diff --git a/inbc-program/README.md b/inbc-program/README.md
index 4d36ab54d8..5427161da0 100644
--- a/inbc-program/README.md
+++ b/inbc-program/README.md
@@ -417,6 +417,12 @@ inbc query --option sw
 Optionally Downloads and encrypts GPG key and stores it on the system under <em>/usr/share/keyrings</em>.  Creates a file under <em>/etc/apt/sources.list.d</em> to store the update source information.
 This list file is used during 'sudo apt update' to update the application.  <em>Deb882</em> format may be used instead of downloading a GPG key.
 
+**NOTE:** Make sure to add gpgKeyUri to trustedrepositories using INBC Config Append command before using Inbc source application add command
+          Step 1: Refer to Inbc Config Append command to set gpgKeyUri to trustedRepositories in intel-manageability.conf file
+          Step 2: Use Inbc source appplication add command 
+```
+
+
 ### Usage
 ```
 inbc source application add
@@ -442,7 +448,6 @@ inbc source application add
 
       - Each blank line has a period in it. -> " ."
       - Each line after the Signed-By: starts with a space -> " gibberish"
-
 ```
 inbc source application add 
    --sources 
diff --git a/inbm/Changelog.md b/inbm/Changelog.md
index 8047b01b4b..77ddc86a70 100644
--- a/inbm/Changelog.md
+++ b/inbm/Changelog.md
@@ -10,7 +10,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
 ### Added
  - RTC 536601 - Added 'source' command to INBM. This command manages `/etc/apt/sources.list` and `/etc/apt/sources.list.d/*` and associated gpg keys on Ubuntu.
+- RTC 537769 -  Added verification of GPG key URIs against a list of trusted repositories for enhanced security
 
+check if sourceApplication Gpg key URL is in trusted repo
 ### Fixed
  - RTC 534426 - Could not write to /var/log/inbm-update-status.log on Yocto due to /var/log being a symlink to /var/volatile/log.
  - RTC 523677 - Improve INBC error logging - invalid child tag not printed
diff --git a/inbm/dispatcher-agent/dispatcher/source/ubuntu_source_manager.py b/inbm/dispatcher-agent/dispatcher/source/ubuntu_source_manager.py
index 8838ff58a8..ef1b70ec75 100644
--- a/inbm/dispatcher-agent/dispatcher/source/ubuntu_source_manager.py
+++ b/inbm/dispatcher-agent/dispatcher/source/ubuntu_source_manager.py
@@ -7,6 +7,9 @@
 import logging
 import os
 
+from dispatcher.packagemanager.package_manager import verify_source
+from dispatcher.dispatcher_broker import DispatcherBroker
+from dispatcher.dispatcher_exception import DispatcherException
 from dispatcher.source.source_exception import SourceError
 from dispatcher.source.constants import (
     UBUNTU_APT_SOURCES_LIST,
@@ -98,11 +101,19 @@ def __init__(self) -> None:
 
     def add(self, parameters: ApplicationAddSourceParameters) -> None:
         """Adds a source file and optional GPG key to be used during Ubuntu application updates."""
-        # Step 1: Add key (Optional)
+        # Step 1: Verify gpg key uri from trusted repo list 
         if parameters.gpg_key_name and parameters.gpg_key_uri:
+            try:
+               url = parameters.gpg_key_uri
+               #URL slicing to remove the last segment (filename) from the URL 
+               source = url.value[:-(len(url.value.split('/')[-1]) + 1)]
+               verify_source(source=source, dispatcher_broker=DispatcherBroker)
+            except (DispatcherException, IndexError) as err:
+               raise SourceError(f"Source Gpg key URI verification check failed: {err}")
+            # Step 2: Add key (Optional)
             add_gpg_key(parameters.gpg_key_uri, parameters.gpg_key_name)
 
-        # Step 2: Add the source
+        # Step 3: Add the source
         try:
             create_file_with_contents(
                 os.path.join(UBUNTU_APT_SOURCES_LIST_D, parameters.file_name), parameters.sources
diff --git a/inbm/dispatcher-agent/tests/unit/source/test_ubuntu_source_cmd.py b/inbm/dispatcher-agent/tests/unit/source/test_ubuntu_source_cmd.py
index 933e37379b..8cb80ab6a0 100644
--- a/inbm/dispatcher-agent/tests/unit/source/test_ubuntu_source_cmd.py
+++ b/inbm/dispatcher-agent/tests/unit/source/test_ubuntu_source_cmd.py
@@ -279,6 +279,33 @@ def test_successfully_remove_gpg_key_and_source_list(
         except SourceError:
             self.fail("Remove GPG key raised DispatcherException unexpectedly!")
 
+     @patch("dispatcher.packagemanager.package_manager.verify_source", side_effect=DispatcherException('error'))
+     def test_failed_add_gpg_key_method(self, mock_verify_source):
+        parameters = ApplicationAddSourceParameters(
+            gpg_key_uri="https://dl-ssl.google.com/linux/linux_signing_key.pub",
+            gpg_key_name="name"
+        )
+        command = UbuntuApplicationSourceManager()
+        try:
+            command.add(parameters)
+            self.assertIsNotNone(result)  # Assuming the add method returns some value on success 
+        except SourceError:
+            self.fail("Source Gpg key URI verification check failed: error")
+
+
+     @patch("dispatcher.packagemanager.package_manager.verify_source")
+     def test_success_add_gpg_key_method(self, mock_verify_source):
+        parameters = ApplicationAddSourceParameters(
+            gpg_key_uri="https://dl-ssl.google.com/linux/linux_signing_key.pub",
+            gpg_key_name="name"
+        )
+        command = UbuntuApplicationSourceManager()
+        try:
+            command.add(parameters)
+            self.assertIsNotNone(result)  # Assuming the add method returns some value on success
+        except SourceError:
+             assert False, f"'UbuntuApplicationSourceManager.add' raised an exception {err}"
+
     @patch("dispatcher.source.ubuntu_source_manager.remove_gpg_key_if_exists")
     def test_raises_when_space_check_fails(self, mock_remove_gpg_key):
         parameters = ApplicationRemoveSourceParameters(