diff --git a/engines/dfc_provider/app/controllers/dfc_provider/enterprise_groups/affiliated_by_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/enterprise_groups/affiliated_by_controller.rb
new file mode 100644
index 0000000000..934758e6d5
--- /dev/null
+++ b/engines/dfc_provider/app/controllers/dfc_provider/enterprise_groups/affiliated_by_controller.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module DfcProvider
+  module EnterpriseGroups
+    class AffiliatedByController < DfcProvider::ApplicationController
+      def create
+        group = EnterpriseGroup.find(params[:enterprise_group_id])
+
+        authorize! :update, group
+
+        enterprise_uri = RDF::URI.new(params[:@id])
+
+        return head :bad_request unless enterprise_uri.valid?
+
+        enterprise_id = ofn_id_from_uri(enterprise_uri)
+        enterprise = Enterprise.find(enterprise_id)
+
+        group.enterprises << enterprise
+
+        return head :unprocessable_entity unless group.save
+
+        head :created
+      end
+
+      private
+
+      def ofn_id_from_uri(uri)
+        # enterprise uri follow this format http://test.host/api/dfc/enterprises/{ofn_enterprise_id}
+        uri.path.split("/").last
+      end
+    end
+  end
+end
diff --git a/engines/dfc_provider/config/routes.rb b/engines/dfc_provider/config/routes.rb
index 7390cc39a4..28afd17041 100644
--- a/engines/dfc_provider/config/routes.rb
+++ b/engines/dfc_provider/config/routes.rb
@@ -7,6 +7,8 @@ DfcProvider::Engine.routes.draw do
     resources :supplied_products, only: [:create, :show, :update]
     resources :social_medias, only: [:show]
   end
-  resources :enterprise_groups, only: [:index, :show]
+  resources :enterprise_groups, only: [:index, :show] do
+    resources :affiliated_by, only: [:create], module: 'enterprise_groups'
+  end
   resources :persons, only: [:show]
 end
diff --git a/engines/dfc_provider/spec/requests/enterprise_groups/affiliated_by_spec.rb b/engines/dfc_provider/spec/requests/enterprise_groups/affiliated_by_spec.rb
new file mode 100644
index 0000000000..7491bd969f
--- /dev/null
+++ b/engines/dfc_provider/spec/requests/enterprise_groups/affiliated_by_spec.rb
@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require_relative "../../swagger_helper"
+
+describe "EnterpriseGroups::AffiliatedBy", type: :request, swagger_doc: "dfc.yaml",
+                                           rswag_autodoc: true do
+  let(:user) { create(:oidc_user, id: 12_345) }
+  let(:group) {
+    create(
+      :enterprise_group,
+      id: 60_000, owner: user, name: "Sustainable Farmers", address:,
+      enterprises: [enterprise],
+    )
+  }
+  let(:address) { create(:address, id: 40_000, address1: "8 Acres Drive") }
+  let(:enterprise) { create(:enterprise, id: 10_000) }
+  let!(:enterprise2) { create(:enterprise, id: 10_001) }
+
+  before { login_as user }
+
+  path "/api/dfc/enterprise_groups/{enterprise_group_id}/affiliated_by" do
+    post "Add enterprise to group" do
+      consumes "application/json"
+
+      parameter name: :enterprise_group_id, in: :path, type: :string
+      parameter name: :enterprise_id, in: :body, schema: {
+        example: {
+          '@id': "http://test.host/api/dfc/enterprises/10001"
+        }
+      }
+
+      let(:enterprise_group_id) { group.id }
+      let(:enterprise_id) do |example|
+        example.metadata[:operation][:parameters].second[:schema][:example]
+      end
+
+      response "201", "created" do
+        run_test! do
+          expect(group.enterprises.reload).to include(enterprise2)
+        end
+      end
+
+      response "400", "bad request" do
+        describe "with missing request body" do
+          around do |example|
+            # Rswag expects all required parameters to be supplied with `let`
+            # but we want to send a request without the request body parameter.
+            parameters = example.metadata[:operation][:parameters]
+            example.metadata[:operation][:parameters] = [parameters.first]
+            example.run
+            example.metadata[:operation][:parameters] = parameters
+          end
+
+          run_test!
+        end
+
+        describe "with non valid enterprise uri" do
+          let(:enterprise_id) { { '@id': "http://test.host/%api/dfc/enterprises/10001" } }
+
+          run_test!
+        end
+      end
+
+      response "401", "unauthorized" do
+        let(:non_group_owner) { create(:oidc_user, id: 12_346) }
+
+        before { login_as non_group_owner }
+
+        run_test!
+      end
+    end
+  end
+end
diff --git a/swagger/dfc.yaml b/swagger/dfc.yaml
index e128c4d92e..b761182cd9 100644
--- a/swagger/dfc.yaml
+++ b/swagger/dfc.yaml
@@ -236,6 +236,30 @@ paths:
                     "@type": "@id"
                 dfc-b:stockLimitation: '3'
                 dfc-b:sku: new-sku
+  "/api/dfc/enterprise_groups/{enterprise_group_id}/affiliated_by":
+    post:
+      summary: Add enterprise to group
+      parameters:
+      - name: enterprise_group_id
+        in: path
+        required: true
+        schema:
+          type: string
+      tags:
+      - EnterpriseGroups::AffiliatedBy
+      responses:
+        '201':
+          description: created
+        '400':
+          description: bad request
+        '401':
+          description: unauthorized
+      requestBody:
+        content:
+          application/json:
+            schema:
+              example:
+                "@id": http://test.host/api/dfc/enterprises/10001
   "/api/dfc/enterprise_groups":
     get:
       summary: List groups