Merge pull request #2 from ayyoob/ayyoob

Merged APIM, DAS and ES features
9 years ago · fc4e53de99
parent 6d856ae975 e6d9cb82af
commit fc4e53de99
68 changed files with 10276 additions and 2145 deletions
--- a/modules/distribution/identity_config_change.xml
+++ b/modules/distribution/identity_config_change.xml
@ -0,0 +1,12 @@
+<processor>
+   <!-- Remove the scope validator from the identity.xml if it exists. Otherwise running the build several times
+   causes several scope validator elements to be added--> 	
+   <remove>
+        <name>//s:Server/s:OAuth/s:OAuthScopeValidator</name>
+   </remove>	   
+   <!-- Add the scope validator config element -->
+   <add> 
+      <after>//s:Server/s:OAuth/s:OAuthCallbackHandlers</after>
+      <value><![CDATA[<OAuthScopeValidator class="org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator"/>]]></value>
+   </add>
+</processor>
--- a/modules/distribution/pom.xml
+++ b/modules/distribution/pom.xml
--- a/modules/distribution/src/api-resource/customsequences/fault/json_fault.xml
+++ b/modules/distribution/src/api-resource/customsequences/fault/json_fault.xml
--- a/modules/distribution/src/api-resource/customsequences/in/json_to_xml_in_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/in/json_to_xml_in_message.xml
--- a/modules/distribution/src/api-resource/customsequences/in/log_in_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/in/log_in_message.xml
--- a/modules/distribution/src/api-resource/customsequences/in/preserve_accept_header.xml
+++ b/modules/distribution/src/api-resource/customsequences/in/preserve_accept_header.xml
--- a/modules/distribution/src/api-resource/customsequences/in/xml_to_json_in_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/in/xml_to_json_in_message.xml
--- a/modules/distribution/src/api-resource/customsequences/out/apply_accept_header.xml
+++ b/modules/distribution/src/api-resource/customsequences/out/apply_accept_header.xml
--- a/modules/distribution/src/api-resource/customsequences/out/json_to_xml_out_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/out/json_to_xml_out_message.xml
--- a/modules/distribution/src/api-resource/customsequences/out/log_out_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/out/log_out_message.xml
--- a/modules/distribution/src/api-resource/customsequences/out/xml_to_json_out_message.xml
+++ b/modules/distribution/src/api-resource/customsequences/out/xml_to_json_out_message.xml
--- a/modules/distribution/src/api-resource/sql/h2-sample-data.sql
+++ b/modules/distribution/src/api-resource/sql/h2-sample-data.sql
@ -0,0 +1,67 @@
+DELETE FROM AM_SUBSCRIPTION_KEY_MAPPING;
+DELETE FROM AM_APPLICATION_KEY_MAPPING;
+DELETE FROM AM_SUBSCRIPTION ;
+DELETE FROM AM_APPLICATION ;
+DELETE FROM AM_SUBSCRIBER;
+DELETE FROM AM_API;
+DELETE FROM IDN_OAUTH2_ACCESS_TOKEN ;
+DELETE FROM IDN_OAUTH_CONSUMER_APPS;
+
+ALTER TABLE AM_SUBSCRIBER ALTER COLUMN SUBSCRIBER_ID RESTART WITH 1;
+ALTER TABLE AM_APPLICATION ALTER COLUMN APPLICATION_ID RESTART WITH 100;
+ALTER TABLE AM_API ALTER COLUMN API_ID RESTART WITH 500;
+ALTER TABLE AM_SUBSCRIPTION ALTER COLUMN SUBSCRIPTION_ID RESTART WITH 1000;
+
+INSERT INTO AM_SUBSCRIBER ( USER_ID , TENANT_ID , EMAIL_ADDRESS , DATE_SUBSCRIBED ) VALUES ('SUMEDHA',-1234,'SUMEDHA@WSO2.COM','2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIBER ( USER_ID , TENANT_ID , EMAIL_ADDRESS , DATE_SUBSCRIBED ) VALUES ('PRABATH',-1234,'PRABATH@WSO2.COM','2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIBER ( USER_ID , TENANT_ID , EMAIL_ADDRESS , DATE_SUBSCRIBED ) VALUES ('THILINA',-1234,'THILINA@WSO2.COM','2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIBER ( USER_ID , TENANT_ID , EMAIL_ADDRESS , DATE_SUBSCRIBED ) VALUES ('UDAYANGA',-1234,'UDAYANGA@WSO2.COM','2012-03-05 12:10:11');
+
+
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('APPLICATION1',1);
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('APPLICATION2',1);
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('APPLICATION3',2);
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('APPLICATION4',2);
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('APPLICATION5',3);
+INSERT INTO AM_APPLICATION  (NAME,SUBSCRIBER_ID ) VALUES ('DeliciousApp',4);
+
+INSERT INTO AM_API (API_PROVIDER,API_NAME,API_VERSION,CONTEXT) VALUES ('SUMEDHA', 'API1', 'V1.0.0','/context1');
+INSERT INTO AM_API (API_PROVIDER,API_NAME,API_VERSION,CONTEXT) VALUES ('PRABATH', 'API2', 'V1.0.0','/deli2');
+INSERT INTO AM_API (API_PROVIDER,API_NAME,API_VERSION,CONTEXT) VALUES ('ADMIN', 'API3', 'V1.0.0','/test');
+INSERT INTO AM_API (API_PROVIDER,API_NAME,API_VERSION,CONTEXT) VALUES ('DEL', 'Delicious', '1.0.0','/deli');
+
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',500,100,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',501,101,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',500,102,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',502,103,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',501,104,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',503,105,'2012-03-05 12:10:11');
+INSERT INTO AM_SUBSCRIPTION  ( TIER_ID , API_ID , APPLICATION_ID , LAST_ACCESSED ) VALUES ('T1',501,102,'2012-03-05 12:10:11');
+
+INSERT INTO AM_SUBSCRIPTION_KEY_MAPPING (SUBSCRIPTION_ID, ACCESS_TOKEN, KEY_TYPE) VALUES (1000, 'SSDCHEJJ-AWUIS-232', 'PRODUCTION');
+INSERT INTO AM_SUBSCRIPTION_KEY_MAPPING (SUBSCRIPTION_ID, ACCESS_TOKEN, KEY_TYPE) VALUES (1001, 'a1b2c3d4', 'SANDBOX');
+INSERT INTO AM_SUBSCRIPTION_KEY_MAPPING (SUBSCRIPTION_ID, ACCESS_TOKEN, KEY_TYPE) VALUES (1002, 'p1q2r3s4', 'PRODUCTION');
+
+INSERT INTO AM_APPLICATION_KEY_MAPPING (APPLICATION_ID, CONSUMER_KEY, KEY_TYPE) VALUES (100, 'CON1', 'PRODUCTION');
+INSERT INTO AM_APPLICATION_KEY_MAPPING (APPLICATION_ID, CONSUMER_KEY, KEY_TYPE) VALUES (100, 'CON2', 'SANDBOX');
+INSERT INTO AM_APPLICATION_KEY_MAPPING (APPLICATION_ID, CONSUMER_KEY, KEY_TYPE) VALUES (101, 'CON3', 'PRODUCTION');
+
+INSERT INTO IDN_OAUTH_CONSUMER_APPS ( APP_NAME , CALLBACK_URL , CONSUMER_KEY , CONSUMER_SECRET ,OAUTH_VERSION , TENANT_ID , USERNAME ) VALUES (NULL,NULL,'CON1','MY PEN','2.0',0,'PRABATH');
+INSERT INTO IDN_OAUTH_CONSUMER_APPS ( APP_NAME , CALLBACK_URL , CONSUMER_KEY , CONSUMER_SECRET ,OAUTH_VERSION , TENANT_ID , USERNAME ) VALUES (NULL,NULL,'CON2','MY PEN','2.0',0,'PRABATH');
+INSERT INTO IDN_OAUTH_CONSUMER_APPS ( APP_NAME , CALLBACK_URL , CONSUMER_KEY , CONSUMER_SECRET ,OAUTH_VERSION , TENANT_ID , USERNAME ) VALUES (NULL,NULL,'CON3','MY PEN','2.0',0,'admin');
+
+INSERT INTO IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID, ACCESS_TOKEN ,AUTHZ_USER , USER_TYPE , CONSUMER_KEY , REFRESH_TOKEN ,TIME_CREATED , TOKEN_SCOPE_HASH , TOKEN_STATE ,VALIDITY_PERIOD ) VALUES ('TI1','a1b2c3d4','UDAYANGA','DEVELOPER','CON1',NULL,'2012-01-01','SANDBOXHASH','ACTIVE',1343714931875);
+INSERT INTO IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID, ACCESS_TOKEN ,AUTHZ_USER , USER_TYPE , CONSUMER_KEY , REFRESH_TOKEN ,TIME_CREATED , TOKEN_SCOPE_HASH , TOKEN_STATE ,VALIDITY_PERIOD ) VALUES ('TI2','p1q2r3s4','UDAYANGA','DEVELOPER','CON1',NULL,'2012-01-01','PRODUCTIONHASH','ACTIVE',1343714931875);
+INSERT INTO IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID, ACCESS_TOKEN ,AUTHZ_USER , USER_TYPE , CONSUMER_KEY , REFRESH_TOKEN ,TIME_CREATED , TOKEN_SCOPE_HASH , TOKEN_STATE ,VALIDITY_PERIOD ) VALUES ('TI3','test1','UDAYANGA','DEVELOPER','CON1',NULL,'2012-01-01','PRODUCTIONHASH','ACTIVE',1343714931875);
+INSERT INTO IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID, ACCESS_TOKEN ,AUTHZ_USER , USER_TYPE , CONSUMER_KEY , REFRESH_TOKEN ,TIME_CREATED , TOKEN_SCOPE_HASH , TOKEN_STATE ,VALIDITY_PERIOD ) VALUES ('TI4','test2','UDAYANGA','DEVELOPER','CON2',NULL,'2012-01-01','SANDBOXHASH','ACTIVE',1343714931875);
+INSERT INTO IDN_OAUTH2_ACCESS_TOKEN ( TOKEN_ID, ACCESS_TOKEN ,AUTHZ_USER , USER_TYPE , CONSUMER_KEY , REFRESH_TOKEN ,TIME_CREATED , TOKEN_SCOPE_HASH , TOKEN_STATE ,VALIDITY_PERIOD ) VALUES ('TI5','test3','UDAYANGA','DEVELOPER','CON3',NULL,'2012-01-01','PRODUCTIONHASH','ACTIVE',3600);
+
+INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI1','SANDBOX')
+INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI2','PRODUCTION')
+INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI3','PRODUCTION')
+INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI4','SANDBOX')
+INSERT INTO IDN_OAUTH2_SCOPE_ASSOCIATION (TOKEN_ID, TOKEN_SCOPE ) VALUES ('TI5','PRODUCTION')
+
+SELECT * FROM AM_SUBSCRIBER;
+SELECT * FROM AM_APPLICATION;
+SELECT * FROM AM_SUBSCRIPTION;
--- a/modules/distribution/src/api-resource/sql/h2.sql
+++ b/modules/distribution/src/api-resource/sql/h2.sql
@ -0,0 +1,735 @@
+-- Start of IDN Tables --
+CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE (
+            PRODUCT_NAME VARCHAR (20),
+            PRIMARY KEY (PRODUCT_NAME)
+);
+
+INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            CONSUMER_KEY VARCHAR (255),
+            CONSUMER_SECRET VARCHAR (512),
+            USERNAME VARCHAR (255),
+            TENANT_ID INTEGER DEFAULT 0,
+            APP_NAME VARCHAR (255),
+            OAUTH_VERSION VARCHAR (128),
+            CALLBACK_URL VARCHAR (1024),
+            GRANT_TYPES VARCHAR (1024),
+            CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
+            PRIMARY KEY (ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
+            REQUEST_TOKEN VARCHAR (512),
+            REQUEST_TOKEN_SECRET VARCHAR (512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR (1024),
+            SCOPE VARCHAR(2048),
+            AUTHORIZED VARCHAR (128),
+            OAUTH_VERIFIER VARCHAR (512),
+            AUTHZ_USER VARCHAR (512),
+            PRIMARY KEY (REQUEST_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
+            ACCESS_TOKEN VARCHAR (512),
+            ACCESS_TOKEN_SECRET VARCHAR (512),
+            CONSUMER_KEY_ID INTEGER,
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (512),
+            PRIMARY KEY (ACCESS_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
+            TOKEN_ID VARCHAR (255),
+            ACCESS_TOKEN VARCHAR (255),
+            REFRESH_TOKEN VARCHAR (255),
+            CONSUMER_KEY_ID INTEGER,
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            USER_TYPE VARCHAR (25),
+            TIME_CREATED TIMESTAMP DEFAULT 0,
+            REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0,
+            VALIDITY_PERIOD BIGINT,
+            REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
+            TOKEN_SCOPE_HASH VARCHAR (32),
+            TOKEN_STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
+            PRIMARY KEY (TOKEN_ID),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+            CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
+                                           TOKEN_STATE,TOKEN_STATE_ID)
+);
+
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
+            AUTHORIZATION_CODE VARCHAR (512),
+            CONSUMER_KEY_ID INTEGER,
+	          CALLBACK_URL VARCHAR (1024),
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            TIME_CREATED TIMESTAMP,
+			      VALIDITY_PERIOD BIGINT,
+	          STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_ID VARCHAR(255),
+            PRIMARY KEY (AUTHORIZATION_CODE),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_ASSOCIATION (
+            TOKEN_ID VARCHAR (255),
+            TOKEN_SCOPE VARCHAR (60),
+            PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE),
+            FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
+            SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT,
+            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NULL,
+            DESCRIPTION VARCHAR(512) NULL,
+            TENANT_ID INTEGER NOT NULL DEFAULT 0,
+	    ROLES VARCHAR (500) NULL,
+            PRIMARY KEY (SCOPE_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
+            RESOURCE_PATH VARCHAR(255) NOT NULL,
+            SCOPE_ID INTEGER (11) NOT NULL,
+            PRIMARY KEY (RESOURCE_PATH),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            ROLE_NAME VARCHAR(255) NOT NULL,
+            ATTR_NAME VARCHAR(1024) NOT NULL,
+			ATTR_VALUE VARCHAR(1024),
+            PRIMARY KEY (ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID
+
+
+
+            INTEGER DEFAULT 0,
+            COOKIE_VALUE VARCHAR(1024),
+            CREATED_TIME TIMESTAMP,
+            PRIMARY KEY (USER_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS (
+			USER_NAME VARCHAR(255) NOT NULL,
+			TENANT_ID INTEGER DEFAULT 0,
+			RP_URL VARCHAR(255) NOT NULL,
+			TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE',
+			LAST_VISIT DATE NOT NULL,
+			VISIT_COUNT INTEGER DEFAULT 0,
+			DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT',
+			PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS (
+			HANDLE VARCHAR(255) NOT NULL,
+			ASSOC_TYPE VARCHAR(255) NOT NULL,
+			EXPIRE_IN TIMESTAMP NOT NULL,
+			MAC_KEY VARCHAR(255) NOT NULL,
+			ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED',
+			PRIMARY KEY (HANDLE)
+);
+
+CREATE TABLE IDN_STS_STORE (
+            ID INTEGER AUTO_INCREMENT,
+            TOKEN_ID VARCHAR(255) NOT NULL,
+            TOKEN_CONTENT BLOB NOT NULL,
+            CREATE_DATE TIMESTAMP NOT NULL,
+            EXPIRE_DATE TIMESTAMP NOT NULL,
+            STATE INTEGER DEFAULT 0,
+            PRIMARY KEY (ID)
+);
+
+CREATE TABLE IDN_IDENTITY_USER_DATA (
+            TENANT_ID INTEGER DEFAULT -1234,
+            USER_NAME VARCHAR(255) NOT NULL,
+            DATA_KEY VARCHAR(255) NOT NULL,
+            DATA_VALUE VARCHAR(255),
+            PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
+);
+
+CREATE TABLE IDN_IDENTITY_META_DATA (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            METADATA_TYPE VARCHAR(255) NOT NULL,
+            METADATA VARCHAR(255) NOT NULL,
+            VALID VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)
+);
+
+CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION (
+            SESSION_ID VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            CREATED_TIME VARCHAR(255) NOT NULL,
+            LAST_MODIFIED_TIME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (SESSION_ID)
+);
+
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+		        SESSION_ID VARCHAR (100) NOT NULL,
+		        SESSION_TYPE VARCHAR(100) NOT NULL,
+		        SESSION_OBJECT BLOB,
+		        TIME_CREATED TIMESTAMP,
+		        PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+);
+CREATE TABLE IF NOT EXISTS SP_APP (
+        ID INTEGER NOT NULL AUTO_INCREMENT,
+        TENANT_ID INTEGER NOT NULL,
+	    	APP_NAME VARCHAR (255) NOT NULL ,
+	    	USER_STORE VARCHAR (255) NOT NULL,
+        USERNAME VARCHAR (255) NOT NULL ,
+        DESCRIPTION VARCHAR (1024),
+	    	ROLE_CLAIM VARCHAR (512),
+        AUTH_TYPE VARCHAR (255) NOT NULL,
+	    	PROVISIONING_USERSTORE_DOMAIN VARCHAR (512),
+	    	IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1',
+	    	IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0',
+	    	IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
+        IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+	    	SUBJECT_CLAIM_URI VARCHAR (512),
+	    	IS_SAAS_APP CHAR(1) DEFAULT '0',
+        PRIMARY KEY (ID));
+
+ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID);
+
+CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+	     	TENANT_ID INTEGER NOT NULL,
+	     	INBOUND_AUTH_KEY VARCHAR (255) NOT NULL,
+            INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROP_NAME VARCHAR (255),
+            PROP_VALUE VARCHAR (1024) ,
+	     	APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_AUTH_STEP (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+	     	STEP_ORDER INTEGER DEFAULT 1,
+            APP_ID INTEGER NOT NULL ,
+            IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
+            IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP (
+            ID INTEGER NOT NULL,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID, AUTHENTICATOR_ID));
+
+ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
+	    	ID INTEGER NOT NULL AUTO_INCREMENT,
+	    	TENANT_ID INTEGER NOT NULL,
+	    	IDP_CLAIM VARCHAR (512) NOT NULL ,
+            SP_CLAIM VARCHAR (512) NOT NULL ,
+	   		APP_ID INTEGER NOT NULL,
+	    	IS_REQUESTED VARCHAR(128) DEFAULT '0',
+	    	DEFAULT_VALUE VARCHAR(255),
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING (
+	    	ID INTEGER NOT NULL AUTO_INCREMENT,
+	    	TENANT_ID INTEGER NOT NULL,
+	    	IDP_ROLE VARCHAR (255) NOT NULL ,
+            SP_ROLE VARCHAR (255) NOT NULL ,
+	    	APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR (
+	    	ID INTEGER NOT NULL AUTO_INCREMENT,
+	    	TENANT_ID INTEGER NOT NULL,
+	    	AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
+	    	APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
+	    	ID INTEGER NOT NULL AUTO_INCREMENT,
+	    	TENANT_ID INTEGER NOT NULL,
+            IDP_NAME VARCHAR (255) NOT NULL ,
+	    	CONNECTOR_NAME VARCHAR (255) NOT NULL ,
+	    	APP_ID INTEGER NOT NULL,
+	    	IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+		BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS IDP (
+			ID INTEGER AUTO_INCREMENT,
+			TENANT_ID INTEGER,
+			NAME VARCHAR(254) NOT NULL,
+			IS_ENABLED CHAR(1) NOT NULL DEFAULT '1',
+			IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0',
+			HOME_REALM_ID VARCHAR(254),
+			IMAGE MEDIUMBLOB,
+			CERTIFICATE BLOB,
+			ALIAS VARCHAR(254),
+			INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0',
+			INBOUND_PROV_USER_STORE_ID VARCHAR(254),
+ 			USER_CLAIM_URI VARCHAR(254),
+ 			ROLE_CLAIM_URI VARCHAR(254),
+  			DESCRIPTION VARCHAR (1024),
+ 			DEFAULT_AUTHENTICATOR_NAME VARCHAR(254),
+ 			DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254),
+ 			PROVISIONING_ROLE VARCHAR(128),
+ 			IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0',
+ 			IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
+	        DISPLAY_NAME VARCHAR(255),
+			PRIMARY KEY (ID),
+			UNIQUE (TENANT_ID, NAME));
+
+INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE (
+			ID INTEGER AUTO_INCREMENT,
+			IDP_ID INTEGER,
+			TENANT_ID INTEGER,
+			ROLE VARCHAR(254),
+			PRIMARY KEY (ID),
+			UNIQUE (IDP_ID, ROLE),
+			FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING (
+			ID INTEGER AUTO_INCREMENT,
+			IDP_ROLE_ID INTEGER,
+			TENANT_ID INTEGER,
+			USER_STORE_ID VARCHAR (253),
+			LOCAL_ROLE VARCHAR(253),
+			PRIMARY KEY (ID),
+			UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
+			FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM (
+			ID INTEGER AUTO_INCREMENT,
+			IDP_ID INTEGER,
+			TENANT_ID INTEGER,
+			CLAIM VARCHAR(254),
+			PRIMARY KEY (ID),
+			UNIQUE (IDP_ID, CLAIM),
+			FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING (
+			ID INTEGER AUTO_INCREMENT,
+			IDP_CLAIM_ID INTEGER,
+			TENANT_ID INTEGER,
+			LOCAL_CLAIM VARCHAR(253),
+		    DEFAULT_VALUE VARCHAR(255),
+			IS_REQUESTED VARCHAR(128) DEFAULT '0',
+			PRIMARY KEY (ID),
+			UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
+			FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            NAME VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '1',
+            DISPLAY_NAME VARCHAR(255),
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, NAME),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            AUTHENTICATOR_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2047),
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
+            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '0',
+            IS_BLOCKING CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            PROVISIONING_CONFIG_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2048),
+            PROPERTY_BLOB_VALUE BLOB,
+            PROPERTY_TYPE CHAR(32) NOT NULL,
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY (
+            ID INTEGER AUTO_INCREMENT,
+            PROVISIONING_CONFIG_ID INTEGER,
+            ENTITY_TYPE VARCHAR(255) NOT NULL,
+            ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL,
+            ENTITY_NAME VARCHAR(255) NOT NULL,
+            ENTITY_VALUE VARCHAR(255),
+            TENANT_ID INTEGER,
+            PRIMARY KEY (ID),
+            UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
+            UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            CLAIM_URI VARCHAR(255) NOT NULL,
+            DEFAULT_VALUE VARCHAR(255),
+	    IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID (
+            ID INTEGER AUTO_INCREMENT,
+	    IDP_USER_ID VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+	    IDP_ID INTEGER NOT NULL,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+ 	    USER_NAME VARCHAR(255) NOT NULL,
+	    PRIMARY KEY (ID),
+            UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+            ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+        TENANT_ID INTEGER,
+        DOMAIN_NAME VARCHAR(255) NOT NULL,
+        USER_NAME VARCHAR(45) NOT NULL,
+	TIME_REGISTERED TIMESTAMP,
+        KEY_HANDLE VARCHAR(200) NOT NULL,
+        DEVICE_DATA LONGVARCHAR NOT NULL,
+      	PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+      	
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT TIMESTAMP,
+    UPDATED_AT TIMESTAMP,
+    STATUS VARCHAR (30),
+    REQUEST BLOB,
+    PRIMARY KEY (UUID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    CALLBACK_USERNAME VARCHAR (45),
+    CALLBACK_PASSWORD VARCHAR (255),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (ID)
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER NOT NULL AUTO_INCREMENT,
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+-- Start of API-MGT Tables --
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
+    SUBSCRIBER_ID INTEGER AUTO_INCREMENT,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EMAIL_ADDRESS VARCHAR(256) NULL,
+    DATE_SUBSCRIBED TIMESTAMP NOT NULL,
+    PRIMARY KEY (SUBSCRIBER_ID),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    UNIQUE (TENANT_ID,USER_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION (
+    APPLICATION_ID INTEGER AUTO_INCREMENT,
+    NAME VARCHAR(100),
+    SUBSCRIBER_ID INTEGER,
+    APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited',
+    CALLBACK_URL VARCHAR(512),
+    DESCRIPTION VARCHAR(512),
+    APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED',
+    GROUP_ID VARCHAR(100),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID),
+    UNIQUE (NAME,SUBSCRIBER_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API (
+    API_ID INTEGER AUTO_INCREMENT,
+    API_PROVIDER VARCHAR(256),
+    API_NAME VARCHAR(256),
+    API_VERSION VARCHAR(30),
+    CONTEXT VARCHAR(256),
+    CONTEXT_TEMPLATE VARCHAR(256),
+    PRIMARY KEY(API_ID),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    UNIQUE (API_PROVIDER,API_NAME,API_VERSION)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING (
+    URL_MAPPING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    HTTP_METHOD VARCHAR(20) NULL,
+    AUTH_SCHEME VARCHAR(50) NULL,
+    URL_PATTERN VARCHAR(512) NULL,
+    THROTTLING_TIER varchar(512) DEFAULT NULL,
+    MEDIATION_SCRIPT BLOB DEFAULT NULL,
+    PRIMARY KEY(URL_MAPPING_ID)
+);
+
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
+    SUBSCRIPTION_ID INTEGER AUTO_INCREMENT,
+    TIER_ID VARCHAR(50),
+    API_ID INTEGER,
+    LAST_ACCESSED TIMESTAMP NULL,
+    APPLICATION_ID INTEGER,
+    SUB_STATUS VARCHAR(50),
+    SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (SUBSCRIPTION_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
+    SUBSCRIPTION_ID INTEGER,
+    ACCESS_TOKEN VARCHAR(512),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
+);
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING (
+    APPLICATION_ID INTEGER,
+    CONSUMER_KEY VARCHAR(512),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    STATE VARCHAR(30) NOT NULL,
+    CREATE_MODE VARCHAR(30) DEFAULT 'CREATED',
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID,KEY_TYPE)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT (
+    EVENT_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    PREVIOUS_STATE VARCHAR(50),
+    NEW_STATE VARCHAR(50) NOT NULL,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EVENT_DATE TIMESTAMP NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (EVENT_ID)
+);
+
+CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING (
+    CONSUMER_KEY VARCHAR(255),
+    AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL',
+    PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_COMMENTS (
+    COMMENT_ID INTEGER AUTO_INCREMENT,
+    COMMENT_TEXT VARCHAR(512),
+    COMMENTED_USER VARCHAR(255),
+    DATE_COMMENTED TIMESTAMP NOT NULL,
+    API_ID INTEGER NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (COMMENT_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_RATINGS(
+    RATING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    RATING INTEGER,
+    SUBSCRIBER_ID INTEGER,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (RATING_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS (
+    TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT,
+    TIER VARCHAR(50) NOT NULL,
+    PERMISSIONS_TYPE VARCHAR(50) NOT NULL,
+    ROLES VARCHAR(512) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY(TIER_PERMISSIONS_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES(
+    APISTORE_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    STORE_ID VARCHAR(255) NOT NULL,
+    STORE_DISPLAY_NAME VARCHAR(255) NOT NULL,
+    STORE_ENDPOINT VARCHAR(255) NOT NULL,
+    STORE_TYPE VARCHAR(255) NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (APISTORE_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_WORKFLOWS(
+    WF_ID INTEGER AUTO_INCREMENT,
+    WF_REFERENCE VARCHAR(255) NOT NULL,
+    WF_TYPE VARCHAR(255) NOT NULL,
+    WF_STATUS VARCHAR(255) NOT NULL,
+    WF_CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ,
+    WF_STATUS_DESC VARCHAR(1000),
+    TENANT_ID INTEGER,
+    TENANT_DOMAIN VARCHAR(255),
+    WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL,
+    PRIMARY KEY (WF_ID),
+    UNIQUE (WF_EXTERNAL_REFERENCE)
+);
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
+    REG_ID INT AUTO_INCREMENT,
+    SUBSCRIBER_ID INT,
+    WF_REF VARCHAR(255) NOT NULL,
+    APP_ID INT,
+    TOKEN_TYPE VARCHAR(30),
+    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    INPUTS VARCHAR(1000),
+    ALLOWED_DOMAINS VARCHAR(256),
+    VALIDITY_PERIOD BIGINT,
+    UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE),
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (REG_ID)
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_SCOPES (
+   API_ID  INTEGER NOT NULL,
+   SCOPE_ID  INTEGER NOT NULL,
+   FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE  ON UPDATE CASCADE,
+   FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION (
+            DEFAULT_VERSION_ID INT AUTO_INCREMENT, 
+            API_NAME VARCHAR(256) NOT NULL ,
+            API_PROVIDER VARCHAR(256) NOT NULL , 
+            DEFAULT_API_VERSION VARCHAR(30) , 
+            PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) ,
+            PRIMARY KEY (DEFAULT_VERSION_ID)
+);
+
+
+CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID);
+
+-- End of API-MGT Tables --
--- a/modules/distribution/src/api-resource/sql/mssql.sql
+++ b/modules/distribution/src/api-resource/sql/mssql.sql
@ -0,0 +1,815 @@
+-- Start of IDENTITY Tables --
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_BASE_TABLE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_BASE_TABLE (
+            PRODUCT_NAME VARCHAR(20),
+            PRIMARY KEY (PRODUCT_NAME)
+);
+
+INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH_CONSUMER_APPS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
+            ID INTEGER IDENTITY,
+            CONSUMER_KEY VARCHAR(255),
+            CONSUMER_SECRET VARCHAR(512),
+            USERNAME VARCHAR(255),
+            TENANT_ID INTEGER DEFAULT 0,
+            APP_NAME VARCHAR(255),
+            OAUTH_VERSION VARCHAR(128),
+            CALLBACK_URL VARCHAR(1024),
+            GRANT_TYPES VARCHAR(1024),
+            CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
+            PRIMARY KEY (ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH1A_REQUEST_TOKEN]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN (
+            REQUEST_TOKEN VARCHAR(512),
+            REQUEST_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHORIZED VARCHAR(128),
+            OAUTH_VERIFIER VARCHAR(512),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (REQUEST_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH1A_ACCESS_TOKEN]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
+            ACCESS_TOKEN VARCHAR(512),
+            ACCESS_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (ACCESS_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_ACCESS_TOKEN]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
+            TOKEN_ID VARCHAR (255),
+            ACCESS_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(255),
+            CONSUMER_KEY_ID INTEGER,
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            USER_TYPE VARCHAR (25),
+            TIME_CREATED DATETIME,
+            REFRESH_TOKEN_TIME_CREATED DATETIME,
+            VALIDITY_PERIOD BIGINT,
+            REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
+            TOKEN_SCOPE_HASH VARCHAR(32),
+            TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
+            TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
+            PRIMARY KEY (TOKEN_ID),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+            CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
+                                           TOKEN_STATE,TOKEN_STATE_ID)
+);
+
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+
+IF EXISTS (SELECT NAME FROM SYSINDEXES WHERE NAME = 'IDX_AT_CK_AU')
+DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT_CK_AU
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_AUTHORIZATION_CODE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
+            AUTHORIZATION_CODE VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+              CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            TIME_CREATED DATETIME,
+            VALIDITY_PERIOD BIGINT,
+            STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_ID VARCHAR(255),
+            PRIMARY KEY (AUTHORIZATION_CODE),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_ASSOCIATION]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE_ASSOCIATION (
+            TOKEN_ID VARCHAR (255),
+            TOKEN_SCOPE VARCHAR (60),
+            PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE),
+            FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_SCOPE (
+            SCOPE_ID INTEGER IDENTITY,
+            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NULL,
+            DESCRIPTION VARCHAR(512) NULL,
+            TENANT_ID INTEGER NOT NULL DEFAULT 0,
+            ROLES VARCHAR (500) NULL,
+            PRIMARY KEY (SCOPE_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_RESOURCE_SCOPE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OAUTH2_RESOURCE_SCOPE (
+            RESOURCE_PATH VARCHAR(255) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
+            PRIMARY KEY (RESOURCE_PATH),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SCIM_GROUP]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_SCIM_GROUP (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            ROLE_NAME VARCHAR(255) NOT NULL,
+            ATTR_NAME VARCHAR(1024) NOT NULL,
+            ATTR_VALUE VARCHAR(1024),
+            PRIMARY KEY (ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_REMEMBER_ME]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OPENID_REMEMBER_ME (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            COOKIE_VALUE VARCHAR(1024),
+            CREATED_TIME DATETIME,
+            PRIMARY KEY (USER_NAME, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_USER_RPS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OPENID_USER_RPS (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            RP_URL VARCHAR(255) NOT NULL,
+            TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE',
+            LAST_VISIT DATE NOT NULL,
+            VISIT_COUNT INTEGER DEFAULT 0,
+            DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT',
+            PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OPENID_ASSOCIATIONS]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_OPENID_ASSOCIATIONS (
+            HANDLE VARCHAR(255) NOT NULL,
+            ASSOC_TYPE VARCHAR(255) NOT NULL,
+            EXPIRE_IN DATETIME NOT NULL,
+            MAC_KEY VARCHAR(255) NOT NULL,
+            ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED',
+            PRIMARY KEY (HANDLE)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_STS_STORE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_STS_STORE (
+            ID INTEGER IDENTITY,
+            TOKEN_ID VARCHAR(255) NOT NULL,
+            TOKEN_CONTENT VARBINARY(MAX) NOT NULL,
+            CREATE_DATE DATETIME NOT NULL,
+            EXPIRE_DATE DATETIME NOT NULL,
+            STATE INTEGER DEFAULT 0,
+            PRIMARY KEY (ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_IDENTITY_USER_DATA]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_IDENTITY_USER_DATA (
+            TENANT_ID INTEGER DEFAULT -1234,
+            USER_NAME VARCHAR(255) NOT NULL,
+            DATA_KEY VARCHAR(255) NOT NULL,
+            DATA_VALUE VARCHAR(255),
+            PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_IDENTITY_META_DATA]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_IDENTITY_META_DATA (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            METADATA_TYPE VARCHAR(255) NOT NULL,
+            METADATA VARCHAR(255) NOT NULL,
+            VALID VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_THRIFT_SESSION]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_THRIFT_SESSION (
+            SESSION_ID VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            CREATED_TIME VARCHAR(255) NOT NULL,
+            LAST_MODIFIED_TIME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (SESSION_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_AUTH_SESSION_STORE]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+        SESSION_ID VARCHAR (100) NOT NULL,
+        SESSION_TYPE VARCHAR(100) NOT NULL,
+        SESSION_OBJECT VARBINARY(MAX),
+        TIME_CREATED DATETIME,
+        PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_APP]') AND TYPE IN (N'U'))
+CREATE TABLE SP_APP (
+        ID INTEGER NOT NULL IDENTITY,
+        TENANT_ID INTEGER NOT NULL,
+            APP_NAME VARCHAR (255) NOT NULL ,
+            USER_STORE VARCHAR (255) NOT NULL,
+        USERNAME VARCHAR (255) NOT NULL ,
+        DESCRIPTION VARCHAR (1024),
+            ROLE_CLAIM VARCHAR (512),
+        AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROVISIONING_USERSTORE_DOMAIN VARCHAR (512),
+            IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1',
+            IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0',
+            IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
+        IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            SUBJECT_CLAIM_URI VARCHAR (512),
+            IS_SAAS_APP CHAR(1) DEFAULT '0',
+        PRIMARY KEY (ID));
+
+ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_INBOUND_AUTH]') AND TYPE IN (N'U'))
+CREATE TABLE SP_INBOUND_AUTH (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            INBOUND_AUTH_KEY VARCHAR (255) NOT NULL,
+            INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROP_NAME VARCHAR (255),
+            PROP_VALUE VARCHAR (1024) ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_STEP]') AND TYPE IN (N'U'))
+CREATE TABLE SP_AUTH_STEP (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            STEP_ORDER INTEGER DEFAULT 1,
+            APP_ID INTEGER NOT NULL,
+            IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
+            IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_FEDERATED_IDP]') AND TYPE IN (N'U'))
+CREATE TABLE SP_FEDERATED_IDP (
+            ID INTEGER NOT NULL,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID, AUTHENTICATOR_ID));
+
+ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_CLAIM_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE SP_CLAIM_MAPPING (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_CLAIM VARCHAR (512) NOT NULL ,
+            SP_CLAIM VARCHAR (512) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            DEFAULT_VALUE VARCHAR(255),
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_ROLE_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE SP_ROLE_MAPPING (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_ROLE VARCHAR (255) NOT NULL ,
+            SP_ROLE VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_REQ_PATH_AUTHENTICATOR]') AND TYPE IN (N'U'))
+CREATE TABLE SP_REQ_PATH_AUTHENTICATOR (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_PROVISIONING_CONNECTOR]') AND TYPE IN (N'U'))
+CREATE TABLE SP_PROVISIONING_CONNECTOR (
+            ID INTEGER NOT NULL IDENTITY,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_NAME VARCHAR (255) NOT NULL ,
+            CONNECTOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+            BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP]') AND TYPE IN (N'U'))
+CREATE TABLE IDP (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            NAME VARCHAR(254) NOT NULL,
+            IS_ENABLED CHAR(1) NOT NULL DEFAULT '1',
+            IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0',
+            HOME_REALM_ID VARCHAR(254),
+            IMAGE VARBINARY(MAX),
+            CERTIFICATE VARBINARY(MAX),
+            ALIAS VARCHAR(254),
+            INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0',
+            INBOUND_PROV_USER_STORE_ID VARCHAR(254),
+            USER_CLAIM_URI VARCHAR(254),
+            ROLE_CLAIM_URI VARCHAR(254),
+            DESCRIPTION VARCHAR (1024),
+            DEFAULT_AUTHENTICATOR_NAME VARCHAR(254),
+            DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254),
+            PROVISIONING_ROLE VARCHAR(128),
+            IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0',
+            IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID),
+            DISPLAY_NAME VARCHAR(255),
+            UNIQUE (TENANT_ID, NAME));
+
+INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_ROLE (
+            ID INTEGER IDENTITY,
+            IDP_ID INTEGER,
+            TENANT_ID INTEGER,
+            ROLE VARCHAR(254),
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_ID, ROLE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_ROLE_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_ROLE_MAPPING (
+            ID INTEGER IDENTITY,
+            IDP_ROLE_ID INTEGER,
+            TENANT_ID INTEGER,
+            USER_STORE_ID VARCHAR (253),
+            LOCAL_ROLE VARCHAR(253),
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
+            FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_CLAIM (
+            ID INTEGER IDENTITY,
+            IDP_ID INTEGER,
+            TENANT_ID INTEGER,
+            CLAIM VARCHAR(254),
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_ID, CLAIM),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_CLAIM_MAPPING]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_CLAIM_MAPPING (
+            ID INTEGER IDENTITY,
+            IDP_CLAIM_ID INTEGER,
+            TENANT_ID INTEGER,
+            LOCAL_CLAIM VARCHAR(253),
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
+            FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_AUTHENTICATOR (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            NAME VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '1',
+            DISPLAY_NAME VARCHAR(255),
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, NAME),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_AUTHENTICATOR_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            AUTHENTICATOR_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2047),
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
+            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_CONFIG]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_PROVISIONING_CONFIG (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '0',
+            IS_BLOCKING CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROV_CONFIG_PROPERTY]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_PROV_CONFIG_PROPERTY (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            PROVISIONING_CONFIG_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2048),
+            PROPERTY_BLOB_VALUE VARBINARY(MAX),
+            PROPERTY_TYPE CHAR(32) NOT NULL,
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_PROVISIONING_ENTITY]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_PROVISIONING_ENTITY (
+            ID INTEGER IDENTITY,
+            PROVISIONING_CONFIG_ID INTEGER,
+            ENTITY_TYPE VARCHAR(255) NOT NULL,
+            ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL,
+            ENTITY_NAME VARCHAR(255) NOT NULL,
+            ENTITY_VALUE VARCHAR(255),
+            TENANT_ID INTEGER,
+            PRIMARY KEY (ID),
+            UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
+            UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_LOCAL_CLAIM]') AND TYPE IN (N'U'))
+CREATE TABLE IDP_LOCAL_CLAIM (
+            ID INTEGER IDENTITY,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            CLAIM_URI VARCHAR(255) NOT NULL,
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_ASSOCIATED_ID]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_ASSOCIATED_ID (
+            ID INTEGER IDENTITY,
+            IDP_USER_ID VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            IDP_ID INTEGER NOT NULL,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (ID),
+            UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_USER_ACCOUNT_ASSOCIATION]') AND TYPE IN (N'U'))
+CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+            ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[FIDO_DEVICE_STORE]') AND TYPE IN (N'U'))
+CREATE TABLE FIDO_DEVICE_STORE (
+        TENANT_ID INTEGER,
+        DOMAIN_NAME VARCHAR(255) NOT NULL,
+        USER_NAME VARCHAR(45) NOT NULL,
+    TIME_REGISTERED DATETIME,
+        KEY_HANDLE VARCHAR(200) NOT NULL,
+        DEVICE_DATA VARCHAR(2048) NOT NULL,
+      PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+      
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST]') AND TYPE IN (N'U'))
+CREATE TABLE WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT DATETIME,
+    UPDATED_AT DATETIME,
+    STATUS VARCHAR (30),
+    REQUEST VARBINARY(MAX),
+    PRIMARY KEY (UUID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_BPS_PROFILE]') AND TYPE IN (N'U'))
+CREATE TABLE WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    CALLBACK_USERNAME VARCHAR (45),
+    CALLBACK_PASSWORD VARCHAR (255),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW]') AND TYPE IN (N'U'))
+CREATE TABLE WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_ASSOCIATION]') AND TYPE IN (N'U'))
+CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER NOT NULL IDENTITY ,
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_CONFIG_PARAM]') AND TYPE IN (N'U'))
+CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST_ENTITY_RELATIONSHIP]') AND TYPE IN (N'U'))
+CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WORKFLOW_REQUEST_RELATION]') AND TYPE IN (N'U'))
+CREATE TABLE WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT DATETIME,
+  STATUS VARCHAR (30),
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+-- End of IDENTITY Tables--
+
+-- Start of API-Mgt Tables --
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_SUBSCRIBER]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_SUBSCRIBER (
+    SUBSCRIBER_ID INTEGER IDENTITY(1,1),
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EMAIL_ADDRESS VARCHAR(256) NULL,
+    DATE_SUBSCRIBED DATETIME NOT NULL,
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATETIME,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATETIME,
+    PRIMARY KEY (SUBSCRIBER_ID),
+    UNIQUE (TENANT_ID,USER_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APPLICATION]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_APPLICATION (
+    APPLICATION_ID INTEGER IDENTITY(1,1),
+    NAME VARCHAR(100),
+    SUBSCRIBER_ID INTEGER,
+    APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited',
+    CALLBACK_URL VARCHAR(512),
+    DESCRIPTION VARCHAR(512),
+    GROUP_ID VARCHAR(100),
+	APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATETIME,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATETIME,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE,
+    PRIMARY KEY(APPLICATION_ID),
+    UNIQUE (NAME,SUBSCRIBER_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API (
+    API_ID INTEGER IDENTITY(1,1),
+    API_PROVIDER VARCHAR(200),
+    API_NAME VARCHAR(200),
+    API_VERSION VARCHAR(30),
+    CONTEXT VARCHAR(256),
+    CONTEXT_TEMPLATE VARCHAR(256),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATETIME,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATETIME,
+    PRIMARY KEY(API_ID),
+    UNIQUE (API_PROVIDER,API_NAME,API_VERSION)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_URL_MAPPING]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_URL_MAPPING (
+    URL_MAPPING_ID INTEGER IDENTITY(1,1),
+    API_ID INTEGER NOT NULL,
+    HTTP_METHOD VARCHAR(20) NULL,
+    AUTH_SCHEME VARCHAR(50) NULL,
+    URL_PATTERN VARCHAR(512) NULL,
+    THROTTLING_TIER varchar(512) DEFAULT NULL,
+    MEDIATION_SCRIPT VARBINARY(MAX),
+    PRIMARY KEY (URL_MAPPING_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_SUBSCRIPTION]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_SUBSCRIPTION (
+    SUBSCRIPTION_ID INTEGER IDENTITY(1,1),
+    TIER_ID VARCHAR(50),
+    API_ID INTEGER,
+    LAST_ACCESSED DATETIME NULL,
+    APPLICATION_ID INTEGER,
+    SUB_STATUS VARCHAR(50),
+    SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATETIME,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATETIME,
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE,
+    PRIMARY KEY (SUBSCRIPTION_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_SUBSCRIPTION_KEY_MAPPING]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING (
+    SUBSCRIPTION_ID INTEGER,
+    ACCESS_TOKEN VARCHAR(255),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE,
+    PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APPLICATION_KEY_MAPPING]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_APPLICATION_KEY_MAPPING (
+    APPLICATION_ID INTEGER,
+    CONSUMER_KEY VARCHAR(512),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    STATE VARCHAR(30) NOT NULL,
+    CREATE_MODE VARCHAR(30) DEFAULT 'CREATED',
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE,
+    PRIMARY KEY(APPLICATION_ID,KEY_TYPE)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APPLICATION_REGISTRATION]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_APPLICATION_REGISTRATION (
+    REG_ID INTEGER IDENTITY(1,1),
+    SUBSCRIBER_ID INTEGER,
+    WF_REF VARCHAR(255) NOT NULL,
+    APP_ID INTEGER,
+    TOKEN_TYPE VARCHAR(30),
+    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    INPUTS VARCHAR(1000),
+    ALLOWED_DOMAINS VARCHAR(256),
+    VALIDITY_PERIOD BIGINT,
+    UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE),
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON DELETE NO ACTION,
+    FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE NO ACTION,
+    PRIMARY KEY (REG_ID)
+);
+
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_LC_EVENT]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_LC_EVENT (
+    EVENT_ID INTEGER IDENTITY(1,1),
+    API_ID INTEGER NOT NULL,
+    PREVIOUS_STATE VARCHAR(50),
+    NEW_STATE VARCHAR(50) NOT NULL,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EVENT_DATE DATETIME NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE,
+    PRIMARY KEY (EVENT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_APP_KEY_DOMAIN_MAPPING]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING (
+   CONSUMER_KEY VARCHAR(512),
+   AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL',
+   PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_COMMENTS]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_COMMENTS (
+    COMMENT_ID INTEGER IDENTITY(1,1),
+    COMMENT_TEXT VARCHAR(512),
+    COMMENTED_USER VARCHAR(255),
+    DATE_COMMENTED DATETIME NOT NULL,
+    API_ID INTEGER NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE,
+    PRIMARY KEY (COMMENT_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_RATINGS]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_RATINGS (
+    RATING_ID INTEGER IDENTITY(1,1),
+    API_ID INTEGER,
+    RATING INTEGER,
+    SUBSCRIBER_ID INTEGER,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE,
+    PRIMARY KEY (RATING_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_TIER_PERMISSIONS]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_TIER_PERMISSIONS (
+    TIER_PERMISSIONS_ID INTEGER IDENTITY(1,1),
+    TIER VARCHAR(50) NOT NULL,
+    PERMISSIONS_TYPE VARCHAR(50) NOT NULL,
+    ROLES VARCHAR(512) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY(TIER_PERMISSIONS_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_EXTERNAL_STORES]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_EXTERNAL_STORES (
+    APISTORE_ID INTEGER IDENTITY(1,1),
+    API_ID INTEGER,
+    STORE_ID VARCHAR(255) NOT NULL,
+    STORE_DISPLAY_NAME VARCHAR(255) NOT NULL,
+    STORE_ENDPOINT VARCHAR(255) NOT NULL,
+    STORE_TYPE VARCHAR(255) NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE,
+    PRIMARY KEY (API_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_WORKFLOWS]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_WORKFLOWS(
+    WF_ID INTEGER IDENTITY(1,1),
+    WF_REFERENCE VARCHAR(255) NOT NULL,
+    WF_TYPE VARCHAR(255) NOT NULL,
+    WF_STATUS VARCHAR(255) NOT NULL,
+    WF_CREATED_TIME DATETIME DEFAULT GETDATE(),
+    WF_UPDATED_TIME DATETIME DEFAULT GETDATE(),
+    WF_STATUS_DESC VARCHAR(1000),
+    TENANT_ID INTEGER,
+    TENANT_DOMAIN VARCHAR(255),
+    WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL UNIQUE,
+    PRIMARY KEY (WF_ID)
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_SCOPES]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_SCOPES (
+   API_ID  INTEGER NOT NULL,
+   SCOPE_ID  INTEGER NOT NULL,
+   FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE ON UPDATE CASCADE,
+   FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+IF NOT  EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[AM_API_DEFAULT_VERSION]') AND TYPE IN (N'U'))
+
+CREATE TABLE AM_API_DEFAULT_VERSION (
+            DEFAULT_VERSION_ID INTEGER NOT NULL IDENTITY, 
+            API_NAME VARCHAR(256) NOT NULL ,
+            API_PROVIDER VARCHAR(256) NOT NULL , 
+            DEFAULT_API_VERSION VARCHAR(30) , 
+            PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) ,
+            PRIMARY KEY (DEFAULT_VERSION_ID)
+);
+
+
+CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID);
--- a/modules/distribution/src/api-resource/sql/mysql.sql
+++ b/modules/distribution/src/api-resource/sql/mysql.sql
@ -0,0 +1,752 @@
+-- Start of IDENTITY --
+CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE (
+            PRODUCT_NAME VARCHAR(20),
+            PRIMARY KEY (PRODUCT_NAME)
+)ENGINE INNODB;
+
+INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            CONSUMER_KEY VARCHAR(255),
+            CONSUMER_SECRET VARCHAR(512),
+            USERNAME VARCHAR(255),
+            TENANT_ID INTEGER DEFAULT 0,
+            APP_NAME VARCHAR(255),
+            OAUTH_VERSION VARCHAR(128),
+            CALLBACK_URL VARCHAR(1024),
+            GRANT_TYPES VARCHAR (1024),
+            CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
+            REQUEST_TOKEN VARCHAR(255),
+            REQUEST_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHORIZED VARCHAR(128),
+            OAUTH_VERIFIER VARCHAR(512),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (REQUEST_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
+            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (ACCESS_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
+            TOKEN_ID VARCHAR (255),
+            ACCESS_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(255),
+            CONSUMER_KEY_ID INTEGER,
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            USER_TYPE VARCHAR (25),
+            TIME_CREATED TIMESTAMP DEFAULT 0,
+            REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0,
+            VALIDITY_PERIOD BIGINT,
+            REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
+            TOKEN_SCOPE_HASH VARCHAR(32),
+            TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
+            TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
+            PRIMARY KEY (TOKEN_ID),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+            CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
+                                           TOKEN_STATE,TOKEN_STATE_ID)
+)ENGINE INNODB;
+
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
+            AUTHORIZATION_CODE VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            TIME_CREATED TIMESTAMP,
+            VALIDITY_PERIOD BIGINT,
+            STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_ID VARCHAR(255),
+            PRIMARY KEY (AUTHORIZATION_CODE),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_ASSOCIATION (
+            TOKEN_ID VARCHAR (255),
+            TOKEN_SCOPE VARCHAR (60),
+            PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE),
+            FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
+            SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT,
+            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NULL,
+            DESCRIPTION VARCHAR(512) NULL,
+            TENANT_ID INT(11) NOT NULL DEFAULT 0,
+            ROLES VARCHAR (500) NULL,
+            PRIMARY KEY (SCOPE_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
+            RESOURCE_PATH VARCHAR(255) NOT NULL,
+            SCOPE_ID INTEGER (11) NOT NULL,
+            PRIMARY KEY (RESOURCE_PATH),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            ROLE_NAME VARCHAR(255) NOT NULL,
+            ATTR_NAME VARCHAR(1024) NOT NULL,
+            ATTR_VALUE VARCHAR(1024),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            COOKIE_VALUE VARCHAR(1024),
+            CREATED_TIME TIMESTAMP,
+            PRIMARY KEY (USER_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            RP_URL VARCHAR(255) NOT NULL,
+            TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE',
+            LAST_VISIT DATE NOT NULL,
+            VISIT_COUNT INTEGER DEFAULT 0,
+            DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT',
+            PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS (
+            HANDLE VARCHAR(255) NOT NULL,
+            ASSOC_TYPE VARCHAR(255) NOT NULL,
+            EXPIRE_IN TIMESTAMP NOT NULL,
+            MAC_KEY VARCHAR(255) NOT NULL,
+            ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED',
+            PRIMARY KEY (HANDLE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_STS_STORE (
+            ID INTEGER AUTO_INCREMENT,
+            TOKEN_ID VARCHAR(255) NOT NULL,
+            TOKEN_CONTENT BLOB(1024) NOT NULL,
+            CREATE_DATE TIMESTAMP NOT NULL,
+            EXPIRE_DATE TIMESTAMP NOT NULL,
+            STATE INTEGER DEFAULT 0,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA (
+            TENANT_ID INTEGER DEFAULT -1234,
+            USER_NAME VARCHAR(255) NOT NULL,
+            DATA_KEY VARCHAR(255) NOT NULL,
+            DATA_VALUE VARCHAR(255),
+            PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            METADATA_TYPE VARCHAR(255) NOT NULL,
+            METADATA VARCHAR(255) NOT NULL,
+            VALID VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION (
+            SESSION_ID VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            CREATED_TIME VARCHAR(255) NOT NULL,
+            LAST_MODIFIED_TIME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (SESSION_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE (
+            SESSION_ID VARCHAR (100) NOT NULL,
+            SESSION_TYPE VARCHAR(100) NOT NULL,
+            SESSION_OBJECT BLOB,
+            TIME_CREATED TIMESTAMP,
+            PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS SP_APP (
+        ID INTEGER NOT NULL AUTO_INCREMENT,
+        TENANT_ID INTEGER NOT NULL,
+            APP_NAME VARCHAR (255) NOT NULL ,
+            USER_STORE VARCHAR (255) NOT NULL,
+        USERNAME VARCHAR (255) NOT NULL ,
+        DESCRIPTION VARCHAR (1024),
+            ROLE_CLAIM VARCHAR (512),
+        AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROVISIONING_USERSTORE_DOMAIN VARCHAR (512),
+            IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1',
+            IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0',
+            IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
+        IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            SUBJECT_CLAIM_URI VARCHAR (512),
+            IS_SAAS_APP CHAR(1) DEFAULT '0',
+        PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID);
+
+CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            INBOUND_AUTH_KEY VARCHAR (255) NOT NULL,
+            INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROP_NAME VARCHAR (255),
+            PROP_VALUE VARCHAR (1024) ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_AUTH_STEP (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            STEP_ORDER INTEGER DEFAULT 1,
+            APP_ID INTEGER NOT NULL ,
+            IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
+            IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP (
+            ID INTEGER NOT NULL,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID, AUTHENTICATOR_ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_CLAIM VARCHAR (512) NOT NULL ,
+            SP_CLAIM VARCHAR (512) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            DEFAULT_VALUE VARCHAR(255),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_ROLE VARCHAR (255) NOT NULL ,
+            SP_ROLE VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_NAME VARCHAR (255) NOT NULL ,
+            CONNECTOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+            BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS IDP (
+                  ID INTEGER AUTO_INCREMENT,
+                  TENANT_ID INTEGER,
+                  NAME VARCHAR(254) NOT NULL,
+                  IS_ENABLED CHAR(1) NOT NULL DEFAULT '1',
+                  IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0',
+                  HOME_REALM_ID VARCHAR(254),
+                  IMAGE MEDIUMBLOB,
+                  CERTIFICATE BLOB,
+                  ALIAS VARCHAR(254),
+                  INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0',
+                  INBOUND_PROV_USER_STORE_ID VARCHAR(254),
+                  USER_CLAIM_URI VARCHAR(254),
+                  ROLE_CLAIM_URI VARCHAR(254),
+                  DESCRIPTION VARCHAR (1024),
+                  DEFAULT_AUTHENTICATOR_NAME VARCHAR(254),
+                  DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254),
+                  PROVISIONING_ROLE VARCHAR(128),
+                  IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0',
+                  IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
+            DISPLAY_NAME VARCHAR(255),
+                  PRIMARY KEY (ID),
+                  UNIQUE (TENANT_ID, NAME)
+)ENGINE INNODB;
+
+INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  ROLE VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, ROLE),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ROLE_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  USER_STORE_ID VARCHAR (253),
+                  LOCAL_ROLE VARCHAR(253),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
+                  FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  CLAIM VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, CLAIM),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING (
+            ID INTEGER AUTO_INCREMENT,
+            IDP_CLAIM_ID INTEGER,
+            TENANT_ID INTEGER,
+            LOCAL_CLAIM VARCHAR(253),
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
+            FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            NAME VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '1',
+            DISPLAY_NAME VARCHAR(255),
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, NAME),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            AUTHENTICATOR_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2047),
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
+            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '0',
+            IS_BLOCKING CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            PROVISIONING_CONFIG_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2048),
+            PROPERTY_BLOB_VALUE BLOB,
+            PROPERTY_TYPE CHAR(32) NOT NULL,
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY (
+            ID INTEGER AUTO_INCREMENT,
+            PROVISIONING_CONFIG_ID INTEGER,
+            ENTITY_TYPE VARCHAR(255) NOT NULL,
+            ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL,
+            ENTITY_NAME VARCHAR(255) NOT NULL,
+            ENTITY_VALUE VARCHAR(255),
+            TENANT_ID INTEGER,
+            PRIMARY KEY (ID),
+            UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
+            UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            CLAIM_URI VARCHAR(255) NOT NULL,
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID (
+            ID INTEGER AUTO_INCREMENT,
+            IDP_USER_ID VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            IDP_ID INTEGER NOT NULL,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (ID),
+            UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+            ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(45) NOT NULL,
+            TIME_REGISTERED TIMESTAMP,
+            KEY_HANDLE VARCHAR(200) NOT NULL,
+            DEVICE_DATA VARCHAR(2048) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)
+        )ENGINE INNODB;
+              
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT TIMESTAMP,
+    UPDATED_AT TIMESTAMP,
+    STATUS VARCHAR (30),
+    REQUEST BLOB,
+    PRIMARY KEY (UUID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    CALLBACK_USERNAME VARCHAR (45),
+    CALLBACK_PASSWORD VARCHAR (255),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER NOT NULL AUTO_INCREMENT,
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+-- End of IDENTITY Tables--
+
+-- Start of API-MGT Tables --
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
+    SUBSCRIBER_ID INTEGER AUTO_INCREMENT,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EMAIL_ADDRESS VARCHAR(256) NULL,
+    DATE_SUBSCRIBED TIMESTAMP NOT NULL,
+    PRIMARY KEY (SUBSCRIBER_ID),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    UNIQUE (TENANT_ID,USER_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION (
+    APPLICATION_ID INTEGER AUTO_INCREMENT,
+    NAME VARCHAR(100),
+    SUBSCRIBER_ID INTEGER,
+    APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited',
+    CALLBACK_URL VARCHAR(512),
+    DESCRIPTION VARCHAR(512),
+    APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED',
+    GROUP_ID VARCHAR(100),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID),
+    UNIQUE (NAME,SUBSCRIBER_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API (
+    API_ID INTEGER AUTO_INCREMENT,
+    API_PROVIDER VARCHAR(200),
+    API_NAME VARCHAR(200),
+    API_VERSION VARCHAR(30),
+    CONTEXT VARCHAR(256),
+    CONTEXT_TEMPLATE VARCHAR(256),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    PRIMARY KEY(API_ID),
+    UNIQUE (API_PROVIDER,API_NAME,API_VERSION)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING (
+    URL_MAPPING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    HTTP_METHOD VARCHAR(20) NULL,
+    AUTH_SCHEME VARCHAR(50) NULL,
+    URL_PATTERN VARCHAR(512) NULL,
+    THROTTLING_TIER varchar(512) DEFAULT NULL,
+    MEDIATION_SCRIPT BLOB,
+    PRIMARY KEY (URL_MAPPING_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
+    SUBSCRIPTION_ID INTEGER AUTO_INCREMENT,
+    TIER_ID VARCHAR(50),
+    API_ID INTEGER,
+    LAST_ACCESSED TIMESTAMP NULL,
+    APPLICATION_ID INTEGER,
+    SUB_STATUS VARCHAR(50),
+    SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (SUBSCRIPTION_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
+    SUBSCRIPTION_ID INTEGER,
+    ACCESS_TOKEN VARCHAR(255),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING (
+    APPLICATION_ID INTEGER,
+    CONSUMER_KEY VARCHAR(255),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    STATE VARCHAR(30) NOT NULL,
+    CREATE_MODE VARCHAR(30) DEFAULT 'CREATED',
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID,KEY_TYPE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT (
+    EVENT_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    PREVIOUS_STATE VARCHAR(50),
+    NEW_STATE VARCHAR(50) NOT NULL,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EVENT_DATE TIMESTAMP NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (EVENT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING (
+    CONSUMER_KEY VARCHAR(255),
+    AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL',
+    PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_COMMENTS (
+    COMMENT_ID INTEGER AUTO_INCREMENT,
+    COMMENT_TEXT VARCHAR(512),
+    COMMENTED_USER VARCHAR(255),
+    DATE_COMMENTED TIMESTAMP NOT NULL,
+    API_ID INTEGER NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (COMMENT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_RATINGS (
+    RATING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    RATING INTEGER,
+    SUBSCRIBER_ID INTEGER,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+PRIMARY KEY (RATING_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS (
+    TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT,
+    TIER VARCHAR(50) NOT NULL,
+    PERMISSIONS_TYPE VARCHAR(50) NOT NULL,
+    ROLES VARCHAR(512) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY(TIER_PERMISSIONS_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES (
+    APISTORE_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    STORE_ID VARCHAR(255) NOT NULL,
+    STORE_DISPLAY_NAME VARCHAR(255) NOT NULL,
+    STORE_ENDPOINT VARCHAR(255) NOT NULL,
+    STORE_TYPE VARCHAR(255) NOT NULL,
+FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+PRIMARY KEY (APISTORE_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_WORKFLOWS(
+    WF_ID INTEGER AUTO_INCREMENT,
+    WF_REFERENCE VARCHAR(255) NOT NULL,
+    WF_TYPE VARCHAR(255) NOT NULL,
+    WF_STATUS VARCHAR(255) NOT NULL,
+    WF_CREATED_TIME TIMESTAMP DEFAULT 0,
+    WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP ,
+    WF_STATUS_DESC VARCHAR(1000),
+    TENANT_ID INTEGER,
+    TENANT_DOMAIN VARCHAR(255),
+    WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL,
+    PRIMARY KEY (WF_ID),
+    UNIQUE (WF_EXTERNAL_REFERENCE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
+    REG_ID INT AUTO_INCREMENT,
+    SUBSCRIBER_ID INT,
+    WF_REF VARCHAR(255) NOT NULL,
+    APP_ID INT,
+    TOKEN_TYPE VARCHAR(30),
+    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    INPUTS VARCHAR(1000),
+    ALLOWED_DOMAINS VARCHAR(256),
+    VALIDITY_PERIOD BIGINT,
+    UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE),
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (REG_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_SCOPES (
+   API_ID  INTEGER NOT NULL,
+   SCOPE_ID  INTEGER NOT NULL,
+   FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE  ON UPDATE CASCADE,
+   FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+)ENGINE = INNODB;
+
+CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION (
+            DEFAULT_VERSION_ID INT AUTO_INCREMENT, 
+            API_NAME VARCHAR(256) NOT NULL ,
+            API_PROVIDER VARCHAR(256) NOT NULL , 
+            DEFAULT_API_VERSION VARCHAR(30) , 
+            PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) ,
+            PRIMARY KEY (DEFAULT_VERSION_ID)
+);
+
+CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID);
--- a/modules/distribution/src/api-resource/sql/mysql_cluster.sql
+++ b/modules/distribution/src/api-resource/sql/mysql_cluster.sql
@ -0,0 +1,752 @@
+-- Start of IDN Tables --
+CREATE TABLE IF NOT EXISTS IDN_BASE_TABLE (
+            PRODUCT_NAME VARCHAR(20),
+            PRIMARY KEY (PRODUCT_NAME)
+)ENGINE INNODB;
+
+INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH_CONSUMER_APPS (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            CONSUMER_KEY VARCHAR(255),
+            CONSUMER_SECRET VARCHAR(512),
+            USERNAME VARCHAR(255),
+            TENANT_ID INTEGER DEFAULT 0,
+            APP_NAME VARCHAR(255),
+            OAUTH_VERSION VARCHAR(128),
+            CALLBACK_URL VARCHAR(1024),
+            GRANT_TYPES VARCHAR (1024),
+            CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_REQUEST_TOKEN (
+            REQUEST_TOKEN VARCHAR(255),
+            REQUEST_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHORIZED VARCHAR(128),
+            OAUTH_VERIFIER VARCHAR(512),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (REQUEST_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH1A_ACCESS_TOKEN (
+            ACCESS_TOKEN VARCHAR(255),
+            ACCESS_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (ACCESS_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN (
+            TOKEN_ID VARCHAR (255),
+            ACCESS_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(255),
+            CONSUMER_KEY_ID INTEGER,
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            USER_TYPE VARCHAR (25),
+            TIME_CREATED TIMESTAMP DEFAULT 0,
+            REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0,
+            VALIDITY_PERIOD BIGINT,
+            REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
+            TOKEN_SCOPE_HASH VARCHAR(32),
+            TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
+            TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
+            PRIMARY KEY (TOKEN_ID),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+            CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
+                                           TOKEN_STATE,TOKEN_STATE_ID)
+)ENGINE INNODB;
+
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_AUTHORIZATION_CODE (
+            AUTHORIZATION_CODE VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            TIME_CREATED TIMESTAMP,
+            VALIDITY_PERIOD BIGINT,
+            STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_ID VARCHAR(255),
+            PRIMARY KEY (AUTHORIZATION_CODE),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_ASSOCIATION (
+            TOKEN_ID VARCHAR (255),
+            TOKEN_SCOPE VARCHAR (60),
+            PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE),
+            FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
+            SCOPE_ID INT(11) NOT NULL AUTO_INCREMENT,
+            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NULL,
+            DESCRIPTION VARCHAR(512) NULL,
+            TENANT_ID INT(11) NOT NULL DEFAULT 0,
+            ROLES VARCHAR (500) NULL,
+            PRIMARY KEY (SCOPE_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
+            RESOURCE_PATH VARCHAR(255) NOT NULL,
+            SCOPE_ID INTEGER (11) NOT NULL,
+            PRIMARY KEY (RESOURCE_PATH),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_SCIM_GROUP (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            ROLE_NAME VARCHAR(255) NOT NULL,
+            ATTR_NAME VARCHAR(1024) NOT NULL,
+            ATTR_VALUE VARCHAR(1024),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_REMEMBER_ME (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            COOKIE_VALUE VARCHAR(1024),
+            CREATED_TIME TIMESTAMP,
+            PRIMARY KEY (USER_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_USER_RPS (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            RP_URL VARCHAR(255) NOT NULL,
+            TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE',
+            LAST_VISIT DATE NOT NULL,
+            VISIT_COUNT INTEGER DEFAULT 0,
+            DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT',
+            PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_OPENID_ASSOCIATIONS (
+            HANDLE VARCHAR(255) NOT NULL,
+            ASSOC_TYPE VARCHAR(255) NOT NULL,
+            EXPIRE_IN TIMESTAMP NOT NULL,
+            MAC_KEY VARCHAR(255) NOT NULL,
+            ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED',
+            PRIMARY KEY (HANDLE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_STS_STORE (
+            ID INTEGER AUTO_INCREMENT,
+            TOKEN_ID VARCHAR(255) NOT NULL,
+            TOKEN_CONTENT BLOB(1024) NOT NULL,
+            CREATE_DATE TIMESTAMP NOT NULL,
+            EXPIRE_DATE TIMESTAMP NOT NULL,
+            STATE INTEGER DEFAULT 0,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_IDENTITY_USER_DATA (
+            TENANT_ID INTEGER DEFAULT -1234,
+            USER_NAME VARCHAR(255) NOT NULL,
+            DATA_KEY VARCHAR(255) NOT NULL,
+            DATA_VALUE VARCHAR(255),
+            PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_IDENTITY_META_DATA (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            METADATA_TYPE VARCHAR(255) NOT NULL,
+            METADATA VARCHAR(255) NOT NULL,
+            VALID VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_THRIFT_SESSION (
+            SESSION_ID VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            CREATED_TIME VARCHAR(255) NOT NULL,
+            LAST_MODIFIED_TIME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (SESSION_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_AUTH_SESSION_STORE (
+            SESSION_ID VARCHAR (100) NOT NULL,
+            SESSION_TYPE VARCHAR(100) NOT NULL,
+            SESSION_OBJECT BLOB,
+            TIME_CREATED TIMESTAMP,
+            PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS SP_APP (
+        ID INTEGER NOT NULL AUTO_INCREMENT,
+        TENANT_ID INTEGER NOT NULL,
+            APP_NAME VARCHAR (255) NOT NULL ,
+            USER_STORE VARCHAR (255) NOT NULL,
+        USERNAME VARCHAR (255) NOT NULL ,
+        DESCRIPTION VARCHAR (1024),
+            ROLE_CLAIM VARCHAR (512),
+        AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROVISIONING_USERSTORE_DOMAIN VARCHAR (512),
+            IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1',
+            IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0',
+            IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
+        IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+        IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            SUBJECT_CLAIM_URI VARCHAR (512),
+            IS_SAAS_APP CHAR(1) DEFAULT '0',
+        PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID);
+
+CREATE TABLE IF NOT EXISTS SP_INBOUND_AUTH (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            INBOUND_AUTH_KEY VARCHAR (255) NOT NULL,
+            INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROP_NAME VARCHAR (255),
+            PROP_VALUE VARCHAR (1024) ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_AUTH_STEP (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            STEP_ORDER INTEGER DEFAULT 1,
+            APP_ID INTEGER NOT NULL ,
+            IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
+            IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_FEDERATED_IDP (
+            ID INTEGER NOT NULL,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID, AUTHENTICATOR_ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_CLAIM_MAPPING (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_CLAIM VARCHAR (512) NOT NULL ,
+            SP_CLAIM VARCHAR (512) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            DEFAULT_VALUE VARCHAR(255),
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_ROLE_MAPPING (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_ROLE VARCHAR (255) NOT NULL ,
+            SP_ROLE VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_REQ_PATH_AUTHENTICATOR (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS SP_PROVISIONING_CONNECTOR (
+            ID INTEGER NOT NULL AUTO_INCREMENT,
+            TENANT_ID INTEGER NOT NULL,
+            IDP_NAME VARCHAR (255) NOT NULL ,
+            CONNECTOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+            BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+CREATE TABLE IF NOT EXISTS IDP (
+                  ID INTEGER AUTO_INCREMENT,
+                  TENANT_ID INTEGER,
+                  NAME VARCHAR(254) NOT NULL,
+                  IS_ENABLED CHAR(1) NOT NULL DEFAULT '1',
+                  IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0',
+                  HOME_REALM_ID VARCHAR(254),
+                  IMAGE MEDIUMBLOB,
+                  CERTIFICATE BLOB,
+                  ALIAS VARCHAR(254),
+                  INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0',
+                  INBOUND_PROV_USER_STORE_ID VARCHAR(254),
+                  USER_CLAIM_URI VARCHAR(254),
+                  ROLE_CLAIM_URI VARCHAR(254),
+                  DESCRIPTION VARCHAR (1024),
+                  DEFAULT_AUTHENTICATOR_NAME VARCHAR(254),
+                  DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254),
+                  PROVISIONING_ROLE VARCHAR(128),
+                  IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0',
+                  IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
+            DISPLAY_NAME VARCHAR(255),
+                  PRIMARY KEY (ID),
+                  UNIQUE (TENANT_ID, NAME)
+)ENGINE INNODB;
+
+INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  ROLE VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, ROLE),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_ROLE_MAPPING (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ROLE_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  USER_STORE_ID VARCHAR (253),
+                  LOCAL_ROLE VARCHAR(253),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
+                  FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM (
+                  ID INTEGER AUTO_INCREMENT,
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  CLAIM VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, CLAIM),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_CLAIM_MAPPING (
+            ID INTEGER AUTO_INCREMENT,
+            IDP_CLAIM_ID INTEGER,
+            TENANT_ID INTEGER,
+            LOCAL_CLAIM VARCHAR(253),
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
+            FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            NAME VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '1',
+            DISPLAY_NAME VARCHAR(255),
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, NAME),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
+
+CREATE TABLE IF NOT EXISTS IDP_AUTHENTICATOR_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            AUTHENTICATOR_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2047),
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
+            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_CONFIG (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '0',
+            IS_BLOCKING CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_PROV_CONFIG_PROPERTY (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            PROVISIONING_CONFIG_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2048),
+            PROPERTY_BLOB_VALUE BLOB,
+            PROPERTY_TYPE CHAR(32) NOT NULL,
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_PROVISIONING_ENTITY (
+            ID INTEGER AUTO_INCREMENT,
+            PROVISIONING_CONFIG_ID INTEGER,
+            ENTITY_TYPE VARCHAR(255) NOT NULL,
+            ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL,
+            ENTITY_NAME VARCHAR(255) NOT NULL,
+            ENTITY_VALUE VARCHAR(255),
+            TENANT_ID INTEGER,
+            PRIMARY KEY (ID),
+            UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
+            UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM (
+            ID INTEGER AUTO_INCREMENT,
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            CLAIM_URI VARCHAR(255) NOT NULL,
+            DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_ASSOCIATED_ID (
+            ID INTEGER AUTO_INCREMENT,
+            IDP_USER_ID VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            IDP_ID INTEGER NOT NULL,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (ID),
+            UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION (
+            ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE (
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(45) NOT NULL,
+            TIME_REGISTERED TIMESTAMP,
+            KEY_HANDLE VARCHAR(200) NOT NULL,
+            DEVICE_DATA VARCHAR(2048) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)
+        )ENGINE INNODB;
+              
+CREATE TABLE IF NOT EXISTS WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT TIMESTAMP,
+    UPDATED_AT TIMESTAMP,
+    STATUS VARCHAR (30),
+    REQUEST BLOB,
+    PRIMARY KEY (UUID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    CALLBACK_USERNAME VARCHAR (45),
+    CALLBACK_PASSWORD VARCHAR (255),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (ID)
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER NOT NULL AUTO_INCREMENT,
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+
+
+CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+CREATE TABLE IF NOT EXISTS WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+)ENGINE INNODB;
+
+-- End of IDN Tables--
+
+-- Start of API-MGT Tables --
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIBER (
+    SUBSCRIBER_ID INTEGER AUTO_INCREMENT,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EMAIL_ADDRESS VARCHAR(256) NULL,
+    DATE_SUBSCRIBED TIMESTAMP NOT NULL,
+    PRIMARY KEY (SUBSCRIBER_ID),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    UNIQUE (TENANT_ID,USER_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION (
+    APPLICATION_ID INTEGER AUTO_INCREMENT,
+    NAME VARCHAR(100),
+    SUBSCRIBER_ID INTEGER,
+    APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited',
+    CALLBACK_URL VARCHAR(512),
+    DESCRIPTION VARCHAR(512),
+    APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED',
+    GROUP_ID VARCHAR(100),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID),
+    UNIQUE (NAME,SUBSCRIBER_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API (
+    API_ID INTEGER AUTO_INCREMENT,
+    API_PROVIDER VARCHAR(200),
+    API_NAME VARCHAR(200),
+    API_VERSION VARCHAR(30),
+    CONTEXT VARCHAR(256),
+    CONTEXT_TEMPLATE VARCHAR(256),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    PRIMARY KEY(API_ID),
+    UNIQUE (API_PROVIDER,API_NAME,API_VERSION)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_URL_MAPPING (
+    URL_MAPPING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    HTTP_METHOD VARCHAR(20) NULL,
+    AUTH_SCHEME VARCHAR(50) NULL,
+    URL_PATTERN VARCHAR(512) NULL,
+    THROTTLING_TIER varchar(512) DEFAULT NULL,
+    MEDIATION_SCRIPT BLOB,
+    PRIMARY KEY (URL_MAPPING_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION (
+    SUBSCRIPTION_ID INTEGER AUTO_INCREMENT,
+    TIER_ID VARCHAR(50),
+    API_ID INTEGER,
+    LAST_ACCESSED TIMESTAMP NULL,
+    APPLICATION_ID INTEGER,
+    SUB_STATUS VARCHAR(50),
+    SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME TIMESTAMP,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME TIMESTAMP,
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE RESTRICT,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON DELETE RESTRICT,
+    PRIMARY KEY (SUBSCRIPTION_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_SUBSCRIPTION_KEY_MAPPING (
+    SUBSCRIPTION_ID INTEGER,
+    ACCESS_TOKEN VARCHAR(255),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON DELETE RESTRICT,
+    PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_KEY_MAPPING (
+    APPLICATION_ID INTEGER,
+    CONSUMER_KEY VARCHAR(255),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    STATE VARCHAR(30) NOT NULL,
+    CREATE_MODE VARCHAR(30) DEFAULT 'CREATED',
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID,KEY_TYPE)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_LC_EVENT (
+    EVENT_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER NOT NULL,
+    PREVIOUS_STATE VARCHAR(50),
+    NEW_STATE VARCHAR(50) NOT NULL,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EVENT_DATE TIMESTAMP NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON DELETE RESTRICT,
+    PRIMARY KEY (EVENT_ID)
+)ENGINE NDB;
+
+CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING (
+    CONSUMER_KEY VARCHAR(255),
+    AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL',
+    PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN),
+    FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_COMMENTS (
+    COMMENT_ID INTEGER AUTO_INCREMENT,
+    COMMENT_TEXT VARCHAR(512),
+    COMMENTED_USER VARCHAR(255),
+    DATE_COMMENTED TIMESTAMP NOT NULL,
+    API_ID INTEGER NOT NULL,
+    PRIMARY KEY (COMMENT_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_RATINGS (
+    RATING_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    RATING INTEGER,
+    SUBSCRIBER_ID INTEGER,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON DELETE RESTRICT,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON DELETE RESTRICT,
+PRIMARY KEY (RATING_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_TIER_PERMISSIONS (
+    TIER_PERMISSIONS_ID INTEGER AUTO_INCREMENT,
+    TIER VARCHAR(50) NOT NULL,
+    PERMISSIONS_TYPE VARCHAR(50) NOT NULL,
+    ROLES VARCHAR(512) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY(TIER_PERMISSIONS_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_EXTERNAL_STORES (
+    APISTORE_ID INTEGER AUTO_INCREMENT,
+    API_ID INTEGER,
+    STORE_ID VARCHAR(255) NOT NULL,
+    STORE_DISPLAY_NAME VARCHAR(255) NOT NULL,
+    STORE_ENDPOINT VARCHAR(255) NOT NULL,
+    STORE_TYPE VARCHAR(255) NOT NULL,
+FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON DELETE RESTRICT,
+PRIMARY KEY (APISTORE_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_WORKFLOWS(
+    WF_ID INTEGER AUTO_INCREMENT,
+    WF_REFERENCE VARCHAR(255) NOT NULL,
+    WF_TYPE VARCHAR(255) NOT NULL,
+    WF_STATUS VARCHAR(255) NOT NULL,
+    WF_CREATED_TIME TIMESTAMP DEFAULT 0,
+    WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP ,
+    WF_STATUS_DESC VARCHAR(1000),
+    TENANT_ID INTEGER,
+    TENANT_DOMAIN VARCHAR(255),
+    WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL,
+    PRIMARY KEY (WF_ID),
+    UNIQUE (WF_EXTERNAL_REFERENCE)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
+    REG_ID INT AUTO_INCREMENT,
+    SUBSCRIBER_ID INT,
+    WF_REF VARCHAR(255) NOT NULL,
+    APP_ID INT,
+    TOKEN_TYPE VARCHAR(30),
+    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    INPUTS VARCHAR(1000),
+    ALLOWED_DOMAINS VARCHAR(256),
+    VALIDITY_PERIOD BIGINT,
+    UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE),
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON DELETE RESTRICT,
+    FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE RESTRICT,
+    PRIMARY KEY (REG_ID)
+)ENGINE NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_SCOPES (
+   API_ID  INTEGER NOT NULL,
+   SCOPE_ID  INTEGER NOT NULL,
+   FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE,
+   FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE
+)ENGINE = NDB;
+
+CREATE TABLE IF NOT EXISTS AM_API_DEFAULT_VERSION (
+            DEFAULT_VERSION_ID INT AUTO_INCREMENT, 
+            API_NAME VARCHAR(256) NOT NULL ,
+            API_PROVIDER VARCHAR(256) NOT NULL , 
+            DEFAULT_API_VERSION VARCHAR(30) , 
+            PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) ,
+            PRIMARY KEY (DEFAULT_VERSION_ID)
+);
+
+CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID);
--- a/modules/distribution/src/api-resource/sql/oracle.sql
+++ b/modules/distribution/src/api-resource/sql/oracle.sql
--- a/modules/distribution/src/api-resource/sql/oracle_rac.sql
+++ b/modules/distribution/src/api-resource/sql/oracle_rac.sql
--- a/modules/distribution/src/api-resource/sql/postgresql.sql
+++ b/modules/distribution/src/api-resource/sql/postgresql.sql
@ -0,0 +1,859 @@
+BEGIN TRANSACTION;
+
+-- Start of IDN Tables --
+DROP TABLE IF EXISTS IDN_BASE_TABLE;
+CREATE TABLE IDN_BASE_TABLE (
+            PRODUCT_NAME VARCHAR(20),
+            PRIMARY KEY (PRODUCT_NAME)
+);
+
+INSERT INTO IDN_BASE_TABLE values ('WSO2 Identity Server');
+
+DROP TABLE IF EXISTS IDN_OAUTH_CONSUMER_APPS;
+DROP SEQUENCE IF EXISTS IDN_OAUTH_CONSUMER_APPS_PK_SEQ;
+CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_PK_SEQ;
+CREATE TABLE IDN_OAUTH_CONSUMER_APPS (
+            ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH_CONSUMER_APPS_PK_SEQ'),
+            CONSUMER_KEY VARCHAR(255),
+            CONSUMER_SECRET VARCHAR(512),
+            USERNAME VARCHAR(255),
+            TENANT_ID INTEGER DEFAULT 0,
+            APP_NAME VARCHAR(255),
+            OAUTH_VERSION VARCHAR(128),
+            CALLBACK_URL VARCHAR(1024),
+            GRANT_TYPES VARCHAR (1024),
+            CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY),
+            PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS IDN_OAUTH1A_REQUEST_TOKEN;
+CREATE TABLE IDN_OAUTH1A_REQUEST_TOKEN (
+            REQUEST_TOKEN VARCHAR(512),
+            REQUEST_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHORIZED VARCHAR(128),
+            OAUTH_VERIFIER VARCHAR(512),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (REQUEST_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OAUTH1A_ACCESS_TOKEN;
+CREATE TABLE IDN_OAUTH1A_ACCESS_TOKEN (
+            ACCESS_TOKEN VARCHAR(512),
+            ACCESS_TOKEN_SECRET VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR(512),
+            PRIMARY KEY (ACCESS_TOKEN),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN;
+CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN (
+            TOKEN_ID VARCHAR (255),
+            ACCESS_TOKEN VARCHAR(255),
+            REFRESH_TOKEN VARCHAR(255),
+            CONSUMER_KEY_ID INTEGER,
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+            USER_TYPE VARCHAR (25),
+            TIME_CREATED TIMESTAMP,
+            REFRESH_TOKEN_TIME_CREATED TIMESTAMP,
+            VALIDITY_PERIOD BIGINT,
+            REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
+            TOKEN_SCOPE_HASH VARCHAR(32),
+            TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
+            TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
+            PRIMARY KEY (TOKEN_ID),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
+            CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TOKEN_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
+                                           TOKEN_STATE,TOKEN_STATE_ID)
+);
+
+CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE);
+
+CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_AUTHORIZATION_CODE;
+CREATE TABLE IDN_OAUTH2_AUTHORIZATION_CODE (
+            AUTHORIZATION_CODE VARCHAR(512),
+            CONSUMER_KEY_ID INTEGER,
+                CALLBACK_URL VARCHAR(1024),
+            SCOPE VARCHAR(2048),
+            AUTHZ_USER VARCHAR (100),
+            TENANT_ID INTEGER,
+            USER_DOMAIN VARCHAR(50),
+                TIME_CREATED TIMESTAMP,
+                VALIDITY_PERIOD BIGINT,
+            STATE VARCHAR (25) DEFAULT 'ACTIVE',
+            TOKEN_ID VARCHAR(255),
+            PRIMARY KEY (AUTHORIZATION_CODE),
+            FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_ASSOCIATION;
+CREATE TABLE IDN_OAUTH2_SCOPE_ASSOCIATION (
+            TOKEN_ID VARCHAR (255),
+            TOKEN_SCOPE VARCHAR (60),
+            PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE),
+            FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE;
+DROP SEQUENCE IF EXISTS IDN_OAUTH2_SCOPE_PK_SEQ;
+CREATE SEQUENCE IDN_OAUTH2_SCOPE_PK_SEQ;
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE (
+            SCOPE_ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH2_SCOPE_PK_SEQ'),
+            SCOPE_KEY VARCHAR(100) NOT NULL,
+            NAME VARCHAR(255) NULL,
+            DESCRIPTION VARCHAR(512) NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+          ROLES VARCHAR (500) NULL,
+            PRIMARY KEY (SCOPE_ID)
+);
+
+DROP TABLE IF EXISTS IDN_OAUTH2_RESOURCE_SCOPE;
+CREATE TABLE IF NOT EXISTS IDN_OAUTH2_RESOURCE_SCOPE (
+            RESOURCE_PATH VARCHAR(255) NOT NULL,
+            SCOPE_ID INTEGER NOT NULL,
+            PRIMARY KEY (RESOURCE_PATH),
+            FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID)
+);
+
+DROP TABLE IF EXISTS IDN_SCIM_GROUP;
+DROP SEQUENCE IF EXISTS IDN_SCIM_GROUP_PK_SEQ;
+CREATE SEQUENCE IDN_SCIM_GROUP_PK_SEQ;
+CREATE TABLE IDN_SCIM_GROUP (
+                  ID INTEGER DEFAULT NEXTVAL('IDN_SCIM_GROUP_PK_SEQ'),
+                  TENANT_ID INTEGER NOT NULL,
+                  ROLE_NAME VARCHAR(255) NOT NULL,
+            ATTR_NAME VARCHAR(1024) NOT NULL,
+                  ATTR_VALUE VARCHAR(1024),
+            PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS IDN_OPENID_REMEMBER_ME;
+CREATE TABLE IDN_OPENID_REMEMBER_ME (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT 0,
+            COOKIE_VALUE VARCHAR(1024),
+            CREATED_TIME TIMESTAMP,
+            PRIMARY KEY (USER_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS IDN_OPENID_USER_RPS;
+CREATE TABLE IDN_OPENID_USER_RPS (
+                  USER_NAME VARCHAR(255) NOT NULL,
+                  TENANT_ID INTEGER DEFAULT 0,
+                  RP_URL VARCHAR(255) NOT NULL,
+                  TRUSTED_ALWAYS VARCHAR(128) DEFAULT 'FALSE',
+                  LAST_VISIT DATE NOT NULL,
+                  VISIT_COUNT INTEGER DEFAULT 0,
+                  DEFAULT_PROFILE_NAME VARCHAR(255) DEFAULT 'DEFAULT',
+                  PRIMARY KEY (USER_NAME, TENANT_ID, RP_URL)
+);
+
+DROP TABLE IF EXISTS IDN_OPENID_ASSOCIATIONS;
+CREATE TABLE IDN_OPENID_ASSOCIATIONS (
+                  HANDLE VARCHAR(255) NOT NULL,
+                  ASSOC_TYPE VARCHAR(255) NOT NULL,
+                  EXPIRE_IN TIMESTAMP NOT NULL,
+                  MAC_KEY VARCHAR(255) NOT NULL,
+                  ASSOC_STORE VARCHAR(128) DEFAULT 'SHARED',
+                  PRIMARY KEY (HANDLE)
+);
+
+DROP TABLE IF EXISTS IDN_STS_STORE;
+DROP SEQUENCE IF EXISTS IDN_STS_STORE_PK_SEQ;
+CREATE SEQUENCE IDN_STS_STORE_PK_SEQ;
+CREATE TABLE IDN_STS_STORE (
+            ID INTEGER DEFAULT NEXTVAL('IDN_STS_STORE_PK_SEQ'),
+            TOKEN_ID VARCHAR(255) NOT NULL,
+            TOKEN_CONTENT BYTEA NOT NULL,
+            CREATE_DATE TIMESTAMP NOT NULL,
+            EXPIRE_DATE TIMESTAMP NOT NULL,
+            STATE INTEGER DEFAULT 0,
+            PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS IDN_IDENTITY_USER_DATA;
+CREATE TABLE IDN_IDENTITY_USER_DATA (
+            TENANT_ID INTEGER DEFAULT -1234,
+            USER_NAME VARCHAR(255) NOT NULL,
+            DATA_KEY VARCHAR(255) NOT NULL,
+            DATA_VALUE VARCHAR(255),
+            PRIMARY KEY (TENANT_ID, USER_NAME, DATA_KEY)
+);
+
+DROP TABLE IF EXISTS IDN_IDENTITY_META_DATA;
+CREATE TABLE IDN_IDENTITY_META_DATA (
+            USER_NAME VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+            METADATA_TYPE VARCHAR(255) NOT NULL,
+            METADATA VARCHAR(255) NOT NULL,
+            VALID VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, USER_NAME, METADATA_TYPE,METADATA)
+);
+
+DROP TABLE IF EXISTS IDN_THRIFT_SESSION;
+CREATE TABLE IDN_THRIFT_SESSION (
+            SESSION_ID VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            CREATED_TIME VARCHAR(255) NOT NULL,
+            LAST_MODIFIED_TIME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (SESSION_ID)
+);
+
+DROP TABLE IF EXISTS IDN_AUTH_SESSION_STORE;
+CREATE TABLE IDN_AUTH_SESSION_STORE (
+            SESSION_ID VARCHAR(100) NOT NULL,
+            SESSION_TYPE VARCHAR(100) NOT NULL,
+            SESSION_OBJECT BYTEA,
+            TIME_CREATED TIMESTAMP,
+            PRIMARY KEY (SESSION_ID, SESSION_TYPE)
+      );
+
+DROP TABLE IF EXISTS SP_APP;
+DROP SEQUENCE IF EXISTS SP_APP_SEQ;
+CREATE SEQUENCE SP_APP_SEQ;
+CREATE TABLE SP_APP (
+            ID INTEGER DEFAULT NEXTVAL('SP_APP_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            APP_NAME VARCHAR (255) NOT NULL ,
+            USER_STORE VARCHAR (255) NOT NULL,
+            USERNAME VARCHAR (255) NOT NULL ,
+            DESCRIPTION VARCHAR (1024),
+                ROLE_CLAIM VARCHAR (512),
+            AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROVISIONING_USERSTORE_DOMAIN VARCHAR (512),
+            IS_LOCAL_CLAIM_DIALECT CHAR(1) DEFAULT '1',
+            IS_SEND_LOCAL_SUBJECT_ID CHAR(1) DEFAULT '0',
+            IS_SEND_AUTH_LIST_OF_IDPS CHAR(1) DEFAULT '0',
+            IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1',
+            SUBJECT_CLAIM_URI VARCHAR (512),
+            IS_SAAS_APP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_APP ADD CONSTRAINT APPLICATION_NAME_CONSTRAINT UNIQUE(APP_NAME, TENANT_ID);
+
+DROP TABLE IF EXISTS SP_INBOUND_AUTH;
+DROP SEQUENCE IF EXISTS SP_INBOUND_AUTH_SEQ;
+CREATE SEQUENCE SP_INBOUND_AUTH_SEQ;
+CREATE TABLE SP_INBOUND_AUTH (
+            ID INTEGER DEFAULT NEXTVAL('SP_INBOUND_AUTH_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            INBOUND_AUTH_KEY VARCHAR (255) NOT NULL,
+            INBOUND_AUTH_TYPE VARCHAR (255) NOT NULL,
+            PROP_NAME VARCHAR (255),
+            PROP_VALUE VARCHAR (1024) ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_INBOUND_AUTH ADD CONSTRAINT APPLICATION_ID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_AUTH_STEP;
+DROP SEQUENCE IF EXISTS SP_AUTH_STEP_SEQ;
+CREATE SEQUENCE SP_AUTH_STEP_SEQ;
+CREATE TABLE SP_AUTH_STEP (
+            ID INTEGER DEFAULT NEXTVAL('SP_AUTH_STEP_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            STEP_ORDER INTEGER DEFAULT 1,
+            APP_ID INTEGER NOT NULL,
+            IS_SUBJECT_STEP CHAR(1) DEFAULT '0',
+            IS_ATTRIBUTE_STEP CHAR(1) DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_AUTH_STEP ADD CONSTRAINT APPLICATION_ID_CONSTRAINT_STEP FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_FEDERATED_IDP;
+CREATE TABLE SP_FEDERATED_IDP (
+            ID INTEGER NOT NULL,
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID, AUTHENTICATOR_ID));
+
+ALTER TABLE SP_FEDERATED_IDP ADD CONSTRAINT STEP_ID_CONSTRAINT FOREIGN KEY (ID) REFERENCES SP_AUTH_STEP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_CLAIM_MAPPING;
+DROP SEQUENCE IF EXISTS SP_CLAIM_MAPPING_SEQ;
+CREATE SEQUENCE SP_CLAIM_MAPPING_SEQ;
+CREATE TABLE SP_CLAIM_MAPPING (
+            ID INTEGER DEFAULT NEXTVAL('SP_CLAIM_MAPPING_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            IDP_CLAIM VARCHAR (512) NOT NULL ,
+            SP_CLAIM VARCHAR (512) NOT NULL ,
+                  APP_ID INTEGER NOT NULL,
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            DEFAULT_VALUE VARCHAR(255),
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_CLAIM_MAPPING ADD CONSTRAINT CLAIMID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_ROLE_MAPPING;
+DROP SEQUENCE IF EXISTS SP_ROLE_MAPPING_SEQ;
+CREATE SEQUENCE SP_ROLE_MAPPING_SEQ;
+CREATE TABLE SP_ROLE_MAPPING (
+            ID INTEGER DEFAULT NEXTVAL('SP_ROLE_MAPPING_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            IDP_ROLE VARCHAR (255) NOT NULL ,
+            SP_ROLE VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_ROLE_MAPPING ADD CONSTRAINT ROLEID_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_REQ_PATH_AUTH;
+DROP SEQUENCE IF EXISTS SP_REQ_PATH_AUTH_SEQ;
+CREATE SEQUENCE SP_REQ_PATH_AUTH_SEQ;
+CREATE TABLE SP_REQ_PATH_AUTHENTICATOR (
+            ID INTEGER DEFAULT NEXTVAL('SP_REQ_PATH_AUTH_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            AUTHENTICATOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_REQ_PATH_AUTHENTICATOR ADD CONSTRAINT REQ_AUTH_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS SP_PROV_CONNECTOR;
+DROP SEQUENCE IF EXISTS SP_PROV_CONNECTOR_SEQ;
+CREATE SEQUENCE SP_PROV_CONNECTOR_SEQ;
+CREATE TABLE SP_PROVISIONING_CONNECTOR (
+            ID INTEGER DEFAULT NEXTVAL('SP_PROV_CONNECTOR_SEQ'),
+            TENANT_ID INTEGER NOT NULL,
+            IDP_NAME VARCHAR (255) NOT NULL ,
+            CONNECTOR_NAME VARCHAR (255) NOT NULL ,
+            APP_ID INTEGER NOT NULL,
+            IS_JIT_ENABLED CHAR(1) NOT NULL DEFAULT '0',
+            BLOCKING CHAR(1) NOT NULL DEFAULT '0',
+            PRIMARY KEY (ID));
+
+ALTER TABLE SP_PROVISIONING_CONNECTOR ADD CONSTRAINT PRO_CONNECTOR_APPID_CONSTRAINT FOREIGN KEY (APP_ID) REFERENCES SP_APP (ID) ON DELETE CASCADE;
+
+DROP TABLE IF EXISTS IDP;
+DROP SEQUENCE IF EXISTS IDP_SEQ;
+CREATE SEQUENCE IDP_SEQ;
+CREATE TABLE IDP (
+                  ID INTEGER DEFAULT NEXTVAL('IDP_SEQ'),
+                  TENANT_ID INTEGER,
+                  NAME VARCHAR(254) NOT NULL,
+                  IS_ENABLED CHAR(1) NOT NULL DEFAULT '1',
+                  IS_PRIMARY CHAR(1) NOT NULL DEFAULT '0',
+                  HOME_REALM_ID VARCHAR(254),
+                  IMAGE BYTEA,
+                  CERTIFICATE BYTEA,
+                  ALIAS VARCHAR(254),
+                  INBOUND_PROV_ENABLED CHAR (1) NOT NULL DEFAULT '0',
+                  INBOUND_PROV_USER_STORE_ID VARCHAR(254),
+                  USER_CLAIM_URI VARCHAR(254),
+                  ROLE_CLAIM_URI VARCHAR(254),
+                  DESCRIPTION VARCHAR (1024),
+                  DEFAULT_AUTHENTICATOR_NAME VARCHAR(254),
+                  DEFAULT_PRO_CONNECTOR_NAME VARCHAR(254),
+                  PROVISIONING_ROLE VARCHAR(128),
+                  IS_FEDERATION_HUB CHAR(1) NOT NULL DEFAULT '0',
+                  IS_LOCAL_CLAIM_DIALECT CHAR(1) NOT NULL DEFAULT '0',
+                      DISPLAY_NAME VARCHAR(255),
+                  PRIMARY KEY (ID),
+                  UNIQUE (TENANT_ID, NAME));
+
+INSERT INTO IDP (TENANT_ID, NAME, HOME_REALM_ID) VALUES (-1234, 'LOCAL', 'localhost');
+
+DROP TABLE IF EXISTS IDP_ROLE;
+DROP SEQUENCE IF EXISTS IDP_ROLE_SEQ;
+CREATE SEQUENCE IDP_ROLE_SEQ;
+CREATE TABLE IDP_ROLE (
+                  ID INTEGER DEFAULT NEXTVAL('IDP_ROLE_SEQ'),
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  ROLE VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, ROLE),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_ROLE_MAPPING;
+DROP SEQUENCE IF EXISTS IDP_ROLE_MAPPING_SEQ;
+CREATE SEQUENCE IDP_ROLE_MAPPING_SEQ;
+CREATE TABLE IDP_ROLE_MAPPING (
+                  ID INTEGER DEFAULT NEXTVAL('IDP_ROLE_MAPPING_SEQ'),
+                  IDP_ROLE_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  USER_STORE_ID VARCHAR (253),
+                  LOCAL_ROLE VARCHAR(253),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ROLE_ID, TENANT_ID, USER_STORE_ID, LOCAL_ROLE),
+                  FOREIGN KEY (IDP_ROLE_ID) REFERENCES IDP_ROLE(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_CLAIM;
+DROP SEQUENCE IF EXISTS IDP_CLAIM_SEQ;
+CREATE SEQUENCE IDP_CLAIM_SEQ;
+CREATE TABLE IDP_CLAIM (
+                  ID INTEGER DEFAULT NEXTVAL('IDP_CLAIM_SEQ'),
+                  IDP_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  CLAIM VARCHAR(254),
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_ID, CLAIM),
+                  FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_CLAIM_MAPPING;
+DROP SEQUENCE IF EXISTS IDP_CLAIM_MAPPING_SEQ;
+CREATE SEQUENCE IDP_CLAIM_MAPPING_SEQ;
+CREATE TABLE IDP_CLAIM_MAPPING (
+                  ID INTEGER DEFAULT NEXTVAL('IDP_CLAIM_MAPPING_SEQ'),
+                  IDP_CLAIM_ID INTEGER,
+                  TENANT_ID INTEGER,
+                  LOCAL_CLAIM VARCHAR(253),
+                DEFAULT_VALUE VARCHAR(255),
+            IS_REQUESTED VARCHAR(128) DEFAULT '0',
+                  PRIMARY KEY (ID),
+                  UNIQUE (IDP_CLAIM_ID, TENANT_ID, LOCAL_CLAIM),
+                  FOREIGN KEY (IDP_CLAIM_ID) REFERENCES IDP_CLAIM(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_AUTHENTICATOR;
+DROP SEQUENCE IF EXISTS IDP_AUTHENTICATOR_SEQ;
+CREATE SEQUENCE IDP_AUTHENTICATOR_SEQ;
+CREATE TABLE IDP_AUTHENTICATOR (
+            ID INTEGER DEFAULT NEXTVAL('IDP_AUTHENTICATOR_SEQ'),
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            NAME VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '1',
+            DISPLAY_NAME VARCHAR(255),
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, NAME),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'samlsso');
+INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) VALUES (-1234, 1, 'IDPProperties');
+
+DROP TABLE IF EXISTS IDP_AUTHENTICATOR_PROP;
+DROP SEQUENCE IF EXISTS IDP_AUTHENTICATOR_PROP_SEQ;
+CREATE SEQUENCE IDP_AUTHENTICATOR_PROP_SEQ;
+CREATE TABLE IDP_AUTHENTICATOR_PROPERTY (
+            ID INTEGER DEFAULT NEXTVAL('IDP_AUTHENTICATOR_PROP_SEQ'),
+            TENANT_ID INTEGER,
+            AUTHENTICATOR_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2047),
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY),
+            FOREIGN KEY (AUTHENTICATOR_ID) REFERENCES IDP_AUTHENTICATOR(ID) ON DELETE CASCADE);
+
+INSERT INTO  IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) VALUES (-1234, 1 , 'IdPEntityId', 'localhost', '0');
+
+DROP TABLE IF EXISTS IDP_PROV_CONFIG;
+DROP SEQUENCE IF EXISTS IDP_PROV_CONFIG_SEQ;
+CREATE SEQUENCE IDP_PROV_CONFIG_SEQ;
+CREATE TABLE IDP_PROVISIONING_CONFIG (
+            ID INTEGER DEFAULT NEXTVAL('IDP_PROV_CONFIG_SEQ'),
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            PROVISIONING_CONNECTOR_TYPE VARCHAR(255) NOT NULL,
+            IS_ENABLED CHAR (1) DEFAULT '0',
+            IS_BLOCKING CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, PROVISIONING_CONNECTOR_TYPE),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_PROV_CONFIG_PROP;
+DROP SEQUENCE IF EXISTS IDP_PROV_CONFIG_PROP_SEQ;
+CREATE SEQUENCE IDP_PROV_CONFIG_PROP_SEQ;
+CREATE TABLE IDP_PROV_CONFIG_PROPERTY (
+            ID INTEGER DEFAULT NEXTVAL('IDP_PROV_CONFIG_PROP_SEQ'),
+            TENANT_ID INTEGER,
+            PROVISIONING_CONFIG_ID INTEGER,
+            PROPERTY_KEY VARCHAR(255) NOT NULL,
+            PROPERTY_VALUE VARCHAR(2048),
+            PROPERTY_BLOB_VALUE BYTEA,
+            PROPERTY_TYPE CHAR(32) NOT NULL,
+            IS_SECRET CHAR (1) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, PROVISIONING_CONFIG_ID, PROPERTY_KEY),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_PROV_ENTITY;
+DROP SEQUENCE IF EXISTS IDP_PROV_ENTITY_SEQ;
+CREATE SEQUENCE IDP_PROV_ENTITY_SEQ;
+CREATE TABLE IDP_PROVISIONING_ENTITY (
+            ID INTEGER DEFAULT NEXTVAL('IDP_PROV_ENTITY_SEQ'),
+            PROVISIONING_CONFIG_ID INTEGER,
+            ENTITY_TYPE VARCHAR(255) NOT NULL,
+            ENTITY_LOCAL_USERSTORE VARCHAR(255) NOT NULL,
+            ENTITY_NAME VARCHAR(255) NOT NULL,
+            ENTITY_VALUE VARCHAR(255),
+            TENANT_ID INTEGER,
+            PRIMARY KEY (ID),
+            UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID),
+            UNIQUE (PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE),
+            FOREIGN KEY (PROVISIONING_CONFIG_ID) REFERENCES IDP_PROVISIONING_CONFIG(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDP_LOCAL_CLAIM;
+DROP SEQUENCE IF EXISTS IDP_LOCAL_CLAIM_SEQ;
+CREATE SEQUENCE IDP_LOCAL_CLAIM_SEQ;
+CREATE TABLE IF NOT EXISTS IDP_LOCAL_CLAIM(
+            ID INTEGER DEFAULT NEXTVAL('IDP_LOCAL_CLAIM_SEQ'),
+            TENANT_ID INTEGER,
+            IDP_ID INTEGER,
+            CLAIM_URI VARCHAR(255) NOT NULL,
+            DEFAULT_VALUE VARCHAR(255),
+              IS_REQUESTED VARCHAR(128) DEFAULT '0',
+            PRIMARY KEY (ID),
+            UNIQUE (TENANT_ID, IDP_ID, CLAIM_URI),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE);
+
+DROP TABLE IF EXISTS IDN_ASSOCIATED_ID;
+DROP SEQUENCE IF EXISTS IDN_ASSOCIATED_ID_SEQ;
+CREATE SEQUENCE IDN_ASSOCIATED_ID_SEQ;
+CREATE TABLE IDN_ASSOCIATED_ID (
+            ID INTEGER DEFAULT NEXTVAL('IDN_ASSOCIATED_ID_SEQ'),
+          IDP_USER_ID VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER DEFAULT -1234,
+          IDP_ID INTEGER NOT NULL,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+          USER_NAME VARCHAR(255) NOT NULL,
+          PRIMARY KEY (ID),
+            UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID),
+            FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS IDN_USER_ACCOUNT_ASSOCIATION;
+CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION (
+            ASSOCIATION_KEY VARCHAR(255) NOT NULL,
+            TENANT_ID INTEGER,
+            DOMAIN_NAME VARCHAR(255) NOT NULL,
+            USER_NAME VARCHAR(255) NOT NULL,
+            PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME));
+
+DROP TABLE IF EXISTS FIDO_DEVICE_STORE;
+CREATE TABLE FIDO_DEVICE_STORE (
+        TENANT_ID INTEGER,
+        DOMAIN_NAME VARCHAR(255) NOT NULL,
+        USER_NAME VARCHAR(45) NOT NULL,
+      TIME_REGISTERED TIMESTAMP,
+        KEY_HANDLE VARCHAR(200) NOT NULL,
+        DEVICE_DATA VARCHAR(2048) NOT NULL,
+      PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE));
+
+DROP TABLE IF EXISTS WF_REQUEST;
+CREATE TABLE WF_REQUEST (
+    UUID VARCHAR (45),
+    CREATED_BY VARCHAR (255),
+    TENANT_ID INTEGER DEFAULT -1,
+    OPERATION_TYPE VARCHAR (50),
+    CREATED_AT TIMESTAMP,
+    UPDATED_AT TIMESTAMP,
+    STATUS VARCHAR (30),
+    REQUEST BYTEA,
+    PRIMARY KEY (UUID)
+);
+
+DROP TABLE IF EXISTS WF_BPS_PROFILE;
+CREATE TABLE WF_BPS_PROFILE (
+    PROFILE_NAME VARCHAR(45),
+    HOST_URL VARCHAR(45),
+    USERNAME VARCHAR(45),
+    PASSWORD VARCHAR(255),
+    CALLBACK_HOST VARCHAR (45),
+    CALLBACK_USERNAME VARCHAR (45),
+    CALLBACK_PASSWORD VARCHAR (255),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (PROFILE_NAME, TENANT_ID)
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW;
+CREATE TABLE WF_WORKFLOW(
+    ID VARCHAR (45),
+    WF_NAME VARCHAR (45),
+    DESCRIPTION VARCHAR (255),
+    TEMPLATE_ID VARCHAR (45),
+    IMPL_ID VARCHAR (45),
+    TENANT_ID VARCHAR (45),
+    PRIMARY KEY (ID)
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW_ASSOCIATION;
+DROP SEQUENCE IF EXISTS WF_WORKFLOW_ASSOCIATION_PK_SEQ;
+CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_PK_SEQ;
+CREATE TABLE WF_WORKFLOW_ASSOCIATION(
+    ID INTEGER DEFAULT NEXTVAL('WF_WORKFLOW_ASSOCIATION_PK_SEQ'),
+    ASSOC_NAME VARCHAR (45),
+    EVENT_ID VARCHAR(45),
+    ASSOC_CONDITION VARCHAR (2000),
+    WORKFLOW_ID VARCHAR (45),
+    IS_ENABLED CHAR (1) DEFAULT '1',
+    PRIMARY KEY(ID),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WF_WORKFLOW_CONFIG_PARAM;
+CREATE TABLE WF_WORKFLOW_CONFIG_PARAM(
+    WORKFLOW_ID VARCHAR (45),
+    PARAM_NAME VARCHAR (45),
+    PARAM_VALUE VARCHAR (1000),
+    PRIMARY KEY (WORKFLOW_ID, PARAM_NAME),
+    FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WF_REQUEST_ENTITY_RELATIONSHIP;
+CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP(
+  REQUEST_ID VARCHAR (45),
+  ENTITY_NAME VARCHAR (255),
+  ENTITY_TYPE VARCHAR (50),
+  TENANT_ID INTEGER DEFAULT -1,
+  PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID),
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+DROP TABLE IF EXISTS WORKFLOW_REQUEST_RELATION;
+CREATE TABLE WORKFLOW_REQUEST_RELATION(
+  RELATIONSHIP_ID VARCHAR (45),
+  WORKFLOW_ID VARCHAR (45),
+  REQUEST_ID VARCHAR (45),
+  UPDATED_AT TIMESTAMP,
+  STATUS VARCHAR (30),
+  PRIMARY KEY (RELATIONSHIP_ID),
+  FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE,
+  FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE
+);
+
+-- End of IDENTITY Tables--
+
+CREATE SEQUENCE AM_SUBSCRIBER_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_SUBSCRIBER (
+    SUBSCRIBER_ID INTEGER DEFAULT nextval('am_subscriber_sequence'),
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EMAIL_ADDRESS VARCHAR(256) NULL,
+    DATE_SUBSCRIBED DATE NOT NULL,
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATE,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATE,
+    PRIMARY KEY (SUBSCRIBER_ID),
+    UNIQUE (TENANT_ID,USER_ID)
+)
+;
+
+CREATE SEQUENCE AM_APPLICATION_SEQUENCE START WITH 1 INCREMENT BY 1 ;
+CREATE TABLE AM_APPLICATION (
+    APPLICATION_ID INTEGER DEFAULT nextval('am_application_sequence'),
+    NAME VARCHAR(100),
+    SUBSCRIBER_ID INTEGER,
+    APPLICATION_TIER VARCHAR(50) DEFAULT 'Unlimited',
+    CALLBACK_URL VARCHAR(512),
+    DESCRIPTION VARCHAR(512),
+	APPLICATION_STATUS VARCHAR(50) DEFAULT 'APPROVED',
+    GROUP_ID VARCHAR(100),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATE,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATE,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID),
+    UNIQUE (NAME,SUBSCRIBER_ID)
+)
+;
+
+CREATE SEQUENCE AM_API_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_API (
+    API_ID INTEGER DEFAULT nextval('am_api_sequence'),
+    API_PROVIDER VARCHAR(256),
+    API_NAME VARCHAR(256),
+    API_VERSION VARCHAR(30),
+    CONTEXT VARCHAR(256),
+    CONTEXT_TEMPLATE VARCHAR(256),
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATE,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATE,
+    PRIMARY KEY(API_ID),
+    UNIQUE (API_PROVIDER,API_NAME,API_VERSION)
+)
+;
+
+CREATE SEQUENCE AM_API_URL_MAPPING_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_API_URL_MAPPING (
+    URL_MAPPING_ID INTEGER DEFAULT nextval('am_api_url_mapping_sequence'),
+    API_ID INTEGER NOT NULL,
+    HTTP_METHOD VARCHAR(20) NULL,
+    AUTH_SCHEME VARCHAR(50) NULL,
+    URL_PATTERN VARCHAR(512) NULL,
+    THROTTLING_TIER varchar(512) DEFAULT NULL,
+    MEDIATION_SCRIPT BYTEA,
+    PRIMARY KEY(URL_MAPPING_ID)
+)
+;
+
+CREATE SEQUENCE AM_SUBSCRIPTION_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_SUBSCRIPTION (
+    SUBSCRIPTION_ID INTEGER DEFAULT nextval('am_subscription_sequence'),
+    TIER_ID VARCHAR(50),
+    API_ID INTEGER,
+    LAST_ACCESSED DATE NULL,
+    APPLICATION_ID INTEGER,
+    SUB_STATUS VARCHAR(50),
+    SUBS_CREATE_STATE VARCHAR(50) DEFAULT 'SUBSCRIBE',
+    CREATED_BY VARCHAR(100),
+    CREATED_TIME DATE,
+    UPDATED_BY VARCHAR(100),
+    UPDATED_TIME DATE,
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (SUBSCRIPTION_ID)
+)
+;
+
+CREATE TABLE AM_SUBSCRIPTION_KEY_MAPPING (
+    SUBSCRIPTION_ID INTEGER,
+    ACCESS_TOKEN VARCHAR(512),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    FOREIGN KEY(SUBSCRIPTION_ID) REFERENCES AM_SUBSCRIPTION(SUBSCRIPTION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(SUBSCRIPTION_ID,ACCESS_TOKEN)
+)
+;
+
+CREATE TABLE AM_APPLICATION_KEY_MAPPING (
+    APPLICATION_ID INTEGER,
+    CONSUMER_KEY VARCHAR(512),
+    KEY_TYPE VARCHAR(512) NOT NULL,
+    CREATE_MODE VARCHAR(30) DEFAULT 'CREATED',
+    STATE VARCHAR(30),
+    FOREIGN KEY(APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY(APPLICATION_ID,KEY_TYPE)
+)
+;
+
+CREATE SEQUENCE AM_APPLICATION_REGISTRATION_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE IF NOT EXISTS AM_APPLICATION_REGISTRATION (
+    REG_ID INTEGER DEFAULT nextval('am_application_registration_sequence'),
+    SUBSCRIBER_ID INT,
+    WF_REF VARCHAR(255) NOT NULL,
+    APP_ID INT,
+    TOKEN_TYPE VARCHAR(30),
+    TOKEN_SCOPE VARCHAR(256) DEFAULT 'default',
+    INPUTS VARCHAR(1000),
+    ALLOWED_DOMAINS VARCHAR(256),
+    VALIDITY_PERIOD BIGINT,
+    UNIQUE (SUBSCRIBER_ID,APP_ID,TOKEN_TYPE),
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(APP_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (REG_ID)
+)
+;
+
+
+
+CREATE SEQUENCE AM_API_LC_EVENT_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_API_LC_EVENT (
+    EVENT_ID INTEGER DEFAULT nextval('am_api_lc_event_sequence'),
+    API_ID INTEGER NOT NULL,
+    PREVIOUS_STATE VARCHAR(50),
+    NEW_STATE VARCHAR(50) NOT NULL,
+    USER_ID VARCHAR(255) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    EVENT_DATE DATE NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (EVENT_ID)
+)
+;
+
+CREATE TABLE AM_APP_KEY_DOMAIN_MAPPING (
+   CONSUMER_KEY VARCHAR(255),
+   AUTHZ_DOMAIN VARCHAR(255) DEFAULT 'ALL',
+   PRIMARY KEY (CONSUMER_KEY,AUTHZ_DOMAIN)
+)
+;
+
+CREATE SEQUENCE AM_API_COMMENTS_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_API_COMMENTS (
+    COMMENT_ID INTEGER DEFAULT nextval('am_api_comments_sequence'),
+    COMMENT_TEXT VARCHAR(512),
+    COMMENTED_USER VARCHAR(255),
+    DATE_COMMENTED DATE NOT NULL,
+    API_ID INTEGER NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (COMMENT_ID)
+)
+;
+
+CREATE SEQUENCE AM_WORKFLOWS_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_WORKFLOWS(
+    WF_ID INTEGER DEFAULT nextval('am_workflows_sequence'),
+    WF_REFERENCE VARCHAR(255) NOT NULL,
+    WF_TYPE VARCHAR(255) NOT NULL,
+    WF_STATUS VARCHAR(255) NOT NULL,
+    WF_CREATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    WF_UPDATED_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP ,
+    WF_STATUS_DESC VARCHAR(1000),
+    TENANT_ID INTEGER,
+    TENANT_DOMAIN VARCHAR(255),
+    WF_EXTERNAL_REFERENCE VARCHAR(255) NOT NULL,
+    PRIMARY KEY (WF_ID),
+    UNIQUE (WF_EXTERNAL_REFERENCE)
+)
+;
+
+CREATE SEQUENCE AM_API_RATINGS_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_API_RATINGS (
+    RATING_ID INTEGER DEFAULT nextval('am_api_ratings_sequence'),
+    API_ID INTEGER,
+    RATING INTEGER,
+    SUBSCRIBER_ID INTEGER,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    FOREIGN KEY(SUBSCRIBER_ID) REFERENCES AM_SUBSCRIBER(SUBSCRIBER_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (RATING_ID)
+)
+;
+
+CREATE SEQUENCE AM_TIER_PERMISSIONS_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_TIER_PERMISSIONS (
+    TIER_PERMISSIONS_ID INTEGER DEFAULT nextval('am_tier_permissions_sequence'),
+    TIER VARCHAR(50) NOT NULL,
+    PERMISSIONS_TYPE VARCHAR(50) NOT NULL,
+    ROLES VARCHAR(512) NOT NULL,
+    TENANT_ID INTEGER NOT NULL,
+    PRIMARY KEY(TIER_PERMISSIONS_ID)
+);
+
+CREATE SEQUENCE AM_EXTERNAL_STORES_SEQUENCE START WITH 1 INCREMENT BY 1;
+CREATE TABLE AM_EXTERNAL_STORES (
+    APISTORE_ID INTEGER DEFAULT nextval('am_external_stores_sequence'),
+    API_ID INTEGER,
+    STORE_ID VARCHAR(255) NOT NULL,
+    STORE_DISPLAY_NAME VARCHAR(255) NOT NULL,
+    STORE_ENDPOINT VARCHAR(255) NOT NULL,
+    STORE_TYPE VARCHAR(255) NOT NULL,
+    FOREIGN KEY(API_ID) REFERENCES AM_API(API_ID) ON UPDATE CASCADE ON DELETE RESTRICT,
+    PRIMARY KEY (APISTORE_ID)
+)
+;
+
+DROP TABLE IF EXISTS AM_API_SCOPES;
+CREATE TABLE IF NOT EXISTS AM_API_SCOPES (
+   API_ID  INTEGER NOT NULL,
+   SCOPE_ID  INTEGER NOT NULL,
+   FOREIGN KEY (API_ID) REFERENCES AM_API (API_ID) ON DELETE CASCADE  ON UPDATE CASCADE,
+   FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+DROP TABLE IF EXISTS AM_API_DEFAULT_VERSION;
+DROP SEQUENCE IF EXISTS AM_API_DEFAULT_VERSION_PK_SEQ;
+CREATE SEQUENCE AM_API_DEFAULT_VERSION_PK_SEQ;
+CREATE TABLE AM_API_DEFAULT_VERSION (
+            DEFAULT_VERSION_ID INTEGER DEFAULT NEXTVAL('am_api_default_version_pk_seq'), 
+            API_NAME VARCHAR(256) NOT NULL ,
+            API_PROVIDER VARCHAR(256) NOT NULL , 
+            DEFAULT_API_VERSION VARCHAR(30) , 
+            PUBLISHED_DEFAULT_API_VERSION VARCHAR(30) ,
+            PRIMARY KEY (DEFAULT_VERSION_ID)
+);
+
+
+CREATE INDEX IDX_SUB_APP_ID ON AM_SUBSCRIPTION (APPLICATION_ID, SUBSCRIPTION_ID)
+;
+commit;
--- a/modules/distribution/src/assembly/bin.xml
+++ b/modules/distribution/src/assembly/bin.xml
@ -23,6 +23,7 @@
                <!--<exclude>**/master-datasources.xml</exclude>-->
                <exclude>**/carbon.xml</exclude>
                <exclude>**/registry.xml</exclude>
+                <exclude>**/identity.xml</exclude>
                <exclude>**/client-truststore.jks</exclude>
                <exclude>**/wso2carbon.jks</exclude>
                <exclude>**/WSO2AM_DB.h2.db</exclude>
@ -46,6 +47,40 @@
                <exclude>**/cipher-text.properties</exclude>
                <exclude>**/cipher-tool.properties</exclude>
                <exclude>**/lib/org.wso2.ciphertool-1.0.0-wso2v3.jar</exclude>
+
+                <!-- Remove multiple versions of same jar for 1.10.x-->
+                <exclude>**/repository/components/plugins/js_1.6.0.R7-wso2v1.jar</exclude>
+                <exclude>**/repository/components/plugins/json_1.0.0.wso2v1.jar</exclude>
+                <exclude>**/repository/components/plugins/wss4j_1.5.11.wso2v9.jar</exclude>
+                <exclude>**/repository/components/plugins/nimbus-jose-jwt_2.26.1.wso2v2.jar</exclude>
+                <exclude>**/repository/components/plugins/net.minidev.json-smart_1.2.0.jar</exclude>
+                <!--<exclude>**/repository/components/plugins/wss4j_1.5.11.wso2v10.jar</exclude>-->
+                <exclude>**/repository/components/plugins/rampart-trust_1.6.1.wso2v14.jar</exclude>
+                <exclude>**/repository/components/plugins/rampart-policy_1.6.1.wso2v14.jar</exclude>
+                <exclude>**/repository/components/plugins/rampart-core_1.6.1.wso2v14.jar</exclude>
+                <exclude>**/repository/components/plugins/commons-io_2.0.0.wso2v2.jar</exclude>
+                <exclude>**/repository/components/plugins/com.google.gson_2.1.0.jar</exclude>
+                <exclude>**/repository/components/plugins/com.google.gson_2.2.4.jar</exclude>
+                <!--<exclude>**/repository/components/plugins/org.wso2.carbon.captcha.mgt_4.2.0.jar</exclude>-->
+                <exclude>**/repository/components/plugins/guava_12.0.0.wso2v1.jar</exclude>
+                <exclude>**/repository/components/plugins/wadl-core_1.1.3.wso2v2.jar</exclude>
+                <!--<exclude>**/repository/components/plugins/waffle_1.4.0.wso2v1.jar</exclude>-->
+                <!--<exclude>**/repository/components/plugins/compass_2.0.1.wso2v2.jar</exclude>-->
+                <!--<exclude>**/repository/components/plugins/poi_3.9.0.wso2v1.jar</exclude>-->
+
+                <exclude>**/lib/endorsed/xalan*.jar</exclude>
+                <exclude>**/lib/endorsed/xercesImpl*.jar</exclude>
+                <exclude>**/lib/endorsed/xml-apis*.jar</exclude>
+                <exclude>**/conf/thrift-authentication.xml</exclude>
+                <exclude>**/repository/components/features/org.wso2.carbon.apimgt.store_${apim.feature.version}/store/**</exclude>
+                <exclude>**/repository/components/features/org.wso2.carbon.apimgt.store_${apim.feature.version}/admin-dashboard/**</exclude>
+                <exclude>**/repository/components/features/org.wso2.carbon.apimgt.store_${apim.feature.version}/workflow-admin/**</exclude>
+                <exclude>**/repository/components/features/org.wso2.carbon.apimgt.publisher_${apim.feature.version}/publisher/**</exclude>
+                <exclude>**/repository/components/features/org.wso2.carbon.apimgt.core_${apim.feature.version}/libs/**</exclude>
+
+                <exclude>**/repository/components/plugins/asm-all_4.1.0.wso2v1.jar</exclude>
+
+
            </excludes>
        </fileSet>

@ -89,6 +124,28 @@
            </excludes>
            <!--============ Added with ES Features ===============-->
        </fileSet>
+
+        <fileSet>
+            <directory>../p2-profile-gen/target/wso2carbon-core-${carbon.platform.version}/repository/conf/identity/</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity</outputDirectory>
+            <includes>
+                <include>**/identity.xml</include>
+                <include>**/entitlement.properties</include>
+            </includes>
+        </fileSet>
+
+
+        <!-- Start API Manager related -->
+        <fileSet>
+            <directory>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.platform.version}/dbscripts/identity/application-mgt/
+            </directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/identity/application-mgt</outputDirectory>
+            <includes>
+                <include>**/**.sql</include>
+            </includes>
+        </fileSet>
+
        <fileSet>
            <directory>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/multitenancy/
@ -161,7 +218,6 @@
            </directory>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/security/</outputDirectory>
            <includes>
-                <include>**/entitlement.properties</include>
                <include>**/trusted-idp-config.xml</include>
                <!--============ Added with ES Features ===============-->
                <include>**/cipher-text.properties</include>
@ -170,25 +226,8 @@
                <!--============ Added with ES Features ===============-->
            </includes>
        </fileSet>
-        <fileSet>
-            <directory>
-                src/repository/conf/identity/
-            </directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
-            <includes>
-                <include>**/**</include>
-            </includes>
-        </fileSet>
-        <!-- Moved to distribution pom to copy before install samples-->
-        <!--<fileSet>-->
-            <!--<directory>src/repository/conf/datasources</directory>-->
-            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/datasources-->
-            <!--</outputDirectory>-->
-            <!--<includes>-->
-                <!--<include>**/master-datasources.xml</include>-->
-                <!--<include>**/cdm-datasources.xml</include>-->
-            <!--</includes>-->
-        <!--</fileSet>-->
+
+
        <fileSet>
            <directory>src/repository/resources</directory>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources</outputDirectory>
@ -196,13 +235,6 @@
                <include>*/**</include>
            </includes>
        </fileSet>
-        <!--data-bridge configuration-->
-        <fileSet>
-            <directory>src/repository/conf/data-bridge</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/data-bridge
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </fileSet>
        <fileSet>
            <directory>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/dbscripts/service-provider
@ -235,6 +267,16 @@
            </includes>
        </fileSet>

+        <fileSet>
+            <directory>
+                src/api-resource/resources/sql/
+            </directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/apimgt</outputDirectory>
+            <includes>
+                <include>**/**.sql</include>
+            </includes>
+        </fileSet>
+
        <!--Copying modules-->
        <fileSet>
            <directory>
@ -275,37 +317,13 @@
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources
            </outputDirectory>
        </fileSet>
-
-
-        <!-- Copying Mobile plugin management related dbscripts -->
        <fileSet>
-            <directory>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.mobile.device.mgt.version}/dbscripts/cdm/plugins
-            </directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/dbscripts/cdm/plugins</outputDirectory>
-            <includes>
-                <include>*/**</include>
-            </includes>
-        </fileSet>
-
-        <!-- Copying MDM Jaggery app -->
-        <!--fileSet>
-            <directory>src/repository/jaggeryapps/</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/jaggeryapps
+            <directory>src/statistics/carbonapps/</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/carbonapps
            </outputDirectory>
            <fileMode>755</fileMode>
-        </fileSet-->
-    	<!-- Copying Device Cloud webapp -->
-    	<!--<fileSet>-->
-            <!--<directory>src/repository/webapps/</directory>-->
-            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/webapps-->
-            <!--</outputDirectory>-->
-        <!--</fileSet>-->
-
-        <!--========================================================================================================-->
-        <!-- Enterprise Store Features -->
+        </fileSet>

-        <!--============ Added with ES Features ===============-->
        <fileSet>
            <directory>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/jaggeryapps
@ -382,34 +400,7 @@
                <include>**/**</include>
            </includes>
        </fileSet>
-        <!--============ Added with ES Features ===============-->

-        <!--Copied to ANOTHER DIR (conf/ folder) in CDMF-->
-        <fileSet>
-            <directory>src/repository/conf</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
-            <includes>
-                <include>**/sso-idp-config.xml</include>
-            </includes>
-        </fileSet>
-        <!--============ Added with ES Features ===============-->
-
-        <fileSet>
-            <directory>src/repository/conf/identity</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
-            <includes>
-                <include>**/**</include>
-            </includes>
-        </fileSet>
-        <!--============ Added with ES Features ===============-->
-
-        <fileSet>
-            <directory>src/repository/conf/bam</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/bam</outputDirectory>
-            <includes>
-                <include>**/es-bam.xml</include>
-            </includes>
-        </fileSet>
        <!--============ Added with ES Features ===============-->

        <fileSet>
@ -434,26 +425,18 @@
                <include>shindig.war</include>
            </includes>
        </fileSet>
-        <!--============ Added with ES Features ===============-->

-        <fileSet>
-            <directory>src/repository/bam</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/bam/</outputDirectory>
-            <includes>
-                <include>**/**</include>
-            </includes>
-        </fileSet>
        <!--============ Added with ES Features ===============-->

-        <fileSet>
-            <directory>src/repository/conf/security</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
-            <includes>
-                <include>**/application-authenticators.xml</include>
-                <!-- Replacement for application-authenticators.xml -->
-                <include>**/application-authentication.xml</include>
-            </includes>
-        </fileSet>
+        <!--<fileSet>-->
+            <!--<directory>src/repository/conf/security</directory>-->
+            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>-->
+            <!--<includes>-->
+                <!--<include>**/application-authenticators.xml</include>-->
+                <!--&lt;!&ndash; Replacement for application-authenticators.xml &ndash;&gt;-->
+                <!--<include>**/application-authentication.xml</include>-->
+            <!--</includes>-->
+        <!--</fileSet>-->

        <!--============ Added with ES Features ===============-->
 			<!--Copies publisher specific config files that needs to be overriden for the CDMF-STORE. -->
@ -492,7 +475,7 @@

        <!--============ Added with API Features ===============-->
        <fileSet>
-            <directory>apim-resources/customsequences</directory>
+            <directory>src/api-resource/customsequences</directory>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources/customsequences</outputDirectory>
            <includes>
                <include>**/**.xml</include>
@ -530,6 +513,18 @@
            </excludes>
        </fileSet-->

+        <fileSet>
+            <directory>src/repository/conf/synapse-configs</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/synapse-configs</outputDirectory>
+            <excludes>
+                <exclude>**/empty.txt</exclude>
+            </excludes>
+        </fileSet>
+        <fileSet>
+            <directory>src/repository/conf/synapse-configs/default/sequences</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources/apim-synapse-config/</outputDirectory>
+        </fileSet>
+
        <!-- Analytics related config -->
        <fileSet>
            <directory>
@ -561,48 +556,56 @@
                <include>org.apache.rampart:rampart:mar</include>
            </includes>
        </dependencySet>
+
+
+        <!-- use the new tool to create a bundles -->
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/lib/core/WEB-INF/lib</outputDirectory>
+            <includes>
+                <include>org.wso2.carbon:org.wso2.carbon.mediator.bridge:jar</include>
+            </includes>
+        </dependencySet>
+
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/lib/core/WEB-INF/lib/</outputDirectory>
+            <includes><include>org.apache.qpid.wso2:qpid-client:jar</include>
+            </includes>
+        </dependencySet>
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/samples/axis2Client/client_repo/modules</outputDirectory>
+            <includes>
+                <include>org.apache.axis2:addressing:mar</include>
+                <include>org.apache.rampart:rampart:mar</include>
+                <include>org.apache.sandesha2:sandesha2:mar</include>
+            </includes>
+            <outputFileNameMapping>${artifact.artifactId}.${artifact.extension}</outputFileNameMapping>
+        </dependencySet>
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/samples/axis2Server/repository/modules</outputDirectory>
+            <includes>
+                <include>org.apache.axis2:addressing:mar</include>
+                <include>org.apache.rampart:rampart:mar</include>
+                <include>org.apache.sandesha2:sandesha2:mar</include>
+            </includes>
+            <outputFileNameMapping>${artifact.artifactId}.${artifact.extension}</outputFileNameMapping>
+        </dependencySet>
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/axis2/client/lib</outputDirectory>
+            <includes>
+                <include>bouncycastle:bcprov-jdk15:jar</include>
+            </includes>
+            <outputFileNameMapping>${artifact.artifactId}.${artifact.extension}</outputFileNameMapping>
+        </dependencySet>
+        <dependencySet>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/client/modules</outputDirectory>
+            <includes>
+                <include>org.apache.rampart:rampart:mar</include>
+            </includes>
+        </dependencySet>
    </dependencySets>

    <files>
-        <!--file>
-            <source>../mobile-agents/android/jax-rs/target/mdm-android-agent.war</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-        <file>
-            <source>../mobile-agents/windows/jax-rs/target/mdm-windows-agent.war</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
        <file>
-            <source>../rest-api/target/mdm-admin.war</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-        <file>
-            <source>
-                ../tools/mdm-android-agent-archetype/target/mdm-android-agent-archetype-${mdm.android.agent.archetype.version}.jar
-            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/tools
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-        <file>
-            <source>../tools/mdm-android-agent-archetype/README.txt</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/tools
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file>
-        <file>
-            <source>../tools/mdm-android-agent-archetype/android-agent.sh</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/tools
-            </outputDirectory>
-            <fileMode>755</fileMode>
-        </file-->
-        <!-- <file>
             <source>
                 ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/tomcat/webapp-classloading.xml
             </source>
@ -617,7 +620,7 @@
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/tomcat</outputDirectory>
             <filtered>true</filtered>
             <fileMode>644</fileMode>
-         </file>-->
+         </file>
        <file>
            <source>src/repository/conf/tomcat/context.xml</source>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/tomcat</outputDirectory>
@ -657,13 +660,6 @@
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>
-        <!--        <file>
-                    <source>../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/event-broker.xml
-                    </source>
-                    <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/</outputDirectory>
-                    <filtered>true</filtered>
-                    <fileMode>644</fileMode>
-                </file>-->
        <file>
            <source>INSTALL.txt</source>
            <outputDirectory>${pom.artifactId}-${pom.version}</outputDirectory>
@ -724,26 +720,28 @@
        <!-- Copying application-authentication.xml -->
        <file>
            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/security/application-authentication.xml
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/application-authentication.xml
            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/security</outputDirectory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity</outputDirectory>
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>

-
-        <!-- Copying thrift-authentication.xml -->
        <file>
            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/thrift-authentication.xml
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/msg-mgt.properties
            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
-            <filtered>true</filtered>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
            <fileMode>644</fileMode>
        </file>
+
+
+        <!-- Copying thrift-authentication.xml -->
        <file>
-            <source>src/repository/conf/application-authenticators.xml</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/security/</outputDirectory>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/thrift-authentication.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/</outputDirectory>
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>
@ -753,20 +751,6 @@
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>
-        <file>
-            <source>src/repository/conf/identity.xml</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
-            <fileMode>644</fileMode>
-        </file>
-        <file>
-            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/tomcat/webapp-classloading.xml
-            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/tomcat
-            </outputDirectory>
-            <filtered>true</filtered>
-            <fileMode>644</fileMode>
-        </file>

        <!--cdm config file-->
        <file>
@ -798,6 +782,8 @@
            <fileMode>644</fileMode>
        </file>

+
+
        <!--Webapp Authenticator Config file-->
        <file>
            <source>
@ -828,26 +814,6 @@
            <fileMode>644</fileMode>
        </file>

-        <!--cdm plugin config file-->
-        <!--file>
-            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/mobile-config.xml
-            </source>
-            <outputDirectory>
-                ${pom.artifactId}-${pom.version}/repository/conf/etc/device-mgt-plugin-org.wso2.carbon.device.mgt.iot.common.config.server.configs/mobile
-            </outputDirectory>
-            <filtered>true</filtered>
-            <fileMode>644</fileMode>
-        </file-->
-        <file>
-            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/tomcat/webapp-classloading-environments.xml
-            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/tomcat
-            </outputDirectory>
-            <filtered>true</filtered>
-            <fileMode>644</fileMode>
-        </file>

        <!-- Copying H2 database related files corresponding to default API management repository schema -->
        <file>
@ -859,15 +825,6 @@
            <fileMode>644</fileMode>
        </file>

-        <!--<file>-->
-            <!--<source>-->
-                <!--target/wso2carbon-core-${carbon.kernel.version}/repository/database/FireAlarmDM_DB.h2.db-->
-            <!--</source>-->
-            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/database</outputDirectory>-->
-            <!--<destName>FireAlarmDM_DB.h2.db</destName>-->
-            <!--<fileMode>644</fileMode>-->
-        <!--</file>-->
-
        <!-- Copying H2 database related files corresponding to default Device management repository schema -->

        <file>
@ -881,7 +838,9 @@


        <file>
-            <source>target/wso2carbon-core-${carbon.kernel.version}/repository/conf/carbon.xml</source>
+            <!--Added Server Roles-->
+            <!--<source>target/wso2carbon-core-${carbon.kernel.version}/repository/conf/carbon.xml</source>-->
+            <source>src/repository/conf/carbon.xml</source>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/</outputDirectory>
            <filtered>true</filtered>
        </file>
@ -895,42 +854,21 @@
            <fileMode>644</fileMode>
        </file>
        <file>
-            <!--<source>src/repository/conf/etc/launch.ini</source>-->
-            <source>target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/launch.ini</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc/
-            </outputDirectory>
+            <source>src/repository/conf/axis2/axis2.xml</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/axis2/</outputDirectory>
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>

-        <!--========================================================================================================-->
-        <!-- Enterprise Store Features -->
-
-        <!--============ Added with ES Features ===============-->
        <file>
-            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/governance.xml
-            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
+            <!--<source>src/repository/conf/etc/launch.ini</source>-->
+            <source>target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/launch.ini</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc/
+            </outputDirectory>
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>

-        <!--============ Added with ES Features ===============-->
-        <file>
-            <source>src/repository/conf/registry.xml</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/</outputDirectory>
-            <filtered>true</filtered>
-        </file>
-
-        <!--============ Added with ES Features ===============-->
-        <file>
-            <source>src/repository/conf/multitenancy/cloud-services-desc.xml</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/multitenancy/</outputDirectory>
-            <filtered>true</filtered>
-        </file>
-
-        <!--============ Added with ES Features ===============-->
        <file>
            <source>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/log4j.properties
@ -939,24 +877,48 @@
            </outputDirectory>
        </file>

-        <!--============ Added with ES Features ===============-->
-        <file>
-            <source>target/wso2carbon-core-${carbon.kernel.version}/repository/conf/axis2/axis2.xml</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/axis2/</outputDirectory>
-            <filtered>true</filtered>
-            <fileMode>644</fileMode>
-        </file>
-
        <file>
            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/identity-mgt.properties
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/governance.xml
            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity</outputDirectory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
            <filtered>true</filtered>
            <fileMode>644</fileMode>
        </file>

+        <!--========================================================================================================-->
+        <!-- Enterprise Store Features -->
+
+
+
+
        <!--============ Added with ES Features ===============-->
+        <!--<file>-->
+            <!--<source>src/repository/conf/registry.xml</source>-->
+            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/</outputDirectory>-->
+            <!--<filtered>true</filtered>-->
+        <!--</file>-->
+
+        <!--&lt;!&ndash;============ Added with ES Features ===============&ndash;&gt;-->
+        <!--<file>-->
+            <!--<source>src/repository/conf/multitenancy/cloud-services-desc.xml</source>-->
+            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/multitenancy/</outputDirectory>-->
+            <!--<filtered>true</filtered>-->
+        <!--</file>-->
+
+        <!--&lt;!&ndash;============ Added with ES Features ===============&ndash;&gt;-->
+
+
+        <!--<file>-->
+            <!--<source>-->
+                <!--../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/identity-mgt.properties-->
+            <!--</source>-->
+            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity</outputDirectory>-->
+            <!--<filtered>true</filtered>-->
+            <!--<fileMode>644</fileMode>-->
+        <!--</file>-->
+
+        <!--&lt;!&ndash;============ Added with ES Features ===============&ndash;&gt;-->
        <file>
            <source>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/email/email-admin-config.xml
@ -966,7 +928,7 @@
            <fileMode>644</fileMode>
        </file>

-        <!--============ Added with ES Features ===============-->
+
        <file>
            <source>
                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/claim-config.xml
@ -976,12 +938,12 @@
            <fileMode>644</fileMode>
        </file>

-        <!--============ Added with ES Features ===============-->
-        <file>
-            <source>src/repository/database/WSO2IDENTITY_DB.h2.db</source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/database</outputDirectory>
-            <fileMode>644</fileMode>
-        </file>
+        <!--&lt;!&ndash;============ Added with ES Features ===============&ndash;&gt;-->
+        <!--<file>-->
+            <!--<source>src/repository/database/WSO2IDENTITY_DB.h2.db</source>-->
+            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/database</outputDirectory>-->
+            <!--<fileMode>644</fileMode>-->
+        <!--</file>-->

        <!--============ Added with ES Features ===============-->
        <file>
@ -1026,8 +988,9 @@

        <!-- Copying apim feature - bam.xml -->
        <file>
+            <!--../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/bam.xml-->
            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/bam.xml
+                src/repository/conf/etc/bam.xml
            </source>
            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
            <filtered>true</filtered>
@ -1035,14 +998,107 @@
        </file>

        <!-- Analytics datasources -->
-        <!--<file>-->
-            <!--<source>-->
-                <!--../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/datasources/analytics-datasources.xml-->
-            <!--</source>-->
-            <!--<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/datasources</outputDirectory>-->
-            <!--<filtered>true</filtered>-->
-            <!--<fileMode>644</fileMode>-->
-        <!--</file>-->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/datasources/analytics-datasources.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/datasources</outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+
+
+        <!--DAS Files-->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/event-processor.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/
+            </outputDirectory>
+            <filtered>true</filtered>
+        </file>
+
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/output-event-adapters.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf
+            </outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/input-event-adapters.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf
+            </outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+
+        <!-- ************* Data bridge related files ********** -->
+        <file>
+            <!--<source>../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/data-bridge/data-bridge-config.xml</source>-->
+            <!--STORE-1101-->
+            <source>src/repository/conf/data-bridge/data-bridge-config.xml</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/data-bridge</outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+        <file>
+            <source>src/repository/conf/data-bridge/stream-definitions.xml</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/data-bridge</outputDirectory>
+        </file>
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/data-bridge/data-agent-config.xml
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/data-bridge
+            </outputDirectory>
+            <filtered>true</filtered>
+            <fileMode>644</fileMode>
+        </file>
+        <!-- ************* Data bridge related files end ********** -->
+        <!--spark udf conf file-->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/spark/spark-udf-config.xml
+            </source>
+
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/spark/
+            </outputDirectory>
+            <fileMode>755</fileMode>
+        </file>
+        <!--spark defaults file-->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/spark/spark-defaults.conf
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/spark/
+            </outputDirectory>
+            <fileMode>755</fileMode>
+        </file>
+
+         <!--Analytics REST APIs WebApp -->
+        <file>
+            <source>
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/webapps/analytics.war
+            </source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/deployment/server/webapps</outputDirectory>
+            <!--commented since this tag causes issues in maven assembly plugin when copying zip formats-->
+            <!--filtered>true</filtered-->
+            <fileMode>644</fileMode>
+        </file>
+
+        <file>
+            <source>src/repository/conf/synapse.properties</source>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
+            <destName>synapse.properties</destName>
+            <filtered>true</filtered>
+        </file>
+



--- a/modules/distribution/src/assembly/filter.properties
+++ b/modules/distribution/src/assembly/filter.properties
@ -1,7 +1,9 @@
 product.name=WSO2 IoT Server
 product.version=1.0.0-SNAPSHOT
-product.key=DC
+product.key=IOT
 hotdeployment=true
 hotupdate=true
-carbon.version=4.4.0
-default.server.role=DeviceCloud
+carbon.version=4.4.1
+default.server.role=IoTServer
+cep.server.role=ComplexEventProcessor
+das.server.role=DataAnalyticsServer
--- a/modules/distribution/src/repository/conf/axis2/axis2.xml
+++ b/modules/distribution/src/repository/conf/axis2/axis2.xml
--- a/modules/distribution/src/repository/conf/axis2/axis2_client.xml
+++ b/modules/distribution/src/repository/conf/axis2/axis2_client.xml
@ -109,7 +109,7 @@
                          class="org.apache.axis2.transport.http.SOAPMessageFormatter"/>
        <messageFormatter contentType="application/soap+xml"
                          class="org.apache.axis2.transport.http.SOAPMessageFormatter"/>
-	<!--JSON Message Formatters-->
+        <!--JSON Message Formatters-->
        <messageFormatter contentType="application/json"
                          class="org.apache.axis2.json.JSONMessageFormatter"/>
        <messageFormatter contentType="application/json/badgerfish"
@ -128,7 +128,7 @@
                        class="org.apache.axis2.builder.ApplicationXMLBuilder"/>
        <messageBuilder contentType="application/x-www-form-urlencoded"
                        class="org.apache.axis2.builder.XFormURLEncodedBuilder"/>
-	<!--JSON Message Builders-->
+        <!--JSON Message Builders-->
        <messageBuilder contentType="application/json"
                        class="org.apache.axis2.json.JSONOMBuilder"/>
        <messageBuilder contentType="application/json/badgerfish"
@ -312,6 +312,6 @@
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
-	<phase name="Transport"/>
+        <phase name="Transport"/>
    </phaseOrder>
-</axisconfig>
+</axisconfig>
--- a/modules/distribution/src/repository/conf/carbon.xml
+++ b/modules/distribution/src/repository/conf/carbon.xml
@ -0,0 +1,685 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+
+<!--
+  ~ Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<!--
+    This is the main server configuration file
+
+    ${carbon.home} represents the carbon.home system property.
+    Other system properties can be specified in a similar manner.
+-->
+<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
+
+	<!--
+	   Product Name
+	-->
+	<Name>${product.name}</Name>
+
+	<!--
+	   machine readable unique key to identify each product
+	-->
+	<ServerKey>${product.key}</ServerKey>
+
+	<!--
+	   Product Version
+	-->
+	<Version>${product.version}</Version>
+
+	<!--
+	   Host name or IP address of the machine hosting this server
+	   e.g. www.wso2.org, 192.168.1.10
+	   This is will become part of the End Point Reference of the
+	   services deployed on this server instance.
+	-->
+	<!--HostName>www.wso2.org</HostName-->
+
+	<!--
+	Host name to be used for the Carbon management console
+	-->
+	<!--MgtHostName>mgt.wso2.org</MgtHostName-->
+
+	<!--
+		The URL of the back end server. This is where the admin services are hosted and
+		will be used by the clients in the front end server.
+		This is required only for the Front-end server. This is used when seperating BE server from FE server
+	   -->
+	<ServerURL>local:/${carbon.context}/services/</ServerURL>
+	<!--
+	<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
+	-->
+	<!--
+	 The URL of the index page. This is where the user will be redirected after signing in to the
+	 carbon server.
+	 -->
+	<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
+
+	<!--
+	For cApp deployment, we have to identify the roles that can be acted by the current server.
+	The following property is used for that purpose. Any number of roles can be defined here.
+	Regular expressions can be used in the role.
+	Ex : <Role>.*</Role> means this server can act any role
+	-->
+	<ServerRoles>
+		<Role>${default.server.role}</Role>
+		<Role>${das.server.role}</Role>
+		<Role>${cep.server.role}</Role>
+	</ServerRoles>
+
+	<!-- uncommnet this line to subscribe to a bam instance automatically -->
+	<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
+
+	<!--
+	   The fully qualified name of the server
+	-->
+	<Package>org.wso2.carbon</Package>
+
+	<!--
+	   Webapp context root of WSO2 Carbon management console.
+	-->
+	<WebContextRoot>/</WebContextRoot>
+
+	<!--
+		Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
+		to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
+			 URL of the Carbon server -> https://10.100.1.1:9443/carbon
+		   URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
+
+	   appserver - proxy context path. This specially required whenever you are generating URLs to displace in
+	   Carbon UI components.
+	-->
+	<!--
+		<MgtProxyContextPath></MgtProxyContextPath>
+		<ProxyContextPath></ProxyContextPath>
+	-->
+
+	<!-- In-order to  get the registry http Port from the back-end when the default http transport is not the same-->
+	<!--RegistryHttpPort>9763</RegistryHttpPort-->
+
+	<!--
+	Number of items to be displayed on a management console page. This is used at the
+	backend server for pagination of various items.
+	-->
+	<ItemsPerPage>15</ItemsPerPage>
+
+	<!-- The endpoint URL of the cloud instance management Web service -->
+	<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
+
+	<!--
+	   Ports used by this server
+	-->
+	<Ports>
+
+		<!-- Ports offset. This entry will set the value of the ports defined below to
+		 the define value + Offset.
+		 e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
+		 -->
+		<Offset>0</Offset>
+
+		<!-- The JMX Ports -->
+		<JMX>
+			<!--The port RMI registry is exposed-->
+			<RMIRegistryPort>9999</RMIRegistryPort>
+			<!--The port RMI server should be exposed-->
+			<RMIServerPort>11111</RMIServerPort>
+		</JMX>
+
+		<!-- Embedded LDAP server specific ports -->
+		<EmbeddedLDAP>
+			<!-- Port which embedded LDAP server runs -->
+			<LDAPServerPort>10389</LDAPServerPort>
+			<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
+			<KDCServerPort>8000</KDCServerPort>
+		</EmbeddedLDAP>
+
+		<!--
+				 Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
+		-->
+		<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
+		<!--Override receive port of thrift based entitlement service.-->
+		<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
+
+	</Ports>
+
+	<!--
+		JNDI Configuration
+	-->
+	<JNDI>
+		<!--
+			 The fully qualified name of the default initial context factory
+		-->
+		<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
+		<!--
+			 The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
+		-->
+		<Restrictions>
+			<!--
+				Contexts that will be available only to the super-tenant
+			-->
+			<!-- <SuperTenantOnly>
+				<UrlContexts>
+					<UrlContext>
+						<Scheme>foo</Scheme>
+					</UrlContext>
+					<UrlContext>
+						<Scheme>bar</Scheme>
+					</UrlContext>
+				</UrlContexts>
+			</SuperTenantOnly> -->
+			<!--
+				Contexts that are common to all tenants
+			-->
+			<AllTenants>
+				<UrlContexts>
+					<UrlContext>
+						<Scheme>java</Scheme>
+					</UrlContext>
+					<!-- <UrlContext>
+						<Scheme>foo</Scheme>
+					</UrlContext> -->
+				</UrlContexts>
+			</AllTenants>
+			<!--
+				 All other contexts not mentioned above will be available on a per-tenant basis
+				 (i.e. will not be shared among tenants)
+			-->
+		</Restrictions>
+	</JNDI>
+
+	<!--
+		Property to determine if the server is running an a cloud deployment environment.
+		This property should only be used to determine deployment specific details that are
+		applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
+	-->
+	<IsCloudDeployment>false</IsCloudDeployment>
+
+	<!--
+	Property to determine whether usage data should be collected for metering purposes
+	-->
+	<EnableMetering>false</EnableMetering>
+
+	<!-- The Max time a thread should take for execution in seconds -->
+	<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
+
+	<!--
+		A flag to enable or disable Ghost Deployer. By default this is set to false. That is
+		because the Ghost Deployer works only with the HTTP/S transports. If you are using
+		other transports, don't enable Ghost Deployer.
+	-->
+	<GhostDeployment>
+		<Enabled>false</Enabled>
+	</GhostDeployment>
+
+
+	<!--
+		Eager loading or lazy loading is a design pattern commonly used in computer programming which
+		will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
+		load tenant when a request is received only. Similarly Eager loading is used to enable load
+		existing tenants after carbon server starts up. Using this feature, you will be able to include
+		or exclude tenants which are to be loaded when server startup.
+
+		We can enable only one LoadingPolicy at a given time.
+
+		1. Tenant Lazy Loading
+		   This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
+		   server startup, but loaded based on-demand (i.e when a request is received for a tenant).
+		   The default tenant idle time is 30 minutes.
+
+		2. Tenant Eager Loading
+		   This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
+		   The eager loading configurations supported are as below. These configurations can be given as the
+		   value for <Include> element with eager loading.
+				(i)Load all tenants when server startup             -   *
+				(ii)Load all tenants except foo.com & bar.com       -   *,!foo.com,!bar.com
+				(iii)Load only foo.com &  bar.com to be included    -   foo.com,bar.com
+	-->
+	<Tenant>
+		<LoadingPolicy>
+			<LazyLoading>
+				<IdleTime>30</IdleTime>
+			</LazyLoading>
+			<!-- <EagerLoading>
+				   <Include>*,!foo.com,!bar.com</Include>
+			</EagerLoading>-->
+		</LoadingPolicy>
+	</Tenant>
+
+	<!--
+	 Caching related configurations
+	-->
+	<Cache>
+		<!-- Default cache timeout in minutes -->
+		<DefaultCacheTimeout>15</DefaultCacheTimeout>
+	</Cache>
+
+	<!--
+	Axis2 related configurations
+	-->
+	<Axis2Config>
+		<!--
+			 Location of the Axis2 Services & Modules repository
+
+			 This can be a directory in the local file system, or a URL.
+
+			 e.g.
+			 1. /home/wso2wsas/repository/ - An absolute path
+			 2. repository - In this case, the path is relative to CARBON_HOME
+			 3. file:///home/wso2wsas/repository/
+			 4. http://wso2wsas/repository/
+		-->
+		<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
+
+		<!--
+		 Deployment update interval in seconds. This is the interval between repository listener
+		 executions.
+		-->
+		<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
+
+		<!--
+			Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
+
+			This can be a file on the local file system, or a URL
+
+			e.g.
+			1. /home/repository/axis2.xml - An absolute path
+			2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
+			3. file:///home/carbon/repository/axis2.xml
+			4. http://repository/conf/axis2.xml
+		-->
+		<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
+
+		<!--
+		  ServiceGroupContextIdleTime, which will be set in ConfigurationContex
+		  for multiple clients which are going to access the same ServiceGroupContext
+		  Default Value is 30 Sec.
+		-->
+		<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
+
+		<!--
+		  This repository location is used to crete the client side configuration
+		  context used by the server when calling admin services.
+		-->
+		<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
+		<!-- This axis2 xml is used in createing the configuration context by the FE server
+		 calling to BE server -->
+		<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
+		<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
+		<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
+
+		<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
+		With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
+		Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
+		<!--HttpAdminServices>*</HttpAdminServices-->
+
+	</Axis2Config>
+
+	<!--
+	   The default user roles which will be created when the server
+	   is started up for the first time.
+	-->
+	<ServiceUserRoles>
+		<Role>
+			<Name>admin</Name>
+			<Description>Default Administrator Role</Description>
+		</Role>
+		<Role>
+			<Name>user</Name>
+			<Description>Default User Role</Description>
+		</Role>
+	</ServiceUserRoles>
+
+	<!--
+	  Enable following config to allow Emails as usernames.
+	-->
+	<!--EnableEmailUserName>true</EnableEmailUserName-->
+
+	<!--
+	  Security configurations
+	-->
+	<Security>
+		<!--
+			KeyStore which will be used for encrypting/decrypting passwords
+			and other sensitive information.
+		-->
+		<KeyStore>
+			<!-- Keystore file location-->
+			<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
+			<!-- Keystore type (JKS/PKCS12 etc.)-->
+			<Type>JKS</Type>
+			<!-- Keystore password-->
+			<Password>wso2carbon</Password>
+			<!-- Private Key alias-->
+			<KeyAlias>wso2carbon</KeyAlias>
+			<!-- Private Key password-->
+			<KeyPassword>wso2carbon</KeyPassword>
+		</KeyStore>
+
+		<!--
+			System wide trust-store which is used to maintain the certificates of all
+			the trusted parties.
+		-->
+		<TrustStore>
+			<!-- trust-store file location -->
+			<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
+			<!-- trust-store type (JKS/PKCS12 etc.) -->
+			<Type>JKS</Type>
+			<!-- trust-store password -->
+			<Password>wso2carbon</Password>
+		</TrustStore>
+
+		<!--
+			The Authenticator configuration to be used at the JVM level. We extend the
+			java.net.Authenticator to make it possible to authenticate to given servers and
+			proxies.
+		-->
+		<NetworkAuthenticatorConfig>
+			<!--
+				Below is a sample configuration for a single authenticator. Please note that
+				all child elements are mandatory. Not having some child elements would lead to
+				exceptions at runtime.
+			-->
+			<!-- <Credential> -->
+			<!--
+				the pattern that would match a subset of URLs for which this authenticator
+				would be used
+			-->
+			<!-- <Pattern>regularExpression</Pattern> -->
+			<!--
+				the type of this authenticator. Allowed values are:
+				1. server
+				2. proxy
+			-->
+			<!-- <Type>proxy</Type> -->
+			<!-- the username used to log in to server/proxy -->
+			<!-- <Username>username</Username> -->
+			<!-- the password used to log in to server/proxy -->
+			<!-- <Password>password</Password> -->
+			<!-- </Credential> -->
+		</NetworkAuthenticatorConfig>
+
+		<!--
+		 The Tomcat realm to be used for hosted Web applications. Allowed values are;
+		 1. UserManager
+		 2. Memory
+
+		 If this is set to 'UserManager', the realm will pick users & roles from the system's
+		 WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
+		 CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
+		-->
+		<TomcatRealm>UserManager</TomcatRealm>
+
+		<!--Option to disable storing of tokens issued by STS-->
+		<DisableTokenStore>false</DisableTokenStore>
+
+		<!--
+		 Security token store class name. If this is not set, default class will be
+		 org.wso2.carbon.security.util.SecurityTokenStore
+		-->
+		<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
+
+		<!--CSRFPreventionConfig>
+			<Enabled>true</Enabled>
+			<Rule>allow</Rule>
+
+			<Patterns>
+				<Pattern>carbon</Pattern>
+				<Pattern>commonauth</Pattern>
+				<Pattern>samlsso</Pattern>
+				<Pattern>authenticationendpoint</Pattern>
+				<Pattern>wso2</Pattern>
+				<Pattern>oauth2</Pattern>
+				<Pattern>openid</Pattern>
+				<Pattern>openidserver</Pattern>
+				<Pattern>passivests</Pattern>
+				<Pattern>services</Pattern>
+			</Patterns>
+
+			<WhiteList>
+				<Url>https://localhost:9443</Url>
+			</WhiteList>
+		</CSRFPreventionConfig>
+
+		<XSSPreventionConfig>
+			<Enabled>true</Enabled>
+		</XSSPreventionConfig-->
+
+	</Security>
+
+	<!--
+	   The temporary work directory
+	-->
+	<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
+
+	<!--
+	   House-keeping configuration
+	-->
+	<HouseKeeping>
+
+		<!--
+		   true  - Start House-keeping thread on server startup
+		   false - Do not start House-keeping thread on server startup.
+				   The user will run it manually as and when he wishes.
+		-->
+		<AutoStart>true</AutoStart>
+
+		<!--
+		   The interval in *minutes*, between house-keeping runs
+		-->
+		<Interval>10</Interval>
+
+		<!--
+		  The maximum time in *minutes*, temp files are allowed to live
+		  in the system. Files/directories which were modified more than
+		  "MaxTempFileLifetime" minutes ago will be removed by the
+		  house-keeping task
+		-->
+		<MaxTempFileLifetime>30</MaxTempFileLifetime>
+	</HouseKeeping>
+
+	<!--
+	   Configuration for handling different types of file upload & other file uploading related
+	   config parameters.
+	   To map all actions to a particular FileUploadExecutor, use
+	   <Action>*</Action>
+	-->
+	<FileUploadConfig>
+		<!--
+		   The total file upload size limit in MB
+		-->
+		<TotalFileSizeLimit>100</TotalFileSizeLimit>
+
+		<Mapping>
+			<Actions>
+				<Action>keystore</Action>
+				<Action>certificate</Action>
+				<Action>*</Action>
+			</Actions>
+			<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
+		</Mapping>
+
+		<Mapping>
+			<Actions>
+				<Action>jarZip</Action>
+			</Actions>
+			<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
+		</Mapping>
+		<Mapping>
+			<Actions>
+				<Action>dbs</Action>
+			</Actions>
+			<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
+		</Mapping>
+		<Mapping>
+			<Actions>
+				<Action>tools</Action>
+			</Actions>
+			<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
+		</Mapping>
+		<Mapping>
+			<Actions>
+				<Action>toolsAny</Action>
+			</Actions>
+			<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
+		</Mapping>
+	</FileUploadConfig>
+
+	<!--
+	   Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
+
+	   In order to plug in a processor to handle a special request, simply add an entry to this
+	   section.
+
+	   The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
+	   which needs special processing
+
+	   The value of the Class element is a class which implements
+	   org.wso2.carbon.transport.HttpGetRequestProcessor
+	-->
+	<HttpGetRequestProcessors>
+		<Processor>
+			<Item>info</Item>
+			<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
+		</Processor>
+		<Processor>
+			<Item>wsdl</Item>
+			<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
+		</Processor>
+		<Processor>
+			<Item>wsdl2</Item>
+			<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
+		</Processor>
+		<Processor>
+			<Item>xsd</Item>
+			<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
+		</Processor>
+	</HttpGetRequestProcessors>
+
+	<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
+	In master nodes you need to set both AutoCommit and AutoCheckout to true
+	and in  worker nodes set only AutoCheckout to true.
+	-->
+	<DeploymentSynchronizer>
+		<Enabled>false</Enabled>
+		<AutoCommit>false</AutoCommit>
+		<AutoCheckout>true</AutoCheckout>
+		<RepositoryType>svn</RepositoryType>
+		<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
+		<SvnUser>username</SvnUser>
+		<SvnPassword>password</SvnPassword>
+		<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
+	</DeploymentSynchronizer>
+
+	<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
+		In master nodes you need to set both AutoCommit and AutoCheckout to true
+		and in  worker nodes set only AutoCheckout to true.
+	-->
+	<!--<DeploymentSynchronizer>
+		<Enabled>true</Enabled>
+		<AutoCommit>false</AutoCommit>
+		<AutoCheckout>true</AutoCheckout>
+	</DeploymentSynchronizer>-->
+
+	<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
+	<!--<MediationConfig>
+		<LoadFromRegistry>false</LoadFromRegistry>
+		<SaveToFile>false</SaveToFile>
+		<Persistence>enabled</Persistence>
+		<RegistryPersistence>enabled</RegistryPersistence>
+	</MediationConfig>-->
+
+	<!--
+	Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
+	This code will be run when the Carbon server is initialized
+	-->
+	<ServerInitializers>
+		<!--<Initializer></Initializer>-->
+	</ServerInitializers>
+
+	<!--
+	Indicates whether the Carbon Servlet is required by the system, and whether it should be
+	registered
+	-->
+	<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
+
+	<!--
+	Carbon H2 OSGI Configuration
+	By default non of the servers start.
+		name="web" - Start the web server with the H2 Console
+		name="webPort" - The port (default: 8082)
+		name="webAllowOthers" - Allow other computers to connect
+		name="webSSL" - Use encrypted (HTTPS) connections
+		name="tcp" - Start the TCP server
+		name="tcpPort" - The port (default: 9092)
+		name="tcpAllowOthers" - Allow other computers to connect
+		name="tcpSSL" - Use encrypted (SSL) connections
+		name="pg" - Start the PG server
+		name="pgPort"  - The port (default: 5435)
+		name="pgAllowOthers"  - Allow other computers to connect
+		name="trace" - Print additional trace information; for all servers
+		name="baseDir" - The base directory for H2 databases; for all servers
+	-->
+	<!--H2DatabaseConfiguration>
+		<property name="web" />
+		<property name="webPort">8082</property>
+		<property name="webAllowOthers" />
+		<property name="webSSL" />
+		<property name="tcp" />
+		<property name="tcpPort">9092</property>
+		<property name="tcpAllowOthers" />
+		<property name="tcpSSL" />
+		<property name="pg" />
+		<property name="pgPort">5435</property>
+		<property name="pgAllowOthers" />
+		<property name="trace" />
+		<property name="baseDir">${carbon.home}</property>
+	</H2DatabaseConfiguration-->
+	<!--Disabling statistics reporter by default-->
+	<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
+
+	<!-- Enable accessing Admin Console via HTTP -->
+	<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
+
+	<!--
+	   Default Feature Repository of WSO2 Carbon.
+	-->
+	<FeatureRepository>
+		<RepositoryName>default repository</RepositoryName>
+		<RepositoryURL>http://dist.wso2.org/p2/carbon/releases/4.4.1-SNAPSHOT</RepositoryURL>
+	</FeatureRepository>
+
+	<!--
+	Configure API Management
+   -->
+	<APIManagement>
+
+		<!--Uses the embedded API Manager by default. If you want to use an external
+		API Manager instance to manage APIs, configure below  externalAPIManager-->
+
+		<Enabled>true</Enabled>
+
+		<!--Uncomment and configure API Gateway and
+		Publisher URLs to use external API Manager instance-->
+
+		<!--ExternalAPIManager>
+
+			<APIGatewayURL>http://localhost:8281</APIGatewayURL>
+			<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
+
+		</ExternalAPIManager-->
+
+		<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
+	</APIManagement>
+</Server>
--- a/modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml
+++ b/modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml
@ -1,24 +0,0 @@
-<!--
-  ~ Copyright (c) 2015, WSO2 Inc. (http:www.wso2.org) All Rights Reserved.
-  ~
-  ~ WSO2 Inc. licenses this file to you under the Apache License,
-  ~ Version 2.0 (the "License"); you may not use this file except
-  ~ in compliance with the License.
-  ~ You may obtain a copy of the License at
-  ~
-  ~ http://www.apache.org/licenses/LICENSE-2.0
-  ~
-  ~ Unless required by applicable law or agreed to in writing,
-  ~ software distributed under the License is distributed on an
-  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  ~ KIND, either express or implied.  See the License for the
-  ~ specific language governing permissions and limitations
-  ~ under the License.
-  -->
-
-<CassandraDataSinkConfiguration xmlns="http://wso2.org/carbon/cassandraDataSink">
-    <PersistedStreams>
-        <Include>*</Include>
-        <Exclude>rt_*</Exclude>
-    </PersistedStreams>
-</CassandraDataSinkConfiguration>
--- a/modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml
+++ b/modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml
@ -1,72 +1,72 @@
 <!--
-  ~ Copyright (c) 2015, WSO2 Inc. (http:www.wso2.org) All Rights Reserved.
+  ~ Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
  ~
-  ~ WSO2 Inc. licenses this file to you under the Apache License,
-  ~ Version 2.0 (the "License"); you may not use this file except
-  ~ in compliance with the License.
+  ~ Licensed under the Apache License, Version 2.0 (the License);
+  ~ you may not use this file except in compliance with the License.
  ~ You may obtain a copy of the License at
  ~
  ~ http://www.apache.org/licenses/LICENSE-2.0
  ~
-  ~ Unless required by applicable law or agreed to in writing,
-  ~ software distributed under the License is distributed on an
-  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  ~ KIND, either express or implied.  See the License for the
-  ~ specific language governing permissions and limitations
-  ~ under the License.
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an AS IS BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
  -->

-<dataBridgeConfiguration xmlns="http://wso2.org/carbon/databridge">
+<dataBridgeConfiguration>

-    <StreamDefinitionStore>org.wso2.carbon.databridge.streamdefn.cassandra.datastore.CassandraStreamDefinitionStore</StreamDefinitionStore>
+	<workerThreads>10</workerThreads>
+	<eventBufferCapacity>10000</eventBufferCapacity>
+	<clientTimeoutMin>30</clientTimeoutMin>

-    <workerThreads>10</workerThreads>
-    <eventBufferCapacity>10000</eventBufferCapacity>
-    <clientTimeoutMS>30000</clientTimeoutMS>
-    <keySpaceName>EVENT_KS</keySpaceName>
+	<dataReceiver name="Thrift">
+		<config name="tcpPort">7611</config>
+		<config name="sslPort">7711</config>
+	</dataReceiver>

-<!-- Default configuration for thriftDataReceiver -->
-    <thriftDataReceiver>
-    <!--<hostName>localhost</hostName>-->
-        <port>7611</port>
-        <securePort>7711</securePort>
-    </thriftDataReceiver>
+	<dataReceiver name="Binary">
+		<config name="tcpPort">9611</config>
+		<config name="sslPort">9711</config>
+		<config name="sslReceiverThreadPoolSize">100</config>
+		<config name="tcpReceiverThreadPoolSize">100</config>
+	</dataReceiver>

-    <!--<streamDefinitions>
-        <streamDefinition>
-            {
-             'name':'org.wso2.esb.MediatorStatistics',
-             'version':'1.3.0',
-             'nickName': 'Stock Quote Information',
-             'description': 'Some Desc',
-             'metaData':[
-             {'name':'ipAdd','type':'STRING'}
-             ],
-             'payloadData':[
-             {'name':'symbol','type':'STRING'},
-             {'name':'price','type':'DOUBLE'},
-             {'name':'volume','type':'INT'},
-             {'name':'max','type':'DOUBLE'},
-             {'name':'min','type':'Double'}
-             ]
-            }
-        </streamDefinition>
-        <streamDefinition domainName="wso2">
-            {
-             'name':'org.wso2.esb.MediatorStatistics',
-             'version':'1.3.4',
-             'nickName': 'Stock Quote Information',
-             'description': 'Some Other Desc',
-             'metaData':[
-             {'name':'ipAdd','type':'STRING'}
-             ],
-             'payloadData':[
-             {'name':'symbol','type':'STRING'},
-             {'name':'price','type':'DOUBLE'},
-             {'name':'volume','type':'INT'}
-             ]
-            }
-        </streamDefinition>
-    </streamDefinitions>-->
+	<!--<streamDefinitions>
+		<streamDefinition>
+			{
+			 'name':'org.wso2.esb.MediatorStatistics',
+			 'version':'1.3.0',
+			 'nickName': 'Stock Quote Information',
+			 'description': 'Some Desc',
+			 'metaData':[
+			 {'name':'ipAdd','type':'STRING'}
+			 ],
+			 'payloadData':[
+			 {'name':'symbol','type':'STRING'},
+			 {'name':'price','type':'DOUBLE'},
+			 {'name':'volume','type':'INT'},
+			 {'name':'max','type':'DOUBLE'},
+			 {'name':'min','type':'Double'}
+			 ]
+			}
+		</streamDefinition>
+		<streamDefinition domainName="wso2">
+			{
+			 'name':'org.wso2.esb.MediatorStatistics',
+			 'version':'1.3.4',
+			 'nickName': 'Stock Quote Information',
+			 'description': 'Some Other Desc',
+			 'metaData':[
+			 {'name':'ipAdd','type':'STRING'}
+			 ],
+			 'payloadData':[
+			 {'name':'symbol','type':'STRING'},
+			 {'name':'price','type':'DOUBLE'},
+			 {'name':'volume','type':'INT'}
+			 ]
+			}
+		</streamDefinition>
+	</streamDefinitions>-->

-</dataBridgeConfiguration>
+</dataBridgeConfiguration>
--- a/modules/distribution/src/repository/conf/data-bridge/stream-definitions.xml
+++ b/modules/distribution/src/repository/conf/data-bridge/stream-definitions.xml
@ -0,0 +1,23 @@
+<!--
+~ Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+~
+~ WSO2 Inc. licenses this file to you under the Apache License,
+~ Version 2.0 (the "License"); you may not use this file except
+~ in compliance with the License.
+~ You may obtain a copy of the License at
+~
+~    http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied.  See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+
+
+<streamDefinitions xmlns="http://wso2.org/carbon/databridge">
+
+
+</streamDefinitions>
--- a/modules/distribution/src/repository/conf/etc/bam.xml
+++ b/modules/distribution/src/repository/conf/etc/bam.xml
@ -0,0 +1,4 @@
+<BamConfig>
+	<ServiceDataPublishing>disable</ServiceDataPublishing>
+	<WebappDataPublishing>disable</WebappDataPublishing>
+</BamConfig>
--- a/modules/distribution/src/repository/conf/identity.xml
+++ b/modules/distribution/src/repository/conf/identity.xml
@ -37,13 +37,6 @@
        <SkipDBSchemaCreation>true</SkipDBSchemaCreation>
    </JDBCPersistenceManager>

-    <TimeConfig>
-        <SessionIdleTimeout>120</SessionIdleTimeout><!-- Minutes -->
-        <RememberMeTimeout>20160</RememberMeTimeout><!-- Minutes -->
-        <PersistanceCleanUpTimeout>20160</PersistanceCleanUpTimeout><!-- Minutes -->
-        <PersistanceCleanUpPeriod>1140</PersistanceCleanUpPeriod><!-- Minutes -->
-    </TimeConfig>
-
    <!--
      Security configurations
    -->
@ -75,42 +68,10 @@
        </System>
    </Identity>

-    <OpenID>
-        <OpenIDServerUrl>https://localhost:9443/openidserver</OpenIDServerUrl>
-        <OpenIDUserPattern>https://localhost:9443/openid/</OpenIDUserPattern>
-        <!-- If the users must be prompted for approval -->
-        <OpenIDSkipUserConsent>false</OpenIDSkipUserConsent>
-        <!-- Expiry time of the OpenID RememberMe token in minutes -->
-        <OpenIDRememberMeExpiry>7200</OpenIDRememberMeExpiry>
-        <!-- Multifactor Authentication configuration -->
-        <UseMultifactorAuthentication>false</UseMultifactorAuthentication>
-        <!-- To enable or disable openid dumb mode -->
-        <DisableOpenIDDumbMode>false</DisableOpenIDDumbMode>
-        <!-- remember me session timeout in seconds -->
-        <SessionTimeout>36000</SessionTimeout>
-        <!-- skips authentication if valid SAML2 Web SSO browser session available -->
-        <AcceptSAMLSSOLogin>false</AcceptSAMLSSOLogin>
-        <ClaimsRetrieverImplClass>org.wso2.carbon.identity.provider.openid.claims.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
-    </OpenID>
-
    <OAuth>
-        <AppInfoCacheTimeout>-1</AppInfoCacheTimeout>
-        <AuthorizationGrantCacheTimeout>-1</AuthorizationGrantCacheTimeout>
-        <SessionDataCacheTimeout>-1</SessionDataCacheTimeout>
-        <ClaimCacheTimeout>-1</ClaimCacheTimeout>
        <RequestTokenUrl>https://localhost:9443/oauth/request-token</RequestTokenUrl>
        <AccessTokenUrl>https://localhost:9443/oauth/access-token</AccessTokenUrl>
        <AuthorizeUrl>https://localhost:9443/oauth/authorize-url</AuthorizeUrl>
-
-        <!--         Commented whilst adding ES Features -->
-        <!-- 
-<RequestTokenUrl>https://10.100.5.3:9443/oauth/request-token</RequestTokenUrl>
-        <AccessTokenUrl>https://10.100.5.3:9443/oauth/access-token</AccessTokenUrl>
-        <AuthorizeUrl>https://10.100.5.3:9443/oauth/authorize-url</AuthorizeUrl>
- -->
-
-
-
        <!-- Default validity period for Authorization Code in seconds -->
        <AuthorizationCodeDefaultValidityPeriod>300</AuthorizationCodeDefaultValidityPeriod>
        <!-- Default validity period for Access Token in seconds -->
@ -119,25 +80,27 @@
        <ApplicationAccessTokenDefaultValidityPeriod>3600</ApplicationAccessTokenDefaultValidityPeriod>
        <!-- Default validity period for User Access Token in seconds-->
        <UserAccessTokenDefaultValidityPeriod>3600</UserAccessTokenDefaultValidityPeriod>
-        <!-- Validity period for refresh token -->
-        <RefreshTokenValidityPeriod>84600</RefreshTokenValidityPeriod>
        <!-- Timestamp skew in seconds -->
        <TimestampSkew>300</TimestampSkew>
        <!-- Enable OAuth caching. This cache has the replication support. -->
        <EnableOAuthCache>true</EnableOAuthCache>
-        <!-- Enable renewal of refresh token for refresh_token grant -->
-        <RenewRefreshTokenForRefreshGrant>true</RenewRefreshTokenForRefreshGrant>
-        <!-- Process the token before storing it in database, e.g. encrypting -->
-        <TokenPersistenceProcessor>org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor</TokenPersistenceProcessor>
-        <!-- Supported Client Autnetication Methods -->
+        <!-- Configure the security measures needs to be done prior to store the token in the database,
+          such as hashing, encrypting, etc.-->
+        <TokenPersistenceProcessor>
+            org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor
+        </TokenPersistenceProcessor>
+        <!--<ClientAuthHandlers>
+            <ClientAuthHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler</ClientAuthHandlerImplClass>
+        </ClientAuthHandlers>-->
+
        <ClientAuthHandlers>
            <ClientAuthHandler Class="org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler">
                <Property Name="StrictClientCredentialValidation">false</Property>
            </ClientAuthHandler>
        </ClientAuthHandlers>
-	<!--TokenPersistenceProcessor>
-            org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor
-        </TokenPersistenceProcessor-->
+        <!--TokenPersistenceProcessor>
+                org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor
+            </TokenPersistenceProcessor-->
        <!-- Supported Response Types -->
        <SupportedResponseTypes>
            <SupportedResponseType>
@ -153,21 +116,26 @@
        <SupportedGrantTypes>
            <SupportedGrantType>
                <GrantTypeName>authorization_code</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationCodeGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.apimgt.keymgt.handlers.ExtendedAuthorizationCodeGrantHandler</GrantTypeHandlerImplClass>
            </SupportedGrantType>
            <SupportedGrantType>
                <GrantTypeName>password</GrantTypeName>
-                <!-- Was found in file whilst adding ES Features -->
-                <!--                 <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.PasswordGrantHandler</GrantTypeHandlerImplClass> -->
                <GrantTypeHandlerImplClass>org.wso2.carbon.apimgt.keymgt.handlers.ExtendedPasswordGrantHandler</GrantTypeHandlerImplClass>
            </SupportedGrantType>
+
+            <!-- This is commented out intentionally due to a bug-->
+            <!--<SupportedGrantType>
+                <GrantTypeName>application_token</GrantTypeName>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.apimgt.keymgt.handlers.OpenKeyManagerGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeValidatorImplClass>org.wso2.carbon.apimgt.keymgt.handlers.OpenKeyManagerGrantValidator</GrantTypeValidatorImplClass>
+            </SupportedGrantType>-->
            <SupportedGrantType>
                <GrantTypeName>refresh_token</GrantTypeName>
                <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.RefreshGrantHandler</GrantTypeHandlerImplClass>
            </SupportedGrantType>
            <SupportedGrantType>
                <GrantTypeName>client_credentials</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.ClientCredentialsGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.apimgt.keymgt.handlers.ExtendedClientCredentialsGrantHandler</GrantTypeHandlerImplClass>
            </SupportedGrantType>
            <SupportedGrantType>
                <GrantTypeName>urn:ietf:params:oauth:grant-type:saml2-bearer</GrantTypeName>
@ -181,9 +149,7 @@
        <OAuthCallbackHandlers>
            <OAuthCallbackHandler Class="org.wso2.carbon.apimgt.keymgt.util.APIManagerOAuthCallbackHandler"/>
        </OAuthCallbackHandlers>
-        <!--TokenValidators>
-            <TokenValidator type="bearer" class="org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2TokenValidator"/>
-        </TokenValidators-->
+        <OAuthScopeValidator class="org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator"/>

        <!-- Add custom user headers to the response-->
        <!--<RequiredRespHeaderClaimUris>
@ -194,48 +160,46 @@
        <!-- Enable/Disable OAuth Caching-->
        <!--<EnableCache>true</EnableCache>-->

-	<!-- Assertions can be used to embedd parameters into access token.-->
-	<EnableAssertions>
-		<UserName>false</UserName>
-	</EnableAssertions>
-
-	<!-- This should be set to true when using multiple user stores and keys should saved
-			into different tables according to the user store. By default all the application keys are saved in to the same table.
-			UserName Assertion should be 'true' to use this.-->
-	<EnableAccessTokenPartitioning>false</EnableAccessTokenPartitioning>
-
-	<!-- user store domain names and mappings to new table names.
-				eg: if you provide 'A:foo.com', foo.com should be the user store domain name and 'A' represent the relavant mapping of
-				token storing table, i.e. tokens relevant to the users comming from foo.com user store will be added to a table called
-				IDN_OAUTH2_ACCESS_TOKEN_A. -->
-	<AccessTokenPartitioningDomains><!-- A:foo.com, B:bar.com --></AccessTokenPartitioningDomains>
-
-	<AuthorizationContextTokenGeneration>
-		<Enabled>false</Enabled>
-		<TokenGeneratorImplClass>org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator</TokenGeneratorImplClass>
-		<ClaimsRetrieverImplClass>org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
-		<ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI>
-		<SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm>
-		<AuthorizationContextTTL>15</AuthorizationContextTTL>
-	</AuthorizationContextTokenGeneration>
+        <!-- Assertions can be used to embedd parameters into access token.-->
+        <EnableAssertions>
+            <UserName>false</UserName>
+        </EnableAssertions>
+
+        <!-- This should be set to true when using multiple user stores and keys should saved
+                into different tables according to the user store. By default all the application keys are saved in to the same table.
+                UserName Assertion should be 'true' to use this.-->
+        <EnableAccessTokenPartitioning>false</EnableAccessTokenPartitioning>
+
+        <!-- user store domain names and mappings to new table names.
+                    eg: if you provide 'A:foo.com', foo.com should be the user store domain name and 'A' represent the relavant mapping of
+                    token storing table, i.e. tokens relevant to the users comming from foo.com user store will be added to a table called
+                    IDN_OAUTH2_ACCESS_TOKEN_A. -->
+        <AccessTokenPartitioningDomains><!-- A:foo.com, B:bar.com --></AccessTokenPartitioningDomains>
+
+        <AuthorizationContextTokenGeneration>
+            <Enabled>false</Enabled>
+            <TokenGeneratorImplClass>org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator</TokenGeneratorImplClass>
+            <ClaimsRetrieverImplClass>org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
+            <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI>
+            <SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm>
+            <AuthorizationContextTTL>15</AuthorizationContextTTL>
+        </AuthorizationContextTokenGeneration>

        <SAML2Grant>
-        <!--SAML2TokenHandler></SAML2TokenHandler-->
-    </SAML2Grant>
-
-       <OpenIDConnect>
-            <IDTokenBuilder>org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder</IDTokenBuilder>
-            <IDTokenIssuerID>https://localhost:9443/oauth2endpoints/token</IDTokenIssuerID>
-            <IDTokenSubjectClaim>http://wso2.org/claims/givenname</IDTokenSubjectClaim>
-            <IDTokenCustomClaimsCallBackHandler>org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback</IDTokenCustomClaimsCallBackHandler>
-            <IDTokenExpiration>3600</IDTokenExpiration>
-            <UserInfoEndpointClaimDialect>http://wso2.org/claims</UserInfoEndpointClaimDialect>
-            <UserInfoEndpointClaimRetriever>org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoUserStoreClaimRetriever</UserInfoEndpointClaimRetriever>
-            <UserInfoEndpointRequestValidator>org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInforRequestDefaultValidator</UserInfoEndpointRequestValidator>
-            <UserInfoEndpointAccessTokenValidator>org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator</UserInfoEndpointAccessTokenValidator>
-            <UserInfoEndpointResponseBuilder>org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoJSONResponseBuilder</UserInfoEndpointResponseBuilder>
-            <SkipUserConsent>false</SkipUserConsent>
-        </OpenIDConnect>
+            <!--SAML2TokenHandler></SAML2TokenHandler-->
+        </SAML2Grant>
+
+        <!-- Primary/secondary login configuration for APIstore. If user likes to keep two login attributes in a distributed setup, to login the APIstore,
+        he should configure this section. Primary login doesn't have a claimUri associated with it. But secondary login, which is a claim attribute,
+        is associated with a claimuri.-->
+        <!-- <LoginConfig>
+                <UserIdLogin  primary="true">
+            <ClaimUri></ClaimUri>
+            </UserIdLogin>
+            <EmailLogin  primary="false">
+                <ClaimUri>http://wso2.org/claims/emailaddress</ClaimUri>
+            </EmailLogin>
+        </LoginConfig>-->
    </OAuth>

    <MultifactorAuthentication>
@ -252,28 +216,7 @@
    </MultifactorAuthentication>

    <SSOService>
-        <PersistanceCacheTimeout>157680000</PersistanceCacheTimeout>
-        <SessionIndexCacheTimeout>157680000</SessionIndexCacheTimeout>
-        <EntityId>localhost</EntityId>
        <IdentityProviderURL>https://localhost:9443/samlsso</IdentityProviderURL>
-        <SingleLogoutRetryCount>5</SingleLogoutRetryCount>
-        <SingleLogoutRetryInterval>60000</SingleLogoutRetryInterval> <!-- in milli seconds -->
-        <TenantPartitioningEnabled>false</TenantPartitioningEnabled>
-        <SessionTimeout>36000</SessionTimeout> <!-- remember me session timeout in seconds -->
-        <!-- skips authentication if valid SAML2 Web SSO browser session available -->
-        <AttributeStatementBuilder>org.wso2.carbon.identity.sso.saml.attributes.UserAttributeStatementBuilder</AttributeStatementBuilder>
-        <AttributesClaimDialect>http://wso2.org/claims</AttributesClaimDialect>
-        <AcceptOpenIDLogin>false</AcceptOpenIDLogin>
-        <ClaimsRetrieverImplClass>org.wso2.carbon.identity.sso.saml.builders.claims.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
-        <SAMLSSOAssertionBuilder>org.wso2.carbon.identity.sso.saml.builders.assertion.DefaultSAMLAssertionBuilder</SAMLSSOAssertionBuilder>
-        <SAMLSSOEncrypter>org.wso2.carbon.identity.sso.saml.builders.encryption.DefaultSSOEncrypter</SAMLSSOEncrypter>
-        <SAMLSSOSigner>org.wso2.carbon.identity.sso.saml.builders.signature.DefaultSSOSigner</SAMLSSOSigner>
-        <SAML2HTTPRedirectSignatureValidator>org.wso2.carbon.identity.sso.saml.validators.SAML2HTTPRedirectDeflateSignatureValidator</SAML2HTTPRedirectSignatureValidator>
-        <!--SAMLSSOResponseBuilder>org.wso2.carbon.identity.sso.saml.builders.DefaultResponseBuilder</SAMLSSOResponseBuilder-->
-
-        <!-- SAML Token validity period in minutes -->
-        <SAMLResponseValidityPeriod>5</SAMLResponseValidityPeriod>
-        <UseAuthenticatedUserDomainCrypto>false</UseAuthenticatedUserDomainCrypto>
    </SSOService>

    <EntitlementSettings>
@ -297,28 +240,9 @@
                <Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
                <Password>wso2carbon</Password>
            </KeyStore>
-            <!-- Enable this element to mention the host-name of your IS machine -->
-            <ThriftHostName>localhost</ThriftHostName>
        </ThirftBasedEntitlementConfig>
    </EntitlementSettings>

-    <SCIMAuthenticators>
-        <Authenticator class="org.wso2.carbon.identity.scim.provider.auth.BasicAuthHandler">
-            <Property name="Priority">5</Property>
-        </Authenticator>
-        <Authenticator class="org.wso2.carbon.identity.scim.provider.auth.OAuthHandler">
-            <Property name="Priority">10</Property>
-            <Property name="AuthorizationServer">local://services</Property>
-            <!--Property name="AuthorizationServer">https://localhost:9443/services</Property>
-            <Property name="UserName">admin</Property>
-            <Property name="Password">admin</Property-->
-        </Authenticator>
-    </SCIMAuthenticators>
-    <!--SessionContextCache>
-        <Enable>true</Enable>
-        <Capacity>100000</Capacity>
-    </SessionContextCache-->
-
    <!--To do OSGI invocations to OAuth2Service,when the entire server is in one JVM -->
    <SeparateBackEnd>false</SeparateBackEnd>
 </Server>
--- a/modules/distribution/src/repository/conf/identity/identity-providers/default.xml
+++ b/modules/distribution/src/repository/conf/identity/identity-providers/default.xml
@ -1,24 +0,0 @@
-<IdentityProvider>
-	<IdentityProviderName>default</IdentityProviderName>
-	<DisplayName>default</DisplayName>
-	<IdentityProviderDescription></IdentityProviderDescription>
-	<Alias></Alias>
-	<IsPrimary></IsPrimary>
-	<IsFederationHub></IsFederationHub>
-	<HomeRealmId></HomeRealmId>
-	<ProvisioningRole></ProvisioningRole>
-	<FederatedAuthenticatorConfigs></FederatedAuthenticatorConfigs>
-	<DefaultAuthenticatorConfig>
-	</DefaultAuthenticatorConfig>
-	<ProvisioningConnectorConfigs>
-		<ProvisioningConnectorConfig>
-			<ProvisioningProperties>
-			</ProvisioningProperties>
-		</ProvisioningConnectorConfig>
-	</ProvisioningConnectorConfigs>
-	<DefaultProvisioningConnectorConfig></DefaultProvisioningConnectorConfig>
-	<ClaimConfig></ClaimConfig>
-	<Certificate></Certificate>
-	<PermissionAndRoleConfig></PermissionAndRoleConfig>
-	<JustInTimeProvisioningConfig></JustInTimeProvisioningConfig>
-</IdentityProvider>
--- a/modules/distribution/src/repository/conf/identity/service-providers/default.xml
+++ b/modules/distribution/src/repository/conf/identity/service-providers/default.xml
@ -1,49 +0,0 @@
-<ServiceProvider>
-	<ApplicationID>1</ApplicationID>
-	<ApplicationName>default</ApplicationName>
-	<Description>Default Service Provider</Description>
-	<InboundAuthenticationConfig>
-		<InboundAuthenticationRequestConfigs>
-			<InboundAuthenticationRequestConfig>
-				<InboundAuthKey>default</InboundAuthKey>
-				<InboundAuthType></InboundAuthType>
-				<Properties></Properties>
-			</InboundAuthenticationRequestConfig>
-		</InboundAuthenticationRequestConfigs>
-	</InboundAuthenticationConfig>
-	<LocalAndOutBoundAuthenticationConfig>
-		<AuthenticationSteps>
-			<AuthenticationStep>
-				<StepOrder>1</StepOrder>
-				<LocalAuthenticatorConfigs>
-					<LocalAuthenticatorConfig>
-						<Name>BasicAuthenticator</Name>
-						<DisplayName>basicauth</DisplayName>
-						<IsEnabled>true</IsEnabled>
-					</LocalAuthenticatorConfig>
-				</LocalAuthenticatorConfigs>
-				<!-- FederatedIdentityProviders>
-				 <IdentityProvider>
-				       <IdentityProviderName>facebook</IdentityProviderName>
-				       <IsEnabled>true</IsEnabled>
-                                     <DefaultAuthenticatorConfig>
-                                             <FederatedAuthenticatorConfig> 
-                                                     <Name>FacebookAuthenticator</Name>
-                                                     <IsEnabled>true</IsEnabled>
-                                             </FederatedAuthenticatorConfig>
-                                     </DefaultAuthenticatorConfig>
-				 </IdentityProvider>
-				</FederatedIdentityProviders -->
-				<SubjectStep>true</SubjectStep>
-				<AttributeStep>true</AttributeStep>
-			</AuthenticationStep>
-		</AuthenticationSteps>	
-	</LocalAndOutBoundAuthenticationConfig>
-	<RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
-	<InboundProvisioningConfig></InboundProvisioningConfig>
-	<OutboundProvisioningConfig></OutboundProvisioningConfig>
-	<ClaimConfig>
-          <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
-       </ClaimConfig>
-	<PermissionAndRoleConfig></PermissionAndRoleConfig>
-</ServiceProvider>
--- a/modules/distribution/src/repository/conf/identity/service-providers/sp_cdm.xml
+++ b/modules/distribution/src/repository/conf/identity/service-providers/sp_cdm.xml
@ -1,49 +0,0 @@
-<ServiceProvider>
-	<ApplicationID>2</ApplicationID>
-	<ApplicationName>wso2_cdm</ApplicationName>
-	<Description>CDM</Description>
-	<InboundAuthenticationConfig>
-		<InboundAuthenticationRequestConfigs>
-			<InboundAuthenticationRequestConfig>
-				<InboundAuthKey>cdm</InboundAuthKey>
-				<InboundAuthType>samlsso</InboundAuthType>
-				<Properties></Properties>
-			</InboundAuthenticationRequestConfig>
-		</InboundAuthenticationRequestConfigs>
-	</InboundAuthenticationConfig>
-	<LocalAndOutBoundAuthenticationConfig>
-		<AuthenticationSteps>
-			<AuthenticationStep>
-				<StepOrder>1</StepOrder>
-				<LocalAuthenticatorConfigs>
-					<LocalAuthenticatorConfig>
-						<Name>BasicAuthenticator</Name>
-						<DisplayName>basicauth</DisplayName>
-						<IsEnabled>true</IsEnabled>
-					</LocalAuthenticatorConfig>
-				</LocalAuthenticatorConfigs>
-				<!-- FederatedIdentityProviders>
-				 <IdentityProvider>
-				       <IdentityProviderName>facebook</IdentityProviderName>
-				       <IsEnabled>true</IsEnabled>
-                                     <DefaultAuthenticatorConfig>
-                                             <FederatedAuthenticatorConfig> 
-                                                     <Name>FacebookAuthenticator</Name>
-                                                     <IsEnabled>true</IsEnabled>
-                                             </FederatedAuthenticatorConfig>
-                                     </DefaultAuthenticatorConfig>
-				 </IdentityProvider>
-				</FederatedIdentityProviders -->
-				<SubjectStep>true</SubjectStep>
-				<AttributeStep>true</AttributeStep>
-			</AuthenticationStep>
-		</AuthenticationSteps>	
-	</LocalAndOutBoundAuthenticationConfig>
-	<RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
-	<InboundProvisioningConfig></InboundProvisioningConfig>
-	<OutboundProvisioningConfig></OutboundProvisioningConfig>
-	<ClaimConfig>
-          <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
-       </ClaimConfig>
-	<PermissionAndRoleConfig></PermissionAndRoleConfig>
-</ServiceProvider>
--- a/modules/distribution/src/repository/conf/identity/service-providers/sp_dashboard.xml
+++ b/modules/distribution/src/repository/conf/identity/service-providers/sp_dashboard.xml
@ -1,49 +0,0 @@
-<ServiceProvider>
-	<ApplicationID>2</ApplicationID>
-	<ApplicationName>wso2_sp_dashboard</ApplicationName>
-	<Description>Default Service Provider</Description>
-	<InboundAuthenticationConfig>
-		<InboundAuthenticationRequestConfigs>
-			<InboundAuthenticationRequestConfig>
-				<InboundAuthKey>wso2.my.dashboard</InboundAuthKey>
-				<InboundAuthType>samlsso</InboundAuthType>
-				<Properties></Properties>
-			</InboundAuthenticationRequestConfig>
-		</InboundAuthenticationRequestConfigs>
-	</InboundAuthenticationConfig>
-	<LocalAndOutBoundAuthenticationConfig>
-		<AuthenticationSteps>
-			<AuthenticationStep>
-				<StepOrder>1</StepOrder>
-				<LocalAuthenticatorConfigs>
-					<LocalAuthenticatorConfig>
-						<Name>BasicAuthenticator</Name>
-						<DisplayName>basicauth</DisplayName>
-						<IsEnabled>true</IsEnabled>
-					</LocalAuthenticatorConfig>
-				</LocalAuthenticatorConfigs>
-				<!-- FederatedIdentityProviders>
-				 <IdentityProvider>
-				       <IdentityProviderName>facebook</IdentityProviderName>
-				       <IsEnabled>true</IsEnabled>
-                                     <DefaultAuthenticatorConfig>
-                                             <FederatedAuthenticatorConfig> 
-                                                     <Name>FacebookAuthenticator</Name>
-                                                     <IsEnabled>true</IsEnabled>
-                                             </FederatedAuthenticatorConfig>
-                                     </DefaultAuthenticatorConfig>
-				 </IdentityProvider>
-				</FederatedIdentityProviders -->
-				<SubjectStep>true</SubjectStep>
-				<AttributeStep>true</AttributeStep>
-			</AuthenticationStep>
-		</AuthenticationSteps>	
-	</LocalAndOutBoundAuthenticationConfig>
-	<RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
-	<InboundProvisioningConfig></InboundProvisioningConfig>
-	<OutboundProvisioningConfig></OutboundProvisioningConfig>
-	<ClaimConfig>
-          <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
-       </ClaimConfig>
-	<PermissionAndRoleConfig></PermissionAndRoleConfig>
-</ServiceProvider>
--- a/modules/distribution/src/repository/conf/identity/service-providers/sp_mdm.xml
+++ b/modules/distribution/src/repository/conf/identity/service-providers/sp_mdm.xml
@ -1,49 +0,0 @@
-<ServiceProvider>
-	<ApplicationID>2</ApplicationID>
-	<ApplicationName>wso2_mdm</ApplicationName>
-	<Description>MDM</Description>
-	<InboundAuthenticationConfig>
-		<InboundAuthenticationRequestConfigs>
-			<InboundAuthenticationRequestConfig>
-				<InboundAuthKey>mdm</InboundAuthKey>
-				<InboundAuthType>samlsso</InboundAuthType>
-				<Properties></Properties>
-			</InboundAuthenticationRequestConfig>
-		</InboundAuthenticationRequestConfigs>
-	</InboundAuthenticationConfig>
-	<LocalAndOutBoundAuthenticationConfig>
-		<AuthenticationSteps>
-			<AuthenticationStep>
-				<StepOrder>1</StepOrder>
-				<LocalAuthenticatorConfigs>
-					<LocalAuthenticatorConfig>
-						<Name>BasicAuthenticator</Name>
-						<DisplayName>basicauth</DisplayName>
-						<IsEnabled>true</IsEnabled>
-					</LocalAuthenticatorConfig>
-				</LocalAuthenticatorConfigs>
-				<!-- FederatedIdentityProviders>
-				 <IdentityProvider>
-				       <IdentityProviderName>facebook</IdentityProviderName>
-				       <IsEnabled>true</IsEnabled>
-                                     <DefaultAuthenticatorConfig>
-                                             <FederatedAuthenticatorConfig> 
-                                                     <Name>FacebookAuthenticator</Name>
-                                                     <IsEnabled>true</IsEnabled>
-                                             </FederatedAuthenticatorConfig>
-                                     </DefaultAuthenticatorConfig>
-				 </IdentityProvider>
-				</FederatedIdentityProviders -->
-				<SubjectStep>true</SubjectStep>
-				<AttributeStep>true</AttributeStep>
-			</AuthenticationStep>
-		</AuthenticationSteps>	
-	</LocalAndOutBoundAuthenticationConfig>
-	<RequestPathAuthenticatorConfigs></RequestPathAuthenticatorConfigs>
-	<InboundProvisioningConfig></InboundProvisioningConfig>
-	<OutboundProvisioningConfig></OutboundProvisioningConfig>
-	<ClaimConfig>
-          <AlwaysSendMappedLocalSubjectId>true</AlwaysSendMappedLocalSubjectId>
-       </ClaimConfig>
-	<PermissionAndRoleConfig></PermissionAndRoleConfig>
-</ServiceProvider>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/api/_AuthorizeAPI_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/api/_AuthorizeAPI_.xml
@ -0,0 +1,24 @@
+<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMAuthorizeAPI_" context="/authorize">
+    <resource methods="GET" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                    <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/authorize">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/api/_RevokeAPI_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/api/_RevokeAPI_.xml
@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?><api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMRevokeAPI_" context="/revoke">
+    <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                    <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/revoke">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <!--handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler"/-->
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/api/_TokenAPI_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/api/_TokenAPI_.xml
@ -0,0 +1,25 @@
+<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMTokenAPI_" context="/token">
+    <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                     <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler"/>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/proxy-services/WorkflowCallbackService.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/proxy-services/WorkflowCallbackService.xml
@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<proxy xmlns="http://ws.apache.org/ns/synapse"
+       name="WorkflowCallbackService"
+       transports="https http"
+       startOnLoad="true"
+       trace="disable">
+   <description/>
+   <target>
+      <inSequence>
+         <property name="messageType"
+                   value="application/x-www-form-urlencoded"
+                   scope="axis2"
+                   type="STRING"/>
+         <send>
+            <endpoint>
+               <address uri="https://localhost:9443/store/site/blocks/workflow/workflow-listener/ajax/workflow-listener.jag"
+                        format="rest"/>
+            </endpoint>
+         </send>
+      </inSequence>
+      <outSequence>
+         <property name="messageType" value="text/xml" scope="axis2" type="STRING"/>
+         <send/>
+      </outSequence>
+   </target>
+   <publishWSDL>
+<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+                        xmlns:ns1="http://org.apache.axis2/xsd"
+                        xmlns:ns="http://callback.workflow.apimgt.carbon.wso2.org"
+                        xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
+                        xmlns:http="http://schemas.xmlsoap.org/wsdl/http/"
+                        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                        xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/"
+                        xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+                        xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
+                        targetNamespace="http://callback.workflow.apimgt.carbon.wso2.org">
+         <wsdl:documentation>WorkflowCallbackService</wsdl:documentation>
+         <wsdl:types>
+            <xs:schema attributeFormDefault="qualified"
+                       elementFormDefault="qualified"
+                       targetNamespace="http://callback.workflow.apimgt.carbon.wso2.org">
+               <xs:element name="resumeEvent">
+                  <xs:complexType>
+                     <xs:sequence>
+                        <xs:element minOccurs="0"
+                                    name="workflowReference"
+                                    nillable="true"
+                                    type="xs:string"/>
+                        <xs:element minOccurs="0" name="status" nillable="true" type="xs:string"/>
+                        <xs:element minOccurs="0"
+                                    name="description"
+                                    nillable="true"
+                                    type="xs:string"/>
+                     </xs:sequence>
+                  </xs:complexType>
+               </xs:element>
+               <xs:element name="resumeEventResponse">
+                  <xs:complexType>
+                     <xs:sequence>
+                        <xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/>
+                     </xs:sequence>
+                  </xs:complexType>
+               </xs:element>
+            </xs:schema>
+         </wsdl:types>
+         <wsdl:message name="resumeEventRequest">
+            <wsdl:part name="parameters" element="ns:resumeEvent"/>
+         </wsdl:message>
+         <wsdl:message name="resumeEventResponse">
+            <wsdl:part name="parameters" element="ns:resumeEventResponse"/>
+         </wsdl:message>
+         <wsdl:portType name="WorkflowCallbackServicePortType">
+            <wsdl:operation name="resumeEvent">
+               <wsdl:input message="ns:resumeEventRequest" wsaw:Action="urn:resumeEvent"/>
+               <wsdl:output message="ns:resumeEventResponse" wsaw:Action="urn:resumeEventResponse"/>
+            </wsdl:operation>
+         </wsdl:portType>
+         <wsdl:binding name="WorkflowCallbackServiceSoap11Binding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+            <wsdl:operation name="resumeEvent">
+               <soap:operation soapAction="urn:resumeEvent" style="document"/>
+               <wsdl:input>
+                  <soap:body use="literal"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <soap:body use="literal"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:binding name="WorkflowCallbackServiceSoap12Binding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+            <wsdl:operation name="resumeEvent">
+               <soap12:operation soapAction="urn:resumeEvent" style="document"/>
+               <wsdl:input>
+                  <soap12:body use="literal"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <soap12:body use="literal"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:binding name="WorkflowCallbackServiceHttpBinding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <http:binding verb="POST"/>
+            <wsdl:operation name="resumeEvent">
+               <http:operation location="resumeEvent"/>
+               <wsdl:input>
+                  <mime:content type="text/xml" part="parameters"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <mime:content type="text/xml" part="parameters"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:service name="WorkflowCallbackService">
+            <wsdl:port name="WorkflowCallbackServiceHttpsSoap11Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap11Binding">
+               <soap:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsSoap11Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpSoap11Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap11Binding">
+               <soap:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpSoap11Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpsSoap12Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap12Binding">
+               <soap12:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsSoap12Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpSoap12Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap12Binding">
+               <soap12:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpSoap12Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpsEndpoint"
+                       binding="ns:WorkflowCallbackServiceHttpBinding">
+               <http:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsEndpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpEndpoint"
+                       binding="ns:WorkflowCallbackServiceHttpBinding">
+               <http:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpEndpoint/"/>
+            </wsdl:port>
+         </wsdl:service>
+      </wsdl:definitions>
+   </publishWSDL>
+</proxy>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/registry.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/registry.xml
@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- Registry declaration of the WSO2 ESB -->
+<registry xmlns="http://ws.apache.org/ns/synapse" provider="org.wso2.carbon.mediation.registry.WSO2Registry">
+    <!--all resources loaded from the URL registry would be
+    cached for this number of milliseconds -->
+    <parameter name="cachableDuration">15000</parameter>
+</registry>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_auth_failure_handler_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_auth_failure_handler_.xml
@ -0,0 +1,4 @@
+<sequence name="_auth_failure_handler_" xmlns="http://ws.apache.org/ns/synapse">
+    <property name="error_message_type" value="application/xml"/>
+    <sequence key="_cors_request_handler_"/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_build_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_build_.xml
@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_build_">
+    <builder>
+        <messageBuilder contentType="application/json" class="org.apache.axis2.json.JSONBuilder"
+                        formatterClass="org.apache.axis2.json.JSONMessageFormatter"/>
+        <messageBuilder contentType="application/xml" class="org.apache.axis2.builder.ApplicationXMLBuilder"
+                        formatterClass="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
+    </builder>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_cors_request_handler_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_cors_request_handler_.xml
@ -0,0 +1,21 @@
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_cors_request_handler_">
+   <filter source="$ctx:CORSConfiguration.Enabled" regex="true">
+      <then>
+         <filter source="boolean($trp:Access-Control-Allow-Origin)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Origin" expression="$ctx:Access-Control-Allow-Origin"  scope="transport" type="STRING"/>
+            </then>
+         </filter>
+         <filter source="boolean($trp:Access-Control-Allow-Methods)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Methods" expression="$ctx:Access-Control-Allow-Methods" scope="transport" type="STRING"/>
+            </then>
+         </filter>
+         <filter source="boolean($trp:Access-Control-Allow-Headers)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Headers" expression="$ctx:Access-Control-Allow-Headers" scope="transport" type="STRING"/>
+            </then>
+         </filter>
+      </then>
+   </filter>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_production_key_error_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_production_key_error_.xml
@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_production_key_error_">
+    <property name="ERROR_CODE" value="900901"/>
+    <property name="ERROR_MESSAGE" value="Production key offered to the API with no production endpoint"/>
+    <property name="CUSTOM_HTTP_SC" value="403"/>
+    <sequence key="fault"/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_resource_mismatch_handler_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_resource_mismatch_handler_.xml
@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_resource_mismatch_handler_">
+    <property name="ERROR_CODE" value="403"/>
+    <property name="ERROR_MESSAGE" value="No matching resource found in the API for the given request"/>
+    <property name="CUSTOM_HTTP_SC" value="403"/>
+    <sequence key="fault"/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_sandbox_key_error_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_sandbox_key_error_.xml
@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_sandbox_key_error_">
+    <property name="ERROR_CODE" value="900901"/>
+    <property name="ERROR_MESSAGE" value="Sandbox key offered to the API with no sandbox endpoint"/>
+    <property name="CUSTOM_HTTP_SC" value="403"/>
+    <sequence key="fault"/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_throttle_out_handler_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_throttle_out_handler_.xml
@ -0,0 +1,5 @@
+<sequence name="_throttle_out_handler_" xmlns="http://ws.apache.org/ns/synapse">    
+    <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+    <class name="org.wso2.carbon.apimgt.usage.publisher.APIMgtThrottleUsageHandler"/>
+    <sequence key="_cors_request_handler_"/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_token_fault_.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/_token_fault_.xml
@ -0,0 +1,40 @@
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_token_fault_">
+    <log level="custom">
+        <property name="STATUS" value="Executing token 'fault' sequence"/>
+        <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+        <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+    </log>
+    <payloadFactory>
+        <format>
+            <am:fault xmlns:am="http://wso2.org/apimanager">
+                <am:code>$1</am:code>
+                <am:type>Status report</am:type>
+                <am:message>Runtime Error</am:message>
+                <am:description>$2</am:description>
+            </am:fault>
+        </format>
+        <args>
+            <arg expression="$ctx:ERROR_CODE"/>
+            <arg expression="$ctx:ERROR_MESSAGE"/>
+        </args>
+    </payloadFactory>
+    <filter xpath="$ctx:CUSTOM_HTTP_SC">
+        <then>
+            <property name="HTTP_SC" expression="$ctx:CUSTOM_HTTP_SC" scope="axis2"/>
+        </then>
+        <else>
+            <property name="HTTP_SC" value="500" scope="axis2"/>
+        </else>
+    </filter>
+    <property name="RESPONSE" value="true"/>
+    <header name="To" action="remove"/>
+    <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+    <property name="ContentType" scope="axis2" action="remove"/>
+    <property name="Authorization" scope="transport" action="remove"/>
+    <property name="Host" scope="transport" action="remove"/>
+    <property name="Accept" scope="transport" action="remove"/>
+    <property name="messageType" value="application/xml" scope="axis2"/>
+    <sequence key="_cors_request_handler_"/>
+    <send/>
+    <drop/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/fault.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/fault.xml
@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="fault">
+    <log level="custom">
+        <property name="STATUS" value="Executing default 'fault' sequence"/>
+        <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+        <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+    </log>
+    <filter source="get-property('MESSAGE_FORMAT')" regex="soap1[1-2]">
+        <then>
+            <property name="SOAP_FAULT_CODE" value="Server"/>
+            <makefault>
+                <code expression="$ctx:SOAP_FAULT_CODE"/>
+                <reason expression="$ctx:ERROR_MESSAGE"/>
+            </makefault>
+        </then>
+        <else>
+            <payloadFactory>
+                <format>
+                    <am:fault xmlns:am="http://wso2.org/apimanager">
+                        <am:code>$1</am:code>
+                        <am:type>Status report</am:type>
+                        <am:message>Runtime Error</am:message>
+                        <am:description>$2</am:description>
+                    </am:fault>
+                </format>
+                <args>
+                    <arg expression="$ctx:ERROR_CODE"/>
+                    <arg expression="$ctx:ERROR_MESSAGE"/>
+                </args>
+            </payloadFactory>
+            <filter source="$axis2:HTTP_METHOD" regex="^(?!.*(POST|PUT)).*$">
+                <property name="messageType" value="application/xml" scope="axis2"/>
+            </filter>
+        </else>
+    </filter>
+    <filter xpath="$ctx:CUSTOM_HTTP_SC">
+        <then>
+            <property name="HTTP_SC" expression="$ctx:CUSTOM_HTTP_SC" scope="axis2"/>
+        </then>
+        <else>
+            <property name="HTTP_SC" value="500" scope="axis2"/>
+        </else>
+    </filter>
+    <class name="org.wso2.carbon.apimgt.usage.publisher.APIMgtFaultHandler"/>
+    <property name="RESPONSE" value="true"/>
+    <header name="To" action="remove"/>
+    <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+    <property name="ContentType" scope="axis2" action="remove"/>
+    <property name="Authorization" scope="transport" action="remove"/>
+    <property name="Host" scope="transport" action="remove"/>
+    <property name="Accept" scope="transport" action="remove"/>
+    <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+    <sequence key="_cors_request_handler_"/>
+    <send/>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/sequences/main.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/sequences/main.xml
@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- Default main sequence shipped with the WSO2 ESB -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="main">
+    <description>The default main sequence for API manager - Returns 404 Not Found</description>
+    <in>
+        <log level="custom">
+            <property name="STATUS" value="Message dispatched to the main sequence. Invalid URL."/>
+            <property name="RESOURCE" expression="fn:concat('/', $axis2:REST_URL_POSTFIX)"/>
+        </log>        
+        <filter source="$ctx:TRANSPORT_DENIED" regex="true">
+            <payloadFactory>
+                <format>
+                    <am:fault xmlns:am="http://wso2.org/apimanager">
+                        <am:code>403</am:code>
+                        <am:type>Status report</am:type>
+                        <am:message>Forbidden</am:message>
+                        <am:description>Unsupported Transport [ $2 ]. The requested resource (/$1) is not available.</am:description>
+                    </am:fault>
+                </format>
+                <args>
+                    <arg expression="$axis2:REST_URL_POSTFIX"/>
+                    <arg expression="$ctx:IN_TRANSPORT"/>
+                </args>
+            </payloadFactory>
+            <property name="HTTP_SC" value="403" scope="axis2"/>
+            <property name="RESPONSE" value="true"/>
+            <header name="To" action="remove"/>
+            <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+            <property name="ContentType" scope="axis2" action="remove"/>
+            <property name="Authorization" scope="transport" action="remove"/>
+            <property name="Host" scope="transport" action="remove"/>
+            <property name="Accept" scope="transport" action="remove"/>
+            <send/>
+        </filter>
+        <filter source="get-property('MESSAGE_FORMAT')" regex="soap1[1-2]">
+            <then>
+                <property name="SOAP_FAULT_CODE" value="Server"/>
+                <makefault>
+                    <code expression="$ctx:SOAP_FAULT_CODE"/>
+                    <reason value="The requested endpoint is not available."/>
+                </makefault>
+            </then>
+            <else>
+                <payloadFactory>
+                    <format>
+                        <am:fault xmlns:am="http://wso2.org/apimanager">
+                            <am:code>404</am:code>
+                            <am:type>Status report</am:type>
+                            <am:message>Not Found</am:message>
+                            <am:description>The requested resource (/$1) is not available.</am:description>
+                        </am:fault>
+                    </format>
+                    <args>
+                        <arg expression="$axis2:REST_URL_POSTFIX"/>
+                    </args>
+                </payloadFactory>
+            </else>
+        </filter>
+        <filter source="$axis2:HTTP_METHOD" regex="^(?!.*(POST|PUT)).*$">
+            <property name="messageType" value="application/xml" scope="axis2"/>
+        </filter>
+        <property name="HTTP_SC" value="404" scope="axis2"/>
+        <property name="RESPONSE" value="true"/>
+        <header name="To" action="remove"/>
+        <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+        <property name="ContentType" scope="axis2" action="remove"/>
+        <property name="Authorization" scope="transport" action="remove"/>
+        <property name="Host" scope="transport" action="remove"/>
+        <property name="Accept" scope="transport" action="remove"/>
+        <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+        <send/>
+        <drop/>
+    </in>
+    <out>
+        <log level="full">
+            <property name="STATUS" value="Unexpected response message in out flow"/>
+        </log>
+        <drop/>
+    </out>
+</sequence>
--- a/modules/distribution/src/repository/conf/synapse-configs/default/synapse.xml
+++ b/modules/distribution/src/repository/conf/synapse-configs/default/synapse.xml
@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- An empty flat synapse configuration shipped with the WSO2 ESB -->
+<definitions xmlns="http://ws.apache.org/ns/synapse">
+
+    <!-- You can add any flat sequences, endpoints, etc.. to this synapse.xml file if you do
+    *not* want to keep the artifacts in several files -->
+</definitions>
--- a/modules/distribution/src/repository/conf/synapse.properties
+++ b/modules/distribution/src/repository/conf/synapse.properties
@ -0,0 +1,42 @@
+#
+#  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+
+#synapse.threads.core = 20
+#synapse.threads.max = 100
+#synapse.threads.keepalive = 5
+#synapse.threads.qlen = 10
+#synapse.threads.group = synapse-thread-group
+#synapse.threads.idprefix = SynapseWorker
+
+synapse.sal.endpoints.sesssion.timeout.default=600000
+synapse.global_timeout_interval=120000
+#In memory statistics cleaning state
+statistics.clean.enable=false
+
+# Dependency tracking Synapse observer
+# Comment out to disable dependency management
+synapse.observers=org.wso2.carbon.mediation.dependency.mgt.DependencyTracker
+
+# User defined wsdlLocator/Schema Resolver Implementations.
+# synapse.wsdl.resolver=org.wso2.carbon.mediation.initializer.RegistryWSDLLocator
+# synapse.schema.resolver=org.wso2.carbon.mediation.initializer.RegistryXmlSchemaURIResolver
+
+# Uncomment following to support fallback XPATH 2.0 support with DOM and Saxon
+#synapse.xpath.dom.failover.enabled=true
+synapse.temp_data.chunk.size=3072
+#provides custom xpath function for securevault
+synapse.xpath.func.extensions=org.wso2.carbon.mediation.security.vault.xpath.SecureVaultLookupXPathFunctionProvider
+synapse.carbon.ext.tenant.info=org.wso2.carbon.mediation.initializer.handler.CarbonTenantInfoConfigurator
--- a/modules/distribution/src/repository/conf/tomcat/context.xml
+++ b/modules/distribution/src/repository/conf/tomcat/context.xml
@ -17,7 +17,7 @@
 -->
 <!-- The contents of this file will be loaded for each web application -->
 <Context crossContext="true">
-	
+


    <!-- Default set of monitored resources -->
@ -34,17 +34,40 @@
    <!--
    <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
    -->
-
    <!-- APIPublisherLifecycleListener listens to webapp deployment events and publish JAX-RS services packaged into each of the aforesaid
-         web applications that are configured to be made available as 'Managed APIs'. Given below are the parameters that need to be congigured
+         web applications that are configured to be made available as 'Managed APIs'. Given below are the parameters that need to be congigured 
         in the form of 'context-param's in web.xml of each applicable web application.
-
+         
         'managed-api-enabled'    - Indicates that the web application being processed needs to be published as a 'Managed API'.
-         'managed-api-context'    - Context of the 'Managed API'.
-         'managed-api-version'    - Version of the 'Managed API'.
-         'managed-api-owner'      - Owner of the 'Managed API'.
-         'managed-api-isSecured'  - Indicates if the 'Managed API' needs to be exposed over a secured channel.
-         'managed-api-transports' - Transports through which the 'Managed API' is exposed.
+ 	 'managed-api-context'    - Context of the 'Managed API'.
+	 'managed-api-version'    - Version of the 'Managed API'.
+	 'managed-api-owner'      - Owner of the 'Managed API'.
+	 'managed-api-isSecured'  - Indicates if the 'Managed API' needs to be exposed over a secured channel.
+	 'managed-api-transports' - Transports through which the 'Managed API' is exposed.
     -->
    <Listener className="org.wso2.carbon.apimgt.webapp.publisher.lifecycle.listener.APIPublisherLifecycleListener"/>
-</Context>
+
+    <!-- WebAppDeploymentLifecycleListener listens to webapp deployment events and adds the custom permissions defined in webapps'
+        META-INF/permissions.xml to the permissions/admin section of registry. Given below is a sample of permissions.xml file.
+
+    <PermissionConfiguration>
+            <Permission>
+                <name>Device Management</name>
+                <path>/device-mgt</path>
+            </Permission>
+            <Permission>
+                <name>Administrator</name>
+                <path>/device-mgt/admin</path>
+            </Permission>
+            <Permission>
+                <name>Dashboard</name>
+                <path>/device-mgt/admin/dashboard</path>
+            </Permission>
+            <Permission>
+                <name>Lock</name>
+                <path>/device-mgt/admin/operation/lock</path>
+            </Permission>
+    </PermissionConfiguration>
+     -->
+    <Listener className="org.wso2.carbon.device.mgt.core.config.permission.lifecycle.WebAppDeploymentLifecycleListener"/>
+</Context>
--- a/modules/distribution/src/statistics/IOT_Sensor_Analytics.car
+++ b/modules/distribution/src/statistics/IOT_Sensor_Analytics.car
--- a/modules/distribution/src/statistics/bamtoolbox/IOT_Sensor_Analytics.tbox
+++ b/modules/distribution/src/statistics/bamtoolbox/IOT_Sensor_Analytics.tbox
--- a/modules/distribution/src/statistics/carbonapps/Temperature_Sensor.car
+++ b/modules/distribution/src/statistics/carbonapps/Temperature_Sensor.car
--- a/modules/feature/org.wso2.carbon.device.mgt.iot.util.feature/pom.xml
+++ b/modules/feature/org.wso2.carbon.device.mgt.iot.util.feature/pom.xml
@ -0,0 +1,144 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+~
+~ WSO2 Inc. licenses this file to you under the Apache License,
+~ Version 2.0 (the "License"); you may not use this file except
+~ in compliance with the License.
+~ You may obtain a copy of the License at
+~
+~    http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied.  See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <parent>
+        <groupId>org.wso2.iot</groupId>
+        <artifactId>wso2iot-parent</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>org.wso2.carbon.device.mgt.iot.util.feature</artifactId>
+    <version>1.0.0-SNAPSHOT</version>
+    <packaging>pom</packaging>
+    <name>WSO2 IoT Server - Util Featue</name>
+    <description>WSO2 IoT Server Util Feature</description>
+
+    <dependencies>
+
+        <dependency>
+            <groupId>org.wso2.carbon.device.mgt.iot</groupId>
+            <artifactId>org.wso2.carbon.device.mgt.iot.common</artifactId>
+        </dependency>
+
+
+        <dependency>
+            <groupId>org.wso2.carbon.device.mgt.iot</groupId>
+            <artifactId>org.wso2.carbon.device.mgt.iot.common.api</artifactId>
+            <type>war</type>
+        </dependency>
+
+        <dependency>
+            <groupId>org.json.wso2</groupId>
+            <artifactId>json</artifactId>
+        </dependency>
+
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-resources-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copy-resources</id>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>src/main/resources</outputDirectory>
+                            <resources>
+                                <resource>
+                                    <directory>resources</directory>
+                                    <includes>
+                                        <include>build.properties</include>
+                                        <include>p2.inf</include>
+                                    </includes>
+                                </resource>
+                            </resources>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copy</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>copy</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>org.wso2.carbon.device.mgt.iot</groupId>
+                                    <artifactId>org.wso2.carbon.device.mgt.iot.common.api</artifactId>
+                                    <type>war</type>
+                                    <overWrite>true</overWrite>
+                                    <outputDirectory>${basedir}/src/main/resources/webapps/</outputDirectory>
+                                    <destFileName>common.war</destFileName>
+                                </artifactItem>
+                            </artifactItems>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.wso2.maven</groupId>
+                <artifactId>carbon-p2-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>p2-feature-generation</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>p2-feature-gen</goal>
+                        </goals>
+                        <configuration>
+                            <id>org.wso2.carbon.device.mgt.iot</id>
+                            <propertiesFile>../../../features/etc/feature.properties</propertiesFile>
+                            <adviceFile>
+                                <properties>
+                                    <propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
+                                    <propertyDef>org.eclipse.equinox.p2.type.group:false</propertyDef>
+                                </properties>
+                            </adviceFile>
+                            <bundles>
+                                <bundleDef>
+                                    org.wso2.carbon.device.mgt.iot:org.wso2.carbon.device.mgt.iot.common:${carbon.iot.device.mgt.version}
+                                </bundleDef>
+                                <bundleDef>
+                                    org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.common:${carbon.device.mgt.version}
+                                </bundleDef>
+                                <bundleDef>
+                                    org.json.wso2:json:${commons-json.version}
+                                </bundleDef>
+                            </bundles>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
--- a/modules/p2-profile-gen/pom.xml
+++ b/modules/p2-profile-gen/pom.xml
--- a/modules/samples/android_sense/src/org.wso2.carbon.device.mgt.iot.sample.android.sense.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/android/sense/plugin/impl/AndroidSenseManagerService.java
+++ b/modules/samples/android_sense/src/org.wso2.carbon.device.mgt.iot.sample.android.sense.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/android/sense/plugin/impl/AndroidSenseManagerService.java
@ -19,6 +19,21 @@ public class AndroidSenseManagerService implements DeviceManagementService {
 		return AndroidSenseConstants.DEVICE_TYPE;
 	}

+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public void init() throws DeviceManagementException {
 		deviceManager=new AndroidSenseManager();
--- a/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/arduino/plugin/impl/ArduinoManagerService.java
+++ b/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/arduino/plugin/impl/ArduinoManagerService.java
@ -20,6 +20,21 @@ public class ArduinoManagerService implements DeviceManagementService {
 		return ArduinoConstants.DEVICE_TYPE;
 	}

+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public void init() throws DeviceManagementException {
 		deviceManager=new ArduinoManager();
--- a/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/pom.xml
+++ b/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/pom.xml
@ -17,6 +17,12 @@
  <name>WSO2 Carbon - IoT Server API - Arduino API</name>

  <dependencies>
+    <dependency>
+      <groupId>org.wso2.carbon</groupId>
+      <artifactId>org.wso2.carbon.utils</artifactId>
+      <scope>provided</scope>
+    </dependency>
+
    <!-- CDM -->
    <dependency>
      <groupId>org.wso2.carbon.devicemgt</groupId>
@ -78,6 +84,10 @@
      <groupId>javax.ws.rs</groupId>
      <artifactId>jsr311-api</artifactId>
    </dependency>
+    <dependency>
+      <groupId>org.wso2.carbon.devicemgt</groupId>
+      <artifactId>org.wso2.carbon.device.mgt.analytics</artifactId>
+    </dependency>

  </dependencies>

--- a/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/arduino/service/impl/ArduinoControllerService.java
+++ b/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/arduino/service/impl/ArduinoControllerService.java
@ -19,6 +19,9 @@ package org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.device.mgt.analytics.exception.DataPublisherConfigurationException;
+import org.wso2.carbon.device.mgt.analytics.service.DeviceAnalyticsService;
 import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 import org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl.util.DeviceJSON;
 import org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl.util.MqttArduinoSubscriber;
@ -166,4 +169,29 @@ public class ArduinoControllerService {

 		}
 	}
+
+	@Path("/test/{value}")
+	@POST
+	public void pushtData(@PathParam("value") double value, @Context HttpServletResponse
+			response) {
+
+
+		PrivilegedCarbonContext.startTenantFlow();
+		PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+		ctx.setTenantDomain("carbon.super", true);
+		DeviceAnalyticsService deviceAnalyticsService = (DeviceAnalyticsService) ctx
+				.getOSGiService(
+						DeviceAnalyticsService.class, null);
+		Object metdaData[] = {"ayyoob", "firealarm", "123", System.currentTimeMillis()};
+		Object payloadData[] = {value};
+		try {
+			deviceAnalyticsService.publishEvent("org.wso2.iot.devices.temperature", "1.0.0",
+												metdaData, new Object[0], payloadData);
+		} catch (DataPublisherConfigurationException e) {
+			response.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
+
+		} finally {
+			PrivilegedCarbonContext.endTenantFlow();
+		}
+	}
 }
--- a/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/src/main/webapp/WEB-INF/web.xml
+++ b/modules/samples/arduino/src/org.wso2.carbon.device.mgt.iot.sample.arduino.service.impl/src/main/webapp/WEB-INF/web.xml
@ -4,8 +4,8 @@
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         metadata-complete="true">
-	<display-name>DigitalDisplay </display-name>
-	<description>DigitalDisplay</description>
+	<display-name>Arduino</display-name>
+	<description>Arduino</description>

 	<servlet>
 		<servlet-name>CXFServlet</servlet-name>
--- a/modules/samples/digital_display/src/org.wso2.carbon.device.mgt.iot.sample.digitaldisplay.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/digitaldisplay/plugin/impl/DigitalDisplayManagerService.java
+++ b/modules/samples/digital_display/src/org.wso2.carbon.device.mgt.iot.sample.digitaldisplay.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/digitaldisplay/plugin/impl/DigitalDisplayManagerService.java
@ -19,6 +19,21 @@ public class DigitalDisplayManagerService implements DeviceManagementService{
 		return DigitalDisplayConstants.DEVICE_TYPE;
 	}

+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public void init() throws DeviceManagementException {
 		deviceManager= new DigitalDisplayManager();
--- a/modules/samples/firealarm/src/org.wso2.carbon.device.mgt.iot.sample.firealarm.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/firealarm/plugin/impl/FireAlarmManagerService.java
+++ b/modules/samples/firealarm/src/org.wso2.carbon.device.mgt.iot.sample.firealarm.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/firealarm/plugin/impl/FireAlarmManagerService.java
@ -19,6 +19,22 @@ public class FireAlarmManagerService implements DeviceManagementService{
 		return FireAlarmConstants.DEVICE_TYPE;
 	}

+
+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public void init() throws DeviceManagementException {
 		this.deviceManager=new FireAlarmManager();
--- a/modules/samples/pom.xml
+++ b/modules/samples/pom.xml
@ -89,6 +89,12 @@
                <version>${carbon.device.mgt.version}</version>
                <scope>provided</scope>
            </dependency>
+            <dependency>
+                <groupId>org.wso2.carbon.devicemgt</groupId>
+                <artifactId>org.wso2.carbon.device.mgt.analytics</artifactId>
+                <version>${carbon.device.mgt.version}</version>
+                <scope>provided</scope>
+            </dependency>

            <!--IOT dependencies-->

--- a/modules/samples/raspberrypi/src/org.wso2.carbon.device.mgt.iot.sample.raspberrypi.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/raspberrypi/plugin/impl/RaspberrypiManagerService.java
+++ b/modules/samples/raspberrypi/src/org.wso2.carbon.device.mgt.iot.sample.raspberrypi.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/raspberrypi/plugin/impl/RaspberrypiManagerService.java
@ -21,6 +21,21 @@ public class RaspberrypiManagerService implements DeviceManagementService {
 		return RaspberrypiConstants.DEVICE_TYPE;
 	}

+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public void init() throws DeviceManagementException {
 		deviceManager = new RaspberrypiManager();
--- a/modules/samples/sensebot/src/org.wso2.carbon.device.mgt.iot.sample.sensebot.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/sensebot/plugin/impl/SensebotManagerService.java
+++ b/modules/samples/sensebot/src/org.wso2.carbon.device.mgt.iot.sample.sensebot.plugin.impl/src/main/java/org/wso2/carbon/device/mgt/iot/sample/sensebot/plugin/impl/SensebotManagerService.java
@ -14,6 +14,22 @@ import java.util.List;

 public class SensebotManagerService implements DeviceManagementService {
 	private DeviceManager deviceManager;
+
+	@Override
+	public String getProviderTenantDomain() {
+		return "carbon.super";
+	}
+
+	@Override
+	public boolean isSharedWithAllTenants() {
+		return true;
+	}
+
+	@Override
+	public String[] getSharedTenantsDomain() {
+		return new String[0];
+	}
+
 	@Override
 	public String getType() {
 		return SensebotConstants.DEVICE_TYPE;
--- a/pom.xml
+++ b/pom.xml
@ -407,7 +407,11 @@
                <artifactId>org.wso2.carbon.policy.mgt.core</artifactId>
                <version>${carbon.device.mgt.version}</version>
            </dependency>
-
+            <dependency>
+                <groupId>org.wso2.carbon.devicemgt</groupId>
+                <artifactId>org.wso2.carbon.device.mgt.analytics</artifactId>
+                <version>${carbon.device.mgt.version}</version>
+            </dependency>


            <!--IOT dependencies-->
@ -468,12 +472,12 @@
                <groupId>org.wso2.carbon.apimgt</groupId>
                <artifactId>org.wso2.carbon.apimgt.core</artifactId>
                <version>${carbon.api.mgt.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.mediation.initializer</artifactId>
-                    </exclusion>
-                </exclusions>
+                <!--<exclusions>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.mediation.initializer</artifactId>-->
+                    <!--</exclusion>-->
+                <!--</exclusions>-->
            </dependency>
            <dependency>
                <groupId>org.wso2.carbon.apimgt</groupId>
@ -490,112 +494,112 @@
                <groupId>org.wso2.carbon.apimgt</groupId>
                <artifactId>org.wso2.carbon.apimgt.impl</artifactId>
                <version>${carbon.api.mgt.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.mediation.initializer</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.apache.woden.wso2</groupId>
-                        <artifactId>woden</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.user.core</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon.governance</groupId>
-                        <artifactId>org.wso2.carbon.governance.api</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.registry.ws.client</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.identity.core</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.identity.oauth</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.apimgt.keymgt.client</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.apache.poi</groupId>
-                        <artifactId>poi-ooxml</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.rest.api.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.json.wso2</groupId>
-                        <artifactId>json</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>com.h2database.wso2</groupId>
-                        <artifactId>h2-database-engine</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.apimgt.handlers.security.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.user.mgt.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.um.ws.api</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.mediation.dependency.mgt</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>com.google.code.gson</groupId>
-                        <artifactId>gson</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.mediation.registry</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.apache.httpcomponents</groupId>
-                        <artifactId>httpmime</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.event.core</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.sequences.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.mediation.security.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.registry.indexing</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.apimgt.keymgt.stub</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>org.wso2.carbon</groupId>
-                        <artifactId>org.wso2.carbon.securevault</artifactId>
-                    </exclusion>
-                    <exclusion>
-                        <groupId>com.googlecode.json-simple.wso2</groupId>
-                        <artifactId>json-simple</artifactId>
-                    </exclusion>
-                </exclusions>
+                <!--<exclusions>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.mediation.initializer</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.apache.woden.wso2</groupId>-->
+                        <!--<artifactId>woden</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.user.core</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon.governance</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.governance.api</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.registry.ws.client</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.identity.core</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.identity.oauth</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.apimgt.keymgt.client</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.apache.poi</groupId>-->
+                        <!--<artifactId>poi-ooxml</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.rest.api.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.json.wso2</groupId>-->
+                        <!--<artifactId>json</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>com.h2database.wso2</groupId>-->
+                        <!--<artifactId>h2-database-engine</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.apimgt.handlers.security.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.user.mgt.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.um.ws.api</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.mediation.dependency.mgt</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>com.google.code.gson</groupId>-->
+                        <!--<artifactId>gson</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.mediation.registry</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.apache.httpcomponents</groupId>-->
+                        <!--<artifactId>httpmime</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.event.core</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.sequences.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.mediation.security.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.registry.indexing</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.apimgt.keymgt.stub</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>org.wso2.carbon</groupId>-->
+                        <!--<artifactId>org.wso2.carbon.securevault</artifactId>-->
+                    <!--</exclusion>-->
+                    <!--<exclusion>-->
+                        <!--<groupId>com.googlecode.json-simple.wso2</groupId>-->
+                        <!--<artifactId>json-simple</artifactId>-->
+                    <!--</exclusion>-->
+                <!--</exclusions>-->
            </dependency>

            <!--CXF dependencies (needed for web apps)-->
@ -807,7 +811,7 @@
        <maven-buildnumber-plugin.version>1.3</maven-buildnumber-plugin.version>

        <!--Jaggery -->
-        <jaggery.version>0.10.2</jaggery.version>
+        <jaggery.version>0.12.0-M1</jaggery.version>
        <jaggery.extensions.version>1.4.0</jaggery.extensions.version>
        <jaggery.extensions.sso.version>1.4.0</jaggery.extensions.sso.version>
        <jaggery.extensions.carbon.version>1.4.0</jaggery.extensions.carbon.version>
@ -819,8 +823,8 @@
        <markdown.feature.version>1.4.0</markdown.feature.version>

        <!-- Store Features -->
-        <carbon.store.version>2.3.6</carbon.store.version>
-        <carbon.social.version>2.3.6</carbon.social.version>
+        <carbon.store.version>2.3.8-SNAPSHOT</carbon.store.version>
+        <carbon.social.version>2.3.8-SNAPSHOT</carbon.social.version>

        <!-- Additional Stuff from ES Features -->
        <carbon.dashboards.version>1.0.0</carbon.dashboards.version>
@ -852,10 +856,10 @@
        <carbon.deployment.version>4.5.2</carbon.deployment.version>

        <!-- Carbon Identity -->
-        <carbon.identity.version>4.5.6</carbon.identity.version>
+        <carbon.identity.version>4.6.0-SNAPSHOT</carbon.identity.version>

        <!-- Carbon Multi-tenancy -->
-        <carbon.multitenancy.version>4.4.1</carbon.multitenancy.version>
+        <carbon.multitenancy.version>4.5.0-m1</carbon.multitenancy.version>

        <!-- Carbon Registry -->
        <carbon.registry.version>4.4.8</carbon.registry.version>
@ -872,11 +876,10 @@
        <carbon.iot.device.mgt.version>1.0.0-SNAPSHOT</carbon.iot.device.mgt.version>

        <!-- carbon mediation -->
-        <carbon.mediation.version>4.4.5</carbon.mediation.version>
+        <carbon.mediation.version>4.4.10</carbon.mediation.version>

        <!-- API Management -->
-        <carbon.api.mgt.version>1.3.0-SNAPSHOT</carbon.api.mgt.version>
-        <apimserver.version>1.10.0-SNAPSHOT</apimserver.version>
+        <carbon.api.mgt.version>4.3.0-SNAPSHOT</carbon.api.mgt.version>

        <!-- Tomcat -->
        <orbit.tomcat.version>7.0.59.wso2v1</orbit.tomcat.version>
@ -888,17 +891,14 @@
        <bouncycastle.version>1.49</bouncycastle.version>
        <apache.wss4j.version>2.0.0</apache.wss4j.version>
        <codehaus.plexus.version>3.0.21</codehaus.plexus.version>
-        <axis2-transports.wso2.version>1.1.0-wso2v13</axis2-transports.wso2.version>
+        <axis2-transports.wso2.version>1.1.0-wso2v17</axis2-transports.wso2.version>

        <!--DAS-->
-        <carbon.analytics.version>1.0.3-SNAPSHOT</carbon.analytics.version>
-        <carbon.analytics.common.version>5.0.1-SNAPSHOT</carbon.analytics.common.version>
-        <das.release.version>3.0.0-SNAPSHOT</das.release.version>
-        <carbon.data.version>4.3.1-SNAPSHOT</carbon.data.version>
+        <carbon.analytics.version>1.0.3</carbon.analytics.version>
+        <carbon.analytics.common.version>5.0.2</carbon.analytics.common.version>
        <cipher.tool.version>1.0.0-wso2v3</cipher.tool.version>
        <shindig.version>1.0.0</shindig.version>
-        <carbon.dashboard.version>1.0.1-SNAPSHOT</carbon.dashboard.version>
-        <carbon.event-processing.version>2.0.4-SNAPSHOT</carbon.event-processing.version>
+        <carbon.event-processing.version>2.0.5</carbon.event-processing.version>


        <orbit.version.commons-httpclient>3.1.0.wso2v2</orbit.version.commons-httpclient>