diff --git a/modules/analytics/distribution/src/assembly/bin.xml b/modules/analytics/distribution/src/assembly/bin.xml
index 0d5cc5f2..9b3d5a53 100644
--- a/modules/analytics/distribution/src/assembly/bin.xml
+++ b/modules/analytics/distribution/src/assembly/bin.xml
@@ -184,7 +184,7 @@
                 <include>inputwebsocket.war</include>
                 <include>outputwebsocket.war</include>
                 <include>outputui.war</include>
-                <include>secured-outputui.war</include>
+                <include>secured-websocket.war</include>
             </includes>
         </fileSet>
         <!-- END CEP -->
diff --git a/modules/analytics/distribution/src/repository/conf/etc/jwt.properties b/modules/analytics/distribution/src/repository/conf/etc/jwt.properties
index 40548373..56870d68 100644
--- a/modules/analytics/distribution/src/repository/conf/etc/jwt.properties
+++ b/modules/analytics/distribution/src/repository/conf/etc/jwt.properties
@@ -17,13 +17,13 @@
 #
 
 #issuer of the JWT
-iss=CDMF_DEFAULT_IDP
+iss=iot_default
 
 TokenEndpoint=https://localhost:${iot.core.https.port}/oauth2/token
 
 #audience of JWT claim
 #comma seperated values
-aud=JwtIdentityAudience
+aud=wso2.org/products/iot
 
 #expiration time of JWT (number of minutes from the current time)
 exp=1000
diff --git a/modules/broker/distribution/src/main/conf/broker.xml b/modules/broker/distribution/src/main/conf/broker.xml
index 0551a2a6..ade1fa3e 100755
--- a/modules/broker/distribution/src/main/conf/broker.xml
+++ b/modules/broker/distribution/src/main/conf/broker.xml
@@ -117,7 +117,8 @@ This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/c
 
             <!--All receiving events/messages will be in this ring buffer. Ring buffer size
             of MQTT inbound event disruptor. Default is set to 32768 (1024 * 32)
-            Having a large ring buffer will have a increase memory usage and will improve performance
+            Having a large ring buffer wi
+            ll have a increase memory usage and will improve performance
             and vise versa -->
             <inboundBufferSize>32768</inboundBufferSize>
 
@@ -171,13 +172,23 @@ This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/c
                         inherit from org.dna.mqtt.moquette.server.IAutherizer
                         Note: default implementation authorizes against carbon permission with the topic.
                     -->
-                    <!--connectionPermission is required for a user to connect to broker-->
+                    <!--connectionPermission is required for a user to connect to broker
+                    subscriberPermission is needed to subscribe(subriber permission can be more than one)
+                    publisherPermission is needed to publish(publisher permission can be more than one)
+                    -->
                     <authorizer class="org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.DeviceAccessBasedMQTTAuthorizer">
-                        <property name="connectionPermission">/permission/admin/device-mgt/user</property>
-                        <property name="adminPermission">/permission/admin/device-mgt/admin</property>
-                        <property name="MQTTSubscriberScopeIdentifier">mqtt-subscriber</property>
-                        <property name="MQTTPublisherScopeIdentifier">mqtt-subscriber</property>
-                        <property name="devicemgtScopeIdentifier">device-mgt</property>
+						<!--<property name="connectionPermission">/permission/admin/device-mgt/user</property>-->
+                        <!--topic subscription permissions which are assigned through grouping-->
+                        <property name="subscriberPermission">/permission/device-mgt/user/groups/device_events</property>
+                        <!--topic publisher permissions which are assigned through grouping-->
+                        <property name="publisherPermission">/permission/device-mgt/user/groups/device_operation</property>
+
+                        <property name="username">admin</property>
+                        <property name="password">admin</property>
+                        <property name="tokenEndpoint">https://localhost:9443/oauth2</property>
+                        <!--offset time from expiry time to trigger refresh call - seconds -->
+                        <property name="tokenRefreshTimeOffset">100</property>
+                        <property name="deviceMgtServerUrl">https://localhost:9443</property>
                     </authorizer>
             </security>
         </mqtt>
diff --git a/modules/core/distribution/src/assembly/bin.xml b/modules/core/distribution/src/assembly/bin.xml
index b30ac330..321c76a5 100644
--- a/modules/core/distribution/src/assembly/bin.xml
+++ b/modules/core/distribution/src/assembly/bin.xml
@@ -839,7 +839,7 @@
         </file>
         <file>
             <source>
-                src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml
+                src/repository/conf/identity/identity-providers/iot_default.xml
             </source>
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory>
             <filtered>true</filtered>
@@ -1153,7 +1153,7 @@
         </file>
         <file>
             <source>
-                src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml
+                src/repository/conf/identity/identity-providers/iot_default.xml
             </source>
             <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory>
             <filtered>true</filtered>
@@ -1176,15 +1176,6 @@
             <filtered>true</filtered>
             <fileMode>644</fileMode>
         </file>
-        <!-- Copying remote-appmanager-config.xml -->
-        <file>
-            <source>
-                ../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/device-mgt-scopes.xml
-            </source>
-            <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
-            <filtered>true</filtered>
-            <fileMode>644</fileMode>
-        </file>
         <!-- Copying devi-appmanager-config.xml -->
         <file>
             <source>
diff --git a/modules/core/distribution/src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml b/modules/core/distribution/src/repository/conf/identity/identity-providers/iot_default.xml
similarity index 93%
rename from modules/core/distribution/src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml
rename to modules/core/distribution/src/repository/conf/identity/identity-providers/iot_default.xml
index 8109ae92..07b7f035 100644
--- a/modules/core/distribution/src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml
+++ b/modules/core/distribution/src/repository/conf/identity/identity-providers/iot_default.xml
@@ -17,10 +17,10 @@
   -->
 
 <IdentityProvider>
-	<IdentityProviderName>CDMF_DEFAULT_IDP</IdentityProviderName>
-	<DisplayName>CDMF_DEFAULT_IDP</DisplayName>
+	<IdentityProviderName>iot_default</IdentityProviderName>
+	<DisplayName>iot_default</DisplayName>
 	<IdentityProviderDescription></IdentityProviderDescription>
-	<Alias>JwtIdentityAudience</Alias>
+	<Alias>wso2.org/products/iot</Alias>
 	<IsPrimary>true</IsPrimary>
 	<IsFederationHub></IsFederationHub>
 	<HomeRealmId></HomeRealmId>
diff --git a/modules/core/distribution/src/repository/conf/identity/identity.xml b/modules/core/distribution/src/repository/conf/identity/identity.xml
index f4930e5a..af9e7900 100644
--- a/modules/core/distribution/src/repository/conf/identity/identity.xml
+++ b/modules/core/distribution/src/repository/conf/identity/identity.xml
@@ -149,16 +149,11 @@
                 <GrantTypeName>iwa:ntlm</GrantTypeName>
                 <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.iwa.ntlm.NTLMAuthenticationGrantHandler</GrantTypeHandlerImplClass>
             </SupportedGrantType>
-            <SupportedGrantType>
-                <GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtJWTBearerGrantHandler</GrantTypeHandlerImplClass>
-                <GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDeviceJWTGrantValidator</GrantTypeValidatorImplClass>
-            </SupportedGrantType>
-            <SupportedGrantType>
-                <GrantTypeName>device-mgt:password</GrantTypeName>
-                <GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtPasswordGrantHandler</GrantTypeHandlerImplClass>
-                <GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDevicePasswordGrantValidator</GrantTypeValidatorImplClass>
-            </SupportedGrantType>
+			<SupportedGrantType>
+				<GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName>
+				<GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler</GrantTypeHandlerImplClass>
+				<GrantTypeValidatorImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTGrantValidator</GrantTypeValidatorImplClass>
+			</SupportedGrantType>
         </SupportedGrantTypes>
         <OAuthCallbackHandlers>
             <OAuthCallbackHandler Class="org.wso2.carbon.device.mgt.oauth.extensions.handlers.DeviceMgtOAuthCallbackHandler"/>
diff --git a/modules/core/distribution/src/repository/conf/tomcat/context.xml b/modules/core/distribution/src/repository/conf/tomcat/context.xml
index 0c4bfa37..512337cd 100644
--- a/modules/core/distribution/src/repository/conf/tomcat/context.xml
+++ b/modules/core/distribution/src/repository/conf/tomcat/context.xml
@@ -47,9 +47,6 @@
      -->
     <Listener className="org.wso2.carbon.apimgt.webapp.publisher.lifecycle.listener.APIPublisherLifecycleListener"/>
 
-    <!-- Listener responsible for reading device features -->
-    <Listener className="org.wso2.carbon.device.mgt.extensions.feature.mgt.lifecycle.listener.FeatureManagementLifecycleListener"/>
-
     <!-- WebAppDeploymentLifecycleListener listens to webapp deployment events and adds the custom permissions defined in webapps'
         META-INF/permissions.xml to the permissions/admin section of registry. Given below is a sample of permissions.xml file.