diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java
index 3d1a831a6c..5d7c314fd0 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java
+++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigFailureTest.java
@@ -120,4 +120,13 @@ public void testPatchCORSConfigsWithInvalidOperation() throws Exception {
         Response response = getResponseOfPatch(CORS_CONFIGS_API_BASE_PATH, body);
         validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003", "Unsupported patch operation");
     }
+
+    @Test
+    public void testUpdateSAMLInboundAuthConfigsWithEmptyDestinationUrls() throws IOException {
+
+        String body = readResource("update-saml-inbound-auth-configs-invalid.json");
+        Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body);
+        validateErrorResponse(response, HttpStatus.SC_BAD_REQUEST, "CNF-60003",
+                "One of the given inputs is invalid. Should contain at least one destination URL.");
+    }
 }
diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java
index 383f6ac283..9b25a1df33 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java
+++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigSuccessTest.java
@@ -20,6 +20,7 @@
 import io.restassured.response.Response;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpStatus;
+import org.junit.Assert;
 import org.testng.annotations.AfterClass;
 import org.testng.annotations.AfterMethod;
 import org.testng.annotations.BeforeClass;
@@ -28,9 +29,13 @@
 import org.testng.annotations.Factory;
 import org.testng.annotations.Test;
 import org.wso2.carbon.automation.engine.context.TestUserMode;
+import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
 
 import java.io.IOException;
+import java.util.Arrays;
+
+import javax.xml.xpath.XPathExpressionException;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.equalTo;
@@ -259,4 +264,88 @@ public void testPatchCORSConfigs() throws Exception {
                 .body("supportsCredentials", equalTo(false))
                 .body("maxAge", equalTo(3600));
     }
+
+    @Test
+    public void testGetSAMLInboundAuthConfigs() throws XPathExpressionException {
+
+        Response response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK)
+                .body("destinationURLs", notNullValue())
+                .body("metadataValidityPeriod", equalTo(60))
+                .body("enableMetadataSigning", equalTo(false))
+                .body("metadataEndpoint",
+                        MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())
+                                ? equalTo(SAML_METADATA_ENDPOINT_SUPER_TENANT)
+                                : equalTo(SAML_METADATA_ENDPOINT_TENANT));
+
+        String[] destinationUrls = response.jsonPath().getString("destinationURLs")
+                .replace("[", "").replace("]", "").split(",");
+        if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())) {
+            Assert.assertArrayEquals(new String[]{SAML_SSO_URL_SUPER_TENANT}, destinationUrls);
+        } else {
+            Assert.assertArrayEquals(new String[]{SAML_SSO_URL_TENANT}, destinationUrls);
+        }
+    }
+
+    @Test(dependsOnMethods = {"testGetSAMLInboundAuthConfigs"})
+    public void testUpdateSAMLInboundAuthConfigs() throws IOException {
+
+        String body = readResource("update-saml-inbound-auth-configs.json");
+        Response response = getResponseOfPatch(SAML_INBOUND_AUTH_CONFIG_API_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK);
+
+        response = getResponseOfGet(SAML_INBOUND_AUTH_CONFIG_API_PATH);
+
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK)
+                .body("destinationURLs", notNullValue())
+                .body("metadataValidityPeriod", equalTo(120))
+                .body("enableMetadataSigning", equalTo(true));
+
+        String[] destinationUrls = response.jsonPath().getString("destinationURLs")
+                .replace("[", "").replace("]", "").replace(" ", "").split(",");
+        Assert.assertEquals(2, destinationUrls.length);
+        Assert.assertTrue(Arrays.asList(destinationUrls).contains("https://localhost:9853/test/updated"));
+    }
+
+    @Test
+    public void testGetPassiveSTSInboundAuthConfigs() throws XPathExpressionException {
+
+        Response response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK)
+                .body("enableRequestSigning", equalTo(false))
+                .body("passiveSTSUrl",
+                        MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(context.getContextTenant().getDomain())
+                                ? equalTo(PASSIVE_STS_URL_SUPER_TENANT)
+                                : equalTo(PASSIVE_STS_URL_TENANT));
+    }
+
+    @Test(dependsOnMethods = {"testGetPassiveSTSInboundAuthConfigs"})
+    public void testUpdatePassiveSTSInboundAuthConfigs() throws IOException {
+
+        String body = readResource("update-passive-sts-inbound-auth-configs.json");
+        Response response = getResponseOfPatch(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH, body);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK);
+
+        response = getResponseOfGet(PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH);
+        response.then()
+                .log().ifValidationFails()
+                .assertThat()
+                .statusCode(HttpStatus.SC_OK)
+                .body("enableRequestSigning", equalTo(true));
+    }
 }
diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java
index f289c60a53..89b0090a25 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java
+++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/configs/v1/ConfigTestBase.java
@@ -40,6 +40,15 @@ public class ConfigTestBase extends RESTAPIServerTestBase {
     public static final String CONFIGS_INBOUND_SCIM_API_BASE_PATH = "/configs/provisioning/inbound/scim";
     public static final String CORS_CONFIGS_API_BASE_PATH = "/configs/cors";
     public static final String HOME_REALM_IDENTIFIERS_API_BASE_PATH = "/configs/home-realm-identifiers";
+    public static final String SAML_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/saml2";
+    public static final String PASSIVE_STS_INBOUND_AUTH_CONFIG_API_PATH = "/configs/authentication/inbound/passivests";
+    public static final String SAML_METADATA_ENDPOINT_SUPER_TENANT = "https://localhost:9853/identity/metadata/saml2";
+    public static final String SAML_METADATA_ENDPOINT_TENANT =
+            "https://localhost:9853/t/wso2.com/identity/metadata/saml2";
+    public static final String SAML_SSO_URL_SUPER_TENANT = "https://localhost:9853/samlsso";
+    public static final String SAML_SSO_URL_TENANT = "https://localhost:9853/t/wso2.com/samlsso";
+    public static final String PASSIVE_STS_URL_SUPER_TENANT = "https://localhost:9853/passivests";
+    public static final String PASSIVE_STS_URL_TENANT = "https://localhost:9853/t/wso2.com/passivests";
 
     public static final String PATH_SEPARATOR = "/";
     public static final String SAMPLE_AUTHENTICATOR_ID = "QmFzaWNBdXRoZW50aWNhdG9y";
diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json
new file mode 100644
index 0000000000..84313fa32b
--- /dev/null
+++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-passive-sts-inbound-auth-configs.json
@@ -0,0 +1,3 @@
+{
+  "enableRequestSigning": true
+}
diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json
new file mode 100644
index 0000000000..ead3cff9f4
--- /dev/null
+++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs-invalid.json
@@ -0,0 +1,5 @@
+{
+  "destinationURLs": [],
+  "metadataValidityPeriod": 120,
+  "enableMetadataSigning": true
+}
diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json
new file mode 100644
index 0000000000..1129e38f3c
--- /dev/null
+++ b/modules/integration/tests-integration/tests-backend/src/test/resources/org/wso2/identity/integration/test/rest/api/server/configs/v1/update-saml-inbound-auth-configs.json
@@ -0,0 +1,7 @@
+{
+  "destinationURLs": [
+    "https://localhost:9853/test/updated"
+  ],
+  "metadataValidityPeriod": 120,
+  "enableMetadataSigning": true
+}