diff --git a/BMA.EHR.Application/ApplicationServicesRegistration.cs b/BMA.EHR.Application/ApplicationServicesRegistration.cs
index f3aaa744..aa47f71f 100644
--- a/BMA.EHR.Application/ApplicationServicesRegistration.cs
+++ b/BMA.EHR.Application/ApplicationServicesRegistration.cs
@@ -36,7 +36,7 @@ namespace BMA.EHR.Application
             services.AddTransient<EmailSenderService>();
             services.AddTransient<CandidateReportRepository>();
             services.AddTransient<MinIOExamService>();
-
+            services.AddTransient<PermissionRepository>();
             services.AddTransient<HolidayRepository>();
 
             //services.AddTransient<UserDutyTimeRepository>();
diff --git a/BMA.EHR.Application/Repositories/PermissionRepository.cs b/BMA.EHR.Application/Repositories/PermissionRepository.cs
new file mode 100644
index 00000000..12f01fc3
--- /dev/null
+++ b/BMA.EHR.Application/Repositories/PermissionRepository.cs
@@ -0,0 +1,75 @@
+using BMA.EHR.Application.Common.Interfaces;
+using BMA.EHR.Application.Responses;
+using BMA.EHR.Domain.Models.MetaData;
+using BMA.EHR.Domain.Models.Organizations;
+using Microsoft.AspNetCore.Http;
+using Microsoft.EntityFrameworkCore;
+using Newtonsoft.Json.Linq;
+using Newtonsoft.Json;
+using System.Net.Http.Headers;
+using Microsoft.Extensions.Configuration;
+using System.Security.Claims;
+
+namespace BMA.EHR.Application.Repositories
+{
+    public class PermissionRepository
+    {
+        #region " Fields "
+
+        private readonly IApplicationDBContext _dbContext;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+        private readonly IConfiguration _configuration;
+
+        #endregion
+
+        #region " Constructor and Destuctor "
+
+        public PermissionRepository(IApplicationDBContext dbContext,
+                                 IHttpContextAccessor httpContextAccessor,
+                                 IConfiguration configuration)
+        {
+            _dbContext = dbContext;
+            _httpContextAccessor = httpContextAccessor;
+            _configuration = configuration;
+        }
+
+        #endregion
+
+        #region " Properties "
+
+        //protected string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
+
+        //protected string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value;
+
+        //protected bool? IsPlacementAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("placement1");
+
+        protected string? AccessToken => _httpContextAccessor?.HttpContext?.Request.Headers["Authorization"];
+
+        #endregion
+
+        #region " Methods "
+
+        public async Task<dynamic> GetPermissionAPIAsync(string action, string system)
+        {
+            try
+            {
+                var apiPath = $"{_configuration["API"]}/org/permission/dotnet/{action}/{system}";
+                //var apiPath = $"http://localhost:13001/api/v1/org/permission/dotnet/{action}/{system}";
+
+                using (var client = new HttpClient())
+                {
+                    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken.Replace("Bearer ", ""));
+                    var req = await client.GetAsync(apiPath);
+                    var res = await req.Content.ReadAsStringAsync();
+                    return res;
+                }
+            }
+            catch
+            {
+                throw;
+            }
+        }
+
+        #endregion
+    }
+}