHAR(512),
+            REQUEST_TOKEN_SECRET VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR(1024),
             SCOPE VARCHAR(2048),
@@ -50,8 +61,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN VARCHAR(2048),
-            REFRESH_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
@@ -66,6 +77,8 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR(512),
+            REFRESH_TOKEN_HASH VARCHAR(512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -76,12 +89,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR(512),
+            AUTHORIZATION_CODE VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             CALLBACK_URL VARCHAR(1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
@@ -92,10 +107,13 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR(255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR(512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 )ENGINE NDB;
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255),
             TOKEN_SCOPE VARCHAR (60),
@@ -105,21 +123,26 @@ CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
 )ENGINE NDB;
 
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
-            SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT,
+            SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT,
-            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR(255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR(512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INT(11) NOT NULL DEFAULT 0,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-            ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID)
 )ENGINE NDB;
 
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+)ENGINE NDB;
+
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR(255) NOT NULL,
-            SCOPE_ID INTEGER (11) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
 )ENGINE NDB;
 
 CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
@@ -174,7 +197,7 @@ CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 )ENGINE NDB;
 
@@ -221,6 +244,7 @@ CREATE TABLE IF NOT EXISTS SP_APP (
 	    	IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
         IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
         IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
 	    	SUBJECT_CLAIM_URI VARCHAR (512),
 	    	IS_SAAS_APP CHAR(1) DEFAULT '0',
 	    	IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -246,6 +270,7 @@ CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -282,6 +307,7 @@ CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
             APP_ID INTEGER NOT NULL,
             IS_REQUESTED VARCHAR(128) DEFAULT '0',
+	    IS_MANDATORY VARCHAR(128) DEFAULT '0',
             DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID)
 )ENGINE NDB;
@@ -317,11 +343,21 @@ CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
             APP_ID INTEGER NOT NULL,
             IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             PRIMARY KEY (ID)
 )ENGINE NDB;
 
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
 
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER AUTO_INCREMENT NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID));
+
 CREATE TABLE IF NOT EXISTS IDP (
 			ID INTEGER AUTO_INCREMENT,
 			TENANT_ID INTEGER,
@@ -347,8 +383,6 @@ CREATE TABLE IF NOT EXISTS IDP (
 			UNIQUE (TENANT_ID, NAME)
 )ENGINE NDB;
 
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
-
 CREATE TABLE IF NOT EXISTS IDP_ROLE (
 			ID INTEGER AUTO_INCREMENT,
 			IDP_ID INTEGER,
@@ -404,10 +438,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE NDB;
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
-
 CREATE TABLE IF NOT EXISTS IDP_METADATA (
             ID INTEGER AUTO_INCREMENT,
             IDP_ID INTEGER,
@@ -420,9 +450,6 @@ CREATE TABLE IF NOT EXISTS IDP_METADATA (
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
 )ENGINE NDB;
 
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
-
 CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -435,9 +462,6 @@ CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
             FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
 )ENGINE NDB;
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
-
 CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             ID INTEGER AUTO_INCREMENT,
             TENANT_ID INTEGER,
@@ -445,6 +469,7 @@ CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
@@ -538,7 +563,7 @@ CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     CALLBACK_USERNAME VARCHAR (45),
     CALLBACK_PASSWORD VARCHAR (255),
@@ -600,7 +625,278 @@ CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
 )ENGINE NDB;
 
--- End of IDN Tables--
+CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY(ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS  IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL ,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ,
+  PRIMARY KEY (JWT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS  IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) DEFAULT '0' ,
+  VALUE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) DEFAULT '0' ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER NOT NULL AUTO_INCREMENT,
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES  IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE (
+             ID INTEGER NOT NULL AUTO_INCREMENT,
+             NAME VARCHAR(100),
+             CERTIFICATE_IN_PEM BLOB,
+             TENANT_ID INTEGER DEFAULT 0,
+             PRIMARY KEY(ID),
+             CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)
+)ENGINE NDB;
+
+
+-- End of IDENTITY Tables--
+
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER AUTO_INCREMENT,
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER AUTO_INCREMENT,
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  UNIQUE KEY (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER AUTO_INCREMENT,
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER AUTO_INCREMENT,
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)ENGINE NDB;
+
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  UNIQUE KEY (CONSENT_RECEIPT_ID, NAME)
+)ENGINE NDB;
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
 
 -- Start of API-MGT Tables --
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
@@ -685,7 +981,7 @@ CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
 
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
     SUBSCRIPTION_ID INTEGER,
-    ACCESS_TOKEN VARCHAR(255),
+    ACCESS_TOKEN VARCHAR(512),
     KEY_TYPE VARCHAR(255) NOT NULL,
     FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
     PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
@@ -780,7 +1076,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INT,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -1010,7 +1306,7 @@ ENGINE = NDB;
 CREATE TABLE `AM_BLOCK_CONDITIONS` (
   `CONDITION_ID` int(11) NOT NULL AUTO_INCREMENT,
   `TYPE` varchar(45) DEFAULT NULL,
-  `VALUE` varchar(45) DEFAULT NULL,
+  `VALUE` varchar(512) DEFAULT NULL,
   `ENABLED` varchar(45) DEFAULT NULL,
   `DOMAIN` varchar(45) DEFAULT NULL,
   `UUID` VARCHAR(254),
@@ -1018,12 +1314,43 @@ CREATE TABLE `AM_BLOCK_CONDITIONS` (
   UNIQUE (`UUID`)
 ) ENGINE = NDB;
 
+CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` (
+  `TENANT_ID` INT(11) NOT NULL,
+  `ALIAS` VARCHAR(45) NOT NULL,
+  `END_POINT` VARCHAR(100) NOT NULL,
+     CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`),
+   CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`)
+) ENGINE = NDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512) NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=NDB;
 -- End of API-MGT Tables --
 
+CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN varchar(255) NOT NULL,
+  FILE_NAME varchar(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED tinyint(1) DEFAULT FALSE,
+  FILE_CONTENT MEDIUMBLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+) ENGINE=NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER(11) NOT NULL AUTO_INCREMENT,
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+) ENGINE=NDB;
+
 -- Performance indexes start--
 
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME);
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN);
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE);
 create index IDX_AAI_CTX on AM_API (CONTEXT);
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);

modules/distribution/src/core/resources/dbscripts/apimgt/oracle.sql

@@ -6,7 +6,6 @@
 --
 
 -- Start of IDN Tables --
-
 CREATE TABLE IDN_BASE_TABLE (
             PRODUCT_NAME VARCHAR2 (20),
             PRIMARY KEY (PRODUCT_NAME))
@@ -16,7 +15,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server')
 CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER,
             CONSUMER_KEY VARCHAR2 (255),
-            CONSUMER_SECRET VARCHAR2 (512),
+            CONSUMER_SECRET VARCHAR2 (2048),
             USERNAME VARCHAR2 (255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -26,9 +25,20 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID))
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)
+/
 CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
 /
 CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG
@@ -65,8 +75,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
 /
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR2 (255),
+            ACCESS_TOKEN VARCHAR2 (2048),
-            REFRESH_TOKEN VARCHAR2 (255),
+            REFRESH_TOKEN VARCHAR2 (2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR2 (100),
             TENANT_ID INTEGER,
@@ -81,6 +91,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR2 (25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR2 (512),
+            REFRESH_TOKEN_HASH VARCHAR2 (512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -88,14 +100,16 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
 /
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED)
 /
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH)
+/
 CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE)
 /
 CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR2 (512),
+            AUTHORIZATION_CODE VARCHAR2 (2048),
             CONSUMER_KEY_ID INTEGER,
 	          CALLBACK_URL VARCHAR2 (1024),
-            SCOPE VARCHAR2(2048),
+            SCOPE VARCHAR2(4096),
             AUTHZ_USER VARCHAR2 (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR2 (50),
@@ -106,9 +120,12 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR (255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR2 (512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE)
 /
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID)
+/
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR2 (255),
             TOKEN_SCOPE VARCHAR2 (60),
@@ -117,12 +134,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE)
 /
 CREATE TABLE IDN_OAUTH2_SCOPE (
-            SCOPE_ID INTEGER,
+            SCOPE_ID INTEGER NOT NULL,
-            SCOPE_KEY VARCHAR2 (100) NOT NULL,
+            NAME VARCHAR2(255) NOT NULL,
-            NAME VARCHAR2 (255) NULL,
+            DISPLAY_NAME VARCHAR2(255) NOT NULL,
-            DESCRIPTION VARCHAR2 (512) NULL,
+            DESCRIPTION VARCHAR2(512),
-  TENANT_ID INTEGER DEFAULT 0,
+            TENANT_ID INTEGER DEFAULT -1 NOT NULL,
-	    ROLES VARCHAR2 (500) NULL,
             PRIMARY KEY (SCOPE_ID))
 /
 CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
@@ -136,6 +152,11 @@ CREATE OR REPLACE TRIGGER IDN_OAUTH2_SCOPE_TRIGGER
                 SELECT IDN_OAUTH2_SCOPE_SEQUENCE.nextval INTO :NEW.SCOPE_ID FROM dual;
             END;
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR2(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE)
+/
 CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR2 (255) NOT NULL,
             SCOPE_ID INTEGER NOT NULL,
@@ -214,7 +235,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY))
 /
 CREATE TABLE IDN_IDENTITY_META_DATA (
@@ -259,6 +280,7 @@ CREATE TABLE SP_APP (
             IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
             IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
             IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
             SUBJECT_CLAIM_URI VARCHAR (512),
             IS_SAAS_APP CHAR(1) DEFAULT '0',
             IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -307,6 +329,7 @@ CREATE TABLE SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -345,7 +368,7 @@ CREATE OR REPLACE TRIGGER SP_AUTH_STEP_TRIG
                    SELECT SP_AUTH_STEP_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONST_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
 /
 CREATE TABLE SP_FEDERATED_IDP (
             ID INTEGER NOT NULL,
@@ -362,6 +385,7 @@ CREATE TABLE SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
 	   		APP_ID INTEGER NOT NULL,
 	    	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+		IS_MANDATORY VARCHAR(128) DEFAULT '0',
 			DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID))
 /
@@ -427,6 +451,7 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR (
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_JIT_ENABLED CHAR(1) DEFAULT '0',
 		    BLOCKING CHAR(1) DEFAULT '0',
+		    RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL,
             PRIMARY KEY (ID))
 /
 CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
@@ -440,7 +465,30 @@ CREATE OR REPLACE TRIGGER SP_PROV_CONNECTOR_TRIG
                    SELECT SP_PROV_CONNECTOR_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONST FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
+/
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL,
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG
+  BEFORE INSERT
+  ON SP_AUTH_SCRIPT
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT SP_AUTH_SCRIPT_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
 /
 CREATE TABLE IDP (
 			ID INTEGER,
@@ -488,8 +536,6 @@ CREATE TABLE IDP_ROLE (
 /
 CREATE SEQUENCE IDP_ROLE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
 /
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost')
-/
 CREATE OR REPLACE TRIGGER IDP_ROLE_TRIG
             BEFORE INSERT
             ON IDP_ROLE
@@ -584,12 +630,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_TRIG
                    SELECT IDP_AUTHENTICATOR_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso')
-/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties')
-/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests')
-/
 CREATE TABLE IDP_METADATA (
             ID INTEGER,
             IDP_ID INTEGER,
@@ -612,11 +652,6 @@ CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG
                    SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout')
-/
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout')
-/
 CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER,
             TENANT_ID INTEGER,
@@ -639,10 +674,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG
                    SELECT IDP_AUTHENTICATOR_PROP_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0')
-/
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0')
-/
 CREATE TABLE IDP_PROVISIONING_CONFIG (
             ID INTEGER,
             TENANT_ID INTEGER,
@@ -650,6 +681,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE)
@@ -795,7 +827,7 @@ CREATE TABLE WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR2(255),
     HOST_URL_WORKER VARCHAR2(255),
     USERNAME VARCHAR2(45),
-    PASSWORD VARCHAR2(255),
+    PASSWORD VARCHAR2(1023),
     CALLBACK_HOST VARCHAR2 (45),
     TENANT_ID INTEGER DEFAULT -1,
     PRIMARY KEY (PROFILE_NAME, TENANT_ID))
@@ -868,8 +900,472 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
 /
+
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR2(255) NOT NULL,
+  USER_DOMAIN VARCHAR2(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR2(255) NOT NULL,
+  SCENARIO VARCHAR2(255) NOT NULL,
+  STEP VARCHAR2(127) NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  REMAINING_SETS VARCHAR2(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+)
+
+/
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER,
+  USER_NAME   VARCHAR2(255) NOT NULL,
+  USER_DOMAIN VARCHAR2(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR2(255),
+  HASH        VARCHAR2(255) NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  PRIMARY KEY(ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)
+/
+
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG
+BEFORE INSERT
+ON IDN_PASSWORD_HISTORY_DATA
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID INTEGER,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_DIALECT
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_DIALECT_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM (
+  ID INTEGER,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPED_ATTRIBUTE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID INTEGER,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID INTEGER,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPING
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_MAPPING_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR2(4000) ,
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG
+            BEFORE INSERT
+            ON IDN_SAML2_ASSERTION_STORE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  PRIMARY KEY (JWT_ID))
+/
+
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_REFERENCE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER,
+  REQ_OBJECT_ID INTEGER ,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) DEFAULT '0',
+  VALUE VARCHAR(255),
+  IS_USERINFO CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_CLAIMS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER,
+  REQ_OBJECT_CLAIMS_ID INTEGER,
+  CLAIM_VALUES VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER,
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER DEFAULT 0,
+            PRIMARY KEY(ID),
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER
+		    BEFORE INSERT
+            ON IDN_CERTIFICATE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+            BEGIN
+                SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual;
+            END;
+/
+
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER,
+  NAME         VARCHAR2(255) NOT NULL,
+  DESCRIPTION  VARCHAR2(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PII_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR2(255) NOT NULL,
+  VERSION             VARCHAR2(255) NOT NULL,
+  JURISDICTION        VARCHAR2(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR2(255) NOT NULL,
+  LANGUAGE            VARCHAR2(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR2(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR2(255) NOT NULL,
+  STATE               VARCHAR2(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR2(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER,
+  CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL,
+  SP_NAME            VARCHAR2(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_RECEIPT_SP_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR2(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR2(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR2(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_SP_PURPOSE_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID,PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR2(255)  NOT NULL,
+  NAME               VARCHAR2(255)  NOT NULL,
+  VALUE              VARCHAR2(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')
+/
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')
+/
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-MGT Tables--
 CREATE TABLE  AM_SUBSCRIBER (
     SUBSCRIBER_ID INTEGER,
@@ -1048,7 +1544,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR2(255) NOT NULL,
     APP_ID INTEGER,
     TOKEN_TYPE VARCHAR2(30),
-    TOKEN_SCOPE VARCHAR2(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR2(1500) DEFAULT 'default',
     INPUTS VARCHAR2(1024),
     ALLOWED_DOMAINS VARCHAR2(256),
     VALIDITY_PERIOD NUMBER(19),
@@ -1594,7 +2090,7 @@ END;
 CREATE TABLE AM_BLOCK_CONDITIONS (
   CONDITION_ID INTEGER NOT NULL,
   TYPE varchar2(45) DEFAULT NULL,
-  VALUE varchar2(45) DEFAULT NULL,
+  VALUE varchar2(512) DEFAULT NULL,
   ENABLED varchar2(45) DEFAULT NULL,
   DOMAIN varchar2(45) DEFAULT NULL,
   UUID VARCHAR2(256),
@@ -1613,6 +2109,54 @@ BEGIN
 END;
 /
 
+CREATE TABLE AM_CERTIFICATE_METADATA (
+  TENANT_ID INTEGER NOT NULL,
+  ALIAS VARCHAR2(45) NOT NULL,
+  END_POINT VARCHAR2(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT)
+)
+/
+
+CREATE TABLE AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR2(512) NOT NULL,
+    TENANT VARCHAR2 (255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE
+)
+/
+
+CREATE TABLE AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN VARCHAR2 (255) NOT NULL,
+  FILE_NAME VARCHAR2 (255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED INTEGER DEFAULT 0,
+  FILE_CONTENT BLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP))
+/
+
+CREATE TABLE AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER,
+    TENANT_DOMAIN VARCHAR2 (500) NOT NULL,
+    API_ID VARCHAR2 (500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+)
+/
+
+CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE OR REPLACE TRIGGER AM_API_LC_PUBLISH_EVENTS_TRIG
+            BEFORE INSERT
+            ON AM_API_LC_PUBLISH_EVENTS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+              BEGIN
+                SELECT AM_API_LC_PUBLISH_EVENTS_SEQ.nextval INTO :NEW.ID FROM dual;
+              END;
+/
 -- End of API-MGT Tables --
 
 --permance indexes start--
@@ -1644,4 +2188,3 @@ create index IDX_APA_QT on AM_POLICY_APPLICATION (QUOTA_TYPE)
 create index IDX_AA_AT_CB on AM_APPLICATION (APPLICATION_TIER,CREATED_BY)
 /
 -- Performance indexes end--
-

modules/distribution/src/core/resources/dbscripts/apimgt/oracle_rac.sql

@@ -15,7 +15,7 @@ INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server')
 CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER,
             CONSUMER_KEY VARCHAR2 (255),
-            CONSUMER_SECRET VARCHAR2 (512),
+            CONSUMER_SECRET VARCHAR2 (2048),
             USERNAME VARCHAR2 (255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -25,9 +25,20 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID))
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)
+/
 CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
 /
 CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG
@@ -64,8 +75,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
 /
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR2 (255),
+            ACCESS_TOKEN VARCHAR2 (2048),
-            REFRESH_TOKEN VARCHAR2 (255),
+            REFRESH_TOKEN VARCHAR2 (2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR2 (100),
             TENANT_ID INTEGER,
@@ -80,6 +91,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR2 (25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR2 (512),
+            REFRESH_TOKEN_HASH VARCHAR2 (512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -89,12 +102,14 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 /
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED)
 /
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH)
+/
 CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR2 (512),
+            AUTHORIZATION_CODE VARCHAR2 (2048),
             CONSUMER_KEY_ID INTEGER,
 	          CALLBACK_URL VARCHAR2 (1024),
-            SCOPE VARCHAR2(2048),
+            SCOPE VARCHAR2(4096),
             AUTHZ_USER VARCHAR2 (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR2(50),
@@ -105,9 +120,12 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR (255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR2 (512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE)
 /
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH, CONSUMER_KEY_ID)
+/
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR2 (255),
             TOKEN_SCOPE VARCHAR2 (60),
@@ -116,12 +134,11 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE)
 /
 CREATE TABLE IDN_OAUTH2_SCOPE (
-            SCOPE_ID INTEGER,
+            SCOPE_ID INTEGER NOT NULL,
-            SCOPE_KEY VARCHAR2 (100) NOT NULL,
+            NAME VARCHAR2(255) NOT NULL,
-            NAME VARCHAR2 (255) NULL,
+            DISPLAY_NAME VARCHAR2(255) NOT NULL,
-            DESCRIPTION VARCHAR2 (512) NULL,
+            DESCRIPTION VARCHAR2(512),
-            TENANT_ID INTEGER DEFAULT 0,
+            TENANT_ID INTEGER DEFAULT -1 NOT NULL,
-	    ROLES VARCHAR2 (500) NULL,
             PRIMARY KEY (SCOPE_ID))
 /
 CREATE SEQUENCE IDN_OAUTH2_SCOPE_SEQUENCE START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
@@ -135,6 +152,11 @@ CREATE OR REPLACE TRIGGER IDN_OAUTH2_SCOPE_TRIGGER
                 SELECT IDN_OAUTH2_SCOPE_SEQUENCE.nextval INTO :NEW.SCOPE_ID FROM dual;
             END;
 /
+CREATE TABLE IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR2(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE)
+/
 CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR2 (255) NOT NULL,
             SCOPE_ID INTEGER NOT NULL,
@@ -213,7 +235,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY))
 /
 CREATE TABLE IDN_IDENTITY_META_DATA (
@@ -258,6 +280,7 @@ CREATE TABLE SP_APP (
             IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
             IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
             IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
             SUBJECT_CLAIM_URI VARCHAR (512),
             IS_SAAS_APP CHAR(1) DEFAULT '0',
             IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -305,6 +328,7 @@ CREATE TABLE SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -360,6 +384,7 @@ CREATE TABLE SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
 	   		APP_ID INTEGER NOT NULL,
 	    	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+		IS_MANDATORY VARCHAR(128) DEFAULT '0',
 			DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID))
 /
@@ -425,6 +450,7 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR (
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_JIT_ENABLED CHAR(1) DEFAULT '0',
 		    BLOCKING CHAR(1) DEFAULT '0',
+		    RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL,
             PRIMARY KEY (ID))
 /
 CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
@@ -440,6 +466,27 @@ CREATE OR REPLACE TRIGGER SP_PROV_CONNECTOR_TRIG
 /
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE
 /
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER NOT NULL,
+  TENANT_ID  INTEGER                NOT NULL,
+  APP_ID     INTEGER                NOT NULL,
+  TYPE       VARCHAR(255)           NOT NULL,
+  CONTENT    BLOB    DEFAULT NULL,
+  IS_ENABLED CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG
+  BEFORE INSERT
+  ON SP_AUTH_SCRIPT
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT SP_AUTH_SCRIPT_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+
 CREATE TABLE IDP (
 			ID INTEGER,
 			TENANT_ID INTEGER,
@@ -476,8 +523,6 @@ CREATE OR REPLACE TRIGGER IDP_TRIG
                END;
 /
 
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost')
-/
 CREATE TABLE IDP_ROLE (
 			ID INTEGER,
 			IDP_ID INTEGER,
@@ -583,12 +628,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_TRIG
                    SELECT IDP_AUTHENTICATOR_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso')
-/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties')
-/
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests')
-/
 CREATE TABLE IDP_METADATA (
             ID INTEGER,
             IDP_ID INTEGER,
@@ -611,10 +650,6 @@ CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG
                    SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 
-/
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout')
-/
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout')
 /
 CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
             ID INTEGER,
@@ -638,10 +673,6 @@ CREATE OR REPLACE TRIGGER IDP_AUTHENTICATOR_PROP_TRIG
                    SELECT IDP_AUTHENTICATOR_PROP_SEQ.nextval INTO :NEW.ID FROM dual;
                END;
 /
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0')
-/
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0')
-/
 CREATE TABLE IDP_PROVISIONING_CONFIG (
             ID INTEGER,
             TENANT_ID INTEGER,
@@ -649,6 +680,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE)
@@ -792,7 +824,7 @@ CREATE TABLE WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR2(255),
     HOST_URL_WORKER VARCHAR2(255),
     USERNAME VARCHAR2(45),
-    PASSWORD VARCHAR2(255),
+    PASSWORD VARCHAR2(1023),
     CALLBACK_HOST VARCHAR2 (45),
     TENANT_ID INTEGER DEFAULT -1,
     PRIMARY KEY (PROFILE_NAME, TENANT_ID))
@@ -866,8 +898,473 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE)
 /
+
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR2(255) NOT NULL,
+  USER_DOMAIN VARCHAR2(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR2(255) NOT NULL,
+  SCENARIO VARCHAR2(255) NOT NULL,
+  STEP VARCHAR2(127) NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  REMAINING_SETS VARCHAR2(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+)
+/
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER,
+  USER_NAME   VARCHAR2(255) NOT NULL,
+  USER_DOMAIN VARCHAR2(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR2(255),
+  HASH        VARCHAR2(255) NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY(ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+)
+/
+
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+
+CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG
+BEFORE INSERT
+ON IDN_PASSWORD_HISTORY_DATA
+REFERENCING NEW AS NEW
+FOR EACH ROW
+  BEGIN
+    SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval
+    INTO :NEW.ID
+    FROM dual;
+  END;
+/
+
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID INTEGER,
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_DIALECT
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_DIALECT_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM (
+  ID INTEGER,
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER,
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPED_ATTRIBUTE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID INTEGER,
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID INTEGER,
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG
+            BEFORE INSERT
+            ON IDN_CLAIM_MAPPING
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_CLAIM_MAPPING_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER,
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR2(4000) ,
+  PRIMARY KEY (ID))
+/
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG
+            BEFORE INSERT
+            ON IDN_SAML2_ASSERTION_STORE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) ,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
+  PRIMARY KEY (JWT_ID))
+/
+
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER NOT NULL,
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID) ,
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_PROPERTY
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER,
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_REFERENCE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER,
+  REQ_OBJECT_ID INTEGER ,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) DEFAULT '0',
+  VALUE VARCHAR(255),
+  IS_USERINFO CHAR(1) DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJECT_CLAIMS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER,
+  REQ_OBJECT_CLAIMS_ID INTEGER,
+  CLAIM_VALUES VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE)
+/
+CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG
+            BEFORE INSERT
+            ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+               BEGIN
+                   SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual;
+               END;
+/
+
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER,
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BLOB,
+            TENANT_ID INTEGER DEFAULT 0,
+            PRIMARY KEY(ID),
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID))
+/
+CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER
+		    BEFORE INSERT
+            ON IDN_CERTIFICATE
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+            BEGIN
+                SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual;
+            END;
+/
+
+
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER,
+  NAME         VARCHAR2(255) NOT NULL,
+  DESCRIPTION  VARCHAR2(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER       NOT NULL,
+  TENANT_ID    INTEGER DEFAULT -1234,
+  CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PII_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR2(255) NOT NULL,
+  VERSION             VARCHAR2(255) NOT NULL,
+  JURISDICTION        VARCHAR2(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP     NOT NULL,
+  COLLECTION_METHOD   VARCHAR2(255) NOT NULL,
+  LANGUAGE            VARCHAR2(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR2(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234,
+  POLICY_URL          VARCHAR2(255) NOT NULL,
+  STATE               VARCHAR2(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR2(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+)
+/
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER,
+  NAME        VARCHAR2(255) NOT NULL,
+  DESCRIPTION VARCHAR2(1023),
+  TENANT_ID   INTEGER DEFAULT -1234,
+  CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG
+  BEFORE INSERT
+  ON CM_PURPOSE_CATEGORY
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER,
+  CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL,
+  SP_NAME            VARCHAR2(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT -1234,
+  CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_RECEIPT_SP_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER,
+  RECEIPT_SP_ASSOC       INTEGER       NOT NULL,
+  PURPOSE_ID             INTEGER       NOT NULL,
+  CONSENT_TYPE           VARCHAR2(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER       NOT NULL,
+  TERMINATION            VARCHAR2(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER       NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR2(255),
+  CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+)
+/
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG
+  BEFORE INSERT
+  ON CM_SP_PURPOSE_ASSOC
+  REFERENCING NEW AS NEW
+  FOR EACH ROW
+  BEGIN
+    SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual;
+  END;
+/
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+)
+/
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR2(255)  NOT NULL,
+  NAME               VARCHAR2(255)  NOT NULL,
+  VALUE              VARCHAR2(1023) NOT NULL,
+  CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME)
+)
+/
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID)
+/
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID)
+/
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID)
+/
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')
+/
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')
+/
+
+-- End of CONSENT-MGT Tables --
+
 -- Start of API-MGT Tables--
 CREATE TABLE AM_SUBSCRIBER (
     SUBSCRIBER_ID INTEGER,
@@ -1046,7 +1543,7 @@ CREATE TABLE AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR2(255) NOT NULL,
     APP_ID INTEGER,
     TOKEN_TYPE VARCHAR2(30),
-    TOKEN_SCOPE VARCHAR2(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR2(1500) DEFAULT 'default',
     INPUTS VARCHAR2(1000),
     ALLOWED_DOMAINS VARCHAR2(256),
     VALIDITY_PERIOD NUMBER(19),
@@ -1594,7 +2091,7 @@ END;
 CREATE TABLE AM_BLOCK_CONDITIONS (
   CONDITION_ID INTEGER NOT NULL,
   TYPE varchar2(45) DEFAULT NULL,
-  VALUE varchar2(45) DEFAULT NULL,
+  VALUE varchar2(512) DEFAULT NULL,
   ENABLED varchar2(45) DEFAULT NULL,
   DOMAIN varchar2(45) DEFAULT NULL,
   UUID VARCHAR2(256),
@@ -1613,14 +2110,61 @@ BEGIN
 END;
 /
 
+CREATE TABLE AM_CERTIFICATE_METADATA (
+  TENANT_ID INTEGER NOT NULL,
+  ALIAS VARCHAR2(45) NOT NULL,
+  END_POINT VARCHAR2(100) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT)
+)
+/
+
+CREATE TABLE AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR2(512) NOT NULL,
+    TENANT VARCHAR2 (255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE
+)
+/
+
+CREATE TABLE AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN VARCHAR2 (255) NOT NULL,
+  FILE_NAME VARCHAR2 (255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED INTEGER DEFAULT 0,
+  FILE_CONTENT BLOB DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP))
+/
+
+CREATE TABLE AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER,
+    TENANT_DOMAIN VARCHAR2 (500) NOT NULL,
+    API_ID VARCHAR2 (500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL,
+    PRIMARY KEY (ID)
+)
+/
+
+CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER
+/
+
+CREATE OR REPLACE TRIGGER AM_API_LC_PUBLISH_EVENTS_TRIG
+            BEFORE INSERT
+            ON AM_API_LC_PUBLISH_EVENTS
+            REFERENCING NEW AS NEW
+            FOR EACH ROW
+              BEGIN
+                SELECT AM_API_LC_PUBLISH_EVENTS_SEQ.nextval INTO :NEW.ID FROM dual;
+              END;
+/
+
 -- End of API-MGT Tables --
 
 --permance indexes start--
 /
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME)
 /
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN)
-/
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE)
 /
 create index IDX_AAI_CTX on AM_API (CONTEXT)

modules/distribution/src/core/resources/dbscripts/apimgt/postgresql.sql

@@ -15,7 +15,7 @@ CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_PK_SEQ;
 CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH_CONSUMER_APPS_PK_SEQ'),
             CONSUMER_KEY VARCHAR(255),
-            CONSUMER_SECRET VARCHAR(512),
+            CONSUMER_SECRET VARCHAR(2048),
             USERNAME VARCHAR(255),
             TENANT_ID INTEGER DEFAULT 0,
             USER_DOMAIN VARCHAR(50),
@@ -25,10 +25,22 @@ CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
             GRANT_TYPES VARCHAR (1024),
             PKCE_MANDATORY CHAR(1) DEFAULT '0',
             PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0',
+            APP_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000,
+            REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000,
             CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
             PRIMARY KEY (ID)
 );
 
+DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_VALIDATORS;
+CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS (
+	APP_ID INTEGER NOT NULL,
+	SCOPE_VALIDATOR VARCHAR (128) NOT NULL,
+	PRIMARY KEY (APP_ID,SCOPE_VALIDATOR),
+	FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
 DROP TABLE IF EXISTS IDN_OAUTH1A_REQUEST_TOKEN;
 CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN (
             REQUEST_TOKEN VARCHAR(512),
@@ -59,8 +71,8 @@ CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
 DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN;
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_ID VARCHAR (255),
-            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN VARCHAR(2048),
-            REFRESH_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
@@ -75,6 +87,8 @@ CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
             TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
             TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
             SUBJECT_IDENTIFIER VARCHAR(255),
+            ACCESS_TOKEN_HASH VARCHAR(512),
+            REFRESH_TOKEN_HASH VARCHAR(512),
             PRIMARY KEY (TOKEN_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
             CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
@@ -85,13 +99,15 @@ CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER
 
 CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
 
+CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH);
+
 DROP TABLE IF EXISTS IDN_OAUTH2_AUTHORIZATION_CODE;
 CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             CODE_ID VARCHAR (255),
-            AUTHORIZATION_CODE VARCHAR(512),
+            AUTHORIZATION_CODE VARCHAR(2048),
             CONSUMER_KEY_ID INTEGER,
 	          CALLBACK_URL VARCHAR(1024),
-            SCOPE VARCHAR(2048),
+            SCOPE VARCHAR(4096),
             AUTHZ_USER VARCHAR (100),
             TENANT_ID INTEGER,
             USER_DOMAIN VARCHAR(50),
@@ -102,10 +118,13 @@ CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
             SUBJECT_IDENTIFIER VARCHAR(255),
             PKCE_CODE_CHALLENGE VARCHAR (255),
             PKCE_CODE_CHALLENGE_METHOD VARCHAR(128),
+            AUTHORIZATION_CODE_HASH VARCHAR(512),
             PRIMARY KEY (CODE_ID),
             FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
 );
 
+CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID);
+
 DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE;
 CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE (
             TOKEN_ID VARCHAR (255),
@@ -119,21 +138,27 @@ DROP SEQUENCE IF EXISTS IDN_OAUTH2_SCOPE_PK_SEQ;
 CREATE SEQUENCE IDN_OAUTH2_SCOPE_PK_SEQ;
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
             SCOPE_ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH2_SCOPE_PK_SEQ'),
-            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NOT NULL,
-            NAME VARCHAR(255) NULL,
+            DISPLAY_NAME VARCHAR(255) NOT NULL,
-            DESCRIPTION VARCHAR(512) NULL,
+            DESCRIPTION VARCHAR(512),
-            TENANT_ID INTEGER DEFAULT 0,
+            TENANT_ID INTEGER NOT NULL DEFAULT -1,
-	    ROLES VARCHAR (500) NULL,
             PRIMARY KEY (SCOPE_ID)
 );
 
+DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_BINDING;
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING (
+            SCOPE_ID INTEGER NOT NULL,
+            SCOPE_BINDING VARCHAR(255),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE
+);
+
 DROP TABLE IF EXISTS IDN_OAUTH2_RESOURCE_SCOPE;
 CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
             RESOURCE_PATH VARCHAR(255) NOT NULL,
             SCOPE_ID INTEGER NOT NULL,
             TENANT_ID INTEGER DEFAULT -1,
             PRIMARY KEY (RESOURCE_PATH),
-            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
 );
 
 DROP TABLE IF EXISTS IDN_SCIM_GROUP;
@@ -198,7 +223,7 @@ CREATE TABLE IDN_IDENTITY_USER_DATA (
             TENANT_ID INTEGER DEFAULT -1234,
             USER_NAME VARCHAR(255) NOT NULL,
             DATA_KEY VARCHAR(255) NOT NULL,
-            DATA_VALUE VARCHAR(255),
+            DATA_VALUE VARCHAR(2048),
             PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
 );
 
@@ -251,6 +276,7 @@ CREATE TABLE SP_APP (
             IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
             IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
             IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0',
             SUBJECT_CLAIM_URI VARCHAR (512),
             IS_SAAS_APP CHAR(1) DEFAULT '0',
             IS_DUMB_MODE CHAR(1) DEFAULT '0',
@@ -280,6 +306,7 @@ CREATE TABLE SP_INBOUND_AUTH (
             TENANT_ID INTEGER NOT NULL,
             INBOUND_AUTH_KEY VARCHAR (255),
             INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            INBOUND_CONFIG_TYPE VARCHAR (255) NOT NULL,
             PROP_NAME VARCHAR (255),
             PROP_VALUE VARCHAR (1024) ,
             APP_ID INTEGER NOT NULL,
@@ -320,6 +347,7 @@ CREATE TABLE SP_CLAIM_MAPPING (
             SP_CLAIM VARCHAR (512) NOT NULL ,
 	   		APP_ID INTEGER NOT NULL,
 	    	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+		IS_MANDATORY VARCHAR(128) DEFAULT '0',
 	    	DEFAULT_VALUE VARCHAR(255),
             PRIMARY KEY (ID));
 
@@ -361,10 +389,24 @@ CREATE TABLE SP_PROVISIONING_CONNECTOR (
 	    	APP_ID INTEGER NOT NULL,
 	    	IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
 		    BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+		    RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0',
             PRIMARY KEY (ID));
 
 ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
 
+DROP TABLE IF EXISTS SP_AUTH_SCRIPT;
+DROP SEQUENCE IF EXISTS SP_AUTH_SCRIPT_SEQ;
+CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ;
+CREATE TABLE SP_AUTH_SCRIPT (
+  ID         INTEGER      NOT NULL DEFAULT NEXTVAL('SP_AUTH_SCRIPT_SEQ'),
+  TENANT_ID  INTEGER      NOT NULL,
+  APP_ID     INTEGER      NOT NULL,
+  TYPE       VARCHAR(255) NOT NULL,
+  CONTENT    BYTEA                 DEFAULT NULL,
+  IS_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID)
+);
+
 DROP TABLE IF EXISTS IDP;
 DROP SEQUENCE IF EXISTS IDP_SEQ;
 CREATE SEQUENCE IDP_SEQ;
@@ -394,9 +436,6 @@ CREATE TABLE IDP (
 
 DROP TABLE IF EXISTS IDP_ROLE;
 DROP SEQUENCE IF EXISTS IDP_ROLE_SEQ;
-
-INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
-
 CREATE SEQUENCE IDP_ROLE_SEQ;
 CREATE TABLE IDP_ROLE (
 			ID INTEGER DEFAULT NEXTVAL('IDP_ROLE_SEQ'),
@@ -460,11 +499,6 @@ CREATE TABLE IDP_AUTHENTICATOR (
             UNIQUE (TENANT_ID, IDP_ID, NAME),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
 
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
-INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'passivests');
-
-
 DROP TABLE IF EXISTS IDP_METADATA;
 DROP SEQUENCE IF EXISTS IDP_METADATA_SEQ;
 CREATE SEQUENCE IDP_METADATA_SEQ;
@@ -479,9 +513,6 @@ CREATE TABLE IDP_METADATA (
             CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
 
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'SessionIdleTimeout', '20160', 'Session Idle Timeout');
-INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME) VALUES (1, 'RememberMeTimeout', '15', 'RememberMe Timeout');
-
 DROP TABLE IF EXISTS IDP_AUTHENTICATOR_PROP;
 DROP SEQUENCE IF EXISTS IDP_AUTHENTICATOR_PROP_SEQ;
 CREATE SEQUENCE IDP_AUTHENTICATOR_PROP_SEQ;
@@ -496,9 +527,6 @@ CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
             UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
             FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
 
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
-INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 3 , 'IdPEntityId', 'localhost', '0');
-
 DROP TABLE IF EXISTS IDP_PROV_CONFIG;
 DROP SEQUENCE IF EXISTS IDP_PROV_CONFIG_SEQ;
 CREATE SEQUENCE IDP_PROV_CONFIG_SEQ;
@@ -509,6 +537,7 @@ CREATE TABLE IDP_PROVISIONING_CONFIG (
             PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
             IS_ENABLED CHAR (1) DEFAULT '0',
             IS_BLOCKING CHAR (1) DEFAULT '0',
+            IS_RULES_ENABLED CHAR (1) DEFAULT '0',
             PRIMARY KEY (ID),
             UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
             FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
@@ -612,7 +641,7 @@ CREATE TABLE WF_BPS_PROFILE (
     HOST_URL_MANAGER VARCHAR(255),
     HOST_URL_WORKER VARCHAR(255),
     USERNAME VARCHAR(45),
-    PASSWORD VARCHAR(255),
+    PASSWORD VARCHAR(1023),
     CALLBACK_HOST VARCHAR (45),
     TENANT_ID INTEGER DEFAULT -1,
     PRIMARY KEY (PROFILE_NAME, TENANT_ID)
@@ -679,8 +708,334 @@ CREATE TABLE WF_WORKFLOW_REQUEST_RELATION(
   FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
 );
 
+DROP TABLE IF EXISTS IDN_RECOVERY_DATA;
+CREATE TABLE IDN_RECOVERY_DATA (
+  USER_NAME VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID INTEGER DEFAULT -1,
+  CODE VARCHAR(255) NOT NULL,
+  SCENARIO VARCHAR(255) NOT NULL,
+  STEP VARCHAR(127) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  REMAINING_SETS VARCHAR(2500) DEFAULT NULL,
+  PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP),
+  UNIQUE(CODE)
+);
+
+DROP TABLE IF EXISTS IDN_PASSWORD_HISTORY_DATA;
+CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_PK_SEQ;
+CREATE TABLE IDN_PASSWORD_HISTORY_DATA (
+  ID INTEGER DEFAULT NEXTVAL('IDN_PASSWORD_HISTORY_DATA_PK_SEQ'),
+  USER_NAME   VARCHAR(255) NOT NULL,
+  USER_DOMAIN VARCHAR(127) NOT NULL,
+  TENANT_ID   INTEGER DEFAULT -1,
+  SALT_VALUE  VARCHAR(255),
+  HASH        VARCHAR(255) NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (ID),
+  UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_DIALECT;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_DIALECT_SEQ;
+CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ;
+CREATE TABLE IDN_CLAIM_DIALECT (
+  ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_DIALECT_SEQ'),
+  DIALECT_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_SEQ;
+CREATE SEQUENCE IDN_CLAIM_SEQ;
+CREATE TABLE IDN_CLAIM (
+  ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_SEQ'),
+  DIALECT_ID INTEGER,
+  CLAIM_URI VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE,
+  CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ;
+CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ;
+CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE (
+  ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ'),
+  LOCAL_CLAIM_ID INTEGER,
+  USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL,
+  ATTRIBUTE_NAME VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_PROPERTY;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_PROPERTY_SEQ;
+CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ;
+CREATE TABLE IDN_CLAIM_PROPERTY (
+  ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_PROPERTY_SEQ'),
+  LOCAL_CLAIM_ID INTEGER,
+  PROPERTY_NAME VARCHAR (255) NOT NULL,
+  PROPERTY_VALUE VARCHAR (255) NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_CLAIM_MAPPING;
+DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPING_SEQ;
+CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ;
+CREATE TABLE IDN_CLAIM_MAPPING (
+  ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPING_SEQ'),
+  EXT_CLAIM_ID INTEGER NOT NULL,
+  MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL,
+  TENANT_ID INTEGER NOT NULL,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE,
+  CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_SAML2_ASSERTION_STORE;
+DROP SEQUENCE IF EXISTS IDN_SAML2_ASSERTION_STORE_SEQ;
+CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ;
+CREATE TABLE IDN_SAML2_ASSERTION_STORE (
+  ID INTEGER DEFAULT NEXTVAL('IDN_SAML2_ASSERTION_STORE_SEQ'),
+  SAML2_ID  VARCHAR(255) ,
+  SAML2_ISSUER  VARCHAR(255) ,
+  SAML2_SUBJECT  VARCHAR(255) ,
+  SAML2_SESSION_INDEX  VARCHAR(255) ,
+  SAML2_AUTHN_CONTEXT_CLASS_REF  VARCHAR(255) ,
+  SAML2_ASSERTION  VARCHAR(4096) ,
+  PRIMARY KEY (ID)
+);
+DROP TABLE IF EXISTS IDN_OIDC_JTI;
+CREATE TABLE IDN_OIDC_JTI (
+  JWT_ID VARCHAR(255) NOT NULL,
+  EXP_TIME TIMESTAMP NOT NULL,
+  TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (JWT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_PROPERTY;
+DROP SEQUENCE IF EXISTS IDN_OIDC_PROPERTY_SEQ;
+CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ;
+CREATE TABLE IDN_OIDC_PROPERTY (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_PROPERTY_SEQ'),
+  TENANT_ID  INTEGER,
+  CONSUMER_KEY  VARCHAR(255) ,
+  PROPERTY_KEY  VARCHAR(255) NOT NULL,
+  PROPERTY_VALUE  VARCHAR(2047) ,
+  PRIMARY KEY (ID) ,
+  FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE
+);
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQUEST_OBJECT_REF_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQUEST_OBJECT_REF_SEQ'),
+  CONSUMER_KEY_ID INTEGER ,
+  CODE_ID VARCHAR(255) ,
+  TOKEN_ID VARCHAR(255) ,
+  SESSION_DATA_KEY VARCHAR(255),
+  PRIMARY KEY (ID),
+  FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+  FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE,
+  FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ'),
+  REQ_OBJECT_ID INTEGER,
+  CLAIM_ATTRIBUTE VARCHAR(255) ,
+  ESSENTIAL CHAR(1) NOT NULL DEFAULT '0' ,
+  VALUE VARCHAR(255) ,
+  IS_USERINFO CHAR(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES;
+DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ;
+CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ;
+CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES (
+  ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ'),
+  REQ_OBJECT_CLAIMS_ID INTEGER ,
+  CLAIM_VALUES VARCHAR(255) ,
+  PRIMARY KEY (ID),
+  FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_CERTIFICATE;
+DROP SEQUENCE IF EXISTS IDN_CERTIFICATE_PK_SEQ;
+CREATE SEQUENCE IDN_CERTIFICATE_PK_SEQ;
+CREATE TABLE IDN_CERTIFICATE (
+            ID INTEGER DEFAULT NEXTVAL('IDN_CERTIFICATE_PK_SEQ'),
+            NAME VARCHAR(100),
+            CERTIFICATE_IN_PEM BYTEA,
+            TENANT_ID INTEGER DEFAULT 0,
+            CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID),
+            PRIMARY KEY (ID)
+);
+
+
 -- End of IDENTITY Tables--
 
+-- Start of CONSENT-MGT Tables --
+
+DROP TABLE IF EXISTS CM_PII_CATEGORY;
+DROP SEQUENCE IF EXISTS CM_PII_CATEGORY_PK_SEQ;
+CREATE SEQUENCE CM_PII_CATEGORY_PK_SEQ;
+CREATE TABLE CM_PII_CATEGORY (
+  ID           INTEGER DEFAULT NEXTVAL('CM_PII_CATEGORY_PK_SEQ'),
+  NAME         VARCHAR(255) NOT NULL,
+  DESCRIPTION  VARCHAR(1023),
+  DISPLAY_NAME VARCHAR(255),
+  IS_SENSITIVE INTEGER      NOT NULL,
+  TENANT_ID    INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_RECEIPT;
+CREATE TABLE CM_RECEIPT (
+  CONSENT_RECEIPT_ID  VARCHAR(255) NOT NULL,
+  VERSION             VARCHAR(255) NOT NULL,
+  JURISDICTION        VARCHAR(255) NOT NULL,
+  CONSENT_TIMESTAMP   TIMESTAMP    NOT NULL,
+  COLLECTION_METHOD   VARCHAR(255) NOT NULL,
+  LANGUAGE            VARCHAR(255) NOT NULL,
+  PII_PRINCIPAL_ID    VARCHAR(255) NOT NULL,
+  PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234',
+  POLICY_URL          VARCHAR(255) NOT NULL,
+  STATE               VARCHAR(255) NOT NULL,
+  PII_CONTROLLER      VARCHAR(2048) NOT NULL,
+  PRIMARY KEY (CONSENT_RECEIPT_ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE;
+DROP SEQUENCE IF EXISTS CM_PURPOSE_PK_SEQ;
+CREATE SEQUENCE CM_PURPOSE_PK_SEQ;
+CREATE TABLE CM_PURPOSE (
+  ID          INTEGER DEFAULT NEXTVAL('CM_PURPOSE_PK_SEQ'),
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CNT UNIQUE  (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE_CATEGORY;
+DROP SEQUENCE IF EXISTS CM_PURPOSE_CATEGORY_PK_SEQ;
+CREATE SEQUENCE CM_PURPOSE_CATEGORY_PK_SEQ;
+CREATE TABLE CM_PURPOSE_CATEGORY (
+  ID          INTEGER DEFAULT NEXTVAL('CM_PURPOSE_CATEGORY_PK_SEQ'),
+  NAME        VARCHAR(255) NOT NULL,
+  DESCRIPTION VARCHAR(1023),
+  TENANT_ID   INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE  (NAME, TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_RECEIPT_SP_ASSOC;
+DROP SEQUENCE IF EXISTS CM_RECEIPT_SP_ASSOC_PK_SEQ;
+CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_PK_SEQ;
+CREATE TABLE CM_RECEIPT_SP_ASSOC (
+  ID                 INTEGER DEFAULT NEXTVAL('CM_RECEIPT_SP_ASSOC_PK_SEQ'),
+  CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL,
+  SP_NAME            VARCHAR(255) NOT NULL,
+  SP_DISPLAY_NAME    VARCHAR(255),
+  SP_DESCRIPTION     VARCHAR(255),
+  SP_TENANT_ID       INTEGER DEFAULT '-1234',
+  CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE  (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_ASSOC;
+DROP SEQUENCE IF EXISTS CM_SP_PURPOSE_ASSOC_PK_SEQ;
+CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_PK_SEQ;
+CREATE TABLE CM_SP_PURPOSE_ASSOC (
+  ID                     INTEGER DEFAULT NEXTVAL('CM_SP_PURPOSE_ASSOC_PK_SEQ'),
+  RECEIPT_SP_ASSOC       INTEGER      NOT NULL,
+  PURPOSE_ID             INTEGER      NOT NULL,
+  CONSENT_TYPE           VARCHAR(255) NOT NULL,
+  IS_PRIMARY_PURPOSE     INTEGER      NOT NULL,
+  TERMINATION            VARCHAR(255) NOT NULL,
+  THIRD_PARTY_DISCLOSURE INTEGER      NOT NULL,
+  THIRD_PARTY_NAME       VARCHAR(255),
+  CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE  (RECEIPT_SP_ASSOC, PURPOSE_ID),
+  PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_PURPOSE_CAT_ASSC;
+CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PURPOSE_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE  (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_PURPOSE_PII_CAT_ASSOC;
+CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC (
+  PURPOSE_ID         INTEGER NOT NULL,
+  CM_PII_CATEGORY_ID INTEGER NOT NULL,
+  CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE  (PURPOSE_ID, CM_PII_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_SP_PURPOSE_PII_CAT_ASSOC;
+CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC (
+  SP_PURPOSE_ASSOC_ID INTEGER NOT NULL,
+  PII_CATEGORY_ID     INTEGER NOT NULL,
+  VALIDITY            VARCHAR(1023),
+  CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE  (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID)
+);
+
+DROP TABLE IF EXISTS CM_CONSENT_RECEIPT_PROPERTY;
+CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY (
+  CONSENT_RECEIPT_ID VARCHAR(255)  NOT NULL,
+  NAME               VARCHAR(255)  NOT NULL,
+  VALUE              VARCHAR(1023) NOT NULL,
+  CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE  (CONSENT_RECEIPT_ID, NAME)
+);
+
+ALTER TABLE CM_RECEIPT_SP_ASSOC
+  ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_ASSOC
+  ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC
+  ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID);
+
+ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC
+  ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID);
+
+ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY
+  ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID);
+
+INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234');
+
+INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234');
+
+-- End of CONSENT-MGT Tables --
+
 CREATE SEQUENCE AM_SUBSCRIBER_SEQUENCE START WITH 1 INCREMENT BY 1;
 CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
     SUBSCRIBER_ID INTEGER DEFAULT nextval('am_subscriber_sequence'),
@@ -797,7 +1152,7 @@ CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
     WF_REF VARCHAR(255) NOT NULL,
     APP_ID INT,
     TOKEN_TYPE VARCHAR(30),
-    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    TOKEN_SCOPE VARCHAR(1500) DEFAULT 'default',
     INPUTS VARCHAR(1000),
     ALLOWED_DOMAINS VARCHAR(256),
     VALIDITY_PERIOD BIGINT,
@@ -1129,7 +1484,7 @@ CREATE SEQUENCE AM_BLOCK_CONDITIONS_SEQ START WITH 1 INCREMENT BY 1;
 CREATE TABLE AM_BLOCK_CONDITIONS (
   CONDITION_ID INTEGER DEFAULT NEXTVAL('AM_BLOCK_CONDITIONS_SEQ'),
   TYPE varchar(45) DEFAULT NULL,
-  VALUE varchar(45) DEFAULT NULL,
+  VALUE varchar(512) DEFAULT NULL,
   ENABLED varchar(45) DEFAULT NULL,
   DOMAIN varchar(45) DEFAULT NULL,
   UUID VARCHAR(256),
@@ -1137,12 +1492,49 @@ CREATE TABLE AM_BLOCK_CONDITIONS (
   UNIQUE (UUID)
 );
 
+DROP TABLE IF EXISTS AM_CERTIFICATE_METADATA;
+CREATE TABLE AM_CERTIFICATE_METADATA (
+  TENANT_ID INTEGER NOT NULL,
+  ALIAS VARCHAR(45) NOT NULL,
+  END_POINT VARCHAR(45) NOT NULL,
+  CONSTRAINT PK_ALIAS PRIMARY KEY (ALIAS),
+  CONSTRAINT END_POINT_CONSTRAINT UNIQUE (END_POINT)
+);
+
+DROP TABLE IF EXISTS AM_APPLICATION_GROUP_MAPPING;
+CREATE TABLE AM_APPLICATION_GROUP_MAPPING (
+    APPLICATION_ID INTEGER NOT NULL,
+    GROUP_ID VARCHAR(512) NOT NULL,
+    TENANT VARCHAR(255),
+    PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT),
+    FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+DROP TABLE IF EXISTS AM_USAGE_UPLOADED_FILES;
+CREATE TABLE AM_USAGE_UPLOADED_FILES (
+  TENANT_DOMAIN VARCHAR(255) NOT NULL,
+  FILE_NAME VARCHAR(255) NOT NULL,
+  FILE_TIMESTAMP TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  FILE_PROCESSED INTEGER DEFAULT 0,
+  FILE_CONTENT BYTEA DEFAULT NULL,
+  PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP)
+);
+
+DROP TABLE IF EXISTS AM_API_LC_PUBLISH_EVENTS;
+DROP SEQUENCE IF EXISTS AM_API_LC_PUBLISH_EVENTS_PK_SEQ;
+CREATE SEQUENCE AM_API_LC_PUBLISH_EVENTS_PK_SEQ;
+CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS (
+    ID INTEGER NOT NULL DEFAULT NEXTVAL('AM_API_LC_PUBLISH_EVENTS_PK_SEQ'),
+    TENANT_DOMAIN VARCHAR(500) NOT NULL,
+    API_ID VARCHAR(500) NOT NULL,
+    EVENT_TIME TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    PRIMARY KEY (ID)
+);
 -- End of API-MGT Tables --
 
 -- Performance indexes start--
 
 create index IDX_ITS_LMT on IDN_THRIFT_SESSION (LAST_MODIFIED_TIME);
-create index IDX_IOAT_AT on IDN_OAUTH2_ACCESS_TOKEN (ACCESS_TOKEN);
 create index IDX_IOAT_UT on IDN_OAUTH2_ACCESS_TOKEN (USER_TYPE);
 create index IDX_AAI_CTX on AM_API (CONTEXT);
 create index IDX_AAKM_CK on AM_APPLICATION_KEY_MAPPING (CONSUMER_KEY);

modules/distribution/src/core/resources/payloads/get-app-request.xml

@@ -0,0 +1,8 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://org.apache.axis2/xsd">
+   <soapenv:Header/>
+   <soapenv:Body>
+      <xsd:getApplication>
+         <xsd:applicationName>${applicationName}</xsd:applicationName>
+      </xsd:getApplication>
+   </soapenv:Body>
+</soapenv:Envelope>

modules/distribution/src/core/resources/payloads/update-app-request.xml

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://model.common.application.identity.carbon.wso2.org/xsd" xmlns:xsd2="http://script.model.common.application.identity.carbon.wso2.org/xsd">
+   <soapenv:Header />
+   <soapenv:Body>
+      <xsd:updateApplication>
+         <xsd:serviceProvider>
+            <xsd1:applicationID>${applicationId}</xsd1:applicationID>
+            <xsd1:applicationName>${applicationName}</xsd1:applicationName>
+            <!-- <xsd1:certificateContent>?</xsd1:certificateContent> -->
+            <xsd1:description>${description}</xsd1:description>
+            <xsd1:inboundAuthenticationConfig>
+               <xsd1:inboundAuthenticationRequestConfigs>
+                  <!-- <xsd1:friendlyName>?</xsd1:friendlyName> -->
+                  <xsd1:inboundAuthKey>${inboundAuthKey}</xsd1:inboundAuthKey>
+                  <xsd1:inboundAuthType>${inboundAuthType}</xsd1:inboundAuthType>
+                  <xsd1:inboundConfigType>${inboundConfigType}</xsd1:inboundConfigType>
+                  <!-- <xsd1:properties>
+                     <xsd1:advanced>?</xsd1:advanced>
+                     <xsd1:confidential>?</xsd1:confidential>
+                     <xsd1:defaultValue>?</xsd1:defaultValue>
+                     <xsd1:description>?</xsd1:description>
+                     <xsd1:displayName>?</xsd1:displayName>
+                     <xsd1:displayOrder>?</xsd1:displayOrder>
+                     <xsd1:name>?</xsd1:name>
+                     <xsd1:required>false</xsd1:required>
+                     <xsd1:type>?</xsd1:type>
+                     <xsd1:value>?</xsd1:value>
+                  </xsd1:properties> -->
+               </xsd1:inboundAuthenticationRequestConfigs>
+            </xsd1:inboundAuthenticationConfig>
+            <!-- <xsd1:inboundProvisioningConfig>
+               <xsd1:dumbMode>?</xsd1:dumbMode>
+               <xsd1:provisioningEnabled>?</xsd1:provisioningEnabled>
+               <xsd1:provisioningUserStore>?</xsd1:provisioningUserStore>
+            </xsd1:inboundProvisioningConfig>
+            <xsd1:outboundProvisioningConfig>
+               <xsd1:provisionByRoleList>?</xsd1:provisionByRoleList>
+            </xsd1:outboundProvisioningConfig> -->
+            <xsd1:owner>
+               <xsd1:tenantDomain>${tenantDomain}</xsd1:tenantDomain>
+               <xsd1:userName>${userName}</xsd1:userName>
+               <xsd1:userStoreDomain>${userStoreDomain}</xsd1:userStoreDomain>
+            </xsd1:owner>
+            <xsd1:saasApp>${saasApp}</xsd1:saasApp>
+            <xsd1:spProperties>
+               <!-- <xsd1:displayName>?</xsd1:displayName> -->
+               <xsd1:name>displayName</xsd1:name>
+               <xsd1:value>${displayName}</xsd1:value>
+            </xsd1:spProperties>
+            <xsd1:permissionAndRoleConfig></xsd1:permissionAndRoleConfig>
+         </xsd:serviceProvider>
+      </xsd:updateApplication>
+   </soapenv:Body>
+</soapenv:Envelope>
+

modules/features/org.wso2.iot.core.styles.feature/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-features</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

modules/features/pom.xml

@@ -23,7 +23,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

modules/p2-profile/analytics-profile/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-p2-profile</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -100,6 +100,9 @@
                                 <featureArtifactDef>
                                     org.wso2.carbon.devicemgt:org.wso2.carbon.email.sender.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
+                                <featureArtifactDef>
+                                    org.wso2.carbon.devicemgt:io.entgra.server.heart.beat.feature:${carbon.device.mgt.version}
+                                </featureArtifactDef>
                                 <featureArtifactDef>
                                     org.apache.axis2.transport:org.apache.axis2.transport.mail.feature:${axis2-transports.wso2.version}
                                 </featureArtifactDef>
@@ -448,6 +451,10 @@
                                     <id>org.wso2.carbon.device.mgt.basics.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>io.entgra.server.heart.beat.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.email.sender.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>

modules/p2-profile/broker-profile/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-p2-profile</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

modules/p2-profile/iot-core-profile/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-p2-profile</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -173,10 +173,19 @@
                                     org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.extensions.push.notification.provider.xmpp.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
                                 <featureArtifactDef>
-                                    org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.feature:${carbon.device.mgt.version}
+                                    org.wso2.carbon.devicemgt:io.entgra.server.heart.beat.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
                                 <!-- End of Device Management Features -->
 
+                                <!-- SMS Management Features -->
+                                <featureArtifactDef>
+                                    org.wso2.carbon.devicemgt:io.entgra.transport.mgt.sms.handler.server.feature:${carbon.device.mgt.version}
+                                </featureArtifactDef>
+                                <featureArtifactDef>
+                                    org.wso2.carbon.devicemgt:io.entgra.transport.mgt.sms.handler.api.feature:${carbon.device.mgt.version}
+                                </featureArtifactDef>
+                                <!-- End of SMS Management Features -->
+
                                 <!-- Device Management Plugin Features -->
                                 <featureArtifactDef>
                                     org.wso2.carbon.devicemgt-plugins:org.wso2.carbon.device.mgt.mobile.android.feature:${carbon.device.mgt.plugin.version}
@@ -445,15 +454,9 @@
                                 <featureArtifactDef>
                                     org.wso2.carbon.devicemgt:org.wso2.carbon.device.application.mgt.api.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
-                                <featureArtifactDef>
-                                    org.wso2.carbon.devicemgt:org.wso2.carbon.device.application.mgt.publisher.ui.feature:${carbon.device.mgt.version}
-                                </featureArtifactDef>
                                 <featureArtifactDef>
                                     org.wso2.carbon.devicemgt:org.wso2.carbon.device.application.mgt.server.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
-                                <featureArtifactDef>
-                                    org.wso2.carbon.devicemgt:org.wso2.carbon.device.application.mgt.store.ui.feature:${carbon.device.mgt.version}
-                                </featureArtifactDef>
                                 <!-- End of New App Manager Features-->
 
                                 <!-- Dashboards Features -->
@@ -862,22 +865,22 @@
                                     <id>org.wso2.carbon.device.application.mgt.api.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
-
-                                <feature>
-                                    <id>org.wso2.carbon.device.application.mgt.publisher.ui.feature.group</id>
-                                    <version>${carbon.device.mgt.version}</version>
-                                </feature>
-
                                 <feature>
                                     <id>org.wso2.carbon.device.application.mgt.server.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <!-- End of App Manager Features-->
 
+                                <!-- SMS Management Features-->
                                 <feature>
-                                    <id>org.wso2.carbon.device.application.mgt.store.ui.feature.group</id>
+                                    <id>io.entgra.transport.mgt.sms.handler.server.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
-                                <!-- End of App Manager Features-->
+                                <feature>
+                                    <id>io.entgra.transport.mgt.sms.handler.api.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
+                                <!-- End of SMS Management Features-->
 
                                 <!-- Device Management Features -->
                                 <feature>
@@ -956,6 +959,10 @@
 									<id>org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.feature.group</id>
 									<version>${carbon.device.mgt.version}</version>
 								</feature>
+                                <feature>
+                                    <id>io.entgra.server.heart.beat.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.device.mgt.extensions.push.notification.provider.fcm.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
@@ -1849,6 +1856,7 @@
                                 </feature>
                                 <!-- End of IoTServer Features -->
 
+                                <!-- App Manager Features-->
                                 <feature>
                                     <id>org.wso2.carbon.device.application.mgt.api.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
@@ -1859,6 +1867,17 @@
                                 </feature>
                                 <!-- End of App Manager Features-->
 
+                                <!-- SMS Management Features-->
+                                <feature>
+                                    <id>io.entgra.transport.mgt.sms.handler.server.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
+                                <feature>
+                                    <id>io.entgra.transport.mgt.sms.handler.api.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
+                                <!-- End of SMS Management Features-->
+
                                 <!-- Dashboard Features -->
                                 <feature>
                                     <id>org.wso2.carbon.dashboards.shindig.feature.group</id>
@@ -1955,6 +1974,10 @@
                                     <id>org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>io.entgra.server.heart.beat.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.device.mgt.mobile.android.feature.group</id>
                                     <version>${carbon.device.mgt.plugin.version}</version>
@@ -2367,6 +2390,10 @@
                                     <id>org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>io.entgra.server.heart.beat.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.device.mgt.mobile.android.feature.group</id>
                                     <version>${carbon.device.mgt.plugin.version}</version>
@@ -2465,13 +2492,23 @@
                                     <id>org.wso2.carbon.device.application.mgt.api.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
-
                                 <feature>
                                     <id>org.wso2.carbon.device.application.mgt.server.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
                                 <!-- End of App Manager Features-->
 
+                                <!-- SMS Management Features-->
+                                <feature>
+                                    <id>io.entgra.transport.mgt.sms.handler.server.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
+                                <feature>
+                                    <id>io.entgra.transport.mgt.sms.handler.api.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
+                                <!-- End of SMS Management Features-->
+
                                 <!-- End of IoTServer Features -->
 
                                 <feature>
@@ -2560,6 +2597,10 @@
                                     <id>org.wso2.carbon.device.mgt.extensions.push.notification.provider.http.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>io.entgra.server.heart.beat.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.device.mgt.mobile.android.feature.group</id>
                                     <version>${carbon.device.mgt.plugin.version}</version>

modules/p2-profile/pom.xml

@@ -23,7 +23,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

modules/scripts/change-ip.sh

@@ -12,47 +12,45 @@ echo ">>> Step 1: Change current IP address of the IoT server"
 
 echo ""
 echo "Please enter the IoT Core IP that you need to replace (if you are trying out IoT server for the first time this will be localhost)"
-read val1;
+read -r val1;
 
 while [[ -z $val1 ]]; do #if $val1 is a zero length String
     echo "Please enter the IoT Core IP that you need to replace (if you are trying out IoT server for the first time this will be localhost)"
-    read val1;
+    read -r val1;
 done
 
 echo ""
 echo "Please enter your current IP"
-read val2;
+read -r val2;
 
 while [[ -z $val2 ]]; do #if $val2 is a zero length String
     echo "Please enter your current IP"
-    read val2;
+    read -r val2;
 done
 
 echo "--------------------------------------"
-echo "All your " + $val1 + " IP's are replaced with " +$val2 ;
+echo "All your " + "$val1" + " IP's are replaced with " + "$val2" ;
 echo "--------------------------------------"
 
-replaceText='s/localhost/'$val1'/g'
-
 echo "Changing <IoT_HOME>/conf/carbon.xml"
-sed -i '' -e 's#\(<HostName>\)'$val1'\(</HostName>\)#\1'$val2'\2#g' ../conf/carbon.xml
+sed -i -e 's#\(<HostName>\)'"$val1"'\(</HostName>\)#\1'"$val2"'\2#g' ../conf/carbon.xml
-sed -i '' -e 's#\(<MgtHostName>\)'$val1'\(</MgtHostName>\)#\1'$val2'\2#g' ../conf/carbon.xml
+sed -i -e 's#\(<MgtHostName>\)'"$val1"'\(</MgtHostName>\)#\1'"$val2"'\2#g' ../conf/carbon.xml
 echo "Completed!!"
 
 #--------------------
 echo "Changing <IoT_HOME>/conf/identity/sso-idp-config.xml"
-sed -i '' -e 's/'$val1'/'$val2'/g' ../conf/identity/sso-idp-config.xml
+sed -i -e 's/'"$val1"'/'"$val2"'/g' ../conf/identity/sso-idp-config.xml
 echo "Completed!!"
 
 #--------------------
 echo "Changing <IoT_HOME>/conf/iot-api-config.xml"
-sed -i '' -e 's/'$val1'/'$val2'/g' ../conf/iot-api-config.xml
+sed -i -e 's/'"$val1"'/'"$val2"'/g' ../conf/iot-api-config.xml
 echo "Completed!!"
 
 #--------------------
 echo "Changing <IoT_HOME>/repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json"
-sed -i -e 's/"identityProvider.*/\"identityProviderUrl\"\ :\ "https\:\/\/'$val2':9443\/samlsso\"\,/' ../repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json
+sed -i -e 's/"identityProvider.*/\"identityProviderUrl\"\ :\ "https\:\/\/'"$val2"':9443\/samlsso\"\,/' ../repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json
-sed -i -e 's/"acs.*/\"acs\"\ :\ "https\:\/\/'$val2':9443\/devicemgt\/uuf\/sso\/acs\"\,/' ../repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json
+sed -i -e 's/"acs.*/\"acs\"\ :\ "https\:\/\/'"$val2"':9443\/devicemgt\/uuf\/sso\/acs\"\,/' ../repository/deployment/server/jaggeryapps/devicemgt/app/conf/app-conf.json
 echo "Completed!!"
 
 #--------------------
@@ -62,7 +60,7 @@ echo "Completed!!"
 
 #--------------------
 echo "Changing <IoT_HOME>/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json"
-sed -i -e 's/"identityProvider.*/\"identityProviderURL\"\ :\ "https\:\/\/'$val2':9443\/samlsso\"\,/' ../repository/deployment/server/jaggeryapps/api-store/site/conf/site.json
+sed -i -e 's/"identityProvider.*/\"identityProviderURL\"\ :\ "https\:\/\/'"$val2"':9443\/samlsso\"\,/' ../repository/deployment/server/jaggeryapps/api-store/site/conf/site.json
 echo "Completed!!"
 
 #--------------------
@@ -73,79 +71,79 @@ echo 'found'
 sed -i -e 's|<!-- Server URL of the API key manager -->||' ../conf/api-manager.xml
 fi
 
-if grep -q '<ServerURL>https:\/\/\${carbon.local.ip}:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>' ../conf/api-manager.xml;
+if grep -q "<ServerURL>https:\/\/\${carbon.local.ip}:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>" ../conf/api-manager.xml;
 then
 echo 'found'
-sed -i -e 's/<ServerURL>https:\/\/\${carbon.local.ip}:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>//' ../conf/api-manager.xml
+sed -i -e "s/<ServerURL>https:\/\/\${carbon.local.ip}:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>//" ../conf/api-manager.xml
 fi
 
-if grep -q '<ServerURL>https:\/\/'$val2':\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>' ../conf/api-manager.xml;
+if grep -q "<ServerURL>https:\/\/$val2:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>" ../conf/api-manager.xml;
 then
 echo 'found'
-sed -i -e 's/<ServerURL>https:\/\/'$val2':\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>//' ../conf/api-manager.xml
+sed -i -e "s/<ServerURL>https:\/\/$val2:\${mgt.transport.https.port}\${carbon.context}services\/<\/ServerURL>//" ../conf/api-manager.xml
 fi
 
-sed -i '' -e 's/<APIKeyValidator>/<APIKeyValidator><!-- Server URL of the API key manager --><ServerURL>https:\/\/'$val2'\:\$\{mgt\.transport\.https\.port\}\$\{carbon\.context\}services\/<\/ServerURL>/g' ../conf/api-manager.xml
+sed -i -e 's/<APIKeyValidator>/<APIKeyValidator><!-- Server URL of the API key manager --><ServerURL>https:\/\/'"$val2"'\:\$\{mgt\.transport\.https\.port\}\$\{carbon\.context\}services\/<\/ServerURL>/g' ../conf/api-manager.xml
 echo "Completed!!"
 
 #--------------------
-if grep -q '<RevokeAPIURL>https:\/\/localhost:\${https.nio.port}\/revoke<\/RevokeAPIURL>' ../conf/api-manager.xml;
+if grep -q "<RevokeAPIURL>https:\/\/localhost:\${https.nio.port}\/revoke<\/RevokeAPIURL>" ../conf/api-manager.xml;
 then
-sed -i -e 's|<RevokeAPIURL>https:\/\/localhost:\${https.nio.port}\/revoke<\/RevokeAPIURL>|<RevokeAPIURL>https:\/\/'$val2':\${https.nio.port}\/revoke<\/RevokeAPIURL>|' ../conf/api-manager.xml
+sed -i -e "s|<RevokeAPIURL>https:\/\/localhost:\${https.nio.port}\/revoke<\/RevokeAPIURL>|<RevokeAPIURL>https:\/\/$val2:\${https.nio.port}\/revoke<\/RevokeAPIURL>|" ../conf/api-manager.xml
 fi
 
-if grep -q '<RevokeAPIURL>https:\/\/'$val1':\${https.nio.port}\/revoke<\/RevokeAPIURL>' ../conf/api-manager.xml;
+if grep -q "<RevokeAPIURL>https:\/\/$val1:\${https.nio.port}\/revoke<\/RevokeAPIURL>" ../conf/api-manager.xml;
 then
-sed -i -e 's|<RevokeAPIURL>https:\/\/'$val1':\${https.nio.port}\/revoke<\/RevokeAPIURL>|<RevokeAPIURL>https:\/\/'$val2':\${https.nio.port}\/revoke<\/RevokeAPIURL>|' ../conf/api-manager.xml
+sed -i -e "s|<RevokeAPIURL>https:\/\/$val1:\${https.nio.port}\/revoke<\/RevokeAPIURL>|<RevokeAPIURL>https:\/\/$val2:\${https.nio.port}\/revoke<\/RevokeAPIURL>|" ../conf/api-manager.xml
 fi
 
 #--------------------
 echo "Changing <IoT_HOME>/conf/etc/webapp-publisher-config.xml"
-sed -i '' -e 's#\(<EnabledUpdateApi>\)false\(</EnabledUpdateApi>\)#\1'true'\2#g' ../conf/etc/webapp-publisher-config.xml
+sed -i  -e 's#\(<EnabledUpdateApi>\)false\(</EnabledUpdateApi>\)#\1'"true"'\2#g' ../conf/etc/webapp-publisher-config.xml
 echo "Completed!!"
 
 #--------------------
 echo "Changing  <IoT_HOME>/bin/iot-server.sh"
-sed -i -e 's/-Diot.manager.host.*/-Diot.manager.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Diot.manager.host.*/-Diot.manager.host="'"$val2"'" \\/' ../bin/iot-server.sh
-sed -i -e 's/-Diot.core.host.*/-Diot.core.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Diot.core.host.*/-Diot.core.host="'"$val2"'" \\/' ../bin/iot-server.sh
-sed -i -e 's/-Diot.keymanager.host.*/-Diot.keymanager.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Diot.keymanager.host.*/-Diot.keymanager.host="'"$val2"'" \\/' ../bin/iot-server.sh
-sed -i -e 's/-Diot.gateway.host.*/-Diot.gateway.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Diot.gateway.host.*/-Diot.gateway.host="'"$val2"'" \\/' ../bin/iot-server.sh
 echo "Completed!!"
 
 #----------------------
 echo ""
 echo "Changing hostURL of <IoT_HOME>/wso2/broker/conf/broker.xml"
-if grep -q '<property name="hostURL">https://'$val1':9443/services/OAuth2TokenValidationService</property>' ../wso2/broker/conf/broker.xml;
+if grep -q '<property name="hostURL">https://'"$val1"':9443/services/OAuth2TokenValidationService</property>' ../wso2/broker/conf/broker.xml;
 then
 echo "found"
-sed -i -e 's|<property name="hostURL">https:\/\/'$val1':9443\/services\/OAuth2TokenValidationService</\property>|<property name="hostURL">https:\/\/'$val2':9443\/services\/OAuth2TokenValidationService</\property>|' ../wso2/broker/conf/broker.xml
+sed -i -e 's|<property name="hostURL">https:\/\/'"$val1"':9443\/services\/OAuth2TokenValidationService</\property>|<property name="hostURL">https:\/\/'"$val2"':9443\/services\/OAuth2TokenValidationService</\property>|' ../wso2/broker/conf/broker.xml
 echo "Completed!!"
 fi
 
 #------------------------
 echo ""
 echo "Changing tokenEndpoint of <IoT_HOME>/wso2/broker/conf/broker.xml"
-if grep -q '<property name="tokenEndpoint">https:\/\/'$val1':8243</\property>' ../wso2/broker/conf/broker.xml;
+if grep -q '<property name="tokenEndpoint">https:\/\/'"$val1"':8243</\property>' ../wso2/broker/conf/broker.xml;
 then
 echo "found"
-sed -i -e 's|<property name="tokenEndpoint">https:\/\/'$val1':8243</\property>|<property name="tokenEndpoint">https:\/\/'$val2':8243</\property>|' ../wso2/broker/conf/broker.xml
+sed -i -e 's|<property name="tokenEndpoint">https:\/\/'"$val1"':8243</\property>|<property name="tokenEndpoint">https:\/\/'"$val2"':8243</\property>|' ../wso2/broker/conf/broker.xml
 echo "Completed!!"
 fi
 
 #--------------------------
 echo ""
 echo "Changing deviceMgtServerUrl of <IoT_HOME>/wso2/broker/conf/broker.xml"
-if grep -q '<property name="deviceMgtServerUrl">https:\/\/'$val1':8243</\property>' ../wso2/broker/conf/broker.xml;
+if grep -q '<property name="deviceMgtServerUrl">https:\/\/'"$val1"':8243</\property>' ../wso2/broker/conf/broker.xml;
 then
 echo "found"
-sed -i -e 's|<property name="deviceMgtServerUrl">https:\/\/'$val1':8243</\property>|<property name="deviceMgtServerUrl">https:\/\/'$val2':8243</\property>|' ../wso2/broker/conf/broker.xml
+sed -i -e 's|<property name="deviceMgtServerUrl">https:\/\/'"$val1"':8243</\property>|<property name="deviceMgtServerUrl">https:\/\/'"$val2"':8243</\property>|' ../wso2/broker/conf/broker.xml
 echo "Completed!!"
 fi
 
 #--------------------
 echo "Changing  <IoT_HOME>/wso2/analytics/bin/wso2server.sh"
-sed -i -e 's/-Diot.keymanager.host.*/-Diot.keymanager.host="'$val2'" \\/' ../wso2/analytics/bin/wso2server.sh
+sed -i -e 's/-Diot.keymanager.host.*/-Diot.keymanager.host="'"$val2"'" \\/' ../wso2/analytics/bin/wso2server.sh
-sed -i -e 's/-Diot.gateway.host.*/-Diot.gateway.host="'$val2'" \\/' ../wso2/analytics/bin/wso2server.sh
+sed -i -e 's/-Diot.gateway.host.*/-Diot.gateway.host="'"$val2"'" \\/' ../wso2/analytics/bin/wso2server.sh
 echo "Completed!!"
 
 ##################################### IP configs related to broker ####################################
@@ -156,17 +154,17 @@ echo "-------------------------------------------------------"
 
 #--------------------
 echo "Changing  <IoT_HOME>/wso2/analytics/bin/wso2server.sh"
-sed -i -e 's/-Dmqtt.broker.host.*/-Dmqtt.broker.host="'$val2'" \\/' ../wso2/analytics/bin/wso2server.sh
+sed -i -e 's/-Dmqtt.broker.host.*/-Dmqtt.broker.host="'"$val2"'" \\/' ../wso2/analytics/bin/wso2server.sh
 echo "Completed!!"
 
 #--------------------
 echo "Changing  <IoT_HOME>/bin/iot-server.sh"
-sed -i -e 's/-Dmqtt.broker.host.*/-Dmqtt.broker.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Dmqtt.broker.host.*/-Dmqtt.broker.host="'"$val2"'" \\/' ../bin/iot-server.sh
 echo "Completed!!"
 
 echo "Changing <IoT_HOME>/wso2/broker/conf/carbon.xml"
-sed -i '' -e 's#\(<HostName>\)'$val1'\(</HostName>\)#\1'$val2'\2#g' ../wso2/broker/conf/carbon.xml
+sed -i -e 's#\(<HostName>\)'"$val1"'\(</HostName>\)#\1'"$val2"'\2#g' ../wso2/broker/conf/carbon.xml
-sed -i '' -e 's#\(<MgtHostName>\)'$val1'\(</MgtHostName>\)#\1'$val2'\2#g' ../wso2/broker/conf/carbon.xml
+sed -i -e 's#\(<MgtHostName>\)'"$val1"'\(</MgtHostName>\)#\1'"$val2"'\2#g' ../wso2/broker/conf/carbon.xml
 echo "Completed!!"
 
 ##################################### IP configs related to analytics ####################################
@@ -178,12 +176,12 @@ echo "-------------------------------------------------------"
 
 #--------------------
 echo "Changing  <IoT_HOME>/bin/iot-server.sh"
-sed -i -e 's/-Diot.analytics.host.*/-Diot.analytics.host="'$val2'" \\/' ../bin/iot-server.sh
+sed -i -e 's/-Diot.analytics.host.*/-Diot.analytics.host="'"$val2"'" \\/' ../bin/iot-server.sh
 echo "Completed!!"
 
 echo "Changing <IoT_HOME>/wso2/analytics/conf/carbon.xml"
-sed -i '' -e 's#\(<HostName>\)'$val1'\(</HostName>\)#\1'$val2'\2#g' ../wso2/analytics/conf/carbon.xml
+sed -i -e 's#\(<HostName>\)'"$val1"'\(</HostName>\)#\1'"$val2"'\2#g' ../wso2/analytics/conf/carbon.xml
-sed -i '' -e 's#\(<MgtHostName>\)'$val1'\(</MgtHostName>\)#\1'$val2'\2#g' ../wso2/analytics/conf/carbon.xml
+sed -i -e 's#\(<MgtHostName>\)'"$val1"'\(</MgtHostName>\)#\1'"$val2"'\2#g' ../wso2/analytics/conf/carbon.xml
 echo "Completed!!"
 
 echo ""
@@ -195,44 +193,42 @@ echo ""
 B_SUBJ=''
 C_SUBJ=''
 A_SUBJ=''
-SERVER_ADDRESS=''
 SAN_NAMES=''
 slash='/'
 equal='='
 
 buildSubject(){
-    if [ $1 = "CN" ]; then
+    if [ "$1" = "CN" ]; then
         echo "Please provide Common Name "
-        read val
+        read -r val
         while [[ -z $val ]]; do #if $val is a zero length String
             echo "Common name(your server IP/hostname) cannot be null. Please enter the Common name."
-            read val;
+            read -r val;
         done
-        if [ -n $val ]; then    #This is true if $val is not empty (If $val is not a non zero length String)
+        if [ -n "$val" ]; then    #This is true if $val is not empty (If $val is not a non zero length String)
-            if [ $3 = "C" ]; then
+            if [ "$3" = "C" ]; then
                 C_SUBJ="$C_SUBJ$slash$1$equal$val"
                 return
-                elif [ $3 = "B" ]; then
+                elif [ "$3" = "B" ]; then
                 B_SUBJ="$B_SUBJ$slash$1$equal$val"
                 return
                 else
                 A_SUBJ="$A_SUBJ$slash$1$equal$val"
-                SERVER_ADDRESS=$val
                 return
             fi
         fi
     fi
 
-    echo "Please provide "$2". Press Enter to skip."
+    echo "Please provide ""$2"". Press Enter to skip."
-    read val;
+    read -r val;
-    if [ ! -z $val ]; then  #If $val is not a zero length String; This is same as if[ -n $val]; then
+    if [ -n "$val" ]; then  #If $val is not a zero length String; This is same as if[ -n $val]; then
-        if [ $3 = "C" ]; then
+        if [ "$3" = "C" ]; then
             C_SUBJ="$C_SUBJ$slash$1$equal$val"
             return
-        elif [ $3 = "B" ]; then
+        elif [ "$3" = "B" ]; then
             B_SUBJ="$B_SUBJ$slash$1$equal$val"
             return
-        elif [ $3 = "S" ]; then
+        elif [ "$3" = "S" ]; then
             SAN_NAMES="DNS:$val$4$SAN_NAMES"
             buildSubject 'SAN' 'SAN' 'S' ','
             return
@@ -242,7 +238,13 @@ buildSubject(){
         fi
     fi
 }
+
+if [ -d "tmp" ]; then
+  rm -rf tmp
+fi
+
 mkdir tmp
+
 echo ''
 echo '=======Enter Values for IoT Core SSL Certificate======='
 
@@ -256,11 +258,11 @@ buildSubject 'CN' 'Common Name' 'C'
 buildSubject 'SAN' 'SAN' 'S'
 
 echo ""
-echo 'Provided IoT Core SSL Subject : ' $C_SUBJ
+echo 'Provided IoT Core SSL Subject : ' "$C_SUBJ"
 
 echo 'If you have a different IoT Core Keystore password please enter it here. Press Enter to use the default password.'
-read -s password
+read -r -s password
-if [ ! -z $password ]; then
+if [ -n "$password" ]; then
     SSL_PASS=$password
 else
     SSL_PASS="wso2carbon"
@@ -269,11 +271,11 @@ fi
 echo ""
 echo "Generating SSL Certificate for IoT Core"
 openssl genrsa -out ./tmp/c.key 4096
-openssl req -new -key ./tmp/c.key -out ./tmp/c.csr  -subj $C_SUBJ
+openssl req -new -key ./tmp/c.key -out ./tmp/c.csr  -subj "$C_SUBJ"
-if [ -z $SAN_NAMES ]; then
+if [ -z "$SAN_NAMES" ]; then
     openssl x509 -req -days 730 -in ./tmp/c.csr -signkey ./tmp/c.key -set_serial 044324884 -sha256 -out ./tmp/c.crt
 else
-    openssl x509 -req -extfile <(printf "subjectAltName=$SAN_NAMES") -days 730 -in ./tmp/c.csr -signkey ./tmp/c.key -set_serial 044324884 -sha256 -out ./tmp/c.crt
+    openssl x509 -req -extfile <(printf "subjectAltName=%s" "$SAN_NAMES") -days 730 -in ./tmp/c.csr -signkey ./tmp/c.key -set_serial 044324884 -sha256 -out ./tmp/c.crt
 fi
 
 echo "Export to PKCS12"
@@ -299,8 +301,8 @@ else
 echo ""
 echo "Printing certificate"
 echo "-----------------------"
-echo $VAR
+echo "$VAR"
-sed -i '' -e 's#<Certificate>.*#<Certificate>'"$VAR"'</Certificate>#g' ../conf/identity/identity-providers/iot_default.xml
+sed -i -e 's#<Certificate>.*#<Certificate>'"$VAR"'</Certificate>#g' ../conf/identity/identity-providers/iot_default.xml
 
 echo ""
 if [ -e "../conf/identity/identity-providers/iot_default.xml-e" ]; then

modules/scripts/mobile-qsg/pom.xml

@@ -21,13 +21,13 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-scripts</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>mobile-qsg</artifactId>
-    <version>4.0.0-RC</version>
+    <version>4.1.1-SNAPSHOT</version>
     <name>Entgra IoT - QSG Script</name>
     <description>This includes the tools for IoTs Quick Start Guide</description>
     <packaging>jar</packaging>

modules/scripts/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

modules/tools/cdmf-devicetype-archetype/pom.xml

@@ -20,13 +20,13 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-tools</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>iot-devicetype-archetype</artifactId>
-    <version>4.0.0-RC</version>
+    <version>4.1.1-SNAPSHOT</version>
     <name>Entgra IoT - Device Type Archetype</name>
     <description>Entgra IoT Device Type Archetype</description>
     <packaging>maven-archetype</packaging>

modules/tools/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.iot</groupId>
         <artifactId>entgra-iot-server-parent</artifactId>
-        <version>4.0.0-RC</version>
+        <version>4.1.1-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

pom.xml

@@ -23,7 +23,7 @@
     <groupId>io.entgra.iot</groupId>
     <artifactId>entgra-iot-server-parent</artifactId>
     <packaging>pom</packaging>
-    <version>4.0.0-RC</version>
+    <version>4.1.1-SNAPSHOT</version>
     <name>Entgra IoT - Parent</name>
     <url>http://entgra.io</url>
     <description>Entgra IoT Server</description>
@@ -1392,6 +1392,17 @@
 
     <properties>
 
+        <!-- Carbon Device Management-->
+        <carbon.device.mgt.version>4.1.16-SNAPSHOT</carbon.device.mgt.version>
+
+        <carbon.device.mgt.version.range>[4.0.0, 5.0.0)</carbon.device.mgt.version.range>
+
+        <!-- IOT Device Management -->
+        <product.iot.version>${project.version}</product.iot.version>
+
+        <!-- Carbon Device Management Plugins-->
+        <carbon.device.mgt.plugin.version>5.0.16-SNAPSHOT</carbon.device.mgt.plugin.version>
+
         <!--Carbon kernel versions-->
         <carbon.kernel.version>4.4.26</carbon.kernel.version>
         <carbon.kernel.version.range>[4.4.0, 4.5.0)</carbon.kernel.version.range>
@@ -1470,17 +1481,6 @@
         <!-- Carbon Governance -->
         <carbon.governance.version>4.7.23</carbon.governance.version>
 
-        <!-- Carbon Device Management-->
-        <carbon.device.mgt.version>4.1.8</carbon.device.mgt.version>
-
-        <carbon.device.mgt.version.range>[4.0.0, 5.0.0)</carbon.device.mgt.version.range>
-
-        <!-- IOT Device Management -->
-        <product.iot.version>${project.version}</product.iot.version>
-
-        <!-- Carbon Device Management Plugins-->
-        <carbon.device.mgt.plugin.version>5.0.8</carbon.device.mgt.plugin.version>
-
         <!-- API Management -->
         <carbon.api.mgt.version>6.2.201</carbon.api.mgt.version>
         <carbon.api.mgt.version.range>(6.0.0,7.0.0]</carbon.api.mgt.version.range>
@@ -1628,7 +1628,7 @@
         <url>https://gitlab.com/entgra/product-iots.git</url>
         <developerConnection>scm:git:https://gitlab.com/entgra/product-iots.git</developerConnection>
         <connection>scm:git:https://gitlab.com/entgra/product-iots.git</connection>
-        <tag>v4.0.0-RC</tag>
+        <tag>HEAD</tag>
     </scm>
 
     <build>