diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
index 3e7c7700fb..b2cba738a5 100644
--- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
+++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
@@ -374,6 +374,7 @@ public enum ErrorMessages {
                 "User account recovery validation failed for user account: '%s'"),
         ERROR_CODE_INVALID_RECOVERY_FLOW_ID("UAR-10015", "Invalid confirmation code : '%s'."),
         ERROR_CODE_EXPIRED_RECOVERY_FLOW_ID("UAR-10016", "Expired confirmation code : '%s'."),
+        ERROR_CODE_API_DISABLED("UAR-10017", "Recovery API is disabled."),
         ERROR_CODE_NO_RECOVERY_FLOW_DATA("UAR-10018", "No recovery flow data found for "
                 + "recovery flow id : '%s'."),
         ERROR_CODE_ERROR_STORING_RECOVERY_DATA("UAR-15001", "Error storing user recovery data"),
diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java
index da23fb6fc8..2141ebb158 100644
--- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java
+++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java
@@ -23,6 +23,7 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.identity.application.common.model.User;
+import org.wso2.carbon.identity.base.IdentityConstants;
 import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
 import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.event.IdentityEventException;
@@ -189,6 +190,11 @@ public PasswordRecoverDTO notify(String recoveryCode, String channelId, String t
     public PasswordResetCodeDTO confirm(String confirmationCode, String tenantDomain, Map<String, String> properties)
             throws IdentityRecoveryException {
 
+        if (!Boolean.parseBoolean(IdentityUtil.getProperty(
+                IdentityConstants.Recovery.RECOVERY_V1_API_ENABLE))) {
+            throw Utils.handleClientException(
+                    IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_API_DISABLED, null);
+        }
         validateTenantDomain(tenantDomain);
         UserAccountRecoveryManager userAccountRecoveryManager = UserAccountRecoveryManager.getInstance();
         // Get Recovery data.
@@ -290,6 +296,11 @@ public PasswordResetCodeDTO confirm(String otp, String confirmationCode, String
     public SuccessfulPasswordResetDTO reset(String resetCode, char[] password, Map<String, String> properties)
             throws IdentityRecoveryException {
 
+        if (!Boolean.parseBoolean(IdentityUtil.getProperty(
+                IdentityConstants.Recovery.RECOVERY_V1_API_ENABLE))) {
+            throw Utils.handleClientException(
+                    IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_API_DISABLED, null);
+        }
         // Validate the password.
         if (ArrayUtils.isEmpty(password)) {
             throw Utils.handleClientException(