authPropertyList) {
+
+ authPropertyList.forEach(authProperty -> {
+ switch (authProperty.getName()) {
+ case "HEADER":
+ this.apiHeader = authProperty.getValue();
+ break;
+ case "VALUE":
+ this.apiKey = authProperty.getValue();
+ break;
+ default:
+ break;
+ }
+ });
+ }
+
+ @Override
+ public void applyAuth(HttpPost httpPost) {
+
+ httpPost.setHeader(apiHeader, apiKey);
+ }
+
+ @Override
+ public String getAuthType() {
+
+ return "API-KEY";
+ }
+ }
+}
diff --git a/components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/util/OperationComparator.java b/components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/util/OperationComparator.java
new file mode 100644
index 00000000000..ecb9cae0d4f
--- /dev/null
+++ b/components/action-mgt/org.wso2.carbon.identity.action.execution/src/main/java/org/wso2/carbon/identity/action/execution/util/OperationComparator.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2024, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.action.execution.util;
+
+import org.wso2.carbon.identity.action.execution.model.AllowedOperation;
+import org.wso2.carbon.identity.action.execution.model.PerformableOperation;
+
+/**
+ * This class compares an allowed operation against a performable operation to determine if the latter is permitted.
+ * The comparison between an {@link AllowedOperation} and a {@link PerformableOperation} ensures that only authorized
+ * modifications are made during the execution of an action. This class facilitates the validation of performable
+ * operations against a set of predefined allowed operations, based on the action type.
+ *
+ * Key aspects of the comparison include:
+ *
+ * - Equality of operation types (e.g., "add", "remove", "replace") as defined in the JSON Patch
+ * specification (RFC 6902).
+ * - Matching of operation paths, considering both exact matches and base path matches to allow
+ * for flexibility in specifying allowed operations.
+ *
+ */
+public class OperationComparator {
+
+ public static boolean compare(AllowedOperation allowedOp, PerformableOperation performableOp) {
+
+ if (!allowedOp.getOp().equals(performableOp.getOp())) {
+ return false;
+ }
+
+ String performableOperationBasePath = performableOp.getPath().contains("/")
+ ? performableOp.getPath().substring(0, performableOp.getPath().lastIndexOf('/') + 1)
+ : "";
+
+ for (String allowedPath : allowedOp.getPaths()) {
+ if (performableOp.getPath().equals(allowedPath) ||
+ performableOperationBasePath.equals(allowedPath)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+}
diff --git a/components/action-mgt/org.wso2.carbon.identity.action.execution/src/test/resources/testng.xml b/components/action-mgt/org.wso2.carbon.identity.action.execution/src/test/resources/testng.xml
new file mode 100644
index 00000000000..19097b4b2ab
--- /dev/null
+++ b/components/action-mgt/org.wso2.carbon.identity.action.execution/src/test/resources/testng.xml
@@ -0,0 +1,22 @@
+
+
+
+
+
+
diff --git a/components/action-mgt/pom.xml b/components/action-mgt/pom.xml
index 8be194d3f45..47f1214d1ea 100644
--- a/components/action-mgt/pom.xml
+++ b/components/action-mgt/pom.xml
@@ -37,5 +37,6 @@
org.wso2.carbon.identity.action.management
+ org.wso2.carbon.identity.action.execution