Fix conflicts

components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>grafana-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.common/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>grafana-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>grafana-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/analytics-mgt/grafana-mgt/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>analytics-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/analytics-mgt/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.analytics.extension/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.annotations/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension.api/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.extension.rest.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension.api/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.keymgt.extension/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>apimgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt-extensions/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/application-mgt/io.entgra.device.mgt.core.application.mgt.common/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>application-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/application-mgt/io.entgra.device.mgt.core.application.mgt.common/src/main/java/io/entgra/device/mgt/core/application/mgt/common/services/ApplicationManager.java

@@ -538,4 +538,13 @@ public interface ApplicationManager {
      */
     void updateAppIconInfo(ApplicationRelease applicationRelease, String oldPackageName)
             throws ApplicationManagementException;
+
+    /**
+     * Delete all application related data of a tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementException thrown if an error occurs when deleting data
+     */
+    void deleteApplicationDataOfTenant(int tenantId) throws ApplicationManagementException;
+    void deleteApplicationDataByTenantDomain(String tenantDomain) throws ApplicationManagementException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.common/src/main/java/io/entgra/device/mgt/core/application/mgt/common/services/ApplicationStorageManager.java

@@ -132,4 +132,12 @@ public interface ApplicationStorageManager {
      * @throws StorageManagementException if errors while generating md5 string
      */
     String getMD5(InputStream inputStream) throws StorageManagementException;
+
+    /**
+     * Delete the folder containing all the app releases of a tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationStorageManagementException thrown if
+     */
+    void deleteAppFolderOfTenant(int tenantId) throws ApplicationStorageManagementException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>application-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -384,6 +384,11 @@
             <groupId>com.squareup.okio</groupId>
             <artifactId>okio</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.multitenancy</groupId>
+            <artifactId>org.wso2.carbon.tenant.mgt</artifactId>
+            <scope>compile</scope>
+        </dependency>
     </dependencies>
 </project>
 

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/ApplicationDAO.java

@@ -238,4 +238,52 @@ public interface ApplicationDAO {
     int getApplicationCount(Filter filter, int deviceTypeId, int tenantId) throws ApplicationManagementDAOException;
 
     void deleteApplication(int appId, int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete favourite applications of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteAppFavouritesByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Application category mapping of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteApplicationCategoryMappingByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Application categories of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteApplicationCategoriesByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Application tags mapping of Tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteApplicationTagsMappingByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Application tags of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteApplicationTagsByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Applications of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteApplicationsByTenant(int tenantId) throws ApplicationManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/ApplicationReleaseDAO.java

@@ -127,4 +127,12 @@ public interface ApplicationReleaseDAO {
      */
     List<ApplicationReleaseDTO> getReleaseByPackages(List<String> packages, int tenantId)
             throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Application releases of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteReleasesByTenant(int tenantId) throws ApplicationManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/LifecycleStateDAO.java

@@ -18,6 +18,7 @@
 package io.entgra.device.mgt.core.application.mgt.core.dao;
 
 import io.entgra.device.mgt.core.application.mgt.common.LifecycleState;
+import io.entgra.device.mgt.core.application.mgt.core.exception.ApplicationManagementDAOException;
 import io.entgra.device.mgt.core.application.mgt.core.exception.LifeCycleManagementDAOException;
 
 import java.util.List;
@@ -75,4 +76,11 @@ public interface LifecycleStateDAO {
      */
     String getAppReleaseCreatedUsername(int appId, String uuid, int tenantId) throws LifeCycleManagementDAOException;
 
-    }
+    /**
+     * Delete Application lifecycle states of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws LifeCycleManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteAppLifecycleStatesByTenant(int tenantId) throws LifeCycleManagementDAOException;
+}

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/ReviewDAO.java

@@ -20,6 +20,7 @@ package io.entgra.device.mgt.core.application.mgt.core.dao;
 import io.entgra.device.mgt.core.application.mgt.common.response.Review;
 import io.entgra.device.mgt.core.application.mgt.common.PaginationRequest;
 import io.entgra.device.mgt.core.application.mgt.common.dto.ReviewDTO;
+import io.entgra.device.mgt.core.application.mgt.core.exception.ApplicationManagementDAOException;
 import io.entgra.device.mgt.core.application.mgt.core.exception.ReviewManagementDAOException;
 
 import java.util.List;
@@ -119,4 +120,11 @@ import java.util.List;
 
     void deleteAllChildCommentsOfReview(int rootParentId, int tenantId) throws ReviewManagementDAOException;
 
+ /**
+  * Delete reviews of a tenant
+  *
+  * @param tenantId Tenant ID
+  * @throws ReviewManagementDAOException thrown if an error occurs while deleting data
+  */
+ void deleteReviewsByTenant(int tenantId) throws ReviewManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/SPApplicationDAO.java

@@ -128,4 +128,20 @@ public interface SPApplicationDAO {
      * @throws ApplicationManagementDAOException if any db error occurred
      */
     void deleteIdentityServer(int id, int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Identity servers of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteIdentityServerByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Service provide mapping details of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteSPApplicationMappingByTenant(int tenantId) throws ApplicationManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/SubscriptionDAO.java

@@ -264,4 +264,52 @@ public interface SubscriptionDAO {
      * @throws ApplicationManagementDAOException if error occurred while retrieving the app details
      */
     Activity getOperationAppDetails(int operationId, int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Operation mapping details of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteOperationMappingByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete device subscriptions of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteDeviceSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete group subscriptions of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteGroupSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete role subscriptions of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteRoleSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete user subscriptions of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteUserSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete scheduled subscription details of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteScheduledSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/VisibilityDAO.java

@@ -17,6 +17,7 @@
  */
 package io.entgra.device.mgt.core.application.mgt.core.dao;
 
+import io.entgra.device.mgt.core.application.mgt.core.exception.ApplicationManagementDAOException;
 import io.entgra.device.mgt.core.application.mgt.core.exception.VisibilityManagementDAOException;
 
 import java.util.List;
@@ -70,4 +71,11 @@ public interface VisibilityDAO {
      */
     void deleteAppUnrestrictedRoles(int applicationId, int tenantId) throws VisibilityManagementDAOException;
 
+    /**
+     * Delete app unrestricted roles of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws VisibilityManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteAppUnrestrictedRolesByTenant(int tenantId) throws VisibilityManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/VppApplicationDAO.java

@@ -43,4 +43,28 @@ public interface VppApplicationDAO {
     int addAssociation(VppAssociationDTO vppAssociationDTO, int tenantId) throws ApplicationManagementDAOException;
 
     VppAssociationDTO updateAssociation(VppAssociationDTO vppAssociationDTO, int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete associations of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteAssociationByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete Vpp users of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteVppUserByTenant(int tenantId) throws ApplicationManagementDAOException;
+
+    /**
+     * Delete assets of tenant
+     *
+     * @param tenantId Tenant ID
+     * @throws ApplicationManagementDAOException thrown if an error occurs while deleting data
+     */
+    void deleteAssetsByTenant(int tenantId) throws ApplicationManagementDAOException;
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/GenericApplicationDAOImpl.java

@@ -1884,4 +1884,165 @@ public class GenericApplicationDAOImpl extends AbstractDAOImpl implements Applic
         }
     }
 
+    @Override
+    public void deleteAppFavouritesByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete app of tenant  of id " + tenantId + " from favourites");
+        }
+        String sql = "DELETE FROM AP_APP_FAVOURITES "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing app from favourites of tenant "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing app of tenant of id " + tenantId + " from favourites. " +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteApplicationCategoryMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete application category mapping  of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_CATEGORY_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing application category mapping of tenant"
+                    +tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing application category mapping of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteApplicationCategoriesByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete application category of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_CATEGORY "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing application category of tenant "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing application category of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteApplicationTagsMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete application tags mapping of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_TAG_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing application tags mapping of tenant"
+                    +tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing application tags mapping of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteApplicationTagsByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete application tags of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_TAG "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing application tags of tenant"
+                    +tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing application tags of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteApplicationsByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete applications of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing applications of tenant"
+                    +tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing applications of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/release/GenericApplicationReleaseDAOImpl.java

@@ -624,4 +624,30 @@ public class GenericApplicationReleaseDAOImpl extends AbstractDAOImpl implements
             throw new ApplicationManagementDAOException(msg, e);
         }
     }
-}
+
+        @Override
+        public void deleteReleasesByTenant(int tenantId) throws ApplicationManagementDAOException {
+            if (log.isDebugEnabled()) {
+                log.debug("Request received in DAO Layer to delete application releases of tenant  of id " + tenantId);
+            }
+            String sql = "DELETE FROM AP_APP_RELEASE "
+                    + "WHERE TENANT_ID = ?";
+            try {
+                Connection conn = this.getDBConnection();
+                try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                    stmt.setInt(1, tenantId);
+                    stmt.executeUpdate();
+                }
+            } catch (DBConnectionException e) {
+                String msg = "Error occurred while obtaining the DB connection when removing application release of tenant"
+                        +tenantId;
+                log.error(msg, e);
+                throw new ApplicationManagementDAOException(msg, e);
+            } catch (SQLException e) {
+                String msg = "SQL Error occurred while removing application release of tenant of id " + tenantId +
+                        "Executed Query: " + sql;
+                log.error(msg, e);
+                throw new ApplicationManagementDAOException(msg, e);
+            }
+        }
+    }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/spapplication/GenericSPApplicationDAOImpl.java

@@ -484,4 +484,57 @@ public class GenericSPApplicationDAOImpl extends AbstractDAOImpl implements SPAp
         }
     }
 
+    @Override
+    public void deleteIdentityServerByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete identity server of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_IDENTITY_SERVER " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteSPApplicationMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete applications of tenant  of id " + tenantId
+                    + " from service providers");
+        }
+        String sql = "DELETE FROM AP_IS_SP_APP_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing applications of tenant"
+                    +tenantId+ "from service providers";
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing applications of tenant of id " + tenantId +
+                    "from service providers. Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/spapplication/OracleSPApplicationDAOImpl.java

@@ -485,4 +485,57 @@ public class OracleSPApplicationDAOImpl  extends AbstractDAOImpl implements SPAp
         }
     }
 
+    @Override
+    public void deleteIdentityServerByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete identity server of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_IDENTITY_SERVER " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteSPApplicationMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete applications of tenant  of id " + tenantId
+                    + " from service providers");
+        }
+        String sql = "DELETE FROM AP_IS_SP_APP_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing applications of tenant"
+                    +tenantId+ "from service providers";
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing applications of tenant of id " + tenantId +
+                    "from service providers. Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/spapplication/PostgreSQLSPApplicationDAOImpl.java

@@ -485,4 +485,57 @@ public class PostgreSQLSPApplicationDAOImpl extends AbstractDAOImpl implements S
         }
     }
 
+    @Override
+    public void deleteIdentityServerByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete identity server of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_IDENTITY_SERVER " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteSPApplicationMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete applications of tenant  of id " + tenantId
+                    + " from service providers");
+        }
+        String sql = "DELETE FROM AP_IS_SP_APP_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing applications of tenant"
+                    +tenantId+ "from service providers";
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing applications of tenant of id " + tenantId +
+                    "from service providers. Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/application/spapplication/SQLServerSPApplicationDAOImpl.java

@@ -485,4 +485,57 @@ public class SQLServerSPApplicationDAOImpl  extends AbstractDAOImpl implements S
         }
     }
 
+    @Override
+    public void deleteIdentityServerByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete identity server of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_IDENTITY_SERVER " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete an identity server of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteSPApplicationMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete applications of tenant  of id " + tenantId
+                    + " from service providers");
+        }
+        String sql = "DELETE FROM AP_IS_SP_APP_MAPPING "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing applications of tenant"
+                    +tenantId+ "from service providers";
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing applications of tenant of id " + tenantId +
+                    "from service providers. Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/lifecyclestate/GenericLifecycleStateDAOImpl.java

@@ -114,6 +114,32 @@ public class GenericLifecycleStateDAOImpl extends AbstractDAOImpl implements Lif
         }
     }
 
+    @Override
+    public void deleteAppLifecycleStatesByTenant(int tenantId) throws LifeCycleManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete app lifecycle states of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_LIFECYCLE_STATE "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing app lifecycle states of tenant"
+                    +tenantId;
+            log.error(msg, e);
+            throw new LifeCycleManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing app lifecycle states of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new LifeCycleManagementDAOException(msg, e);
+        }
+    }
+
     @Override
     public List<LifecycleState> getLifecycleStates(int appReleaseId, int tenantId) throws LifeCycleManagementDAOException {
         try {

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/review/GenericReviewDAOImpl.java

@@ -602,4 +602,30 @@ public class GenericReviewDAOImpl extends AbstractDAOImpl implements ReviewDAO {
             throw new ReviewManagementDAOException(msg, e);
         }
     }
+
+    @Override
+    public void deleteReviewsByTenant(int tenantId) throws ReviewManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete app reviews of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_REVIEW "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing app reviews of tenant "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ReviewManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing app reviews of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ReviewManagementDAOException(msg, e);
+        }
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/subscription/GenericSubscriptionDAOImpl.java

@@ -1476,4 +1476,163 @@ public class GenericSubscriptionDAOImpl extends AbstractDAOImpl implements Subsc
             throw new ApplicationManagementDAOException(msg, e);
         }
     }
+
+    @Override
+    public void deleteOperationMappingByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete operation mapping of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_APP_SUB_OP_MAPPING " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete operation mapping of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete operation mapping of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteRoleSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete role subscription of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_ROLE_SUBSCRIPTION " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete role subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete role subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteUserSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete user subscription of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_USER_SUBSCRIPTION " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete user subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete user subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteGroupSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete user subscription of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_GROUP_SUBSCRIPTION " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete group subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete group subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteScheduledSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete scheduled subscription of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_SCHEDULED_SUBSCRIPTION " +
+                "WHERE APPLICATION_UUID IN " +
+                "(SELECT UUID FROM AP_APP_RELEASE WHERE TENANT_ID = ?)";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeBatch();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete scheduled subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete scheduled subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteDeviceSubscriptionByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete device subscription of the tenant of id: " + tenantId);
+        }
+        String sql = "DELETE FROM AP_DEVICE_SUBSCRIPTION " +
+                "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete device subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing SQL to delete device subscription of tenant of id "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/visibility/GenericVisibilityDAOImpl.java

@@ -176,4 +176,32 @@ public class GenericVisibilityDAOImpl extends AbstractDAOImpl implements Visibil
             throw new VisibilityManagementDAOException(msg, e);
         }
     }
+
+    @Override
+    public void deleteAppUnrestrictedRolesByTenant(int tenantId) throws VisibilityManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete Application unrestricted roles of tenant of ID "
+                    + tenantId);
+        }
+        String sql = "DELETE "
+                + "FROM AP_UNRESTRICTED_ROLE "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection to delete application unrestricted roles of tenant: "
+                    + tenantId;
+            log.error(msg, e);
+            throw new VisibilityManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "Error occurred while executing query to delete application unrestricted roles which of"
+                    + " tenant Id " + tenantId + ". executed query: " + sql;
+            log.error(msg, e);
+            throw new VisibilityManagementDAOException(msg, e);
+        }
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/dao/impl/vpp/GenericVppApplicationDAOImpl.java

@@ -506,4 +506,84 @@ public class GenericVppApplicationDAOImpl  extends AbstractDAOImpl implements Vp
             throw new ApplicationManagementDAOException(msg, e);
         }
     }
+
+    @Override
+    public void deleteAssetsByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete application releases of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_ASSETS "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing application release of tenant "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing application release of tenant of id " + tenantId +
+                    " Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+    }
+
+    @Override
+    public void deleteVppUserByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete vpp user of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_VPP_USER "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing vpp user of tenant "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing vpp user of tenant of id " + tenantId +
+                    "Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
+
+    @Override
+    public void deleteAssociationByTenant(int tenantId) throws ApplicationManagementDAOException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request received in DAO Layer to delete association of tenant  of id " + tenantId);
+        }
+        String sql = "DELETE FROM AP_VPP_ASSOCIATION  "
+                + "WHERE TENANT_ID = ?";
+        try {
+            Connection conn = this.getDBConnection();
+            try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+                stmt.setInt(1, tenantId);
+                stmt.executeUpdate();
+            }
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while obtaining the DB connection when removing association of tenant"
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        } catch (SQLException e) {
+            String msg = "SQL Error occurred while removing association of tenant of id " + tenantId +
+                    " Executed Query: " + sql;
+            log.error(msg, e);
+            throw new ApplicationManagementDAOException(msg, e);
+        }
+
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/impl/ApplicationManagerImpl.java

@@ -21,6 +21,8 @@ package io.entgra.device.mgt.core.application.mgt.core.impl;
 import io.entgra.device.mgt.core.application.mgt.common.exception.FileDownloaderServiceException;
 import io.entgra.device.mgt.core.application.mgt.common.exception.FileTransferServiceException;
 import io.entgra.device.mgt.core.application.mgt.core.exception.BadRequestException;
+import io.entgra.device.mgt.core.application.mgt.core.dao.*;
+import io.entgra.device.mgt.core.application.mgt.core.exception.*;
 import io.entgra.device.mgt.core.device.mgt.common.Base64File;
 import io.entgra.device.mgt.core.application.mgt.core.dao.SPApplicationDAO;
 import io.entgra.device.mgt.core.application.mgt.core.util.ApplicationManagementUtil;
@@ -78,11 +80,6 @@ import io.entgra.device.mgt.core.application.mgt.common.wrapper.PublicAppWrapper
 import io.entgra.device.mgt.core.application.mgt.common.wrapper.WebAppReleaseWrapper;
 import io.entgra.device.mgt.core.application.mgt.common.wrapper.WebAppWrapper;
 import io.entgra.device.mgt.core.application.mgt.core.config.ConfigurationManager;
-import io.entgra.device.mgt.core.application.mgt.core.dao.ApplicationDAO;
-import io.entgra.device.mgt.core.application.mgt.core.dao.ApplicationReleaseDAO;
-import io.entgra.device.mgt.core.application.mgt.core.dao.LifecycleStateDAO;
-import io.entgra.device.mgt.core.application.mgt.core.dao.SubscriptionDAO;
-import io.entgra.device.mgt.core.application.mgt.core.dao.VisibilityDAO;
 import io.entgra.device.mgt.core.application.mgt.core.dao.common.ApplicationManagementDAOFactory;
 import io.entgra.device.mgt.core.application.mgt.core.util.APIUtil;
 import io.entgra.device.mgt.core.application.mgt.core.exception.ApplicationManagementDAOException;
@@ -99,6 +96,8 @@ import io.entgra.device.mgt.core.device.mgt.common.exceptions.DeviceManagementEx
 
 import io.entgra.device.mgt.core.device.mgt.core.dto.DeviceType;
 import io.entgra.device.mgt.core.device.mgt.core.service.DeviceManagementProviderService;
+import org.wso2.carbon.stratos.common.beans.TenantInfoBean;
+import org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService;
 import org.wso2.carbon.user.api.UserRealm;
 import org.wso2.carbon.user.api.UserStoreException;
 
@@ -133,6 +132,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
     private SubscriptionDAO subscriptionDAO;
     private LifecycleStateManager lifecycleStateManager;
     private SPApplicationDAO spApplicationDAO;
+    private VppApplicationDAO vppApplicationDAO;
+    private ReviewDAO reviewDAO;
 
     public ApplicationManagerImpl() {
         initDataAccessObjects();
@@ -146,6 +147,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
         this.applicationReleaseDAO = ApplicationManagementDAOFactory.getApplicationReleaseDAO();
         this.subscriptionDAO = ApplicationManagementDAOFactory.getSubscriptionDAO();
         this.spApplicationDAO = ApplicationManagementDAOFactory.getSPApplicationDAO();
+        this.vppApplicationDAO = ApplicationManagementDAOFactory.getVppApplicationDAO();
+        this.reviewDAO = ApplicationManagementDAOFactory.getCommentDAO();
     }
 
     @Override
@@ -508,6 +511,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
             log.error(msg, e);
             throw new ApplicationManagementException(msg, e);
         }
+        // TODO: artifact URLs are not working for Windows AppX installations https://roadmap.entgra.net/issues/11010
+        //ApplicationManagementUtil.addInstallerPathToMetadata(releaseDTO);
         applicationDTO.getApplicationReleaseDTOs().clear();
         applicationDTO.getApplicationReleaseDTOs().add(releaseDTO);
         return applicationDTO;
@@ -2614,21 +2619,25 @@ public class ApplicationManagerImpl implements ApplicationManager {
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
         String userName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
         ApplicationDTO applicationDTO = getApplication(applicationId);
+        String sanitizedName = "";
+        if (!StringUtils.isEmpty(applicationUpdateWrapper.getName())) {
+            sanitizedName = ApplicationManagementUtil.sanitizeName(applicationUpdateWrapper.getName(),
+                    Constants.ApplicationProperties.NAME );
+        }
         try {
             ConnectionManagerUtil.beginDBTransaction();
-            if (!StringUtils.isEmpty(applicationUpdateWrapper.getName()) && !applicationDTO.getName()
+            if (!StringUtils.isEmpty(sanitizedName) && !applicationDTO.getName()
-                    .equals(applicationUpdateWrapper.getName())) {
+                    .equals(sanitizedName)) {
                 if (applicationDAO
-                        .isExistingAppName(applicationUpdateWrapper.getName().trim(), applicationDTO.getDeviceTypeId(),
+                        .isExistingAppName(sanitizedName.trim(), applicationDTO.getDeviceTypeId(),
                                 tenantId)) {
-                    String msg = "Already an application registered with same name " + applicationUpdateWrapper.getName()
+                    String msg = "Already an application registered with same name " + sanitizedName
                             + ". Hence you can't update the application name from " + applicationDTO.getName() + " to "
-                            + applicationUpdateWrapper.getName();
+                            + sanitizedName;
                     log.error(msg);
                     throw new BadRequestException(msg);
                 }
-                applicationDTO.setName(ApplicationManagementUtil.sanitizeName(applicationUpdateWrapper.getName(),
+                applicationDTO.setName(sanitizedName);
-                        Constants.ApplicationProperties.NAME));
             }
             if (!StringUtils.isEmpty(applicationUpdateWrapper.getSubMethod()) && !applicationDTO.getSubType()
                     .equals(applicationUpdateWrapper.getSubMethod())) {
@@ -4385,4 +4394,145 @@ public class ApplicationManagerImpl implements ApplicationManager {
             throw new ApplicationManagementException(msg, e);
         }
     }
+
+    @Override
+    public void deleteApplicationDataOfTenant(int tenantId) throws ApplicationManagementException {
+        if (log.isDebugEnabled()) {
+            log.debug("Request is received to delete application related data of tenant with ID: " + tenantId);
+        }
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+
+            vppApplicationDAO.deleteAssociationByTenant(tenantId);
+            vppApplicationDAO.deleteVppUserByTenant(tenantId);
+            vppApplicationDAO.deleteAssetsByTenant(tenantId);
+            reviewDAO.deleteReviewsByTenant(tenantId);
+            subscriptionDAO.deleteOperationMappingByTenant(tenantId);
+            subscriptionDAO.deleteDeviceSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteGroupSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteRoleSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteUserSubscriptionByTenant(tenantId);
+            applicationDAO.deleteAppFavouritesByTenant(tenantId);
+            applicationDAO.deleteApplicationTagsMappingByTenant(tenantId);
+            applicationDAO.deleteApplicationTagsByTenant(tenantId);
+            applicationDAO.deleteApplicationCategoryMappingByTenant(tenantId);
+            applicationDAO.deleteApplicationCategoriesByTenant(tenantId);
+            subscriptionDAO.deleteScheduledSubscriptionByTenant(tenantId);
+            lifecycleStateDAO.deleteAppLifecycleStatesByTenant(tenantId);
+            applicationReleaseDAO.deleteReleasesByTenant(tenantId);
+            visibilityDAO.deleteAppUnrestrictedRolesByTenant(tenantId);
+            spApplicationDAO.deleteSPApplicationMappingByTenant(tenantId);
+            spApplicationDAO.deleteIdentityServerByTenant(tenantId);
+            applicationDAO.deleteApplicationsByTenant(tenantId);
+            APIUtil.getApplicationStorageManager().deleteAppFolderOfTenant(tenantId);
+
+            ConnectionManagerUtil.commitDBTransaction();
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while observing the database connection to delete applications for tenant with ID: "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ApplicationManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Database access error is occurred when getting applications for tenant with ID: " + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (LifeCycleManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting life-cycle state data of application releases of the tenant"
+                    + " of ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ReviewManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting reviews of application releases of the applications"
+                    + " of tenant ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ApplicationStorageManagementException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting App folder of tenant"
+                    + " of tenant ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+    }
+
+    @Override
+    public void deleteApplicationDataByTenantDomain(String tenantDomain) throws ApplicationManagementException {
+        int tenantId;
+        try{
+            TenantMgtAdminService tenantMgtAdminService = new TenantMgtAdminService();
+            TenantInfoBean tenantInfoBean = tenantMgtAdminService.getTenant(tenantDomain);
+            tenantId = tenantInfoBean.getTenantId();
+
+        } catch (Exception e) {
+            String msg = "Error getting tenant ID from domain: "
+                     + tenantDomain;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        }
+
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+
+            vppApplicationDAO.deleteAssociationByTenant(tenantId);
+            vppApplicationDAO.deleteVppUserByTenant(tenantId);
+            vppApplicationDAO.deleteAssetsByTenant(tenantId);
+            reviewDAO.deleteReviewsByTenant(tenantId);
+            subscriptionDAO.deleteOperationMappingByTenant(tenantId);
+            subscriptionDAO.deleteDeviceSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteGroupSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteRoleSubscriptionByTenant(tenantId);
+            subscriptionDAO.deleteUserSubscriptionByTenant(tenantId);
+            applicationDAO.deleteAppFavouritesByTenant(tenantId);
+            applicationDAO.deleteApplicationTagsMappingByTenant(tenantId);
+            applicationDAO.deleteApplicationTagsByTenant(tenantId);
+            applicationDAO.deleteApplicationCategoryMappingByTenant(tenantId);
+            applicationDAO.deleteApplicationCategoriesByTenant(tenantId);
+            subscriptionDAO.deleteScheduledSubscriptionByTenant(tenantId);
+            lifecycleStateDAO.deleteAppLifecycleStatesByTenant(tenantId);
+            applicationReleaseDAO.deleteReleasesByTenant(tenantId);
+            visibilityDAO.deleteAppUnrestrictedRolesByTenant(tenantId);
+            spApplicationDAO.deleteSPApplicationMappingByTenant(tenantId);
+            spApplicationDAO.deleteIdentityServerByTenant(tenantId);
+            applicationDAO.deleteApplicationsByTenant(tenantId);
+            APIUtil.getApplicationStorageManager().deleteAppFolderOfTenant(tenantId);
+
+            ConnectionManagerUtil.commitDBTransaction();
+        } catch (DBConnectionException e) {
+            String msg = "Error occurred while observing the database connection to delete applications for tenant with ID: "
+                    + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ApplicationManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Database access error is occurred when getting applications for tenant with ID: " + tenantId;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (LifeCycleManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting life-cycle state data of application releases of the tenant"
+                    + " of ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ReviewManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting reviews of application releases of the applications"
+                    + " of tenant ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } catch (ApplicationStorageManagementException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            String msg = "Error occurred while deleting App folder of tenant"
+                    + " of tenant ID: " + tenantId ;
+            log.error(msg, e);
+            throw new ApplicationManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
+        }
+
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/impl/ApplicationStorageManagerImpl.java

@@ -310,4 +310,18 @@ public class ApplicationStorageManagerImpl implements ApplicationStorageManager
             throw new StorageManagementException(msg, e);
         }
     }
+
+    @Override
+    public void deleteAppFolderOfTenant(int tenantId) throws ApplicationStorageManagementException{
+        String folderPath = storagePath + File.separator + tenantId;
+        File folder = new File(folderPath);
+        if (folder.exists()) {
+            try {
+                StorageManagementUtil.delete(folder);
+            } catch (IOException e) {
+                throw new ApplicationStorageManagementException(
+                        "Error occurred while deleting App folder of tenant:" + tenantId, e);
+            }
+        }
+    }
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/impl/FileDownloaderServiceProvider.java

@@ -27,6 +27,7 @@ import io.entgra.device.mgt.core.application.mgt.common.exception.FileTransferSe
 import io.entgra.device.mgt.core.application.mgt.common.services.FileDownloaderService;
 import io.entgra.device.mgt.core.application.mgt.common.services.FileTransferService;
 import io.entgra.device.mgt.core.application.mgt.core.internal.DataHolder;
+import io.entgra.device.mgt.core.application.mgt.core.util.Constants;
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
 import okhttp3.Response;
@@ -111,10 +112,18 @@ public class FileDownloaderServiceProvider {
                     throw new FileDownloaderServiceException("Unexpected response code received for the remote url " + downloadUrl);
                 }
                 String contentDisposition = response.header("Content-Disposition");
-                String[] fileNameSegments = getFileNameSegments(contentDisposition);
+                String contentType = response.header("Content-Type");
+                String[] fileNameSegments = extractFileNameSegmentsFromUrl(downloadUrl);
+
+                // if the url parsing failed to resolve the file name segments
+                // falling to remote file name segment resolving
+                if (fileNameSegments == null) {
+                    fileNameSegments = getFileNameSegments(contentDisposition, contentType);
+                }
+
                 FileMetaEntry fileMetaEntry = new FileMetaEntry();
                 fileMetaEntry.setSize(Long.parseLong(Objects.requireNonNull(response.header("Content-Length"))));
-                fileMetaEntry.setFileName(fileNameSegments[0] + "-" + UUID.randomUUID());
+                fileMetaEntry.setFileName(fileNameSegments[0]);
                 fileMetaEntry.setExtension(fileNameSegments[1]);
                 return fileMetaEntry;
             } catch (IOException e) {
@@ -123,15 +132,70 @@ public class FileDownloaderServiceProvider {
         }
 
         /**
-         * Extract file name segments(filename & extensions) from content disposition header
+         * Extracting file name segments by parsing the URL
+         * @param url Remote URL to extract file name segments
+         * @return Array containing file name segments or null when failed to extract
+         */
+        public static String[] extractFileNameSegmentsFromUrl(URL url) {
+            if (url == null) {
+                if (log.isDebugEnabled()) {
+                    log.debug("Null received as the remote URL");
+                }
+                return null;
+            }
+
+            String []urlSegments = url.toString().split("/");
+            if (urlSegments.length < 1) {
+                if (log.isDebugEnabled()) {
+                    log.debug("Cannot determine the file name for the remote file");
+                }
+                return null;
+            }
+
+            String fullQualifiedName = urlSegments[urlSegments.length - 1];
+            String []fileNameSegments = fullQualifiedName.split("\\.(?=[^.]+$)");
+            if (fileNameSegments.length != 2) {
+                if (log.isDebugEnabled()) {
+                    log.debug("Error encountered when constructing file name");
+                }
+                return null;
+            }
+            return fileNameSegments;
+        }
+
+        /**
+         * Extract file name segments(filename & extensions) from content disposition header and content type header
          * @param contentDisposition Content disposition header value
+         * @param contentType Content type header value
          * @return Array of name segments
          * @throws FileDownloaderServiceException Throws when error occurred while extracting name segments
          */
-        private static String[] getFileNameSegments(String contentDisposition) throws FileDownloaderServiceException {
+        private static String[] getFileNameSegments(String contentDisposition, String contentType) throws FileDownloaderServiceException {
-            if (contentDisposition == null) {
+            if (contentDisposition == null && contentType == null) {
                 throw new FileDownloaderServiceException("Cannot determine the file name for the remote file");
             }
+
+            if (contentDisposition == null) {
+                String extension;
+                if (contentType.equals(Constants.MIME_TYPE_VND_ANDROID_PACKAGE_ARCHIVE)) {
+                    extension = Constants.EXTENSION_APK;
+                } else if (contentType.equals(Constants.MIME_TYPE_OCTET_STREAM)) {
+                    extension = Constants.EXTENSION_IPA;
+                } else if (contentType.equals(Constants.MIME_TYPE_VND_APPX)) {
+                    extension = Constants.EXTENSION_APPX;
+                } else if (contentType.equals(Constants.MIME_TYPE_X_MS_INSTALLER)
+                        || contentType.equals(Constants.MIME_TYPE_VND_MS_WINDOWS_MSI)) {
+                    extension = Constants.EXTENSION_MSI;
+                } else {
+                    String []contentTypeSegments = contentType.split("/");
+                    if (contentTypeSegments.length != 2) {
+                        throw new FileDownloaderServiceException("Encountered wrong content type header value");
+                    }
+                    extension = contentTypeSegments[contentTypeSegments.length - 1];
+                }
+                return new String[]{ UUID.randomUUID().toString(), extension};
+            }
+
             String []contentDispositionSegments = contentDisposition.split("=");
             if (contentDispositionSegments.length != 2) {
                 throw new FileDownloaderServiceException("Error encountered when constructing file name");

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/APIUtil.java

@@ -496,7 +496,6 @@ public class APIUtil {
 
         List<String> screenshotPaths = new ArrayList<>();
         ApplicationRelease applicationRelease = new ApplicationRelease();
-        UrlValidator urlValidator = new UrlValidator();
 
         applicationRelease.setDescription(applicationReleaseDTO.getDescription());
         applicationRelease.setVersion(applicationReleaseDTO.getVersion());
@@ -519,13 +518,8 @@ public class APIUtil {
                             .getBannerName());
         }
 
-        if (urlValidator.isValid(applicationReleaseDTO.getInstallerName())) {
+        applicationRelease.setInstallerPath(constructInstallerPath(applicationReleaseDTO.getInstallerName(),
-            applicationRelease.setInstallerPath(applicationReleaseDTO.getInstallerName());
+                applicationReleaseDTO.getAppHashValue()));
-        } else {
-            applicationRelease.setInstallerPath(
-                    basePath + Constants.APP_ARTIFACT + Constants.FORWARD_SLASH + applicationReleaseDTO
-                            .getInstallerName());
-        }
 
         if (!StringUtils.isEmpty(applicationReleaseDTO.getScreenshotName1())) {
             screenshotPaths
@@ -546,6 +540,21 @@ public class APIUtil {
         return applicationRelease;
     }
 
+    /**
+     * Construct installer path
+     * @param installerName Installer name
+     * @param appHash Application hash
+     * @return Constructed installer path value
+     * @throws ApplicationManagementException Throws when error encountered while constructing installer path
+     */
+    public static String constructInstallerPath(String installerName, String appHash) throws ApplicationManagementException {
+        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
+        UrlValidator urlValidator = new UrlValidator();
+        String basePath = getArtifactDownloadBaseURL() + tenantId + Constants.FORWARD_SLASH + appHash + Constants.FORWARD_SLASH;
+        return urlValidator.isValid(installerName) ? installerName
+                : basePath + Constants.APP_ARTIFACT + Constants.FORWARD_SLASH + installerName;
+    }
+
     public static String getArtifactDownloadBaseURL() throws ApplicationManagementException {
         String host = System.getProperty(Constants.IOT_CORE_HOST);
         MDMConfig mdmConfig = ConfigurationManager.getInstance().getConfiguration().getMdmConfig();

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/ApplicationManagementUtil.java

@@ -17,11 +17,16 @@
  */
 package io.entgra.device.mgt.core.application.mgt.core.util;
 
+import com.google.gson.Gson;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
 import io.entgra.device.mgt.core.application.mgt.common.ApplicationArtifact;
 import io.entgra.device.mgt.core.application.mgt.common.FileDataHolder;
 import io.entgra.device.mgt.core.application.mgt.common.FileDescriptor;
 import io.entgra.device.mgt.core.application.mgt.common.LifecycleChanger;
 import io.entgra.device.mgt.core.application.mgt.common.dto.ApplicationDTO;
+import io.entgra.device.mgt.core.application.mgt.common.dto.ApplicationReleaseDTO;
 import io.entgra.device.mgt.core.application.mgt.common.dto.ItuneAppDTO;
 import io.entgra.device.mgt.core.application.mgt.common.exception.ApplicationManagementException;
 import io.entgra.device.mgt.core.application.mgt.common.exception.FileDownloaderServiceException;
@@ -60,6 +65,7 @@ import io.entgra.device.mgt.core.device.mgt.core.common.util.FileUtil;
 import io.entgra.device.mgt.core.device.mgt.core.metadata.mgt.MetadataManagementServiceImpl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.jetbrains.annotations.NotNull;
 
 import java.io.ByteArrayOutputStream;
 import java.io.File;
@@ -80,6 +86,7 @@ import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.TreeMap;
 
 /**
@@ -649,4 +656,62 @@ public class ApplicationManagementUtil {
         }
         return releaseWrappers;
     }
+
+    /**
+     * Add installer path metadata value to windows applications
+     * @param applicationReleaseDTO {@link ApplicationReleaseDTO}
+     * @throws ApplicationManagementException Throws when error encountered while updating the app metadata
+     */
+    public static void addInstallerPathToMetadata(ApplicationReleaseDTO applicationReleaseDTO)
+            throws ApplicationManagementException {
+        if (applicationReleaseDTO.getMetaData() == null) return;
+        Gson gson = new Gson();
+        String installerPath = APIUtil.constructInstallerPath(applicationReleaseDTO.getInstallerName(), applicationReleaseDTO.getAppHashValue());
+        String[] fileNameSegments = extractNameSegments(applicationReleaseDTO, installerPath);
+        String extension = fileNameSegments[fileNameSegments.length - 1];
+        if (!Objects.equals(extension, "appx") && !Objects.equals(extension, "msi")) {
+            return;
+        }
+
+        String installerPaths = "[ {" +
+                "\"key\": \"Content_Uri\", " +
+                "\"value\" : \"" + installerPath + "\"" +
+                "}]";
+
+        if (Objects.equals(extension, "appx")) {
+            installerPaths = "[ {" +
+                    "\"key\": \"Package_Url\", " +
+                    "\"value\" : \"" + installerPath + "\"" +
+                    "}]";
+        }
+
+        JsonArray parsedMetadataList = gson.fromJson(applicationReleaseDTO.getMetaData(), JsonArray.class);
+        JsonArray installerPathsArray = gson.fromJson(installerPaths, JsonArray.class);
+        parsedMetadataList.addAll(installerPathsArray);
+        applicationReleaseDTO.setMetaData(gson.toJson(parsedMetadataList));
+    }
+
+    /**
+     * Extract name segments from installer path
+     * @param applicationReleaseDTO {@link ApplicationReleaseDTO}
+     * @param installerPath Installer path
+     * @return Extracted file name segments
+     * @throws ApplicationManagementException Throws when error encountered while extracting name segments from installer path
+     */
+    private static String[] extractNameSegments(ApplicationReleaseDTO applicationReleaseDTO, String installerPath)
+            throws ApplicationManagementException {
+        String []installerPathSegments = installerPath.split("/");
+        if (installerPathSegments.length == 0) {
+            throw new ApplicationManagementException("Received malformed url for installer path of the app : "
+                    + applicationReleaseDTO.getInstallerName());
+        }
+        String fullQualifiedName = installerPathSegments[installerPathSegments.length - 1];
+        String []fileNameSegments = fullQualifiedName.split("\\.(?=[^.]+$)");
+        if (fileNameSegments.length != 2) {
+            throw new ApplicationManagementException("Received malformed url for installer path of the app : "
+                    + applicationReleaseDTO.getInstallerName());
+        }
+        return fileNameSegments;
+    }
+
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/main/java/io/entgra/device/mgt/core/application/mgt/core/util/Constants.java

@@ -220,4 +220,14 @@ public class Constants {
      */
     public static final int MAX_APP_NAME_CHARACTERS = 350;
     public static final String APP_NAME_REGEX = "[^a-zA-Z0-9.\\s-]";
+
+    public static final String EXTENSION_APK = ".apk";
+    public static final String EXTENSION_IPA = ".ipa";
+    public static final String EXTENSION_MSI = ".msi";
+    public static final String EXTENSION_APPX = ".appx";
+    public static final String MIME_TYPE_OCTET_STREAM = "application/octet-stream";
+    public static final String MIME_TYPE_VND_ANDROID_PACKAGE_ARCHIVE = "application/vnd.android.package-archive";
+    public static final String MIME_TYPE_VND_MS_WINDOWS_MSI = "application/vnd.ms-windows.msi";
+    public static final String MIME_TYPE_X_MS_INSTALLER = "application/x-ms-installer";
+    public static final String MIME_TYPE_VND_APPX = "application/vnd.appx";
 }

components/application-mgt/io.entgra.device.mgt.core.application.mgt.core/src/test/java/io/entgra/device/mgt/core/application/mgt/core/management/ApplicationManagementTest.java

@@ -107,7 +107,7 @@ public class ApplicationManagementTest extends BaseTestCase {
         EntAppReleaseWrapper releaseWrapper = new EntAppReleaseWrapper();
         releaseWrapper.setDescription("First release");
         releaseWrapper.setIsSharedWithAllTenants(false);
-        releaseWrapper.setMetaData("Just meta data");
+        releaseWrapper.setMetaData("[{\"key\": \"Just a metadata\"}]");
         releaseWrapper.setReleaseType("free");
         releaseWrapper.setPrice(5.7);
         releaseWrapper.setSupportedOsVersions("4.0-7.0");

components/application-mgt/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/cea-mgt/io.entgra.device.mgt.core.cea.mgt.admin.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>cea-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/cea-mgt/io.entgra.device.mgt.core.cea.mgt.common/pom.xml

@@ -23,7 +23,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>cea-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/cea-mgt/io.entgra.device.mgt.core.cea.mgt.core/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>cea-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/cea-mgt/io.entgra.device.mgt.core.cea.mgt.enforce/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>cea-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/cea-mgt/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>certificate-mgt</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.cert.admin.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>certificate-mgt</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/certificate-mgt/io.entgra.device.mgt.core.certificate.mgt.core/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>certificate-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/certificate-mgt/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.defaultrole.manager/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.device.organization.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.device.organization/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.device.organization/src/test/resources/carbon-home/dbscripts/dm-db-h2.sql

@@ -116,6 +116,7 @@ CREATE TABLE IF NOT EXISTS DM_OPERATION
     OPERATION_CODE     VARCHAR(1000)          NOT NULL,
     INITIATED_BY       VARCHAR(100)           NULL,
     OPERATION_DETAILS  BLOB                            DEFAULT NULL,
+    OPERATION_PROPERTIES  BLOB                         DEFAULT NULL,
     ENABLED            BOOLEAN                NOT NULL DEFAULT FALSE,
     PRIMARY KEY (ID)
 );

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.device.organization/src/test/resources/sql/h2.sql

@@ -140,6 +140,7 @@ CREATE TABLE IF NOT EXISTS DM_OPERATION (
     OPERATION_CODE VARCHAR(1000) NOT NULL,
     INITIATED_BY VARCHAR(100) NULL,
     OPERATION_DETAILS BLOB DEFAULT NULL,
+    OPERATION_PROPERTIES BLOB DEFAULT NULL,
     ENABLED BOOLEAN NOT NULL DEFAULT FALSE,
     TENANT_ID INTEGER NOT NULL,
     PRIMARY KEY (ID)

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.device.type.deployer/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.logger/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.pull.notification/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.http/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.mqtt/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.xmpp/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.stateengine/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.userstore.role.mapper/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt-extensions</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt-extensions/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>io.entgra.device.mgt.core.parent</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/AccessAuthorizationService.java

@@ -0,0 +1,181 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.api;
+
+import io.entgra.device.mgt.core.device.mgt.api.jaxrs.beans.ErrorResponse;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.DeviceAuthorizationRequest;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAuthorizationRequest;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAuthorizationResult;
+import io.swagger.annotations.*;
+import org.apache.axis2.transport.http.HTTPConstants;
+
+import javax.validation.Valid;
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+@SwaggerDefinition(
+        info = @Info(
+                version = "1.0.0",
+                title = "",
+                extensions = {
+                        @Extension(properties = {
+                                @ExtensionProperty(name = "name", value = "AccessAuthorizationService"),
+                                @ExtensionProperty(name = "context", value = "/api/device-mgt/v1.0/access"),
+                        })
+                }
+        ),
+        tags = {
+                @Tag(name = "device_management", description = "")
+        }
+)
+@Path("/access")
+@Api(value = "AccessAuthorizationService", description = "This API carries all device group management related " +
+        "access authorization")
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public interface AccessAuthorizationService {
+
+    @POST
+    @Path("/device")
+    @ApiOperation(
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = HTTPConstants.HEADER_GET,
+            value = "check device access authorization",
+            notes = "Returns device access acutorization info",
+            tags = "device_management"
+    )
+    @ApiResponses(
+            value = {
+                    @ApiResponse(
+                            code = 201,
+                            message = "Created. \n Device group has successfully been created",
+                            responseHeaders = {
+                                    @ResponseHeader(
+                                            name = "Content-Location",
+                                            description = "The URL of the added group."),
+                                    @ResponseHeader(
+                                            name = "Content-Type",
+                                            description = "The content type of the body"),
+                                    @ResponseHeader(
+                                            name = "ETag",
+                                            description = "Entity Tag of the response resource.\n" +
+                                                    "Used by caches, or in conditional requests."),
+                                    @ResponseHeader(
+                                            name = "Last-Modified",
+                                            description = "Date and time the resource has been modified the last time" +
+                                                    ".\n" + "Used by caches, or in conditional requests.")
+                            }
+                    ),
+                    @ApiResponse(
+                            code = 303,
+                            message = "See Other. \n Source can be retrieved from the URL specified at the Location " +
+                                    "header.",
+                            responseHeaders = {
+                                    @ResponseHeader(
+                                            name = "Content-Location",
+                                            description = "The Source URL of the document.")}),
+                    @ApiResponse(
+                            code = 400,
+                            message = "Bad Request. \n Invalid request or validation error.",
+                            response = ErrorResponse.class),
+                    @ApiResponse(
+                            code = 401,
+                            message = "Unauthorized. \n Current logged in user is not authorized for this request",
+                            response = ErrorResponse.class),
+                    @ApiResponse(
+                            code = 415,
+                            message = "Unsupported media type. \n The entity of the request was in a not supported " +
+                                    "format."),
+                    @ApiResponse(
+                            code = 500,
+                            message = "Internal Server Error. \n " +
+                                    "Server error occurred while checking access",
+                            response = ErrorResponse.class)
+            })
+    Response checkDeviceAccess(
+            @ApiParam(
+                    name = "deviceAccessRequest",
+                    value = "Define the device access request object with data.",
+                    required = true)
+            @Valid DeviceAuthorizationRequest deviceAuthorizationRequest);
+
+    @POST
+    @Path("/group")
+    @ApiOperation(
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = HTTPConstants.HEADER_GET,
+            value = "check device access authorization",
+            notes = "Returns device access acutorization info",
+            tags = "device_management"
+    )
+    @ApiResponses(
+            value = {
+                    @ApiResponse(
+                            code = 201,
+                            message = "Created. \n Device group has successfully been created",
+                            responseHeaders = {
+                                    @ResponseHeader(
+                                            name = "Content-Location",
+                                            description = "The URL of the added group."),
+                                    @ResponseHeader(
+                                            name = "Content-Type",
+                                            description = "The content type of the body"),
+                                    @ResponseHeader(
+                                            name = "ETag",
+                                            description = "Entity Tag of the response resource.\n" +
+                                                    "Used by caches, or in conditional requests."),
+                                    @ResponseHeader(
+                                            name = "Last-Modified",
+                                            description = "Date and time the resource has been modified the last time" +
+                                                    ".\n" + "Used by caches, or in conditional requests.")
+                            }
+                    ),
+                    @ApiResponse(
+                            code = 303,
+                            message = "See Other. \n Source can be retrieved from the URL specified at the Location " +
+                                    "header.",
+                            responseHeaders = {
+                                    @ResponseHeader(
+                                            name = "Content-Location",
+                                            description = "The Source URL of the document.")}),
+                    @ApiResponse(
+                            code = 400,
+                            message = "Bad Request. \n Invalid request or validation error.",
+                            response = ErrorResponse.class),
+                    @ApiResponse(
+                            code = 401,
+                            message = "Unauthorized. \n Current logged in user is not authorized for this request",
+                            response = ErrorResponse.class),
+                    @ApiResponse(
+                            code = 415,
+                            message = "Unsupported media type. \n The entity of the request was in a not supported " +
+                                    "format."),
+                    @ApiResponse(
+                            code = 500,
+                            message = "Internal Server Error. \n " +
+                                    "Server error occurred while checking access",
+                            response = ErrorResponse.class)
+            })
+    Response checkGroupAccess(
+            @ApiParam(
+                    name = "groupAccessRequest",
+                    value = "Define the group access request object with data.",
+                    required = true)
+            @Valid GroupAuthorizationRequest request);
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/ActivityInfoProviderService.java

@@ -491,7 +491,7 @@ public interface ActivityInfoProviderService {
                     name = "status",
                     value = "Operation response status to filter"
             )
-            @QueryParam("status") String status,
+            @QueryParam("status") List<String> statuses,
             @ApiParam(
                     name = "If-Modified-Since",
                     value = "Checks if the requested variant was modified, since the specified date-time\n." +
@@ -615,7 +615,7 @@ public interface ActivityInfoProviderService {
                     name = "status",
                     value = "Operation response status to filter"
             )
-            @QueryParam("status") String status,
+            @QueryParam("status") List<String> statuses,
             @ApiParam(
                     name = "If-Modified-Since",
                     value = "Checks if the requested variant was modified, since the specified date-time\n." +

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/UserManagementAdminService.java

@@ -61,6 +61,13 @@ import javax.ws.rs.core.Response;
                         key = "um:admin:users:remove",
                         roles = {"Internal/devicemgt-admin"},
                         permissions = {"/device-mgt/admin/users/delete"}
+                ),
+                @Scope(
+                        name = "Delete Tenant Information",
+                        description = "Delete tenant details",
+                        key = "um:admin:tenants:remove",
+                        roles = {"Internal/devicemgt-admin"},
+                        permissions = {"/device-mgt/admin/tenants/delete"}
                 )
         }
 )
@@ -258,5 +265,41 @@ public interface UserManagementAdminService {
             @Size(max = 45)
             String deviceId);
 
+    @DELETE
+    @Path("/domain/{tenantDomain}")
+    @Produces(MediaType.APPLICATION_JSON)
+    @Consumes(MediaType.APPLICATION_JSON)
+    @ApiOperation(
+            consumes = MediaType.APPLICATION_JSON,
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = "DELETE",
+            value = "Delete a tenant by tenant domain.",
+            notes = "This API allows the deletion of a tenant by providing the tenant domain.",
+            tags = "Tenant details remove",
+            extensions = {
+                    @Extension(properties = {
+                            @ExtensionProperty(name = Constants.SCOPE, value = "um:admin:tenants:remove")
+                    })
+            }
+    )
+    @ApiResponses(value = {
+            @ApiResponse(code = 200, message = "OK. \n Tenant has been deleted successfully."),
+            @ApiResponse(
+                    code = 404,
+                    message = "Not Found. \n The tenant with the provided domain does not exist.",
+                    response = ErrorResponse.class),
+            @ApiResponse(
+                    code = 500,
+                    message = "Internal Server Error. \n Server error occurred while removing the tenant.",
+                    response = ErrorResponse.class)
+    })
+    Response deleteTenantByDomain(
+            @ApiParam(
+                    name = "tenantDomain",
+                    value = "The domain of the tenant to be deleted.",
+                    required = true)
+
+            @PathParam("tenantDomain")
+            String tenantDomain);
 
 }

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/AccessAuthorizationServiceImpl.java

@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
+
+import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.api.AccessAuthorizationService;
+import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.DeviceMgtAPIUtils;
+import io.entgra.device.mgt.core.device.mgt.common.DeviceIdentifier;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.*;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import javax.ws.rs.core.Response;
+import java.util.ArrayList;
+import java.util.List;
+
+
+public class AccessAuthorizationServiceImpl implements AccessAuthorizationService {
+
+    private static final Log log = LogFactory.getLog(AccessAuthorizationServiceImpl.class);
+    @Override
+    public Response checkDeviceAccess(DeviceAuthorizationRequest deviceAuthorizationRequest) {
+
+        if (StringUtils.isEmpty(deviceAuthorizationRequest.getType())) {
+            String msg = "device type not specified";
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+
+        if (deviceAuthorizationRequest.getDeviceIds().isEmpty()) {
+            String msg = "device ids not specified";
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+
+        if (deviceAuthorizationRequest.getPermissions().isEmpty()) {
+            String msg = "permissions not specified";
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+
+        List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
+        for(String id : deviceAuthorizationRequest.getDeviceIds()) {
+            DeviceIdentifier identifier = new DeviceIdentifier(id, deviceAuthorizationRequest.getType());
+            deviceIdentifiers.add(identifier);
+        }
+        try {
+            DeviceAuthorizationResult result = DeviceMgtAPIUtils.getDeviceAccessAuthorizationService()
+                    .isUserAuthorized(deviceIdentifiers, deviceAuthorizationRequest.getUsername(),
+                            deviceAuthorizationRequest.getPermissions().toArray(new String[0]));
+            return Response.status(Response.Status.OK).entity(result).build();
+        } catch (DeviceAccessAuthorizationException e) {
+            String msg = "Error occurred while checking access info";
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        }
+    }
+
+    @Override
+    public Response checkGroupAccess(GroupAuthorizationRequest request) {
+
+        if (request.getGroupIds().isEmpty()) {
+            String msg = "group ids not specified";
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+
+        if (request.getPermissions().isEmpty()) {
+            String msg = "permissions not specified";
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
+
+        try {
+            GroupAuthorizationResult result = DeviceMgtAPIUtils.getGroupAccessAuthorizationService()
+                    .isUserAuthorized(request.getGroupIds(), request.getUsername(),
+                            request.getPermissions().toArray(new String[0]));
+            return Response.status(Response.Status.OK).entity(result).build();
+        } catch (GroupAccessAuthorizationException e) {
+            String msg = "Error occurred while checking access info";
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        }
+    }
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/ActivityProviderServiceImpl.java

@@ -50,6 +50,7 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
 
@@ -259,7 +260,7 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
                                         @QueryParam("deviceType") String deviceType,
                                         @QueryParam("deviceId") List<String> deviceIds,
                                         @QueryParam("type") String type,
-                                        @QueryParam("status") String status,
+                                        @QueryParam("status") List<String> statuses,
                                         @HeaderParam("If-Modified-Since") String ifModifiedSince,
                                         @QueryParam("startTimestamp") long startTimestamp,
                                         @QueryParam("endTimestamp") long endTimestamp) {
@@ -336,8 +337,12 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
             if (type != null && !type.isEmpty()) {
                 activityPaginationRequest.setType(Operation.Type.valueOf(type.toUpperCase()));
             }
-            if (status != null && !status.isEmpty()) {
+            if (statuses != null && !statuses.isEmpty()) {
-                activityPaginationRequest.setStatus(Operation.Status.valueOf(status.toUpperCase()));
+                List<Operation.Status> statusEnums = new ArrayList<>();
+                for (String status : statuses) {
+                    statusEnums.add(Operation.Status.valueOf(status.toUpperCase()));
+                }
+                activityPaginationRequest.setStatuses(statusEnums);
             }
             if (timestamp > 0) {
                 activityPaginationRequest.setSince(timestamp);
@@ -382,7 +387,7 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
                                   @QueryParam("deviceType") String deviceType,
                                   @QueryParam("deviceId") List<String> deviceIds,
                                   @QueryParam("type") String type,
-                                  @QueryParam("status") String status,
+                                  @QueryParam("status") List<String> statuses,
                                   @HeaderParam("If-Modified-Since") String ifModifiedSince,
                                   @QueryParam("startTimestamp") long startTimestamp,
                                   @QueryParam("endTimestamp") long endTimestamp) {
@@ -457,8 +462,12 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
             if (type != null && !type.isEmpty()) {
                 activityPaginationRequest.setType(Operation.Type.valueOf(type.toUpperCase()));
             }
-            if (status != null && !status.isEmpty()) {
+            if (statuses != null && !statuses.isEmpty()) {
-                activityPaginationRequest.setStatus(Operation.Status.valueOf(status.toUpperCase()));
+                List<Operation.Status> statusEnums = new ArrayList<>();
+                for (String status : statuses) {
+                    statusEnums.add(Operation.Status.valueOf(status.toUpperCase()));
+                }
+                activityPaginationRequest.setStatuses(statusEnums);
             }
             if (timestamp > 0) {
                 activityPaginationRequest.setSince(timestamp);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceAgentServiceImpl.java

@@ -21,6 +21,7 @@ import com.google.gson.Gson;
 import com.google.gson.JsonArray;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonParser;
+import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.apache.axis2.AxisFault;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -167,7 +168,9 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
                     DeviceMgtAPIUtils.getDeviceAccessAuthorizationService();
             boolean status;
             try {
-                status = deviceAccessAuthorizationService.isUserAuthorized(new DeviceIdentifier(id, type));
+                String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+                String[] requiredPermissions = new String[] {requiredPermission};
+                status = deviceAccessAuthorizationService.isUserAuthorized(new DeviceIdentifier(id, type), requiredPermissions);
             } catch (DeviceAccessAuthorizationException e) {
                 String msg = "Error occurred while modifying enrollment of the Android device that carries the id '" +
                         id + "'";
@@ -229,8 +232,10 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
                 String msg = "invalid payload structure";
                 return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
             } else {
+                String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+                String[] requiredPermissions = new String[] {requiredPermission};
                 boolean authorized = DeviceMgtAPIUtils.getDeviceAccessAuthorizationService().isUserAuthorized
-                        (new DeviceIdentifier(type, deviceId));
+                        (new DeviceIdentifier(type, deviceId), requiredPermissions);
                 if (!authorized) {
                     String msg = "Does not have permission to access the device.";
                     return Response.status(Response.Status.UNAUTHORIZED).entity(msg).build();
@@ -329,8 +334,10 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
                 String msg = "Invalid payload structure";
                 return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
             } else {
+                String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+                String[] requiredPermissions = new String[] {requiredPermission};
                 boolean authorized = DeviceMgtAPIUtils.getDeviceAccessAuthorizationService().isUserAuthorized
-                        (new DeviceIdentifier(type, deviceId));
+                        (new DeviceIdentifier(type, deviceId), requiredPermissions);
                 if (!authorized) {
                     String msg = "Does not have permission to access the device.";
                     return Response.status(Response.Status.UNAUTHORIZED).entity(msg).build();

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImpl.java

@@ -28,6 +28,7 @@ import io.entgra.device.mgt.core.application.mgt.common.services.SubscriptionMan
 import io.entgra.device.mgt.core.application.mgt.core.util.HelperUtil;
 import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl.util.DisenrollRequest;
 import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.DeviceMgtUtil;
+import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
@@ -580,7 +581,9 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             String authorizedUser = CarbonContext.getThreadLocalCarbonContext().getUsername();
             DeviceIdentifier deviceIdentifier = new DeviceIdentifier(id, type);
             // check whether the user is authorized
-            if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, authorizedUser)) {
+            String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+            String[] requiredPermissions = new String[] {requiredPermission};
+            if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, authorizedUser, requiredPermissions)) {
                 String msg = "User '" + authorizedUser + "' is not authorized to retrieve the given device id '" + id + "'";
                 log.error(msg);
                 return Response.status(Response.Status.UNAUTHORIZED).entity(
@@ -716,7 +719,9 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
             }
             DeviceIdentifier deviceIdentifier = new DeviceIdentifier(id, device.getType());
             // check whether the user is authorized
-            if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, authorizedUser)) {
+            String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+            String[] requiredPermissions = new String[] {requiredPermission};
+            if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, authorizedUser, requiredPermissions)) {
                 String message = "User '" + authorizedUser + "' is not authorized to retrieve the given " +
                         "device id '" + id + "'";
                 log.error(message);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/PolicyManagementServiceImpl.java

@@ -18,6 +18,7 @@
 package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
 
 import io.entgra.device.mgt.core.device.mgt.common.PolicyPaginationRequest;
+import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
@@ -85,7 +86,9 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
                 PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
                 String username = threadLocalCarbonContext.getUsername();
                 try {
-                    if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, username)) {
+                    String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+                    String[] requiredPermissions = new String[] {requiredPermission};
+                    if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, username, requiredPermissions)) {
                         return Response.status(Response.Status.UNAUTHORIZED).entity(
                                 new ErrorResponse.ErrorResponseBuilder().setMessage
                                         ("Current logged in user is not authorized to add policies").build()).build();

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/UserManagementServiceImpl.java

@@ -574,7 +574,7 @@ public class UserManagementServiceImpl implements UserManagementService {
                     basicUserInfo.setEmailAddress(getClaimValue(user, Constants.USER_CLAIM_EMAIL_ADDRESS));
                     basicUserInfo.setFirstname(getClaimValue(user, Constants.USER_CLAIM_FIRST_NAME));
                     basicUserInfo.setLastname(getClaimValue(user, Constants.USER_CLAIM_LAST_NAME));
-                    basicUserInfo.setRemovable(isUserRemovable(username));
+                    basicUserInfo.setRemovable(isUserRemovable(user));
                     filteredUserList.add(basicUserInfo);
                 }
             }

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/GroupManagementAdminServiceImpl.java

@@ -172,6 +172,9 @@ public class GroupManagementAdminServiceImpl implements GroupManagementAdminServ
         if (group == null) {
             return Response.status(Response.Status.BAD_REQUEST).build();
         }
+        if (StringUtils.isEmpty(group.getOwner())) {
+            group.setOwner(PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername());
+        }
         group.setStatus(DeviceGroupConstants.GroupStatus.ACTIVE);
         try {
             DeviceMgtAPIUtils.getGroupManagementProviderService().createGroup(group, DEFAULT_ADMIN_ROLE, DEFAULT_ADMIN_PERMISSIONS);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/UserManagementAdminServiceImpl.java

@@ -17,6 +17,8 @@
  */
 package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl.admin;
 
+import io.entgra.device.mgt.core.application.mgt.common.exception.ApplicationManagementException;
+import io.entgra.device.mgt.core.device.mgt.common.exceptions.DeviceManagementException;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import io.entgra.device.mgt.core.device.mgt.common.DeviceIdentifier;
@@ -25,6 +27,11 @@ import io.entgra.device.mgt.core.device.mgt.api.jaxrs.beans.PasswordResetWrapper
 import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.api.admin.UserManagementAdminService;
 import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.CredentialManagementResponseBuilder;
 import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.stratos.common.exception.StratosException;
+import org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService;
+import org.wso2.carbon.user.api.UserStoreException;
 
 import javax.validation.constraints.Size;
 import javax.ws.rs.*;
@@ -81,4 +88,38 @@ public class UserManagementAdminServiceImpl implements UserManagementAdminServic
         }
     }
 
+    @DELETE
+    @Path("/domain/{tenantDomain}")
+    @Override
+    public Response deleteTenantByDomain(@PathParam("tenantDomain") String tenantDomain) {
+        try {
+            int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+            if (tenantId != MultitenantConstants.SUPER_TENANT_ID){
+                String msg = "Only super tenants are allowed to delete tenants";
+                log.error(msg);
+                return Response.status(Response.Status.UNAUTHORIZED).entity(msg).build();
+            } else {
+                DeviceMgtAPIUtils.getApplicationManager().deleteApplicationDataByTenantDomain(tenantDomain);
+                DeviceMgtAPIUtils.getDeviceManagementService().deleteDeviceDataByTenantDomain(tenantDomain);
+                TenantMgtAdminService tenantMgtAdminService = new TenantMgtAdminService();
+                tenantMgtAdminService.deleteTenant(tenantDomain);
+                String msg = "Tenant Deletion process has been initiated for tenant:" + tenantDomain;
+                return Response.status(Response.Status.OK).entity(msg).build();
+            }
+
+        } catch (StratosException | UserStoreException e) {
+            String msg = "Error deleting tenant: " + tenantDomain;
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        } catch (ApplicationManagementException e) {
+            String msg = "Error deleting application data of tenant: " + tenantDomain;
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        } catch (DeviceManagementException e) {
+            String msg = "Error deleting device data of tenant: " + tenantDomain;
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+        }
+    }
+
 }

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/util/DeviceMgtAPIUtils.java

@@ -21,7 +21,9 @@ package io.entgra.device.mgt.core.device.mgt.api.jaxrs.util;
 import io.entgra.device.mgt.core.apimgt.webapp.publisher.APIPublisherService;
 import io.entgra.device.mgt.core.application.mgt.common.services.ApplicationManager;
 import io.entgra.device.mgt.core.application.mgt.common.services.SubscriptionManager;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAccessAuthorizationService;
 import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.DeviceStatusManagementService;
+import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.apache.axis2.AxisFault;
 import org.apache.axis2.client.Options;
 import org.apache.axis2.java.security.SSLProtocolSocketFactory;
@@ -342,6 +344,17 @@ public class DeviceMgtAPIUtils {
         return deviceAccessAuthorizationService;
     }
 
+    public static GroupAccessAuthorizationService getGroupAccessAuthorizationService() {
+        PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+        GroupAccessAuthorizationService groupAccessAuthorizationService =
+                (GroupAccessAuthorizationService) ctx.getOSGiService(GroupAccessAuthorizationService.class, null);
+        if (groupAccessAuthorizationService == null) {
+            String msg = "GroupAccessAuthorizationService service has not initialized.";
+            log.error(msg);
+            throw new IllegalStateException(msg);
+        }
+        return groupAccessAuthorizationService;
+    }
     public static GroupManagementProviderService getGroupManagementProviderService() {
         PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
         GroupManagementProviderService groupManagementProviderService =
@@ -1111,7 +1124,9 @@ public class DeviceMgtAPIUtils {
             RequestValidationUtil.validateDeviceIdentifier(deviceType, identifier);
             DeviceIdentifier deviceIdentifier = new DeviceIdentifier(identifier, deviceType);
 
-            if (!getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, authorizedUser)) {
+            String requiredPermission = PermissionManagerServiceImpl.getInstance().getRequiredPermission();
+            String[] requiredPermissions = new String[] {requiredPermission};
+            if (!getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, authorizedUser, requiredPermissions)) {
                 String msg = "User '" + authorizedUser + "' is not authorized to retrieve the given device id '" +
                         identifier + "'";
                 log.error(msg);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/ActivityProviderServiceImplTest.java

@@ -132,7 +132,7 @@ public class ActivityProviderServiceImplTest {
         activityPaginationRequest.setDeviceType(DEVICE_TYPE_2);
         activityPaginationRequest.setOperationId(OPERATION_ID);
         activityPaginationRequest.setInitiatedBy(INITIATED_BY);
-        activityPaginationRequest.setStatus(STATUS);
+        activityPaginationRequest.setStatuses(Collections.singletonList(STATUS));
         activityPaginationRequest.setType(TYPE);
         activityPaginationRequest.setStartTimestamp(0);
         activityPaginationRequest.setEndTimestamp(0);
@@ -226,7 +226,7 @@ public class ActivityProviderServiceImplTest {
         Mockito.when(this.deviceManagementProviderService.getActivities(Mockito.any())).thenReturn(activities);
         Response response = this.activityInfoProviderService.getActivities(
                 OFFSET, LIMIT, SINCE, INITIATED_BY, OPERATION_CODE, OPERATION_ID,
-                DEVICE_TYPE_2, Collections.singletonList(DEVICE_ID), TYPE.toString(), STATUS.toString(), null, 0, 0);
+                DEVICE_TYPE_2, Collections.singletonList(DEVICE_ID), TYPE.toString(), Collections.singletonList(STATUS.toString()), null, 0, 0);
 
         Assert.assertEquals(response.getStatus(), Response.Status.OK.getStatusCode());
         Assert.assertNotNull(response);
@@ -258,7 +258,7 @@ public class ActivityProviderServiceImplTest {
         Mockito.when(this.deviceManagementProviderService.getDeviceActivities(Mockito.any())).thenReturn(deviceActivities);
         Response response = this.activityInfoProviderService.getDeviceActivities(
                 OFFSET, LIMIT, SINCE, INITIATED_BY, OPERATION_CODE, OPERATION_ID,
-                DEVICE_TYPE_2, Collections.singletonList(DEVICE_ID), TYPE.toString(), STATUS.toString(), null, 0, 0);
+                DEVICE_TYPE_2, Collections.singletonList(DEVICE_ID), TYPE.toString(), Collections.singletonList(STATUS.toString()), null, 0, 0);
 
         Assert.assertEquals(response.getStatus(), Response.Status.OK.getStatusCode());
         Assert.assertNotNull(response);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceAgentServiceTest.java

@@ -285,7 +285,7 @@ public class DeviceAgentServiceTest {
         Device testDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
         Mockito.when(this.deviceManagementProviderService
                 .getDevice(Mockito.any(DeviceIdentifier.class), Mockito.any(Boolean.class))).thenReturn(testDevice);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenThrow(new DeviceAccessAuthorizationException());
         Response response = deviceAgentService.updateDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER, testDevice);
         Assert.assertNotNull(response, "Response should not be null");
@@ -305,7 +305,7 @@ public class DeviceAgentServiceTest {
         Device testDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
         Mockito.when(this.deviceManagementProviderService
                 .getDevice(Mockito.any(DeviceIdentifier.class), Mockito.any(Boolean.class))).thenReturn(testDevice);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(false);
         Response response = deviceAgentService.updateDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER, testDevice);
         Assert.assertNotNull(response, "Response should not be null");
@@ -327,7 +327,7 @@ public class DeviceAgentServiceTest {
         Device testDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
         Mockito.when(this.deviceManagementProviderService
                 .getDevice(Mockito.any(DeviceIdentifier.class), Mockito.any(Boolean.class))).thenReturn(testDevice);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         Mockito.when(this.deviceManagementProviderService.modifyEnrollment(Mockito.any())).thenReturn(false);
         Response response = deviceAgentService.updateDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER, testDevice);
@@ -350,7 +350,7 @@ public class DeviceAgentServiceTest {
         Device testDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
         Mockito.when(this.deviceManagementProviderService
                 .getDevice(Mockito.any(DeviceIdentifier.class), Mockito.any(Boolean.class))).thenReturn(testDevice);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         Mockito.when(this.deviceManagementProviderService.modifyEnrollment(Mockito.any()))
                 .thenThrow(new DeviceManagementException());
@@ -372,7 +372,7 @@ public class DeviceAgentServiceTest {
                 "getAuthenticatedUser")).toReturn(AUTHENTICATED_USER);
         Device testDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
         Mockito.when(this.deviceManagementProviderService.getDevice(Mockito.any(DeviceIdentifier.class), Mockito.any(Boolean.class))).thenReturn(testDevice);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         Mockito.when(this.deviceManagementProviderService.modifyEnrollment(Mockito.any())).thenReturn((true));
         Response response = deviceAgentService.updateDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER, testDevice);
@@ -408,7 +408,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(false);
         Mockito.when(this.privilegedCarbonContext.getTenantDomain())
                 .thenReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
@@ -432,7 +432,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenThrow(new DeviceAccessAuthorizationException());
         Mockito.when(this.privilegedCarbonContext.getTenantDomain())
                 .thenReturn(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
@@ -457,7 +457,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getEventStreamAdminServiceStub"))
                 .toReturn(this.eventStreamAdminServiceStub);
@@ -485,7 +485,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getEventStreamAdminServiceStub"))
                 .toThrow(new AxisFault(""));
@@ -511,7 +511,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getEventStreamAdminServiceStub"))
                 .toThrow(new RemoteException());
@@ -539,7 +539,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getEventStreamAdminServiceStub"))
                 .toThrow(new JWTClientException());
@@ -567,7 +567,7 @@ public class DeviceAgentServiceTest {
                 .toReturn(this.privilegedCarbonContext);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class,
                 "getDeviceAccessAuthorizationService")).toReturn(this.deviceAccessAuthorizationService);
-        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class)))
+        Mockito.when(this.deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class), Mockito.any(String[].class)))
                 .thenReturn(true);
         PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getEventStreamAdminServiceStub"))
                 .toThrow(new UserStoreException());

components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/test/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/DeviceManagementServiceImplTest.java

@@ -215,7 +215,7 @@ public class DeviceManagementServiceImplTest {
         Mockito.when(carbonContext.getTenantId()).thenReturn(-1234);
         Mockito.when(carbonContext.getUsername()).thenReturn(DEFAULT_USERNAME);
         Mockito.when(deviceAccessAuthorizationService.isUserAuthorized(Mockito.any(DeviceIdentifier.class),
-                                                                       Mockito.anyString())).thenReturn(true);
+                                                                       Mockito.anyString(), Mockito.any(String[].class))).thenReturn(true);
 
         Response response = this.deviceManagementService
                 .getDeviceByID(TEST_DEVICE_IDENTIFIER, ifModifiedSince,true);

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>device-mgt</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/ActivityPaginationRequest.java

@@ -36,7 +36,7 @@ public class ActivityPaginationRequest {
     private String initiatedBy;
     private long since;
     private Operation.Type type;
-    private Operation.Status status;
+    private List<Operation.Status> statuses;
     private long startTimestamp;
     private long endTimestamp;
 
@@ -110,12 +110,12 @@ public class ActivityPaginationRequest {
         this.type = type;
     }
 
-    public Operation.Status getStatus() {
+    public List<Operation.Status> getStatuses() {
-        return status;
+        return statuses;
     }
 
-    public void setStatus(Operation.Status status) {
+    public void setStatuses(List<Operation.Status> statuses) {
-        this.status = status;
+        this.statuses = statuses;
     }
 
     public long getStartTimestamp() {

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/DeviceAccessAuthorizationService.java

@@ -28,15 +28,6 @@ import java.util.List;
  * accessing the device information and performing MDM operations on devices.
  */
 public interface DeviceAccessAuthorizationService {
-    /**
-     * This method will check whether the currently logged-in user has the access to the device identified by the given
-     * DeviceIdentifier.
-     *
-     * @param deviceIdentifier - DeviceIdentifier of the device to be checked.
-     * @return Boolean authorization result.
-     * @throws DeviceAccessAuthorizationException if something goes wrong when checking the authorization.
-     */
-    boolean isUserAuthorized(DeviceIdentifier deviceIdentifier) throws DeviceAccessAuthorizationException;
 
     /**
      * This method will check whether the currently logged-in user has the access to the device identified by the given
@@ -50,18 +41,6 @@ public interface DeviceAccessAuthorizationService {
     boolean isUserAuthorized(DeviceIdentifier deviceIdentifier, String[] groupPermissions)
             throws DeviceAccessAuthorizationException;
 
-    /**
-     * This method will check whether the currently logged-in user has the access to the devices identified by the given
-     * DeviceIdentifier list.
-     *
-     * @param deviceIdentifiers - List of DeviceIdentifiers to be checked for authorization.
-     * @return DeviceAuthorizationResult - Authorization result object including the list of authorized devices and
-     *                                      unauthorized devices.
-     * @throws DeviceAccessAuthorizationException if something goes wrong when checking the authorization.
-     */
-    DeviceAuthorizationResult isUserAuthorized(List<DeviceIdentifier> deviceIdentifiers) throws
-                                                                                         DeviceAccessAuthorizationException;
-
     /**
      * This method will check whether the currently logged-in user has the access to the devices identified by the given
      * DeviceIdentifier list.
@@ -103,18 +82,6 @@ public interface DeviceAccessAuthorizationService {
                                                String[] groupPermissions) throws
                                                                           DeviceAccessAuthorizationException;
 
-    /**
-     * This method will check whether the given user has the access to the device identified by the given
-     * DeviceIdentifier.
-     *
-     * @param deviceIdentifier - DeviceIdentifier of the device to be checked.
-     * @param username         - Username of the user to be checked for authorization.
-     * @return Boolean authorization result.
-     * @throws DeviceAccessAuthorizationException if something goes wrong when checking the authorization.
-     */
-    boolean isUserAuthorized(DeviceIdentifier deviceIdentifier, String username) throws
-                                                                                 DeviceAccessAuthorizationException;
-
     /**
      * This method will check whether the authenticated user has the admin permissions.
      *
@@ -122,17 +89,4 @@ public interface DeviceAccessAuthorizationService {
      * @throws DeviceAccessAuthorizationException if something goes wrong when checking the authorization.
      */
     boolean isDeviceAdminUser() throws DeviceAccessAuthorizationException;
-
-    /**
-     * This method will check whether the given user has the access to the devices identified by the given
-     * DeviceIdentifier list.
-     *
-     * @param deviceIdentifiers - List of DeviceIdentifiers to be checked for authorization.
-     * @param username          - Username of the user to be checked for authorization.
-     * @return DeviceAuthorizationResult - Authorization result object including the list of authorized devices and
-     *                                      unauthorized devices.
-     * @throws DeviceAccessAuthorizationException if something goes wrong when checking the authorization.
-     */
-    DeviceAuthorizationResult isUserAuthorized(List<DeviceIdentifier> deviceIdentifiers, String username) throws
-                                                                                                          DeviceAccessAuthorizationException;
 }

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/DeviceAuthorizationRequest.java

@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package io.entgra.device.mgt.core.device.mgt.common.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.util.List;
+
+@ApiModel(value = "DeviceAuthorizationRequest", description = "")
+public class DeviceAuthorizationRequest {
+
+    @ApiModelProperty(name = "type", value = "device type")
+    private String type;
+    @ApiModelProperty(name = "deviceIds", value = "list of device ids")
+    private List<String> deviceIds;
+    @ApiModelProperty(name = "username", value = "user who is accessing the device")
+    private String username;
+    @ApiModelProperty(name = "permissions", value = "list of permissions")
+    private List<String> permissions;
+
+    public String getType() {
+        return type;
+    }
+
+    public void setType(String type) {
+        this.type = type;
+    }
+
+    public List<String> getDeviceIds() {
+        return deviceIds;
+    }
+
+    public void setDeviceIds(List<String> deviceIds) {
+        this.deviceIds = deviceIds;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public List<String> getPermissions() {
+        return permissions;
+    }
+
+    public void setPermissions(List<String> permissions) {
+        this.permissions = permissions;
+    }
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/GroupAccessAuthorizationException.java

@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.device.mgt.core.device.mgt.common.authorization;
+
+/**
+ * Custom exception class which wraps exceptions occurred inside GroupAccessAuthorization service.
+ */
+public class GroupAccessAuthorizationException extends Exception {
+
+    private static final long serialVersionUID = -3151279331929070297L;
+
+    private String errorMessage;
+
+    public String getErrorMessage() {
+        return errorMessage;
+    }
+
+    public void setErrorMessage(String errorMessage) {
+        this.errorMessage = errorMessage;
+    }
+
+    public GroupAccessAuthorizationException(String msg, Exception nestedEx) {
+        super(msg, nestedEx);
+        setErrorMessage(msg);
+    }
+
+    public GroupAccessAuthorizationException(String message, Throwable cause) {
+        super(message, cause);
+        setErrorMessage(message);
+    }
+
+    public GroupAccessAuthorizationException(String msg) {
+        super(msg);
+        setErrorMessage(msg);
+    }
+
+    public GroupAccessAuthorizationException() {
+        super();
+    }
+
+    public GroupAccessAuthorizationException(Throwable cause) {
+        super(cause);
+    }
+
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/GroupAccessAuthorizationService.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package io.entgra.device.mgt.core.device.mgt.common.authorization;
+
+import java.util.List;
+
+public interface GroupAccessAuthorizationService {
+
+    public boolean isUserAuthorized(int groupId, String username, String[] groupPermissions)
+            throws GroupAccessAuthorizationException;
+
+    public boolean isUserAuthorized(int groupId, String[] groupPermissions)
+            throws GroupAccessAuthorizationException;
+
+    public GroupAuthorizationResult isUserAuthorized(List<Integer> groupIds, String username, String[] groupPermission)
+            throws GroupAccessAuthorizationException;
+
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/GroupAuthorizationRequest.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package io.entgra.device.mgt.core.device.mgt.common.authorization;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.util.List;
+
+@ApiModel(value = "GroupAuthorizationRequest", description = "")
+public class GroupAuthorizationRequest {
+
+    @ApiModelProperty(name = "groupIds", value = "list of group Ids")
+    private List<Integer> groupIds;
+    @ApiModelProperty(name = "username", value = "user who is accessing the device")
+    private String username;
+    @ApiModelProperty(name = "permissions", value = "list of permissions")
+    private List<String> permissions;
+
+    public List<Integer> getGroupIds() {
+        return groupIds;
+    }
+
+    public void setGroupIds(List<Integer> groupIds) {
+        this.groupIds = groupIds;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public List<String> getPermissions() {
+        return permissions;
+    }
+
+    public void setPermissions(List<String> permissions) {
+        this.permissions = permissions;
+    }
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.common/src/main/java/io/entgra/device/mgt/core/device/mgt/common/authorization/GroupAuthorizationResult.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.device.mgt.core.device.mgt.common.authorization;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Represents a GroupAuthorizationResult including a list of authorized groups and a list of unauthorized groups.
+ */
+public class GroupAuthorizationResult {
+
+    private List<Integer> authorizedGroupIds = new ArrayList<>();
+    private List<Integer> unauthorizedGroupIds= new ArrayList<>();
+
+    public List<Integer> getAuthorizedGroupIds() {
+        return authorizedGroupIds;
+    }
+
+    public void setAuthorizedGroupIds(List<Integer> authorizedGroupIds) {
+        this.authorizedGroupIds = authorizedGroupIds;
+    }
+
+    public List<Integer> getUnauthorizedGroupIds() {
+        return unauthorizedGroupIds;
+    }
+
+    public void setUnauthorizedGroupIds(List<Integer> unauthorizedGroupIds) {
+        this.unauthorizedGroupIds = unauthorizedGroupIds;
+    }
+
+    public void addAuthorizedGroupId(int groupId) {
+        this.authorizedGroupIds.add(groupId);
+    }
+
+    public void addUnauthorizedGroupId(int groupId) {
+        this.unauthorizedGroupIds.add(groupId);
+    }
+
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.config.api/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <artifactId>device-mgt</artifactId>
         <groupId>io.entgra.device.mgt.core</groupId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>io.entgra.device.mgt.core</groupId>
         <artifactId>device-mgt</artifactId>
-        <version>5.0.41-SNAPSHOT</version>
+        <version>5.0.42-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/app/mgt/ApplicationManagerProviderServiceImpl.java

@@ -19,6 +19,7 @@
 package io.entgra.device.mgt.core.device.mgt.core.app.mgt;
 
 import com.google.gson.Gson;
+import io.entgra.device.mgt.core.device.mgt.core.report.mgt.ReportingPublisherManager;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -286,8 +287,9 @@ public class ApplicationManagerProviderServiceImpl implements ApplicationManagem
                 deviceDetailsWrapper.setTenantId(tenantId);
                 deviceDetailsWrapper.setDevice(device);
                 deviceDetailsWrapper.setApplications(newApplications);
-                HttpReportingUtil.invokeApi(deviceDetailsWrapper.getJSONString(),
+                ReportingPublisherManager reportingManager = new ReportingPublisherManager();
-                                            reportingHost + DeviceManagementConstants.Report.APP_USAGE_ENDPOINT);
+                reportingManager.publishData(deviceDetailsWrapper, DeviceManagementConstants
+                        .Report.APP_USAGE_ENDPOINT);
             }
 
         } catch (DeviceManagementDAOException e) {

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/archival/dao/impl/ArchivalDAOImpl.java

@@ -547,7 +547,8 @@ public class ArchivalDAOImpl implements ArchivalDAO {
 
             String sql = "INSERT INTO " + DESTINATION_DB + ".DM_OPERATION_ARCH " +
                     "SELECT OPR.ID, OPR.TYPE, OPR.CREATED_TIMESTAMP, OPR.RECEIVED_TIMESTAMP, " +
-                    "OPR.OPERATION_CODE, OPR.INITIATED_BY, OPR.OPERATION_DETAILS, OPR.ENABLED, NOW() " +
+                    "OPR.OPERATION_CODE, OPR.INITIATED_BY, OPR.OPERATION_DETAILS, OPR.OPERATION_PROPERTIES, " +
+                    "OPR.ENABLED, NOW() " +
                     "FROM " + SOURCE_DB + ".DM_OPERATION OPR " +
                     "WHERE OPR.ID NOT IN (SELECT DISTINCT OPERATION_ID FROM " + SOURCE_DB + ".DM_ENROLMENT_OP_MAPPING)";
 

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java

@@ -63,41 +63,55 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
             return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType());
         }
         //check for admin and ownership permissions
-        if (isAdmin(username, tenantId) || isDeviceOwner(deviceIdentifier, username)) {
+        if (isDeviceAdminUser(username, tenantId) || isDeviceOwner(deviceIdentifier, username)) {
             return true;
         }
         //check for group permissions
+        if (groupPermissions == null || groupPermissions.length == 0) {
+            return false;
+        } else {
+            // if group permissions specified, check whether that permission is available in shared role
             try {
-            return isSharedViaGroup(deviceIdentifier, username);
+                boolean isAuthorized = true;
-        } catch (GroupManagementException | UserStoreException e) {
+                for (String groupPermission : groupPermissions) {
+                    if (!isAuthorizedViaSharedGroup(deviceIdentifier, username, groupPermission)) {
+                        //if at least one failed, authorizations fails and break the loop
+                        isAuthorized = false;
+                        break;
+                    }
+                }
+               return isAuthorized;
+            } catch (DeviceAccessAuthorizationException e) {
                 throw new DeviceAccessAuthorizationException("Unable to authorize the access to device : " +
                         deviceIdentifier.getId() + " for the user : " +
                         username, e);
             }
         }
+    }
 
-    private boolean isSharedViaGroup(DeviceIdentifier deviceIdentifier, String username)
+
-            throws GroupManagementException, UserStoreException {
+    private boolean isAuthorizedViaSharedGroup(DeviceIdentifier deviceIdentifier, String username, String groupPermission)
+            throws DeviceAccessAuthorizationException {
+        try {
             List<DeviceGroup> groupsWithDevice = DeviceManagementDataHolder.getInstance()
                     .getGroupManagementProviderService().getGroups(deviceIdentifier, false);
-        String[] userRoles = DeviceManagementDataHolder.getInstance().getRealmService()
+            UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService()
-                .getTenantUserRealm(getTenantId()).getUserStoreManager().getRoleListOfUser(username);
+                    .getTenantUserRealm(getTenantId());
+            String[] userRoles = userRealm.getUserStoreManager().getRoleListOfUser(username);
             for (DeviceGroup deviceGroup : groupsWithDevice) {
                 List<String> sharingRoles = DeviceManagementDataHolder.getInstance()
                         .getGroupManagementProviderService().getRoles(deviceGroup.getGroupId());
                 for (String role : userRoles) {
-                if (sharingRoles.contains(role)) {
+                    if (sharingRoles.contains(role) && userRealm.getAuthorizationManager().
+                            isRoleAuthorized(role, groupPermission, CarbonConstants.UI_PERMISSION_ACTION)) {
                         return true;
                     }
                 }
             }
             return false;
+        } catch (GroupManagementException | UserStoreException e) {
+            throw new DeviceAccessAuthorizationException("unable to authorized via shared role, " + groupPermission);
         }
-
-    @Override
-    public boolean isUserAuthorized(DeviceIdentifier deviceIdentifier, String username)
-            throws DeviceAccessAuthorizationException {
-        return isUserAuthorized(deviceIdentifier, username, null);
     }
 
     @Override
@@ -106,18 +120,13 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
         return isUserAuthorized(deviceIdentifier, this.getUserName(), groupPermissions);
     }
 
-    @Override
-    public boolean isUserAuthorized(DeviceIdentifier deviceIdentifier) throws DeviceAccessAuthorizationException {
-        return isUserAuthorized(deviceIdentifier, this.getUserName(), null);
-    }
-
     @Override
     public boolean isDeviceAdminUser() throws DeviceAccessAuthorizationException {
         String username = this.getUserName();
         int tenantId = this.getTenantId();
         try {
-            return isAdminUser(username, tenantId);
+            return isDeviceAdminUser(username, tenantId);
-        } catch (UserStoreException e) {
+        } catch (DeviceAccessAuthorizationException e) {
             throw new DeviceAccessAuthorizationException("Unable to check the admin permissions of user : " +
                                                          username + " in tenant : " + tenantId, e);
         }
@@ -132,7 +141,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
             return null;
         }
         DeviceAuthorizationResult deviceAuthorizationResult = new DeviceAuthorizationResult();
-        if (isAdmin(username, tenantId)) {
+        if (isDeviceAdminUser(username, tenantId)) {
             deviceAuthorizationResult.setAuthorizedDevices(deviceIdentifiers);
             return deviceAuthorizationResult;
         }
@@ -149,7 +158,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
                     //check for group permissions
                     boolean isAuthorized = true;
                     for (String groupPermission : groupPermissions) {
-                        if (!isAuthorizedViaGroup(username, deviceIdentifier, groupPermission)) {
+                        if (!isAuthorizedViaSharedGroup(deviceIdentifier, username, groupPermission)) {
                             //if at least one failed, authorizations fails and break the loop
                             isAuthorized = false;
                             break;
@@ -160,7 +169,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
                     } else {
                         deviceAuthorizationResult.addUnauthorizedDevice(deviceIdentifier);
                     }
-                } catch (GroupManagementException e) {
+                } catch (DeviceAccessAuthorizationException e) {
                     throw new DeviceAccessAuthorizationException("Unable to authorize the access to device : " +
                                                                  deviceIdentifier.getId() + " for the user : " +
                                                                  username, e);
@@ -170,55 +179,12 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
         return deviceAuthorizationResult;
     }
 
-    @Override
-    public DeviceAuthorizationResult isUserAuthorized(List<DeviceIdentifier> deviceIdentifiers, String username)
-            throws DeviceAccessAuthorizationException {
-        return isUserAuthorized(deviceIdentifiers, username, null);
-    }
-
-    @Override
-    public DeviceAuthorizationResult isUserAuthorized(List<DeviceIdentifier> deviceIdentifiers)
-            throws DeviceAccessAuthorizationException {
-        return isUserAuthorized(deviceIdentifiers, this.getUserName(), null);
-    }
-
     @Override
     public DeviceAuthorizationResult isUserAuthorized(List<DeviceIdentifier> deviceIdentifiers, String[] groupPermissions)
             throws DeviceAccessAuthorizationException {
         return isUserAuthorized(deviceIdentifiers, this.getUserName(), groupPermissions);
     }
 
-    private boolean isAdmin(String username, int tenantId)
-            throws DeviceAccessAuthorizationException {
-        try {
-            //Check for admin users. If the user is an admin user we authorize the access to that device.
-            return (isAdminUser(username, tenantId));
-        } catch (UserStoreException e) {
-            throw new DeviceAccessAuthorizationException("Unable to authorize the access for the user : " +
-                                                                 username, e);
-        }
-    }
-
-    private boolean isAuthorizedViaGroup(String username, DeviceIdentifier deviceIdentifier, String groupPermission)
-            throws GroupManagementException {
-        List<DeviceGroup> authorizedGroups =
-                DeviceManagementDataHolder.getInstance().getGroupManagementProviderService()
-                        .getGroups(username, groupPermission, false);
-        List<DeviceGroup> groupsWithDevice =
-                DeviceManagementDataHolder.getInstance().getGroupManagementProviderService()
-                        .getGroups(deviceIdentifier, false);
-        for (DeviceGroup group : authorizedGroups) {
-            Iterator<DeviceGroup> groupsWithDeviceIterator = groupsWithDevice.iterator();
-            while (groupsWithDeviceIterator.hasNext()) {
-                DeviceGroup deviceGroup = groupsWithDeviceIterator.next();
-                if (deviceGroup.getGroupId() == group.getGroupId()) {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
     private boolean isDeviceOwner(DeviceIdentifier deviceIdentifier, String username)
             throws DeviceAccessAuthorizationException {
         //Check for device ownership. If the user is the owner of the device we allow the access.
@@ -232,7 +198,8 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
         }
     }
 
-    private boolean isAdminUser(String username, int tenantId) throws UserStoreException {
+    private boolean isDeviceAdminUser(String username, int tenantId) throws DeviceAccessAuthorizationException {
+        try {
             UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
             if (userRealm != null && userRealm.getAuthorizationManager() != null) {
                 return userRealm.getAuthorizationManager()
@@ -241,6 +208,10 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
                                 CarbonConstants.UI_PERMISSION_ACTION);
             }
             return false;
+        } catch (UserStoreException e) {
+            throw new DeviceAccessAuthorizationException("Unable to authorize the access for the user : " +
+                username, e);
+        }
     }
 
     private String getUserName() {

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/authorization/GroupAccessAuthorizationServiceImpl.java

@@ -0,0 +1,173 @@
+/*
+ * Copyright (c) 2018 - 2024, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.device.mgt.core.device.mgt.core.authorization;
+
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAccessAuthorizationException;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAccessAuthorizationService;
+import io.entgra.device.mgt.core.device.mgt.common.authorization.GroupAuthorizationResult;
+import io.entgra.device.mgt.core.device.mgt.common.group.mgt.DeviceGroup;
+import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException;
+import io.entgra.device.mgt.core.device.mgt.common.permission.mgt.Permission;
+import io.entgra.device.mgt.core.device.mgt.common.permission.mgt.PermissionManagementException;
+import io.entgra.device.mgt.core.device.mgt.core.internal.DeviceManagementDataHolder;
+import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.opensaml.xmlsec.signature.G;
+import org.wso2.carbon.CarbonConstants;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.user.api.UserRealm;
+import org.wso2.carbon.user.api.UserStoreException;
+
+import javax.persistence.criteria.CriteriaBuilder;
+import java.util.List;
+
+public class GroupAccessAuthorizationServiceImpl implements GroupAccessAuthorizationService {
+
+    private final static String GROUP_ADMIN_PERMISSION = "/device-mgt/devices/any-group/permitted-actions-under-owning-group";
+    private final static String GROUP_ADMIN = "Group Management Administrator";
+    private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class);
+
+    public GroupAccessAuthorizationServiceImpl() {
+        try {
+            this.addAdminPermissionToRegistry();
+        } catch (PermissionManagementException e) {
+            log.error("Unable to add the group-admin permission to the registry.", e);
+        }
+    }
+
+    @Override
+    public boolean isUserAuthorized(int groupId, String username, String[] groupPermissions)
+            throws GroupAccessAuthorizationException {
+        int tenantId = this.getTenantId();
+        if (username == null || username.isEmpty()) {
+            username = this.getUserName();
+        }
+        //check for admin and ownership permissions
+        if (isGroupAdminUser(username, tenantId) || isGroupOwner(groupId, username)) {
+            return true;
+        }
+
+        //check for group permissions
+        if (groupPermissions == null || groupPermissions.length == 0) {
+            return false;
+        } else {
+            // if group permissions specified, check whether that permission is available in any user role of the group owner
+            try {
+                UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService()
+                        .getTenantUserRealm(getTenantId());
+                String[] userRoles = userRealm.getUserStoreManager().getRoleListOfUser(username);
+                boolean isAuthorized = true;
+                for (String groupPermission : groupPermissions) {
+                    for (String role : userRoles) {
+                        if (!userRealm.getAuthorizationManager().
+                                isRoleAuthorized(role, groupPermission, CarbonConstants.UI_PERMISSION_ACTION)) {
+                            isAuthorized = false;
+                            break;
+                        }
+                    }
+                }
+                return isAuthorized;
+            } catch (UserStoreException e) {
+                throw new GroupAccessAuthorizationException("Unable to authorize the access to group : " +
+                        groupId + " for the user : " +
+                        username, e);
+            }
+        }
+    }
+
+    @Override
+    public GroupAuthorizationResult isUserAuthorized(List<Integer> groupIds, String username, String[] groupPermission)
+            throws GroupAccessAuthorizationException {
+        GroupAuthorizationResult result = new GroupAuthorizationResult();
+        for (Integer groupId : groupIds) {
+            if (isUserAuthorized(groupId, username, groupPermission)) {
+                result.addAuthorizedGroupId(groupId);
+            } else {
+                result.addUnauthorizedGroupId(groupId);
+            }
+        }
+        return result;
+    }
+
+
+    @Override
+    public boolean isUserAuthorized(int groupId, String[] groupPermissions)
+            throws GroupAccessAuthorizationException {
+        return isUserAuthorized(groupId, this.getUserName(), groupPermissions);
+    }
+
+    private boolean isGroupOwner(int groupId, String username)
+            throws GroupAccessAuthorizationException {
+        //Check for group ownership. If the user is the owner of the group we allow the access.
+        try {
+            DeviceGroup group = DeviceManagementDataHolder.getInstance().
+                    getGroupManagementProviderService().getGroup(groupId, false);
+            return username.equals(group.getOwner());
+        } catch (GroupManagementException e) {
+            throw new GroupAccessAuthorizationException("Unable to authorize the access to group : " +
+                    groupId + " for the user : " +
+                    username, e);
+        }
+    }
+
+    private boolean isGroupAdminUser(String username, int tenantId) throws GroupAccessAuthorizationException {
+        try {
+            UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
+            if (userRealm != null && userRealm.getAuthorizationManager() != null) {
+                return userRealm.getAuthorizationManager()
+                        .isUserAuthorized(removeTenantDomain(username),
+                                PermissionUtils.getAbsolutePermissionPath(GROUP_ADMIN_PERMISSION),
+                                CarbonConstants.UI_PERMISSION_ACTION);
+            }
+            return false;
+        } catch (UserStoreException e) {
+            throw new GroupAccessAuthorizationException("Unable to authorize the access for the user : " +
+                    username, e);
+        }
+    }
+
+    private String getUserName() {
+        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
+        if (username != null && !username.isEmpty()) {
+            return removeTenantDomain(username);
+        }
+        return null;
+    }
+
+    private String removeTenantDomain(String username) {
+        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
+        if (username.endsWith(tenantDomain)) {
+            return username.substring(0, username.lastIndexOf("@"));
+        }
+        return username;
+    }
+
+    private int getTenantId() {
+        return CarbonContext.getThreadLocalCarbonContext().getTenantId();
+    }
+
+    private boolean addAdminPermissionToRegistry() throws PermissionManagementException {
+        Permission permission = new Permission();
+        permission.setName(GROUP_ADMIN);
+        permission.setPath(PermissionUtils.getAbsolutePermissionPath(GROUP_ADMIN_PERMISSION));
+        return PermissionUtils.putPermission(permission);
+    }
+
+}

components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/DeviceManagementDAOFactory.java

@@ -139,6 +139,22 @@ public class DeviceManagementDAOFactory {
         throw new IllegalStateException("Database engine has not initialized properly.");
     }
 
+    public static TenantDAO getTenantDAO() {
+        if (databaseEngine != null) {
+            switch (databaseEngine) {
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_ORACLE:
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MSSQL:
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_H2:
+                case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
+                    return new TenantDAOImpl();
+                default:
+                    throw new UnsupportedDatabaseEngineException("Unsupported database engine : " + databaseEngine);
+            }
+        }
+        throw new IllegalStateException("Database engine has not initialized properly.");
+    }
+
     public static TrackerDAO getTrackerDAO() {
         if (databaseEngine != null) {
             switch (databaseEngine) {