diff --git a/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
index be0eee231..2c66f5c1d 100644
--- a/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/androidsense-plugin/org.wso2.carbon.device.mgt.iot.androidsense.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
 		<servlet-name>CXFServlet</servlet-name>
 		<url-pattern>/*</url-pattern>
 	</servlet-mapping>
-	<context-param>
-		<param-name>isAdminService</param-name>
-		<param-value>false</param-value>
-	</context-param>
 	<context-param>
 		<param-name>doAuthentication</param-name>
 		<param-value>true</param-value>
diff --git a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
index a137eb9cc..96122464a 100644
--- a/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/arduino-plugin/org.wso2.carbon.device.mgt.iot.arduino.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
         <servlet-name>CXFServlet</servlet-name>
         <url-pattern>/*</url-pattern>
     </servlet-mapping>
-    <context-param>
-        <param-name>isAdminService</param-name>
-        <param-value>false</param-value>
-    </context-param>
     <context-param>
         <param-name>doAuthentication</param-name>
         <param-value>true</param-value>
diff --git a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
index 975eb808a..e6b97eaed 100644
--- a/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/raspberrypi-plugin/org.wso2.carbon.device.mgt.iot.raspberrypi.api/src/main/webapp/WEB-INF/web.xml
@@ -16,10 +16,6 @@
         <servlet-name>CXFServlet</servlet-name>
         <url-pattern>/*</url-pattern>
     </servlet-mapping>
-    <context-param>
-        <param-name>isAdminService</param-name>
-        <param-value>false</param-value>
-    </context-param>
     <context-param>
         <param-name>doAuthentication</param-name>
         <param-value>true</param-value>
diff --git a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
index eb4a397bf..4337c5720 100644
--- a/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/webapp/WEB-INF/web.xml
@@ -16,18 +16,10 @@
         <servlet-name>CXFServlet</servlet-name>
         <url-pattern>/*</url-pattern>
     </servlet-mapping>
-    <context-param>
-        <param-name>isAdminService</param-name>
-        <param-value>false</param-value>
-    </context-param>
     <context-param>
         <param-name>doAuthentication</param-name>
         <param-value>true</param-value>
     </context-param>
-    <context-param>
-        <param-name>providerTenantDomain</param-name>
-        <param-value>carbon.super</param-value>
-    </context-param>
 
     <!--publish to apim-->
     <context-param>
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
index d8e779491..0edea4d1e 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/DeviceAuthorizer.java
@@ -61,6 +61,11 @@ public class DeviceAuthorizer implements Authorizer {
     @Override
     public void init(Map<String, String> globalProperties) {
         statPermissions = getPermissions(globalProperties);
+        if (statPermissions != null && !statPermissions.isEmpty()) {
+            for (String permission : statPermissions) {
+                PermissionUtil.putPermission(permission);
+            }
+        }
         try {
             deviceAccessAuthorizationAdminService = Feign.builder()
                     .requestInterceptor(new OAuthRequestInterceptor(globalProperties))
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java
new file mode 100644
index 000000000..cab25a8c4
--- /dev/null
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/PermissionUtil.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.output.adapter.websocket.authorization;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.device.mgt.output.adapter.websocket.internal.WebsocketEventAdaptorServiceDataHolder;
+import org.wso2.carbon.registry.api.Resource;
+import org.wso2.carbon.registry.core.Registry;
+import org.wso2.carbon.registry.core.exceptions.RegistryException;
+
+import java.util.StringTokenizer;
+
+/**
+ * Utility class which holds necessary utility methods required for persisting permissions in
+ * registry.
+ */
+public class PermissionUtil {
+
+    public static final String PERMISSION_PROPERTY_NAME = "name";
+    private static Log log = LogFactory.getLog(DeviceAuthorizer.class);
+
+    public static void putPermission(String permission) {
+        try {
+            StringTokenizer tokenizer = new StringTokenizer(permission, "/");
+            String lastToken = "", currentToken, tempPath;
+            while (tokenizer.hasMoreTokens()) {
+                currentToken = tokenizer.nextToken();
+                tempPath = lastToken + "/" + currentToken;
+                if (!checkResourceExists(tempPath)) {
+                    createRegistryCollection(tempPath, currentToken);
+
+                }
+                lastToken = tempPath;
+            }
+        } catch (org.wso2.carbon.registry.api.RegistryException e) {
+            log.error("Failed to creation permission in registry" + permission, e);
+        }
+    }
+
+    public static void createRegistryCollection(String path, String resourceName)
+            throws org.wso2.carbon.registry.api.RegistryException {
+        Resource resource = getGovernanceRegistry().newCollection();
+        resource.addProperty(PERMISSION_PROPERTY_NAME, resourceName);
+        getGovernanceRegistry().beginTransaction();
+        getGovernanceRegistry().put(path, resource);
+        getGovernanceRegistry().commitTransaction();
+    }
+
+    public static boolean checkResourceExists(String path)
+            throws RegistryException {
+        return getGovernanceRegistry().resourceExists(path);
+    }
+
+    public static Registry getGovernanceRegistry() throws RegistryException {
+        return WebsocketEventAdaptorServiceDataHolder.getRegistryService()
+                    .getGovernanceSystemRegistry(MultitenantConstants.SUPER_TENANT_ID);
+    }
+
+}
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
index 0485b0710..7cf22b0a2 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketEventAdaptorServiceDataHolder.java
@@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.output.adapter.websocket.internal;
 
 import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallbackControllerServiceImpl;
 import org.wso2.carbon.event.stream.core.EventStreamService;
+import org.wso2.carbon.registry.core.service.RegistryService;
 
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.LinkedBlockingDeque;
@@ -35,6 +36,7 @@ public final class WebsocketEventAdaptorServiceDataHolder {
     private static ConcurrentHashMap<Integer, ConcurrentHashMap<String, LinkedBlockingDeque<Object>>>
             tenantSpecificStreamEventMap = new ConcurrentHashMap<>();
     private static EventStreamService eventStreamService;
+    private static RegistryService registryService;
 
     public static void registerEventStreamService(EventStreamService eventBuilderService) {
         WebsocketEventAdaptorServiceDataHolder.eventStreamService = eventBuilderService;
@@ -63,4 +65,15 @@ public final class WebsocketEventAdaptorServiceDataHolder {
     getTenantSpecificStreamEventMap() {
         return tenantSpecificStreamEventMap;
     }
+
+    public static RegistryService getRegistryService() {
+        if (registryService == null) {
+            throw new IllegalStateException("Registry service is not initialized properly");
+        }
+        return registryService;
+    }
+
+    public static void setRegistryService(RegistryService registryService) {
+        WebsocketEventAdaptorServiceDataHolder.registryService = registryService;
+    }
 }
diff --git a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
index 4820d46e6..9425f9cda 100644
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/internal/WebsocketLocalEventAdapterServiceComponent.java
@@ -26,12 +26,19 @@ import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallba
 import org.wso2.carbon.event.output.adapter.core.OutputEventAdapterFactory;
 import org.wso2.carbon.device.mgt.output.adapter.websocket.WebsocketOutputCallbackControllerService;
 import org.wso2.carbon.event.stream.core.EventStreamService;
+import org.wso2.carbon.registry.core.service.RegistryService;
 
 /**
  * @scr.component component.name="output.extensions.secured.websocket.AdapterService.component" immediate="true"
  * @scr.reference name="eventStreamService.service"
  * interface="org.wso2.carbon.event.stream.core.EventStreamService" cardinality="1..1"
  * policy="dynamic" bind="setEventStreamService" unbind="unsetEventStreamService"
+ * @scr.reference name="registry.service"
+ * interface="org.wso2.carbon.registry.core.service.RegistryService"
+ * cardinality="1..1"
+ * policy="dynamic"
+ * bind="setRegistryService"
+ * unbind="unsetRegistryService"
  */
 public class WebsocketLocalEventAdapterServiceComponent {
 
@@ -80,4 +87,28 @@ public class WebsocketLocalEventAdapterServiceComponent {
         }
         WebsocketEventAdaptorServiceDataHolder.registerEventStreamService(null);
     }
+
+    /**
+     * Sets Registry Service.
+     *
+     * @param registryService An instance of RegistryService
+     */
+    protected void setRegistryService(RegistryService registryService) {
+        if (log.isDebugEnabled()) {
+            log.debug("Setting Registry Service");
+        }
+        WebsocketEventAdaptorServiceDataHolder.setRegistryService(registryService);
+    }
+
+    /**
+     * Unsets Registry Service.
+     *
+     * @param registryService An instance of RegistryService
+     */
+    protected void unsetRegistryService(RegistryService registryService) {
+        if (log.isDebugEnabled()) {
+            log.debug("Un setting Registry Service");
+        }
+        WebsocketEventAdaptorServiceDataHolder.setRegistryService(null);
+    }
 }
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
index 886daa912..9a29d0026 100755
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
@@ -40,6 +40,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
     private static final String APPLICATION_NAME = "mqtt_broker";
     private static final String PASSWORD_GRANT_TYPE = "password";
     private static final String REFRESH_GRANT_TYPE = "refresh_token";
+    private static final String REQUIRED_SCOPE = "perm:authorization:verify";
     private ApiApplicationRegistrationService apiApplicationRegistrationService;
     private TokenIssuerService tokenIssuerService;
 
@@ -76,7 +77,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
                     new BasicAuthRequestInterceptor(consumerKey, consumerSecret))
                     .contract(new JAXRSContract()).encoder(new GsonEncoder()).decoder(new GsonDecoder())
                     .target(TokenIssuerService.class, AuthorizationConfigurationManager.getInstance().getTokenEndpoint());
-            tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
+            tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password, REQUIRED_SCOPE);
             tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
         }
         synchronized (this) {
diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
index 3e8413b45..5938587f3 100755
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/dto/TokenIssuerService.java
@@ -33,6 +33,12 @@ public interface TokenIssuerService {
     AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
                              @QueryParam("password") String password);
 
+    @POST
+    @Produces(MediaType.APPLICATION_JSON)
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    AccessTokenInfo getToken(@QueryParam("grant_type") String grant, @QueryParam("username") String username,
+                             @QueryParam("password") String password, @QueryParam("scopes") String scopes);
+
     @POST
     @Produces(MediaType.APPLICATION_JSON)
     @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
index 63510fe9b..b22bd2b5d 100644
--- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/webapp/WEB-INF/web.xml
@@ -42,11 +42,6 @@
     <session-config>
         <session-timeout>60</session-timeout>
     </session-config>
-
-    <context-param>
-        <param-name>isAdminService</param-name>
-        <param-value>false</param-value>
-    </context-param>
     <context-param>
         <param-name>managed-api-enabled</param-name>
         <param-value>true</param-value>
diff --git a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
index 8dbd5e352..6ea6be132 100644
--- a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
+++ b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/webapp/WEB-INF/web.xml
@@ -48,10 +48,6 @@
     <session-config>
         <session-timeout>60</session-timeout>
     </session-config>
-    <context-param>
-        <param-name>isAdminService</param-name>
-        <param-value>false</param-value>
-    </context-param>
     <context-param>
         <param-name>managed-api-enabled</param-name>
         <param-value>true</param-value>