wso2 · duleepa-a · Feb 4, 2026 · Feb 5, 2026 · Feb 13, 2026 · Feb 14, 2026
diff --git a/...ervices-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml b/...ervices-accelerator/accelerators/fs-is/carbon-home/repository/conf/financial-services.xml
@@ -38,6 +38,9 @@
             <Validator>org.wso2.financial.services.accelerator.consent.mgt.extensions.validate.impl.DefaultConsentValidator</Validator>
             <RequestSignatureAlias>wso2carbon</RequestSignatureAlias>
             <JWTPayloadValidation>true</JWTPayloadValidation>
+            <ResponsePayloadSigning>
+                <Enabled>false</Enabled>
+            </ResponsePayloadSigning>
         </Validation>
         <AdminHandler>org.wso2.financial.services.accelerator.consent.mgt.extensions.admin.impl.DefaultConsentAdminHandler</AdminHandler>
         <ConsentAPICredentials>

diff --git a/...carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2 b/...carbon-home/repository/resources/conf/templates/repository/conf/financial-services.xml.j2
@@ -133,6 +133,13 @@
             {% else %}
             <JWTPayloadValidation>true</JWTPayloadValidation>
             {% endif %}
+            <ResponsePayloadSigning>
+                {% if financial_services.consent.validation.response_payload_signing.enabled is defined %}
+                <Enabled>{{financial_services.consent.validation.response_payload_signing.enabled}}</Enabled>
+                {% else %}
+                <Enabled>false</Enabled>
+                {% endif %}
+            </ResponsePayloadSigning>
         </Validation>
         {% if financial_services.consent.admin.handler is defined %}
         <AdminHandler>{{financial_services.consent.admin.handler}}</AdminHandler>

diff --git a/...rvices/apim/mediation/policies/consent/enforcement/ConsentEnforcementPayloadMediator.java b/...rvices/apim/mediation/policies/consent/enforcement/ConsentEnforcementPayloadMediator.java
@@ -80,10 +80,10 @@ public boolean mediate(MessageContext messageContext) {
                 messageContext.getProperty(ConsentEnforcementConstants.API_ELECTED_RESOURCE));
         additionalParams.put(ConsentEnforcementConstants.RESOURCE_PARAMS_TAG,
                 ConsentEnforcementUtils.getResourceParamMap(messageContext));
-         additionalParams.put(ConsentEnforcementConstants.USER_ID_TAG,
-                 messageContext.getProperty(ConsentEnforcementConstants.USER_ID));
-         additionalParams.put(ConsentEnforcementConstants.CLIENT_ID_TAG,
-                 messageContext.getProperty(ConsentEnforcementConstants.CONSUMER_KEY));
+        additionalParams.put(ConsentEnforcementConstants.USER_ID_TAG,
+                messageContext.getProperty(ConsentEnforcementConstants.USER_ID));
+        additionalParams.put(ConsentEnforcementConstants.CLIENT_ID_TAG,
+                messageContext.getProperty(ConsentEnforcementConstants.CONSUMER_KEY));
 
         JSONObject validationRequest;
         try {

diff --git a/.../org/wso2/financial/services/accelerator/common/config/FinancialServicesConfigParser.java b/.../org/wso2/financial/services/accelerator/common/config/FinancialServicesConfigParser.java
@@ -744,6 +744,13 @@ public String getConsentValidationConfig() {
         return source.map(String::trim).orElse("");
     }
 
+    public String getResponsePayloadSigningConfig() {
+
+        Optional<String> source = getConfigurationFromKeyAsString(
+                FinancialServicesConstants.CONSENT_RESPONSE_PAYLOAD_SIGNING);
+        return source.map(String::trim).orElse("false");
+    }
+
     //Event notifications configurations.
     public String getEventNotificationTokenIssuer() {
 

diff --git a/...a/org/wso2/financial/services/accelerator/common/constant/FinancialServicesConstants.java b/...a/org/wso2/financial/services/accelerator/common/constant/FinancialServicesConstants.java
@@ -59,6 +59,7 @@ public class FinancialServicesConstants {
     public static final String CONSENT_JWT_PAYLOAD_VALIDATION = "Consent.Validation.JWTPayloadValidation";
     public static final String SIGNATURE_ALIAS = "Consent.Validation.RequestSignatureAlias";
     public static final String CONSENT_VALIDATOR = "Consent.Validation.Validator";
+    public static final String CONSENT_RESPONSE_PAYLOAD_SIGNING = "Consent.Validation.ResponsePayloadSigning.Enabled";
     public static final String ADMIN_HANDLER = "Consent.AdminHandler";
     public static final String PRESERVE_CONSENT = "Consent.PreserveConsentLink";
     public static final String ADMIN_USERNAME = "Admin.Username";

diff --git a/...rg/wso2/financial/services/accelerator/common/extension/model/ExternalServiceRequest.java b/...rg/wso2/financial/services/accelerator/common/extension/model/ExternalServiceRequest.java
@@ -21,7 +21,7 @@
 import org.json.JSONObject;
 
 /**
- * Model class to represent the external service request
+ * Model class to represent the external service request.
  */
 public class ExternalServiceRequest {
 

diff --git a/...g/wso2/financial/services/accelerator/common/extension/model/ExternalServiceResponse.java b/...g/wso2/financial/services/accelerator/common/extension/model/ExternalServiceResponse.java
@@ -21,7 +21,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 
 /**
- * Model class to represent the external service response
+ * Model class to represent the external service response.
  */
 public class ExternalServiceResponse {
 

diff --git a/.../wso2/financial/services/accelerator/common/extension/model/ServiceExtensionTypeEnum.java b/.../wso2/financial/services/accelerator/common/extension/model/ServiceExtensionTypeEnum.java
@@ -19,7 +19,7 @@
 package org.wso2.financial.services.accelerator.common.extension.model;
 
 /**
- * Service extension type enum
+ * Service extension type enum.
  */
 public enum ServiceExtensionTypeEnum {
 

diff --git a/.../main/java/org/wso2/financial/services/accelerator/common/extension/model/StatusEnum.java b/.../main/java/org/wso2/financial/services/accelerator/common/extension/model/StatusEnum.java
@@ -19,7 +19,7 @@
 package org.wso2.financial.services.accelerator.common.extension.model;
 
 /**
- * Status enum
+ * Status enum.
  */
 public enum StatusEnum {
 

diff --git a/.../main/java/org/wso2/financial/services/accelerator/common/util/ServiceExtensionUtils.java b/.../main/java/org/wso2/financial/services/accelerator/common/util/ServiceExtensionUtils.java
@@ -195,7 +195,7 @@ private static boolean isRetryableException(Exception e) {
     }
 
     /**
-     * Method to map a json object to a model class
+     * Method to map a json object to a model class.
      *
      * @param jsonResponse   JSON response string to be mapped
      * @param clazz          Class type to which the JSON response should be mapped

diff --git a/...so2/financial/services/accelerator/common/validator/validationgroups/AttributeChecks.java b/...so2/financial/services/accelerator/common/validator/validationgroups/AttributeChecks.java
@@ -10,8 +10,8 @@
 package org.wso2.financial.services.accelerator.common.validator.validationgroups;
 
 /**
- * Interface for grouping the validation annotations
- * Groups the validations for attributes
+ * Interface for grouping the validation annotations.
+ * Groups the validations for attributes.
  */
 public interface AttributeChecks {
 

diff --git a/...so2/financial/services/accelerator/common/validator/validationgroups/MandatoryChecks.java b/...so2/financial/services/accelerator/common/validator/validationgroups/MandatoryChecks.java
@@ -10,8 +10,8 @@
 package org.wso2.financial.services.accelerator.common.validator.validationgroups;
 
 /**
- * Interface for grouping the validation annotations
- * Grouping the mandatory check constraints
+ * Interface for grouping the validation annotations.
+ * Grouping the mandatory check constraints.
  */
 public interface MandatoryChecks {
 

diff --git a/...wso2/financial/services/accelerator/common/validator/validationgroups/SignatureCheck.java b/...wso2/financial/services/accelerator/common/validator/validationgroups/SignatureCheck.java
@@ -10,8 +10,8 @@
 package org.wso2.financial.services.accelerator.common.validator.validationgroups;
 
 /**
- * Interface for grouping the validation annotations
- * Groups the validation for signature
+ * Interface for grouping the validation annotations.
+ * Groups the validation for signature.
  */
 public interface SignatureCheck {
 

diff --git a/...so2/financial/services/accelerator/common/validator/validationgroups/ValidationOrder.java b/...so2/financial/services/accelerator/common/validator/validationgroups/ValidationOrder.java
@@ -12,7 +12,7 @@
 import javax.validation.GroupSequence;
 
 /**
- * Class to define the order of execution for the hibernate validation groups
+ * Class to define the order of execution for the hibernate validation groups.
  */
 @GroupSequence({MandatoryChecks.class, AttributeChecks.class, SignatureCheck.class})
 public interface ValidationOrder {

diff --git a/...rg/wso2/financial/services/accelerator/consent/mgt/dao/util/ConsentManagementDAOUtil.java b/...rg/wso2/financial/services/accelerator/consent/mgt/dao/util/ConsentManagementDAOUtil.java
@@ -345,8 +345,9 @@ public static String constructUserIdListFilterCondition(Map<String, ArrayList<St
      * @param columnsMap                map of columns
      * @return ordered parameters map
      */
-    public static TreeMap<Integer, ArrayList<String>> determineOrderOfParamsToSet(String preparedStatement,
-                            Map<String, ArrayList<String>> applicableConditionsMap, Map<String, String> columnsMap) {
+    public static TreeMap<Integer, ArrayList<String>> determineOrderOfParamsToSet(
+            String preparedStatement,
+            Map<String, ArrayList<String>> applicableConditionsMap, Map<String, String> columnsMap) {
 
         int indexOfConsentIDsList;
         int indexOfClientIdsList;

diff --git a/...ncial/services/accelerator/consent/mgt/dao/util/ConsentManagementDAOTestDataProvider.java b/...ncial/services/accelerator/consent/mgt/dao/util/ConsentManagementDAOTestDataProvider.java
@@ -24,7 +24,7 @@
 import java.util.UUID;
 
 /**
- * Data provider class for Consent Management DAO Test
+ * Data provider class for Consent Management DAO Test.
  */
 public class ConsentManagementDAOTestDataProvider {
 

diff --git a/...es/accelerator/consent/mgt/extensions/authorize/impl/ExternalAPIConsentRetrievalStep.java b/...es/accelerator/consent/mgt/extensions/authorize/impl/ExternalAPIConsentRetrievalStep.java
@@ -22,6 +22,7 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.json.JSONArray;
 import org.json.JSONObject;
 import org.wso2.financial.services.accelerator.common.config.FinancialServicesConfigParser;
 import org.wso2.financial.services.accelerator.common.constant.FinancialServicesConstants;
@@ -157,6 +158,13 @@ public void execute(ConsentData consentData, JSONObject jsonObject) throws Conse
                         new JSONObject(objectMapper.writeValueAsString(responseDTO.getConsumerData())));
             }
 
+            // Append display data, if exists, to json object
+            if (responseDTO.getAdditionalDisplayData() != null) {
+                jsonObject.put(ConsentAuthorizeConstants.ADDITIONAL_DISPLAY_DATA,
+                        new JSONArray(objectMapper.writeValueAsString(responseDTO.getAdditionalDisplayData())));
+            }
+
+
             // Set request parameters as metadata to be used in persistence extension
             consentData.addData(ConsentExtensionConstants.REQUEST_PARAMETERS, requestParameters);
 
@@ -258,6 +266,6 @@ private PopulateConsentAuthorizeScreenDTO callExternalService(
         JSONObject responseJson = new JSONObject(externalServiceResponse.getData().toString());
         return objectMapper.readValue(responseJson.toString(), PopulateConsentAuthorizeScreenDTO.class);
     }
-    
+
 
 }
diff --git a/...services/accelerator/consent/mgt/extensions/authorize/model/AdditionalDisplayDataDTO.java b/...services/accelerator/consent/mgt/extensions/authorize/model/AdditionalDisplayDataDTO.java
@@ -0,0 +1,121 @@
+/**
+ * Copyright (c) 2026, WSO2 LLC. (https://www.wso2.com).
+ * <p>
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.financial.services.accelerator.consent.mgt.extensions.authorize.model;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+
+import javax.validation.Valid;
+
+/**
+ * Display data object for authorization UI consent retrieval.
+ * Stores UI metadata and dynamic display items such as unavailable accounts.
+ */
+public class AdditionalDisplayDataDTO {
+
+    /**
+     * UI Heading.
+     */
+    private String heading;
+
+    /**
+     * UI Sub heading.
+     */
+    private String subHeading;
+
+    /**
+     * Tooltip/help description.
+     */
+    private String description;
+
+    /**
+     * Dynamic display items.
+     */
+    @Valid
+    private List<Map<String, Object>> displayList = new ArrayList<>();
+
+    public AdditionalDisplayDataDTO() {
+    }
+
+    // Heading
+    public String getHeading() {
+        return heading;
+    }
+
+    public void setHeading(String heading) {
+        this.heading = heading;
+    }
+
+    // SubHeading
+    public String getSubHeading() {
+        return subHeading;
+    }
+
+    public void setSubHeading(String subHeading) {
+        this.subHeading = subHeading;
+    }
+
+    // Tooltip Description
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    // Display Data
+    public List<Map<String, Object>> getDisplayList() {
+        return displayList;
+    }
+
+    public void setDisplayList(List<Map<String, Object>> displayList) {
+        this.displayList = displayList;
+    }
+
+    /**
+     * Convenience method to add a display item.
+     */
+    public AdditionalDisplayDataDTO addItem(Map<String, Object> item) {
+        this.displayList.add(item);
+        return this;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (!(o instanceof AdditionalDisplayDataDTO)) {
+            return false;
+        }
+        AdditionalDisplayDataDTO that = (AdditionalDisplayDataDTO) o;
+        return Objects.equals(heading, that.heading) &&
+                Objects.equals(subHeading, that.subHeading) &&
+                Objects.equals(description, that.description) &&
+                Objects.equals(displayList, that.displayList);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(heading, subHeading, description, displayList);
+    }
+}
diff --git a/...accelerator/consent/mgt/extensions/authorize/model/PopulateConsentAuthorizeScreenDTO.java b/...accelerator/consent/mgt/extensions/authorize/model/PopulateConsentAuthorizeScreenDTO.java
@@ -1,26 +1,12 @@
-/**
- * Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com).
- * <p>
- * WSO2 LLC. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
 package org.wso2.financial.services.accelerator.consent.mgt.extensions.authorize.model;
 
+import java.util.List;
+
 import javax.validation.Valid;
 
 /**
- * Wrapper for pre consent authorize flow external response data.
+ * Wrapper for pre-consent authorize flow external response data.
+ * Now includes display data for UI sections like blocked accounts.
  */
 public class PopulateConsentAuthorizeScreenDTO {
 
@@ -30,21 +16,30 @@ public class PopulateConsentAuthorizeScreenDTO {
     @Valid
     private ConsumerDataDTO consumerData;
 
+    @Valid
+    private List<AdditionalDisplayDataDTO> additionalDisplayData;
+
     public ConsentDataDTO getConsentData() {
         return consentData;
     }
 
-    public void setConsentData(
-            ConsentDataDTO consentData) {
+    public void setConsentData(ConsentDataDTO consentData) {
         this.consentData = consentData;
     }
 
     public ConsumerDataDTO getConsumerData() {
         return consumerData;
     }
 
-    public void setConsumerData(
-            ConsumerDataDTO consumerData) {
+    public void setConsumerData(ConsumerDataDTO consumerData) {
         this.consumerData = consumerData;
     }
+
+    public List<AdditionalDisplayDataDTO> getAdditionalDisplayData() {
+        return additionalDisplayData;
+    }
+
+    public void setAdditionalDisplayData(List<AdditionalDisplayDataDTO> additionalDisplayData) {
+        this.additionalDisplayData = additionalDisplayData;
+    }
 }
diff --git a/...services/accelerator/consent/mgt/extensions/authorize/util/ConsentAuthorizeConstants.java b/...services/accelerator/consent/mgt/extensions/authorize/util/ConsentAuthorizeConstants.java
@@ -52,6 +52,8 @@ public class ConsentAuthorizeConstants {
     public static final String HANDLE_ACCOUNT_SELECTION_SEPARATELY = "handleAccountSelectionSeparately";
     public static final String CONSUMER_ACCOUNTS = "consumerAccounts";
     public static final String UID = "uid";
+    public static final String ADDITIONAL_DISPLAY_DATA = "additionalDisplayData";
+    public static final String ADDITIONAL_DISPLAY_SECTION_TAG = "additionalSections";
 
     // For payload to persist authorized consent
     public static final String REQUEST_PARAMETERS = "requestParameters";