diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7c9380a05eb378c2c355c5307d5bde9ffbb591ed..43481a12e3b0a0d361afc295a4dcfbae002492d5 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -7,6 +7,9 @@ class ApplicationController < ActionController::API
   # tracking user in papertrail
   before_filter :set_paper_trail_whodunnit
 
+  # check if client application is allowed to consumes the API.
+  before_filter :allow_client_application
+
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   # protect_from_forgery with: :null_session
@@ -35,6 +38,11 @@ class ApplicationController < ActionController::API
 
   private
 
+  def allow_client_application
+    app = Application.find_by_application_id(request.headers["PortalMEC-AppID"])
+    user_not_authorized if (app.try(:domain) != request.domain) || app.nil?
+  end
+
   def user_not_authorized
     render nothing: true, status: :unauthorized
   end
diff --git a/app/models/application.rb b/app/models/application.rb
new file mode 100644
index 0000000000000000000000000000000000000000..d910cd022b169914f4c3df3453daf856bc7da55c
--- /dev/null
+++ b/app/models/application.rb
@@ -0,0 +1,13 @@
+class Application < ActiveRecord::Base
+  belongs_to :user
+
+  validates :domain, presence: true, uniqueness: true
+  validates :application_id, presence: true, uniqueness: true
+  before_create :generate_application_id
+
+  private
+
+  def generate_application_id
+    self.application_id = SecureRandom.uuid
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index b8941ca9a858a505f4a52475e74538f96ce1ff46..20dfb357bf1d3c7e5384aff3a89a9b2a76adbd12 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -53,18 +53,15 @@ class User < ActiveRecord::Base
   has_many :bookmark_collections, through: :bookmarks, source: :bookmarkable, source_type: 'Collection'
   has_many :bookmark_learning_objects, through: :bookmarks, source: :bookmarkable, source_type: 'LearningObject'
   has_many :bookmarks
-
   has_many :collections, as: :owner
-
   has_many :learning_objects, as: :publisher
-
   has_many :views
   has_many :downloads
   has_many :likes
   has_many :shares
   has_many :follows
-
   has_many :reviews
+  has_many :applications
 
   after_create :default_role
 
diff --git a/config/routes.rb b/config/routes.rb
index 0a837369de6ec6a22482eb85e34eca83837f64dc..115b41b52b00c864feb09f753573b1e842e79058 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -74,11 +74,13 @@ Rails.application.routes.draw do
         resource :upload, module: 'learning_objects', only: :create
       end
     end
+
     resources :institutions, concerns: :deletable do
       member do
         get :users, to: 'institutions#users'
       end
     end
+
     resources :complaints, only: [:index, :create], concerns: :deletable
     resources :languages, except: [:new, :edit]
     resources :licenses, except: [:new, :edit]
diff --git a/db/migrate/20160517140326_create_applications.rb b/db/migrate/20160517140326_create_applications.rb
new file mode 100644
index 0000000000000000000000000000000000000000..a13de010952b216b7b3dfd626a9a47e03f4aa110
--- /dev/null
+++ b/db/migrate/20160517140326_create_applications.rb
@@ -0,0 +1,14 @@
+class CreateApplications < ActiveRecord::Migration
+  def change
+    create_table :applications do |t|
+      t.string :name
+      t.string :domain
+      t.string :application_id
+      t.belongs_to :user, index: true, foreign_key: true
+
+      t.timestamps null: false
+    end
+    add_index :applications, :domain, unique: true
+    add_index :applications, :application_id, unique: true
+  end
+end
diff --git a/test/fixtures/applications.yml b/test/fixtures/applications.yml
new file mode 100644
index 0000000000000000000000000000000000000000..eb7bbaac495cb7237735bab621961053fc55b94c
--- /dev/null
+++ b/test/fixtures/applications.yml
@@ -0,0 +1,13 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+one:
+  name: MyString
+  domain: MyString
+  application_id: MyString
+  user_id: 
+
+two:
+  name: MyString
+  domain: MyString
+  application_id: MyString
+  user_id: 
diff --git a/test/models/application_test.rb b/test/models/application_test.rb
new file mode 100644
index 0000000000000000000000000000000000000000..eac1b1d4be00569b54c7bbb960a58723abb7e10d
--- /dev/null
+++ b/test/models/application_test.rb
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class ApplicationTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end