diff --git a/adapter/api/proto/wso2/discovery/api/ai_provider.proto b/adapter/api/proto/wso2/discovery/api/ai_provider.proto
new file mode 100644
index 000000000..1a8d018fa
--- /dev/null
+++ b/adapter/api/proto/wso2/discovery/api/ai_provider.proto
@@ -0,0 +1,45 @@
+//  Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved.
+//
+//  WSO2 LLC. licenses this file to you under the Apache License,
+//  Version 2.0 (the "License"); you may not use this file except
+//  in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing,
+//  software distributed under the License is distributed on an
+//  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+//  KIND, either express or implied.  See the License for the
+//  specific language governing permissions and limitations
+//  under the License.
+
+syntax = "proto3";
+
+package wso2.discovery.api;
+
+
+option go_package = "github.com/envoyproxy/go-control-plane/wso2/discovery/api;api";
+option java_package = "org.wso2.apk.enforcer.discovery.api";
+option java_outer_classname = "AIProviderProto";
+option java_multiple_files = true;
+
+// [#protodoc-title: AIProvider]
+
+// Holds AIProvider configs
+message AIProvider {
+    string providerName = 1;
+	string providerAPIVersion = 2;
+    string organization = 3;
+    ValueDetails model = 4;
+    ValueDetails promptTokens = 5;
+    ValueDetails completionToken = 6;
+    ValueDetails totalToken = 7;
+    bool enabled = 8;
+}
+
+// Holds ValueDetails configs
+message ValueDetails {
+    string in = 1;
+    string value = 2;
+}
diff --git a/adapter/api/proto/wso2/discovery/api/api.proto b/adapter/api/proto/wso2/discovery/api/api.proto
index 8ce3fc9fd..53842ee71 100644
--- a/adapter/api/proto/wso2/discovery/api/api.proto
+++ b/adapter/api/proto/wso2/discovery/api/api.proto
@@ -24,6 +24,7 @@ import "wso2/discovery/api/BackendJWTTokenInfo.proto";
 import "wso2/discovery/api/endpoint_cluster.proto";
 import "wso2/discovery/api/security_info.proto";
 import "wso2/discovery/api/graphql.proto";
+import "wso2/discovery/api/ai_provider.proto";
 
 option go_package = "github.com/envoyproxy/go-control-plane/wso2/discovery/api;api";
 option java_package = "org.wso2.apk.enforcer.discovery.api";
@@ -61,4 +62,5 @@ message Api {
 	bool subscriptionValidation = 28;
 	EndpointCluster endpoints = 29;
 	repeated SecurityInfo endpointSecurity = 30;
+	AIProvider aiprovider = 31;
 }
diff --git a/adapter/internal/oasparser/config_generator.go b/adapter/internal/oasparser/config_generator.go
index 41417d8b4..df33b61ae 100644
--- a/adapter/internal/oasparser/config_generator.go
+++ b/adapter/internal/oasparser/config_generator.go
@@ -181,6 +181,38 @@ func GetEnforcerAPI(adapterInternalAPI *model.AdapterInternalAPI, vhost string)
 		}
 	}
 
+	var aiProvider *api.AIProvider
+
+	aiProviderFromInternalAPI := adapterInternalAPI.GetAIProvider()
+	logger.LoggerOasparser.Debugf("Before Internal AI Provider: %+v", aiProviderFromInternalAPI)
+
+	if aiProviderFromInternalAPI.Enabled {
+		aiProvider = &api.AIProvider{
+			Enabled:            aiProviderFromInternalAPI.Enabled,
+			ProviderName:       aiProviderFromInternalAPI.ProviderName,
+			ProviderAPIVersion: aiProviderFromInternalAPI.ProviderAPIVersion,
+			Organization:       aiProviderFromInternalAPI.Organization,
+			Model: &api.ValueDetails{
+				In:    aiProviderFromInternalAPI.Model.In,
+				Value: aiProviderFromInternalAPI.Model.Value,
+			},
+			PromptTokens: &api.ValueDetails{
+				In:    aiProviderFromInternalAPI.PromptTokens.In,
+				Value: aiProviderFromInternalAPI.PromptTokens.Value,
+			},
+			CompletionToken: &api.ValueDetails{
+				In:    aiProviderFromInternalAPI.CompletionToken.In,
+				Value: aiProviderFromInternalAPI.CompletionToken.Value,
+			},
+			TotalToken: &api.ValueDetails{
+				In:    aiProviderFromInternalAPI.TotalToken.In,
+				Value: aiProviderFromInternalAPI.TotalToken.Value,
+			},
+		}
+	}
+
+	logger.LoggerOasparser.Debugf("After Conversion AI Provider: %+v", aiProvider)
+
 	return &api.Api{
 		Id:                     adapterInternalAPI.UUID,
 		Title:                  adapterInternalAPI.GetTitle(),
@@ -209,6 +241,12 @@ func GetEnforcerAPI(adapterInternalAPI *model.AdapterInternalAPI, vhost string)
 		ApiDefinitionFile:      adapterInternalAPI.GetAPIDefinitionFile(),
 		Environment:            adapterInternalAPI.GetEnvironment(),
 		SubscriptionValidation: adapterInternalAPI.GetSubscriptionValidation(),
+		Aiprovider: func() *api.AIProvider {
+			if aiProvider != nil && aiProvider.Enabled {
+				return aiProvider
+			}
+			return nil
+		}(),
 	}
 }
 
diff --git a/adapter/internal/oasparser/model/adapter_internal_api.go b/adapter/internal/oasparser/model/adapter_internal_api.go
index 061f6c27e..a18267d16 100644
--- a/adapter/internal/oasparser/model/adapter_internal_api.go
+++ b/adapter/internal/oasparser/model/adapter_internal_api.go
@@ -80,6 +80,7 @@ type AdapterInternalAPI struct {
 	environment      string
 	Endpoints        *EndpointCluster
 	EndpointSecurity []*EndpointSecurity
+	AIProvider       InternalAIProvider
 }
 
 // BackendJWTTokenInfo represents the object structure holding the information related to the JWT Generator
@@ -92,6 +93,24 @@ type BackendJWTTokenInfo struct {
 	CustomClaims     []ClaimMapping
 }
 
+// InternalAIProvider represents the object structure holding the information related to the AI Provider
+type InternalAIProvider struct {
+	Enabled            bool
+	ProviderName       string
+	ProviderAPIVersion string
+	Organization       string
+	Model              ValueDetails
+	PromptTokens       ValueDetails
+	CompletionToken    ValueDetails
+	TotalToken         ValueDetails
+}
+
+// ValueDetails defines the value details
+type ValueDetails struct {
+	In    string `json:"in"`
+	Value string `json:"value"`
+}
+
 // ClaimMapping represents the object structure holding the information related to the JWT Generator Claims
 type ClaimMapping struct {
 	Claim string
@@ -426,6 +445,37 @@ func (adapterInternalAPI *AdapterInternalAPI) GetEnvironment() string {
 	return adapterInternalAPI.environment
 }
 
+// SetAIProvider sets the AIProvider of the API.
+func (adapterInternalAPI *AdapterInternalAPI) SetAIProvider(aiProvider dpv1alpha3.AIProvider) {
+	adapterInternalAPI.AIProvider = InternalAIProvider{
+		Enabled:            true,
+		ProviderName:       aiProvider.Spec.ProviderName,
+		ProviderAPIVersion: aiProvider.Spec.ProviderAPIVersion,
+		Organization:       aiProvider.Spec.Organization,
+		Model: ValueDetails{
+			In:    aiProvider.Spec.Model.In,
+			Value: aiProvider.Spec.Model.Value,
+		},
+		PromptTokens: ValueDetails{
+			In:    aiProvider.Spec.RateLimitFields.PromptTokens.In,
+			Value: aiProvider.Spec.RateLimitFields.PromptTokens.Value,
+		},
+		CompletionToken: ValueDetails{
+			In:    aiProvider.Spec.RateLimitFields.CompletionToken.In,
+			Value: aiProvider.Spec.RateLimitFields.CompletionToken.Value,
+		},
+		TotalToken: ValueDetails{
+			In:    aiProvider.Spec.RateLimitFields.TotalToken.In,
+			Value: aiProvider.Spec.RateLimitFields.TotalToken.Value,
+		},
+	}
+}
+
+// GetAIProvider returns the AIProvider of the API
+func (adapterInternalAPI *AdapterInternalAPI) GetAIProvider() InternalAIProvider {
+	return adapterInternalAPI.AIProvider
+}
+
 // Validate method confirms that the adapterInternalAPI has all required fields in the required format.
 // This needs to be checked prior to generate router/enforcer related resources.
 func (adapterInternalAPI *AdapterInternalAPI) Validate() error {
@@ -460,7 +510,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 	if outputAuthScheme != nil {
 		authScheme = *outputAuthScheme
 	}
-	var apiPolicy *dpv1alpha2.APIPolicy
+	var apiPolicy *dpv1alpha3.APIPolicy
 	if outputAPIPolicy != nil {
 		apiPolicy = *outputAPIPolicy
 	}
@@ -925,6 +975,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 		}.String()].Spec
 		adapterInternalAPI.backendJWTTokenInfo = parseBackendJWTTokenToInternal(backendJWTPolicy)
 	}
+
 	return nil
 }
 
@@ -943,7 +994,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoGQLRouteCR(gqlRoute *dpv1al
 	if outputAuthScheme != nil {
 		authScheme = *outputAuthScheme
 	}
-	var apiPolicy *dpv1alpha2.APIPolicy
+	var apiPolicy *dpv1alpha3.APIPolicy
 	if outputAPIPolicy != nil {
 		apiPolicy = *outputAPIPolicy
 	}
diff --git a/adapter/internal/oasparser/model/http_route.go b/adapter/internal/oasparser/model/http_route.go
index 71ad97b12..b6db96f7e 100644
--- a/adapter/internal/oasparser/model/http_route.go
+++ b/adapter/internal/oasparser/model/http_route.go
@@ -33,8 +33,8 @@ import (
 type ResourceParams struct {
 	AuthSchemes               map[string]dpv1alpha2.Authentication
 	ResourceAuthSchemes       map[string]dpv1alpha2.Authentication
-	APIPolicies               map[string]dpv1alpha2.APIPolicy
-	ResourceAPIPolicies       map[string]dpv1alpha2.APIPolicy
+	APIPolicies               map[string]dpv1alpha3.APIPolicy
+	ResourceAPIPolicies       map[string]dpv1alpha3.APIPolicy
 	InterceptorServiceMapping map[string]dpv1alpha1.InterceptorService
 	BackendJWTMapping         map[string]dpv1alpha1.BackendJWT
 	BackendMapping            map[string]*dpv1alpha2.ResolvedBackend
@@ -69,7 +69,7 @@ func parseBackendJWTTokenToInternal(backendJWTToken dpv1alpha1.BackendJWTSpec) *
 	return backendJWTTokenInternal
 }
 
-func getCorsConfigFromAPIPolicy(apiPolicy *dpv1alpha2.APIPolicy) *CorsConfig {
+func getCorsConfigFromAPIPolicy(apiPolicy *dpv1alpha3.APIPolicy) *CorsConfig {
 	globalCorsConfig := config.ReadConfigs().Enforcer.Cors
 
 	var corsConfig = CorsConfig{
@@ -111,7 +111,7 @@ func parseRateLimitPolicyToInternal(ratelimitPolicy *dpv1alpha3.RateLimitPolicy)
 }
 
 // addOperationLevelInterceptors add the operation level interceptor policy to the policies
-func addOperationLevelInterceptors(policies *OperationPolicies, apiPolicy *dpv1alpha2.APIPolicy,
+func addOperationLevelInterceptors(policies *OperationPolicies, apiPolicy *dpv1alpha3.APIPolicy,
 	interceptorServicesMapping map[string]dpv1alpha1.InterceptorService,
 	backendMapping map[string]*dpv1alpha2.ResolvedBackend, namespace string) {
 	if apiPolicy != nil && apiPolicy.Spec.Override != nil {
@@ -204,8 +204,8 @@ func concatRateLimitPolicies(schemeUp *dpv1alpha3.RateLimitPolicy, schemeDown *d
 	return &finalRateLimit
 }
 
-func concatAPIPolicies(schemeUp *dpv1alpha2.APIPolicy, schemeDown *dpv1alpha2.APIPolicy) *dpv1alpha2.APIPolicy {
-	apiPolicy := dpv1alpha2.APIPolicy{}
+func concatAPIPolicies(schemeUp *dpv1alpha3.APIPolicy, schemeDown *dpv1alpha3.APIPolicy) *dpv1alpha3.APIPolicy {
+	apiPolicy := dpv1alpha3.APIPolicy{}
 	if schemeUp != nil && schemeDown != nil {
 		apiPolicy.Spec.Override = utils.SelectPolicy(&schemeUp.Spec.Override, &schemeUp.Spec.Default, &schemeDown.Spec.Override, &schemeDown.Spec.Default)
 	} else if schemeUp != nil {
diff --git a/adapter/internal/oasparser/model/http_route_test.go b/adapter/internal/oasparser/model/http_route_test.go
index b17fd72c8..060919c10 100644
--- a/adapter/internal/oasparser/model/http_route_test.go
+++ b/adapter/internal/oasparser/model/http_route_test.go
@@ -21,7 +21,6 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	dpv1alpha2 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha2"
 	dpv1alpha3 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3"
 )
 
@@ -199,35 +198,35 @@ func TestConcatRateLimitPolicies(t *testing.T) {
 func TestConcatAPIPolicies(t *testing.T) {
 
 	type testItem struct {
-		schemeUpSpec   dpv1alpha2.APIPolicySpec
-		schemeDownSpec dpv1alpha2.APIPolicySpec
-		result         dpv1alpha2.APIPolicySpec
+		schemeUpSpec   dpv1alpha3.APIPolicySpec
+		schemeDownSpec dpv1alpha3.APIPolicySpec
+		result         dpv1alpha3.APIPolicySpec
 		message        string
 	}
 
-	schemeUp := &dpv1alpha2.APIPolicy{}
-	schemeDown := &dpv1alpha2.APIPolicy{}
-	resultScheme := &dpv1alpha2.APIPolicy{}
+	schemeUp := &dpv1alpha3.APIPolicy{}
+	schemeDown := &dpv1alpha3.APIPolicy{}
+	resultScheme := &dpv1alpha3.APIPolicy{}
 
 	dataItems := []testItem{
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
 			},
-			schemeDownSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeDownSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i2"},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
@@ -235,23 +234,23 @@ func TestConcatAPIPolicies(t *testing.T) {
 			message: "only schemeUp override policies should be provided",
 		},
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Default: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Default: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
 			},
-			schemeDownSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeDownSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i2"},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i2"},
 					},
 				},
@@ -259,23 +258,23 @@ func TestConcatAPIPolicies(t *testing.T) {
 			message: "only schemeDown override policies should be provided",
 		},
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Default: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Default: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
 			},
-			schemeDownSpec: dpv1alpha2.APIPolicySpec{
-				Default: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeDownSpec: dpv1alpha3.APIPolicySpec{
+				Default: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i2"},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i2"},
 					},
 				},
@@ -283,16 +282,16 @@ func TestConcatAPIPolicies(t *testing.T) {
 			message: "only schemeDown default policies should be provided",
 		},
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
@@ -300,16 +299,16 @@ func TestConcatAPIPolicies(t *testing.T) {
 			message: "only schemeUp override policies is provided",
 		},
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Default: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Default: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{Name: "i1"},
 					},
 				},
@@ -317,39 +316,39 @@ func TestConcatAPIPolicies(t *testing.T) {
 			message: "only schemeUp default policies is provided",
 		},
 		{
-			schemeUpSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeUpSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{
 							Name: "up-request-interceptor",
 						},
 					},
 				},
 			},
-			schemeDownSpec: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			schemeDownSpec: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{
 							Name: "down-request-interceptor",
 						},
 					},
 				},
-				Default: &dpv1alpha2.PolicySpec{
-					ResponseInterceptors: []dpv1alpha2.InterceptorReference{
+				Default: &dpv1alpha3.PolicySpec{
+					ResponseInterceptors: []dpv1alpha3.InterceptorReference{
 						{
 							Name: "down-response-interceptor",
 						},
 					},
 				},
 			},
-			result: dpv1alpha2.APIPolicySpec{
-				Override: &dpv1alpha2.PolicySpec{
-					RequestInterceptors: []dpv1alpha2.InterceptorReference{
+			result: dpv1alpha3.APIPolicySpec{
+				Override: &dpv1alpha3.PolicySpec{
+					RequestInterceptors: []dpv1alpha3.InterceptorReference{
 						{
 							Name: "up-request-interceptor",
 						},
 					},
-					ResponseInterceptors: []dpv1alpha2.InterceptorReference{
+					ResponseInterceptors: []dpv1alpha3.InterceptorReference{
 						{
 							Name: "down-response-interceptor",
 						},
diff --git a/adapter/internal/operator/config/webhook/manifests.yaml b/adapter/internal/operator/config/webhook/manifests.yaml
index 411ed6ee8..54cbdd40d 100644
--- a/adapter/internal/operator/config/webhook/manifests.yaml
+++ b/adapter/internal/operator/config/webhook/manifests.yaml
@@ -44,6 +44,26 @@ webhooks:
     resources:
     - apipolicies
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /mutate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: mapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
@@ -230,6 +250,26 @@ webhooks:
     resources:
     - apipolicies
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: vapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
diff --git a/adapter/internal/operator/controllers/dp/api_controller.go b/adapter/internal/operator/controllers/dp/api_controller.go
index b96e7aa31..457739f61 100644
--- a/adapter/internal/operator/controllers/dp/api_controller.go
+++ b/adapter/internal/operator/controllers/dp/api_controller.go
@@ -96,6 +96,7 @@ const (
 	interceptorServiceAPIPolicyIndex = "interceptorServiceAPIPolicyIndex"
 	backendInterceptorServiceIndex   = "backendInterceptorServiceIndex"
 	backendJWTAPIPolicyIndex         = "backendJWTAPIPolicyIndex"
+	aiProviderAPIPolicyIndex         = "aiProviderAPIPolicyIndex"
 )
 
 var (
@@ -187,7 +188,7 @@ func NewAPIController(mgr manager.Manager, operatorDataStore *synchronizer.Opera
 		return err
 	}
 
-	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha2.APIPolicy{}), handler.EnqueueRequestsFromMapFunc(apiReconciler.populateAPIReconcileRequestsForAPIPolicy),
+	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha3.APIPolicy{}), handler.EnqueueRequestsFromMapFunc(apiReconciler.populateAPIReconcileRequestsForAPIPolicy),
 		predicates...); err != nil {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2617, logging.BLOCKER, "Error watching APIPolicy resources: %v", err))
 		return err
@@ -217,6 +218,12 @@ func NewAPIController(mgr manager.Manager, operatorDataStore *synchronizer.Opera
 		return err
 	}
 
+	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha3.AIProvider{}), handler.EnqueueRequestsFromMapFunc(apiReconciler.populateAPIReconcileRequestsForAIProvider),
+		predicates...); err != nil {
+		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2615, logging.BLOCKER, "Error watching AIPolicy resources: %v", err))
+		return err
+	}
+
 	loggers.LoggerAPKOperator.Info("API Controller successfully started. Watching API Objects....")
 	go apiReconciler.handleStatus()
 	go apiReconciler.handleLabels(ctx)
@@ -348,8 +355,6 @@ func (apiReconciler *APIReconciler) resolveAPIRefs(ctx context.Context, api dpv1
 		return nil, fmt.Errorf("error while getting API level apipolicy for API : %s in namespace : %s with API UUID : %v, %s",
 			apiRef.String(), namespace, string(api.ObjectMeta.UID), err.Error())
 	}
-	loggers.LoggerAPKOperator.Debugf("API level authentications, ratelimits and apipolicies are retrieved successfully for API CR %s, %v, %v, %v",
-		apiRef.String(), apiState.Authentications, apiState.RateLimitPolicies, apiState.APIPolicies)
 
 	if apiState.ResourceAuthentications, err = apiReconciler.getAuthenticationsForResources(ctx, api); err != nil {
 		return nil, fmt.Errorf("error while getting httproute resource auth : %s in namespace : %s with API UUID : %v, %s",
@@ -363,9 +368,8 @@ func (apiReconciler *APIReconciler) resolveAPIRefs(ctx context.Context, api dpv1
 		return nil, fmt.Errorf("error while getting httproute resource apipolicy %s in namespace : %s with API UUID : %v, %s",
 			apiRef.String(), namespace, string(api.ObjectMeta.UID), err.Error())
 	}
-	if apiState.InterceptorServiceMapping, apiState.BackendJWTMapping, apiState.SubscriptionValidation, err =
-		apiReconciler.getAPIPolicyChildrenRefs(ctx, apiState.APIPolicies, apiState.ResourceAPIPolicies,
-			api); err != nil {
+	if apiState.InterceptorServiceMapping, apiState.BackendJWTMapping, apiState.SubscriptionValidation, apiState.AIProvider, err =
+		apiReconciler.getAPIPolicyChildrenRefs(ctx, apiState.APIPolicies, apiState.ResourceAPIPolicies, api); err != nil {
 		return nil, fmt.Errorf("error while getting referenced policies in apipolicy %s in namespace : %s with API UUID : %v, %s",
 			apiRef.String(), namespace, string(api.ObjectMeta.UID), err.Error())
 	}
@@ -700,10 +704,10 @@ func (apiReconciler *APIReconciler) getRatelimitPoliciesForResources(ctx context
 	return ratelimitpolicies, nil
 }
 
-func (apiReconciler *APIReconciler) getAPIPoliciesForAPI(ctx context.Context, api dpv1alpha2.API) (map[string]dpv1alpha2.APIPolicy, error) {
+func (apiReconciler *APIReconciler) getAPIPoliciesForAPI(ctx context.Context, api dpv1alpha2.API) (map[string]dpv1alpha3.APIPolicy, error) {
 	nameSpacedName := utils.NamespacedName(&api).String()
-	apiPolicies := make(map[string]dpv1alpha2.APIPolicy)
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicies := make(map[string]dpv1alpha3.APIPolicy)
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := apiReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(apiAPIPolicyIndex, nameSpacedName),
 	}); err != nil {
@@ -711,6 +715,7 @@ func (apiReconciler *APIReconciler) getAPIPoliciesForAPI(ctx context.Context, ap
 	}
 	for item := range apiPolicyList.Items {
 		apiPolicy := apiPolicyList.Items[item]
+		loggers.LoggerAPKOperator.Debugf("API Policy %+v", &apiPolicy)
 		apiPolicies[utils.NamespacedName(&apiPolicy).String()] = apiPolicy
 	}
 	return apiPolicies, nil
@@ -734,10 +739,10 @@ func (apiReconciler *APIReconciler) getAPIDefinitionForAPI(ctx context.Context,
 }
 
 func (apiReconciler *APIReconciler) getAPIPoliciesForResources(ctx context.Context,
-	api dpv1alpha2.API) (map[string]dpv1alpha2.APIPolicy, error) {
+	api dpv1alpha2.API) (map[string]dpv1alpha3.APIPolicy, error) {
 	nameSpacedName := utils.NamespacedName(&api).String()
-	apiPolicies := make(map[string]dpv1alpha2.APIPolicy)
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicies := make(map[string]dpv1alpha3.APIPolicy)
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := apiReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(apiAPIPolicyResourceIndex, nameSpacedName),
 	}); err != nil {
@@ -755,11 +760,12 @@ func (apiReconciler *APIReconciler) getAPIPoliciesForResources(ctx context.Conte
 // - backend JWTs
 // - subscription validation
 func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context,
-	apiPolicies, resourceAPIPolicies map[string]dpv1alpha2.APIPolicy,
-	api dpv1alpha2.API) (map[string]dpv1alpha1.InterceptorService, map[string]dpv1alpha1.BackendJWT, bool, error) {
+	apiPolicies, resourceAPIPolicies map[string]dpv1alpha3.APIPolicy,
+	api dpv1alpha2.API) (map[string]dpv1alpha1.InterceptorService, map[string]dpv1alpha1.BackendJWT, bool, *dpv1alpha3.AIProvider, error) {
 	allAPIPolicies := append(maps.Values(apiPolicies), maps.Values(resourceAPIPolicies)...)
 	interceptorServices := make(map[string]dpv1alpha1.InterceptorService)
 	backendJWTs := make(map[string]dpv1alpha1.BackendJWT)
+	aiProvider := &dpv1alpha3.AIProvider{}
 	subscriptionValidation := false
 	for _, apiPolicy := range allAPIPolicies {
 		if apiPolicy.Spec.Default != nil {
@@ -784,6 +790,14 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context
 					backendJWTs[utils.NamespacedName(backendJWTPtr).String()] = *backendJWTPtr
 				}
 			}
+			if apiPolicy.Spec.Default.AIProvider != nil {
+				loggers.LoggerAPKOperator.Debugf("AIProvider Default found in API Policy. AI Provider Name %s", apiPolicy.Spec.Default.AIProvider.Name)
+				aiProviderPtr := utils.GetAIProvider(ctx, apiReconciler.client, apiPolicy.Namespace,
+					apiPolicy.Spec.Default.AIProvider.Name, &api)
+				if aiProviderPtr != nil {
+					aiProvider = aiProviderPtr
+				}
+			}
 			subscriptionValidation = apiPolicy.Spec.Default.SubscriptionValidation
 		}
 		if apiPolicy.Spec.Override != nil {
@@ -808,10 +822,18 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context
 					backendJWTs[utils.NamespacedName(backendJWTPtr).String()] = *backendJWTPtr
 				}
 			}
+			if apiPolicy.Spec.Override.AIProvider != nil {
+				loggers.LoggerAPKOperator.Debugf("AIProvider override found in API Policy. AI Provider Name %s", apiPolicy.Spec.Override.AIProvider.Name)
+				aiProviderPtr := utils.GetAIProvider(ctx, apiReconciler.client, apiPolicy.Namespace,
+					apiPolicy.Spec.Override.AIProvider.Name, &api)
+				if aiProviderPtr != nil {
+					aiProvider = aiProviderPtr
+				}
+			}
 			subscriptionValidation = apiPolicy.Spec.Override.SubscriptionValidation
 		}
 	}
-	return interceptorServices, backendJWTs, subscriptionValidation, nil
+	return interceptorServices, backendJWTs, subscriptionValidation, aiProvider, nil
 }
 
 func (apiReconciler *APIReconciler) resolveAuthentications(ctx context.Context,
@@ -982,6 +1004,14 @@ func (apiReconciler *APIReconciler) populateAPIReconcileRequestsForBackend(ctx c
 	return requests
 }
 
+func (apiReconciler *APIReconciler) populateAPIReconcileRequestsForAIProvider(ctx context.Context, obj k8client.Object) []reconcile.Request {
+	requests := apiReconciler.getAPIsForAIProvider(ctx, obj)
+	if len(requests) > 0 {
+		apiReconciler.handleOwnerReference(ctx, obj, &requests)
+	}
+	return requests
+}
+
 func (apiReconciler *APIReconciler) traverseAPIStateAndUpdateOwnerReferences(ctx context.Context, apiState synchronizer.APIState) {
 	// travserse through all the children of this API and trigger update owner reference
 	if apiState.ProdHTTPRoute != nil {
@@ -1056,6 +1086,10 @@ func (apiReconciler *APIReconciler) traverseAPIStateAndUpdateOwnerReferences(ctx
 	for _, backendJwt := range apiState.BackendJWTMapping {
 		apiReconciler.retriveParentAPIsAndUpdateOwnerReferene(ctx, &backendJwt)
 	}
+	if apiState.AIProvider != nil && apiState.AIProvider.Name != "" {
+		loggers.LoggerAPKOperator.Infof("Owner Reference .AIProvider override found in API State. AI Provider Name %s", apiState.AIProvider.Name)
+		apiReconciler.retriveParentAPIsAndUpdateOwnerReferene(ctx, apiState.AIProvider)
+	}
 
 }
 
@@ -1122,8 +1156,8 @@ func (apiReconciler *APIReconciler) retriveParentAPIsAndUpdateOwnerReferene(ctx
 		}
 		requests = apiReconciler.getAPIsForInterceptorService(ctx, &interceptorService)
 		apiReconciler.handleOwnerReference(ctx, &interceptorService, &requests)
-	case *dpv1alpha2.APIPolicy:
-		var apiPolicy dpv1alpha2.APIPolicy
+	case *dpv1alpha3.APIPolicy:
+		var apiPolicy dpv1alpha3.APIPolicy
 		namesapcedName := types.NamespacedName{
 			Name:      string(obj.GetName()),
 			Namespace: string(obj.GetNamespace()),
@@ -1194,6 +1228,18 @@ func (apiReconciler *APIReconciler) retriveParentAPIsAndUpdateOwnerReferene(ctx
 		}
 		requests = apiReconciler.getAPIForGQLRoute(ctx, &gqlRoute)
 		apiReconciler.handleOwnerReference(ctx, &gqlRoute, &requests)
+	case *dpv1alpha3.AIProvider:
+		var aiProvider dpv1alpha3.AIProvider
+		namesapcedName := types.NamespacedName{
+			Name:      string(obj.GetName()),
+			Namespace: string(obj.GetNamespace()),
+		}
+		if err := apiReconciler.client.Get(ctx, namesapcedName, &aiProvider); err != nil {
+			loggers.LoggerAPKOperator.Errorf("Unexpected error occured while loading the cr object from cluster %+v", err)
+			return
+		}
+		requests = apiReconciler.getAPIsForAIProvider(ctx, &aiProvider)
+		apiReconciler.handleOwnerReference(ctx, &aiProvider, &requests)
 	default:
 		loggers.LoggerAPKOperator.Errorf("Unexpected type found while processing owner reference %+v", obj)
 	}
@@ -1380,7 +1426,7 @@ func (apiReconciler *APIReconciler) getAPIsForAuthentication(ctx context.Context
 // from APIPolicy objects. If the changes are done for an API stored in the Operator Data store,
 // a new reconcile event will be created and added to the reconcile event queue.
 func (apiReconciler *APIReconciler) getAPIsForAPIPolicy(ctx context.Context, obj k8client.Object) []reconcile.Request {
-	apiPolicy, ok := obj.(*dpv1alpha2.APIPolicy)
+	apiPolicy, ok := obj.(*dpv1alpha3.APIPolicy)
 	requests := []reconcile.Request{}
 	if !ok {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2622, logging.TRIVIAL, "Unexpected object type, bypassing reconciliation: %v", apiPolicy))
@@ -1411,6 +1457,32 @@ func (apiReconciler *APIReconciler) getAPIsForAPIPolicy(ctx context.Context, obj
 	return requests
 }
 
+// getAPIsForAIProvider triggers the API controller reconcile method based on the changes detected
+// from AIProvider objects. If the changes are done for an API stored in the Operator Data store,
+// a new reconcile event will be created and added to the reconcile event queue.
+func (apiReconciler *APIReconciler) getAPIsForAIProvider(ctx context.Context, obj k8client.Object) []reconcile.Request {
+	aiProvider, ok := obj.(*dpv1alpha3.AIProvider)
+	if !ok {
+		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2622, logging.TRIVIAL, "Unexpected object type, bypassing reconciliation: %v", aiProvider))
+		return []reconcile.Request{}
+	}
+
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
+	if err := apiReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
+		FieldSelector: fields.OneTermEqualSelector(aiProviderAPIPolicyIndex, utils.NamespacedName(aiProvider).String()),
+	}); err != nil {
+		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2649, logging.CRITICAL, "Unable to find associated APIPolicies: %s, error: %v", utils.NamespacedName(aiProvider).String(), err.Error()))
+		return []reconcile.Request{}
+	}
+
+	requests := []reconcile.Request{}
+	for item := range apiPolicyList.Items {
+		apiPolicy := apiPolicyList.Items[item]
+		requests = append(requests, apiReconciler.getAPIsForAPIPolicy(ctx, &apiPolicy)...)
+	}
+	return requests
+}
+
 // getAPIPoliciesForInterceptorService returns associated APIPolicies for the InterceptorService
 // when the changes detected in InterceptorService resoruces.
 func (apiReconciler *APIReconciler) getAPIsForInterceptorService(ctx context.Context, obj k8client.Object) []reconcile.Request {
@@ -1420,7 +1492,7 @@ func (apiReconciler *APIReconciler) getAPIsForInterceptorService(ctx context.Con
 		return []reconcile.Request{}
 	}
 
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := apiReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(interceptorServiceAPIPolicyIndex, utils.NamespacedName(interceptorService).String()),
 	}); err != nil {
@@ -1445,7 +1517,7 @@ func (apiReconciler *APIReconciler) getAPIsForBackendJWT(ctx context.Context, ob
 		return []reconcile.Request{}
 	}
 
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := apiReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(backendJWTAPIPolicyIndex, utils.NamespacedName(backendJWT).String()),
 	}); err != nil {
@@ -2020,6 +2092,30 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 		return err
 	}
 
+	// AIProvider to APIPolicy indexer
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, aiProviderAPIPolicyIndex,
+		func(rawObj k8client.Object) []string {
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
+			var aiProviders []string
+			if apiPolicy.Spec.Default != nil && apiPolicy.Spec.Default.AIProvider != nil {
+				aiProviders = append(aiProviders,
+					types.NamespacedName{
+						Namespace: apiPolicy.Namespace,
+						Name:      string(apiPolicy.Spec.Default.AIProvider.Name),
+					}.String())
+			}
+			if apiPolicy.Spec.Override != nil && apiPolicy.Spec.Override.AIProvider != nil {
+				aiProviders = append(aiProviders,
+					types.NamespacedName{
+						Namespace: apiPolicy.Namespace,
+						Name:      string(apiPolicy.Spec.Override.AIProvider.Name),
+					}.String())
+			}
+			return aiProviders
+		}); err != nil {
+		return err
+	}
+
 	// Till the below is httproute rule name and targetref sectionname is supported,
 	// https://gateway-api.sigs.k8s.io/geps/gep-713/?h=multiple+targetrefs#apply-policies-to-sections-of-a-resource-future-extension
 	// we will use a temporary kindName called Resource for policy attachments
@@ -2065,9 +2161,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// interceptorService to APIPolicy indexer
-	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.APIPolicy{}, interceptorServiceAPIPolicyIndex,
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, interceptorServiceAPIPolicyIndex,
 		func(rawObj k8client.Object) []string {
-			apiPolicy := rawObj.(*dpv1alpha2.APIPolicy)
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
 			var interceptorServices []string
 			if apiPolicy.Spec.Default != nil && len(apiPolicy.Spec.Default.RequestInterceptors) > 0 {
 				interceptorServices = append(interceptorServices,
@@ -2103,9 +2199,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// backendjwt to APIPolicy indexer
-	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.APIPolicy{}, backendJWTAPIPolicyIndex,
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, backendJWTAPIPolicyIndex,
 		func(rawObj k8client.Object) []string {
-			apiPolicy := rawObj.(*dpv1alpha2.APIPolicy)
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
 			var backendJWTs []string
 			if apiPolicy.Spec.Default != nil && apiPolicy.Spec.Default.BackendJWTPolicy != nil {
 				backendJWTs = append(backendJWTs,
@@ -2127,9 +2223,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// httpRoute to APIPolicy indexer
-	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.APIPolicy{}, apiAPIPolicyIndex,
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, apiAPIPolicyIndex,
 		func(rawObj k8client.Object) []string {
-			apiPolicy := rawObj.(*dpv1alpha2.APIPolicy)
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
 			var apis []string
 			if apiPolicy.Spec.TargetRef.Kind == constants.KindAPI {
 
@@ -2157,9 +2253,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	// https://gateway-api.sigs.k8s.io/geps/gep-713/?h=multiple+targetrefs#apply-policies-to-sections-of-a-resource-future-extension
 	// we will use a temporary kindName called Resource for policy attachments
 	// TODO(amali) Fix after the official support is available
-	err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.APIPolicy{}, apiAPIPolicyResourceIndex,
+	err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, apiAPIPolicyResourceIndex,
 		func(rawObj k8client.Object) []string {
-			apiPolicy := rawObj.(*dpv1alpha2.APIPolicy)
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
 			var apis []string
 			if apiPolicy.Spec.TargetRef.Kind == constants.KindResource {
 
@@ -2608,7 +2704,7 @@ func findProdSandEndpoints(apiState *synchronizer.APIState) (string, string, str
 }
 
 func pickOneCorsForCP(apiState *synchronizer.APIState) *controlplane.CORSPolicy {
-	apiPolicies := []v1alpha2.APIPolicy{}
+	apiPolicies := []dpv1alpha3.APIPolicy{}
 	for _, apiPolicy := range apiState.APIPolicies {
 		apiPolicies = append(apiPolicies, apiPolicy)
 	}
@@ -2616,7 +2712,7 @@ func pickOneCorsForCP(apiState *synchronizer.APIState) *controlplane.CORSPolicy
 		apiPolicies = append(apiPolicies, apiPolicy)
 	}
 	for _, apiPolicy := range apiPolicies {
-		corsPolicy := v1alpha2.CORSPolicy{}
+		corsPolicy := dpv1alpha3.CORSPolicy{}
 		found := false
 		if apiPolicy.Spec.Override != nil && apiPolicy.Spec.Override.CORSPolicy != nil {
 			corsPolicy = *apiPolicy.Spec.Override.CORSPolicy
diff --git a/adapter/internal/operator/controllers/dp/gateway_controller.go b/adapter/internal/operator/controllers/dp/gateway_controller.go
index f8cf51aff..36e33d9f1 100644
--- a/adapter/internal/operator/controllers/dp/gateway_controller.go
+++ b/adapter/internal/operator/controllers/dp/gateway_controller.go
@@ -106,7 +106,7 @@ func NewGatewayController(mgr manager.Manager, operatorDataStore *synchronizer.O
 		return err
 	}
 
-	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha2.APIPolicy{}), handler.EnqueueRequestsFromMapFunc(r.getGatewaysForAPIPolicy),
+	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha3.APIPolicy{}), handler.EnqueueRequestsFromMapFunc(r.getGatewaysForAPIPolicy),
 		predicates...); err != nil {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error3101, logging.BLOCKER, "Error watching APIPolicy resources: %v", err))
 		return err
@@ -252,9 +252,9 @@ func (gatewayReconciler *GatewayReconciler) resolveGatewayState(ctx context.Cont
 }
 
 func (gatewayReconciler *GatewayReconciler) getAPIPoliciesForGateway(ctx context.Context,
-	gateway *gwapiv1.Gateway) (map[string]dpv1alpha2.APIPolicy, error) {
-	apiPolicies := make(map[string]dpv1alpha2.APIPolicy)
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	gateway *gwapiv1.Gateway) (map[string]dpv1alpha3.APIPolicy, error) {
+	apiPolicies := make(map[string]dpv1alpha3.APIPolicy)
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := gatewayReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(gatewayAPIPolicyIndex, utils.NamespacedName(gateway).String()),
 	}); err != nil {
@@ -269,7 +269,7 @@ func (gatewayReconciler *GatewayReconciler) getAPIPoliciesForGateway(ctx context
 
 // getInterceptorServicesForGateway returns the list of interceptor services for the given gateway
 func (gatewayReconciler *GatewayReconciler) getInterceptorServicesForGateway(ctx context.Context,
-	gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy) (map[string]dpv1alpha1.InterceptorService, error) {
+	gatewayAPIPolicies map[string]dpv1alpha3.APIPolicy) (map[string]dpv1alpha1.InterceptorService, error) {
 	allGatewayAPIPolicies := maps.Values(gatewayAPIPolicies)
 	interceptorServices := make(map[string]dpv1alpha1.InterceptorService)
 	for _, apiPolicy := range allGatewayAPIPolicies {
@@ -356,7 +356,7 @@ func (gatewayReconciler *GatewayReconciler) getAPIsForInterceptorService(ctx con
 
 	requests := []reconcile.Request{}
 
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := gatewayReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(interceptorServiceAPIPolicyIndex, utils.NamespacedName(interceptorService).String()),
 	}); err != nil {
@@ -383,7 +383,7 @@ func (gatewayReconciler *GatewayReconciler) getAPIsForBackendJWT(ctx context.Con
 
 	requests := []reconcile.Request{}
 
-	apiPolicyList := &dpv1alpha2.APIPolicyList{}
+	apiPolicyList := &dpv1alpha3.APIPolicyList{}
 	if err := gatewayReconciler.client.List(ctx, apiPolicyList, &k8client.ListOptions{
 		FieldSelector: fields.OneTermEqualSelector(backendJWTAPIPolicyIndex, utils.NamespacedName(backendJWT).String()),
 	}); err != nil {
@@ -541,7 +541,7 @@ func (gatewayReconciler *GatewayReconciler) getCustomRateLimitPoliciesForGateway
 // getGatewaysForAPIPolicy triggers the Gateway controller reconcile method
 // based on the changes detected from APIPolicy objects.
 func (gatewayReconciler *GatewayReconciler) getGatewaysForAPIPolicy(ctx context.Context, obj k8client.Object) []reconcile.Request {
-	apiPolicy, ok := obj.(*dpv1alpha2.APIPolicy)
+	apiPolicy, ok := obj.(*dpv1alpha3.APIPolicy)
 	if !ok {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error3107, logging.TRIVIAL, "Unexpected object type, bypassing reconciliation: %v", apiPolicy))
 		return nil
@@ -596,9 +596,9 @@ func addGatewayIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// Gateway to APIPolicy indexer
-	err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.APIPolicy{}, gatewayAPIPolicyIndex,
+	err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha3.APIPolicy{}, gatewayAPIPolicyIndex,
 		func(rawObj k8client.Object) []string {
-			apiPolicy := rawObj.(*dpv1alpha2.APIPolicy)
+			apiPolicy := rawObj.(*dpv1alpha3.APIPolicy)
 			var httpRoutes []string
 			if apiPolicy.Spec.TargetRef.Kind == constants.KindGateway {
 
diff --git a/adapter/internal/operator/operator.go b/adapter/internal/operator/operator.go
index 855843205..afeb51622 100644
--- a/adapter/internal/operator/operator.go
+++ b/adapter/internal/operator/operator.go
@@ -67,6 +67,7 @@ func init() {
 	utilruntime.Must(gwapiv1a2.AddToScheme(scheme))
 
 	utilruntime.Must(dpv1alpha2.AddToScheme(scheme))
+
 	utilruntime.Must(dpv1alpha3.AddToScheme(scheme))
 	//+kubebuilder:scaffold:scheme
 }
diff --git a/adapter/internal/operator/synchronizer/api_state.go b/adapter/internal/operator/synchronizer/api_state.go
index e6ce50560..3a1e6b3de 100644
--- a/adapter/internal/operator/synchronizer/api_state.go
+++ b/adapter/internal/operator/synchronizer/api_state.go
@@ -37,8 +37,9 @@ type APIState struct {
 	RateLimitPolicies         map[string]v1alpha3.RateLimitPolicy
 	ResourceAuthentications   map[string]v1alpha2.Authentication
 	ResourceRateLimitPolicies map[string]v1alpha3.RateLimitPolicy
-	ResourceAPIPolicies       map[string]v1alpha2.APIPolicy
-	APIPolicies               map[string]v1alpha2.APIPolicy
+	ResourceAPIPolicies       map[string]v1alpha3.APIPolicy
+	APIPolicies               map[string]v1alpha3.APIPolicy
+	AIProvider                *v1alpha3.AIProvider
 	InterceptorServiceMapping map[string]v1alpha1.InterceptorService
 	BackendJWTMapping         map[string]v1alpha1.BackendJWT
 	APIDefinitionFile         []byte
diff --git a/adapter/internal/operator/synchronizer/gateway_state.go b/adapter/internal/operator/synchronizer/gateway_state.go
index 375516357..cf09929b6 100644
--- a/adapter/internal/operator/synchronizer/gateway_state.go
+++ b/adapter/internal/operator/synchronizer/gateway_state.go
@@ -36,7 +36,7 @@ type GatewayState struct {
 // +k8s:deepcopy-gen=true
 type GatewayStateData struct {
 	GatewayResolvedListenerCerts     map[string]map[string][]byte
-	GatewayAPIPolicies               map[string]v1alpha2.APIPolicy
+	GatewayAPIPolicies               map[string]v1alpha3.APIPolicy
 	GatewayBackendMapping            map[string]*v1alpha2.ResolvedBackend
 	GatewayInterceptorServiceMapping map[string]v1alpha1.InterceptorService
 	GatewayCustomRateLimitPolicies   map[string]*v1alpha3.RateLimitPolicy
diff --git a/adapter/internal/operator/synchronizer/gateway_synchronizer.go b/adapter/internal/operator/synchronizer/gateway_synchronizer.go
index 1f374a9f8..49e43a12b 100644
--- a/adapter/internal/operator/synchronizer/gateway_synchronizer.go
+++ b/adapter/internal/operator/synchronizer/gateway_synchronizer.go
@@ -136,7 +136,7 @@ func getCustomRateLimitPolicies(customRateLimitPoliciesDef map[string]*dpv1alpha
 	return customRateLimitPolicies
 }
 
-func generateGlobalInterceptorResource(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
+func generateGlobalInterceptorResource(gatewayAPIPolicies map[string]dpv1alpha3.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
 	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) (string, *clusterv3.Cluster, []*corev3.Address,
 	*clusterv3.Cluster, []*corev3.Address) {
@@ -157,7 +157,7 @@ func generateGlobalInterceptorResource(gatewayAPIPolicies map[string]dpv1alpha2.
 	return gwLuaScript, gwReqICluster, gwReqIAddresses, gwResICluster, gwResIAddresses
 }
 
-func getGlobalInterceptorScript(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
+func getGlobalInterceptorScript(gatewayAPIPolicies map[string]dpv1alpha3.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
 	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) string {
 	iInvCtx := &interceptor.InvocationContext{
@@ -184,13 +184,13 @@ end
 `
 }
 
-func createInterceptors(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
+func createInterceptors(gatewayAPIPolicies map[string]dpv1alpha3.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
 	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) (requestInterceptor map[string]model.InterceptEndpoint, responseInterceptor map[string]model.InterceptEndpoint) {
 	requestInterceptorMap := make(map[string]model.InterceptEndpoint)
 	responseInterceptorMap := make(map[string]model.InterceptEndpoint)
 
-	var apiPolicy *dpv1alpha2.APIPolicy
+	var apiPolicy *dpv1alpha3.APIPolicy
 	outputAPIPolicy := utils.TieBreaker(utils.GetPtrSlice(maps.Values(gatewayAPIPolicies)))
 	if outputAPIPolicy != nil {
 		apiPolicy = *outputAPIPolicy
@@ -227,7 +227,7 @@ func createInterceptors(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
 	return requestInterceptorMap, responseInterceptorMap
 }
 
-func getInterceptorEndpoint(namespace string, interceptorRef *dpv1alpha2.InterceptorReference,
+func getInterceptorEndpoint(namespace string, interceptorRef *dpv1alpha3.InterceptorReference,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService, gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend, isReq bool) *model.InterceptEndpoint {
 	interceptor := gatewayInterceptorServiceMapping[types.NamespacedName{
 		Namespace: namespace,
diff --git a/adapter/internal/operator/synchronizer/gql_api.go b/adapter/internal/operator/synchronizer/gql_api.go
index 5f7cfef13..c781ad3e0 100644
--- a/adapter/internal/operator/synchronizer/gql_api.go
+++ b/adapter/internal/operator/synchronizer/gql_api.go
@@ -103,6 +103,11 @@ func generateGQLAdapterInternalAPI(apiState APIState, gqlRoute *GQLRouteState, e
 		adapterInternalAPI.SetDisableMtls(true)
 	}
 
+	if apiState.AIProvider != nil && apiState.AIProvider.Name != "" {
+		adapterInternalAPI.SetAIProvider(*apiState.AIProvider)
+	}
+	loggers.LoggerAPKOperator.Infof("Generated AdapterInternalAPI AI Provider for GQL API: %v", adapterInternalAPI.GetAIProvider())
+
 	return &adapterInternalAPI, nil
 }
 
diff --git a/adapter/internal/operator/synchronizer/rest_api.go b/adapter/internal/operator/synchronizer/rest_api.go
index d16be379c..b94ce90ae 100644
--- a/adapter/internal/operator/synchronizer/rest_api.go
+++ b/adapter/internal/operator/synchronizer/rest_api.go
@@ -125,6 +125,12 @@ func generateAdapterInternalAPI(apiState APIState, httpRoute *HTTPRouteState, en
 		return nil, err
 	}
 
+	if apiState.AIProvider != nil && apiState.AIProvider.Name != "" {
+		loggers.LoggerAPKOperator.Debugf("AI Provider: %+v", *apiState.AIProvider)
+		adapterInternalAPI.SetAIProvider(*apiState.AIProvider)
+	}
+	loggers.LoggerAPKOperator.Infof("AdapterInternalAPI AI Provider: %+v", adapterInternalAPI.GetAIProvider())
+
 	return &adapterInternalAPI, nil
 }
 
diff --git a/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go b/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go
index 0ce21cdd3..597fe5439 100644
--- a/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go
+++ b/adapter/internal/operator/synchronizer/zz_generated.deepcopy.go
@@ -25,6 +25,7 @@ package synchronizer
 import (
 	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha1"
 	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha2"
+	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3"
 	"sigs.k8s.io/gateway-api/apis/v1"
 )
 
@@ -72,14 +73,14 @@ func (in *APIState) DeepCopyInto(out *APIState) {
 	}
 	if in.ResourceAPIPolicies != nil {
 		in, out := &in.ResourceAPIPolicies, &out.ResourceAPIPolicies
-		*out = make(map[string]v1alpha2.APIPolicy, len(*in))
+		*out = make(map[string]v1alpha3.APIPolicy, len(*in))
 		for key, val := range *in {
 			(*out)[key] = *val.DeepCopy()
 		}
 	}
 	if in.APIPolicies != nil {
 		in, out := &in.APIPolicies, &out.APIPolicies
-		*out = make(map[string]v1alpha2.APIPolicy, len(*in))
+		*out = make(map[string]v1alpha3.APIPolicy, len(*in))
 		for key, val := range *in {
 			(*out)[key] = *val.DeepCopy()
 		}
@@ -232,7 +233,7 @@ func (in *GatewayStateData) DeepCopyInto(out *GatewayStateData) {
 	}
 	if in.GatewayAPIPolicies != nil {
 		in, out := &in.GatewayAPIPolicies, &out.GatewayAPIPolicies
-		*out = make(map[string]v1alpha2.APIPolicy, len(*in))
+		*out = make(map[string]v1alpha3.APIPolicy, len(*in))
 		for key, val := range *in {
 			(*out)[key] = *val.DeepCopy()
 		}
diff --git a/adapter/internal/operator/utils/utils.go b/adapter/internal/operator/utils/utils.go
index 064c647f0..2e8b3e99a 100644
--- a/adapter/internal/operator/utils/utils.go
+++ b/adapter/internal/operator/utils/utils.go
@@ -35,6 +35,7 @@ import (
 	"github.com/wso2/apk/adapter/pkg/utils/stringutils"
 	dpv1alpha1 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha1"
 	dpv1alpha2 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha2"
+	dpv1alpha3 "github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -594,7 +595,7 @@ func RetrieveNamespaceListOptions(namespaces []string) k8client.ListOptions {
 
 // GetInterceptorService reads InterceptorService when interceptorReference is given
 func GetInterceptorService(ctx context.Context, client k8client.Client, namespace string,
-	interceptorReference *dpv1alpha2.InterceptorReference, api *dpv1alpha2.API) *dpv1alpha1.InterceptorService {
+	interceptorReference *dpv1alpha3.InterceptorReference, api *dpv1alpha2.API) *dpv1alpha1.InterceptorService {
 	interceptorService := &dpv1alpha1.InterceptorService{}
 	interceptorRef := types.NamespacedName{
 		Namespace: namespace,
@@ -624,6 +625,24 @@ func GetBackendJWT(ctx context.Context, client k8client.Client, namespace,
 	return backendJWT
 }
 
+// GetAIProvider reads AIProvider when aiProviderReference is given
+func GetAIProvider(ctx context.Context, client k8client.Client, namespace string,
+	aiProviderReference string, api *dpv1alpha2.API) *dpv1alpha3.AIProvider {
+	aiProvider := &dpv1alpha3.AIProvider{}
+	aiProviderRef := types.NamespacedName{
+		Namespace: namespace,
+		Name:      aiProviderReference,
+	}
+	loggers.LoggerAPKOperator.Debugf("AIProviderRef: %v", aiProviderRef)
+	if err := ResolveRef(ctx, client, api, aiProviderRef, false, aiProvider); err != nil {
+		if !apierrors.IsNotFound(err) {
+			loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2663, logging.CRITICAL, "Error while getting aiProvider %s, error: %v", aiProviderRef, err.Error()))
+		}
+	}
+	loggers.LoggerAPKOperator.Debugf("AIProvider: %v", aiProvider)
+	return aiProvider
+}
+
 // RetrieveAPIList retrieves API list from the given kubernetes client
 func RetrieveAPIList(k8sclient k8client.Client) ([]dpv1alpha2.API, error) {
 	ctx := context.Background()
diff --git a/adapter/pkg/discovery/api/wso2/discovery/api/ai_provider.pb.go b/adapter/pkg/discovery/api/wso2/discovery/api/ai_provider.pb.go
new file mode 100644
index 000000000..9c48674ba
--- /dev/null
+++ b/adapter/pkg/discovery/api/wso2/discovery/api/ai_provider.pb.go
@@ -0,0 +1,324 @@
+//  Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved.
+//
+//  WSO2 LLC. licenses this file to you under the Apache License,
+//  Version 2.0 (the "License"); you may not use this file except
+//  in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing,
+//  software distributed under the License is distributed on an
+//  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+//  KIND, either express or implied.  See the License for the
+//  specific language governing permissions and limitations
+//  under the License.
+
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0-devel
+// 	protoc        v3.13.0
+// source: wso2/discovery/api/ai_provider.proto
+
+package api
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// Holds AIProvider configs
+type AIProvider struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	ProviderName       string        `protobuf:"bytes,1,opt,name=providerName,proto3" json:"providerName,omitempty"`
+	ProviderAPIVersion string        `protobuf:"bytes,2,opt,name=providerAPIVersion,proto3" json:"providerAPIVersion,omitempty"`
+	Organization       string        `protobuf:"bytes,3,opt,name=organization,proto3" json:"organization,omitempty"`
+	Model              *ValueDetails `protobuf:"bytes,4,opt,name=model,proto3" json:"model,omitempty"`
+	PromptTokens       *ValueDetails `protobuf:"bytes,5,opt,name=promptTokens,proto3" json:"promptTokens,omitempty"`
+	CompletionToken    *ValueDetails `protobuf:"bytes,6,opt,name=completionToken,proto3" json:"completionToken,omitempty"`
+	TotalToken         *ValueDetails `protobuf:"bytes,7,opt,name=totalToken,proto3" json:"totalToken,omitempty"`
+	Enabled            bool          `protobuf:"varint,8,opt,name=enabled,proto3" json:"enabled,omitempty"`
+}
+
+func (x *AIProvider) Reset() {
+	*x = AIProvider{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_wso2_discovery_api_ai_provider_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AIProvider) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AIProvider) ProtoMessage() {}
+
+func (x *AIProvider) ProtoReflect() protoreflect.Message {
+	mi := &file_wso2_discovery_api_ai_provider_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AIProvider.ProtoReflect.Descriptor instead.
+func (*AIProvider) Descriptor() ([]byte, []int) {
+	return file_wso2_discovery_api_ai_provider_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *AIProvider) GetProviderName() string {
+	if x != nil {
+		return x.ProviderName
+	}
+	return ""
+}
+
+func (x *AIProvider) GetProviderAPIVersion() string {
+	if x != nil {
+		return x.ProviderAPIVersion
+	}
+	return ""
+}
+
+func (x *AIProvider) GetOrganization() string {
+	if x != nil {
+		return x.Organization
+	}
+	return ""
+}
+
+func (x *AIProvider) GetModel() *ValueDetails {
+	if x != nil {
+		return x.Model
+	}
+	return nil
+}
+
+func (x *AIProvider) GetPromptTokens() *ValueDetails {
+	if x != nil {
+		return x.PromptTokens
+	}
+	return nil
+}
+
+func (x *AIProvider) GetCompletionToken() *ValueDetails {
+	if x != nil {
+		return x.CompletionToken
+	}
+	return nil
+}
+
+func (x *AIProvider) GetTotalToken() *ValueDetails {
+	if x != nil {
+		return x.TotalToken
+	}
+	return nil
+}
+
+func (x *AIProvider) GetEnabled() bool {
+	if x != nil {
+		return x.Enabled
+	}
+	return false
+}
+
+// Holds ValueDetails configs
+type ValueDetails struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	In    string `protobuf:"bytes,1,opt,name=in,proto3" json:"in,omitempty"`
+	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (x *ValueDetails) Reset() {
+	*x = ValueDetails{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_wso2_discovery_api_ai_provider_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ValueDetails) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ValueDetails) ProtoMessage() {}
+
+func (x *ValueDetails) ProtoReflect() protoreflect.Message {
+	mi := &file_wso2_discovery_api_ai_provider_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ValueDetails.ProtoReflect.Descriptor instead.
+func (*ValueDetails) Descriptor() ([]byte, []int) {
+	return file_wso2_discovery_api_ai_provider_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *ValueDetails) GetIn() string {
+	if x != nil {
+		return x.In
+	}
+	return ""
+}
+
+func (x *ValueDetails) GetValue() string {
+	if x != nil {
+		return x.Value
+	}
+	return ""
+}
+
+var File_wso2_discovery_api_ai_provider_proto protoreflect.FileDescriptor
+
+var file_wso2_discovery_api_ai_provider_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x69, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73,
+	0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x22, 0xaa, 0x03, 0x0a, 0x0a, 0x41,
+	0x49, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x22, 0x0a, 0x0c, 0x70, 0x72, 0x6f,
+	0x76, 0x69, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0c, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2e, 0x0a,
+	0x12, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x41, 0x50, 0x49, 0x56, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x70, 0x72, 0x6f, 0x76, 0x69,
+	0x64, 0x65, 0x72, 0x41, 0x50, 0x49, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x22, 0x0a,
+	0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0c, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x12, 0x36, 0x0a, 0x05, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69,
+	0x6c, 0x73, 0x52, 0x05, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x12, 0x44, 0x0a, 0x0c, 0x70, 0x72, 0x6f,
+	0x6d, 0x70, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x20, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c,
+	0x73, 0x52, 0x0c, 0x70, 0x72, 0x6f, 0x6d, 0x70, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x12,
+	0x4a, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b,
+	0x65, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x56, 0x61,
+	0x6c, 0x75, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x0f, 0x63, 0x6f, 0x6d, 0x70,
+	0x6c, 0x65, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x40, 0x0a, 0x0a, 0x74,
+	0x6f, 0x74, 0x61, 0x6c, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32,
+	0x20, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c,
+	0x73, 0x52, 0x0a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x18, 0x0a,
+	0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07,
+	0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0x34, 0x0a, 0x0c, 0x56, 0x61, 0x6c, 0x75, 0x65,
+	0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x6e, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x42, 0x77, 0x0a,
+	0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e,
+	0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79,
+	0x2e, 0x61, 0x70, 0x69, 0x42, 0x0f, 0x41, 0x49, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67,
+	0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f,
+	0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_wso2_discovery_api_ai_provider_proto_rawDescOnce sync.Once
+	file_wso2_discovery_api_ai_provider_proto_rawDescData = file_wso2_discovery_api_ai_provider_proto_rawDesc
+)
+
+func file_wso2_discovery_api_ai_provider_proto_rawDescGZIP() []byte {
+	file_wso2_discovery_api_ai_provider_proto_rawDescOnce.Do(func() {
+		file_wso2_discovery_api_ai_provider_proto_rawDescData = protoimpl.X.CompressGZIP(file_wso2_discovery_api_ai_provider_proto_rawDescData)
+	})
+	return file_wso2_discovery_api_ai_provider_proto_rawDescData
+}
+
+var file_wso2_discovery_api_ai_provider_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_wso2_discovery_api_ai_provider_proto_goTypes = []interface{}{
+	(*AIProvider)(nil),   // 0: wso2.discovery.api.AIProvider
+	(*ValueDetails)(nil), // 1: wso2.discovery.api.ValueDetails
+}
+var file_wso2_discovery_api_ai_provider_proto_depIdxs = []int32{
+	1, // 0: wso2.discovery.api.AIProvider.model:type_name -> wso2.discovery.api.ValueDetails
+	1, // 1: wso2.discovery.api.AIProvider.promptTokens:type_name -> wso2.discovery.api.ValueDetails
+	1, // 2: wso2.discovery.api.AIProvider.completionToken:type_name -> wso2.discovery.api.ValueDetails
+	1, // 3: wso2.discovery.api.AIProvider.totalToken:type_name -> wso2.discovery.api.ValueDetails
+	4, // [4:4] is the sub-list for method output_type
+	4, // [4:4] is the sub-list for method input_type
+	4, // [4:4] is the sub-list for extension type_name
+	4, // [4:4] is the sub-list for extension extendee
+	0, // [0:4] is the sub-list for field type_name
+}
+
+func init() { file_wso2_discovery_api_ai_provider_proto_init() }
+func file_wso2_discovery_api_ai_provider_proto_init() {
+	if File_wso2_discovery_api_ai_provider_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_wso2_discovery_api_ai_provider_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AIProvider); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_wso2_discovery_api_ai_provider_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*ValueDetails); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_wso2_discovery_api_ai_provider_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_wso2_discovery_api_ai_provider_proto_goTypes,
+		DependencyIndexes: file_wso2_discovery_api_ai_provider_proto_depIdxs,
+		MessageInfos:      file_wso2_discovery_api_ai_provider_proto_msgTypes,
+	}.Build()
+	File_wso2_discovery_api_ai_provider_proto = out.File
+	file_wso2_discovery_api_ai_provider_proto_rawDesc = nil
+	file_wso2_discovery_api_ai_provider_proto_goTypes = nil
+	file_wso2_discovery_api_ai_provider_proto_depIdxs = nil
+}
diff --git a/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go b/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go
index a711b1c78..3d12ab090 100644
--- a/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go
+++ b/adapter/pkg/discovery/api/wso2/discovery/api/api.pb.go
@@ -69,6 +69,7 @@ type Api struct {
 	SubscriptionValidation bool                 `protobuf:"varint,28,opt,name=subscriptionValidation,proto3" json:"subscriptionValidation,omitempty"`
 	Endpoints              *EndpointCluster     `protobuf:"bytes,29,opt,name=endpoints,proto3" json:"endpoints,omitempty"`
 	EndpointSecurity       []*SecurityInfo      `protobuf:"bytes,30,rep,name=endpointSecurity,proto3" json:"endpointSecurity,omitempty"`
+	Aiprovider             *AIProvider          `protobuf:"bytes,31,opt,name=aiprovider,proto3" json:"aiprovider,omitempty"`
 }
 
 func (x *Api) Reset() {
@@ -278,6 +279,13 @@ func (x *Api) GetEndpointSecurity() []*SecurityInfo {
 	return nil
 }
 
+func (x *Api) GetAiprovider() *AIProvider {
+	if x != nil {
+		return x.Aiprovider
+	}
+	return nil
+}
+
 var File_wso2_discovery_api_api_proto protoreflect.FileDescriptor
 
 var file_wso2_discovery_api_api_proto_rawDesc = []byte{
@@ -298,86 +306,92 @@ var file_wso2_discovery_api_api_proto_rawDesc = []byte{
 	0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74,
 	0x79, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x20, 0x77, 0x73,
 	0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69,
-	0x2f, 0x67, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xed,
-	0x08, 0x0a, 0x03, 0x41, 0x70, 0x69, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x12, 0x18, 0x0a, 0x07,
-	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76,
-	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x70, 0x69, 0x54, 0x79, 0x70,
-	0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65,
-	0x12, 0x36, 0x0a, 0x16, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x75, 0x74, 0x68, 0x65,
-	0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08,
-	0x52, 0x16, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74,
-	0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0d, 0x64, 0x69, 0x73, 0x61,
-	0x62, 0x6c, 0x65, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52,
-	0x0d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x12, 0x18,
-	0x0a, 0x07, 0x65, 0x6e, 0x76, 0x54, 0x79, 0x70, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x07, 0x65, 0x6e, 0x76, 0x54, 0x79, 0x70, 0x65, 0x12, 0x3a, 0x0a, 0x09, 0x72, 0x65, 0x73, 0x6f,
-	0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x77, 0x73,
-	0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69,
-	0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75,
-	0x72, 0x63, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x62, 0x61, 0x73, 0x65, 0x50, 0x61, 0x74, 0x68,
-	0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x62, 0x61, 0x73, 0x65, 0x50, 0x61, 0x74, 0x68,
-	0x12, 0x12, 0x0a, 0x04, 0x74, 0x69, 0x65, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
-	0x74, 0x69, 0x65, 0x72, 0x12, 0x2c, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x66, 0x65, 0x43,
-	0x79, 0x63, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x11, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x66, 0x65, 0x43, 0x79, 0x63, 0x6c, 0x65, 0x53, 0x74, 0x61,
-	0x74, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x68, 0x6f, 0x73, 0x74, 0x18, 0x0c, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x05, 0x76, 0x68, 0x6f, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0e, 0x6f, 0x72, 0x67, 0x61,
-	0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64,
-	0x12, 0x4f, 0x0a, 0x12, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
-	0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x77,
-	0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70,
-	0x69, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x12, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
-	0x73, 0x12, 0x1c, 0x0a, 0x09, 0x6d, 0x75, 0x74, 0x75, 0x61, 0x6c, 0x53, 0x53, 0x4c, 0x18, 0x0f,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x75, 0x74, 0x75, 0x61, 0x6c, 0x53, 0x53, 0x4c, 0x12,
-	0x30, 0x0a, 0x13, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65,
-	0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x61, 0x70,
-	0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74,
-	0x79, 0x12, 0x2c, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x65,
-	0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x74, 0x72,
-	0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x12,
-	0x5b, 0x0a, 0x15, 0x67, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c, 0x43, 0x6f, 0x6d, 0x70, 0x6c, 0x65,
-	0x78, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x18, 0x17, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25,
-	0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e,
-	0x61, 0x70, 0x69, 0x2e, 0x47, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c, 0x43, 0x6f, 0x6d, 0x70, 0x6c,
-	0x65, 0x78, 0x69, 0x74, 0x79, 0x52, 0x15, 0x67, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c, 0x43, 0x6f,
-	0x6d, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1c, 0x0a, 0x09,
-	0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x41, 0x50, 0x49, 0x18, 0x18, 0x20, 0x01, 0x28, 0x08, 0x52,
-	0x09, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x41, 0x50, 0x49, 0x12, 0x59, 0x0a, 0x13, 0x62, 0x61,
-	0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x49, 0x6e, 0x66,
-	0x6f, 0x18, 0x19, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64,
-	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x42, 0x61, 0x63,
-	0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x49, 0x6e, 0x66, 0x6f,
-	0x52, 0x13, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f, 0x6b, 0x65,
-	0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2c, 0x0a, 0x11, 0x61, 0x70, 0x69, 0x44, 0x65, 0x66, 0x69,
-	0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x65, 0x18, 0x1a, 0x20, 0x01, 0x28, 0x0c,
-	0x52, 0x11, 0x61, 0x70, 0x69, 0x44, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46,
-	0x69, 0x6c, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65,
-	0x6e, 0x74, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f,
-	0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x16, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18,
-	0x1c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a,
-	0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x1d, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x23, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
-	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6c,
-	0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73,
-	0x12, 0x4c, 0x0a, 0x10, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x65, 0x63, 0x75,
-	0x72, 0x69, 0x74, 0x79, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x77, 0x73, 0x6f,
-	0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e,
-	0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x10, 0x65, 0x6e,
-	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x42, 0x70,
-	0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65,
-	0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
-	0x79, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x08, 0x41, 0x70, 0x69, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
-	0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e,
-	0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67, 0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74,
-	0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64,
-	0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61, 0x70, 0x69, 0x3b, 0x61, 0x70, 0x69,
-	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x2f, 0x67, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24,
+	0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x2f, 0x61, 0x69, 0x5f, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xad, 0x09, 0x0a, 0x03, 0x41, 0x70, 0x69, 0x12, 0x0e, 0x0a, 0x02,
+	0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05,
+	0x74, 0x69, 0x74, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74,
+	0x6c, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07,
+	0x61, 0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61,
+	0x70, 0x69, 0x54, 0x79, 0x70, 0x65, 0x12, 0x36, 0x0a, 0x16, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c,
+	0x65, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x41,
+	0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24,
+	0x0a, 0x0d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x18,
+	0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x63,
+	0x6f, 0x70, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x76, 0x54, 0x79, 0x70, 0x65, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x6e, 0x76, 0x54, 0x79, 0x70, 0x65, 0x12, 0x3a,
+	0x0a, 0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x1c, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65,
+	0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52,
+	0x09, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x62, 0x61,
+	0x73, 0x65, 0x50, 0x61, 0x74, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x62, 0x61,
+	0x73, 0x65, 0x50, 0x61, 0x74, 0x68, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x69, 0x65, 0x72, 0x18, 0x0a,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x69, 0x65, 0x72, 0x12, 0x2c, 0x0a, 0x11, 0x61, 0x70,
+	0x69, 0x4c, 0x69, 0x66, 0x65, 0x43, 0x79, 0x63, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x18,
+	0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x61, 0x70, 0x69, 0x4c, 0x69, 0x66, 0x65, 0x43, 0x79,
+	0x63, 0x6c, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x68, 0x6f, 0x73,
+	0x74, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x68, 0x6f, 0x73, 0x74, 0x12, 0x26,
+	0x0a, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64,
+	0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x4f, 0x0a, 0x12, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x0e, 0x20, 0x03,
+	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76,
+	0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
+	0x61, 0x74, 0x65, 0x52, 0x12, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x6d, 0x75, 0x74, 0x75, 0x61,
+	0x6c, 0x53, 0x53, 0x4c, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x75, 0x74, 0x75,
+	0x61, 0x6c, 0x53, 0x53, 0x4c, 0x12, 0x30, 0x0a, 0x13, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61,
+	0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x18, 0x10, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x13, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53,
+	0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x12, 0x2c, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x18, 0x11, 0x20, 0x01,
+	0x28, 0x08, 0x52, 0x11, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x65, 0x63,
+	0x75, 0x72, 0x69, 0x74, 0x79, 0x12, 0x5b, 0x0a, 0x15, 0x67, 0x72, 0x61, 0x70, 0x68, 0x71, 0x6c,
+	0x43, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x74, 0x79, 0x49, 0x6e, 0x66, 0x6f, 0x18, 0x17,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63,
+	0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x47, 0x72, 0x61, 0x70, 0x68, 0x71,
+	0x6c, 0x43, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x74, 0x79, 0x52, 0x15, 0x67, 0x72, 0x61,
+	0x70, 0x68, 0x71, 0x6c, 0x43, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x78, 0x69, 0x74, 0x79, 0x49, 0x6e,
+	0x66, 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x41, 0x50, 0x49, 0x18,
+	0x18, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x41, 0x50, 0x49,
+	0x12, 0x59, 0x0a, 0x13, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f,
+	0x6b, 0x65, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x18, 0x19, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+	0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61,
+	0x70, 0x69, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a, 0x57, 0x54, 0x54, 0x6f, 0x6b,
+	0x65, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x13, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x4a,
+	0x57, 0x54, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x2c, 0x0a, 0x11, 0x61,
+	0x70, 0x69, 0x44, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x65,
+	0x18, 0x1a, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x11, 0x61, 0x70, 0x69, 0x44, 0x65, 0x66, 0x69, 0x6e,
+	0x69, 0x74, 0x69, 0x6f, 0x6e, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x65, 0x6e, 0x76,
+	0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
+	0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x16, 0x73,
+	0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64,
+	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x1c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x73, 0x75, 0x62,
+	0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a, 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73,
+	0x18, 0x1d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x45, 0x6e, 0x64, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x09, 0x65, 0x6e, 0x64,
+	0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x12, 0x4c, 0x0a, 0x10, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69,
+	0x6e, 0x74, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x18, 0x1e, 0x20, 0x03, 0x28, 0x0b,
+	0x32, 0x20, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72,
+	0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x49, 0x6e,
+	0x66, 0x6f, 0x52, 0x10, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x65, 0x63, 0x75,
+	0x72, 0x69, 0x74, 0x79, 0x12, 0x3e, 0x0a, 0x0a, 0x61, 0x69, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64,
+	0x65, 0x72, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x77, 0x73, 0x6f, 0x32, 0x2e,
+	0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x41, 0x49,
+	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x52, 0x0a, 0x61, 0x69, 0x70, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x42, 0x70, 0x0a, 0x23, 0x6f, 0x72, 0x67, 0x2e, 0x77, 0x73, 0x6f, 0x32,
+	0x2e, 0x61, 0x70, 0x6b, 0x2e, 0x65, 0x6e, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x72, 0x2e, 0x64, 0x69,
+	0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x08, 0x41, 0x70, 0x69,
+	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x67,
+	0x6f, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x2d, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f,
+	0x77, 0x73, 0x6f, 0x32, 0x2f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2f, 0x61,
+	0x70, 0x69, 0x3b, 0x61, 0x70, 0x69, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -401,6 +415,7 @@ var file_wso2_discovery_api_api_proto_goTypes = []interface{}{
 	(*BackendJWTTokenInfo)(nil), // 4: wso2.discovery.api.BackendJWTTokenInfo
 	(*EndpointCluster)(nil),     // 5: wso2.discovery.api.EndpointCluster
 	(*SecurityInfo)(nil),        // 6: wso2.discovery.api.SecurityInfo
+	(*AIProvider)(nil),          // 7: wso2.discovery.api.AIProvider
 }
 var file_wso2_discovery_api_api_proto_depIdxs = []int32{
 	1, // 0: wso2.discovery.api.Api.resources:type_name -> wso2.discovery.api.Resource
@@ -409,11 +424,12 @@ var file_wso2_discovery_api_api_proto_depIdxs = []int32{
 	4, // 3: wso2.discovery.api.Api.backendJWTTokenInfo:type_name -> wso2.discovery.api.BackendJWTTokenInfo
 	5, // 4: wso2.discovery.api.Api.endpoints:type_name -> wso2.discovery.api.EndpointCluster
 	6, // 5: wso2.discovery.api.Api.endpointSecurity:type_name -> wso2.discovery.api.SecurityInfo
-	6, // [6:6] is the sub-list for method output_type
-	6, // [6:6] is the sub-list for method input_type
-	6, // [6:6] is the sub-list for extension type_name
-	6, // [6:6] is the sub-list for extension extendee
-	0, // [0:6] is the sub-list for field type_name
+	7, // 6: wso2.discovery.api.Api.aiprovider:type_name -> wso2.discovery.api.AIProvider
+	7, // [7:7] is the sub-list for method output_type
+	7, // [7:7] is the sub-list for method input_type
+	7, // [7:7] is the sub-list for extension type_name
+	7, // [7:7] is the sub-list for extension extendee
+	0, // [0:7] is the sub-list for field type_name
 }
 
 func init() { file_wso2_discovery_api_api_proto_init() }
@@ -427,6 +443,7 @@ func file_wso2_discovery_api_api_proto_init() {
 	file_wso2_discovery_api_endpoint_cluster_proto_init()
 	file_wso2_discovery_api_security_info_proto_init()
 	file_wso2_discovery_api_graphql_proto_init()
+	file_wso2_discovery_api_ai_provider_proto_init()
 	if !protoimpl.UnsafeEnabled {
 		file_wso2_discovery_api_api_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Api); i {
diff --git a/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apipolicies.yaml b/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apipolicies.yaml
index 6a3fc30b3..e02b4d3ae 100644
--- a/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apipolicies.yaml
+++ b/common-controller/internal/operator/config/crd/bases/dp.wso2.com_apipolicies.yaml
@@ -206,10 +206,11 @@ spec:
                 type: object
               targetRef:
                 description: PolicyTargetReference identifies an API object to apply
-                  policy to. This should be used as part of Policy resources that
-                  can target Gateway API resources. For more information on how this
-                  policy attachment model works, and a sample Policy resource, refer
-                  to the policy attachment documentation for Gateway API.
+                  a direct or inherited policy to. This should be used as part of
+                  Policy resources that can target Gateway API resources. For more
+                  information on how this policy attachment model works, and a sample
+                  Policy resource, refer to the policy attachment documentation for
+                  Gateway API.
                 properties:
                   group:
                     description: Group is the group of the target resource.
@@ -319,6 +320,10 @@ spec:
                           of a preflight request can be cached in a preflight result
                           cache.
                         type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
                     type: object
                   requestInterceptors:
                     description: RequestInterceptors referenced to intercetor services
@@ -409,6 +414,287 @@ spec:
                           of a preflight request can be cached in a preflight result
                           cache.
                         type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
+                    type: object
+                  requestInterceptors:
+                    description: RequestInterceptors referenced to intercetor services
+                      to be applied to the request flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  responseInterceptors:
+                    description: ResponseInterceptors referenced to intercetor services
+                      to be applied to the response flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  subscriptionValidation:
+                    default: false
+                    description: SubscriptionValidation denotes whether subscription
+                      validation is enabled for the API
+                    type: boolean
+                type: object
+              targetRef:
+                description: PolicyTargetReference identifies an API object to apply
+                  a direct or inherited policy to. This should be used as part of
+                  Policy resources that can target Gateway API resources. For more
+                  information on how this policy attachment model works, and a sample
+                  Policy resource, refer to the policy attachment documentation for
+                  Gateway API.
+                properties:
+                  group:
+                    description: Group is the group of the target resource.
+                    maxLength: 253
+                    pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                    type: string
+                  kind:
+                    description: Kind is kind of the target resource.
+                    maxLength: 63
+                    minLength: 1
+                    pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+                    type: string
+                  name:
+                    description: Name is the name of the target resource.
+                    maxLength: 253
+                    minLength: 1
+                    type: string
+                  namespace:
+                    description: Namespace is the namespace of the referent. When
+                      unspecified, the local namespace is inferred. Even when policy
+                      targets a resource in a different namespace, it MUST only apply
+                      to traffic originating from the same namespace as the policy.
+                    maxLength: 63
+                    minLength: 1
+                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                    type: string
+                required:
+                - group
+                - kind
+                - name
+                type: object
+            type: object
+          status:
+            description: APIPolicyStatus defines the observed state of APIPolicy
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - name: v1alpha3
+    schema:
+      openAPIV3Schema:
+        description: APIPolicy is the Schema for the apipolicies API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: APIPolicySpec defines the desired state of APIPolicy
+            properties:
+              default:
+                description: PolicySpec contains API policies
+                properties:
+                  aiProvider:
+                    description: AIProvider referenced to AIProvider resource to be
+                      applied to the API.
+                    properties:
+                      name:
+                        description: Name is the referced CR's name of AIProvider
+                          resource.
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  backendJwtPolicy:
+                    description: BackendJWTPolicy holds reference to backendJWT policy
+                      configurations
+                    properties:
+                      name:
+                        description: Name holds the name of the BackendJWT resource.
+                        type: string
+                    type: object
+                  cORSPolicy:
+                    description: CORS policy to be applied to the API.
+                    properties:
+                      accessControlAllowCredentials:
+                        description: AllowCredentials indicates whether the request
+                          can include user credentials like cookies, HTTP authentication
+                          or client side SSL certificates.
+                        type: boolean
+                      accessControlAllowHeaders:
+                        description: AccessControlAllowHeaders indicates which headers
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowMethods:
+                        description: AccessControlAllowMethods indicates which methods
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowOrigins:
+                        description: AccessControlAllowOrigins indicates which origins
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlExposeHeaders:
+                        description: AccessControlExposeHeaders indicates which headers
+                          can be exposed as part of the response by listing their
+                          names.
+                        items:
+                          type: string
+                        type: array
+                      accessControlMaxAge:
+                        description: AccessControlMaxAge indicates how long the results
+                          of a preflight request can be cached in a preflight result
+                          cache.
+                        type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
+                    type: object
+                  requestInterceptors:
+                    description: RequestInterceptors referenced to intercetor services
+                      to be applied to the request flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  responseInterceptors:
+                    description: ResponseInterceptors referenced to intercetor services
+                      to be applied to the response flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  subscriptionValidation:
+                    default: false
+                    description: SubscriptionValidation denotes whether subscription
+                      validation is enabled for the API
+                    type: boolean
+                type: object
+              override:
+                description: PolicySpec contains API policies
+                properties:
+                  aiProvider:
+                    description: AIProvider referenced to AIProvider resource to be
+                      applied to the API.
+                    properties:
+                      name:
+                        description: Name is the referced CR's name of AIProvider
+                          resource.
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  backendJwtPolicy:
+                    description: BackendJWTPolicy holds reference to backendJWT policy
+                      configurations
+                    properties:
+                      name:
+                        description: Name holds the name of the BackendJWT resource.
+                        type: string
+                    type: object
+                  cORSPolicy:
+                    description: CORS policy to be applied to the API.
+                    properties:
+                      accessControlAllowCredentials:
+                        description: AllowCredentials indicates whether the request
+                          can include user credentials like cookies, HTTP authentication
+                          or client side SSL certificates.
+                        type: boolean
+                      accessControlAllowHeaders:
+                        description: AccessControlAllowHeaders indicates which headers
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowMethods:
+                        description: AccessControlAllowMethods indicates which methods
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowOrigins:
+                        description: AccessControlAllowOrigins indicates which origins
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlExposeHeaders:
+                        description: AccessControlExposeHeaders indicates which headers
+                          can be exposed as part of the response by listing their
+                          names.
+                        items:
+                          type: string
+                        type: array
+                      accessControlMaxAge:
+                        description: AccessControlMaxAge indicates how long the results
+                          of a preflight request can be cached in a preflight result
+                          cache.
+                        type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
                     type: object
                   requestInterceptors:
                     description: RequestInterceptors referenced to intercetor services
@@ -452,10 +738,11 @@ spec:
                 type: object
               targetRef:
                 description: PolicyTargetReference identifies an API object to apply
-                  policy to. This should be used as part of Policy resources that
-                  can target Gateway API resources. For more information on how this
-                  policy attachment model works, and a sample Policy resource, refer
-                  to the policy attachment documentation for Gateway API.
+                  a direct or inherited policy to. This should be used as part of
+                  Policy resources that can target Gateway API resources. For more
+                  information on how this policy attachment model works, and a sample
+                  Policy resource, refer to the policy attachment documentation for
+                  Gateway API.
                 properties:
                   group:
                     description: Group is the group of the target resource.
diff --git a/common-controller/internal/operator/config/webhook/manifests.yaml b/common-controller/internal/operator/config/webhook/manifests.yaml
index 411ed6ee8..7f4851708 100644
--- a/common-controller/internal/operator/config/webhook/manifests.yaml
+++ b/common-controller/internal/operator/config/webhook/manifests.yaml
@@ -24,6 +24,26 @@ webhooks:
     resources:
     - apis
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /mutate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: mapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
@@ -210,6 +230,26 @@ webhooks:
     resources:
     - apis
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: vapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
diff --git a/common-controller/internal/operator/operator.go b/common-controller/internal/operator/operator.go
index d28717211..f68f7ec23 100644
--- a/common-controller/internal/operator/operator.go
+++ b/common-controller/internal/operator/operator.go
@@ -141,7 +141,7 @@ func InitOperator(metricsConfig config.Metrics) {
 			"Unable to create webhook for Ratelimit, error: %v", err))
 	}
 
-	if err = (&dpv1alpha2.APIPolicy{}).SetupWebhookWithManager(mgr); err != nil {
+	if err = (&dpv1alpha3.APIPolicy{}).SetupWebhookWithManager(mgr); err != nil {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2638, logging.MAJOR,
 			"Unable to create webhook for APIPolicy, error: %v", err))
 	}
diff --git a/common-go-libs/apis/cp/v1alpha2/zz_generated.deepcopy.go b/common-go-libs/apis/cp/v1alpha2/zz_generated.deepcopy.go
index d893c1932..4d3fd79aa 100644
--- a/common-go-libs/apis/cp/v1alpha2/zz_generated.deepcopy.go
+++ b/common-go-libs/apis/cp/v1alpha2/zz_generated.deepcopy.go
@@ -345,6 +345,22 @@ func (in *SubscriptionList) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SubscriptionSpec) DeepCopyInto(out *SubscriptionSpec) {
+	*out = *in
+	out.API = in.API
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubscriptionSpec.
+func (in *SubscriptionSpec) DeepCopy() *SubscriptionSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(SubscriptionSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SubscriptionStatus) DeepCopyInto(out *SubscriptionStatus) {
 	*out = *in
diff --git a/common-go-libs/apis/dp/v1alpha1/apipolicy_conversion.go b/common-go-libs/apis/dp/v1alpha1/apipolicy_conversion.go
index 7089ceb3d..ed00e9586 100644
--- a/common-go-libs/apis/dp/v1alpha1/apipolicy_conversion.go
+++ b/common-go-libs/apis/dp/v1alpha1/apipolicy_conversion.go
@@ -18,25 +18,25 @@
 package v1alpha1
 
 import (
-	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha2"
+	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3"
 	"sigs.k8s.io/controller-runtime/pkg/conversion"
 	gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1alpha2"
 )
 
-// ConvertTo converts this API CR to the Hub version (v1alpha2).
+// ConvertTo converts this API CR to the Hub version (v1alpha3).
 // src is v1alpha1.API and dst is v1alpha2.API.
 func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
 
-	dst := dstRaw.(*v1alpha2.APIPolicy)
+	dst := dstRaw.(*v1alpha3.APIPolicy)
 	dst.ObjectMeta = src.ObjectMeta
 	if src.Spec.Default != nil {
-		var convertedSpec = v1alpha2.PolicySpec{}
+		var convertedSpec = v1alpha3.PolicySpec{}
 		if src.Spec.Default.BackendJWTPolicy != nil {
-			convertedSpec.BackendJWTPolicy = &v1alpha2.BackendJWTToken{
+			convertedSpec.BackendJWTPolicy = &v1alpha3.BackendJWTToken{
 				Name: src.Spec.Default.BackendJWTPolicy.Name}
 		}
 		if src.Spec.Default.CORSPolicy != nil {
-			convertedSpec.CORSPolicy = &v1alpha2.CORSPolicy{
+			convertedSpec.CORSPolicy = &v1alpha3.CORSPolicy{
 				Enabled:                       true,
 				AccessControlAllowCredentials: src.Spec.Default.CORSPolicy.AccessControlAllowCredentials,
 				AccessControlAllowHeaders:     src.Spec.Default.CORSPolicy.AccessControlAllowHeaders,
@@ -46,16 +46,16 @@ func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
 				AccessControlMaxAge:           src.Spec.Default.CORSPolicy.AccessControlMaxAge}
 		}
 		if src.Spec.Default.RequestInterceptors != nil {
-			convertedSpec.RequestInterceptors = []v1alpha2.InterceptorReference{}
+			convertedSpec.RequestInterceptors = []v1alpha3.InterceptorReference{}
 			for _, interceptor := range src.Spec.Default.RequestInterceptors {
-				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha2.InterceptorReference{
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha3.InterceptorReference{
 					Name: interceptor.Name})
 			}
 		}
 		if src.Spec.Default.ResponseInterceptors != nil {
-			convertedSpec.ResponseInterceptors = []v1alpha2.InterceptorReference{}
+			convertedSpec.ResponseInterceptors = []v1alpha3.InterceptorReference{}
 			for _, interceptor := range src.Spec.Default.ResponseInterceptors {
-				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha2.InterceptorReference{
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha3.InterceptorReference{
 					Name: interceptor.Name})
 			}
 		}
@@ -64,13 +64,13 @@ func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
 	}
 
 	if src.Spec.Override != nil {
-		var convertedSpec = v1alpha2.PolicySpec{}
+		var convertedSpec = v1alpha3.PolicySpec{}
 		if src.Spec.Override.BackendJWTPolicy != nil {
-			convertedSpec.BackendJWTPolicy = &v1alpha2.BackendJWTToken{
+			convertedSpec.BackendJWTPolicy = &v1alpha3.BackendJWTToken{
 				Name: src.Spec.Override.BackendJWTPolicy.Name}
 		}
 		if src.Spec.Override.CORSPolicy != nil {
-			convertedSpec.CORSPolicy = &v1alpha2.CORSPolicy{
+			convertedSpec.CORSPolicy = &v1alpha3.CORSPolicy{
 				Enabled:                       true,
 				AccessControlAllowCredentials: src.Spec.Override.CORSPolicy.AccessControlAllowCredentials,
 				AccessControlAllowHeaders:     src.Spec.Override.CORSPolicy.AccessControlAllowHeaders,
@@ -80,16 +80,16 @@ func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
 				AccessControlMaxAge:           src.Spec.Override.CORSPolicy.AccessControlMaxAge}
 		}
 		if src.Spec.Override.RequestInterceptors != nil {
-			convertedSpec.RequestInterceptors = []v1alpha2.InterceptorReference{}
+			convertedSpec.RequestInterceptors = []v1alpha3.InterceptorReference{}
 			for _, interceptor := range src.Spec.Override.RequestInterceptors {
-				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha2.InterceptorReference{
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha3.InterceptorReference{
 					Name: interceptor.Name})
 			}
 		}
 		if src.Spec.Override.ResponseInterceptors != nil {
-			convertedSpec.ResponseInterceptors = []v1alpha2.InterceptorReference{}
+			convertedSpec.ResponseInterceptors = []v1alpha3.InterceptorReference{}
 			for _, interceptor := range src.Spec.Override.ResponseInterceptors {
-				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha2.InterceptorReference{
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha3.InterceptorReference{
 					Name: interceptor.Name})
 			}
 		}
@@ -105,11 +105,11 @@ func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
 	return nil
 }
 
-// ConvertFrom converts from the Hub version (v1alpha2) to this version.
-// src is v1alpha1.API and dst is v1alpha2.API.
+// ConvertFrom converts from the Hub version (v1alpha3) to this version.
+// src is v1alpha1.API and dst is v1alpha3.API.
 func (src *APIPolicy) ConvertFrom(srcRaw conversion.Hub) error {
 
-	dst := srcRaw.(*v1alpha2.APIPolicy)
+	dst := srcRaw.(*v1alpha3.APIPolicy)
 	src.ObjectMeta = dst.ObjectMeta
 	// Spec
 	if dst.Spec.Default != nil {
diff --git a/common-go-libs/apis/dp/v1alpha2/apipolicy_conversion.go b/common-go-libs/apis/dp/v1alpha2/apipolicy_conversion.go
index a29e4b5cd..41815cbb8 100644
--- a/common-go-libs/apis/dp/v1alpha2/apipolicy_conversion.go
+++ b/common-go-libs/apis/dp/v1alpha2/apipolicy_conversion.go
@@ -17,7 +17,168 @@
 
 package v1alpha2
 
-// Hub marks this type as a conversion hub.
-func (*APIPolicy) Hub() {}
+import (
+	"github.com/wso2/apk/common-go-libs/apis/dp/v1alpha3"
+	"sigs.k8s.io/controller-runtime/pkg/conversion"
+	gwapiv1b1 "sigs.k8s.io/gateway-api/apis/v1alpha2"
+)
 
-// TODO(user): EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// ConvertTo converts this API CR to the Hub version (v1alpha3).
+// src is v1alpha2.API and dst is v1alpha3.API.
+func (src *APIPolicy) ConvertTo(dstRaw conversion.Hub) error {
+
+	dst := dstRaw.(*v1alpha3.APIPolicy)
+	dst.ObjectMeta = src.ObjectMeta
+	if src.Spec.Default != nil {
+		var convertedSpec = v1alpha3.PolicySpec{}
+		if src.Spec.Default.BackendJWTPolicy != nil {
+			convertedSpec.BackendJWTPolicy = &v1alpha3.BackendJWTToken{
+				Name: src.Spec.Default.BackendJWTPolicy.Name}
+		}
+		if src.Spec.Default.CORSPolicy != nil {
+			convertedSpec.CORSPolicy = &v1alpha3.CORSPolicy{
+				Enabled:                       true,
+				AccessControlAllowCredentials: src.Spec.Default.CORSPolicy.AccessControlAllowCredentials,
+				AccessControlAllowHeaders:     src.Spec.Default.CORSPolicy.AccessControlAllowHeaders,
+				AccessControlAllowMethods:     src.Spec.Default.CORSPolicy.AccessControlAllowMethods,
+				AccessControlAllowOrigins:     src.Spec.Default.CORSPolicy.AccessControlAllowOrigins,
+				AccessControlExposeHeaders:    src.Spec.Default.CORSPolicy.AccessControlExposeHeaders,
+				AccessControlMaxAge:           src.Spec.Default.CORSPolicy.AccessControlMaxAge}
+		}
+		if src.Spec.Default.RequestInterceptors != nil {
+			convertedSpec.RequestInterceptors = []v1alpha3.InterceptorReference{}
+			for _, interceptor := range src.Spec.Default.RequestInterceptors {
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha3.InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		if src.Spec.Default.ResponseInterceptors != nil {
+			convertedSpec.ResponseInterceptors = []v1alpha3.InterceptorReference{}
+			for _, interceptor := range src.Spec.Default.ResponseInterceptors {
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha3.InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		convertedSpec.SubscriptionValidation = false
+		dst.Spec.Default = &convertedSpec
+	}
+
+	if src.Spec.Override != nil {
+		var convertedSpec = v1alpha3.PolicySpec{}
+		if src.Spec.Override.BackendJWTPolicy != nil {
+			convertedSpec.BackendJWTPolicy = &v1alpha3.BackendJWTToken{
+				Name: src.Spec.Override.BackendJWTPolicy.Name}
+		}
+		if src.Spec.Override.CORSPolicy != nil {
+			convertedSpec.CORSPolicy = &v1alpha3.CORSPolicy{
+				Enabled:                       true,
+				AccessControlAllowCredentials: src.Spec.Override.CORSPolicy.AccessControlAllowCredentials,
+				AccessControlAllowHeaders:     src.Spec.Override.CORSPolicy.AccessControlAllowHeaders,
+				AccessControlAllowMethods:     src.Spec.Override.CORSPolicy.AccessControlAllowMethods,
+				AccessControlAllowOrigins:     src.Spec.Override.CORSPolicy.AccessControlAllowOrigins,
+				AccessControlExposeHeaders:    src.Spec.Override.CORSPolicy.AccessControlExposeHeaders,
+				AccessControlMaxAge:           src.Spec.Override.CORSPolicy.AccessControlMaxAge}
+		}
+		if src.Spec.Override.RequestInterceptors != nil {
+			convertedSpec.RequestInterceptors = []v1alpha3.InterceptorReference{}
+			for _, interceptor := range src.Spec.Override.RequestInterceptors {
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, v1alpha3.InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		if src.Spec.Override.ResponseInterceptors != nil {
+			convertedSpec.ResponseInterceptors = []v1alpha3.InterceptorReference{}
+			for _, interceptor := range src.Spec.Override.ResponseInterceptors {
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, v1alpha3.InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		convertedSpec.SubscriptionValidation = false
+		dst.Spec.Override = &convertedSpec
+	}
+	if src.Spec.TargetRef.Name != "" {
+		dst.Spec.TargetRef = gwapiv1b1.PolicyTargetReference{
+			Name:  src.Spec.TargetRef.Name,
+			Group: src.Spec.TargetRef.Group,
+			Kind:  src.Spec.TargetRef.Kind}
+	}
+	return nil
+}
+
+// ConvertFrom converts from the Hub version (v1alpha3) to this version.
+// src is v1alpha2.API and dst is v1alpha3.API.
+func (src *APIPolicy) ConvertFrom(srcRaw conversion.Hub) error {
+
+	dst := srcRaw.(*v1alpha3.APIPolicy)
+	src.ObjectMeta = dst.ObjectMeta
+	// Spec
+	if dst.Spec.Default != nil {
+		var convertedSpec = PolicySpec{}
+		if dst.Spec.Default.BackendJWTPolicy != nil {
+			convertedSpec.BackendJWTPolicy = &BackendJWTToken{
+				Name: dst.Spec.Default.BackendJWTPolicy.Name}
+		}
+		if dst.Spec.Default.CORSPolicy != nil {
+			convertedSpec.CORSPolicy = &CORSPolicy{
+				AccessControlAllowCredentials: dst.Spec.Default.CORSPolicy.AccessControlAllowCredentials,
+				AccessControlAllowHeaders:     dst.Spec.Default.CORSPolicy.AccessControlAllowHeaders,
+				AccessControlAllowMethods:     dst.Spec.Default.CORSPolicy.AccessControlAllowMethods,
+				AccessControlAllowOrigins:     dst.Spec.Default.CORSPolicy.AccessControlAllowOrigins,
+				AccessControlExposeHeaders:    dst.Spec.Default.CORSPolicy.AccessControlExposeHeaders,
+				AccessControlMaxAge:           dst.Spec.Default.CORSPolicy.AccessControlMaxAge}
+		}
+		if dst.Spec.Default.RequestInterceptors != nil {
+			convertedSpec.RequestInterceptors = []InterceptorReference{}
+			for _, interceptor := range dst.Spec.Default.RequestInterceptors {
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		if dst.Spec.Default.ResponseInterceptors != nil {
+			convertedSpec.ResponseInterceptors = []InterceptorReference{}
+			for _, interceptor := range dst.Spec.Default.ResponseInterceptors {
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		src.Spec.Default = &convertedSpec
+	}
+	if dst.Spec.Override != nil {
+		var convertedSpec = PolicySpec{}
+		if dst.Spec.Override.BackendJWTPolicy != nil {
+			convertedSpec.BackendJWTPolicy = &BackendJWTToken{
+				Name: dst.Spec.Override.BackendJWTPolicy.Name}
+		}
+		if dst.Spec.Override.CORSPolicy != nil {
+			convertedSpec.CORSPolicy = &CORSPolicy{
+				AccessControlAllowCredentials: dst.Spec.Override.CORSPolicy.AccessControlAllowCredentials,
+				AccessControlAllowHeaders:     dst.Spec.Override.CORSPolicy.AccessControlAllowHeaders,
+				AccessControlAllowMethods:     dst.Spec.Override.CORSPolicy.AccessControlAllowMethods,
+				AccessControlAllowOrigins:     dst.Spec.Override.CORSPolicy.AccessControlAllowOrigins,
+				AccessControlExposeHeaders:    dst.Spec.Override.CORSPolicy.AccessControlExposeHeaders,
+				AccessControlMaxAge:           dst.Spec.Override.CORSPolicy.AccessControlMaxAge}
+		}
+		if dst.Spec.Override.RequestInterceptors != nil {
+			convertedSpec.RequestInterceptors = []InterceptorReference{}
+			for _, interceptor := range dst.Spec.Override.RequestInterceptors {
+				convertedSpec.RequestInterceptors = append(convertedSpec.RequestInterceptors, InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		if dst.Spec.Override.ResponseInterceptors != nil {
+			convertedSpec.ResponseInterceptors = []InterceptorReference{}
+			for _, interceptor := range dst.Spec.Override.ResponseInterceptors {
+				convertedSpec.ResponseInterceptors = append(convertedSpec.ResponseInterceptors, InterceptorReference{
+					Name: interceptor.Name})
+			}
+		}
+		src.Spec.Override = &convertedSpec
+	}
+	if dst.Spec.TargetRef.Name != "" {
+		src.Spec.TargetRef = gwapiv1b1.PolicyTargetReference{
+			Name:  dst.Spec.TargetRef.Name,
+			Group: dst.Spec.TargetRef.Group,
+			Kind:  dst.Spec.TargetRef.Kind}
+	}
+	return nil
+}
diff --git a/common-go-libs/apis/dp/v1alpha2/apipolicy_types.go b/common-go-libs/apis/dp/v1alpha2/apipolicy_types.go
index 97058433e..ae703e370 100644
--- a/common-go-libs/apis/dp/v1alpha2/apipolicy_types.go
+++ b/common-go-libs/apis/dp/v1alpha2/apipolicy_types.go
@@ -130,7 +130,6 @@ type APIPolicyStatus struct {
 // +genclient
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
-//+kubebuilder:storageversion
 
 // APIPolicy is the Schema for the apipolicies API
 type APIPolicy struct {
diff --git a/common-go-libs/apis/dp/v1alpha3/apipolicy_conversion.go b/common-go-libs/apis/dp/v1alpha3/apipolicy_conversion.go
new file mode 100644
index 000000000..8145f2187
--- /dev/null
+++ b/common-go-libs/apis/dp/v1alpha3/apipolicy_conversion.go
@@ -0,0 +1,23 @@
+/*
+ *  Copyright (c) 2024, WSO2 LLC. (http://www.wso2.org) All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package v1alpha3
+
+// Hub marks this type as a conversion hub.
+func (*APIPolicy) Hub() {}
+
+// TODO(user): EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
diff --git a/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go b/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go
index 79f042ee9..3795b73e9 100644
--- a/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go
+++ b/common-go-libs/apis/dp/v1alpha3/apipolicy_types.go
@@ -128,7 +128,7 @@ type InterceptorReference struct {
 // AIProviderReference holds reference to AIProvider resource
 type AIProviderReference struct {
 	// Name is the referced CR's name of AIProvider resource.
-	Name string `json:"name"`
+	Name string `json:"name,omitempty"`
 }
 
 // APIPolicyStatus defines the observed state of APIPolicy
diff --git a/common-go-libs/apis/dp/v1alpha3/apipolicy_webhook.go b/common-go-libs/apis/dp/v1alpha3/apipolicy_webhook.go
new file mode 100644
index 000000000..e0aab649c
--- /dev/null
+++ b/common-go-libs/apis/dp/v1alpha3/apipolicy_webhook.go
@@ -0,0 +1,91 @@
+/*
+ *  Copyright (c) 2023, WSO2 LLC. (http://www.wso2.org) All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package v1alpha3
+
+import (
+	constants "github.com/wso2/apk/common-go-libs/constants"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+	"sigs.k8s.io/gateway-api/apis/v1beta1"
+)
+
+// SetupWebhookWithManager creates a new webhook builder for APIPolicy
+func (r *APIPolicy) SetupWebhookWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewWebhookManagedBy(mgr).
+		For(r).
+		Complete()
+}
+
+// TODO(user): EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+
+//+kubebuilder:webhook:path=/mutate-dp-wso2-com-v1alpha3-apipolicy,mutating=true,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apipolicies,verbs=create;update,versions=v1alpha3,name=mapipolicy.kb.io,admissionReviewVersions=v1
+
+var _ webhook.Defaulter = &APIPolicy{}
+
+// Default implements webhook.Defaulter so a webhook will be registered for the type
+func (r *APIPolicy) Default() {}
+
+// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
+//+kubebuilder:webhook:path=/validate-dp-wso2-com-v1alpha3-apipolicy,mutating=false,failurePolicy=fail,sideEffects=None,groups=dp.wso2.com,resources=apipolicies,verbs=create;update,versions=v1alpha3,name=vapipolicy.kb.io,admissionReviewVersions=v1
+
+var _ webhook.Validator = &APIPolicy{}
+
+// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
+func (r *APIPolicy) ValidateCreate() (admission.Warnings, error) {
+	return nil, r.ValidatePolicy()
+}
+
+// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
+func (r *APIPolicy) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+	return nil, r.ValidatePolicy()
+}
+
+// ValidatePolicy validates the APIPolicy
+func (r *APIPolicy) ValidatePolicy() error {
+	var allErrs field.ErrorList
+
+	if r.Spec.TargetRef.Name == "" {
+		allErrs = append(allErrs, field.Required(field.NewPath("spec").Child("targetRef").Child("name"), "Name is required"))
+	}
+	if !(r.Spec.TargetRef.Kind == constants.KindAPI || r.Spec.TargetRef.Kind == constants.KindResource ||
+		r.Spec.TargetRef.Kind == constants.KindGateway) {
+		allErrs = append(allErrs, field.Invalid(field.NewPath("spec").Child("targetRef").Child("kind"), r.Spec.TargetRef.Kind,
+			"Invalid Kind is provided"))
+	}
+	if r.Spec.TargetRef.Namespace != nil && r.Spec.TargetRef.Namespace != (*v1beta1.Namespace)(&r.Namespace) {
+		allErrs = append(allErrs, field.Invalid(field.NewPath("spec").Child("targetRef").Child("namespace"), r.Spec.TargetRef.Namespace,
+			"namespace cross reference is not allowed"))
+	}
+	if len(allErrs) > 0 {
+		return apierrors.NewInvalid(
+			schema.GroupKind{Group: "dp.wso2.com", Kind: "APIPolicy"},
+			r.Name, allErrs)
+	}
+	return nil
+}
+
+// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
+func (r *APIPolicy) ValidateDelete() (admission.Warnings, error) {
+	// TODO(user): fill in your validation logic upon object deletion.
+	return nil, nil
+}
diff --git a/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go b/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go
index 433662bac..e0fda22ea 100644
--- a/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go
+++ b/common-go-libs/apis/dp/v1alpha3/zz_generated.deepcopy.go
@@ -23,7 +23,7 @@
 package v1alpha3
 
 import (
-	runtime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime"
 )
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml b/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml
index 393206df5..2075b3ba9 100644
--- a/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml
+++ b/common-go-libs/config/crd/bases/dp.wso2.com_apipolicies.yaml
@@ -503,7 +503,7 @@ spec:
             type: object
         type: object
     served: true
-    storage: true
+    storage: false
     subresources:
       status: {}
   - name: v1alpha3
@@ -537,8 +537,6 @@ spec:
                         description: Name is the referced CR's name of AIProvider
                           resource.
                         type: string
-                    required:
-                    - name
                     type: object
                   backendJwtPolicy:
                     description: BackendJWTPolicy holds reference to backendJWT policy
@@ -642,8 +640,6 @@ spec:
                         description: Name is the referced CR's name of AIProvider
                           resource.
                         type: string
-                    required:
-                    - name
                     type: object
                   backendJwtPolicy:
                     description: BackendJWTPolicy holds reference to backendJWT policy
diff --git a/common-go-libs/config/webhook/manifests.yaml b/common-go-libs/config/webhook/manifests.yaml
index 420c9ebd4..f91b7f024 100644
--- a/common-go-libs/config/webhook/manifests.yaml
+++ b/common-go-libs/config/webhook/manifests.yaml
@@ -4,6 +4,26 @@ kind: MutatingWebhookConfiguration
 metadata:
   name: mutating-webhook-configuration
 webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /mutate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: mapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
@@ -170,6 +190,26 @@ kind: ValidatingWebhookConfiguration
 metadata:
   name: validating-webhook-configuration
 webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-dp-wso2-com-v1alpha3-apipolicy
+  failurePolicy: Fail
+  name: vapipolicy.kb.io
+  rules:
+  - apiGroups:
+    - dp.wso2.com
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - apipolicies
+  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AIProvider.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AIProvider.java
new file mode 100644
index 000000000..4db3b9a16
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/AIProvider.java
@@ -0,0 +1,99 @@
+package org.wso2.apk.enforcer.commons.model;
+
+// AIProvider is used to provide the AI model to the enforcer
+public class AIProvider {
+    private String providerName;
+    private String providerAPIVersion;
+    private String organization;
+
+    private Boolean enabled = false;
+
+    private ValueDetails model;
+
+    private ValueDetails promptTokens;
+
+    private ValueDetails completionToken;
+
+    private ValueDetails totalToken;
+
+    // Get provider name
+    public String getProviderName() {
+        return providerName;
+    }
+
+    // Get provider API version
+    public String getProviderAPIVersion() {
+        return providerAPIVersion;
+    }
+
+    // Get enabled
+    public Boolean getEnabled() {
+        return enabled;
+    }
+
+    // Get organization
+    public String getOrganization() {
+        return organization;
+    }
+
+    // Get model
+    public ValueDetails getModel() {
+        return model;
+    }
+
+    // Get prompt tokens
+    public ValueDetails getPromptTokens() {
+        return promptTokens;
+    }
+
+    // Get completion token
+    public ValueDetails getCompletionToken() {
+        return completionToken;
+    }
+
+    // Get total token
+    public ValueDetails getTotalToken() {
+        return totalToken;
+    }
+
+    // Set provider name
+    public void setProviderName(String providerName) {
+        this.providerName = providerName;
+    }
+
+    // Set provider API version
+    public void setProviderAPIVersion(String providerAPIVersion) {
+        this.providerAPIVersion = providerAPIVersion;
+    }
+
+    // Set enabled
+    public void setEnabled(Boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    // Set organization
+    public void setOrganization(String organization) {
+        this.organization = organization;
+    }
+
+    // Set model
+    public void setModel(ValueDetails model) {
+        this.model = model;
+    }
+
+    // Set prompt tokens
+    public void setPromptTokens(ValueDetails promptTokens) {
+        this.promptTokens = promptTokens;
+    }
+
+    // Set completion token
+    public void setCompletionToken(ValueDetails completionToken) {
+        this.completionToken = completionToken;
+    }
+
+    // Set total token
+    public void setTotalToken(ValueDetails totalToken) {
+        this.totalToken = totalToken;
+    }
+
+}
\ No newline at end of file
diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java
index 72aeddfc0..06a058bb3 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/APIConfig.java
@@ -57,6 +57,15 @@ public class APIConfig {
     private boolean subscriptionValidation;
     private EndpointSecurity[] endpointSecurity;
     private EndpointCluster endpoints;
+    private AIProvider aiProvider;
+
+    public AIProvider getAiProvider() {
+        return aiProvider;
+    }
+
+    public void setAiProvider(AIProvider aiProvider) {
+        this.aiProvider = aiProvider;
+    }
 
     public EndpointCluster getEndpoints() {
         return endpoints;
@@ -295,6 +304,8 @@ public static class Builder {
         private String environment;
         private boolean transportSecurity;
 
+        private AIProvider aiProvider;
+
         public Builder(String name) {
             this.name = name;
         }
@@ -309,6 +320,11 @@ public Builder vhost(String vhost) {
             return this;
         }
 
+        public Builder aiProvider(AIProvider aiProvider) {
+            this.aiProvider = aiProvider;
+            return this;
+        }
+
         public Builder basePath(String basePath) {
             this.basePath = basePath;
             return this;
@@ -440,6 +456,7 @@ public APIConfig build() {
             apiConfig.apiDefinition = this.apiDefinition;
             apiConfig.environment = this.environment;
             apiConfig.subscriptionValidation = this.subscriptionValidation;
+            apiConfig.aiProvider = this.aiProvider;
             return apiConfig;
         }
     }
diff --git a/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/ValueDetails.java b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/ValueDetails.java
new file mode 100644
index 000000000..82eed1ebe
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/ValueDetails.java
@@ -0,0 +1,28 @@
+package org.wso2.apk.enforcer.commons.model;
+
+// ValueDetails is used to provide the AI model to the enforcer
+public class ValueDetails {
+    private String in;
+    private String value;
+
+    public ValueDetails(String in, String value) {
+        this.in = in;
+        this.value = value;
+    }
+
+    public String getIn() {
+        return in;
+    }
+
+    public String getValue() {
+        return value;
+    }
+
+    public void setIn(String in) {
+        this.in = in;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+}
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java
index 0502b7fbc..bbbb2ad3e 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/RestAPI.java
@@ -17,6 +17,7 @@
  */
 package org.wso2.apk.enforcer.api;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.wso2.apk.enforcer.analytics.AnalyticsFilter;
@@ -31,11 +32,7 @@
 import org.wso2.apk.enforcer.constants.APIConstants;
 import org.wso2.apk.enforcer.constants.HttpConstants;
 import org.wso2.apk.enforcer.cors.CorsFilter;
-import org.wso2.apk.enforcer.discovery.api.Api;
-import org.wso2.apk.enforcer.discovery.api.BackendJWTTokenInfo;
-import org.wso2.apk.enforcer.discovery.api.Claim;
-import org.wso2.apk.enforcer.discovery.api.Operation;
-import org.wso2.apk.enforcer.discovery.api.Resource;
+import org.wso2.apk.enforcer.discovery.api.*;
 import org.wso2.apk.enforcer.interceptor.MediationPolicyFilter;
 import org.wso2.apk.enforcer.security.AuthFilter;
 import org.wso2.apk.enforcer.security.mtls.MtlsUtils;
@@ -115,6 +112,22 @@ public String init(Api api) {
                     enforcerConfig.getJwtConfigurationDto().getKidValue());
         }
 
+        org.wso2.apk.enforcer.commons.model.AIProvider aiProvider = new org.wso2.apk.enforcer.commons.model.AIProvider();
+        if (api.getAiprovider().getEnabled()) {
+            aiProvider.setProviderName(api.getAiprovider().getProviderName());
+            aiProvider.setProviderAPIVersion(api.getAiprovider().getProviderAPIVersion());
+            aiProvider.setOrganization(api.getAiprovider().getOrganization());
+            aiProvider.setEnabled(api.getAiprovider().getEnabled());
+            aiProvider.setModel(new org.wso2.apk.enforcer.commons.model.ValueDetails(
+                    api.getAiprovider().getModel().getIn(), api.getAiprovider().getModel().getValue()));
+            aiProvider.setPromptTokens(new org.wso2.apk.enforcer.commons.model.ValueDetails(
+                    api.getAiprovider().getPromptTokens().getIn(), api.getAiprovider().getPromptTokens().getValue()));
+            aiProvider.setCompletionToken(new org.wso2.apk.enforcer.commons.model.ValueDetails(
+                    api.getAiprovider().getCompletionToken().getIn(), api.getAiprovider().getCompletionToken().getValue()));
+            aiProvider.setTotalToken(new org.wso2.apk.enforcer.commons.model.ValueDetails(
+                    api.getAiprovider().getTotalToken().getIn(), api.getAiprovider().getTotalToken().getValue()));
+        }
+        //System.out.println("AIProvider: " + aiProvider.getProviderName() + " " + aiProvider.getProviderAPIVersion() + " " + aiProvider.getOrganization() + " " + aiProvider.getEnabled() );
         byte[] apiDefinition = api.getApiDefinitionFile().toByteArray();
 
         this.apiConfig = new APIConfig.Builder(name).uuid(api.getId()).vhost(vhost).basePath(basePath).version(version)
@@ -125,6 +138,7 @@ public String init(Api api) {
                 .applicationSecurity(applicationSecurity).jwtConfigurationDto(jwtConfigurationDto)
                 .apiDefinition(apiDefinition).environment(api.getEnvironment())
                 .subscriptionValidation(api.getSubscriptionValidation()).transportSecurity(api.getTransportSecurity())
+                .aiProvider(aiProvider)
                 .build();
 
         initFilters();
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProvider.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProvider.java
new file mode 100644
index 000000000..0848c58b6
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProvider.java
@@ -0,0 +1,1658 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: wso2/discovery/api/ai_provider.proto
+
+package org.wso2.apk.enforcer.discovery.api;
+
+/**
+ * <pre>
+ * Holds AIProvider configs
+ * </pre>
+ *
+ * Protobuf type {@code wso2.discovery.api.AIProvider}
+ */
+public final class AIProvider extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:wso2.discovery.api.AIProvider)
+    AIProviderOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use AIProvider.newBuilder() to construct.
+  private AIProvider(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private AIProvider() {
+    providerName_ = "";
+    providerAPIVersion_ = "";
+    organization_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(
+      UnusedPrivateParameter unused) {
+    return new AIProvider();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private AIProvider(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            providerName_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            providerAPIVersion_ = s;
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            organization_ = s;
+            break;
+          }
+          case 34: {
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder subBuilder = null;
+            if (model_ != null) {
+              subBuilder = model_.toBuilder();
+            }
+            model_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.ValueDetails.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(model_);
+              model_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          case 42: {
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder subBuilder = null;
+            if (promptTokens_ != null) {
+              subBuilder = promptTokens_.toBuilder();
+            }
+            promptTokens_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.ValueDetails.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(promptTokens_);
+              promptTokens_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          case 50: {
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder subBuilder = null;
+            if (completionToken_ != null) {
+              subBuilder = completionToken_.toBuilder();
+            }
+            completionToken_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.ValueDetails.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(completionToken_);
+              completionToken_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          case 58: {
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder subBuilder = null;
+            if (totalToken_ != null) {
+              subBuilder = totalToken_.toBuilder();
+            }
+            totalToken_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.ValueDetails.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(totalToken_);
+              totalToken_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          case 64: {
+
+            enabled_ = input.readBool();
+            break;
+          }
+          default: {
+            if (!parseUnknownField(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_AIProvider_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_AIProvider_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            org.wso2.apk.enforcer.discovery.api.AIProvider.class, org.wso2.apk.enforcer.discovery.api.AIProvider.Builder.class);
+  }
+
+  public static final int PROVIDERNAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object providerName_;
+  /**
+   * <code>string providerName = 1;</code>
+   * @return The providerName.
+   */
+  @java.lang.Override
+  public java.lang.String getProviderName() {
+    java.lang.Object ref = providerName_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      providerName_ = s;
+      return s;
+    }
+  }
+  /**
+   * <code>string providerName = 1;</code>
+   * @return The bytes for providerName.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString
+      getProviderNameBytes() {
+    java.lang.Object ref = providerName_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      providerName_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int PROVIDERAPIVERSION_FIELD_NUMBER = 2;
+  private volatile java.lang.Object providerAPIVersion_;
+  /**
+   * <code>string providerAPIVersion = 2;</code>
+   * @return The providerAPIVersion.
+   */
+  @java.lang.Override
+  public java.lang.String getProviderAPIVersion() {
+    java.lang.Object ref = providerAPIVersion_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      providerAPIVersion_ = s;
+      return s;
+    }
+  }
+  /**
+   * <code>string providerAPIVersion = 2;</code>
+   * @return The bytes for providerAPIVersion.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString
+      getProviderAPIVersionBytes() {
+    java.lang.Object ref = providerAPIVersion_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      providerAPIVersion_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int ORGANIZATION_FIELD_NUMBER = 3;
+  private volatile java.lang.Object organization_;
+  /**
+   * <code>string organization = 3;</code>
+   * @return The organization.
+   */
+  @java.lang.Override
+  public java.lang.String getOrganization() {
+    java.lang.Object ref = organization_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      organization_ = s;
+      return s;
+    }
+  }
+  /**
+   * <code>string organization = 3;</code>
+   * @return The bytes for organization.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString
+      getOrganizationBytes() {
+    java.lang.Object ref = organization_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      organization_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int MODEL_FIELD_NUMBER = 4;
+  private org.wso2.apk.enforcer.discovery.api.ValueDetails model_;
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   * @return Whether the model field is set.
+   */
+  @java.lang.Override
+  public boolean hasModel() {
+    return model_ != null;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   * @return The model.
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetails getModel() {
+    return model_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : model_;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getModelOrBuilder() {
+    return getModel();
+  }
+
+  public static final int PROMPTTOKENS_FIELD_NUMBER = 5;
+  private org.wso2.apk.enforcer.discovery.api.ValueDetails promptTokens_;
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   * @return Whether the promptTokens field is set.
+   */
+  @java.lang.Override
+  public boolean hasPromptTokens() {
+    return promptTokens_ != null;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   * @return The promptTokens.
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetails getPromptTokens() {
+    return promptTokens_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : promptTokens_;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getPromptTokensOrBuilder() {
+    return getPromptTokens();
+  }
+
+  public static final int COMPLETIONTOKEN_FIELD_NUMBER = 6;
+  private org.wso2.apk.enforcer.discovery.api.ValueDetails completionToken_;
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   * @return Whether the completionToken field is set.
+   */
+  @java.lang.Override
+  public boolean hasCompletionToken() {
+    return completionToken_ != null;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   * @return The completionToken.
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetails getCompletionToken() {
+    return completionToken_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : completionToken_;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getCompletionTokenOrBuilder() {
+    return getCompletionToken();
+  }
+
+  public static final int TOTALTOKEN_FIELD_NUMBER = 7;
+  private org.wso2.apk.enforcer.discovery.api.ValueDetails totalToken_;
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   * @return Whether the totalToken field is set.
+   */
+  @java.lang.Override
+  public boolean hasTotalToken() {
+    return totalToken_ != null;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   * @return The totalToken.
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetails getTotalToken() {
+    return totalToken_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : totalToken_;
+  }
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getTotalTokenOrBuilder() {
+    return getTotalToken();
+  }
+
+  public static final int ENABLED_FIELD_NUMBER = 8;
+  private boolean enabled_;
+  /**
+   * <code>bool enabled = 8;</code>
+   * @return The enabled.
+   */
+  @java.lang.Override
+  public boolean getEnabled() {
+    return enabled_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getProviderNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, providerName_);
+    }
+    if (!getProviderAPIVersionBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, providerAPIVersion_);
+    }
+    if (!getOrganizationBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, organization_);
+    }
+    if (model_ != null) {
+      output.writeMessage(4, getModel());
+    }
+    if (promptTokens_ != null) {
+      output.writeMessage(5, getPromptTokens());
+    }
+    if (completionToken_ != null) {
+      output.writeMessage(6, getCompletionToken());
+    }
+    if (totalToken_ != null) {
+      output.writeMessage(7, getTotalToken());
+    }
+    if (enabled_ != false) {
+      output.writeBool(8, enabled_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getProviderNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, providerName_);
+    }
+    if (!getProviderAPIVersionBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, providerAPIVersion_);
+    }
+    if (!getOrganizationBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, organization_);
+    }
+    if (model_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(4, getModel());
+    }
+    if (promptTokens_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(5, getPromptTokens());
+    }
+    if (completionToken_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(6, getCompletionToken());
+    }
+    if (totalToken_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(7, getTotalToken());
+    }
+    if (enabled_ != false) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBoolSize(8, enabled_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof org.wso2.apk.enforcer.discovery.api.AIProvider)) {
+      return super.equals(obj);
+    }
+    org.wso2.apk.enforcer.discovery.api.AIProvider other = (org.wso2.apk.enforcer.discovery.api.AIProvider) obj;
+
+    if (!getProviderName()
+        .equals(other.getProviderName())) return false;
+    if (!getProviderAPIVersion()
+        .equals(other.getProviderAPIVersion())) return false;
+    if (!getOrganization()
+        .equals(other.getOrganization())) return false;
+    if (hasModel() != other.hasModel()) return false;
+    if (hasModel()) {
+      if (!getModel()
+          .equals(other.getModel())) return false;
+    }
+    if (hasPromptTokens() != other.hasPromptTokens()) return false;
+    if (hasPromptTokens()) {
+      if (!getPromptTokens()
+          .equals(other.getPromptTokens())) return false;
+    }
+    if (hasCompletionToken() != other.hasCompletionToken()) return false;
+    if (hasCompletionToken()) {
+      if (!getCompletionToken()
+          .equals(other.getCompletionToken())) return false;
+    }
+    if (hasTotalToken() != other.hasTotalToken()) return false;
+    if (hasTotalToken()) {
+      if (!getTotalToken()
+          .equals(other.getTotalToken())) return false;
+    }
+    if (getEnabled()
+        != other.getEnabled()) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PROVIDERNAME_FIELD_NUMBER;
+    hash = (53 * hash) + getProviderName().hashCode();
+    hash = (37 * hash) + PROVIDERAPIVERSION_FIELD_NUMBER;
+    hash = (53 * hash) + getProviderAPIVersion().hashCode();
+    hash = (37 * hash) + ORGANIZATION_FIELD_NUMBER;
+    hash = (53 * hash) + getOrganization().hashCode();
+    if (hasModel()) {
+      hash = (37 * hash) + MODEL_FIELD_NUMBER;
+      hash = (53 * hash) + getModel().hashCode();
+    }
+    if (hasPromptTokens()) {
+      hash = (37 * hash) + PROMPTTOKENS_FIELD_NUMBER;
+      hash = (53 * hash) + getPromptTokens().hashCode();
+    }
+    if (hasCompletionToken()) {
+      hash = (37 * hash) + COMPLETIONTOKEN_FIELD_NUMBER;
+      hash = (53 * hash) + getCompletionToken().hashCode();
+    }
+    if (hasTotalToken()) {
+      hash = (37 * hash) + TOTALTOKEN_FIELD_NUMBER;
+      hash = (53 * hash) + getTotalToken().hashCode();
+    }
+    hash = (37 * hash) + ENABLED_FIELD_NUMBER;
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(
+        getEnabled());
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(org.wso2.apk.enforcer.discovery.api.AIProvider prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * <pre>
+   * Holds AIProvider configs
+   * </pre>
+   *
+   * Protobuf type {@code wso2.discovery.api.AIProvider}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:wso2.discovery.api.AIProvider)
+      org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_AIProvider_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_AIProvider_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              org.wso2.apk.enforcer.discovery.api.AIProvider.class, org.wso2.apk.enforcer.discovery.api.AIProvider.Builder.class);
+    }
+
+    // Construct using org.wso2.apk.enforcer.discovery.api.AIProvider.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      providerName_ = "";
+
+      providerAPIVersion_ = "";
+
+      organization_ = "";
+
+      if (modelBuilder_ == null) {
+        model_ = null;
+      } else {
+        model_ = null;
+        modelBuilder_ = null;
+      }
+      if (promptTokensBuilder_ == null) {
+        promptTokens_ = null;
+      } else {
+        promptTokens_ = null;
+        promptTokensBuilder_ = null;
+      }
+      if (completionTokenBuilder_ == null) {
+        completionToken_ = null;
+      } else {
+        completionToken_ = null;
+        completionTokenBuilder_ = null;
+      }
+      if (totalTokenBuilder_ == null) {
+        totalToken_ = null;
+      } else {
+        totalToken_ = null;
+        totalTokenBuilder_ = null;
+      }
+      enabled_ = false;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_AIProvider_descriptor;
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.AIProvider getDefaultInstanceForType() {
+      return org.wso2.apk.enforcer.discovery.api.AIProvider.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.AIProvider build() {
+      org.wso2.apk.enforcer.discovery.api.AIProvider result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.AIProvider buildPartial() {
+      org.wso2.apk.enforcer.discovery.api.AIProvider result = new org.wso2.apk.enforcer.discovery.api.AIProvider(this);
+      result.providerName_ = providerName_;
+      result.providerAPIVersion_ = providerAPIVersion_;
+      result.organization_ = organization_;
+      if (modelBuilder_ == null) {
+        result.model_ = model_;
+      } else {
+        result.model_ = modelBuilder_.build();
+      }
+      if (promptTokensBuilder_ == null) {
+        result.promptTokens_ = promptTokens_;
+      } else {
+        result.promptTokens_ = promptTokensBuilder_.build();
+      }
+      if (completionTokenBuilder_ == null) {
+        result.completionToken_ = completionToken_;
+      } else {
+        result.completionToken_ = completionTokenBuilder_.build();
+      }
+      if (totalTokenBuilder_ == null) {
+        result.totalToken_ = totalToken_;
+      } else {
+        result.totalToken_ = totalTokenBuilder_.build();
+      }
+      result.enabled_ = enabled_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof org.wso2.apk.enforcer.discovery.api.AIProvider) {
+        return mergeFrom((org.wso2.apk.enforcer.discovery.api.AIProvider)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.AIProvider other) {
+      if (other == org.wso2.apk.enforcer.discovery.api.AIProvider.getDefaultInstance()) return this;
+      if (!other.getProviderName().isEmpty()) {
+        providerName_ = other.providerName_;
+        onChanged();
+      }
+      if (!other.getProviderAPIVersion().isEmpty()) {
+        providerAPIVersion_ = other.providerAPIVersion_;
+        onChanged();
+      }
+      if (!other.getOrganization().isEmpty()) {
+        organization_ = other.organization_;
+        onChanged();
+      }
+      if (other.hasModel()) {
+        mergeModel(other.getModel());
+      }
+      if (other.hasPromptTokens()) {
+        mergePromptTokens(other.getPromptTokens());
+      }
+      if (other.hasCompletionToken()) {
+        mergeCompletionToken(other.getCompletionToken());
+      }
+      if (other.hasTotalToken()) {
+        mergeTotalToken(other.getTotalToken());
+      }
+      if (other.getEnabled() != false) {
+        setEnabled(other.getEnabled());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      org.wso2.apk.enforcer.discovery.api.AIProvider parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (org.wso2.apk.enforcer.discovery.api.AIProvider) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object providerName_ = "";
+    /**
+     * <code>string providerName = 1;</code>
+     * @return The providerName.
+     */
+    public java.lang.String getProviderName() {
+      java.lang.Object ref = providerName_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        providerName_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <code>string providerName = 1;</code>
+     * @return The bytes for providerName.
+     */
+    public com.google.protobuf.ByteString
+        getProviderNameBytes() {
+      java.lang.Object ref = providerName_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        providerName_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <code>string providerName = 1;</code>
+     * @param value The providerName to set.
+     * @return This builder for chaining.
+     */
+    public Builder setProviderName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      providerName_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string providerName = 1;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearProviderName() {
+      
+      providerName_ = getDefaultInstance().getProviderName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string providerName = 1;</code>
+     * @param value The bytes for providerName to set.
+     * @return This builder for chaining.
+     */
+    public Builder setProviderNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      providerName_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object providerAPIVersion_ = "";
+    /**
+     * <code>string providerAPIVersion = 2;</code>
+     * @return The providerAPIVersion.
+     */
+    public java.lang.String getProviderAPIVersion() {
+      java.lang.Object ref = providerAPIVersion_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        providerAPIVersion_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <code>string providerAPIVersion = 2;</code>
+     * @return The bytes for providerAPIVersion.
+     */
+    public com.google.protobuf.ByteString
+        getProviderAPIVersionBytes() {
+      java.lang.Object ref = providerAPIVersion_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        providerAPIVersion_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <code>string providerAPIVersion = 2;</code>
+     * @param value The providerAPIVersion to set.
+     * @return This builder for chaining.
+     */
+    public Builder setProviderAPIVersion(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      providerAPIVersion_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string providerAPIVersion = 2;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearProviderAPIVersion() {
+      
+      providerAPIVersion_ = getDefaultInstance().getProviderAPIVersion();
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string providerAPIVersion = 2;</code>
+     * @param value The bytes for providerAPIVersion to set.
+     * @return This builder for chaining.
+     */
+    public Builder setProviderAPIVersionBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      providerAPIVersion_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object organization_ = "";
+    /**
+     * <code>string organization = 3;</code>
+     * @return The organization.
+     */
+    public java.lang.String getOrganization() {
+      java.lang.Object ref = organization_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        organization_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <code>string organization = 3;</code>
+     * @return The bytes for organization.
+     */
+    public com.google.protobuf.ByteString
+        getOrganizationBytes() {
+      java.lang.Object ref = organization_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        organization_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <code>string organization = 3;</code>
+     * @param value The organization to set.
+     * @return This builder for chaining.
+     */
+    public Builder setOrganization(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      organization_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string organization = 3;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearOrganization() {
+      
+      organization_ = getDefaultInstance().getOrganization();
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string organization = 3;</code>
+     * @param value The bytes for organization to set.
+     * @return This builder for chaining.
+     */
+    public Builder setOrganizationBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      organization_ = value;
+      onChanged();
+      return this;
+    }
+
+    private org.wso2.apk.enforcer.discovery.api.ValueDetails model_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> modelBuilder_;
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     * @return Whether the model field is set.
+     */
+    public boolean hasModel() {
+      return modelBuilder_ != null || model_ != null;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     * @return The model.
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails getModel() {
+      if (modelBuilder_ == null) {
+        return model_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : model_;
+      } else {
+        return modelBuilder_.getMessage();
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public Builder setModel(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (modelBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        model_ = value;
+        onChanged();
+      } else {
+        modelBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public Builder setModel(
+        org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder builderForValue) {
+      if (modelBuilder_ == null) {
+        model_ = builderForValue.build();
+        onChanged();
+      } else {
+        modelBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public Builder mergeModel(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (modelBuilder_ == null) {
+        if (model_ != null) {
+          model_ =
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.newBuilder(model_).mergeFrom(value).buildPartial();
+        } else {
+          model_ = value;
+        }
+        onChanged();
+      } else {
+        modelBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public Builder clearModel() {
+      if (modelBuilder_ == null) {
+        model_ = null;
+        onChanged();
+      } else {
+        model_ = null;
+        modelBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder getModelBuilder() {
+      
+      onChanged();
+      return getModelFieldBuilder().getBuilder();
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getModelOrBuilder() {
+      if (modelBuilder_ != null) {
+        return modelBuilder_.getMessageOrBuilder();
+      } else {
+        return model_ == null ?
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : model_;
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> 
+        getModelFieldBuilder() {
+      if (modelBuilder_ == null) {
+        modelBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder>(
+                getModel(),
+                getParentForChildren(),
+                isClean());
+        model_ = null;
+      }
+      return modelBuilder_;
+    }
+
+    private org.wso2.apk.enforcer.discovery.api.ValueDetails promptTokens_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> promptTokensBuilder_;
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     * @return Whether the promptTokens field is set.
+     */
+    public boolean hasPromptTokens() {
+      return promptTokensBuilder_ != null || promptTokens_ != null;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     * @return The promptTokens.
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails getPromptTokens() {
+      if (promptTokensBuilder_ == null) {
+        return promptTokens_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : promptTokens_;
+      } else {
+        return promptTokensBuilder_.getMessage();
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public Builder setPromptTokens(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (promptTokensBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        promptTokens_ = value;
+        onChanged();
+      } else {
+        promptTokensBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public Builder setPromptTokens(
+        org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder builderForValue) {
+      if (promptTokensBuilder_ == null) {
+        promptTokens_ = builderForValue.build();
+        onChanged();
+      } else {
+        promptTokensBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public Builder mergePromptTokens(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (promptTokensBuilder_ == null) {
+        if (promptTokens_ != null) {
+          promptTokens_ =
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.newBuilder(promptTokens_).mergeFrom(value).buildPartial();
+        } else {
+          promptTokens_ = value;
+        }
+        onChanged();
+      } else {
+        promptTokensBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public Builder clearPromptTokens() {
+      if (promptTokensBuilder_ == null) {
+        promptTokens_ = null;
+        onChanged();
+      } else {
+        promptTokens_ = null;
+        promptTokensBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder getPromptTokensBuilder() {
+      
+      onChanged();
+      return getPromptTokensFieldBuilder().getBuilder();
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getPromptTokensOrBuilder() {
+      if (promptTokensBuilder_ != null) {
+        return promptTokensBuilder_.getMessageOrBuilder();
+      } else {
+        return promptTokens_ == null ?
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : promptTokens_;
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> 
+        getPromptTokensFieldBuilder() {
+      if (promptTokensBuilder_ == null) {
+        promptTokensBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder>(
+                getPromptTokens(),
+                getParentForChildren(),
+                isClean());
+        promptTokens_ = null;
+      }
+      return promptTokensBuilder_;
+    }
+
+    private org.wso2.apk.enforcer.discovery.api.ValueDetails completionToken_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> completionTokenBuilder_;
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     * @return Whether the completionToken field is set.
+     */
+    public boolean hasCompletionToken() {
+      return completionTokenBuilder_ != null || completionToken_ != null;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     * @return The completionToken.
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails getCompletionToken() {
+      if (completionTokenBuilder_ == null) {
+        return completionToken_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : completionToken_;
+      } else {
+        return completionTokenBuilder_.getMessage();
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public Builder setCompletionToken(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (completionTokenBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        completionToken_ = value;
+        onChanged();
+      } else {
+        completionTokenBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public Builder setCompletionToken(
+        org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder builderForValue) {
+      if (completionTokenBuilder_ == null) {
+        completionToken_ = builderForValue.build();
+        onChanged();
+      } else {
+        completionTokenBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public Builder mergeCompletionToken(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (completionTokenBuilder_ == null) {
+        if (completionToken_ != null) {
+          completionToken_ =
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.newBuilder(completionToken_).mergeFrom(value).buildPartial();
+        } else {
+          completionToken_ = value;
+        }
+        onChanged();
+      } else {
+        completionTokenBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public Builder clearCompletionToken() {
+      if (completionTokenBuilder_ == null) {
+        completionToken_ = null;
+        onChanged();
+      } else {
+        completionToken_ = null;
+        completionTokenBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder getCompletionTokenBuilder() {
+      
+      onChanged();
+      return getCompletionTokenFieldBuilder().getBuilder();
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getCompletionTokenOrBuilder() {
+      if (completionTokenBuilder_ != null) {
+        return completionTokenBuilder_.getMessageOrBuilder();
+      } else {
+        return completionToken_ == null ?
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : completionToken_;
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> 
+        getCompletionTokenFieldBuilder() {
+      if (completionTokenBuilder_ == null) {
+        completionTokenBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder>(
+                getCompletionToken(),
+                getParentForChildren(),
+                isClean());
+        completionToken_ = null;
+      }
+      return completionTokenBuilder_;
+    }
+
+    private org.wso2.apk.enforcer.discovery.api.ValueDetails totalToken_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> totalTokenBuilder_;
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     * @return Whether the totalToken field is set.
+     */
+    public boolean hasTotalToken() {
+      return totalTokenBuilder_ != null || totalToken_ != null;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     * @return The totalToken.
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails getTotalToken() {
+      if (totalTokenBuilder_ == null) {
+        return totalToken_ == null ? org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : totalToken_;
+      } else {
+        return totalTokenBuilder_.getMessage();
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public Builder setTotalToken(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (totalTokenBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        totalToken_ = value;
+        onChanged();
+      } else {
+        totalTokenBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public Builder setTotalToken(
+        org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder builderForValue) {
+      if (totalTokenBuilder_ == null) {
+        totalToken_ = builderForValue.build();
+        onChanged();
+      } else {
+        totalTokenBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public Builder mergeTotalToken(org.wso2.apk.enforcer.discovery.api.ValueDetails value) {
+      if (totalTokenBuilder_ == null) {
+        if (totalToken_ != null) {
+          totalToken_ =
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.newBuilder(totalToken_).mergeFrom(value).buildPartial();
+        } else {
+          totalToken_ = value;
+        }
+        onChanged();
+      } else {
+        totalTokenBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public Builder clearTotalToken() {
+      if (totalTokenBuilder_ == null) {
+        totalToken_ = null;
+        onChanged();
+      } else {
+        totalToken_ = null;
+        totalTokenBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder getTotalTokenBuilder() {
+      
+      onChanged();
+      return getTotalTokenFieldBuilder().getBuilder();
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getTotalTokenOrBuilder() {
+      if (totalTokenBuilder_ != null) {
+        return totalTokenBuilder_.getMessageOrBuilder();
+      } else {
+        return totalToken_ == null ?
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance() : totalToken_;
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder> 
+        getTotalTokenFieldBuilder() {
+      if (totalTokenBuilder_ == null) {
+        totalTokenBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            org.wso2.apk.enforcer.discovery.api.ValueDetails, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder, org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder>(
+                getTotalToken(),
+                getParentForChildren(),
+                isClean());
+        totalToken_ = null;
+      }
+      return totalTokenBuilder_;
+    }
+
+    private boolean enabled_ ;
+    /**
+     * <code>bool enabled = 8;</code>
+     * @return The enabled.
+     */
+    @java.lang.Override
+    public boolean getEnabled() {
+      return enabled_;
+    }
+    /**
+     * <code>bool enabled = 8;</code>
+     * @param value The enabled to set.
+     * @return This builder for chaining.
+     */
+    public Builder setEnabled(boolean value) {
+      
+      enabled_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>bool enabled = 8;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearEnabled() {
+      
+      enabled_ = false;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:wso2.discovery.api.AIProvider)
+  }
+
+  // @@protoc_insertion_point(class_scope:wso2.discovery.api.AIProvider)
+  private static final org.wso2.apk.enforcer.discovery.api.AIProvider DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new org.wso2.apk.enforcer.discovery.api.AIProvider();
+  }
+
+  public static org.wso2.apk.enforcer.discovery.api.AIProvider getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<AIProvider>
+      PARSER = new com.google.protobuf.AbstractParser<AIProvider>() {
+    @java.lang.Override
+    public AIProvider parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new AIProvider(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<AIProvider> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<AIProvider> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.AIProvider getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderOrBuilder.java
new file mode 100644
index 000000000..1c06e1de9
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderOrBuilder.java
@@ -0,0 +1,111 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: wso2/discovery/api/ai_provider.proto
+
+package org.wso2.apk.enforcer.discovery.api;
+
+public interface AIProviderOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:wso2.discovery.api.AIProvider)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <code>string providerName = 1;</code>
+   * @return The providerName.
+   */
+  java.lang.String getProviderName();
+  /**
+   * <code>string providerName = 1;</code>
+   * @return The bytes for providerName.
+   */
+  com.google.protobuf.ByteString
+      getProviderNameBytes();
+
+  /**
+   * <code>string providerAPIVersion = 2;</code>
+   * @return The providerAPIVersion.
+   */
+  java.lang.String getProviderAPIVersion();
+  /**
+   * <code>string providerAPIVersion = 2;</code>
+   * @return The bytes for providerAPIVersion.
+   */
+  com.google.protobuf.ByteString
+      getProviderAPIVersionBytes();
+
+  /**
+   * <code>string organization = 3;</code>
+   * @return The organization.
+   */
+  java.lang.String getOrganization();
+  /**
+   * <code>string organization = 3;</code>
+   * @return The bytes for organization.
+   */
+  com.google.protobuf.ByteString
+      getOrganizationBytes();
+
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   * @return Whether the model field is set.
+   */
+  boolean hasModel();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   * @return The model.
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetails getModel();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails model = 4;</code>
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getModelOrBuilder();
+
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   * @return Whether the promptTokens field is set.
+   */
+  boolean hasPromptTokens();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   * @return The promptTokens.
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetails getPromptTokens();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails promptTokens = 5;</code>
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getPromptTokensOrBuilder();
+
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   * @return Whether the completionToken field is set.
+   */
+  boolean hasCompletionToken();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   * @return The completionToken.
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetails getCompletionToken();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails completionToken = 6;</code>
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getCompletionTokenOrBuilder();
+
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   * @return Whether the totalToken field is set.
+   */
+  boolean hasTotalToken();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   * @return The totalToken.
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetails getTotalToken();
+  /**
+   * <code>.wso2.discovery.api.ValueDetails totalToken = 7;</code>
+   */
+  org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder getTotalTokenOrBuilder();
+
+  /**
+   * <code>bool enabled = 8;</code>
+   * @return The enabled.
+   */
+  boolean getEnabled();
+}
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderProto.java
new file mode 100644
index 000000000..8b97e469a
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/AIProviderProto.java
@@ -0,0 +1,70 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: wso2/discovery/api/ai_provider.proto
+
+package org.wso2.apk.enforcer.discovery.api;
+
+public final class AIProviderProto {
+  private AIProviderProto() {}
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistryLite registry) {
+  }
+
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions(
+        (com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_wso2_discovery_api_AIProvider_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_wso2_discovery_api_AIProvider_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_wso2_discovery_api_ValueDetails_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_wso2_discovery_api_ValueDetails_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+      getDescriptor() {
+    return descriptor;
+  }
+  private static  com.google.protobuf.Descriptors.FileDescriptor
+      descriptor;
+  static {
+    java.lang.String[] descriptorData = {
+      "\n$wso2/discovery/api/ai_provider.proto\022\022" +
+      "wso2.discovery.api\"\277\002\n\nAIProvider\022\024\n\014pro" +
+      "viderName\030\001 \001(\t\022\032\n\022providerAPIVersion\030\002 " +
+      "\001(\t\022\024\n\014organization\030\003 \001(\t\022/\n\005model\030\004 \001(\013" +
+      "2 .wso2.discovery.api.ValueDetails\0226\n\014pr" +
+      "omptTokens\030\005 \001(\0132 .wso2.discovery.api.Va" +
+      "lueDetails\0229\n\017completionToken\030\006 \001(\0132 .ws" +
+      "o2.discovery.api.ValueDetails\0224\n\ntotalTo" +
+      "ken\030\007 \001(\0132 .wso2.discovery.api.ValueDeta" +
+      "ils\022\017\n\007enabled\030\010 \001(\010\")\n\014ValueDetails\022\n\n\002" +
+      "in\030\001 \001(\t\022\r\n\005value\030\002 \001(\tBw\n#org.wso2.apk." +
+      "enforcer.discovery.apiB\017AIProviderProtoP" +
+      "\001Z=github.com/envoyproxy/go-control-plan" +
+      "e/wso2/discovery/api;apib\006proto3"
+    };
+    descriptor = com.google.protobuf.Descriptors.FileDescriptor
+      .internalBuildGeneratedFileFrom(descriptorData,
+        new com.google.protobuf.Descriptors.FileDescriptor[] {
+        });
+    internal_static_wso2_discovery_api_AIProvider_descriptor =
+      getDescriptor().getMessageTypes().get(0);
+    internal_static_wso2_discovery_api_AIProvider_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_wso2_discovery_api_AIProvider_descriptor,
+        new java.lang.String[] { "ProviderName", "ProviderAPIVersion", "Organization", "Model", "PromptTokens", "CompletionToken", "TotalToken", "Enabled", });
+    internal_static_wso2_discovery_api_ValueDetails_descriptor =
+      getDescriptor().getMessageTypes().get(1);
+    internal_static_wso2_discovery_api_ValueDetails_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_wso2_discovery_api_ValueDetails_descriptor,
+        new java.lang.String[] { "In", "Value", });
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java
index d0614f392..a25a00654 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/Api.java
@@ -239,6 +239,19 @@ private Api(
                 input.readMessage(org.wso2.apk.enforcer.discovery.api.SecurityInfo.parser(), extensionRegistry));
             break;
           }
+          case 250: {
+            org.wso2.apk.enforcer.discovery.api.AIProvider.Builder subBuilder = null;
+            if (aiprovider_ != null) {
+              subBuilder = aiprovider_.toBuilder();
+            }
+            aiprovider_ = input.readMessage(org.wso2.apk.enforcer.discovery.api.AIProvider.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(aiprovider_);
+              aiprovider_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
           default: {
             if (!parseUnknownField(
                 input, unknownFields, extensionRegistry, tag)) {
@@ -1068,6 +1081,32 @@ public org.wso2.apk.enforcer.discovery.api.SecurityInfoOrBuilder getEndpointSecu
     return endpointSecurity_.get(index);
   }
 
+  public static final int AIPROVIDER_FIELD_NUMBER = 31;
+  private org.wso2.apk.enforcer.discovery.api.AIProvider aiprovider_;
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   * @return Whether the aiprovider field is set.
+   */
+  @java.lang.Override
+  public boolean hasAiprovider() {
+    return aiprovider_ != null;
+  }
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   * @return The aiprovider.
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.AIProvider getAiprovider() {
+    return aiprovider_ == null ? org.wso2.apk.enforcer.discovery.api.AIProvider.getDefaultInstance() : aiprovider_;
+  }
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   */
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder getAiproviderOrBuilder() {
+    return getAiprovider();
+  }
+
   private byte memoizedIsInitialized = -1;
   @java.lang.Override
   public final boolean isInitialized() {
@@ -1157,6 +1196,9 @@ public void writeTo(com.google.protobuf.CodedOutputStream output)
     for (int i = 0; i < endpointSecurity_.size(); i++) {
       output.writeMessage(30, endpointSecurity_.get(i));
     }
+    if (aiprovider_ != null) {
+      output.writeMessage(31, getAiprovider());
+    }
     unknownFields.writeTo(output);
   }
 
@@ -1254,6 +1296,10 @@ public int getSerializedSize() {
       size += com.google.protobuf.CodedOutputStream
         .computeMessageSize(30, endpointSecurity_.get(i));
     }
+    if (aiprovider_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(31, getAiprovider());
+    }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
     return size;
@@ -1325,6 +1371,11 @@ public boolean equals(final java.lang.Object obj) {
     }
     if (!getEndpointSecurityList()
         .equals(other.getEndpointSecurityList())) return false;
+    if (hasAiprovider() != other.hasAiprovider()) return false;
+    if (hasAiprovider()) {
+      if (!getAiprovider()
+          .equals(other.getAiprovider())) return false;
+    }
     if (!unknownFields.equals(other.unknownFields)) return false;
     return true;
   }
@@ -1404,6 +1455,10 @@ public int hashCode() {
       hash = (37 * hash) + ENDPOINTSECURITY_FIELD_NUMBER;
       hash = (53 * hash) + getEndpointSecurityList().hashCode();
     }
+    if (hasAiprovider()) {
+      hash = (37 * hash) + AIPROVIDER_FIELD_NUMBER;
+      hash = (53 * hash) + getAiprovider().hashCode();
+    }
     hash = (29 * hash) + unknownFields.hashCode();
     memoizedHashCode = hash;
     return hash;
@@ -1619,6 +1674,12 @@ public Builder clear() {
       } else {
         endpointSecurityBuilder_.clear();
       }
+      if (aiproviderBuilder_ == null) {
+        aiprovider_ = null;
+      } else {
+        aiprovider_ = null;
+        aiproviderBuilder_ = null;
+      }
       return this;
     }
 
@@ -1711,6 +1772,11 @@ public org.wso2.apk.enforcer.discovery.api.Api buildPartial() {
       } else {
         result.endpointSecurity_ = endpointSecurityBuilder_.build();
       }
+      if (aiproviderBuilder_ == null) {
+        result.aiprovider_ = aiprovider_;
+      } else {
+        result.aiprovider_ = aiproviderBuilder_.build();
+      }
       onBuilt();
       return result;
     }
@@ -1938,6 +2004,9 @@ public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.Api other) {
           }
         }
       }
+      if (other.hasAiprovider()) {
+        mergeAiprovider(other.getAiprovider());
+      }
       this.mergeUnknownFields(other.unknownFields);
       onChanged();
       return this;
@@ -4441,6 +4510,125 @@ public org.wso2.apk.enforcer.discovery.api.SecurityInfo.Builder addEndpointSecur
       }
       return endpointSecurityBuilder_;
     }
+
+    private org.wso2.apk.enforcer.discovery.api.AIProvider aiprovider_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.AIProvider, org.wso2.apk.enforcer.discovery.api.AIProvider.Builder, org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder> aiproviderBuilder_;
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     * @return Whether the aiprovider field is set.
+     */
+    public boolean hasAiprovider() {
+      return aiproviderBuilder_ != null || aiprovider_ != null;
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     * @return The aiprovider.
+     */
+    public org.wso2.apk.enforcer.discovery.api.AIProvider getAiprovider() {
+      if (aiproviderBuilder_ == null) {
+        return aiprovider_ == null ? org.wso2.apk.enforcer.discovery.api.AIProvider.getDefaultInstance() : aiprovider_;
+      } else {
+        return aiproviderBuilder_.getMessage();
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public Builder setAiprovider(org.wso2.apk.enforcer.discovery.api.AIProvider value) {
+      if (aiproviderBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        aiprovider_ = value;
+        onChanged();
+      } else {
+        aiproviderBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public Builder setAiprovider(
+        org.wso2.apk.enforcer.discovery.api.AIProvider.Builder builderForValue) {
+      if (aiproviderBuilder_ == null) {
+        aiprovider_ = builderForValue.build();
+        onChanged();
+      } else {
+        aiproviderBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public Builder mergeAiprovider(org.wso2.apk.enforcer.discovery.api.AIProvider value) {
+      if (aiproviderBuilder_ == null) {
+        if (aiprovider_ != null) {
+          aiprovider_ =
+            org.wso2.apk.enforcer.discovery.api.AIProvider.newBuilder(aiprovider_).mergeFrom(value).buildPartial();
+        } else {
+          aiprovider_ = value;
+        }
+        onChanged();
+      } else {
+        aiproviderBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public Builder clearAiprovider() {
+      if (aiproviderBuilder_ == null) {
+        aiprovider_ = null;
+        onChanged();
+      } else {
+        aiprovider_ = null;
+        aiproviderBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.AIProvider.Builder getAiproviderBuilder() {
+      
+      onChanged();
+      return getAiproviderFieldBuilder().getBuilder();
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    public org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder getAiproviderOrBuilder() {
+      if (aiproviderBuilder_ != null) {
+        return aiproviderBuilder_.getMessageOrBuilder();
+      } else {
+        return aiprovider_ == null ?
+            org.wso2.apk.enforcer.discovery.api.AIProvider.getDefaultInstance() : aiprovider_;
+      }
+    }
+    /**
+     * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        org.wso2.apk.enforcer.discovery.api.AIProvider, org.wso2.apk.enforcer.discovery.api.AIProvider.Builder, org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder> 
+        getAiproviderFieldBuilder() {
+      if (aiproviderBuilder_ == null) {
+        aiproviderBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            org.wso2.apk.enforcer.discovery.api.AIProvider, org.wso2.apk.enforcer.discovery.api.AIProvider.Builder, org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder>(
+                getAiprovider(),
+                getParentForChildren(),
+                isClean());
+        aiprovider_ = null;
+      }
+      return aiproviderBuilder_;
+    }
     @java.lang.Override
     public final Builder setUnknownFields(
         final com.google.protobuf.UnknownFieldSet unknownFields) {
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java
index 9a519528d..2e13b4b2c 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiOrBuilder.java
@@ -358,4 +358,19 @@ org.wso2.apk.enforcer.discovery.api.GraphqlComplexityOrBuilder getGraphqlComplex
    */
   org.wso2.apk.enforcer.discovery.api.SecurityInfoOrBuilder getEndpointSecurityOrBuilder(
       int index);
+
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   * @return Whether the aiprovider field is set.
+   */
+  boolean hasAiprovider();
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   * @return The aiprovider.
+   */
+  org.wso2.apk.enforcer.discovery.api.AIProvider getAiprovider();
+  /**
+   * <code>.wso2.discovery.api.AIProvider aiprovider = 31;</code>
+   */
+  org.wso2.apk.enforcer.discovery.api.AIProviderOrBuilder getAiproviderOrBuilder();
 }
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java
index 76ecc750b..36bd21b3b 100644
--- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ApiProto.java
@@ -35,29 +35,31 @@ public static void registerAllExtensions(
       "nfo.proto\032)wso2/discovery/api/endpoint_c" +
       "luster.proto\032&wso2/discovery/api/securit" +
       "y_info.proto\032 wso2/discovery/api/graphql" +
-      ".proto\"\210\006\n\003Api\022\n\n\002id\030\001 \001(\t\022\r\n\005title\030\002 \001(" +
-      "\t\022\017\n\007version\030\003 \001(\t\022\017\n\007apiType\030\004 \001(\t\022\036\n\026d" +
-      "isableAuthentications\030\005 \001(\010\022\025\n\rdisableSc" +
-      "opes\030\006 \001(\010\022\017\n\007envType\030\007 \001(\t\022/\n\tresources" +
-      "\030\010 \003(\0132\034.wso2.discovery.api.Resource\022\020\n\010" +
-      "basePath\030\t \001(\t\022\014\n\004tier\030\n \001(\t\022\031\n\021apiLifeC" +
-      "ycleState\030\013 \001(\t\022\r\n\005vhost\030\014 \001(\t\022\026\n\016organi" +
-      "zationId\030\r \001(\t\022;\n\022clientCertificates\030\016 \003" +
-      "(\0132\037.wso2.discovery.api.Certificate\022\021\n\tm" +
-      "utualSSL\030\017 \001(\t\022\033\n\023applicationSecurity\030\020 " +
-      "\001(\010\022\031\n\021transportSecurity\030\021 \001(\010\022D\n\025graphq" +
-      "lComplexityInfo\030\027 \003(\0132%.wso2.discovery.a" +
-      "pi.GraphqlComplexity\022\021\n\tsystemAPI\030\030 \001(\010\022" +
-      "D\n\023backendJWTTokenInfo\030\031 \001(\0132\'.wso2.disc" +
-      "overy.api.BackendJWTTokenInfo\022\031\n\021apiDefi" +
-      "nitionFile\030\032 \001(\014\022\023\n\013environment\030\033 \001(\t\022\036\n" +
-      "\026subscriptionValidation\030\034 \001(\010\0226\n\tendpoin" +
-      "ts\030\035 \001(\0132#.wso2.discovery.api.EndpointCl" +
-      "uster\022:\n\020endpointSecurity\030\036 \003(\0132 .wso2.d" +
-      "iscovery.api.SecurityInfoBp\n#org.wso2.ap" +
-      "k.enforcer.discovery.apiB\010ApiProtoP\001Z=gi" +
-      "thub.com/envoyproxy/go-control-plane/wso" +
-      "2/discovery/api;apib\006proto3"
+      ".proto\032$wso2/discovery/api/ai_provider.p" +
+      "roto\"\274\006\n\003Api\022\n\n\002id\030\001 \001(\t\022\r\n\005title\030\002 \001(\t\022" +
+      "\017\n\007version\030\003 \001(\t\022\017\n\007apiType\030\004 \001(\t\022\036\n\026dis" +
+      "ableAuthentications\030\005 \001(\010\022\025\n\rdisableScop" +
+      "es\030\006 \001(\010\022\017\n\007envType\030\007 \001(\t\022/\n\tresources\030\010" +
+      " \003(\0132\034.wso2.discovery.api.Resource\022\020\n\010ba" +
+      "sePath\030\t \001(\t\022\014\n\004tier\030\n \001(\t\022\031\n\021apiLifeCyc" +
+      "leState\030\013 \001(\t\022\r\n\005vhost\030\014 \001(\t\022\026\n\016organiza" +
+      "tionId\030\r \001(\t\022;\n\022clientCertificates\030\016 \003(\013" +
+      "2\037.wso2.discovery.api.Certificate\022\021\n\tmut" +
+      "ualSSL\030\017 \001(\t\022\033\n\023applicationSecurity\030\020 \001(" +
+      "\010\022\031\n\021transportSecurity\030\021 \001(\010\022D\n\025graphqlC" +
+      "omplexityInfo\030\027 \003(\0132%.wso2.discovery.api" +
+      ".GraphqlComplexity\022\021\n\tsystemAPI\030\030 \001(\010\022D\n" +
+      "\023backendJWTTokenInfo\030\031 \001(\0132\'.wso2.discov" +
+      "ery.api.BackendJWTTokenInfo\022\031\n\021apiDefini" +
+      "tionFile\030\032 \001(\014\022\023\n\013environment\030\033 \001(\t\022\036\n\026s" +
+      "ubscriptionValidation\030\034 \001(\010\0226\n\tendpoints" +
+      "\030\035 \001(\0132#.wso2.discovery.api.EndpointClus" +
+      "ter\022:\n\020endpointSecurity\030\036 \003(\0132 .wso2.dis" +
+      "covery.api.SecurityInfo\0222\n\naiprovider\030\037 " +
+      "\001(\0132\036.wso2.discovery.api.AIProviderBp\n#o" +
+      "rg.wso2.apk.enforcer.discovery.apiB\010ApiP" +
+      "rotoP\001Z=github.com/envoyproxy/go-control" +
+      "-plane/wso2/discovery/api;apib\006proto3"
     };
     descriptor = com.google.protobuf.Descriptors.FileDescriptor
       .internalBuildGeneratedFileFrom(descriptorData,
@@ -68,19 +70,21 @@ public static void registerAllExtensions(
           org.wso2.apk.enforcer.discovery.api.EndpointClusterProto.getDescriptor(),
           org.wso2.apk.enforcer.discovery.api.SecurityInfoProto.getDescriptor(),
           org.wso2.apk.enforcer.discovery.api.GraphQLProto.getDescriptor(),
+          org.wso2.apk.enforcer.discovery.api.AIProviderProto.getDescriptor(),
         });
     internal_static_wso2_discovery_api_Api_descriptor =
       getDescriptor().getMessageTypes().get(0);
     internal_static_wso2_discovery_api_Api_fieldAccessorTable = new
       com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
         internal_static_wso2_discovery_api_Api_descriptor,
-        new java.lang.String[] { "Id", "Title", "Version", "ApiType", "DisableAuthentications", "DisableScopes", "EnvType", "Resources", "BasePath", "Tier", "ApiLifeCycleState", "Vhost", "OrganizationId", "ClientCertificates", "MutualSSL", "ApplicationSecurity", "TransportSecurity", "GraphqlComplexityInfo", "SystemAPI", "BackendJWTTokenInfo", "ApiDefinitionFile", "Environment", "SubscriptionValidation", "Endpoints", "EndpointSecurity", });
+        new java.lang.String[] { "Id", "Title", "Version", "ApiType", "DisableAuthentications", "DisableScopes", "EnvType", "Resources", "BasePath", "Tier", "ApiLifeCycleState", "Vhost", "OrganizationId", "ClientCertificates", "MutualSSL", "ApplicationSecurity", "TransportSecurity", "GraphqlComplexityInfo", "SystemAPI", "BackendJWTTokenInfo", "ApiDefinitionFile", "Environment", "SubscriptionValidation", "Endpoints", "EndpointSecurity", "Aiprovider", });
     org.wso2.apk.enforcer.discovery.api.ResourceProto.getDescriptor();
     org.wso2.apk.enforcer.discovery.api.CertificateProto.getDescriptor();
     org.wso2.apk.enforcer.discovery.api.BackendJWTTokenInfoProto.getDescriptor();
     org.wso2.apk.enforcer.discovery.api.EndpointClusterProto.getDescriptor();
     org.wso2.apk.enforcer.discovery.api.SecurityInfoProto.getDescriptor();
     org.wso2.apk.enforcer.discovery.api.GraphQLProto.getDescriptor();
+    org.wso2.apk.enforcer.discovery.api.AIProviderProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetails.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetails.java
new file mode 100644
index 000000000..a192e47b9
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetails.java
@@ -0,0 +1,703 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: wso2/discovery/api/ai_provider.proto
+
+package org.wso2.apk.enforcer.discovery.api;
+
+/**
+ * <pre>
+ * Holds ValueDetails configs
+ * </pre>
+ *
+ * Protobuf type {@code wso2.discovery.api.ValueDetails}
+ */
+public final class ValueDetails extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:wso2.discovery.api.ValueDetails)
+    ValueDetailsOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use ValueDetails.newBuilder() to construct.
+  private ValueDetails(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private ValueDetails() {
+    in_ = "";
+    value_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(
+      UnusedPrivateParameter unused) {
+    return new ValueDetails();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private ValueDetails(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            in_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            value_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownField(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_ValueDetails_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_ValueDetails_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            org.wso2.apk.enforcer.discovery.api.ValueDetails.class, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder.class);
+  }
+
+  public static final int IN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object in_;
+  /**
+   * <code>string in = 1;</code>
+   * @return The in.
+   */
+  @java.lang.Override
+  public java.lang.String getIn() {
+    java.lang.Object ref = in_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      in_ = s;
+      return s;
+    }
+  }
+  /**
+   * <code>string in = 1;</code>
+   * @return The bytes for in.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString
+      getInBytes() {
+    java.lang.Object ref = in_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      in_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int VALUE_FIELD_NUMBER = 2;
+  private volatile java.lang.Object value_;
+  /**
+   * <code>string value = 2;</code>
+   * @return The value.
+   */
+  @java.lang.Override
+  public java.lang.String getValue() {
+    java.lang.Object ref = value_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      value_ = s;
+      return s;
+    }
+  }
+  /**
+   * <code>string value = 2;</code>
+   * @return The bytes for value.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString
+      getValueBytes() {
+    java.lang.Object ref = value_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      value_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getInBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, in_);
+    }
+    if (!getValueBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, value_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getInBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, in_);
+    }
+    if (!getValueBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, value_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof org.wso2.apk.enforcer.discovery.api.ValueDetails)) {
+      return super.equals(obj);
+    }
+    org.wso2.apk.enforcer.discovery.api.ValueDetails other = (org.wso2.apk.enforcer.discovery.api.ValueDetails) obj;
+
+    if (!getIn()
+        .equals(other.getIn())) return false;
+    if (!getValue()
+        .equals(other.getValue())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + IN_FIELD_NUMBER;
+    hash = (53 * hash) + getIn().hashCode();
+    hash = (37 * hash) + VALUE_FIELD_NUMBER;
+    hash = (53 * hash) + getValue().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(org.wso2.apk.enforcer.discovery.api.ValueDetails prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * <pre>
+   * Holds ValueDetails configs
+   * </pre>
+   *
+   * Protobuf type {@code wso2.discovery.api.ValueDetails}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:wso2.discovery.api.ValueDetails)
+      org.wso2.apk.enforcer.discovery.api.ValueDetailsOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_ValueDetails_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_ValueDetails_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              org.wso2.apk.enforcer.discovery.api.ValueDetails.class, org.wso2.apk.enforcer.discovery.api.ValueDetails.Builder.class);
+    }
+
+    // Construct using org.wso2.apk.enforcer.discovery.api.ValueDetails.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      in_ = "";
+
+      value_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return org.wso2.apk.enforcer.discovery.api.AIProviderProto.internal_static_wso2_discovery_api_ValueDetails_descriptor;
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails getDefaultInstanceForType() {
+      return org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails build() {
+      org.wso2.apk.enforcer.discovery.api.ValueDetails result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public org.wso2.apk.enforcer.discovery.api.ValueDetails buildPartial() {
+      org.wso2.apk.enforcer.discovery.api.ValueDetails result = new org.wso2.apk.enforcer.discovery.api.ValueDetails(this);
+      result.in_ = in_;
+      result.value_ = value_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof org.wso2.apk.enforcer.discovery.api.ValueDetails) {
+        return mergeFrom((org.wso2.apk.enforcer.discovery.api.ValueDetails)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(org.wso2.apk.enforcer.discovery.api.ValueDetails other) {
+      if (other == org.wso2.apk.enforcer.discovery.api.ValueDetails.getDefaultInstance()) return this;
+      if (!other.getIn().isEmpty()) {
+        in_ = other.in_;
+        onChanged();
+      }
+      if (!other.getValue().isEmpty()) {
+        value_ = other.value_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      org.wso2.apk.enforcer.discovery.api.ValueDetails parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (org.wso2.apk.enforcer.discovery.api.ValueDetails) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object in_ = "";
+    /**
+     * <code>string in = 1;</code>
+     * @return The in.
+     */
+    public java.lang.String getIn() {
+      java.lang.Object ref = in_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        in_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <code>string in = 1;</code>
+     * @return The bytes for in.
+     */
+    public com.google.protobuf.ByteString
+        getInBytes() {
+      java.lang.Object ref = in_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        in_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <code>string in = 1;</code>
+     * @param value The in to set.
+     * @return This builder for chaining.
+     */
+    public Builder setIn(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      in_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string in = 1;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearIn() {
+      
+      in_ = getDefaultInstance().getIn();
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string in = 1;</code>
+     * @param value The bytes for in to set.
+     * @return This builder for chaining.
+     */
+    public Builder setInBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      in_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object value_ = "";
+    /**
+     * <code>string value = 2;</code>
+     * @return The value.
+     */
+    public java.lang.String getValue() {
+      java.lang.Object ref = value_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        value_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <code>string value = 2;</code>
+     * @return The bytes for value.
+     */
+    public com.google.protobuf.ByteString
+        getValueBytes() {
+      java.lang.Object ref = value_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        value_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <code>string value = 2;</code>
+     * @param value The value to set.
+     * @return This builder for chaining.
+     */
+    public Builder setValue(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      value_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string value = 2;</code>
+     * @return This builder for chaining.
+     */
+    public Builder clearValue() {
+      
+      value_ = getDefaultInstance().getValue();
+      onChanged();
+      return this;
+    }
+    /**
+     * <code>string value = 2;</code>
+     * @param value The bytes for value to set.
+     * @return This builder for chaining.
+     */
+    public Builder setValueBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      value_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:wso2.discovery.api.ValueDetails)
+  }
+
+  // @@protoc_insertion_point(class_scope:wso2.discovery.api.ValueDetails)
+  private static final org.wso2.apk.enforcer.discovery.api.ValueDetails DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new org.wso2.apk.enforcer.discovery.api.ValueDetails();
+  }
+
+  public static org.wso2.apk.enforcer.discovery.api.ValueDetails getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ValueDetails>
+      PARSER = new com.google.protobuf.AbstractParser<ValueDetails>() {
+    @java.lang.Override
+    public ValueDetails parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new ValueDetails(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<ValueDetails> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ValueDetails> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public org.wso2.apk.enforcer.discovery.api.ValueDetails getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetailsOrBuilder.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetailsOrBuilder.java
new file mode 100644
index 000000000..fe49f6cf3
--- /dev/null
+++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/discovery/api/ValueDetailsOrBuilder.java
@@ -0,0 +1,33 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: wso2/discovery/api/ai_provider.proto
+
+package org.wso2.apk.enforcer.discovery.api;
+
+public interface ValueDetailsOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:wso2.discovery.api.ValueDetails)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <code>string in = 1;</code>
+   * @return The in.
+   */
+  java.lang.String getIn();
+  /**
+   * <code>string in = 1;</code>
+   * @return The bytes for in.
+   */
+  com.google.protobuf.ByteString
+      getInBytes();
+
+  /**
+   * <code>string value = 2;</code>
+   * @return The value.
+   */
+  java.lang.String getValue();
+  /**
+   * <code>string value = 2;</code>
+   * @return The bytes for value.
+   */
+  com.google.protobuf.ByteString
+      getValueBytes();
+}
diff --git a/helm-charts/crds/dp.wso2.com_aiproviders.yaml b/helm-charts/crds/dp.wso2.com_aiproviders.yaml
new file mode 100644
index 000000000..7e3634e7a
--- /dev/null
+++ b/helm-charts/crds/dp.wso2.com_aiproviders.yaml
@@ -0,0 +1,110 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.12.0
+  name: aiproviders.dp.wso2.com
+spec:
+  group: dp.wso2.com
+  names:
+    kind: AIProvider
+    listKind: AIProviderList
+    plural: aiproviders
+    singular: aiprovider
+  scope: Namespaced
+  versions:
+  - name: v1alpha3
+    schema:
+      openAPIV3Schema:
+        description: AIProvider is the Schema for the aiproviders API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: AIProviderSpec defines the desired state of AIProvider
+            properties:
+              model:
+                description: ValueDetails defines the value details
+                properties:
+                  in:
+                    type: string
+                  value:
+                    type: string
+                required:
+                - in
+                - value
+                type: object
+              organization:
+                type: string
+              providerAPIVersion:
+                type: string
+              providerName:
+                minLength: 1
+                type: string
+              rateLimitFields:
+                description: RateLimitFields defines the Rate Limit fields
+                properties:
+                  completionToken:
+                    description: ValueDetails defines the value details
+                    properties:
+                      in:
+                        type: string
+                      value:
+                        type: string
+                    required:
+                    - in
+                    - value
+                    type: object
+                  promptTokens:
+                    description: ValueDetails defines the value details
+                    properties:
+                      in:
+                        type: string
+                      value:
+                        type: string
+                    required:
+                    - in
+                    - value
+                    type: object
+                  totalToken:
+                    description: ValueDetails defines the value details
+                    properties:
+                      in:
+                        type: string
+                      value:
+                        type: string
+                    required:
+                    - in
+                    - value
+                    type: object
+                required:
+                - completionToken
+                - promptTokens
+                - totalToken
+                type: object
+            required:
+            - model
+            - organization
+            - providerAPIVersion
+            - providerName
+            - rateLimitFields
+            type: object
+          status:
+            description: AIProviderStatus defines the observed state of AIProvider
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/helm-charts/templates/crds/dp.wso2.com_apipolicies.yaml b/helm-charts/templates/crds/dp.wso2.com_apipolicies.yaml
index df7a7090d..904402c82 100644
--- a/helm-charts/templates/crds/dp.wso2.com_apipolicies.yaml
+++ b/helm-charts/templates/crds/dp.wso2.com_apipolicies.yaml
@@ -9,14 +9,14 @@ metadata:
 spec:
   {{- if .Values.wso2.apk.webhooks.conversionwebhookconfigurations }}
   conversion:
-      strategy: Webhook
-      webhook:
-        clientConfig:
-          service:
-            name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service
-            namespace: {{ .Release.Namespace }}
-            path: /convert
-        conversionReviewVersions:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service
+          namespace: {{ .Release.Namespace }}
+          path: /convert
+      conversionReviewVersions:
         - v1
   {{- end }}
   group: dp.wso2.com
@@ -516,6 +516,283 @@ spec:
             type: object
         type: object
     served: true
+    storage: false
+    subresources:
+      status: {}
+  - name: v1alpha3
+    schema:
+      openAPIV3Schema:
+        description: APIPolicy is the Schema for the apipolicies API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: APIPolicySpec defines the desired state of APIPolicy
+            properties:
+              default:
+                description: PolicySpec contains API policies
+                properties:
+                  aiProvider:
+                    description: AIProvider referenced to AIProvider resource to be
+                      applied to the API.
+                    properties:
+                      name:
+                        description: Name is the referced CR's name of AIProvider
+                          resource.
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  backendJwtPolicy:
+                    description: BackendJWTPolicy holds reference to backendJWT policy
+                      configurations
+                    properties:
+                      name:
+                        description: Name holds the name of the BackendJWT resource.
+                        type: string
+                    type: object
+                  cORSPolicy:
+                    description: CORS policy to be applied to the API.
+                    properties:
+                      accessControlAllowCredentials:
+                        description: AllowCredentials indicates whether the request
+                          can include user credentials like cookies, HTTP authentication
+                          or client side SSL certificates.
+                        type: boolean
+                      accessControlAllowHeaders:
+                        description: AccessControlAllowHeaders indicates which headers
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowMethods:
+                        description: AccessControlAllowMethods indicates which methods
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowOrigins:
+                        description: AccessControlAllowOrigins indicates which origins
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlExposeHeaders:
+                        description: AccessControlExposeHeaders indicates which headers
+                          can be exposed as part of the response by listing their
+                          names.
+                        items:
+                          type: string
+                        type: array
+                      accessControlMaxAge:
+                        description: AccessControlMaxAge indicates how long the results
+                          of a preflight request can be cached in a preflight result
+                          cache.
+                        type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
+                    type: object
+                  requestInterceptors:
+                    description: RequestInterceptors referenced to intercetor services
+                      to be applied to the request flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  responseInterceptors:
+                    description: ResponseInterceptors referenced to intercetor services
+                      to be applied to the response flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  subscriptionValidation:
+                    default: false
+                    description: SubscriptionValidation denotes whether subscription
+                      validation is enabled for the API
+                    type: boolean
+                type: object
+              override:
+                description: PolicySpec contains API policies
+                properties:
+                  aiProvider:
+                    description: AIProvider referenced to AIProvider resource to be
+                      applied to the API.
+                    properties:
+                      name:
+                        description: Name is the referced CR's name of AIProvider
+                          resource.
+                        type: string
+                    required:
+                    - name
+                    type: object
+                  backendJwtPolicy:
+                    description: BackendJWTPolicy holds reference to backendJWT policy
+                      configurations
+                    properties:
+                      name:
+                        description: Name holds the name of the BackendJWT resource.
+                        type: string
+                    type: object
+                  cORSPolicy:
+                    description: CORS policy to be applied to the API.
+                    properties:
+                      accessControlAllowCredentials:
+                        description: AllowCredentials indicates whether the request
+                          can include user credentials like cookies, HTTP authentication
+                          or client side SSL certificates.
+                        type: boolean
+                      accessControlAllowHeaders:
+                        description: AccessControlAllowHeaders indicates which headers
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowMethods:
+                        description: AccessControlAllowMethods indicates which methods
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlAllowOrigins:
+                        description: AccessControlAllowOrigins indicates which origins
+                          can be used during the actual request.
+                        items:
+                          type: string
+                        type: array
+                      accessControlExposeHeaders:
+                        description: AccessControlExposeHeaders indicates which headers
+                          can be exposed as part of the response by listing their
+                          names.
+                        items:
+                          type: string
+                        type: array
+                      accessControlMaxAge:
+                        description: AccessControlMaxAge indicates how long the results
+                          of a preflight request can be cached in a preflight result
+                          cache.
+                        type: integer
+                      enabled:
+                        default: true
+                        description: Enabled is to enable CORs policy for the API.
+                        type: boolean
+                    type: object
+                  requestInterceptors:
+                    description: RequestInterceptors referenced to intercetor services
+                      to be applied to the request flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  responseInterceptors:
+                    description: ResponseInterceptors referenced to intercetor services
+                      to be applied to the response flow.
+                    items:
+                      description: InterceptorReference holds InterceptorService reference
+                        using name and namespace
+                      properties:
+                        name:
+                          description: Name is the referced CR's name of InterceptorService
+                            resource.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    maxItems: 1
+                    nullable: true
+                    type: array
+                  subscriptionValidation:
+                    default: false
+                    description: SubscriptionValidation denotes whether subscription
+                      validation is enabled for the API
+                    type: boolean
+                type: object
+              targetRef:
+                description: PolicyTargetReference identifies an API object to apply
+                  a direct or inherited policy to. This should be used as part of
+                  Policy resources that can target Gateway API resources. For more
+                  information on how this policy attachment model works, and a sample
+                  Policy resource, refer to the policy attachment documentation for
+                  Gateway API.
+                properties:
+                  group:
+                    description: Group is the group of the target resource.
+                    maxLength: 253
+                    pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                    type: string
+                  kind:
+                    description: Kind is kind of the target resource.
+                    maxLength: 63
+                    minLength: 1
+                    pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+                    type: string
+                  name:
+                    description: Name is the name of the target resource.
+                    maxLength: 253
+                    minLength: 1
+                    type: string
+                  namespace:
+                    description: Namespace is the namespace of the referent. When
+                      unspecified, the local namespace is inferred. Even when policy
+                      targets a resource in a different namespace, it MUST only apply
+                      to traffic originating from the same namespace as the policy.
+                    maxLength: 63
+                    minLength: 1
+                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                    type: string
+                required:
+                - group
+                - kind
+                - name
+                type: object
+            type: object
+          status:
+            description: APIPolicyStatus defines the observed state of APIPolicy
+            type: object
+        type: object
+    served: true
     storage: true
     subresources:
       status: {}
diff --git a/helm-charts/templates/data-plane/config-deployer/config-api-apipolicy.yaml b/helm-charts/templates/data-plane/config-deployer/config-api-apipolicy.yaml
index 16cef2323..b3fec2db4 100644
--- a/helm-charts/templates/data-plane/config-deployer/config-api-apipolicy.yaml
+++ b/helm-charts/templates/data-plane/config-deployer/config-api-apipolicy.yaml
@@ -1,5 +1,5 @@
 {{- if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.configdeployer.enabled }}
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: "{{ template "apk-helm.resource.prefix" . }}-config-api-api-policy"
diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml
index 6cdd00e77..ebcd004fa 100644
--- a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml
+++ b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-mutating-webhook-config.yaml
@@ -51,14 +51,14 @@ webhooks:
     service:
       name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service
       namespace: {{ .Release.Namespace }}
-      path: /mutate-dp-wso2-com-v1alpha2-apipolicy
+      path: /mutate-dp-wso2-com-v1alpha3-apipolicy
   failurePolicy: Fail
   name: mapipolicy.kb.io
   rules:
     - apiGroups:
         - dp.wso2.com
       apiVersions:
-        - v1alpha2
+        - v1alpha3
       operations:
         - CREATE
         - UPDATE
diff --git a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml
index e29b5a8a4..f8474e594 100644
--- a/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml
+++ b/helm-charts/templates/data-plane/gateway-components/common-controller/webhook/adapter-validation-webhook-config.yaml
@@ -71,14 +71,14 @@ webhooks:
     service:
       name: {{ template "apk-helm.resource.prefix" . }}-common-controller-service
       namespace: {{ .Release.Namespace }}
-      path: /validate-dp-wso2-com-v1alpha2-apipolicy
+      path: /validate-dp-wso2-com-v1alpha3-apipolicy
   failurePolicy: Fail
   name: vapipolicy.kb.io
   rules:
     - apiGroups:
         - dp.wso2.com
       apiVersions:
-        - v1alpha2
+        - v1alpha3
       operations:
         - CREATE
         - UPDATE
diff --git a/helm-charts/templates/serviceAccount/apk-cluster-role.yaml b/helm-charts/templates/serviceAccount/apk-cluster-role.yaml
index ccbb849a5..751434027 100644
--- a/helm-charts/templates/serviceAccount/apk-cluster-role.yaml
+++ b/helm-charts/templates/serviceAccount/apk-cluster-role.yaml
@@ -122,6 +122,15 @@ rules:
   - apiGroups: ["dp.wso2.com"]
     resources: ["gqlroutes/status"]
     verbs: ["get","patch","update"]
+  - apiGroups: ["dp.wso2.com"]
+    resources: ["aiproviders"]
+    verbs: ["get","list","watch","update","delete","create"]
+  - apiGroups: ["dp.wso2.com"]
+    resources: ["aiproviders/status"]
+    verbs: ["get","patch","update"]
+  - apiGroups: ["dp.wso2.com"]
+    resources: ["aiproviders/finalizers"]
+    verbs: ["update"]
   - apiGroups: ["cp.wso2.com"]
     resources: ["applications"]
     verbs: ["get","list","watch","update","delete","create"]
diff --git a/runtime/config-deployer-service/ballerina/K8sClient.bal b/runtime/config-deployer-service/ballerina/K8sClient.bal
index 5e7757206..448e8f0eb 100644
--- a/runtime/config-deployer-service/ballerina/K8sClient.bal
+++ b/runtime/config-deployer-service/ballerina/K8sClient.bal
@@ -183,22 +183,22 @@ isolated function deleteScopeCr(string name, string namespace) returns http:Resp
 }
 
 isolated function deleteBackendPolicyCR(string name, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/backends/" + name;
+    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/backends/" + name;
     return k8sApiServerEp->delete(endpoint, targetType = http:Response);
 }
 
 isolated function getBackendCR(string name, string namespace) returns model:Backend|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/backends/" + name;
+    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/backends/" + name;
     return k8sApiServerEp->get(endpoint, targetType = model:Backend);
 }
 
 isolated function deployBackendCR(model:Backend backend, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/backends";
+    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/backends";
     return k8sApiServerEp->post(endpoint, backend, targetType = http:Response);
 }
 
 isolated function updateBackendCR(model:Backend backend, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/backends/" + backend.metadata.name;
+    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/backends/" + backend.metadata.name;
     return k8sApiServerEp->put(endpoint, backend, targetType = http:Response);
 }
 
@@ -218,7 +218,7 @@ isolated function updateScopeCR(model:Scope scope, string namespace) returns htt
 }
 
 isolated function getBackendPolicyCRsForAPI(string apiName, string apiVersion, string namespace, string organization) returns model:BackendList|http:ClientError|error {
-    string endpoint = "/apis/dp.wso2.com/v1alpha1/namespaces/" + namespace + "/backends?labelSelector=" + check generateUrlEncodedLabelSelector(apiName, apiVersion, organization);
+    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/backends?labelSelector=" + check generateUrlEncodedLabelSelector(apiName, apiVersion, organization);
     return k8sApiServerEp->get(endpoint, targetType = model:BackendList);
 }
 
@@ -271,27 +271,27 @@ isolated function getRateLimitPolicyCRsForAPI(string apiName, string apiVersion,
 }
 
 isolated function deployAPIPolicyCR(model:APIPolicy apiPolicy, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apipolicies";
+    string endpoint = "/apis/dp.wso2.com/v1alpha3/namespaces/" + namespace + "/apipolicies";
     return k8sApiServerEp->post(endpoint, apiPolicy, targetType = http:Response);
 }
 
 isolated function getAPIPolicyCR(string policyName, string namespace) returns model:APIPolicy|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apipolicies/" + policyName;
+    string endpoint = "/apis/dp.wso2.com/v1alpha3/namespaces/" + namespace + "/apipolicies/" + policyName;
     return k8sApiServerEp->get(endpoint, targetType = model:APIPolicy);
 }
 
 isolated function updateAPIPolicyCR(model:APIPolicy apiPolicy, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apipolicies/" + apiPolicy.metadata.name;
+    string endpoint = "/apis/dp.wso2.com/v1alpha3/namespaces/" + namespace + "/apipolicies/" + apiPolicy.metadata.name;
     return k8sApiServerEp->put(endpoint, apiPolicy, targetType = http:Response);
 }
 
 isolated function deleteAPIPolicyCR(string name, string namespace) returns http:Response|http:ClientError {
-    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apipolicies/" + name;
+    string endpoint = "/apis/dp.wso2.com/v1alpha3/namespaces/" + namespace + "/apipolicies/" + name;
     return k8sApiServerEp->delete(endpoint, targetType = http:Response);
 }
 
 isolated function getAPIPolicyCRsForAPI(string apiName, string apiVersion, string namespace, string organization) returns model:APIPolicyList|http:ClientError|error {
-    string endpoint = "/apis/dp.wso2.com/v1alpha2/namespaces/" + namespace + "/apipolicies?labelSelector=" + check generateUrlEncodedLabelSelector(apiName, apiVersion, organization);
+    string endpoint = "/apis/dp.wso2.com/v1alpha3/namespaces/" + namespace + "/apipolicies?labelSelector=" + check generateUrlEncodedLabelSelector(apiName, apiVersion, organization);
     return k8sApiServerEp->get(endpoint, targetType = model:APIPolicyList);
 }
 
diff --git a/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal b/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
index 8c380d105..2acf01856 100644
--- a/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
+++ b/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
@@ -16,7 +16,7 @@
 // under the License.
 //
 public type APIPolicy record {|
-    string apiVersion = "dp.wso2.com/v1alpha2";
+    string apiVersion = "dp.wso2.com/v1alpha3";
     string kind = "APIPolicy";
     Metadata metadata;
     APIPolicySpec spec;
@@ -45,7 +45,7 @@ public type BackendJwtReference record {
 };
 
 public type APIPolicyList record {
-    string apiVersion = "dp.wso2.com/v1alpha2";
+    string apiVersion = "dp.wso2.com/v1alpha3";
     string kind = "APIPolicyList";
     ListMeta metadata;
     APIPolicy[] items;
diff --git a/runtime/config-deployer-service/ballerina/modules/model/Backend.bal b/runtime/config-deployer-service/ballerina/modules/model/Backend.bal
index 02bf8525c..6dc1e1c97 100644
--- a/runtime/config-deployer-service/ballerina/modules/model/Backend.bal
+++ b/runtime/config-deployer-service/ballerina/modules/model/Backend.bal
@@ -16,7 +16,7 @@
 // under the License.
 //
 public type Backend record {
-    string apiVersion = "dp.wso2.com/v1alpha1";
+    string apiVersion = "dp.wso2.com/v1alpha2";
     string kind = "Backend";
     Metadata metadata;
     BackendSpec spec;
@@ -85,7 +85,7 @@ public type TLSConfig record {
 
 };
 public type BackendList record {
-    string apiVersion="dp.wso2.com/v1alpha1";
+    string apiVersion="dp.wso2.com/v1alpha2";
     string kind = "BackendList";
     Backend [] items;
     ListMeta metadata;
diff --git a/test/apim-apk-agent-test/cucumber-tests/CRs/artifacts.yaml b/test/apim-apk-agent-test/cucumber-tests/CRs/artifacts.yaml
index ff9675fa7..0182fd156 100644
--- a/test/apim-apk-agent-test/cucumber-tests/CRs/artifacts.yaml
+++ b/test/apim-apk-agent-test/cucumber-tests/CRs/artifacts.yaml
@@ -225,7 +225,7 @@ spec:
           configMap:
             name: "interceptor-service-config-toml" 
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-policy-gateway-level
diff --git a/test/cucumber-tests/CRs/agent-artifacts.yaml b/test/cucumber-tests/CRs/agent-artifacts.yaml
index eec0e66f1..10672cd32 100644
--- a/test/cucumber-tests/CRs/agent-artifacts.yaml
+++ b/test/cucumber-tests/CRs/agent-artifacts.yaml
@@ -222,7 +222,7 @@ spec:
           configMap:
             name: "interceptor-service-config-toml" 
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-policy-gateway-level
diff --git a/test/cucumber-tests/CRs/artifacts.yaml b/test/cucumber-tests/CRs/artifacts.yaml
index bd3b218a0..77b54a18a 100644
--- a/test/cucumber-tests/CRs/artifacts.yaml
+++ b/test/cucumber-tests/CRs/artifacts.yaml
@@ -222,7 +222,7 @@ spec:
           configMap:
             name: "interceptor-service-config-toml" 
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-policy-gateway-level
diff --git a/test/integration/integration/tests/resources/tests/api-policy-with-jwt-generator.yaml b/test/integration/integration/tests/resources/tests/api-policy-with-jwt-generator.yaml
index 4ae6e827e..8f6d17f22 100644
--- a/test/integration/integration/tests/resources/tests/api-policy-with-jwt-generator.yaml
+++ b/test/integration/integration/tests/resources/tests/api-policy-with-jwt-generator.yaml
@@ -55,7 +55,7 @@ spec:
       kind: Backend
       name: infra-backend-v1
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: jwt-token-generator-policy
diff --git a/test/integration/integration/tests/resources/tests/api-with-cors-policy.yaml b/test/integration/integration/tests/resources/tests/api-with-cors-policy.yaml
index 09f80a2ce..a1bff40bf 100644
--- a/test/integration/integration/tests/resources/tests/api-with-cors-policy.yaml
+++ b/test/integration/integration/tests/resources/tests/api-with-cors-policy.yaml
@@ -61,7 +61,7 @@ spec:
       kind: Backend
       name: infra-backend-v1
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: cors-policy
@@ -140,7 +140,7 @@ spec:
   - host: infra-backend-v1.gateway-integration-test-infra
     port: 8080
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: no-cors-policy
diff --git a/test/integration/integration/tests/resources/tests/custom-policy-ratelimiting.yaml b/test/integration/integration/tests/resources/tests/custom-policy-ratelimiting.yaml
index 94b0060d2..1df044149 100644
--- a/test/integration/integration/tests/resources/tests/custom-policy-ratelimiting.yaml
+++ b/test/integration/integration/tests/resources/tests/custom-policy-ratelimiting.yaml
@@ -31,7 +31,7 @@ spec:
     name: wso2-apk-default
     group: gateway.networking.k8s.io
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-api-policy-api-level
diff --git a/test/integration/integration/tests/resources/tests/interceptors-api-level.yaml b/test/integration/integration/tests/resources/tests/interceptors-api-level.yaml
index af5d12643..3c58fe9d5 100644
--- a/test/integration/integration/tests/resources/tests/interceptors-api-level.yaml
+++ b/test/integration/integration/tests/resources/tests/interceptors-api-level.yaml
@@ -66,7 +66,7 @@ spec:
           type: ReplaceFullPath
           replaceFullPath: /books
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-api-policy-api-level
diff --git a/test/integration/integration/tests/resources/tests/interceptors-resource-level.yaml b/test/integration/integration/tests/resources/tests/interceptors-resource-level.yaml
index 06882d25a..f6c362634 100644
--- a/test/integration/integration/tests/resources/tests/interceptors-resource-level.yaml
+++ b/test/integration/integration/tests/resources/tests/interceptors-resource-level.yaml
@@ -81,7 +81,7 @@ spec:
           type: ReplaceFullPath
           replaceFullPath: /books
 ---
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-api-policy-resource-level
diff --git a/test/k8s-resources/gw-interceptor.yaml b/test/k8s-resources/gw-interceptor.yaml
index 106e0a4d5..1e808ea33 100644
--- a/test/k8s-resources/gw-interceptor.yaml
+++ b/test/k8s-resources/gw-interceptor.yaml
@@ -1,4 +1,4 @@
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: interceptor-policy-gateway-level
diff --git a/test/performance/artifacts/api.yaml b/test/performance/artifacts/api.yaml
index c30dd90f2..d2c5f15a0 100644
--- a/test/performance/artifacts/api.yaml
+++ b/test/performance/artifacts/api.yaml
@@ -25,7 +25,7 @@ spec:
 status: null
 
 --- 
-apiVersion: dp.wso2.com/v1alpha2
+apiVersion: dp.wso2.com/v1alpha3
 kind: APIPolicy
 metadata:
   name: default-api-policy