Skip to content

Introduce New Device Management API Endpoint#1150

Open
kaviska wants to merge 3 commits into
wso2:masterfrom
kaviska:device-mgt-api
Open

Introduce New Device Management API Endpoint#1150
kaviska wants to merge 3 commits into
wso2:masterfrom
kaviska:device-mgt-api

Conversation

@kaviska

@kaviska kaviska commented Jul 17, 2026

Copy link
Copy Markdown

Purpose

This PR adds a new Device Management REST API (/api/server/v1/devices) to the Identity Server API layer. It exposes the underlying DeviceManagementService over HTTP, allowing tenant administrators to manage registered devices through the Admin API.

Goals

The API provides the following device management operations:

  • List registered devices with pagination (limit and offset).
  • Filter devices by the owning user (userId) while preserving pagination and total result counts.
  • Retrieve a device by its ID.
  • Rename a device.
  • Delete a registered device.

Implementation

A new Maven component, org.wso2.carbon.identity.api.server.device.mgt, has been introduced following the existing API Server structure.

Modules

.common

  • Defines shared constants and API error codes.
  • Provides DeviceMgtServiceHolder for accessing the DeviceManagementService OSGi service.

.v1

  • Contains the versioned REST API implementation.
  • device-mgt.yaml defines the OpenAPI specification, with API models and interfaces generated from it.
  • DevicesApiServiceImpl implements the JAX-RS endpoints.
  • DeviceManagementApiService contains the API logic, including request validation, tenant resolution, and delegation to DeviceManagementService.
  • DeviceServiceFactory initializes and provides the backend service instance.

User stories

  • As a tenant administrator, I can view all registered devices in my tenant with pagination.
  • As a tenant administrator, I can view all devices registered by a specific user, including inactive devices.
  • As a tenant administrator, I can retrieve, rename, or delete a device by its ID.

Developer Checklist (Mandatory)

  • Complete the Developer Checklist in the related product-is issue to capture any behavioral changes or migration impacts.

Release note

N/A

Documentation

N/A

Training

N/A

Certification

N/A

Marketing

N/A

Automation tests

N/A

Security checks

  • Followed the WSO2 Secure Engineering Guidelines: Yes
  • Ran the FindSecurityBugs plugin and verified the report:
  • Confirmed that no keys, passwords, tokens, or other secrets are included: Yes

Samples

N/A

Related PRs

wso2/carbon-identity-framework#8202

Migrations

N/A – This introduces a new API and does not require any migration.

Test environment

N/A

Learning

N/A

@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Warning

Review limit reached

@kaviska, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 33 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 91d458fd-dc49-45ce-921e-e7dca7e9b76e

📥 Commits

Reviewing files that changed from the base of the PR and between bb56735 and 2487299.

⛔ Files ignored due to path filters (8)
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/DevicesApi.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/DevicesApiService.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/factories/DevicesApiServiceFactory.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/model/DeviceListLink.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/model/DeviceListResponse.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/model/DevicePatchRequest.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/model/DeviceResponse.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/gen/java/org/wso2/carbon/identity/api/server/device/mgt/v1/model/Error.java is excluded by !**/gen/**
📒 Files selected for processing (10)
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.common/pom.xml
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.common/src/main/java/org/wso2/carbon/identity/api/server/device/mgt/common/Constants.java
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.common/src/main/java/org/wso2/carbon/identity/api/server/device/mgt/common/DeviceMgtServiceHolder.java
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/pom.xml
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/main/java/org/wso2/carbon/identity/api/server/device/mgt/v1/core/DeviceManagementApiService.java
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/main/java/org/wso2/carbon/identity/api/server/device/mgt/v1/factories/DeviceServiceFactory.java
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/main/java/org/wso2/carbon/identity/api/server/device/mgt/v1/impl/DevicesApiServiceImpl.java
  • components/org.wso2.carbon.identity.api.server.device.mgt/org.wso2.carbon.identity.api.server.device.mgt.v1/src/main/resources/device-mgt.yaml
  • components/org.wso2.carbon.identity.api.server.device.mgt/pom.xml
  • pom.xml
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant