diff --git a/modules/distribution/src/api-resources/default-tiers/default-app-tiers.xml b/modules/distribution/src/api-resources/default-tiers/default-app-tiers.xml
new file mode 100644
index 00000000..989792d6
--- /dev/null
+++ b/modules/distribution/src/api-resources/default-tiers/default-app-tiers.xml
@@ -0,0 +1,119 @@
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle">
+    <throttle:MediatorThrottleAssertion>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+             element.
+             For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                      ......
+             -->
+            <throttle:ID throttle:type="ROLE">Large</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>20</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Medium</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>5</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Small</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>1</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Unauthenticated</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>60</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+    </throttle:MediatorThrottleAssertion>
+</wsp:Policy>
diff --git a/modules/distribution/src/api-resources/default-tiers/default-res-tiers.xml b/modules/distribution/src/api-resources/default-tiers/default-res-tiers.xml
new file mode 100644
index 00000000..0e97ab4b
--- /dev/null
+++ b/modules/distribution/src/api-resources/default-tiers/default-res-tiers.xml
@@ -0,0 +1,119 @@
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle">
+    <throttle:MediatorThrottleAssertion>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+             element.
+             For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                      ......
+             -->
+            <throttle:ID throttle:type="ROLE">Ultimate</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>20</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Plus</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>5</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Basic</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>1</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Unauthenticated</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>60</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+    </throttle:MediatorThrottleAssertion>
+</wsp:Policy>
diff --git a/modules/distribution/src/api-resources/default-tiers/default-tiers.xml b/modules/distribution/src/api-resources/default-tiers/default-tiers.xml
new file mode 100644
index 00000000..e57bb553
--- /dev/null
+++ b/modules/distribution/src/api-resources/default-tiers/default-tiers.xml
@@ -0,0 +1,122 @@
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle">
+    <throttle:MediatorThrottleAssertion>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+             element.
+             For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                      ......
+             -->
+            <throttle:ID throttle:type="ROLE">Gold</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>20</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Silver</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>5</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Bronze</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>1</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                        <wsp:Policy>
+                            <throttle:Attributes>
+                                <throttle:x-wso2-BillingPlan>FREE</throttle:x-wso2-BillingPlan>
+                                <throttle:x-wso2-StopOnQuotaReach>true</throttle:x-wso2-StopOnQuotaReach>
+                            </throttle:Attributes>
+                        </wsp:Policy>
+
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+        <wsp:Policy>
+            <!--It's possible to define a display name for a tier to show in UIs by adding the attribute of throttle:displayName="xxxx" for <throttle:ID>
+            element.
+            For ex:  <throttle:ID throttle:type="ROLE" throttle:displayName="xxxx">Gold</throttle:ID>
+                     ......
+            -->
+            <throttle:ID throttle:type="ROLE">Unauthenticated</throttle:ID>
+            <wsp:Policy>
+                <throttle:Control>
+                    <wsp:Policy>
+                        <throttle:MaximumCount>60</throttle:MaximumCount>
+                        <throttle:UnitTime>60000</throttle:UnitTime>
+                        <!--It's possible to define tier level attributes as below for each tier level.For eg:Payment Plan for a tier
+                        <wsp:Policy>
+                        <throttle:Attributes>
+                            <throttle:Attribute1>xxxx</throttle:Attribute1>
+                            <throttle:Attribute2>xxxx</throttle:Attribute2>
+                        </throttle:Attributes>
+                        </wsp:Policy>
+                        -->
+                    </wsp:Policy>
+                </throttle:Control>
+            </wsp:Policy>
+        </wsp:Policy>
+    </throttle:MediatorThrottleAssertion>
+</wsp:Policy>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/api/_AuthorizeAPI_.xml b/modules/distribution/src/api-resources/synapse-configs/default/api/_AuthorizeAPI_.xml
new file mode 100644
index 00000000..4221f0c2
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/api/_AuthorizeAPI_.xml
@@ -0,0 +1,24 @@
+<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMAuthorizeAPI_" context="/authorize">
+    <resource methods="GET" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                    <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/authorize">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/api/_RevokeAPI_.xml b/modules/distribution/src/api-resources/synapse-configs/default/api/_RevokeAPI_.xml
new file mode 100644
index 00000000..8c5fc818
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/api/_RevokeAPI_.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?><api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMRevokeAPI_" context="/revoke">
+    <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                    <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/revoke">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler"/>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/api/_TokenAPI_.xml b/modules/distribution/src/api-resources/synapse-configs/default/api/_TokenAPI_.xml
new file mode 100644
index 00000000..43268da1
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/api/_TokenAPI_.xml
@@ -0,0 +1,25 @@
+<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMTokenAPI_" context="/token">
+    <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                     <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler"/>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/api/_UserInfoAPI_.xml b/modules/distribution/src/api-resources/synapse-configs/default/api/_UserInfoAPI_.xml
new file mode 100644
index 00000000..e8c32195
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/api/_UserInfoAPI_.xml
@@ -0,0 +1,24 @@
+<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMUserInfoAPI_" context="/userinfo">
+    <resource methods="GET" url-mapping="/*" faultSequence="_token_fault_">
+        <inSequence>
+            <property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
+	    <property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
+            <send>
+                <endpoint>
+                    <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/userinfo">
+                        <timeout>
+                            <duration>60000</duration>
+                            <responseAction>fault</responseAction>
+                        </timeout>
+                    </http>
+                </endpoint>
+            </send>
+        </inSequence>
+        <outSequence>
+            <send/>
+        </outSequence>
+    </resource>
+    <handlers>
+        <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
+    </handlers>
+</api>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/proxy-services/WorkflowCallbackService.xml b/modules/distribution/src/api-resources/synapse-configs/default/proxy-services/WorkflowCallbackService.xml
new file mode 100644
index 00000000..722d81b0
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/proxy-services/WorkflowCallbackService.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<proxy xmlns="http://ws.apache.org/ns/synapse"
+       name="WorkflowCallbackService"
+       transports="https http"
+       startOnLoad="true"
+       trace="disable">
+   <description/>
+   <target>
+      <inSequence>
+         <property name="messageType"
+                   value="application/x-www-form-urlencoded"
+                   scope="axis2"
+                   type="STRING"/>
+         <send>
+            <endpoint>
+               <address uri="https://localhost:9443/store/site/blocks/workflow/workflow-listener/ajax/workflow-listener.jag"
+                        format="rest"/>
+            </endpoint>
+         </send>
+      </inSequence>
+      <outSequence>
+         <property name="messageType" value="text/xml" scope="axis2" type="STRING"/>
+         <send/>
+      </outSequence>
+   </target>
+   <publishWSDL>
+<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+                        xmlns:ns1="http://org.apache.axis2/xsd"
+                        xmlns:ns="http://callback.workflow.apimgt.carbon.wso2.org"
+                        xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
+                        xmlns:http="http://schemas.xmlsoap.org/wsdl/http/"
+                        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+                        xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/"
+                        xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+                        xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
+                        targetNamespace="http://callback.workflow.apimgt.carbon.wso2.org">
+         <wsdl:documentation>WorkflowCallbackService</wsdl:documentation>
+         <wsdl:types>
+            <xs:schema attributeFormDefault="qualified"
+                       elementFormDefault="qualified"
+                       targetNamespace="http://callback.workflow.apimgt.carbon.wso2.org">
+               <xs:element name="resumeEvent">
+                  <xs:complexType>
+                     <xs:sequence>
+                        <xs:element minOccurs="0"
+                                    name="workflowReference"
+                                    nillable="true"
+                                    type="xs:string"/>
+                        <xs:element minOccurs="0" name="status" nillable="true" type="xs:string"/>
+                        <xs:element minOccurs="0"
+                                    name="description"
+                                    nillable="true"
+                                    type="xs:string"/>
+                     </xs:sequence>
+                  </xs:complexType>
+               </xs:element>
+               <xs:element name="resumeEventResponse">
+                  <xs:complexType>
+                     <xs:sequence>
+                        <xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/>
+                     </xs:sequence>
+                  </xs:complexType>
+               </xs:element>
+            </xs:schema>
+         </wsdl:types>
+         <wsdl:message name="resumeEventRequest">
+            <wsdl:part name="parameters" element="ns:resumeEvent"/>
+         </wsdl:message>
+         <wsdl:message name="resumeEventResponse">
+            <wsdl:part name="parameters" element="ns:resumeEventResponse"/>
+         </wsdl:message>
+         <wsdl:portType name="WorkflowCallbackServicePortType">
+            <wsdl:operation name="resumeEvent">
+               <wsdl:input message="ns:resumeEventRequest" wsaw:Action="urn:resumeEvent"/>
+               <wsdl:output message="ns:resumeEventResponse" wsaw:Action="urn:resumeEventResponse"/>
+            </wsdl:operation>
+         </wsdl:portType>
+         <wsdl:binding name="WorkflowCallbackServiceSoap11Binding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+            <wsdl:operation name="resumeEvent">
+               <soap:operation soapAction="urn:resumeEvent" style="document"/>
+               <wsdl:input>
+                  <soap:body use="literal"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <soap:body use="literal"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:binding name="WorkflowCallbackServiceSoap12Binding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+            <wsdl:operation name="resumeEvent">
+               <soap12:operation soapAction="urn:resumeEvent" style="document"/>
+               <wsdl:input>
+                  <soap12:body use="literal"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <soap12:body use="literal"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:binding name="WorkflowCallbackServiceHttpBinding"
+                       type="ns:WorkflowCallbackServicePortType">
+            <http:binding verb="POST"/>
+            <wsdl:operation name="resumeEvent">
+               <http:operation location="resumeEvent"/>
+               <wsdl:input>
+                  <mime:content type="text/xml" part="parameters"/>
+               </wsdl:input>
+               <wsdl:output>
+                  <mime:content type="text/xml" part="parameters"/>
+               </wsdl:output>
+            </wsdl:operation>
+         </wsdl:binding>
+         <wsdl:service name="WorkflowCallbackService">
+            <wsdl:port name="WorkflowCallbackServiceHttpsSoap11Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap11Binding">
+               <soap:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsSoap11Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpSoap11Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap11Binding">
+               <soap:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpSoap11Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpsSoap12Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap12Binding">
+               <soap12:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsSoap12Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpSoap12Endpoint"
+                       binding="ns:WorkflowCallbackServiceSoap12Binding">
+               <soap12:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpSoap12Endpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpsEndpoint"
+                       binding="ns:WorkflowCallbackServiceHttpBinding">
+               <http:address location="https://localhost:8243/services/WorkflowCallbackService.WorkflowCallbackServiceHttpsEndpoint/"/>
+            </wsdl:port>
+            <wsdl:port name="WorkflowCallbackServiceHttpEndpoint"
+                       binding="ns:WorkflowCallbackServiceHttpBinding">
+               <http:address location="http://localhost:8280/services/WorkflowCallbackService.WorkflowCallbackServiceHttpEndpoint/"/>
+            </wsdl:port>
+         </wsdl:service>
+      </wsdl:definitions>
+   </publishWSDL>
+</proxy>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/registry.xml b/modules/distribution/src/api-resources/synapse-configs/default/registry.xml
new file mode 100644
index 00000000..b19a4c89
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/registry.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- Registry declaration of the WSO2 ESB -->
+<registry xmlns="http://ws.apache.org/ns/synapse" provider="org.wso2.carbon.mediation.registry.WSO2Registry">
+    <!--all resources loaded from the URL registry would be
+    cached for this number of milliseconds -->
+    <parameter name="cachableDuration">15000</parameter>
+</registry>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_auth_failure_handler_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_auth_failure_handler_.xml
new file mode 100644
index 00000000..5a5213d8
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_auth_failure_handler_.xml
@@ -0,0 +1,4 @@
+<sequence name="_auth_failure_handler_" xmlns="http://ws.apache.org/ns/synapse">
+    <property name="error_message_type" value="application/xml"/>
+    <sequence key="_cors_request_handler_"/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_build_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_build_.xml
new file mode 100644
index 00000000..64e8fe39
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_build_.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_build_">
+    <builder>
+        <messageBuilder contentType="application/json" class="org.apache.axis2.json.JSONBuilder"
+                        formatterClass="org.apache.axis2.json.JSONMessageFormatter"/>
+        <messageBuilder contentType="application/xml" class="org.apache.axis2.builder.ApplicationXMLBuilder"
+                        formatterClass="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
+    </builder>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_cors_request_handler_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_cors_request_handler_.xml
new file mode 100644
index 00000000..d8d043aa
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_cors_request_handler_.xml
@@ -0,0 +1,30 @@
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_cors_request_handler_">
+   <filter source="$ctx:CORSConfiguration.Enabled" regex="true">
+      <then>
+         <filter source="boolean($trp:Access-Control-Allow-Origin)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Origin" expression="$ctx:Access-Control-Allow-Origin"  scope="transport" type="STRING"/>
+            </then>
+         </filter>
+         <filter source="boolean($trp:Access-Control-Allow-Methods)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Methods" expression="$ctx:Access-Control-Allow-Methods" scope="transport" type="STRING"/>
+            </then>
+         </filter>
+         <filter source="boolean($trp:Access-Control-Allow-Headers)" regex="false">
+            <then>
+               <property name="Access-Control-Allow-Headers" expression="$ctx:Access-Control-Allow-Headers" scope="transport" type="STRING"/>
+            </then>
+         </filter>
+         <filter source="boolean($trp:Access-Control-Allow-Credentials)" regex="false">
+            <then>
+               <filter source="boolean($ctx:Access-Control-Allow-Credentials)" regex="true">
+                  <then>
+                     <property name="Access-Control-Allow-Credentials" expression="$ctx:Access-Control-Allow-Credentials" scope="transport" type="STRING"/>
+                  </then>
+               </filter>
+            </then>
+         </filter>
+      </then>
+   </filter>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_production_key_error_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_production_key_error_.xml
new file mode 100644
index 00000000..77199419
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_production_key_error_.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_production_key_error_">
+    <property name="ERROR_CODE" value="900901"/>
+    <property name="ERROR_MESSAGE" value="Production key offered to the API with no production endpoint"/>
+    <property name="CUSTOM_HTTP_SC" value="403"/>
+    <sequence key="fault"/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_resource_mismatch_handler_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_resource_mismatch_handler_.xml
new file mode 100644
index 00000000..402c0835
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_resource_mismatch_handler_.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_resource_mismatch_handler_">
+    <sequence key="fault"/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_sandbox_key_error_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_sandbox_key_error_.xml
new file mode 100644
index 00000000..12906f2e
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_sandbox_key_error_.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_sandbox_key_error_">
+    <property name="ERROR_CODE" value="900901"/>
+    <property name="ERROR_MESSAGE" value="Sandbox key offered to the API with no sandbox endpoint"/>
+    <property name="CUSTOM_HTTP_SC" value="403"/>
+    <sequence key="fault"/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_throttle_out_handler_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_throttle_out_handler_.xml
new file mode 100644
index 00000000..40e81240
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_throttle_out_handler_.xml
@@ -0,0 +1,5 @@
+<sequence name="_throttle_out_handler_" xmlns="http://ws.apache.org/ns/synapse">    
+    <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+    <class name="org.wso2.carbon.apimgt.usage.publisher.APIMgtThrottleUsageHandler"/>
+    <sequence key="_cors_request_handler_"/>
+</sequence>
\ No newline at end of file
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/_token_fault_.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_token_fault_.xml
new file mode 100644
index 00000000..1e4a9825
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/_token_fault_.xml
@@ -0,0 +1,40 @@
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="_token_fault_">
+    <log level="custom">
+        <property name="STATUS" value="Executing token 'fault' sequence"/>
+        <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+        <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+    </log>
+    <payloadFactory>
+        <format>
+            <am:fault xmlns:am="http://wso2.org/apimanager">
+                <am:code>$1</am:code>
+                <am:type>Status report</am:type>
+                <am:message>Runtime Error</am:message>
+                <am:description>$2</am:description>
+            </am:fault>
+        </format>
+        <args>
+            <arg expression="$ctx:ERROR_CODE"/>
+            <arg expression="$ctx:ERROR_MESSAGE"/>
+        </args>
+    </payloadFactory>
+    <filter xpath="$ctx:CUSTOM_HTTP_SC">
+        <then>
+            <property name="HTTP_SC" expression="$ctx:CUSTOM_HTTP_SC" scope="axis2"/>
+        </then>
+        <else>
+            <property name="HTTP_SC" value="500" scope="axis2"/>
+        </else>
+    </filter>
+    <property name="RESPONSE" value="true"/>
+    <header name="To" action="remove"/>
+    <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+    <property name="ContentType" scope="axis2" action="remove"/>
+    <property name="Authorization" scope="transport" action="remove"/>
+    <property name="Host" scope="transport" action="remove"/>
+    <property name="Accept" scope="transport" action="remove"/>
+    <property name="messageType" value="application/xml" scope="axis2"/>
+    <sequence key="_cors_request_handler_"/>
+    <send/>
+    <drop/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/fault.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/fault.xml
new file mode 100644
index 00000000..3b9e1846
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/fault.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="fault">
+    <log level="custom">
+        <property name="STATUS" value="Executing default 'fault' sequence"/>
+        <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+        <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+    </log>
+    <filter source="get-property('MESSAGE_FORMAT')" regex="soap1[1-2]">
+        <then>
+            <property name="SOAP_FAULT_CODE" value="Server"/>
+            <makefault>
+                <code expression="$ctx:SOAP_FAULT_CODE"/>
+                <reason expression="$ctx:ERROR_MESSAGE"/>
+            </makefault>
+        </then>
+        <else>
+            <payloadFactory>
+                <format>
+                    <am:fault xmlns:am="http://wso2.org/apimanager">
+                        <am:code>$1</am:code>
+                        <am:type>Status report</am:type>
+                        <am:message>Runtime Error</am:message>
+                        <am:description>$2</am:description>
+                    </am:fault>
+                </format>
+                <args>
+                    <arg expression="$ctx:ERROR_CODE"/>
+                    <arg expression="$ctx:ERROR_MESSAGE"/>
+                </args>
+            </payloadFactory>
+            <filter source="$axis2:HTTP_METHOD" regex="^(?!.*(POST|PUT|PATCH)).*$">
+                <property name="messageType" value="application/xml" scope="axis2"/>
+            </filter>
+        </else>
+    </filter>
+    <filter xpath="$ctx:CUSTOM_HTTP_SC">
+        <then>
+            <property name="HTTP_SC" expression="$ctx:CUSTOM_HTTP_SC" scope="axis2"/>
+        </then>
+        <else>
+            <property name="HTTP_SC" value="500" scope="axis2"/>
+        </else>
+    </filter>
+    <class name="org.wso2.carbon.apimgt.usage.publisher.APIMgtFaultHandler"/>
+    <property name="RESPONSE" value="true"/>
+    <header name="To" action="remove"/>
+    <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+    <property name="ContentType" scope="axis2" action="remove"/>
+    <property name="Authorization" scope="transport" action="remove"/>
+    <property name="Host" scope="transport" action="remove"/>
+    <property name="Accept" scope="transport" action="remove"/>
+    <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+    <sequence key="_cors_request_handler_"/>
+    <send/>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/sequences/main.xml b/modules/distribution/src/api-resources/synapse-configs/default/sequences/main.xml
new file mode 100644
index 00000000..2f6f39eb
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/sequences/main.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- Default main sequence shipped with the WSO2 ESB -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="main">
+    <description>The default main sequence for API manager - Returns 404 Not Found</description>
+    <in>
+        <log level="custom">
+            <property name="STATUS" value="Message dispatched to the main sequence. Invalid URL."/>
+            <property name="RESOURCE" expression="fn:concat('/', $axis2:REST_URL_POSTFIX)"/>
+        </log>        
+        <filter source="$ctx:TRANSPORT_DENIED" regex="true">
+            <payloadFactory>
+                <format>
+                    <am:fault xmlns:am="http://wso2.org/apimanager">
+                        <am:code>403</am:code>
+                        <am:type>Status report</am:type>
+                        <am:message>Forbidden</am:message>
+                        <am:description>Unsupported Transport [ $2 ]. The requested resource (/$1) is not available.</am:description>
+                    </am:fault>
+                </format>
+                <args>
+                    <arg expression="$axis2:REST_URL_POSTFIX"/>
+                    <arg expression="$ctx:IN_TRANSPORT"/>
+                </args>
+            </payloadFactory>
+            <property name="HTTP_SC" value="403" scope="axis2"/>
+            <property name="RESPONSE" value="true"/>
+            <header name="To" action="remove"/>
+            <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+            <property name="ContentType" scope="axis2" action="remove"/>
+            <property name="Authorization" scope="transport" action="remove"/>
+            <property name="Host" scope="transport" action="remove"/>
+            <property name="Accept" scope="transport" action="remove"/>
+            <send/>
+            <drop/>
+        </filter>
+        <filter source="get-property('MESSAGE_FORMAT')" regex="soap1[1-2]">
+            <then>
+                <property name="SOAP_FAULT_CODE" value="Server"/>
+                <makefault>
+                    <code expression="$ctx:SOAP_FAULT_CODE"/>
+                    <reason value="The requested endpoint is not available."/>
+                </makefault>
+            </then>
+            <else>
+                <payloadFactory>
+                    <format>
+                        <am:fault xmlns:am="http://wso2.org/apimanager">
+                            <am:code>404</am:code>
+                            <am:type>Status report</am:type>
+                            <am:message>Not Found</am:message>
+                            <am:description>The requested resource (/$1) is not available.</am:description>
+                        </am:fault>
+                    </format>
+                    <args>
+                        <arg expression="$axis2:REST_URL_POSTFIX"/>
+                    </args>
+                </payloadFactory>
+            </else>
+        </filter>
+        <filter source="$axis2:HTTP_METHOD" regex="^(?!.*(POST|PUT|PATCH)).*$">
+            <property name="messageType" value="application/xml" scope="axis2"/>
+        </filter>
+        <property name="HTTP_SC" value="404" scope="axis2"/>
+        <property name="RESPONSE" value="true"/>
+        <header name="To" action="remove"/>
+        <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+        <property name="ContentType" scope="axis2" action="remove"/>
+        <property name="Authorization" scope="transport" action="remove"/>
+        <property name="Host" scope="transport" action="remove"/>
+        <property name="Accept" scope="transport" action="remove"/>
+        <property name="X-JWT-Assertion" scope="transport" action="remove"/>
+        <send/>
+        <drop/>
+    </in>
+    <out>
+        <log level="full">
+            <property name="STATUS" value="Unexpected response message in out flow"/>
+        </log>
+        <drop/>
+    </out>
+</sequence>
diff --git a/modules/distribution/src/api-resources/synapse-configs/default/synapse.xml b/modules/distribution/src/api-resources/synapse-configs/default/synapse.xml
new file mode 100644
index 00000000..d7f60ec4
--- /dev/null
+++ b/modules/distribution/src/api-resources/synapse-configs/default/synapse.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~  Copyright (c) 2005-2010, WSO2 Inc. (http://wso2.com) All Rights Reserved.
+  ~
+  ~  WSO2 Inc. licenses this file to you under the Apache License,
+  ~  Version 2.0 (the "License"); you may not use this file except
+  ~  in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~    http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing,
+  ~  software distributed under the License is distributed on an
+  ~  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~  KIND, either express or implied.  See the License for the
+  ~  specific language governing permissions and limitations
+  ~  under the License.
+  -->
+
+<!-- An empty flat synapse configuration shipped with the WSO2 ESB -->
+<definitions xmlns="http://ws.apache.org/ns/synapse">
+
+    <!-- You can add any flat sequences, endpoints, etc.. to this synapse.xml file if you do
+    *not* want to keep the artifacts in several files -->
+</definitions>
diff --git a/modules/distribution/src/assembly/bin.xml b/modules/distribution/src/assembly/bin.xml
index ea7fd4b7..5f2bb4c4 100644
--- a/modules/distribution/src/assembly/bin.xml
+++ b/modules/distribution/src/assembly/bin.xml
@@ -108,6 +108,9 @@
                 <exclude>**/json_2.0.0.wso2v1.jar</exclude>
                 <exclude>**/bcprov-jdk15on_1.49.0.wso2v1.jar</exclude>
                 <exclude>**/xmlbeans_2.3.0.wso2v1.jar</exclude>
+                <exclude>**/nimbus-jose-jwt_2.26.1.wso2v2.jar</exclude>
+                <exclude>**/org.wso2.carbon.hostobjects.sso_4.4.3.jar</exclude>
+                <exclude>**/org.wso2.carbon.hostobjects.sso_4.3.2.jar</exclude>
             </excludes>
         </fileSet>
 
@@ -210,7 +213,6 @@
             <directory>src/repository/conf</directory>
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf</outputDirectory>
             <includes>
-                <include>**/identity.xml</include>
                 <include>**/api-manager.xml</include>
                 <include>**/sso-idp-config.xml</include>
                 <include>**/application-authentication.xml</include>
@@ -330,24 +332,8 @@
             </includes>
         </fileSet>
         <fileSet>
-            <directory>src/repository/modules/encode</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/modules/encode</outputDirectory>
-            <includes>
-                <include>*/**</include>
-            </includes>
-        </fileSet>
-        <fileSet>
-            <directory>src/repository/modules/sso</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/modules/sso</outputDirectory>
-            <includes>
-                <include>*/**</include>
-            </includes>
-        </fileSet>
-
-        <!-- Copying the "api-store" app specific jaggery modules -->
-        <fileSet>
-            <directory>src/repository/modules/apimstore</directory>
-            <outputDirectory>${pom.artifactId}-${pom.version}/modules/apimstore</outputDirectory>
+            <directory>src/repository/modules</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/modules</outputDirectory>
             <includes>
                 <include>*/**</include>
             </includes>
@@ -521,6 +507,18 @@
                 <include>**/**.xml</include>
             </includes>
         </fileSet>
+        <fileSet>
+            <directory>src/api-resources/default-tiers</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources/default-tiers</outputDirectory>
+            <includes>
+                <include>**/**.xml</include>
+            </includes>
+        </fileSet>
+
+        <fileSet>
+            <directory>src/api-resources/synapse-configs/default/sequences</directory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/resources/apim-synapse-config/</outputDirectory>
+        </fileSet>
 
         <!-- Copying synapse-config directory -->
         <fileSet>
@@ -904,7 +902,7 @@
             <fileMode>644</fileMode>
         </file>
         <file>
-            <source>src/repository/conf/identity.xml</source>
+            <source>src/repository/conf/identity/identity.xml</source>
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity
             </outputDirectory>
             <fileMode>644</fileMode>
@@ -1349,17 +1347,17 @@
         </file>
         <file>
             <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/iot/devicetype-config.xml
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/jwt.properties
             </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/iot</outputDirectory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
             <filtered>true</filtered>
             <fileMode>644</fileMode>
         </file>
         <file>
             <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/iot/devicetype-config.xsd
+                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml
             </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/iot</outputDirectory>
+            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory>
             <filtered>true</filtered>
             <fileMode>644</fileMode>
         </file>
diff --git a/modules/distribution/src/repository/conf/identity.xml b/modules/distribution/src/repository/conf/identity/identity.xml
similarity index 97%
rename from modules/distribution/src/repository/conf/identity.xml
rename to modules/distribution/src/repository/conf/identity/identity.xml
index 590d35dc..b88ce8ca 100644
--- a/modules/distribution/src/repository/conf/identity.xml
+++ b/modules/distribution/src/repository/conf/identity/identity.xml
@@ -149,9 +149,9 @@
                 <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.iwa.ntlm.NTLMAuthenticationGrantHandler</GrantTypeHandlerImplClass>
             </SupportedGrantType>
             <SupportedGrantType>
-                <GrantTypeName>devicecloud</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.devicemgt.grant.DeviceGrant</GrantTypeHandlerImplClass>
-                <GrantTypeValidatorImplClass>org.wso2.carbon.devicemgt.grant.DeviceGrantValidator</GrantTypeValidatorImplClass>
+                <GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName>
+                <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler</GrantTypeHandlerImplClass>
+                <GrantTypeValidatorImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTGrantValidator</GrantTypeValidatorImplClass>
             </SupportedGrantType>
         </SupportedGrantTypes>
         <OAuthCallbackHandlers>
diff --git a/modules/distribution/src/repository/jaggeryapps/api-store/jagg.jag b/modules/distribution/src/repository/jaggeryapps/api-store/jagg.jag
index dbcf500f..2ad77a05 100644
--- a/modules/distribution/src/repository/jaggeryapps/api-store/jagg.jag
+++ b/modules/distribution/src/repository/jaggeryapps/api-store/jagg.jag
@@ -7,829 +7,842 @@ var site = require("/site/conf/site.json");
 
 //TODO : remove this when Context HO is implemented.
 var context = context || {
-    put:function (key, value) {
-        session.put(key, value);
-    },
-    get:function (key) {
-        return session.get(key);
-    },
-    remove:function (key) {
-        session.remove(key);
-    }
-};
+            put:function (key, value) {
+                session.put(key, value);
+            },
+            get:function (key) {
+                return session.get(key);
+            },
+            remove:function (key) {
+                session.remove(key);
+            }
+        };
 
 var jagg = jagg || (function () {
-    var ctx = context;
-
-    var modules = {};
-
-    var requirs = {};
-
-    var templates = {};
-
-    var initializers = {};
-
-    var bloks = {};
-
-    var data;
+            var ctx = context;
 
-    var reverse_proxy;    
+            var modules = {};
 
-    var setData = function (d) {
-        data = d;
-    };
+            var requirs = {};
 
-    var getData = function () {
-        return data;
-    };
+            var templates = {};
 
-    var getUser = function () {
-        var user = session.get("logged.user");
+            var initializers = {};
 
-        // If user is null then check for mutual auth
-        if (!user) {
-            user = mutualAuthVerifier(user);
-        }
+            var bloks = {};
 
-	return user;
-    };
+            var data;
 
-    var setUser = function (user) {
-        //if jaggery allow session reset
-        if (typeof request.getSession == "function") {
-            if (session && !session.isNew()) {
-                session.invalidate();
-            }
-            session = request.getSession(true);
-        }
-        session.put("logged.user", user);
-    };
+            var reverse_proxy;
 
-    var mutualAuthVerifier = function(user){
+            var setData = function (d) {
+                data = d;
+            };
 
-        var log = new Log();
-        var site = require("/site/conf/site.json");
+            var getData = function () {
+                return data;
+            };
 
-	    if(site.mutualAuthConfiguration){
-            if (site.mutualAuthConfiguration.enabled == "true") {
+            var getUser = function () {
+                var user = session.get("logged.user");
 
-                // cert will be available only if trust store holds client certificate. Otherwise it is null
-                var cert = request.getAttribute("javax.servlet.request.X509Certificate");
-                var userName = request.getHeader("MutualAuthUserName");
+                // If user is null then check for mutual auth
+                if (!user) {
+                    user = mutualAuthVerifier(user);
+                }
 
-                // proceed mutul ssl validation if cert and user name set properly
+                return user;
+            };
 
-                if (cert != null) {
-                    if (userName) {
-                        var security = require("apimstore");
-                        var mutualAuthHostObject = new security.MutualAuthHostObject();
-                        var isValidUser = mutualAuthHostObject.validateUserNameHeader(userName);
-                        // Group ID feature not supported here
-                        var groupId="";
-                        session.put("groupId", groupId);
-                        if (isValidUser) {
-                            log.info("Mutual Auth authentication success for user : " + userName);
-                            user = {username: userName, cookie: null, hasPublisherAccess: false};
-                            return  user;
+            var setUser = function (user) {
+                //if jaggery allow session reset
+                if (typeof request.getSession == "function") {
+                    if (session && !session.isNew()) {
+                        session.invalidate();
+                    }
+                    session = request.getSession(true);
+                }
+                session.put("logged.user", user);
+            };
+
+            var mutualAuthVerifier = function(user){
+
+                var log = new Log();
+                var site = require("/site/conf/site.json");
+
+                if(site.mutualAuthConfiguration){
+                    if (site.mutualAuthConfiguration.enabled == "true") {
+
+                        // cert will be available only if trust store holds client certificate. Otherwise it is null
+                        var cert = request.getAttribute("javax.servlet.request.X509Certificate");
+                        var userName = request.getHeader("MutualAuthUserName");
+
+                        // proceed mutul ssl validation if cert and user name set properly
+
+                        if (cert != null) {
+                            if (userName) {
+                                var security = require("apimstore");
+                                var mutualAuthHostObject = new security.MutualAuthHostObject();
+                                var isValidUser = mutualAuthHostObject.validateUserNameHeader(userName);
+                                // Group ID feature not supported here
+                                var groupId="";
+                                session.put("groupId", groupId);
+                                if (isValidUser) {
+                                    log.info("Mutual Auth authentication success for user : " + userName);
+                                    user = {username: userName, cookie: null, hasPublisherAccess: false};
+                                    return  user;
+                                } else {
+                                    log.debug("Mutual authentication failed for invalid user : " + userName);
+                                }
+
+                            } else {
+                                log.debug("Mutual authentication failed for invalid user : MutualAuthUserName header is empty");
+                            }
                         } else {
-                            log.debug("Mutual authentication failed for invalid user : " + userName);
+                            log.debug("Mutual Authentication failed due to no trusted certificate");
                         }
-
-                    } else {
-                        log.debug("Mutual authentication failed for invalid user : MutualAuthUserName header is empty");
                     }
-                } else {
-                    log.debug("Mutual Authentication failed due to no trusted certificate");
                 }
-            }
-        }
-    };
-
-    var getThemeFile = function (path) {
-        var p, index, theme = getUserTheme();        
-        if(theme.tenant_theme) {
-            p = getTenantThemePath() + path;
-            index = p.indexOf("?");
-            if(new File(p.substring(0, index == -1 ? p.length : index)).isExists()) {
-                return p;
-            }
-        }        
-        if(theme.subtheme) {
-            p = getThemePath() + "subthemes/" + theme.subtheme + "/" + path;
-            index = p.indexOf("?");
-            if(new File(p.substring(0, index == -1 ? p.length : index)).isExists()) {
-                return p;
-            }
-        }
-        return getThemePath() + path;
-    };
-
-    var getThemesPath = function () {
-        return "/site/themes/";
-    };
-
-    var getTenantThemesPath = function(){
-        return "/site/tenant_themes/";
-    };
-
-    var getThemePath = function () {
-        return getThemesPath() + getUserTheme().base + "/";
-    };
-
-    var getTenantThemePath = function (){
-        return getTenantThemesPath() + getTheme().tenant_theme + "/";
-    }
+            };
+
+            var getThemeFile = function (path) {
+                var p, index, theme = getUserTheme();
+                if(theme.tenant_theme) {
+                    p = getTenantThemePath() + path;
+                    index = p.indexOf("?");
+                    if(new File(p.substring(0, index == -1 ? p.length : index)).isExists()) {
+                        return p;
+                    }
+                }
+                if(theme.subtheme) {
+                    p = getThemePath() + "subthemes/" + theme.subtheme + "/" + path;
+                    index = p.indexOf("?");
+                    if(new File(p.substring(0, index == -1 ? p.length : index)).isExists()) {
+                        return p;
+                    }
+                }
+                return getThemePath() + path;
+            };
 
-    var getBlockFile = function (name) {
-        return getBlocksDir() + name + "/block.jag";
-    };
+            var getThemesPath = function () {
+                return "/site/themes/";
+            };
 
-    var getInitializerFile = function (name) {
-        return getThemeFile("templates/" + name + "/initializer.jag");
-    };
+            var getTenantThemesPath = function(){
+                return "/site/tenant_themes/";
+            };
 
-    var getTemplateFile = function (name) {
-        return getThemeFile("templates/" + name + "/template.jag");
-    };
+            var getThemePath = function () {
+                return getThemesPath() + getUserTheme().base + "/";
+            };
 
-    var getTemplatePath = function(themeDir, name) {
-        return themeDir + "templates/" + name + "/template.jag";
-    };
+            var getTenantThemePath = function (){
+                return getTenantThemesPath() + getTheme().tenant_theme + "/";
+            }
 
-    var getModuleFile = function (name) {
-        return getModulesDir() + name + "/module.jag";
-    };
+            var getBlockFile = function (name) {
+                return getBlocksDir() + name + "/block.jag";
+            };
+
+            var getInitializerFile = function (name) {
+                return getThemeFile("templates/" + name + "/initializer.jag");
+            };
+
+            var getTemplateFile = function (name) {
+                return getThemeFile("templates/" + name + "/template.jag");
+            };
+
+            var getTemplatePath = function(themeDir, name) {
+                return themeDir + "templates/" + name + "/template.jag";
+            };
+
+            var getModuleFile = function (name) {
+                return getModulesDir() + name + "/module.jag";
+            };
+
+            var getBlocksDir = function () {
+                return "/site/blocks/";
+            };
+
+            var getThemesDir = function () {
+                return "/site/themes/";
+            };
+
+            var getModulesDir = function () {
+                return "/modules/";
+            };
+
+            var getTheme = function () {
+                //TODO : remove following lines if theme switching need to be avoided
+                var site = require("/site/conf/site.json"),
+                        theme = request.getParameter("theme"),
+                        subtheme = request.getParameter("subtheme");
+                var r = {
+                    base : theme ? theme : site.theme.base,
+                    subtheme : subtheme ? subtheme : site.theme.subtheme,
+                };
+                //load the tenant theme if exists
+                var tenant = getTenantDomain();
+                if(tenant){
+                    tenant = tenant.replace("/",".");
+                    r.tenant_theme = getTenantDomain();
+                }
+                return r;
+            };
+
+            var getUserTheme = function () {
+                return session.get("theme") ? session.get("theme") : getTheme();
+            };
+
+            var mergeParams = function (extInputs, defInputs) {
+                var key, obj;
+                extInputs = extInputs || {};
+                for (key in defInputs) {
+                    if (defInputs.hasOwnProperty(key)) {
+                        obj = extInputs[key];
+                        if (!obj) {
+                            extInputs[key] = defInputs[key];
+                        }
+                    }
+                }
+                return extInputs;
+            };
 
-    var getBlocksDir = function () {
-        return "/site/blocks/";
-    };
+            var renderBlock = function (name, inputs, outputs, populate) {
+                //initializeTemplate({name:name, params:null}, jagg);
 
-    var getThemesDir = function () {
-        return "/site/themes/";
-    };
+                var init, fn, blok, log = new Log();
 
-    var getModulesDir = function () {
-        return "/modules/";
-    };
+                fn = template(name);
+                if (!fn) {
+                    log.error("Template header and footer includes are missing for : " + name);
+                }
+                if (populate) {
+                    blok = block(name);
 
-    var getTheme = function () {
-        //TODO : remove following lines if theme switching need to be avoided
-        var site = require("/site/conf/site.json"),
-                theme = request.getParameter("theme"),
-                subtheme = request.getParameter("subtheme");
-        var r = {
-            base : theme ? theme : site.theme.base,
-            subtheme : subtheme ? subtheme : site.theme.subtheme,
-        };
-        //load the tenant theme if exists
-        var tenant = getTenantDomain();
-        if(tenant){
-            tenant = tenant.replace("/",".");
-            r.tenant_theme = getTenantDomain();
-        }        
-        return r;
-    };
+                    if (!inputs) {
+                        inputs = blok.getInputs ? blok.getInputs() : {};
+                    } else {
+                        mergeParams(inputs, blok.getInputs ? blok.getInputs() : null);
+                    }
 
-    var getUserTheme = function () {
-        return session.get("theme") ? session.get("theme") : getTheme();
-    };
+                    if (blok.getOutputs) {
+                        outputs = blok.getOutputs(inputs);
+                    } else if (blok.getInputs) {
+                        outputs = inputs;
+                    } else {
+                        outputs = {};
+                    }
+                }
+                init = initializer(name);
+                if (init.postInitialize) {
+                    init.postInitialize(inputs, outputs);
+                }
+                fn(inputs, outputs, jagg);
+            };
+
+            var inheritParent = function (blok, name) {
+                var parent = require(getBlockFile(name));
+                for (var prop in parent) {
+                    if (parent.hasOwnProperty(prop)) {
+                        if (!blok[prop]) {
+                            blok[prop] = parent[prop];
+                        }
+                    }
+                }
+            };
 
-    var mergeParams = function (extInputs, defInputs) {
-        var key, obj;
-        extInputs = extInputs || {};
-        for (key in defInputs) {
-            if (defInputs.hasOwnProperty(key)) {
-                obj = extInputs[key];
+            var initializeBlock = function (obj) {
                 if (!obj) {
-                    extInputs[key] = defInputs[key];
+                    return;
                 }
-            }
-        }
-        return extInputs;
-    };
-
-    var renderBlock = function (name, inputs, outputs, populate) {
-        //initializeTemplate({name:name, params:null}, jagg);
-
-        var init, fn, blok, log = new Log();
-
-        fn = template(name);
-        if (!fn) {
-            log.error("Template header and footer includes are missing for : " + name);
-        }
-        if (populate) {
-            blok = block(name);
-
-            if (!inputs) {
-                inputs = blok.getInputs ? blok.getInputs() : {};
-            } else {
-                mergeParams(inputs, blok.getInputs ? blok.getInputs() : null);
-            }
-
-            if (blok.getOutputs) {
-                outputs = blok.getOutputs(inputs);
-            } else if (blok.getInputs) {
-                outputs = inputs;
-            } else {
-                outputs = {};
-            }
-        }
-        init = initializer(name);
-        if (init.postInitialize) {
-            init.postInitialize(inputs, outputs);
-        }
-        fn(inputs, outputs, jagg);
-    };
-
-    var inheritParent = function (blok, name) {
-        var parent = require(getBlockFile(name));
-        for (var prop in parent) {
-            if (parent.hasOwnProperty(prop)) {
-                if (!blok[prop]) {
-                    blok[prop] = parent[prop];
+                var extInputs, defInputs, parent, tmpl, inputBlocks, outputBlocks, outputs, tmplInitializer, bloks, i, length,
+                        name = obj.name, blok = block(name), log = new Log();
+
+                template(name);
+                extInputs = obj.inputs || (obj.inputs = {});
+                defInputs = blok.getInputs ? blok.getInputs() : {};
+                mergeParams(extInputs, defInputs);
+
+                if (blok.getInputBlocks) {
+                    inputBlocks = blok.getInputBlocks();
+                    length = inputBlocks.length;
+                    for (i = 0; i < length; i++) {
+                        initializeBlocks(inputBlocks[i], extInputs);
+                    }
                 }
-            }
-        }
-    };
-
-    var initializeBlock = function (obj) {
-        if (!obj) {
-            return;
-        }
-        var extInputs, defInputs, parent, tmpl, inputBlocks, outputBlocks, outputs, tmplInitializer, bloks, i, length,
-                name = obj.name, blok = block(name), log = new Log();
-
-        template(name);
-        extInputs = obj.inputs || (obj.inputs = {});
-        defInputs = blok.getInputs ? blok.getInputs() : {};
-        mergeParams(extInputs, defInputs);
-
-        if (blok.getInputBlocks) {
-            inputBlocks = blok.getInputBlocks();
-            length = inputBlocks.length;
-            for (i = 0; i < length; i++) {
-                initializeBlocks(inputBlocks[i], extInputs);
-            }
-        }
 
-        if (blok.getOutputs) {
-            outputs = blok.getOutputs(extInputs);
-        } else if (blok.getInputs) {
-            outputs = extInputs;
-        } else {
-            outputs = {};
-        }
+                if (blok.getOutputs) {
+                    outputs = blok.getOutputs(extInputs);
+                } else if (blok.getInputs) {
+                    outputs = extInputs;
+                } else {
+                    outputs = {};
+                }
 
-        obj.outputs = outputs;
-        if (blok.getOutputBlocks) {
-            outputBlocks = blok.getOutputBlocks();
-            length = outputBlocks.length;
-            for (i = 0; i < length; i++) {
-                initializeBlocks(outputBlocks[i], outputs);
-            }
-        }
+                obj.outputs = outputs;
+                if (blok.getOutputBlocks) {
+                    outputBlocks = blok.getOutputBlocks();
+                    length = outputBlocks.length;
+                    for (i = 0; i < length; i++) {
+                        initializeBlocks(outputBlocks[i], outputs);
+                    }
+                }
 
-        if (blok.getStaticBlocks) {
-            bloks = blok.getStaticBlocks();
-            length = bloks.length;
-            for (i = 0; i < length; i++) {
-                initializeBlock({name:bloks[i], inputs:null});
-            }
-        }
-    };
+                if (blok.getStaticBlocks) {
+                    bloks = blok.getStaticBlocks();
+                    length = bloks.length;
+                    for (i = 0; i < length; i++) {
+                        initializeBlock({name:bloks[i], inputs:null});
+                    }
+                }
+            };
 
-    // [ "foo", "bar", "mar"]
-    // [{ "name" : "foo/bar", params : {}}]
-    var initializeBlocks = function (keys, inputs) {
-        if (!inputs) {
-            return;
-        }
-        var i, length, values, last;
-        if (typeof keys !== "string") {
-            length = keys.length;
-            values = inputs[keys[0]];
-            last = (length == 1);
-            if (values instanceof Array) {
-                length = values.length;
-                for (i = 0; i < length; i++) {
-                    if (last) {
-                        initializeBlock(values[i]);
+            // [ "foo", "bar", "mar"]
+            // [{ "name" : "foo/bar", params : {}}]
+            var initializeBlocks = function (keys, inputs) {
+                if (!inputs) {
+                    return;
+                }
+                var i, length, values, last;
+                if (typeof keys !== "string") {
+                    length = keys.length;
+                    values = inputs[keys[0]];
+                    last = (length == 1);
+                    if (values instanceof Array) {
+                        length = values.length;
+                        for (i = 0; i < length; i++) {
+                            if (last) {
+                                initializeBlock(values[i]);
+                            } else {
+                                initializeBlocks(keys.slice(1), values[i]);
+                            }
+                        }
                     } else {
-                        initializeBlocks(keys.slice(1), values[i]);
+                        if (last) {
+                            initializeBlock(values);
+                        } else {
+                            initializeBlocks(keys.slice(1), values);
+                        }
                     }
-                }
-            } else {
-                if (last) {
-                    initializeBlock(values);
+                    return;
                 } else {
-                    initializeBlocks(keys.slice(1), values);
+                    values = inputs[keys];
                 }
-            }
-            return;
-        } else {
-            values = inputs[keys];
-        }
-
-        if (values instanceof Array) {
-            length = values.length;
-            for (i = 0; i < length; i++) {
-                initializeBlock(values[i]);
-            }
-        } else {
-            initializeBlock(values);
-        }
-    };
-
-    var insertData = function (jagg, template, parent, name, key, value) {
-        var keys, values, data = getData();
-        data = data[parent] || (data[parent] = {});
-        data = data[name] || (data[name] = {});
-        data = data[template] || (data[template] = {});
-
-        keys = data.keys || (data.keys = []);
-        values = data.values || (data.values = {});
-
-        keys.push(key);
-        values[key] = value;
-    };
 
+                if (values instanceof Array) {
+                    length = values.length;
+                    for (i = 0; i < length; i++) {
+                        initializeBlock(values[i]);
+                    }
+                } else {
+                    initializeBlock(values);
+                }
+            };
+
+            var insertData = function (jagg, template, parent, name, key, value) {
+                var keys, values, data = getData();
+                data = data[parent] || (data[parent] = {});
+                data = data[name] || (data[name] = {});
+                data = data[template] || (data[template] = {});
+
+                keys = data.keys || (data.keys = []);
+                values = data.values || (data.values = {});
+
+                keys.push(key);
+                values[key] = value;
+            };
+
+
+            var printData = function (tmpls) {
+                var key, tmpl, keys, values, i, length;
+                for (key in tmpls) {
+                    if (tmpls.hasOwnProperty(key)) {
+                        tmpl = tmpls[key];
+                        keys = tmpl.keys;
+                        values = tmpl.values;
+                        length = keys.length;
+                        for (i = 0; i < length; i++) {
+                            print(values[keys[i]]);
+                        }
+                    }
+                }
+            };
 
-    var printData = function (tmpls) {
-        var key, tmpl, keys, values, i, length;
-        for (key in tmpls) {
-            if (tmpls.hasOwnProperty(key)) {
-                tmpl = tmpls[key];
-                keys = tmpl.keys;
-                values = tmpl.values;
-                length = keys.length;
+            var getUrlMapping = function (path) {
+                var urlMap = ctx.get("url.map"), url, configs, i, length, mapping, mappings, file;
+                if (urlMap) {
+                    url = urlMap[path];
+                    return url ? url : path;
+                }
+                file = new File("/jaggery.conf");
+                file.open("r");
+                configs = parse(file.readAll());
+                file.close();
+
+                urlMap = {};
+                mappings = configs.urlMappings;
+                length = mappings.length;
                 for (i = 0; i < length; i++) {
-                    print(values[keys[i]]);
+                    mapping = mappings[i];
+                    urlMap[mapping.path] = mapping.url;
                 }
-            }
-        }
-    };
-
-    var getUrlMapping = function (path) {
-        var urlMap = ctx.get("url.map"), url, configs, i, length, mapping, mappings, file;
-        if (urlMap) {
-            url = urlMap[path];
-            return url ? url : path;
-        }
-        file = new File("/jaggery.conf");
-        file.open("r");
-        configs = parse(file.readAll());
-        file.close();
-
-        urlMap = {};
-        mappings = configs.urlMappings;
-        length = mappings.length;
-        for (i = 0; i < length; i++) {
-            mapping = mappings[i];
-            urlMap[mapping.path] = mapping.url;
-        }
-        ctx.put("url.map", urlMap);
-        url = urlMap[path];
-        return url ? url : path;
-    };
-
-    var getRequestSegments = function(){
-        var href = request.getRequestURL()
-        var match = href.match(/^(https?\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)(\/[^?#]*)(\?[^#]*|)(#.*|)$/);
-        return match && {
-            protocol: match[1],
-            host: match[2],
-            hostname: match[3],
-            port: match[4],
-            pathname: match[5],
-            search: match[6],
-            hash: match[7]
-        }
-
-    };    
-
-    var getMappedUrl = function (path) {
-        return getAbsoluteUrl(getUrlMapping(path));
-    };
-
-    var getAbsoluteUrl = function (path) {
-        var host = "" 
-        if(isReverseProxyEnabled()){
-            host = "https://" + site.reverseProxy.host ;
-        }else{
-            var match = getRequestSegments();
-            var host = match.protocol + "//" + match.host;
-        }
-        return host + url(path);
-    };
-
-    var getSiteDomainFromRequest = function(){
-        var match = href.match(/^(https?\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)(\/[^?#]*)(\?[^#]*|)(#.*|)$/);
-    }
-
-    var getHttpsUrl = function(path, parameters){
-        var hostname = "";
-        var requestSegments = getRequestSegments();     
-        mod = jagg.module("manager");
-        hostname = mod.getHTTPsURL();
-        hostname = hostname.replace("https://","");
-
-        // if the site is fronted by a proxy server
-        if(isReverseProxyEnabled()){
-             hostname = site.reverseProxy.host ;
-             //if a custom https port is used
-             if(site.reverseProxy.hosts_port){
-                hostname = hostname + ":" + site.reverseProxy.hosts_port;
-             }
-        }        
-
-        return "https://" + hostname + url(path, parameters);
-    }    
-
-    var url = function(path,parameters){
-        var tail = "";
-        if(parameters){
-            var params = [];
-            for (var key in parameters) {                
-                params.push(key+"="+parameters[key]) ;
-            }
-            if(/\?/.test(path)){
-                tail = "&";
-            }
-            else{
-                tail = "?";
-            }
-            tail = tail + params.join("&");
-        }
-        return getSiteContext()+ path + tail;
-    };
+                ctx.put("url.map", urlMap);
+                url = urlMap[path];
+                return url ? url : path;
+            };
+
+            var getRequestSegments = function(){
+                var href = request.getRequestURL()
+                var match = href.match(/^(https?\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)(\/[^?#]*)(\?[^#]*|)(#.*|)$/);
+                return match && {
+                            protocol: match[1],
+                            host: match[2],
+                            hostname: match[3],
+                            port: match[4],
+                            pathname: match[5],
+                            search: match[6],
+                            hash: match[7]
+                        }
 
-    // following function will generate a url with the currently activated tenant
-    var urlTenanted = function(path, parameters){
-        //if tenented add tenant url
-        if(getTenantDomain() != null && !(/(\?tenant\=|\&tenant\=)/i.test(path))){
-            if(!parameters){
-                parameters = {};
-            }
-            parameters.tenant = getTenantDomain();
-        }
-        if(isReverseProxyEnabled()){
-            return getHttpsUrl(path, parameters)
-        }
-        return url(path,parameters)
-    };
+            };
 
-    var getCarbonProxyContextPath = function(){
-        var CarbonUtils = Packages.org.wso2.carbon.utils.CarbonUtils;
-        var carbonUtils = new CarbonUtils();
-        var context = carbonUtils.getServerConfiguration().getFirstProperty("ProxyContextPath");
-        if(context != null)
-            return context;
-        else
-            return '';    
-    };
+            var getMappedUrl = function (path) {
+                return getAbsoluteUrl(getUrlMapping(path));
+            };
 
-    var isReverseProxyEnabled = function(){
-        if(reverse_proxy != undefined){
-            return reverse_proxy;
-        }
-        if(site.reverseProxy.enabled){
-            if(site.reverseProxy.enabled == "auto"){
-                var xfwd = request.getHeader("X-Forwarded-Host");
-                if(xfwd != null){
-                    var xfwd = xfwd.split(",")[0]; 
-                    //if(xfwd.trim() == site.reverseProxy.host){
-                        reverse_proxy = true;      
-                        site.reverseProxy.host = xfwd.trim();       
-                    //}                                 
+            var getAbsoluteUrl = function (path) {
+                var host = ""
+                if(isReverseProxyEnabled()){
+                    host = "https://" + site.reverseProxy.host ;
                 }else{
-                    reverse_proxy = false;                
-                }                    
-            }
-            else{
-                reverse_proxy = true;
-            }            
-        }
-        else{
-            reverse_proxy = false;
-        }        
-        return reverse_proxy;
-    };
+                    var match = getRequestSegments();
+                    var host = match.protocol + "//" + match.host;
+                }
+                return host + url(path);
+            };
 
-    var getSiteContext = function(){
-        if(isReverseProxyEnabled()){
-            //If we use a custom domain mapping we will not use the context.
-            if( site.reverseProxy.tenantHeader != null && 
-                request.getHeader(site.reverseProxy.tenantHeader) != null){
-                return "";
+            var getSiteDomainFromRequest = function(){
+                var match = href.match(/^(https?\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)(\/[^?#]*)(\?[^#]*|)(#.*|)$/);
             }
-            else{
-                return site.reverseProxy.context
-            }
-        }
 
-        var proxyContext = getCarbonProxyContextPath();
-        return proxyContext + site.context;        
-    };
+            var getHttpsUrl = function(path, parameters){
+                var hostname = "";
+                var requestSegments = getRequestSegments();
+                mod = jagg.module("manager");
+                hostname = mod.getHTTPsURL();
+                hostname = hostname.replace("https://","");
+
+                // if the site is fronted by a proxy server
+                if(isReverseProxyEnabled()){
+                    hostname = site.reverseProxy.host ;
+                    //if a custom https port is used
+                    if(site.reverseProxy.hosts_port){
+                        hostname = hostname + ":" + site.reverseProxy.hosts_port;
+                    }
+                }
 
-    var getRegistryPath = function(path){
-        if(isReverseProxyEnabled()){
-            if(site.reverseProxy.regContext != undefined){
-                return site.reverseProxy.regContext + path;
+                return "https://" + hostname + url(path, parameters);
             }
-            return site.reverseProxy.context + path;
-        }
-
-        var ProxyContextPath = getCarbonProxyContextPath();
-        return ProxyContextPath + path;
-    }    
-
-    var module = function (name, module) {
-        if (module) {
-            return modules[name] = module;
-        }
-        module = modules[name];
-        if (module) {
-            return module;
-        }
-        include(getModuleFile(name));
-        return modules[name];
-    };
-
-    var requir = function (path) {
-        var obj = requirs[path];
-        return obj ? obj : requirs[path] = require(path);
-    };
 
-    var block = function (name, blok) {
-        var parent;
-        if (blok) {
-            return bloks[name] = blok;
-        }
-        blok = bloks[name];
-        if (blok) {
-            return blok;
-        }
-        //we need to include and initialize
-        include(getBlockFile(name));
-        blok = bloks[name];
-        parent = blok.getParent;
-        if (parent) {
-            parent = parent();
-            inheritParent(blok, parent);
-        }
-        if (blok.initialize) {
-            //TODO which to pass into initialize method
-            blok.initialize(getData());
-        }
-        return bloks[name];
-    };
-
-    var template = function (name, tmpl) {
-        var blok, parent, init;
-        if (tmpl) {
-            return templates[name] = tmpl;
-        }
-        tmpl = templates[name];
-        if (tmpl) {
-            return tmpl;
-        }
-
-        blok = block(name);
-        parent = blok.getParent;
-        if (parent) {
-            name = parent();
-        }
-
-        tmpl = templates[name];
-        if (tmpl) {
-            return tmpl;
-        }
-
-        include(getTemplateFile(name));
-        init = initializer(name);
-        if (init.preInitialize) {
-            init.preInitialize();
-        }
-        return templates[name];
-    };
-
-    var initializer = function (name, init) {
-        var blok, parent;
-        if (init) {
-            return initializers[name] = init;
-        }
-        init = initializers[name];
-        if (init) {
-            return init;
-        }
-
-        blok = block(name);
-        parent = blok.getParent;
-        if (parent) {
-            name = parent();
-        }
-
-        init = initializers[name];
-        if (init) {
-            return init;
-        }
+            var url = function(path,parameters){
+                var tail = "";
+                if(parameters){
+                    var params = [];
+                    for (var key in parameters) {
+                        params.push(key+"="+parameters[key]) ;
+                    }
+                    if(/\?/.test(path)){
+                        tail = "&";
+                    }
+                    else{
+                        tail = "?";
+                    }
+                    tail = tail + params.join("&");
+                }
+                return getSiteContext()+ path + tail;
+            };
 
-        include(getInitializerFile(name));
-        return initializers[name];
-    };
+            var getTenantURLPrefix = function(tail) {
+                if (!tail) {
+                    tail = "";
+                }
+                if( site.reverseProxy.tenantHeader == null ||
+                        request.getHeader(site.reverseProxy.tenantHeader) == null){
+                    if(getTenantDomain() != null){
+                        return tail + "tenant=" + getTenantDomain();
+                    }
+                }
+                return "";
+            }
 
-    var render = function (obj) {
-        var init, fn, inputs, outputs, name = obj.name, log = new Log(), blok;
-        setData(obj);
-        initializeBlock(obj);
-        include(getTemplateFile(name));
-        fn = template(name);
-        if (!fn) {
-            log.error("Template header and footer includes are missing for : " + name);
-        }
-        inputs = obj.inputs;
-        blok = block(name);
-        if (blok.getOutputs) {
-            outputs = blok.getOutputs(inputs);
-        } else if (blok.getInputs) {
-            outputs = inputs;
-        } else {
-            outputs = {};
-        }
-        init = initializer(name);
-        if (init.postInitialize) {
-            init.postInitialize(inputs, outputs);
-        }
-        fn(inputs, outputs, jagg);
-    };
+            // following function will generate a url with the currently activated tenant
+            var urlTenanted = function(path, parameters){
+                //if tenented add tenant url
+                if(getTenantDomain() != null && !(/(\?tenant\=|\&tenant\=)/i.test(path))){
+                    if(!parameters){
+                        parameters = {};
+                    }
+                    parameters.tenant = getTenantDomain();
+                }
+                if(isReverseProxyEnabled()){
+                    return getHttpsUrl(path, parameters)
+                }
+                return url(path,parameters)
+            };
+
+            var getCarbonProxyContextPath = function(){
+                var CarbonUtils = Packages.org.wso2.carbon.utils.CarbonUtils;
+                var carbonUtils = new CarbonUtils();
+                var context = carbonUtils.getServerConfiguration().getFirstProperty("ProxyContextPath");
+                if(context != null)
+                    return context;
+                else
+                    return '';
+            };
+
+            var isReverseProxyEnabled = function(){
+                if(reverse_proxy != undefined){
+                    return reverse_proxy;
+                }
+                if(site.reverseProxy.enabled){
+                    if(site.reverseProxy.enabled == "auto"){
+                        var xfwd = request.getHeader("X-Forwarded-Host");
+                        if(xfwd != null){
+                            var xfwd = xfwd.split(",")[0];
+                            //if(xfwd.trim() == site.reverseProxy.host){
+                            reverse_proxy = true;
+                            site.reverseProxy.host = xfwd.trim();
+                            //}
+                        }else{
+                            reverse_proxy = false;
+                        }
+                    }
+                    else{
+                        reverse_proxy = true;
+                    }
+                }
+                else{
+                    reverse_proxy = false;
+                }
+                return reverse_proxy;
+            };
+
+            var getSiteContext = function(){
+                if(isReverseProxyEnabled()){
+                    //If we use a custom domain mapping we will not use the context.
+                    if( site.reverseProxy.tenantHeader != null &&
+                            request.getHeader(site.reverseProxy.tenantHeader) != null){
+                        return "";
+                    }
+                    else{
+                        return site.reverseProxy.context
+                    }
+                }
 
-    var includeBlock = function (name, inputs) {
-        renderBlock(name, inputs, null, true);
-    };
+                var proxyContext = getCarbonProxyContextPath();
+                return proxyContext + site.context;
+            };
 
-    var includeBlocks = function (bloks) {
-        if (!bloks) {
-            return;
-        }
+            var getRegistryPath = function(path){
+                if(isReverseProxyEnabled()){
+                    if(site.reverseProxy.regContext != undefined){
+                        return site.reverseProxy.regContext + path;
+                    }
+                    return site.reverseProxy.context + path;
+                }
 
-        var i, d, length;
-        if (bloks instanceof Array) {
-            length = bloks.length;
-            for (i = 0; i < length; i++) {
-                d = bloks[i];
-                renderBlock(d.name, d.inputs, d.outputs, false);
+                var ProxyContextPath = getCarbonProxyContextPath();
+                return ProxyContextPath + path;
             }
-        } else {
-            renderBlock(bloks.name, bloks.inputs, bloks.outputs, false);
-        }
-    };
 
-    var addHeaderCSS = function (template, key, css) {
-        css = '<link type="text/css" rel="stylesheet" href="' + url(getThemeFile(css)) + '"/>';
-        insertData(this, template, "header", "css", key, css);
-    };
+            var module = function (name, module) {
+                if (module) {
+                    return modules[name] = module;
+                }
+                module = modules[name];
+                if (module) {
+                    return module;
+                }
+                include(getModuleFile(name));
+                return modules[name];
+            };
+
+            var requir = function (path) {
+                var obj = requirs[path];
+                return obj ? obj : requirs[path] = require(path);
+            };
+
+            var block = function (name, blok) {
+                var parent;
+                if (blok) {
+                    return bloks[name] = blok;
+                }
+                blok = bloks[name];
+                if (blok) {
+                    return blok;
+                }
+                //we need to include and initialize
+                include(getBlockFile(name));
+                blok = bloks[name];
+                parent = blok.getParent;
+                if (parent) {
+                    parent = parent();
+                    inheritParent(blok, parent);
+                }
+                if (blok.initialize) {
+                    //TODO which to pass into initialize method
+                    blok.initialize(getData());
+                }
+                return bloks[name];
+            };
 
-    var addHeaderCSSCode = function (template, key, css) {
-        css = '<style type="text/css">' + css + '</style>';
-        insertData(this, template, "header", "css", key, css);
-    };
+            var template = function (name, tmpl) {
+                var blok, parent, init;
+                if (tmpl) {
+                    return templates[name] = tmpl;
+                }
+                tmpl = templates[name];
+                if (tmpl) {
+                    return tmpl;
+                }
 
-    var addHeaderJS = function (template, key, js) {
-        js = '<script type="text/javascript" src="' + url(getThemeFile(js)) + '"></script>\n';
-        insertData(this, template, "header", "js", key, js);
-    };
+                blok = block(name);
+                parent = blok.getParent;
+                if (parent) {
+                    name = parent();
+                }
 
-    var addHeaderJSCode = function (template, key, js) {
-        js = '<script type="text/javascript">' + js + '</script>';
-        insertData(this, template, "header", "js", key, js);
-    };
+                tmpl = templates[name];
+                if (tmpl) {
+                    return tmpl;
+                }
 
-    var addHeaderCode = function (template, key, code) {
-        insertData(this, template, "header", "code", key, code);
-    };
+                include(getTemplateFile(name));
+                init = initializer(name);
+                if (init.preInitialize) {
+                    init.preInitialize();
+                }
+                return templates[name];
+            };
 
-    var addFooterCSS = function (template, key, css) {
-        css = '<link type="text/css" rel="stylesheet" href="' + url(getThemeFile(css)) + '"/>';
-        insertData(this, template, "footer", "css", key, css);
-    };
+            var initializer = function (name, init) {
+                var blok, parent;
+                if (init) {
+                    return initializers[name] = init;
+                }
+                init = initializers[name];
+                if (init) {
+                    return init;
+                }
 
-    var addFooterCSSCode = function (template, key, css) {
-        css = '<style type="text/css">' + css + '</style>';
-        insertData(this, template, "footer", "css", key, css);
-    };
+                blok = block(name);
+                parent = blok.getParent;
+                if (parent) {
+                    name = parent();
+                }
 
-    var addFooterJS = function (template, key, js) {
-        js = '\t<script type="text/javascript" src="' + url(getThemeFile(js)) + '"></script>\n';
-        insertData(this, template, "footer", "js", key, js);
-    };
+                init = initializers[name];
+                if (init) {
+                    return init;
+                }
 
-    var addFooterJSCode = function (template, key, js) {
-        js = '<script type="text/javascript">' + js + '</script>';
-        insertData(this, template, "footer", "js", key, js);
-    };
+                include(getInitializerFile(name));
+                return initializers[name];
+            };
+
+            var render = function (obj) {
+                var init, fn, inputs, outputs, name = obj.name, log = new Log(), blok;
+                setData(obj);
+                initializeBlock(obj);
+                include(getTemplateFile(name));
+                fn = template(name);
+                if (!fn) {
+                    log.error("Template header and footer includes are missing for : " + name);
+                }
+                inputs = obj.inputs;
+                blok = block(name);
+                if (blok.getOutputs) {
+                    outputs = blok.getOutputs(inputs);
+                } else if (blok.getInputs) {
+                    outputs = inputs;
+                } else {
+                    outputs = {};
+                }
+                init = initializer(name);
+                if (init.postInitialize) {
+                    init.postInitialize(inputs, outputs);
+                }
+                fn(inputs, outputs, jagg);
+            };
 
-    var addFooterCode = function (template, key, code) {
-        insertData(this, template, "footer", "code", key, code);
-    };
+            var includeBlock = function (name, inputs) {
+                renderBlock(name, inputs, null, true);
+            };
 
-    var includeJag = function (path) {
-        include(getThemeFile(path));
-    };
+            var includeBlocks = function (bloks) {
+                if (!bloks) {
+                    return;
+                }
 
-    var getTenantDomain = function(){
-        if(isReverseProxyEnabled()){
-            // check if tenant header exists
-            if(site.reverseProxy.tenantHeader != undefined && site.reverseProxy.tenantHeader != null
-                && request.getHeader(site.reverseProxy.tenantHeader) != null){
-                return request.getHeader(site.reverseProxy.tenantHeader);
+                var i, d, length;
+                if (bloks instanceof Array) {
+                    length = bloks.length;
+                    for (i = 0; i < length; i++) {
+                        d = bloks[i];
+                        renderBlock(d.name, d.inputs, d.outputs, false);
+                    }
+                } else {
+                    renderBlock(bloks.name, bloks.inputs, bloks.outputs, false);
+                }
+            };
+
+            var addHeaderCSS = function (template, key, css) {
+                css = '<link type="text/css" rel="stylesheet" href="' + url(getThemeFile(css)) + '"/>';
+                insertData(this, template, "header", "css", key, css);
+            };
+
+            var addHeaderCSSCode = function (template, key, css) {
+                css = '<style type="text/css">' + css + '</style>';
+                insertData(this, template, "header", "css", key, css);
+            };
+
+            var addHeaderJS = function (template, key, js) {
+                js = '<script type="text/javascript" src="' + url(getThemeFile(js)) + '"></script>\n';
+                insertData(this, template, "header", "js", key, js);
+            };
+
+            var addHeaderJSCode = function (template, key, js) {
+                js = '<script type="text/javascript">' + js + '</script>';
+                insertData(this, template, "header", "js", key, js);
+            };
+
+            var addHeaderCode = function (template, key, code) {
+                insertData(this, template, "header", "code", key, code);
+            };
+
+            var addFooterCSS = function (template, key, css) {
+                css = '<link type="text/css" rel="stylesheet" href="' + url(getThemeFile(css)) + '"/>';
+                insertData(this, template, "footer", "css", key, css);
+            };
+
+            var addFooterCSSCode = function (template, key, css) {
+                css = '<style type="text/css">' + css + '</style>';
+                insertData(this, template, "footer", "css", key, css);
+            };
+
+            var addFooterJS = function (template, key, js) {
+                js = '\t<script type="text/javascript" src="' + url(getThemeFile(js)) + '"></script>\n';
+                insertData(this, template, "footer", "js", key, js);
+            };
+
+            var addFooterJSCode = function (template, key, js) {
+                js = '<script type="text/javascript">' + js + '</script>';
+                insertData(this, template, "footer", "js", key, js);
+            };
+
+            var addFooterCode = function (template, key, code) {
+                insertData(this, template, "footer", "code", key, code);
+            };
+
+            var includeJag = function (path) {
+                include(getThemeFile(path));
+            };
+
+            var getTenantDomain = function(){
+                if(isReverseProxyEnabled()){
+                    // check if tenant header exists
+                    if(site.reverseProxy.tenantHeader != undefined && site.reverseProxy.tenantHeader != null
+                            && request.getHeader(site.reverseProxy.tenantHeader) != null){
+                        return request.getHeader(site.reverseProxy.tenantHeader);
+                    }
+                }
+                return request.getParameter("tenant");
             }
-        }
-        return request.getParameter("tenant");
-    }
 
-    var setCSRFToken = function(){
-        var cookie = request.getCookie("csrftoken");         
-        var user = jagg.getUser();
-        var csrfuser =  session.get('csrfuser');
-        //set CSRF if it is not set + you need to refresh the token if the user has changed.
-        if( !cookie || user != csrfuser){
-            //Use a secure random as the CSRF token.
-            var SecureRandom = Packages.java.security.SecureRandom;
-            var random = new SecureRandom();
-            var BigInteger = Packages.java.math.BigInteger;
-            var token = new BigInteger(130, random).toString(32);
-
-            var cookie= {'name':'csrftoken','value': token , 'maxAge': 86400, 'path':"/"};
-            session.put('csrfuser',user);
-            response.addCookie(cookie);
-        }     
-    }
-
-    var isCSRFTokenValid = function(){
-        var log = new Log();
-        var cookie = request.getCookie("csrftoken");
-        var token = request.getHeader("X-CSRFToken");
-        var user = jagg.getUser();
-        if(cookie == null || cookie.value == token){
-            return true;
-        }
-        else{
-            log.info("CSRF Token error at "+request.getRequestURI());
-            return false;
-        }
-    }
+            var setCSRFToken = function(){
+                var cookie = request.getCookie("csrftoken");
+                var user = jagg.getUser();
+                var csrfuser =  session.get('csrfuser');
+                //set CSRF if it is not set + you need to refresh the token if the user has changed.
+                if( !cookie || user != csrfuser){
+                    //Use a secure random as the CSRF token.
+                    var SecureRandom = Packages.java.security.SecureRandom;
+                    var random = new SecureRandom();
+                    var BigInteger = Packages.java.math.BigInteger;
+                    var token = new BigInteger(130, random).toString(32);
+
+                    var cookie= {'name':'csrftoken','value': token , 'maxAge': 86400, 'path':"/"};
+                    session.put('csrfuser',user);
+                    response.addCookie(cookie);
+                }
+            }
 
-    var validateInputs = function(config){
-        var errors = [];
-        //set most used parapeters
-        config.name = { type:"name"};
-        config.provider = { type:"provider"};
-        config.version = { type:"name"};        
-
-        for(var key in config){
-            var value = request.getParameter(key);
-            if(value == null){
-                if(config[key].required)
-                    errors.push(key);
-                continue;
+            var isCSRFTokenValid = function(){
+                var log = new Log();
+                var cookie = request.getCookie("csrftoken");
+                var token = request.getHeader("X-CSRFToken");
+                var user = jagg.getUser();
+                if(cookie == null || cookie.value == token){
+                    return true;
+                }
+                else{
+                    log.info("CSRF Token error at "+request.getRequestURI());
+                    return false;
+                }
             }
-            switch (config[key].type) {
-              case "url":
-                break;
-              case "input":
-                var regex = /([<>\"\'])/;
+
+            var validateInputs = function(config){
+                var errors = [];
+                //set most used parapeters
+                config.name = { type:"name"};
+                config.provider = { type:"provider"};
+                config.version = { type:"name"};
+
+                for(var key in config){
+                    var value = request.getParameter(key);
+                    if(value == null){
+                        if(config[key].required)
+                            errors.push(key);
+                        continue;
+                    }
+                    switch (config[key].type) {
+                        case "url":
+                            break;
+                        case "input":
+                            var regex = /([<>\"\'])/;
+                            if(regex.test(value)) errors.push(key);
+                            break;
+                        case "number":
+                            var regex = /^[0-9]*$/;
+                            if(!regex.test(value)) errors.push(key);
+                            break;
+                        case "safetext":
+                            var regex = /^[a-zA-Z0-9]*$/;
+                            if(!regex.test(value)) errors.push(key);
+                            break;
+                        case "uuid":
+                            var regex = /^[a-zA-Z0-9\-]*$/;
+                            if(!regex.test(value)) errors.push(key);
+                            break;
+                        case "name":
+                            var regex = /([~!#$;%^*+={}\|\\<>\"\'\/,])/;
                 if(regex.test(value)) errors.push(key);
-                break;                 
-              case "number":
-                var regex = /^[0-9]*$/;
-                if(!regex.test(value)) errors.push(key); 
-                break;  
-              case "safetext":
-                var regex = /^[a-zA-Z0-9]*$/;
-                if(!regex.test(value)) errors.push(key); 
-                break;        
-              case "uuid":
-                var regex = /^[a-zA-Z0-9\-]*$/;
-                if(!regex.test(value)) errors.push(key); 
-                break;                                        
-              case "name":
-                var regex = /([~!#$;%^*+={}\|\\<>\"\'\/,])/;  
-                if(regex.test(value)) errors.push(key);                
                 break;
               case "password":
                 var regex = /^[\S]{5,30}$/;
-                if(!regex.test(value)) errors.push(key);                
+                if(!regex.test(value)) errors.push(key);
                 break;
               case "email":
                 var regex = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/;
-                if(!regex.test(value)) errors.push(key);              
+                if(!regex.test(value)) errors.push(key);
                 break;
                case "provider":
-                var regex = /([~!#$;%^*+={}\|\\<>\"\'\,])/;  
+                var regex = /([~!#$;%^*+={}\|\\<>\"\'\,])/;
                 if(regex.test(value)) errors.push(key);
                 break;
               default:
-            }            
+            }
         }
         if(errors.length > 0){
             return errors;
@@ -877,6 +890,7 @@ var jagg = jagg || (function () {
         setCSRFToken:setCSRFToken,
         isCSRFTokenValid:isCSRFTokenValid,
         validateInputs:validateInputs,
+        getTenantURLPrefix:getTenantURLPrefix
     };
 
 }());
diff --git a/modules/distribution/src/repository/jaggeryapps/api-store/manager.jag b/modules/distribution/src/repository/jaggeryapps/api-store/manager.jag
index 443d696a..318c1550 100644
--- a/modules/distribution/src/repository/jaggeryapps/api-store/manager.jag
+++ b/modules/distribution/src/repository/jaggeryapps/api-store/manager.jag
@@ -19,19 +19,19 @@ var getAPIPublisherURL = function() {
     var result,log=new Log();
     var store = getAPIStoreObj();
     try {
-    result = store.getAPIPublisherURL();
-    if (log.isDebugEnabled()) {
-    log.debug("getAPIPublisherURL : ");
-    }
-    return {
-    error:false,
-    url:result
-    };
+        result = store.getAPIPublisherURL();
+        if (log.isDebugEnabled()) {
+            log.debug("getAPIPublisherURL : ");
+        }
+        return {
+            error:false,
+            url:result
+        };
     } catch (e) {
-    return {
-    error:true,
-    message:e.message.split(":")[1]
-    };
+        return {
+            error:true,
+            message:e.message.split(":")[1]
+        };
     }
 
 };
@@ -44,7 +44,7 @@ var getServer = function() {
 };
 
 var isSelfSignupEnabled = function(){
-	return 	getAPIStoreObj().isSelfSignupEnabled();
+    return 	getAPIStoreObj().isSelfSignupEnabled();
 };
 
 var isSelfSignupEnabledForTenantUser = function(tenantDomain){
@@ -52,16 +52,16 @@ var isSelfSignupEnabledForTenantUser = function(tenantDomain){
     try {
 
         if (tenantDomain == null) {
-             return  getAPIStoreObj().isSelfSignupEnabledForTenant("carbon.super");
+            return  getAPIStoreObj().isSelfSignupEnabledForTenant("carbon.super");
         } else {
-             return  getAPIStoreObj().isSelfSignupEnabledForTenant(tenantDomain);
+            return  getAPIStoreObj().isSelfSignupEnabledForTenant(tenantDomain);
         }
     } catch (e) {
         log.error(e.message);
         return false;
     }
-    
-    
+
+
 };
 
 var getAdminCookie = function() {
@@ -110,15 +110,15 @@ var loadTenantRegistry = function (tenantDomain) {
             error:true,
             message:e.message
         };
-    }    
+    }
 };
 
 var loadTenantAxisConfiguration = function (tenantDomain) {
- 
+
     try {
-        if (tenantDomain != null && tenantDomain != "") {  
-             
-           getAPIStoreObj().loadAxisConfigOfTenant(String(tenantDomain));
+        if (tenantDomain != null && tenantDomain != "") {
+
+            getAPIStoreObj().loadAxisConfigOfTenant(String(tenantDomain));
             return
             {
                 error:false
@@ -130,16 +130,16 @@ var loadTenantAxisConfiguration = function (tenantDomain) {
             error:true,
             message:e.message
         };
-    }    
+    }
 };
 
 var getActiveTenantDomains=function(){
     var tenantDomains,
-    		log = new Log(),
+            log = new Log(),
             store = jagg.module("manager").getAPIStoreObj();
 
-	try {
-		tenantDomains = store.getActiveTenantDomains();
+    try {
+        tenantDomains = store.getActiveTenantDomains();
         tenantDomains = parse(stringify(tenantDomains));
         if (log.isDebugEnabled()) {
             log.debug("isTenantMode : " + stringify(api));
diff --git a/modules/distribution/src/repository/modules/sso/module.xml b/modules/distribution/src/repository/modules/sso/module.xml
index b32a0fea..23cde8c2 100644
--- a/modules/distribution/src/repository/modules/sso/module.xml
+++ b/modules/distribution/src/repository/modules/sso/module.xml
@@ -1,6 +1,10 @@
-<module name="sso" xmlns="http://wso2.org/projects/jaggery/module.xml">
-    <script>
-        <name>client</name>
-        <path>scripts/sso.client.js</path>
-    </script>
+<module name="sso" expose="false" xmlns="http://wso2.org/projects/jaggery/module.xml">
+	<script>
+		<name>client</name>
+		<path>scripts/sso.client.js</path>
+	</script>
+	<hostObject>
+		<className>org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject</className>
+		<name>SSORelyingParty</name>
+	</hostObject>
 </module>
\ No newline at end of file
diff --git a/modules/distribution/src/repository/modules/tenantmanager/module.xml b/modules/distribution/src/repository/modules/tenantmanager/module.xml
new file mode 100644
index 00000000..1afbf025
--- /dev/null
+++ b/modules/distribution/src/repository/modules/tenantmanager/module.xml
@@ -0,0 +1,7 @@
+<module name="tenantmanager" namespace="ns" expose="true" xmlns="http://wso2.org/projects/jaggery/module.xml">    
+        <hostObject>
+            <className>org.wso2.carbon.apimgt.hostobjects.TenantManagerHostObject</className>
+            <name>TenantManager</name>
+        </hostObject>
+</module>
+
diff --git a/modules/p2-profile-gen/pom.xml b/modules/p2-profile-gen/pom.xml
index 0ec0df42..754a1f4d 100644
--- a/modules/p2-profile-gen/pom.xml
+++ b/modules/p2-profile-gen/pom.xml
@@ -144,9 +144,9 @@
                                 <featureArtifactDef>
                                     org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.analytics.server.feature:${carbon.device.mgt.version}
                                 </featureArtifactDef>
-                                <!--<featureArtifactDef>-->
-                                    <!--org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.common.api.feature:${carbon.device.mgt.version}-->
-                                <!--</featureArtifactDef>-->
+                                <featureArtifactDef>
+                                    org.wso2.carbon.devicemgt:org.wso2.carbon.device.mgt.jwt.client.extension.feature:${carbon.device.mgt.version}
+                                </featureArtifactDef>
                                 <!-- End of Device Management Features -->
 
                                 <!-- Mobile Device Management Features -->
@@ -671,7 +671,7 @@
                                 <featureArtifactDef>
                                     org.wso2.carbon.analytics:org.wso2.carbon.analytics.datasource.feature:${carbon.analytics.version}
                                 </featureArtifactDef>
-				<featureArtifactDef>
+                                <featureArtifactDef>
                                     org.wso2.carbon.analytics:org.wso2.carbon.analytics.datasource.hbase.server.feature:${carbon.analytics.version}
                                 </featureArtifactDef>
                                 <featureArtifactDef>
@@ -792,7 +792,7 @@
                                     org.wso2.carbon.dashboards:org.wso2.carbon.dashboards.portal.feature:${carbon.dashboard.version}
                                 </featureArtifactDef>
 
-				<!-- MB Features -->
+                                <!-- MB Features -->
                                 <featureArtifactDef>
                                     org.wso2.carbon.messaging:org.wso2.carbon.andes.feature:${carbon.messaging.version}
                                 </featureArtifactDef>
@@ -805,6 +805,9 @@
                                 <featureArtifactDef>
                                     org.wso2.carbon.metrics:org.wso2.carbon.metrics.feature:${carbon.metrics.version}
                                 </featureArtifactDef>
+                                <featureArtifactDef>
+                                    org.wso2.carbon.identity:org.wso2.carbon.identity.oauth2.grant.jwt.feature:${identity.jwt.extension.version}
+                                </featureArtifactDef>
                             </featureArtifacts>
                         </configuration>
                     </execution>
@@ -872,6 +875,10 @@
                                     <id>org.wso2.carbon.device.mgt.oauth.extensions.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>org.wso2.carbon.device.mgt.jwt.client.extension.feature.group</id>
+                                    <version>${carbon.device.mgt.version}</version>
+                                </feature>
                                 <feature>
                                     <id>org.wso2.carbon.devicemgt.ui.feature.group</id>
                                     <version>${carbon.device.mgt.version}</version>
@@ -1525,7 +1532,7 @@
                                     <id>org.wso2.carbon.analytics.datasource.feature.group</id>
                                     <version>${carbon.analytics.version}</version>
                                 </feature>
-				<feature>
+				                <feature>
                                     <id>org.wso2.carbon.analytics.datasource.hbase.server.feature.group</id>
                                     <version>${carbon.analytics.version}</version>
                                 </feature>
@@ -1700,6 +1707,10 @@
                                     <id>org.wso2.carbon.metrics.feature.group</id>
                                     <version>${carbon.metrics.version}</version>
                                 </feature>
+                                <feature>
+                                    <id>org.wso2.carbon.identity.oauth2.grant.jwt.feature.group</id>
+                                    <version>${identity.jwt.extension.version}</version>
+                                </feature>
                             </features>
                         </configuration>
                     </execution>
diff --git a/pom.xml b/pom.xml
index 711438a1..cf68b2cf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1054,10 +1054,10 @@
         <mdm.version>2.0.0-SNAPSHOT</mdm.version>
 
         <!-- API Management -->
-        <carbon.api.mgt.version>4.3.2-SNAPSHOT</carbon.api.mgt.version>
+        <carbon.api.mgt.version>5.0.3</carbon.api.mgt.version>
 
         <!-- Carbon Mediation -->
-        <carbon.mediation.version>4.4.11</carbon.mediation.version>
+        <carbon.mediation.version>4.5.1</carbon.mediation.version>
 
         <!-- Carbon Analytics Common (DAS) -->
         <carbon.analytics.common.version>5.0.11-SNAPSHOT</carbon.analytics.common.version>
@@ -1123,6 +1123,9 @@
         <carbon.messaging.version>3.1.0</carbon.messaging.version>
         <product.mb.version>3.1.0</product.mb.version>
         <carbon.metrics.version>1.2.0</carbon.metrics.version>
+
+        <!--JWT grant type extension feature-->
+        <identity.jwt.extension.version>1.0.0</identity.jwt.extension.version>
     </properties>
 
     <scm>