diff --git a/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditEventTypeMappingTests.cs b/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditEventTypeMappingTests.cs
new file mode 100644
index 00000000..4e60f431
--- /dev/null
+++ b/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditEventTypeMappingTests.cs
@@ -0,0 +1,97 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Abstractions;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.AspNetCore.Mvc.Infrastructure;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.Health.Api.Features.Audit;
+using Microsoft.Health.Extensions.DependencyInjection;
+using NSubstitute;
+using Xunit;
+
+namespace Microsoft.Health.Api.UnitTests.Features.Audit
+{
+    public class AuditEventTypeMappingTests
+    {
+        private const string ControllerName = nameof(MockController);
+        private const string AnonymousMethodName = nameof(MockController.Anonymous);
+        private const string AudittedMethodName = nameof(MockController.Auditted);
+        private const string NoAttributeMethodName = nameof(MockController.NoAttribute);
+        private const string AuditEventType = "audit";
+
+        private readonly IActionDescriptorCollectionProvider _actionDescriptorCollectionProvider = Substitute.For<IActionDescriptorCollectionProvider>();
+        private readonly AuditEventTypeMapping _auditEventTypeMapping;
+
+        public AuditEventTypeMappingTests()
+        {
+            Type mockControllerType = typeof(MockController);
+
+            var actionDescriptors = new List<ActionDescriptor>()
+            {
+                new ControllerActionDescriptor()
+                {
+                    ControllerName = ControllerName,
+                    ActionName = AnonymousMethodName,
+                    MethodInfo = mockControllerType.GetMethod(AnonymousMethodName),
+                },
+                new ControllerActionDescriptor()
+                {
+                    ControllerName = ControllerName,
+                    ActionName = AudittedMethodName,
+                    MethodInfo = mockControllerType.GetMethod(AudittedMethodName),
+                },
+                new ControllerActionDescriptor()
+                {
+                    ControllerName = ControllerName,
+                    ActionName = NoAttributeMethodName,
+                    MethodInfo = mockControllerType.GetMethod(NoAttributeMethodName),
+                },
+                new PageActionDescriptor()
+                {
+                },
+            };
+
+            var actionDescriptorCollection = new ActionDescriptorCollection(actionDescriptors, 1);
+
+            _actionDescriptorCollectionProvider.ActionDescriptors.Returns(actionDescriptorCollection);
+
+            _auditEventTypeMapping = new AuditEventTypeMapping(_actionDescriptorCollectionProvider);
+
+            ((IStartable)_auditEventTypeMapping).Start();
+        }
+
+        [Theory]
+        [InlineData(ControllerName, AnonymousMethodName, null)]
+        [InlineData(ControllerName, AudittedMethodName, AuditEventType)]
+        public void GivenControllerNameAndActionName_WhenGetAuditEventTypeIsCalled_ThenAuditEventTypeShouldBeReturned(string controllerName, string actionName, string expectedAuditEventType)
+        {
+            string actualAuditEventType = _auditEventTypeMapping.GetAuditEventType(controllerName, actionName);
+
+            Assert.Equal(expectedAuditEventType, actualAuditEventType);
+        }
+
+        [Fact]
+        public void GivenUnknownControllerNameAndActionName_WhenGetAuditEventTypeIsCalled_ThenAuditExceptionShouldBeThrown()
+        {
+            Assert.Throws<MissingAuditEventTypeMappingException>(() => _auditEventTypeMapping.GetAuditEventType("test", "action"));
+        }
+
+        private class MockController : Controller
+        {
+            [AllowAnonymous]
+            public IActionResult Anonymous() => new OkResult();
+
+            [AuditEventType(AuditEventType)]
+            public IActionResult Auditted() => new OkResult();
+
+            public IActionResult NoAttribute() => new OkResult();
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditMiddlewareTests.cs b/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditMiddlewareTests.cs
new file mode 100644
index 00000000..5ba8724e
--- /dev/null
+++ b/src/Microsoft.Health.Api.UnitTests/Features/Audit/AuditMiddlewareTests.cs
@@ -0,0 +1,56 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System.Net;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Health.Api.Features.Audit;
+using Microsoft.Health.Core.Features.Security;
+using NSubstitute;
+using Xunit;
+
+namespace Microsoft.Health.Api.UnitTests.Features.Audit
+{
+    public class AuditMiddlewareTests
+    {
+        private readonly IClaimsExtractor _claimsExtractor = Substitute.For<IClaimsExtractor>();
+        private readonly IAuditHelper _auditHelper = Substitute.For<IAuditHelper>();
+
+        private readonly AuditMiddleware _auditMiddleware;
+
+        private readonly HttpContext _httpContext = new DefaultHttpContext();
+
+        public AuditMiddlewareTests()
+        {
+            _auditMiddleware = new AuditMiddleware(
+                httpContext => Task.CompletedTask,
+                _claimsExtractor,
+                _auditHelper);
+        }
+
+        [Fact]
+        public async Task GivenNotAuthXFailure_WhenInvoked_ThenAuditLogShouldNotBeLogged()
+        {
+            _httpContext.Response.StatusCode = (int)HttpStatusCode.OK;
+
+            await _auditMiddleware.Invoke(_httpContext);
+
+            _auditHelper.DidNotReceiveWithAnyArgs().LogExecuted(
+                httpContext: default,
+                claimsExtractor: default);
+        }
+
+        [Theory]
+        [InlineData(HttpStatusCode.Unauthorized)]
+        public async Task GivenAuthXFailed_WhenInvoked_ThenAuditLogShouldBeLogged(HttpStatusCode statusCode)
+        {
+            _httpContext.Response.StatusCode = (int)statusCode;
+
+            await _auditMiddleware.Invoke(_httpContext);
+
+            _auditHelper.Received(1).LogExecuted(_httpContext, _claimsExtractor);
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api.UnitTests/Microsoft.Health.Api.UnitTests.csproj b/src/Microsoft.Health.Api.UnitTests/Microsoft.Health.Api.UnitTests.csproj
index cd23cadb..cdfa5942 100644
--- a/src/Microsoft.Health.Api.UnitTests/Microsoft.Health.Api.UnitTests.csproj
+++ b/src/Microsoft.Health.Api.UnitTests/Microsoft.Health.Api.UnitTests.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
     <PropertyGroup>
         <TargetFramework>netcoreapp3.1</TargetFramework>
diff --git a/src/Microsoft.Health.Api/Extensions/MethodInfoExtensions.cs b/src/Microsoft.Health.Api/Extensions/MethodInfoExtensions.cs
new file mode 100644
index 00000000..59c1e146
--- /dev/null
+++ b/src/Microsoft.Health.Api/Extensions/MethodInfoExtensions.cs
@@ -0,0 +1,24 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using EnsureThat;
+
+namespace Microsoft.Health.Api.Extensions
+{
+    public static class MethodInfoExtensions
+    {
+        public static IEnumerable<T> GetCustomAttributes<T>(this MethodInfo methodInfo, bool inherit = false)
+            where T : Attribute
+        {
+            EnsureArg.IsNotNull(methodInfo, nameof(methodInfo));
+
+            return methodInfo.GetCustomAttributes(typeof(T), inherit)?.Cast<T>();
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditAction.cs b/src/Microsoft.Health.Api/Features/Audit/AuditAction.cs
new file mode 100644
index 00000000..073f562e
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditAction.cs
@@ -0,0 +1,20 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    public enum AuditAction
+    {
+        /// <summary>
+        /// Executing
+        /// </summary>
+        Executing,
+
+        /// <summary>
+        /// Executed
+        /// </summary>
+        Executed,
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditConstants.cs b/src/Microsoft.Health.Api/Features/Audit/AuditConstants.cs
new file mode 100644
index 00000000..b25ac02d
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditConstants.cs
@@ -0,0 +1,16 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    public static class AuditConstants
+    {
+        public const string CustomAuditHeaderKeyValue = "CustomAuditHeaderCollectionKeyValue";
+
+        public const int MaximumNumberOfCustomHeaders = 10;
+
+        public const int MaximumLengthOfCustomHeader = 2048;
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeAttribute.cs b/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeAttribute.cs
new file mode 100644
index 00000000..a589b67c
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeAttribute.cs
@@ -0,0 +1,22 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using EnsureThat;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    [AttributeUsage(AttributeTargets.Method)]
+    public class AuditEventTypeAttribute : Attribute
+    {
+        public AuditEventTypeAttribute(string auditEventType)
+        {
+            EnsureArg.IsNotNull(auditEventType, nameof(auditEventType));
+            AuditEventType = auditEventType;
+        }
+
+        public string AuditEventType { get; }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeMapping.cs b/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeMapping.cs
new file mode 100644
index 00000000..124dca09
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditEventTypeMapping.cs
@@ -0,0 +1,80 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using EnsureThat;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.AspNetCore.Mvc.Infrastructure;
+using Microsoft.Health.Api.Extensions;
+using Microsoft.Health.Extensions.DependencyInjection;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    /// <summary>
+    /// Provides the ability to lookup audit event type.
+    /// </summary>
+    /// <remarks>
+    /// <para>
+    /// Normally, the MVC middleware handles the routing which maps the controller name and action name to a method within the controller.
+    /// </para>
+    /// <para>
+    /// The <see cref="AuditEventTypeAttribute"/> that contains the audit event type information is defined on the method so we need the method
+    /// in order to be able to retrieve the attribute. However, since authentication middleware runs before the MVC middleware, if the authentication
+    /// rejects the call for whatever reason, we will not be able to retrieve the attribute and therefore, will not be able to get the corresponding audit event type.
+    /// </para>
+    /// <para>
+    /// This class builds the mapping ahead of time so that we can lookup the audit event type any time during the pipeline given the controller name and action name.
+    /// </para>
+    /// </remarks>
+    public class AuditEventTypeMapping : IAuditEventTypeMapping, IStartable
+    {
+        private readonly IActionDescriptorCollectionProvider _actionDescriptorCollectionProvider;
+
+        private IReadOnlyDictionary<(string ControllerName, string ActionName), Attribute> _attributeDictionary;
+
+        public AuditEventTypeMapping(IActionDescriptorCollectionProvider actionDescriptorCollectionProvider)
+        {
+            EnsureArg.IsNotNull(actionDescriptorCollectionProvider, nameof(actionDescriptorCollectionProvider));
+
+            _actionDescriptorCollectionProvider = actionDescriptorCollectionProvider;
+        }
+
+        /// <inheritdoc />
+        public string GetAuditEventType(string controllerName, string actionName)
+        {
+            if (!_attributeDictionary.TryGetValue((controllerName, actionName), out Attribute attribute))
+            {
+                throw new MissingAuditEventTypeMappingException(controllerName, actionName);
+            }
+
+            if (attribute is AuditEventTypeAttribute auditEventTypeAttribute)
+            {
+                return auditEventTypeAttribute.AuditEventType;
+            }
+
+            return null;
+        }
+
+        void IStartable.Start()
+        {
+            _attributeDictionary = _actionDescriptorCollectionProvider.ActionDescriptors.Items
+                .OfType<ControllerActionDescriptor>()
+                .Select(ad =>
+                {
+                    Attribute attribute = ad.MethodInfo?.GetCustomAttributes<AllowAnonymousAttribute>().FirstOrDefault() ??
+                        (Attribute)ad.MethodInfo?.GetCustomAttributes<AuditEventTypeAttribute>().FirstOrDefault();
+
+                    return (ad.ControllerName, ad.ActionName, Attribute: attribute);
+                })
+                .Where(item => item.Attribute != null)
+                .ToDictionary(
+                    item => (item.ControllerName, item.ActionName),
+                    item => item.Attribute);
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditLoggingFilterAttribute.cs b/src/Microsoft.Health.Api/Features/Audit/AuditLoggingFilterAttribute.cs
new file mode 100644
index 00000000..dd47438c
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditLoggingFilterAttribute.cs
@@ -0,0 +1,48 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using EnsureThat;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.Health.Core.Features.Security;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    [AttributeUsage(AttributeTargets.Class)]
+    public class AuditLoggingFilterAttribute : ActionFilterAttribute
+    {
+        private readonly IClaimsExtractor _claimsExtractor;
+        private readonly IAuditHelper _auditHelper;
+
+        public AuditLoggingFilterAttribute(
+            IClaimsExtractor claimsExtractor,
+            IAuditHelper auditHelper)
+        {
+            EnsureArg.IsNotNull(claimsExtractor, nameof(claimsExtractor));
+            EnsureArg.IsNotNull(auditHelper, nameof(auditHelper));
+
+            _claimsExtractor = claimsExtractor;
+            _auditHelper = auditHelper;
+        }
+
+        public override void OnActionExecuting(ActionExecutingContext context)
+        {
+            EnsureArg.IsNotNull(context, nameof(context));
+
+            _auditHelper.LogExecuting(context.HttpContext, _claimsExtractor);
+
+            base.OnActionExecuting(context);
+        }
+
+        public override void OnResultExecuted(ResultExecutedContext context)
+        {
+            EnsureArg.IsNotNull(context, nameof(context));
+
+            _auditHelper.LogExecuted(context.HttpContext, _claimsExtractor);
+
+            base.OnResultExecuted(context);
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditMiddleware.cs b/src/Microsoft.Health.Api/Features/Audit/AuditMiddleware.cs
new file mode 100644
index 00000000..44c9a213
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditMiddleware.cs
@@ -0,0 +1,57 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System.Net;
+using System.Threading.Tasks;
+using EnsureThat;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Health.Core.Features.Security;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    /// <summary>
+    /// A middleware that logs executed audit events.
+    /// </summary>
+    public class AuditMiddleware
+    {
+        private readonly RequestDelegate _next;
+        private readonly IClaimsExtractor _claimsExtractor;
+        private readonly IAuditHelper _auditHelper;
+
+        public AuditMiddleware(
+            RequestDelegate next,
+            IClaimsExtractor claimsExtractor,
+            IAuditHelper auditHelper)
+        {
+            EnsureArg.IsNotNull(next, nameof(next));
+            EnsureArg.IsNotNull(claimsExtractor, nameof(claimsExtractor));
+            EnsureArg.IsNotNull(auditHelper, nameof(auditHelper));
+
+            _next = next;
+            _claimsExtractor = claimsExtractor;
+            _auditHelper = auditHelper;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            try
+            {
+                await _next(context);
+            }
+            finally
+            {
+                var statusCode = (HttpStatusCode)context.Response.StatusCode;
+
+                // Since authorization filters runs first before any other filters, if the authorization fails,
+                // the AuditLoggingFilterAttribute, which is where the audit logging would normally happen, will not be executed.
+                // This middleware will log any Unauthorized request if it hasn't been logged yet.
+                if (statusCode == HttpStatusCode.Unauthorized)
+                {
+                    _auditHelper.LogExecuted(context, _claimsExtractor);
+                }
+            }
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/AuditMiddlewareExtensions.cs b/src/Microsoft.Health.Api/Features/Audit/AuditMiddlewareExtensions.cs
new file mode 100644
index 00000000..0140208f
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/AuditMiddlewareExtensions.cs
@@ -0,0 +1,21 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using EnsureThat;
+using Microsoft.AspNetCore.Builder;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    public static class AuditMiddlewareExtensions
+    {
+        public static IApplicationBuilder UseAudit(
+            this IApplicationBuilder builder)
+        {
+            EnsureArg.IsNotNull(builder, nameof(builder));
+
+            return builder.UseMiddleware<AuditMiddleware>();
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/IAuditEventTypeMapping.cs b/src/Microsoft.Health.Api/Features/Audit/IAuditEventTypeMapping.cs
new file mode 100644
index 00000000..b122c6b9
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/IAuditEventTypeMapping.cs
@@ -0,0 +1,22 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    /// <summary>
+    /// Provides the ability to lookup audit event type.
+    /// </summary>
+    public interface IAuditEventTypeMapping
+    {
+        /// <summary>
+        /// Gets the audit event type from the <paramref name="controllerName"/> and <paramref name="actionName"/>.
+        /// </summary>
+        /// <param name="controllerName">The controller name.</param>
+        /// <param name="actionName">The action name.</param>
+        /// <returns>The audit event type if exists; <c>null</c> if anonymous access is allowed.</returns>
+        /// <exception cref="AuditEventTypeMapping">Thrown when there is no audit event type associated with the <paramref name="controllerName"/> and <paramref name="actionName"/>.</exception>
+        string GetAuditEventType(string controllerName, string actionName);
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/IAuditHeaderReader.cs b/src/Microsoft.Health.Api/Features/Audit/IAuditHeaderReader.cs
new file mode 100644
index 00000000..b3db574d
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/IAuditHeaderReader.cs
@@ -0,0 +1,15 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Http;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    public interface IAuditHeaderReader
+    {
+        IReadOnlyDictionary<string, string> Read(HttpContext httpContext);
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/IAuditHelper.cs b/src/Microsoft.Health.Api/Features/Audit/IAuditHelper.cs
new file mode 100644
index 00000000..0bc49d2b
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/IAuditHelper.cs
@@ -0,0 +1,30 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using Microsoft.AspNetCore.Http;
+using Microsoft.Health.Core.Features.Security;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    /// <summary>
+    /// Provides helper methods for auditing.
+    /// </summary>
+    public interface IAuditHelper
+    {
+        /// <summary>
+        /// Logs an executing audit entry for the current operation.
+        /// </summary>
+        /// <param name="httpContext">The HTTP context.</param>
+        /// <param name="claimsExtractor">The extractor used to extract claims.</param>
+        void LogExecuting(HttpContext httpContext, IClaimsExtractor claimsExtractor);
+
+        /// <summary>
+        /// Logs an executed audit entry for the current operation.
+        /// </summary>
+        /// <param name="httpContext">The HTTP context.</param>
+        /// <param name="claimsExtractor">The extractor used to extract claims.</param>
+        void LogExecuted(HttpContext httpContext, IClaimsExtractor claimsExtractor);
+    }
+}
diff --git a/src/Microsoft.Health.Api/Features/Audit/MissingAuditEventTypeMappingException.cs b/src/Microsoft.Health.Api/Features/Audit/MissingAuditEventTypeMappingException.cs
new file mode 100644
index 00000000..2a5777aa
--- /dev/null
+++ b/src/Microsoft.Health.Api/Features/Audit/MissingAuditEventTypeMappingException.cs
@@ -0,0 +1,17 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+
+namespace Microsoft.Health.Api.Features.Audit
+{
+    public class MissingAuditEventTypeMappingException : Exception
+    {
+        public MissingAuditEventTypeMappingException(string controllerName, string actionName)
+            : base(string.Format(Resources.MissingAuditInformation, controllerName, actionName))
+        {
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Api/Microsoft.Health.Api.csproj b/src/Microsoft.Health.Api/Microsoft.Health.Api.csproj
index efe6b478..5126f79a 100644
--- a/src/Microsoft.Health.Api/Microsoft.Health.Api.csproj
+++ b/src/Microsoft.Health.Api/Microsoft.Health.Api.csproj
@@ -9,7 +9,7 @@
     </ItemGroup>
     
     <ItemGroup>
-      <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.3" />
+      <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.6" />
       <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
     </ItemGroup>
     
diff --git a/src/Microsoft.Health.Api/Resources.Designer.cs b/src/Microsoft.Health.Api/Resources.Designer.cs
index a86f0d53..6b33e136 100644
--- a/src/Microsoft.Health.Api/Resources.Designer.cs
+++ b/src/Microsoft.Health.Api/Resources.Designer.cs
@@ -60,6 +60,15 @@ internal Resources() {
             }
         }
         
+        /// <summary>
+        ///   Looks up a localized string similar to The maximum length of a custom audit header value is {0}. The supplied custom audit header &apos;{1}&apos; has length of {2}..
+        /// </summary>
+        internal static string CustomAuditHeaderTooLarge {
+            get {
+                return ResourceManager.GetString("CustomAuditHeaderTooLarge", resourceCulture);
+            }
+        }
+        
         /// <summary>
         ///   Looks up a localized string similar to Failed while running health check..
         /// </summary>
@@ -68,5 +77,23 @@ internal static string FailedHealthCheckMessage {
                 return ResourceManager.GetString("FailedHealthCheckMessage", resourceCulture);
             }
         }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to The audit information is missing for Controller: {0} and Action: {1}. This usually means the action is not marked with appropriate attribute..
+        /// </summary>
+        internal static string MissingAuditInformation {
+            get {
+                return ResourceManager.GetString("MissingAuditInformation", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to The maximum number of custom audit headers allowed is {0}. The number of custom audit headers supplied is {1}..
+        /// </summary>
+        internal static string TooManyCustomAuditHeaders {
+            get {
+                return ResourceManager.GetString("TooManyCustomAuditHeaders", resourceCulture);
+            }
+        }
     }
 }
diff --git a/src/Microsoft.Health.Api/Resources.resx b/src/Microsoft.Health.Api/Resources.resx
index d5fb2c4f..43d307c9 100644
--- a/src/Microsoft.Health.Api/Resources.resx
+++ b/src/Microsoft.Health.Api/Resources.resx
@@ -117,7 +117,19 @@
   <resheader name="writer">
     <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </resheader>
+  <data name="CustomAuditHeaderTooLarge" xml:space="preserve">
+    <value>The maximum length of a custom audit header value is {0}. The supplied custom audit header '{1}' has length of {2}.</value>
+    <comment>PH0 is a constant defining the max length of a header.  PH1 is the name  of the header sent in the request.  PH2 is the length of the incoming header value.  Example: The maximum length of a custom audit header value is 2048. The supplied custom audit header 'X-MS-AZUREHEALTH-AUDIT-SITE' has length of 3072.</comment>
+  </data>
   <data name="FailedHealthCheckMessage" xml:space="preserve">
     <value>Failed while running health check.</value>
   </data>
+  <data name="MissingAuditInformation" xml:space="preserve">
+    <value>The audit information is missing for Controller: {0} and Action: {1}. This usually means the action is not marked with appropriate attribute.</value>
+    <comment>{0} is the controller name and {1} is the action name.</comment>
+  </data>
+  <data name="TooManyCustomAuditHeaders" xml:space="preserve">
+    <value>The maximum number of custom audit headers allowed is {0}. The number of custom audit headers supplied is {1}.</value>
+    <comment>PH0 is a constant defining the max number of custom headers.  PH1 is the count of custom headers sent in the request.  Example: The maximum number of custom audit headers allowed is 10. The number of custom audit headers supplied is 12.</comment>
+  </data>
 </root>
\ No newline at end of file
diff --git a/src/Microsoft.Health.Blob/Microsoft.Health.Blob.csproj b/src/Microsoft.Health.Blob/Microsoft.Health.Blob.csproj
index c5da7e6a..9fb0e3a6 100644
--- a/src/Microsoft.Health.Blob/Microsoft.Health.Blob.csproj
+++ b/src/Microsoft.Health.Blob/Microsoft.Health.Blob.csproj
@@ -9,7 +9,7 @@
     <PackageReference Include="Ensure.That" Version="8.1.2" />
     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="3.1.3" />
     <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="3.1.3" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.3" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.6" />
     <PackageReference Include="Microsoft.IO.RecyclableMemoryStream" Version="1.3.2" />
   </ItemGroup>
 
diff --git a/src/Microsoft.Health.Core.UnitTests/Microsoft.Health.Core.UnitTests.csproj b/src/Microsoft.Health.Core.UnitTests/Microsoft.Health.Core.UnitTests.csproj
index d61ff353..7a21516f 100644
--- a/src/Microsoft.Health.Core.UnitTests/Microsoft.Health.Core.UnitTests.csproj
+++ b/src/Microsoft.Health.Core.UnitTests/Microsoft.Health.Core.UnitTests.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
     <PropertyGroup>
         <TargetFramework>netcoreapp3.1</TargetFramework>
diff --git a/src/Microsoft.Health.Core/AssemblyInfo.cs b/src/Microsoft.Health.Core/AssemblyInfo.cs
new file mode 100644
index 00000000..c23af353
--- /dev/null
+++ b/src/Microsoft.Health.Core/AssemblyInfo.cs
@@ -0,0 +1,10 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System.Resources;
+using System.Runtime.CompilerServices;
+
+[assembly: NeutralResourcesLanguage("en-us")]
+[assembly: InternalsVisibleTo("Microsoft.Health.Api.UnitTests")]
\ No newline at end of file
diff --git a/src/Microsoft.Health.Core/Features/Context/IRequestContext.cs b/src/Microsoft.Health.Core/Features/Context/IRequestContext.cs
new file mode 100644
index 00000000..a6956606
--- /dev/null
+++ b/src/Microsoft.Health.Core/Features/Context/IRequestContext.cs
@@ -0,0 +1,33 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System;
+using System.Collections.Generic;
+using System.Security.Claims;
+using Microsoft.Extensions.Primitives;
+
+namespace Microsoft.Health.Core.Features.Context
+{
+    public interface IRequestContext
+    {
+        string Method { get; }
+
+        Uri BaseUri { get; }
+
+        Uri Uri { get; }
+
+        string CorrelationId { get; }
+
+        string RouteName { get; set; }
+
+        string AuditEventType { get; set; }
+
+        ClaimsPrincipal Principal { get; set; }
+
+        IDictionary<string, StringValues> RequestHeaders { get; }
+
+        IDictionary<string, StringValues> ResponseHeaders { get; }
+    }
+}
diff --git a/src/Microsoft.Health.Core/Features/Security/IClaimsExtractor.cs b/src/Microsoft.Health.Core/Features/Security/IClaimsExtractor.cs
new file mode 100644
index 00000000..57ae597d
--- /dev/null
+++ b/src/Microsoft.Health.Core/Features/Security/IClaimsExtractor.cs
@@ -0,0 +1,14 @@
+// -------------------------------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License (MIT). See LICENSE in the repo root for license information.
+// -------------------------------------------------------------------------------------------------
+
+using System.Collections.Generic;
+
+namespace Microsoft.Health.Core.Features.Security
+{
+    public interface IClaimsExtractor
+    {
+        IReadOnlyCollection<KeyValuePair<string, string>> Extract();
+    }
+}
diff --git a/src/Microsoft.Health.Core/Microsoft.Health.Core.csproj b/src/Microsoft.Health.Core/Microsoft.Health.Core.csproj
index 14a1f0fc..82198bae 100644
--- a/src/Microsoft.Health.Core/Microsoft.Health.Core.csproj
+++ b/src/Microsoft.Health.Core/Microsoft.Health.Core.csproj
@@ -1,11 +1,33 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
     <PropertyGroup>
         <TargetFramework>netcoreapp3.1</TargetFramework>
     </PropertyGroup>
-
+  
     <ItemGroup>
         <PackageReference Include="Ensure.That" Version="8.1.2" />
+        <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="3.1.6" />
         <PackageReference Include="Microsoft.Extensions.Logging" Version="3.1.3" />
+        <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
+        <PackageReference Include="Newtonsoft.Json.Schema" Version="3.0.13" />
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\Microsoft.Health.Extensions.DependencyInjection\Microsoft.Health.Extensions.DependencyInjection.csproj" />
+    </ItemGroup>
+
+    <ItemGroup>
+      <Compile Update="Resources.Designer.cs">
+        <DesignTime>True</DesignTime>
+        <AutoGen>True</AutoGen>
+        <DependentUpon>Resources.resx</DependentUpon>
+      </Compile>
+    </ItemGroup>
+
+    <ItemGroup>
+      <EmbeddedResource Update="Resources.resx">
+        <Generator>ResXFileCodeGenerator</Generator>
+        <LastGenOutput>Resources.Designer.cs</LastGenOutput>
+      </EmbeddedResource>
     </ItemGroup>
 </Project>
diff --git a/src/Microsoft.Health.Core/Resources.Designer.cs b/src/Microsoft.Health.Core/Resources.Designer.cs
new file mode 100644
index 00000000..ae45639e
--- /dev/null
+++ b/src/Microsoft.Health.Core/Resources.Designer.cs
@@ -0,0 +1,91 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.42000
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace Microsoft.Health.Core {
+    using System;
+    
+    
+    /// <summary>
+    ///   A strongly-typed resource class, for looking up localized strings, etc.
+    /// </summary>
+    // This class was auto-generated by the StronglyTypedResourceBuilder
+    // class via a tool like ResGen or Visual Studio.
+    // To add or remove a member, edit your .ResX file then rerun ResGen
+    // with the /str option, or rebuild your VS project.
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")]
+    [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
+    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+    internal class Resources {
+        
+        private static global::System.Resources.ResourceManager resourceMan;
+        
+        private static global::System.Globalization.CultureInfo resourceCulture;
+        
+        [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
+        internal Resources() {
+        }
+        
+        /// <summary>
+        ///   Returns the cached ResourceManager instance used by this class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        internal static global::System.Resources.ResourceManager ResourceManager {
+            get {
+                if (object.ReferenceEquals(resourceMan, null)) {
+                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.Health.Core.Resources", typeof(Resources).Assembly);
+                    resourceMan = temp;
+                }
+                return resourceMan;
+            }
+        }
+        
+        /// <summary>
+        ///   Overrides the current thread's CurrentUICulture property for all
+        ///   resource lookups using this strongly typed resource class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        internal static global::System.Globalization.CultureInfo Culture {
+            get {
+                return resourceCulture;
+            }
+            set {
+                resourceCulture = value;
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to The prefix used to identify custom audit headers cannot be empty..
+        /// </summary>
+        internal static string CustomHeaderPrefixCannotBeEmpty {
+            get {
+                return ResourceManager.GetString("CustomHeaderPrefixCannotBeEmpty", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to There are {0} roles with the name &apos;{1}&apos;.
+        /// </summary>
+        internal static string DuplicateRoleNames {
+            get {
+                return ResourceManager.GetString("DuplicateRoleNames", resourceCulture);
+            }
+        }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to Error validating roles:
+        ///{0}.
+        /// </summary>
+        internal static string ErrorValidatingRoles {
+            get {
+                return ResourceManager.GetString("ErrorValidatingRoles", resourceCulture);
+            }
+        }
+    }
+}
diff --git a/src/Microsoft.Health.Core/Resources.resx b/src/Microsoft.Health.Core/Resources.resx
new file mode 100644
index 00000000..7ee0cb9e
--- /dev/null
+++ b/src/Microsoft.Health.Core/Resources.resx
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="CustomHeaderPrefixCannotBeEmpty" xml:space="preserve">
+    <value>The prefix used to identify custom audit headers cannot be empty.</value>
+  </data>
+  <data name="DuplicateRoleNames" xml:space="preserve">
+    <value>There are {0} roles with the name '{1}'</value>
+  </data>
+  <data name="ErrorValidatingRoles" xml:space="preserve">
+    <value>Error validating roles:
+{0}</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/src/Microsoft.Health.SqlServer.Api.UnitTests/Microsoft.Health.SqlServer.Api.UnitTests.csproj b/src/Microsoft.Health.SqlServer.Api.UnitTests/Microsoft.Health.SqlServer.Api.UnitTests.csproj
index ed1a371a..a627400d 100644
--- a/src/Microsoft.Health.SqlServer.Api.UnitTests/Microsoft.Health.SqlServer.Api.UnitTests.csproj
+++ b/src/Microsoft.Health.SqlServer.Api.UnitTests/Microsoft.Health.SqlServer.Api.UnitTests.csproj
@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.3" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.6" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.3.0" />
     <PackageReference Include="NSubstitute" Version="4.2.1" />
     <PackageReference Include="xunit" Version="2.4.1" />
diff --git a/src/Microsoft.Health.SqlServer.Api/Microsoft.Health.SqlServer.Api.csproj b/src/Microsoft.Health.SqlServer.Api/Microsoft.Health.SqlServer.Api.csproj
index 95bd5849..9ba1f3a8 100644
--- a/src/Microsoft.Health.SqlServer.Api/Microsoft.Health.SqlServer.Api.csproj
+++ b/src/Microsoft.Health.SqlServer.Api/Microsoft.Health.SqlServer.Api.csproj
@@ -9,7 +9,7 @@
     <PackageReference Include="Ensure.That" Version="8.1.2" />
     <PackageReference Include="MediatR" Version="8.0.1" />
     <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="3.1.3" />
-    <PackageReference Include="Newtonsoft.Json.Schema" Version="3.0.11" />
+    <PackageReference Include="Newtonsoft.Json.Schema" Version="3.0.13" />
   </ItemGroup>
 
   <ItemGroup>