diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.ui/src/main/resources/jaggeryapps/devicemgt/api/policy-api.jag b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.ui/src/main/resources/jaggeryapps/devicemgt/api/policy-api.jag
new file mode 100644
index 000000000..fb9e2215d
--- /dev/null
+++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.ui/src/main/resources/jaggeryapps/devicemgt/api/policy-api.jag
@@ -0,0 +1,55 @@
+<%
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+var uri = request.getRequestURI();
+var uriMatcher = new URIMatcher(String(uri));
+
+var log = new Log("api/policy-api.jag");
+
+var constants = require("/app/modules/constants.js");
+var policyModule = require("/app/modules/policy.js").policyModule;
+
+var deviceType, deviceId;
+
+var user = session.get(constants.USER_SESSION_KEY);
+
+var responseProcessor = require('utils').response;
+response.contentType = 'application/json';
+
+if (!user) {
+    response = responseProcessor.buildErrorResponse(response, 401, "Unauthorized");
+} else {
+    if (uriMatcher.match("/{context}/api/policies/add")) {
+        var content = request.getContent();
+        var policyName = content.policyName;
+        var policyDefinition = content.profile.policyDefinition;
+        var policyDescription = content.profile.policyDescription;
+        deviceType = content.profile.deviceType.name;
+        deviceId = content.deviceId;
+        try {
+            response.content = policyModule.addPolicy(policyName, deviceType, policyDefinition,
+                                                      policyDescription, deviceId);
+        } catch (e) {
+            log.error("Exception occurred while trying to add new policy under name:" + policyName, e);
+            // http status code 500 refers to - Internal Server Error.
+            responseProcessor.buildErrorResponse(response, 500, "Internal server error");
+        }
+    }
+}
+%>