From the documentation for setUserAuthenticationRequired:

The key will become irreversibly invalidated once the secure lock screen is disabled (reconfigured to None, Swipe or other mode which does not authenticate the user) or when the secure lock screen is forcibly reset (e.g., by a Device Administrator). Additionally, if the key requires that user authentication takes place for every use of the key, it is also irreversibly invalidated once a new fingerprint is enrolled or once no more fingerprints are enrolled, unless setInvalidatedByBiometricEnrollment(boolean) is used to allow validity after enrollment. Attempts to initialize cryptographic operations using such keys will throw KeyPermanentlyInvalidatedException.

So to check if any new fingerprints have been enrolled since you created your fingerprint-associated key, just create a cipher with that key and try to init the cipher. If any new fingerprints have been enrolled, the init call should trigger a KeyPermanentlyInvalidatedException.

You can't add new fingerprints from your app.

Inside your application you only have access to the Auth Fingerprint Method which checks against registered fingerprints through the keyStore.

I can get all finger id in integers.

private void getFingerprintInfo(Context context) 
{
    try {
        FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
        Method method = FingerprintManager.class.getDeclaredMethod("getEnrolledFingerprints");
        Object obj = method.invoke(fingerprintManager);

        if (obj != null) {
            Class<?> clazz = Class.forName("android.hardware.fingerprint.Fingerprint");
            Method getFingerId = clazz.getDeclaredMethod("getFingerId");

            for (int i = 0; i < ((List) obj).size(); i++)
            {
                Object item = ((List) obj).get(i);
                if(item != null)
                {
                    System.out.println("fkie4. fingerId: " + getFingerId.invoke(item));
                }
            }
        }
    } catch (NoSuchMethodException | IllegalAccessException | InvocationTargetException | ClassNotFoundException e) {
        e.printStackTrace();
    }
}

please refer to this: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/hardware/fingerprint/Fingerprint.java

there is a public method getFingerId( ), but it is not available for us to call because it has "@UnsupportedAppUsage".

so you need to use reflection to call the method. after you get a list of fingerprint id, you can encrypt them and store in sharedPreference.

Finger id is the id of the fingerprints stored in setting

After you get all finger ids, you can determine if user has added/deleted a fingerprint.

No need to count on the KeyPermanentlyInvalidatedException. It is not thrown in Android 8.0

Good luck!!!...

don't believe google did such a poor job