diff --git a/modules/distribution/product/src/main/assembly/bin.xml b/modules/distribution/product/src/main/assembly/bin.xml
index 411ee6764b..97277ea1f6 100644
--- a/modules/distribution/product/src/main/assembly/bin.xml
+++ b/modules/distribution/product/src/main/assembly/bin.xml
@@ -552,6 +552,7 @@
                 <exclude>accountrecoveryendpoint/RecoveryEndpointConfig.properties</exclude>
                 <exclude>accountrecoveryendpoint/self-registration-complete.jsp</exclude>
                 <exclude>accountrecoveryendpoint/password-recovery.jsp</exclude>
+                <exclude>accountrecoveryendpoint/password-reset-complete.jsp</exclude>
                 <exclude>accountrecoveryendpoint/includes/header.jsp</exclude>
                 <exclude>accountrecoveryendpoint/includes/title.jsp</exclude>
                 <exclude>accountrecoveryendpoint/includes/product-footer.jsp</exclude>
@@ -586,6 +587,7 @@
             <includes>
                 <include>self-registration-complete.jsp</include>
                 <include>password-recovery.jsp</include>
+                <include>password-reset-complete.jsp</include>
                 <include>self-registration-username-request.jsp</include>
                 <include>self-registration-with-verification.jsp</include>
                 <include>error.jsp</include>
diff --git a/modules/distribution/product/src/main/assembly/filter.properties b/modules/distribution/product/src/main/assembly/filter.properties
index 830b26409c..fde43d419c 100644
--- a/modules/distribution/product/src/main/assembly/filter.properties
+++ b/modules/distribution/product/src/main/assembly/filter.properties
@@ -3,7 +3,7 @@ product.key=AM
 product.version=4.3.0
 product.wum.name=wso2am
 
-carbon.version=4.9.26.beta
+carbon.version=4.9.26
 am.version=4.3.0
 default.server.role=APIManager
 bundle.creators=org.wso2.carbon.mediator.bridge.MediatorBundleCreator
diff --git a/modules/distribution/product/src/main/conf/deployment.toml b/modules/distribution/product/src/main/conf/deployment.toml
index d507ec3cda..4d2abbd5a1 100755
--- a/modules/distribution/product/src/main/conf/deployment.toml
+++ b/modules/distribution/product/src/main/conf/deployment.toml
@@ -234,7 +234,7 @@ allow_credentials = false
 #enable_authentication = true
 
 #[apim.token.revocation]
-#notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl"
+#notifier_impl = "org.wso2.carbon.apimgt.notification.TokenRevocationNotifierImpl"
 #enable_realtime_notifier = true
 #realtime_notifier.ttl = 5000
 #enable_persistent_notifier = true
diff --git a/modules/distribution/product/src/main/extensions/password-reset-complete.jsp b/modules/distribution/product/src/main/extensions/password-reset-complete.jsp
new file mode 100644
index 0000000000..a1db711b94
--- /dev/null
+++ b/modules/distribution/product/src/main/extensions/password-reset-complete.jsp
@@ -0,0 +1,288 @@
+<%--
+  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+<%@ page import="org.apache.commons.lang.StringUtils" %>
+<%@ page import="org.wso2.carbon.core.SameSiteCookie" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.IdentityManagementEndpointConstants" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.IdentityManagementEndpointUtil" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.ApiException" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.api.NotificationApi" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.Error" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.Property" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.ResetPasswordRequest" %>
+<%@ page import="org.wso2.carbon.identity.core.util.IdentityTenantUtil" %>
+<%@ page import="java.io.File" %>
+<%@ page import="java.net.URISyntaxException" %>
+<%@ page import="java.net.URLEncoder" %>
+<%@ page import="java.util.ArrayList" %>
+<%@ page import="java.util.HashMap" %>
+<%@ page import="java.util.List" %>
+<%@ page import="java.util.Map" %>
+<%@ page import="javax.servlet.http.Cookie" %>
+<%@ page import="java.util.Base64" %>
+<%@ page import="org.wso2.carbon.core.util.SignatureUtil" %>
+<%@ page import="org.json.simple.JSONObject" %>
+<%@ page import="org.owasp.encoder.Encode" %>
+<%@ page import="org.wso2.carbon.identity.recovery.util.Utils" %>
+<%@ page import="org.apache.http.client.utils.URIBuilder" %>
+<%@ page import="java.net.URI" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.model.User" %>
+<%@ page import="org.wso2.carbon.identity.mgt.endpoint.util.client.PreferenceRetrievalClient" %>
+<%@ taglib prefix="layout" uri="org.wso2.identity.apps.taglibs.layout.controller" %>
+
+<jsp:directive.include file="includes/localize.jsp"/>
+<jsp:directive.include file="tenant-resolve.jsp"/>
+<jsp:directive.include file="includes/layout-resolver.jsp"/>
+
+<%
+    String ERROR_MESSAGE = "errorMsg";
+    String ERROR_CODE = "errorCode";
+    String PASSWORD_RESET_PAGE = "password-reset.jsp";
+    String AUTO_LOGIN_COOKIE_NAME = "ALOR";
+    String AUTO_LOGIN_FLOW_TYPE = "RECOVERY";
+    String AUTO_LOGIN_COOKIE_DOMAIN = "AutoLoginCookieDomain";
+    String RECOVERY_TYPE_INVITE = "invite";
+    String passwordHistoryErrorCode = "22001";
+    String passwordPatternErrorCode = "20035";
+    String confirmationKey =
+            IdentityManagementEndpointUtil.getStringValue(request.getSession().getAttribute("confirmationKey"));
+    String newPassword = request.getParameter("reset-password");
+    String callback = request.getParameter("callback");
+    String userStoreDomain = request.getParameter("userstoredomain");
+    String type = request.getParameter("type");
+    String username = null;
+    PreferenceRetrievalClient preferenceRetrievalClient = new PreferenceRetrievalClient();
+    Boolean isAutoLoginEnable = preferenceRetrievalClient.checkAutoLoginAfterPasswordRecoveryEnabled(tenantDomain);
+    String sessionDataKey = StringUtils.EMPTY;
+
+    if (StringUtils.isBlank(callback)) {
+        callback = IdentityManagementEndpointUtil.getUserPortalUrl(
+                application.getInitParameter(IdentityManagementEndpointConstants.ConfigConstants.USER_PORTAL_URL), tenantDomain);
+    }
+
+    if (StringUtils.isNotBlank(newPassword)) {
+        NotificationApi notificationApi = new NotificationApi();
+        ResetPasswordRequest resetPasswordRequest = new ResetPasswordRequest();
+        List<Property> properties = new ArrayList<Property>();
+        Property property = new Property();
+        property.setKey("callback");
+        property.setValue(URLEncoder.encode(callback, "UTF-8"));
+        properties.add(property);
+
+        Property tenantProperty = new Property();
+        tenantProperty.setKey(IdentityManagementEndpointConstants.TENANT_DOMAIN);
+        if (tenantDomain == null) {
+            tenantDomain = IdentityManagementEndpointConstants.SUPER_TENANT;
+        }
+        tenantProperty.setValue(URLEncoder.encode(tenantDomain, "UTF-8"));
+        properties.add(tenantProperty);
+
+        resetPasswordRequest.setKey(confirmationKey);
+        resetPasswordRequest.setPassword(newPassword);
+        resetPasswordRequest.setProperties(properties);
+
+        try {
+            User user = notificationApi.setUserPasswordPost(resetPasswordRequest);
+            username = user.getUsername();
+            userStoreDomain = user.getRealm();
+
+            if (isAutoLoginEnable) {
+                if (userStoreDomain != null) {
+                    username = userStoreDomain + "/" + username + "@" + tenantDomain;
+                }
+
+                String cookieDomain = application.getInitParameter(AUTO_LOGIN_COOKIE_DOMAIN);
+                JSONObject contentValueInJson = new JSONObject();
+                contentValueInJson.put("username", username);
+                contentValueInJson.put("createdTime", System.currentTimeMillis());
+                contentValueInJson.put("flowType", AUTO_LOGIN_FLOW_TYPE);
+                if (StringUtils.isNotBlank(cookieDomain)) {
+                    contentValueInJson.put("domain", cookieDomain);
+                }
+                String content = contentValueInJson.toString();
+
+                SignatureUtil.init();
+                JSONObject cookieValueInJson = new JSONObject();
+                cookieValueInJson.put("content", content);
+                String signature = Base64.getEncoder().encodeToString(SignatureUtil.doSignature(content));
+                cookieValueInJson.put("signature", signature);
+                String cookieValue = Base64.getEncoder().encodeToString(cookieValueInJson.toString().getBytes());
+
+                IdentityManagementEndpointUtil.setCookie(request, response, AUTO_LOGIN_COOKIE_NAME, cookieValue,
+                    300, SameSiteCookie.NONE, "/", cookieDomain);
+
+                if (callback.contains("?")) {
+                    String queryParams = callback.substring(callback.indexOf("?") + 1);
+                    String[] parameterList = queryParams.split("&");
+                    Map<String, String> queryMap = new HashMap<>();
+                    for (String param : parameterList) {
+                        String key = param.substring(0, param.indexOf("="));
+                        String value = param.substring(param.indexOf("=") + 1);
+                        queryMap.put(key, value);
+                    }
+                    sessionDataKey = queryMap.get("sessionDataKey");
+                }
+            }
+        } catch (ApiException e) {
+
+            Error error = IdentityManagementEndpointUtil.buildError(e);
+            IdentityManagementEndpointUtil.addErrorInformation(request, error);
+            if (error != null) {
+                request.setAttribute(ERROR_MESSAGE, error.getDescription());
+                request.setAttribute(ERROR_CODE, error.getCode());
+                if (passwordHistoryErrorCode.equals(error.getCode()) ||
+                        passwordPatternErrorCode.equals(error.getCode())) {
+                    String i18Resource = IdentityManagementEndpointUtil.i18n(recoveryResourceBundle, error.getCode());
+                    if (!i18Resource.equals(error.getCode())) {
+                        request.setAttribute(ERROR_MESSAGE, i18Resource);
+                    }
+                    request.setAttribute(IdentityManagementEndpointConstants.TENANT_DOMAIN, tenantDomain);
+                    request.setAttribute(IdentityManagementEndpointConstants.CALLBACK, callback);
+                    request.setAttribute("userstoredomain", userStoreDomain);
+                    request.getRequestDispatcher(PASSWORD_RESET_PAGE).forward(request, response);
+                    return;
+                }
+            }
+            request.getRequestDispatcher("error.jsp").forward(request, response);
+            return;
+        }
+
+    } else {
+        request.setAttribute("error", true);
+        request.setAttribute("errorMsg", IdentityManagementEndpointUtil.i18n(recoveryResourceBundle,
+                "Password.cannot.be.empty"));
+        request.setAttribute(IdentityManagementEndpointConstants.TENANT_DOMAIN, tenantDomain);
+        request.setAttribute(IdentityManagementEndpointConstants.CALLBACK, callback);
+        request.setAttribute("userstoredomain", userStoreDomain);
+        request.getRequestDispatcher("password-reset.jsp").forward(request, response);
+        return;
+    }
+
+    session.invalidate();
+%>
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+
+<%-- Data for the layout from the page --%>
+<%
+    layoutData.put("containerSize", "medium");
+%>
+
+<!doctype html>
+<html lang="en-US">
+<head>
+    <%
+        File headerFile = new File(getServletContext().getRealPath("extensions/header.jsp"));
+        if (headerFile.exists()) {
+    %>
+    <jsp:include page="extensions/header.jsp"/>
+    <% } else { %>
+    <jsp:include page="includes/header.jsp"/>
+    <% } %>
+</head>
+<body class="login-portal layout">
+    <% if (!RECOVERY_TYPE_INVITE.equalsIgnoreCase(type)) { %>
+        <div>
+            <form id="callbackForm" name="callbackForm" method="post" action="/commonauth">
+                <div>
+                    <input type="hidden" name="username" value="<%=Encode.forHtmlAttribute(username)%>"/>
+                </div>
+                <div>
+                    <input type="hidden" name="sessionDataKey" value="<%=Encode.forHtmlAttribute(sessionDataKey)%>"/>
+                </div>
+            </form>
+        </div>
+    <% } %>
+
+    <layout:main layoutName="<%= layout %>" layoutFileRelativePath="<%= layoutFileRelativePath %>" data="<%= layoutData %>" >
+        <layout:component componentName="ProductHeader" >
+            <!-- product-title -->
+            <% if (RECOVERY_TYPE_INVITE.equalsIgnoreCase(type)) {
+                File productTitleFile = new File(getServletContext().getRealPath("extensions/product-title.jsp"));
+                if (productTitleFile.exists()) {
+                %>
+                <jsp:include page="extensions/product-title.jsp"/>
+                <%  } else { %>
+                <jsp:include page="includes/product-title.jsp"/>
+                <% }
+            } %>
+        </layout:component>
+        <layout:component componentName="MainSection" >
+        <% if (RECOVERY_TYPE_INVITE.equalsIgnoreCase(type)) { %>
+            <div class="ui green segment mt-3 attached">
+                <h3 class="ui header text-center slogan-message mt-4 mb-6" data-testid="password-reset-complete-page-header">
+                    Password Set Sucessfully
+                </h3>
+                <p style="padding-right: 90px; padding-left: 90px">
+                    You have successfully set a password for your account <b><%=username%></b>.
+                </p>
+            </div>
+        <% } %>
+        </layout:component>
+        <layout:component componentName="ProductFooter" >
+            <!-- product-footer -->
+            <% if (RECOVERY_TYPE_INVITE.equalsIgnoreCase(type)) {
+                File productFooterFile = new File(getServletContext().getRealPath("extensions/product-footer.jsp"));
+                if (productFooterFile.exists()) {
+                %>
+                <jsp:include page="extensions/product-footer.jsp"/>
+                <% } else { %>
+                <jsp:include page="includes/product-footer.jsp"/>
+                <% }
+            } %>
+        </layout:component>
+    </layout:main>
+
+    <%-- footer --%>
+    <%
+        File footerFile = new File(getServletContext().getRealPath("extensions/footer.jsp"));
+        if (footerFile.exists()) {
+    %>
+    <jsp:include page="extensions/footer.jsp"/>
+    <% } else { %>
+    <jsp:include page="includes/footer.jsp"/>
+    <% } %>
+
+    <script type="application/javascript">
+        $(document).ready(function () {
+            <%
+                try {
+                    if (!RECOVERY_TYPE_INVITE.equalsIgnoreCase(type)) {
+                        if (isAutoLoginEnable && StringUtils.isNotBlank(sessionDataKey) && (StringUtils.isNotBlank(username))) {
+                            %>
+                            document.callbackForm.submit();
+                            <%
+                        } else {
+                            URIBuilder callbackUrlBuilder = new
+                                    URIBuilder(IdentityManagementEndpointUtil.encodeURL(callback));
+                            URI callbackUri = callbackUrlBuilder.addParameter("passwordReset", "true").build();
+                            %>
+                            location.href = "<%=callbackUri.toString()%>";
+                            <%
+                        }
+                    }
+                } catch (URISyntaxException e) {
+                    request.setAttribute("error", true);
+                    request.setAttribute("errorMsg", "Invalid callback URL found in the request.");
+                    request.getRequestDispatcher("error.jsp").forward(request, response);
+                    return;
+            }
+    %>
+
+        });
+    </script>
+</body>
+</html>
diff --git a/modules/distribution/product/src/main/extensions/product-title.jsp b/modules/distribution/product/src/main/extensions/product-title.jsp
index 1d3a59ef0f..821088fcbf 100644
--- a/modules/distribution/product/src/main/extensions/product-title.jsp
+++ b/modules/distribution/product/src/main/extensions/product-title.jsp
@@ -22,7 +22,7 @@
 
 <% if ("API Manager".equals(request.getAttribute("headerTitle"))) { %>
 <div class="product-title">
-    <div class="theme-icon inline auto transparent product-logo" style="margin:1em 0 1em;">
+    <div class="theme-icon inline auto transparent product-logo" style="margin: 0;">
       <svg viewBox="29 -6.639 72 27.639">
             <circle fill="#F47B20" cx="82.076" cy="4.192" r="8.691"></circle>
             <path fill="#FFF" d="M90.804 3.776l-.01-.115h-3.375l-.035.063c-.402.711-.798 1.425-1.193 2.14l-.348.626c-.601-1.454-1.198-2.908-1.795-4.363-.63-1.535-1.26-3.07-1.895-4.603l-.11-.266-.119.262A631.674 631.674 0 0080.565.541a479.296 479.296 0 01-1.905 4.212c-.897-.008-1.794-.007-2.695-.006-.823.001-1.648.002-2.475-.004l-.128-.001.002.128c.004.278.044.554.083.821l.021.148h.108c1.432-.002 2.863-.002 4.293-.001h1.512l.034-.073c.44-.972.878-1.947 1.316-2.921.421-.938.842-1.875 1.267-2.811.643 1.552 1.279 3.106 1.917 4.661.558 1.359 1.115 2.719 1.677 4.077l.098.237.127-.224c.576-1.025 1.147-2.054 1.719-3.082l.528-.951h2.74l.01-.115c.02-.253.017-.527-.01-.86z"></path>
diff --git a/modules/distribution/product/src/main/resources/conf/default.json b/modules/distribution/product/src/main/resources/conf/default.json
index 50c511df3f..2904e4256d 100644
--- a/modules/distribution/product/src/main/resources/conf/default.json
+++ b/modules/distribution/product/src/main/resources/conf/default.json
@@ -482,6 +482,7 @@
   "apim.jwt.use_kid_property": true,
   "apim.jwt.use_sha256_hash": false,
   "server_configuration": {
+    "diagnostic_tool_enabled": "true",
     "deployment_toml_path": "../conf/deployment.toml",
     "logs_directory": "../repository/logs",
     "updates_config_path": "../updates/config.json",
@@ -494,14 +495,14 @@
   "cpu_watcher": {
     "enabled": "true",
     "threshold": "80",
-    "retry_count": "2",
+    "attempts": "2",
     "interval": "5",
     "action_executors": "ThreadDumper,MetricsSnapshot,ServerInfo"
   },
   "memory_watcher": {
     "enabled": "true",
     "threshold": "80",
-    "retry_count": "2",
+    "attempts": "2",
     "interval": "5",
     "action_executors": "ThreadDumper,MetricsSnapshot,ServerInfo"
   },
diff --git a/modules/distribution/product/src/main/resources/conf/templates/diagnostics-tool/conf/config.toml.j2 b/modules/distribution/product/src/main/resources/conf/templates/diagnostics-tool/conf/config.toml.j2
index 65994e110d..14424d4964 100644
--- a/modules/distribution/product/src/main/resources/conf/templates/diagnostics-tool/conf/config.toml.j2
+++ b/modules/distribution/product/src/main/resources/conf/templates/diagnostics-tool/conf/config.toml.j2
@@ -26,6 +26,7 @@
 
 # Server Configurations
 [server_configuration]
+diagnostic_tool_enabled = "{{server_configuration.diagnostic_tool_enabled}}"
 deployment_toml_path = "{{server_configuration.deployment_toml_path}}"
 logs_directory = "{{server_configuration.logs_directory}}"
 updates_config_path = "{{server_configuration.updates_config_path}}"
@@ -73,14 +74,14 @@ executor = "{{action.executor}}"
 [cpu_watcher]
 enabled = "{{cpu_watcher.enabled}}"
 threshold = "{{cpu_watcher.threshold}}"
-retry_count = "{{cpu_watcher.retry_count}}"
+attempts = "{{cpu_watcher.attempts}}"
 interval = "{{cpu_watcher.interval}}"
 action_executors = "{{cpu_watcher.action_executors}}"
 
 [memory_watcher]
 enabled = "{{memory_watcher.enabled}}"
 threshold = "{{memory_watcher.threshold}}"
-retry_count = "{{memory_watcher.retry_count}}"
+attempts = "{{memory_watcher.attempts}}"
 interval = "{{memory_watcher.interval}}"
 action_executors = "{{memory_watcher.action_executors}}"
 
diff --git a/modules/distribution/product/src/main/startup-scripts/fips.bat b/modules/distribution/product/src/main/startup-scripts/fips.bat
index c9ba6067e7..0087583c90 100644
--- a/modules/distribution/product/src/main/startup-scripts/fips.bat
+++ b/modules/distribution/product/src/main/startup-scripts/fips.bat
@@ -118,8 +118,6 @@ if not exist "%CARBON_HOME%\repository\components\plugins\bcpkix-jdk*.jar" (
     ) else ( echo "Required bcpkix jar is not available in %homeDir%/.wso2-bc/backup. Download the jar from maven central repository." )
 )
 
-echo "bcprov_text %bcprov_text%"
-echo "bcpkix_text %bcpkix_text%"
 findstr /c:%bcprov_text% %api_publisher_bundles_info% > nul
 if %errorlevel%==1 (
     set server_restart_required=true
@@ -370,9 +368,6 @@ if not exist "%CARBON_HOME%\repository\components\lib\bcpkix-fips*.jar" (
 set bcprov_text=%bcprov_jar%,%bcprov_version%,../plugins/%bcprov_jar%_%bcprov_version%.jar,4,true
 set bcpkix_text=%bcpkix_jar%,%bcpkix_version%,../plugins/%bcpkix_jar%_%bcpkix_version%.jar,4,true
 
-echo "bcprov_text %bcprov_text%"
-echo "bcpkix_text %bcpkix_text%"
-
 set api_publisher_temp_file=%CARBON_HOME%\repository\components\api-publisher-deprecated\configuration\org.eclipse.equinox.simpleconfigurator\api_publisher_temp.info
 findstr /v /c:%bcprov_text% /c:%bcpkix_text% %api_publisher_bundles_info% > !api_publisher_temp_file!
 move /y !api_publisher_temp_file! %api_publisher_bundles_info% > nul
diff --git a/modules/distribution/resources/operation_policies/specifications/backEndJWT_v1.json b/modules/distribution/resources/operation_policies/specifications/backEndJWT_v1.json
new file mode 100644
index 0000000000..6991499332
--- /dev/null
+++ b/modules/distribution/resources/operation_policies/specifications/backEndJWT_v1.json
@@ -0,0 +1,54 @@
+{
+  "category": "Mediation",
+  "name": "BackEndJWT",
+  "version": "v1",
+  "displayName": "Backend JWT",
+  "description": "This policy allows you to enable backend jwt",
+  "policyAttributes": [
+    {
+      "name": "encoding",
+      "displayName": "Encoding",
+      "description": "Encoding of the JWT token",
+      "validationRegex": "^.+$",
+      "type": "Enum",
+      "allowedValues" : ["Base64","Base64Url"],
+      "required": true
+    },
+    {
+      "name": "header",
+      "displayName": "Header Name",
+      "description": "Header of the JWT token",
+      "validationRegex": "^.+$",
+      "type": "Enum",
+      "allowedValues" : ["SHA256withRSA","NONE"],
+      "required": true
+    },
+    {
+      "name": "signingAlgorithm",
+      "displayName": "Signing Algorithm",
+      "description": "Signing algorithm of the JWT token",
+      "validationRegex": "^.+$",
+      "type": "String",
+      "defaultValue": "X-JWT-Assertion",
+      "required": true
+    },
+    {
+      "name": "tokenTTL",
+      "displayName": "Token TTL",
+      "description": "TokenTTL time to live for the backend JWT token in seconds",
+      "validationRegex": "^.+$",
+      "type": "Integer",
+      "defaultValue": 3600,
+      "required": true
+    }
+  ],
+  "applicableFlows": [
+    "request"
+  ],
+  "supportedGateways": [
+    "ChoreoConnect"
+  ],
+  "supportedApiTypes": [
+    "HTTP"
+  ]
+}
diff --git a/modules/p2-profile/product/carbon.product b/modules/p2-profile/product/carbon.product
index 2d83b07a6e..4fd6ada531 100644
--- a/modules/p2-profile/product/carbon.product
+++ b/modules/p2-profile/product/carbon.product
@@ -2,7 +2,7 @@
 <?pde version="3.5"?>
 
 <product name="Carbon Product" uid="carbon.product.id" id="carbon.product" application="carbon.application"
-version="4.9.26.beta" useFeatures="true" includeLaunchers="true">
+version="4.9.26" useFeatures="true" includeLaunchers="true">
 
    <configIni use="default">
    </configIni>
@@ -14,7 +14,7 @@ version="4.9.26.beta" useFeatures="true" includeLaunchers="true">
    </plugins>
 
    <features>
-      <feature id="org.wso2.carbon.core.runtime" version="4.9.26.beta"/>
+      <feature id="org.wso2.carbon.core.runtime" version="4.9.26"/>
    </features>
 
   <configurations>
diff --git a/pom.xml b/pom.xml
index 2847ba4f27..e430a834c5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1284,10 +1284,10 @@
         <carbon.analytics.common.version>5.3.11</carbon.analytics.common.version>
 
         <!-- APIM Portals Component Version -->
-        <carbon.apimgt.ui.version>9.1.47</carbon.apimgt.ui.version>
+        <carbon.apimgt.ui.version>9.1.69</carbon.apimgt.ui.version>
 
         <!-- APIM Component Version -->
-        <carbon.apimgt.version>9.29.95</carbon.apimgt.version>
+        <carbon.apimgt.version>9.29.116</carbon.apimgt.version>
 
         <carbon.apimgt.imp.pkg.version>[9.0.0, 10.0.0)</carbon.apimgt.imp.pkg.version>
 
@@ -1300,23 +1300,23 @@
         <carbon.governance.version>4.8.33</carbon.governance.version>
 
         <!--carbon versions-->
-        <carbon.kernel.version>4.9.26-beta</carbon.kernel.version>
+        <carbon.kernel.version>4.9.26</carbon.kernel.version>
         <apimserver.version>4.3.0-SNAPSHOT</apimserver.version>
 
         <cipher.tool.version>1.1.23</cipher.tool.version>
 
-        <carbon.commons.version>4.9.10</carbon.commons.version>
+        <carbon.commons.version>4.9.11</carbon.commons.version>
         <carbon.kernel.imp.pkg.version>[4.5.0, 5.0.0)</carbon.kernel.imp.pkg.version>
 
         <!-- carbon mediation -->
-        <carbon.mediation.version>4.7.202</carbon.mediation.version>
+        <carbon.mediation.version>4.7.203</carbon.mediation.version>
 
         <!-- carbon identity -->
-        <carbon.identity.version>5.25.701</carbon.identity.version>
+        <carbon.identity.version>5.25.705</carbon.identity.version>
         <carbon.identity.governance.version>1.8.107</carbon.identity.governance.version>
         <carbon.identity.event.handler.account.lock.version>1.8.14</carbon.identity.event.handler.account.lock.version>
         <carbon.identity.event.handler.notification.version>1.7.33</carbon.identity.event.handler.notification.version>
-        <carbon.identity-inbound-auth-oauth.version>6.13.14</carbon.identity-inbound-auth-oauth.version>
+        <carbon.identity-inbound-auth-oauth.version>6.13.16</carbon.identity-inbound-auth-oauth.version>
         <carbon.identity-data-publisher-oauth.version>1.6.10</carbon.identity-data-publisher-oauth.version>
         <carbon.identity-user-ws.version>5.7.5</carbon.identity-user-ws.version>
         <carbon.identity-inbound-auth-openid.version>5.9.9</carbon.identity-inbound-auth-openid.version>
@@ -1339,7 +1339,7 @@
         <carbon.deployment.version>4.11.14</carbon.deployment.version>
 
         <!-- Carbon Multitenancy version-->
-        <carbon.multitenancy.version>4.9.26</carbon.multitenancy.version>
+        <carbon.multitenancy.version>4.9.27</carbon.multitenancy.version>
 
         <siddhi.version>3.2.13</siddhi.version>
 
@@ -1353,7 +1353,7 @@
         <opencsv.version>1.8</opencsv.version>
         <poi.version>3.0-FINAL</poi.version>
         <woden.version>1.0.0.M8-wso2v1</woden.version>
-        <synapse.version>4.0.0-wso2v103</synapse.version>
+        <synapse.version>4.0.0-wso2v104</synapse.version>
         <passthru.transport.patch.version>1.0.2</passthru.transport.patch.version>
         <axis2.wso2.version>1.6.1-wso2v98</axis2.wso2.version>
         <axiom.wso2.version>1.2.11-wso2v29</axiom.wso2.version>
@@ -1461,7 +1461,7 @@
         <config.mapper.version>1.0.24</config.mapper.version>
 
         <!-- Diagnostic Tool Dependencies -->
-        <diagnostics.tool.version>1.0.14</diagnostics.tool.version>
+        <diagnostics.tool.version>1.0.16</diagnostics.tool.version>
 
         <!-- Authenticator Properties -->
         <identity.outbound.auth.oidc.version>5.11.34</identity.outbound.auth.oidc.version>
@@ -1473,10 +1473,10 @@
 
         <!-- WSDL4J dependencies -->
         <wsdl4j.version>1.6.3.wso2v3</wsdl4j.version>
-        <wso2is.km.version>1.7.7</wso2is.km.version>
-        <wso2is7.km.version>2.0.1</wso2is7.km.version>
+        <wso2is.km.version>1.7.8</wso2is.km.version>
+        <wso2is7.km.version>2.0.2</wso2is7.km.version>
         <okta.keymanager.feature.version>3.2.1</okta.keymanager.feature.version>
-        <azure.keymanager.feature.version>1.0.8</azure.keymanager.feature.version>
+        <azure.keymanager.feature.version>1.0.9</azure.keymanager.feature.version>
         <keycloak.keymanager.feature.version>2.1.1</keycloak.keymanager.feature.version>
         <auth0.keymanager.feature.version>1.0.7</auth0.keymanager.feature.version>
         <pingfederate.keymanager.feature.version>1.0.7</pingfederate.keymanager.feature.version>