diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/pom.xml b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/pom.xml
new file mode 100644
index 000000000..d4f9ebb73
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/pom.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  ~ Copyright (c) 2005-2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~   WSO2 Inc. licenses this file to you under the Apache License,
+  ~   Version 2.0 (the "License"); you may not use this file except
+  ~   in compliance with the License.
+  ~   You may obtain a copy of the License at
+  ~
+  ~      http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~   Unless required by applicable law or agreed to in writing,
+  ~   software distributed under the License is distributed on an
+  ~   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~   KIND, either express or implied.  See the License for the
+  ~   specific language governing permissions and limitations
+  ~   under the License.
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <parent>
+        <groupId>org.wso2.carbon.devicemgt-plugins</groupId>
+        <artifactId>mb-extensions</artifactId>
+        <version>3.0.22-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization</artifactId>
+    <packaging>bundle</packaging>
+    <name>WSO2 Carbon - Component - MQTT - Authorization Manager</name>
+    <description>MQTT authorization manager based on Carbon device manager</description>
+    <url>http://wso2.org</url>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.utils</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.andes.wso2</groupId>
+            <artifactId>andes</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.user.api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.user.core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>commons-lang</groupId>
+            <artifactId>commons-lang</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.github.openfeign</groupId>
+            <artifactId>feign-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.github.openfeign</groupId>
+            <artifactId>feign-jaxrs</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.github.openfeign</groupId>
+            <artifactId>feign-gson</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>javax.ws.rs</groupId>
+            <artifactId>jsr311-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>javax.cache.wso2</artifactId>
+        </dependency>
+		<dependency>
+			<groupId>io.github.openfeign</groupId>
+			<artifactId>feign-slf4j</artifactId>
+		</dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.felix</groupId>
+                <artifactId>maven-scr-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.felix</groupId>
+                <artifactId>maven-bundle-plugin</artifactId>
+                <extensions>true</extensions>
+                <configuration>
+                    <instructions>
+                        <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+                        <Bundle-Name>${project.artifactId}</Bundle-Name>
+                        <Private-Package>
+                            org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal
+                        </Private-Package>
+                        <Export-Package>
+                            !org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.internal,
+                            org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.*
+                        </Export-Package>
+                        <Import-Package>
+                            org.apache.log4j,
+                            org.dna.mqtt.moquette.server,
+                            org.wso2.andes.configuration.enums,
+                            org.wso2.andes.mqtt,
+                            org.wso2.carbon.context,
+                            org.jaxen,
+                            org.apache.axiom.*,
+                            org.wso2.securevault,
+                            org.apache.commons.*,
+                            org.osgi.service.component,
+                            org.wso2.carbon.user.core.service,
+                            org.wso2.carbon.user.core.tenant,
+                            org.wso2.carbon.user.api,
+                            feign,
+                            feign.auth,
+                            feign.codec,
+                            feign.gson,
+                            javax.cache,
+                            javax.xml.namespace,
+                            javax.xml.stream,
+							org.wso2.carbon.base,
+							org.wso2.carbon.utils,
+							javax.net.ssl,
+							feign.slf4j
+                        </Import-Package>
+						<Embed-Dependency>
+							jsr311-api,
+							feign-jaxrs
+						</Embed-Dependency>
+                    </instructions>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
+
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/ApiOriginFilter.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/ApiOriginFilter.java
new file mode 100644
index 000000000..d5f093ef9
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/ApiOriginFilter.java
@@ -0,0 +1,44 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class ApiOriginFilter implements Filter {
+
+    public void doFilter(ServletRequest request, ServletResponse response,
+                         FilterChain chain) throws IOException, ServletException {
+        HttpServletResponse res = (HttpServletResponse) response;
+        res.addHeader("Access-Control-Allow-Origin", "*");
+        res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
+        res.addHeader("Access-Control-Allow-Headers", "Content-Type");
+        chain.doFilter(request, response);
+    }
+
+    public void destroy() {
+        //do nothing
+    }
+
+    public void init(FilterConfig filterConfig) throws ServletException {
+        //do nothing
+    }
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorListItem.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorListItem.java
new file mode 100644
index 000000000..ebd09a021
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorListItem.java
@@ -0,0 +1,77 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.beans;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import javax.validation.constraints.NotNull;
+
+@ApiModel(description = "")
+public class ErrorListItem {
+
+    @NotNull
+    private String code = null;
+    @NotNull
+    private String message = null;
+
+    @ApiModelProperty(required = true, value = "")
+    @JsonProperty("code")
+    public String getCode() {
+        return code;
+    }
+    public void setCode(String code) {
+        this.code = code;
+    }
+
+    public ErrorListItem() {}
+
+    public ErrorListItem(String code, String msg) {
+        this.code = code;
+        this.message = msg;
+    }
+
+
+    /**
+     * Description about individual errors occurred
+     **/
+    @ApiModelProperty(required = true, value = "Description about individual errors occurred")
+    @JsonProperty("message")
+    public String getMessage() {
+        return message;
+    }
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+
+
+    @Override
+    public String toString()  {
+        StringBuilder sb = new StringBuilder();
+        sb.append("errorItem {\n");
+
+        sb.append("  code: ").append(code).append("\n");
+        sb.append("  message: ").append(message).append("\n");
+        sb.append("}\n");
+        return sb.toString();
+    }
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorResponse.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorResponse.java
new file mode 100644
index 000000000..b8e090d38
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/ErrorResponse.java
@@ -0,0 +1,193 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.beans;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@ApiModel(description = "")
+public class ErrorResponse {
+
+    private Long code = null;
+    private String message = null;
+    private String description = null;
+    private String moreInfo = null;
+    private List<ErrorListItem> errorItems = new ArrayList<>();
+
+    public ErrorResponse() {
+    }
+
+    @JsonProperty(value = "code")
+    @ApiModelProperty(required = true, value = "")
+    public Long getCode() {
+        return code;
+    }
+
+    public void setCode(Long code) {
+        this.code = code;
+    }
+
+    @JsonProperty(value = "message")
+    @ApiModelProperty(required = true, value = "ErrorResponse message.")
+    public String getMessage() {
+        return message;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+    @JsonProperty(value = "description")
+    @ApiModelProperty(value = "A detail description about the error message.")
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    @JsonProperty(value = "moreInfo")
+    @ApiModelProperty(value = "Preferably an url with more details about the error.")
+    public String getMoreInfo() {
+        return moreInfo;
+    }
+
+    public void setMoreInfo(String moreInfo) {
+        this.moreInfo = moreInfo;
+    }
+
+    public void addErrorListItem(ErrorListItem item) {
+        this.errorItems.add(item);
+    }
+
+    /**
+     * If there are more than one error list them out. \nFor example, list out validation errors by each field.
+     */
+    @JsonProperty(value = "errorItems")
+    @ApiModelProperty(value = "If there are more than one error list them out. \n" +
+            "For example, list out validation errors by each field.")
+    public List<ErrorListItem> getErrorItems() {
+        return errorItems;
+    }
+
+    public void setErrorItems(List<ErrorListItem> error) {
+        this.errorItems = error;
+    }
+
+    @Override
+    public String toString() {
+//        StringBuilder sb = new StringBuilder();
+//        sb.append("{");
+//        boolean cont = false;
+//        if (code != null) {
+//            cont = true;
+//            sb.append("  \"code\": ").append(code);
+//        }
+//        if (message != null) {
+//            if (cont) {
+//                sb.append(",");
+//            }
+//            cont = true;
+//            sb.append("  \"message\": \"").append(message).append("\"");
+//        }
+//        if (description != null) {
+//            if (cont) {
+//                sb.append(",");
+//            }
+//            cont = true;
+//            sb.append("  \"description\": ").append(description).append("\"");
+//        }
+//        if (moreInfo != null) {
+//            if (cont) {
+//                sb.append(",");
+//            }
+//            cont = true;
+//            sb.append("  \"moreInfo\": \"").append(moreInfo).append("\"");
+//        }
+//        if (error != null && error.size() > 0) {
+//            if (cont) {
+//                sb.append(",");
+//            }
+//            sb.append("  \"errorItems\": ").append(error);
+//        }
+//        sb.append("}");
+//        return sb.toString();
+        return null;
+    }
+
+    public static class ErrorResponseBuilder {
+
+        private Long code = null;
+        private String message = null;
+        private String description = null;
+        private String moreInfo = null;
+        private List<ErrorListItem> error;
+
+
+        public ErrorResponseBuilder() {
+            this.error = new ArrayList<>();
+        }
+
+        public ErrorResponseBuilder setCode(long code) {
+            this.code = code;
+            return this;
+        }
+
+        public ErrorResponseBuilder setMessage(String message) {
+            this.message = message;
+            return this;
+        }
+
+        public ErrorResponseBuilder setDescription(String description) {
+            this.description = description;
+            return this;
+        }
+
+        public ErrorResponseBuilder setMoreInfo(String moreInfo) {
+            this.moreInfo = moreInfo;
+            return this;
+        }
+
+        public ErrorResponseBuilder addErrorItem(String code, String msg) {
+            ErrorListItem item = new ErrorListItem();
+            item.setCode(code);
+            item.setMessage(msg);
+            this.error.add(item);
+            return this;
+        }
+
+        public ErrorResponse build() {
+            ErrorResponse errorResponse = new ErrorResponse();
+            errorResponse.setCode(code);
+            errorResponse.setMessage(message);
+            errorResponse.setErrorItems(error);
+            errorResponse.setDescription(description);
+            errorResponse.setMoreInfo(moreInfo);
+            return errorResponse;
+        }
+    }
+
+}
+
+
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/Scope.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/Scope.java
new file mode 100644
index 000000000..171fe7726
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/beans/Scope.java
@@ -0,0 +1,71 @@
+/*
+* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.beans;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+@ApiModel(value = "Scope", description = "Template of the authorization scope")
+public class Scope {
+
+    @ApiModelProperty(name = "scope key", value = "An unique string as a key.", required = true)
+    private String key;
+
+    @ApiModelProperty(name = "scope name", value = "Scope name.", required = true)
+    private String name;
+
+    @ApiModelProperty(name = "roles", value = "List of roles to be associated with the scope", required = true)
+    private String roles;
+
+    @ApiModelProperty(name = "scope description", value = "A description of the scope", required = true)
+    private String description;
+
+    public Scope() {
+    }
+
+    public String getKey() {
+        return this.key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+
+    public String getName() {
+        return this.name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getRoles() {
+        return this.roles;
+    }
+
+    public void setRoles(String roles) {
+        this.roles = roles;
+    }
+
+    public String getDescription() {
+        return this.description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/common/GsonMessageBodyHandler.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/common/GsonMessageBodyHandler.java
new file mode 100644
index 000000000..804244945
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/common/GsonMessageBodyHandler.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.common;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.ext.MessageBodyReader;
+import javax.ws.rs.ext.MessageBodyWriter;
+import javax.ws.rs.ext.Provider;
+import java.io.*;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+
+import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
+
+@Provider
+@Produces(APPLICATION_JSON)
+@Consumes(APPLICATION_JSON)
+public class GsonMessageBodyHandler implements MessageBodyWriter<Object>, MessageBodyReader<Object> {
+
+    public static final String DATE_FORMAT = "EEE, d MMM yyyy HH:mm:ss Z";
+    private Gson gson;
+    private static final String UTF_8 = "UTF-8";
+
+    public boolean isReadable(Class<?> aClass, Type type, Annotation[] annotations, MediaType mediaType) {
+        return true;
+    }
+
+    private Gson getGson() {
+        if (gson == null) {
+            final GsonBuilder gsonBuilder = new GsonBuilder();
+            gson = gsonBuilder.setDateFormat(DATE_FORMAT).create();
+        }
+        return gson;
+    }
+
+    public Object readFrom(Class<Object> objectClass, Type type, Annotation[] annotations, MediaType mediaType,
+            MultivaluedMap<String, String> stringStringMultivaluedMap, InputStream entityStream)
+            throws IOException, WebApplicationException {
+
+        InputStreamReader reader = new InputStreamReader(entityStream, "UTF-8");
+
+        try {
+            return getGson().fromJson(reader, type);
+        } finally {
+            reader.close();
+        }
+    }
+
+    public boolean isWriteable(Class<?> aClass, Type type, Annotation[] annotations, MediaType mediaType) {
+        return true;
+    }
+
+    public long getSize(Object o, Class<?> aClass, Type type, Annotation[] annotations, MediaType mediaType) {
+        return -1;
+    }
+
+    public void writeTo(Object object, Class<?> aClass, Type type, Annotation[] annotations, MediaType mediaType,
+            MultivaluedMap<String, Object> stringObjectMultivaluedMap, OutputStream entityStream)
+            throws IOException, WebApplicationException {
+
+        OutputStreamWriter writer = new OutputStreamWriter(entityStream, UTF_8);
+        try {
+            getGson().toJson(object, type, writer);
+        } finally {
+            writer.close();
+        }
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ConstraintViolationException.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ConstraintViolationException.java
new file mode 100644
index 000000000..df8680851
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ConstraintViolationException.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.util.Constants;
+//import org.wso2.carbon.andes.extensionstensions.device.mgt.jaxrs.util.DeviceMgtUtil;
+
+import javax.validation.ConstraintViolation;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+import java.util.Set;
+
+public class ConstraintViolationException extends WebApplicationException {
+    private String message;
+
+    public <T> ConstraintViolationException(Set<ConstraintViolation<T>> violations) {
+//        super(Response.status(Response.Status.BAD_REQUEST)
+//                .entity(DeviceMgtUtil.getConstraintViolationErrorDTO(violations))
+//                .header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
+//                .build());
+//
+//        //Set the error message
+//        StringBuilder stringBuilder = new StringBuilder();
+//        for (ConstraintViolation violation : violations) {
+//            stringBuilder.append(violation.getRootBeanClass().getSimpleName());
+//            stringBuilder.append(".");
+//            stringBuilder.append(violation.getPropertyPath());
+//            stringBuilder.append(": ");
+//            stringBuilder.append(violation.getMessage());
+//            stringBuilder.append(", ");
+//        }
+        //message = stringBuilder.toString();
+    }
+
+    @Override
+    public String getMessage() {
+        return message;
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ErrorDTO.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ErrorDTO.java
new file mode 100644
index 000000000..4576fa507
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ErrorDTO.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class ErrorDTO {
+
+    private Long code = null;
+    private String message = null;
+    private String description = null;
+
+    public void setMoreInfo(String moreInfo) {
+        this.moreInfo = moreInfo;
+    }
+
+    public void setCode(Long code) {
+        this.code = code;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public void setError(List<ErrorDTO> error) {
+        this.error = error;
+    }
+
+    private String moreInfo = null;
+
+    public String getMessage() {
+        return message;
+    }
+
+    public Long getCode() {
+        return code;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public String getMoreInfo() {
+        return moreInfo;
+    }
+
+    public List<ErrorDTO> getError() {
+        return error;
+    }
+
+    public String toString() {
+        StringBuilder stringBuilder = new StringBuilder();
+        stringBuilder.append("class ErrorDTO {\n");
+        stringBuilder.append("  code: ").append(code).append("\n");
+        stringBuilder.append("  message: ").append(message).append("\n");
+        stringBuilder.append("  description: ").append(description).append("\n");
+        stringBuilder.append("  moreInfo: ").append(moreInfo).append("\n");
+        stringBuilder.append("  error: ").append(error).append("\n");
+        stringBuilder.append("}\n");
+        return stringBuilder.toString();
+    }
+
+    private List<ErrorDTO> error = new ArrayList<>();
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ForbiddenException.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ForbiddenException.java
new file mode 100644
index 000000000..f6261162a
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ForbiddenException.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.util.Constants;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+
+/**
+ * Exception class that is corresponding to 401 Forbidden response
+ */
+
+public class ForbiddenException extends WebApplicationException {
+
+    private String message;
+
+    public ForbiddenException() {
+        super(Response.status(Response.Status.FORBIDDEN)
+                .build());
+    }
+
+    public ForbiddenException(ErrorDTO errorDTO) {
+        super(Response.status(Response.Status.FORBIDDEN)
+                .entity(errorDTO)
+                .header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
+                .build());
+        message = errorDTO.getDescription();
+    }
+
+    @Override
+    public String getMessage() {
+        return message;
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/GlobalThrowableMapper.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/GlobalThrowableMapper.java
new file mode 100644
index 000000000..357fe68af
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/GlobalThrowableMapper.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+import com.google.gson.JsonParseException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+//import org.wso2.carbon.andes.extensionsnsions.device.mgt.jaxrs.util.DeviceMgtUtil;
+
+import javax.naming.AuthenticationException;
+import javax.ws.rs.ClientErrorException;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
+/**
+ * Handle the cxf level exceptions.
+ */
+public class GlobalThrowableMapper implements ExceptionMapper {
+    private static final Log log = LogFactory.getLog(GlobalThrowableMapper.class);
+
+    private ErrorDTO e500 = new ErrorDTO();
+
+    GlobalThrowableMapper() {
+        e500.setCode((long) 500);
+        e500.setMessage("Internal server error.");
+        e500.setMoreInfo("");
+        e500.setDescription("The server encountered an internal error. Please contact administrator.");
+
+    }
+
+    @Override
+    public Response toResponse(Throwable e) {
+
+//        if (e instanceof JsonParseException) {
+//            String errorMessage = "Malformed request body.";
+//            if (log.isDebugEnabled()) {
+//                log.error(errorMessage, e);
+//            }
+//            return DeviceMgtUtil.buildBadRequestException(errorMessage).getResponse();
+//        }
+        if (e instanceof NotFoundException) {
+            return ((NotFoundException) e).getResponse();
+        }
+        if (e instanceof UnexpectedServerErrorException) {
+            if (log.isDebugEnabled()) {
+                log.error("Unexpected server error.", e);
+            }
+            return ((UnexpectedServerErrorException) e).getResponse();
+        }
+        if (e instanceof ConstraintViolationException) {
+            if (log.isDebugEnabled()) {
+                log.error("Constraint violation.", e);
+            }
+            return ((ConstraintViolationException) e).getResponse();
+        }
+        if (e instanceof IllegalArgumentException) {
+            ErrorDTO errorDetail = new ErrorDTO();
+            errorDetail.setCode((long) 400);
+            errorDetail.setMoreInfo("");
+            errorDetail.setMessage("");
+            errorDetail.setDescription(e.getMessage());
+            return Response
+                    .status(Response.Status.BAD_REQUEST)
+                    .entity(errorDetail)
+                    .build();
+        }
+        if (e instanceof ClientErrorException) {
+            if (log.isDebugEnabled()) {
+                log.error("Client error.", e);
+            }
+            return ((ClientErrorException) e).getResponse();
+        }
+        if (e instanceof AuthenticationException) {
+            ErrorDTO errorDetail = new ErrorDTO();
+            errorDetail.setCode((long) 401);
+            errorDetail.setMoreInfo("");
+            errorDetail.setMessage("");
+            errorDetail.setDescription(e.getMessage());
+            return Response
+                    .status(Response.Status.UNAUTHORIZED)
+                    .entity(errorDetail)
+                    .build();
+        }
+        if (e instanceof ForbiddenException) {
+            if (log.isDebugEnabled()) {
+                log.error("Resource forbidden.", e);
+            }
+            return ((ForbiddenException) e).getResponse();
+        }
+        //unknown exception log and return
+        if (log.isDebugEnabled()) {
+            log.error("An Unknown exception has been captured by global exception mapper.", e);
+        }
+        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).header("Content-Type", "application/json")
+                .entity(e500).build();
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/NotFoundException.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/NotFoundException.java
new file mode 100644
index 000000000..9db522236
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/NotFoundException.java
@@ -0,0 +1,47 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.beans.ErrorResponse;
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.util.Constants;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+
+public class NotFoundException extends WebApplicationException {
+    private String message;
+    private static final long serialVersionUID = 147943572342342340L;
+
+    public NotFoundException(ErrorResponse error) {
+        super(Response.status(Response.Status.NOT_FOUND).entity(error).build());
+    }
+    public NotFoundException(ErrorDTO errorDTO) {
+        super(Response.status(Response.Status.NOT_FOUND)
+                .entity(errorDTO)
+                .header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
+                .build());
+        message = errorDTO.getDescription();
+    }
+
+    @Override
+    public String getMessage() {
+        return message;
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/UnexpectedServerErrorException.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/UnexpectedServerErrorException.java
new file mode 100644
index 000000000..cf0ec561b
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/UnexpectedServerErrorException.java
@@ -0,0 +1,49 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.beans.ErrorResponse;
+import org.wso2.carbon.andes.extensions.device.mgt.jaxrs.util.Constants;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+
+public class UnexpectedServerErrorException extends WebApplicationException {
+    private String message;
+    private static final long serialVersionUID = 147943579458906890L;
+
+    public UnexpectedServerErrorException(ErrorResponse error) {
+        super(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build());
+    }
+    public UnexpectedServerErrorException(ErrorDTO errorDTO) {
+        super(Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(errorDTO)
+                .header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
+                .build());
+        message = errorDTO.getDescription();
+    }
+
+    @Override
+    public String getMessage() {
+        return message;
+    }
+
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ValidationInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ValidationInterceptor.java
new file mode 100644
index 000000000..0261945a4
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/exception/ValidationInterceptor.java
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.jaxrs.lifecycle.ResourceProvider;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.jaxrs.model.OperationResourceInfo;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageContentsList;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+
+import javax.validation.ConstraintViolation;
+import javax.validation.Validation;
+import javax.validation.Validator;
+import javax.validation.ValidatorFactory;
+import javax.validation.executable.ExecutableValidator;
+import java.lang.reflect.Method;
+import java.util.List;
+import java.util.Set;
+
+public class ValidationInterceptor extends AbstractPhaseInterceptor<Message> {
+    private Log log = LogFactory.getLog(getClass());
+    private Validator validator = null; //validator interface is thread-safe
+
+    public ValidationInterceptor() {
+        super(Phase.PRE_INVOKE);
+        ValidatorFactory defaultFactory = Validation.buildDefaultValidatorFactory();
+        validator = defaultFactory.getValidator();
+        if (validator == null) {
+            log.warn("Bean Validation provider could not be found, no validation will be performed");
+        } else {
+            log.debug("Validation In-Interceptor initialized successfully");
+        }
+    }
+
+    @Override
+    public void handleMessage(Message message) throws Fault {
+        final OperationResourceInfo operationResource = message.getExchange().get(OperationResourceInfo.class);
+        if (operationResource == null) {
+            log.info("OperationResourceInfo is not available, skipping validation");
+            return;
+        }
+
+        final ClassResourceInfo classResource = operationResource.getClassResourceInfo();
+        if (classResource == null) {
+            log.info("ClassResourceInfo is not available, skipping validation");
+            return;
+        }
+
+        final ResourceProvider resourceProvider = classResource.getResourceProvider();
+        if (resourceProvider == null) {
+            log.info("ResourceProvider is not available, skipping validation");
+            return;
+        }
+
+        final List<Object> arguments = MessageContentsList.getContentsList(message);
+        final Method method = operationResource.getAnnotatedMethod();
+        final Object instance = resourceProvider.getInstance(message);
+        if (method != null && arguments != null) {
+            //validate the parameters(arguments) over the invoked method
+            validate(method, arguments.toArray(), instance);
+
+            //validate the fields of each argument
+            for (Object arg : arguments) {
+                if (arg != null)
+                    validate(arg);
+            }
+        }
+
+    }
+
+    public <T> void validate(final Method method, final Object[] arguments, final T instance) {
+        if (validator == null) {
+            log.warn("Bean Validation provider could not be found, no validation will be performed");
+            return;
+        }
+
+        ExecutableValidator methodValidator = validator.forExecutables();
+        Set<ConstraintViolation<T>> violations = methodValidator.validateParameters(instance,
+                method, arguments);
+
+        if (!violations.isEmpty()) {
+            throw new ConstraintViolationException(violations);
+        }
+    }
+
+    public <T> void validate(final T object) {
+        if (validator == null) {
+            log.warn("Bean Validation provider could be found, no validation will be performed");
+            return;
+        }
+
+        Set<ConstraintViolation<T>> violations = validator.validate(object);
+
+        if (!violations.isEmpty()) {
+            throw new ConstraintViolationException(violations);
+        }
+    }
+
+    public void handleFault(org.apache.cxf.message.Message messageParam) {
+    }
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/util/Constants.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/util/Constants.java
new file mode 100644
index 000000000..be969bb61
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/util/Constants.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.andes.extensions.device.mgt.jaxrs.util;
+
+/**
+ * Holds the constants used by DeviceImpl Management Admin web application.
+ */
+public class Constants {
+
+	public static final String SCOPE = "scope";
+
+	public final class ErrorMessages {
+		private ErrorMessages () { throw new AssertionError(); }
+
+		public static final String STATUS_BAD_REQUEST_MESSAGE_DEFAULT = "Bad Request";
+
+	}
+
+	public final class DeviceConstants {
+		private DeviceConstants () { throw new AssertionError(); }
+
+		public static final String APPLICATION_JSON = "application/json";
+		public static final String HEADER_CONTENT_TYPE = "Content-Type";
+	}
+
+}
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/META-INF/webapp-classloading.xml b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/META-INF/webapp-classloading.xml
new file mode 100644
index 000000000..ed2ed2162
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/META-INF/webapp-classloading.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+
+<!--
+  ~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ WSO2 Inc. licenses this file to you under the Apache License,
+  ~ Version 2.0 (the "License"); you may not use this file except
+  ~ in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+
+<!--
+    This file defines class loading policy of the whole container. But this behaviour can be overridden by individual webapps by putting this file into the META-INF/ directory.   
+-->
+<Classloading xmlns="http://wso2.org/projects/as/classloading">
+
+    <!-- Parent-first or child-first. Default behaviour is child-first.-->
+    <ParentFirst>false</ParentFirst>
+
+    <!-- 
+	Default environments that contains provides to all the webapps. This can be overridden by individual webapps by specifing required environments 
+	Tomcat environment is the default and every webapps gets it even if they didn't specify it.
+	e.g. If a webapps requires CXF, they will get both Tomcat and CXF.
+     -->
+    <Environments>CXF,Carbon</Environments>
+</Classloading>
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
new file mode 100644
index 000000000..7ce4b1256
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ WSO2 Inc. licenses this file to you under the Apache License,
+  ~ Version 2.0 (the "License"); you may not use this file except
+  ~ in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:jaxrs="http://cxf.apache.org/jaxrs" xmlns:cxf="http://cxf.apache.org/core"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+         http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
+
+    <jaxrs:server id="services" address="/">
+        <jaxrs:serviceBeans>
+            <ref bean="mqttManagementService"/>
+            <ref bean="swaggerResource"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <ref bean="jsonProvider"/>
+            <!--<ref bean="errorHandler"/>-->
+            <ref bean="swaggerWriter"/>
+        </jaxrs:providers>
+    </jaxrs:server>
+
+    <bean id="swaggerWriter" class="io.swagger.jaxrs.listing.SwaggerSerializers"/>
+    <bean id="swaggerResource" class="io.swagger.jaxrs.listing.ApiListingResource"/>
+    <bean id="ValidationInterceptor"
+          class="org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception.ValidationInterceptor"/>
+    <bean id="GlobalExceptionMapper"
+          class="org.wso2.carbon.andes.extensions.device.mgt.jaxrs.exception.GlobalThrowableMapper"/>
+
+    <bean id="swaggerConfig" class="io.swagger.jaxrs.config.BeanConfig">
+        <property name="resourcePackage" value="org.wso2.carbon.device.mgt.jaxrs"/>
+        <property name="version" value="1.0"/>
+        <property name="host" value="localhost:9443"/>
+        <property name="schemes" value="https"/>
+        <property name="basePath" value="/api/device-mgt/v1.0"/>
+        <property name="title" value="Device Management Admin Service API Definitions"/>
+        <property name="contact" value="dev@wso2.org"/>
+        <property name="license" value="Apache 2.0"/>
+        <property name="licenseUrl" value="http://www.apache.org/licenses/LICENSE-2.0.html"/>
+        <property name="scan" value="true"/>
+    </bean>
+
+    <bean id="mqttManagementService"
+          class="org.wso2.carbon.andes.extensions.device.mgt.jaxrs.service.impl.admin.MQTTManagementAdminServiceImpl"/>
+    <bean id="jsonProvider" class="org.wso2.carbon.andes.extensions.device.mgt.jaxrs.common.GsonMessageBodyHandler"/>
+
+    <cxf:bus>
+        <cxf:inInterceptors>
+            <ref bean="ValidationInterceptor"/>
+        </cxf:inInterceptors>
+    </cxf:bus>
+
+</beans>
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/web.xml b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 000000000..ec7a36b5f
--- /dev/null
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+  ~
+  ~ WSO2 Inc. licenses this file to you under the Apache License,
+  ~ Version 2.0 (the "License"); you may not use this file except
+  ~ in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
+    <display-name>Admin-Webapp</display-name>
+    <servlet>
+        <description>JAX-WS/JAX-RS Device Management Endpoint</description>
+        <display-name>JAX-WS/JAX-RS Servlet</display-name>
+        <servlet-name>CXFServlet</servlet-name>
+        <servlet-class>
+            org.apache.cxf.transport.servlet.CXFServlet
+        </servlet-class>
+        <!-- configure a security filter -->
+        <init-param>
+            <param-name>swagger.security.filter</param-name>
+            <param-value>ApiAuthorizationFilterImpl</param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>CXFServlet</servlet-name>
+        <url-pattern>/*</url-pattern>
+    </servlet-mapping>
+    <session-config>
+        <session-timeout>60</session-timeout>
+    </session-config>
+
+    <context-param>
+        <param-name>doAuthentication</param-name>
+        <param-value>false</param-value>
+    </context-param>
+
+    <!--publish to apim-->
+    <context-param>
+        <param-name>managed-api-enabled</param-name>
+        <param-value>true</param-value>
+    </context-param>
+    <context-param>
+        <param-name>managed-api-owner</param-name>
+        <param-value>admin</param-value>
+    </context-param>
+    <context-param>
+        <param-name>isSharedWithAllTenants</param-name>
+        <param-value>true</param-value>
+    </context-param>
+
+    <!-- Below configuration is used to redirect http requests to https -->
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>DeviceMgt-Admin</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <user-data-constraint>
+            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+        </user-data-constraint>
+    </security-constraint>
+
+    <filter>
+        <filter-name>ApiOriginFilter</filter-name>
+        <filter-class>org.wso2.carbon.andes.extensions.device.mgt.jaxrs.ApiOriginFilter</filter-class>
+    </filter>
+
+    <filter>
+        <filter-name>HttpHeaderSecurityFilter</filter-name>
+        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
+        <init-param>
+            <param-name>hstsEnabled</param-name>
+            <param-value>false</param-value>
+        </init-param>
+    </filter>
+
+    <filter>
+        <filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
+        <filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
+        <init-param>
+            <param-name>patterns</param-name>
+            <param-value>text/html" ,application/json" ,text/plain</param-value>
+        </init-param>
+        <init-param>
+            <param-name>filterAction</param-name>
+            <param-value>enforce</param-value>
+        </init-param>
+        <init-param>
+            <param-name>httpHeaders</param-name>
+            <param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
+        </init-param>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>HttpHeaderSecurityFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <filter-mapping>
+        <filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <filter-mapping>
+        <filter-name>ApiOriginFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+</web-app>