@Override
  public int createApplication(
      ServiceProvider serviceProvider, String tenantDomain, String userName)
      throws IdentityApplicationManagementException {
    try {

      startTenantFlow(tenantDomain, userName);

      // invoking the listeners
      List<ApplicationMgtListener> listeners = ApplicationMgtListenerServiceComponent.getListners();

      for (ApplicationMgtListener listener : listeners) {
        listener.createApplication(serviceProvider);
      }

      // first we need to create a role with the application name.
      // only the users in this role will be able to edit/update the
      // application.
      ApplicationMgtUtil.createAppRole(serviceProvider.getApplicationName());
      ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
      ApplicationMgtUtil.storePermission(
          serviceProvider.getApplicationName(), serviceProvider.getPermissionAndRoleConfig());

      return appDAO.createApplication(serviceProvider, tenantDomain);
    } catch (Exception e) {
      try {
        ApplicationMgtUtil.deleteAppRole(serviceProvider.getApplicationName());
        ApplicationMgtUtil.deletePermissions(serviceProvider.getApplicationName());
      } catch (Exception ignored) {
        if (log.isDebugEnabled()) {
          log.debug("Ignored the exception occurred while trying to delete the role : ", e);
        }
      }
      String error =
          "Error occurred while creating the application : " + serviceProvider.getApplicationName();
      log.error(error, e);
      throw new IdentityApplicationManagementException(error, e);
    } finally {
      endTenantFlow();
    }
  }
  private void loadApplicationPermissions(
      String serviceProviderName, ServiceProvider serviceProvider)
      throws IdentityApplicationManagementException {
    List<ApplicationPermission> permissionList =
        ApplicationMgtUtil.loadPermissions(serviceProviderName);

    if (permissionList != null) {
      PermissionsAndRoleConfig permissionAndRoleConfig;
      if (serviceProvider.getPermissionAndRoleConfig() == null) {
        permissionAndRoleConfig = new PermissionsAndRoleConfig();
      } else {
        permissionAndRoleConfig = serviceProvider.getPermissionAndRoleConfig();
      }
      permissionAndRoleConfig.setPermissions(
          permissionList.toArray(new ApplicationPermission[permissionList.size()]));
      serviceProvider.setPermissionAndRoleConfig(permissionAndRoleConfig);
    }
  }
  @Override
  public void deleteApplication(String applicationName, String tenantDomain, String userName)
      throws IdentityApplicationManagementException {
    try {

      startTenantFlow(tenantDomain, userName);

      // invoking the listeners
      List<ApplicationMgtListener> listeners = ApplicationMgtListenerServiceComponent.getListners();

      for (ApplicationMgtListener listener : listeners) {
        listener.deleteApplication(applicationName);
      }

      if (!ApplicationMgtUtil.isUserAuthorized(applicationName)) {
        log.warn(
            "Illegal Access! User "
                + CarbonContext.getThreadLocalCarbonContext().getUsername()
                + " does not have access to the application "
                + applicationName);
        throw new IdentityApplicationManagementException("User not authorized");
      }

      ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
      ServiceProvider serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
      appDAO.deleteApplication(applicationName);

      ApplicationMgtUtil.deleteAppRole(applicationName);
      ApplicationMgtUtil.deletePermissions(applicationName);

      if (serviceProvider != null
          && serviceProvider.getInboundAuthenticationConfig() != null
          && serviceProvider
                  .getInboundAuthenticationConfig()
                  .getInboundAuthenticationRequestConfigs()
              != null) {

        InboundAuthenticationRequestConfig[] configs =
            serviceProvider
                .getInboundAuthenticationConfig()
                .getInboundAuthenticationRequestConfigs();

        for (InboundAuthenticationRequestConfig config : configs) {

          if (IdentityApplicationConstants.Authenticator.SAML2SSO.NAME.equalsIgnoreCase(
                  config.getInboundAuthType())
              && config.getInboundAuthKey() != null) {

            SAMLApplicationDAO samlDAO =
                ApplicationMgtSystemConfig.getInstance().getSAMLClientDAO();
            samlDAO.removeServiceProviderConfiguration(config.getInboundAuthKey());

          } else if (IdentityApplicationConstants.OAuth2.NAME.equalsIgnoreCase(
                  config.getInboundAuthType())
              && config.getInboundAuthKey() != null) {
            OAuthApplicationDAO oathDAO =
                ApplicationMgtSystemConfig.getInstance().getOAuthOIDCClientDAO();
            oathDAO.removeOAuthApplication(config.getInboundAuthKey());

          } else if ("kerberos".equalsIgnoreCase(config.getInboundAuthType())
              && config.getInboundAuthKey() != null) {

            DirectoryServerManager directoryServerManager = new DirectoryServerManager();
            directoryServerManager.removeServer(config.getInboundAuthKey());

          } else if (IdentityApplicationConstants.Authenticator.WSTrust.NAME.equalsIgnoreCase(
                  config.getInboundAuthType())
              && config.getInboundAuthKey() != null) {
            try {
              AxisService stsService = getAxisConfig().getService(ServerConstants.STS_NAME);
              Parameter origParam =
                  stsService.getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());

              if (origParam != null) {
                OMElement samlConfigElem =
                    origParam
                        .getParameterElement()
                        .getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG);

                SAMLTokenIssuerConfig samlConfig = new SAMLTokenIssuerConfig(samlConfigElem);
                samlConfig.getTrustedServices().remove(config.getInboundAuthKey());
                setSTSParameter(samlConfig);
                removeTrustedService(
                    ServerConstants.STS_NAME, ServerConstants.STS_NAME, config.getInboundAuthKey());
              } else {
                throw new IdentityApplicationManagementException(
                    "missing parameter : "
                        + SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
              }
            } catch (Exception e) {
              String error = "Error while removing a trusted service";
              log.error(error, e);
              throw new IdentityApplicationManagementException(error, e);
            }
          }
        }
      }

    } catch (Exception e) {
      String error = "Error occurred while deleting the application";
      log.error(error, e);
      throw new IdentityApplicationManagementException(error, e);
    } finally {
      endTenantFlow();
    }
  }
  @Override
  public void updateApplication(
      ServiceProvider serviceProvider, String tenantDomain, String userName)
      throws IdentityApplicationManagementException {
    try {

      try {
        startTenantFlow(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);

        IdentityServiceProviderCacheKey cacheKey =
            new IdentityServiceProviderCacheKey(tenantDomain, serviceProvider.getApplicationName());

        IdentityServiceProviderCache.getInstance().clearCacheEntry(cacheKey);

      } finally {
        endTenantFlow();
        startTenantFlow(tenantDomain, userName);
      }

      // invoking the listeners
      List<ApplicationMgtListener> listeners = ApplicationMgtListenerServiceComponent.getListners();
      for (ApplicationMgtListener listener : listeners) {
        listener.updateApplication(serviceProvider);
      }

      // check whether use is authorized to update the application.
      if (!ApplicationConstants.LOCAL_SP.equals(serviceProvider.getApplicationName())
          && !ApplicationMgtUtil.isUserAuthorized(
              serviceProvider.getApplicationName(), serviceProvider.getApplicationID())) {
        log.warn(
            "Illegal Access! User "
                + CarbonContext.getThreadLocalCarbonContext().getUsername()
                + " does not have access to the application "
                + serviceProvider.getApplicationName());
        throw new IdentityApplicationManagementException("User not authorized");
      }

      ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
      String storedAppName = appDAO.getApplicationName(serviceProvider.getApplicationID());
      appDAO.updateApplication(serviceProvider);

      ApplicationPermission[] permissions =
          serviceProvider.getPermissionAndRoleConfig().getPermissions();
      String applicationNode =
          ApplicationMgtUtil.getApplicationPermissionPath()
              + RegistryConstants.PATH_SEPARATOR
              + storedAppName;
      org.wso2.carbon.registry.api.Registry tenantGovReg =
          CarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.USER_GOVERNANCE);

      boolean exist = tenantGovReg.resourceExists(applicationNode);
      if (exist && !storedAppName.equals(serviceProvider.getApplicationName())) {
        ApplicationMgtUtil.renameAppPermissionPathNode(
            storedAppName, serviceProvider.getApplicationName());
      }

      if (ArrayUtils.isNotEmpty(permissions)) {
        ApplicationMgtUtil.updatePermissions(serviceProvider.getApplicationName(), permissions);
      }
    } catch (Exception e) {
      String error = "Error occurred while updating the application";
      log.error(error, e);
      throw new IdentityApplicationManagementException(error, e);
    } finally {
      endTenantFlow();
    }
  }