diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po
index c4a5e3303..56c992665 100644
--- a/workflow/engine/content/translations/english/processmaker.en.po
+++ b/workflow/engine/content/translations/english/processmaker.en.po
@@ -1747,6 +1747,12 @@ msgstr "Databases Source List"
 msgid "Changes saved"
 msgstr "Changes saved"
 
+# TRANSLATION
+# LABEL/ID_SELECT_USER_OR_GROUP
+#: LABEL/ID_SELECT_USER_OR_GROUP
+msgid "Please select the name of a user or a group in the Group or User field"
+msgstr "Please select the name of a user or a group in the Group or User field"
+
 # TRANSLATION
 # LABEL/ID_EMAILS
 #: LABEL/ID_EMAILS
diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql
index c36449fee..c98ff9e22 100644
--- a/workflow/engine/data/mysql/insert.sql
+++ b/workflow/engine/data/mysql/insert.sql
@@ -6189,7 +6189,8 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
 ( 'LABEL','ID_CASE_ROUTED_TO','en','Case routed to','2017-06-02'),
 ( 'LABEL','ID_IMPORTED','en','IMPORTED','2017-10-03'),
 ( 'LABEL','ID_NOT_IMPORTED','en','NOT IMPORTED','2017-10-03'),
-( 'LABEL','ID_CANNOT_IMPORT','en','CANNOT IMPORT','2017-10-03');
+( 'LABEL','ID_CANNOT_IMPORT','en','CANNOT IMPORT','2017-10-03'),
+( 'LABEL','ID_SELECT_USER_OR_GROUP','en','Please select the name of a user or a group in the Group or User field','2017-10-19');
 
 INSERT INTO ISO_LOCATION (IC_UID,IL_UID,IL_NAME,IL_NORMAL_NAME,IS_UID)  VALUES 
 ('AD','','',' ','') ,
diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
index d66b6e197..862907bd8 100644
--- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
@@ -5,6 +5,7 @@ use Behat\Behat\Exception\Exception;
 use \G;
 use \Criteria;
 use \ObjectPermissionPeer;
+use \Exception as StandardException;
 
 /**
  * @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
@@ -224,6 +225,9 @@ class ProcessPermissions
             if ($opUid != '') {
                 $opUid  = $this->validateOpUid($opUid);
             }
+            if (empty($data['USR_UID']) || (isset($data['USR_UID']) && $data['USR_UID'] === "null")) {
+                throw (new StandardException(G::LoadTranslation("ID_SELECT_USER_OR_GROUP")));
+            }
             if ($data['OP_USER_RELATION'] == "1") {
                 $this->validateUsrUid($data['USR_UID']);
             } else {
diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
index 974f18116..7b023a8da 100644
--- a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
@@ -58,44 +58,22 @@ class ProcessPermissions extends Api
     }
 
     /**
+     * Creates a new Process Permission for a project.
+     * 
+     * @url POST /:prj_uid/process-permission/
+     * @status 201
+     * 
      * @param string $prj_uid {@min 1} {@max 32}
      * @param array $request_data
      *
-     * @param string $usr_uid {@from body} {@min 1} {@max 32}
-     * @param string $op_user_relation {@from body} {@choice 1,2}
-     * @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED}
-     * @param string $op_participate {@from body} {@choice 0,1}
-     * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
-     * @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND}
-     * @param string $tas_uid {@from body}
-     * @param string $op_task_source {@from body}
-     * @param string $dynaforms {@from body}
-     * @param string $inputs {@from body}
-     * @param string $outputs {@from body}
-     *
-     * @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
-     * @copyright Colosa - Bolivia
-     *
      * @return array
-     *
-     * @url POST /:prj_uid/process-permission/
-     * @status 201
+     * @throws RestException
+     * 
+     * @access protected
+     * @class AccessControl {@permission PM_FACTORY}
      */
-    public function doPostProcessPermission(
-        $prj_uid,
-        $request_data,
-        $usr_uid,
-        $op_user_relation,
-        $op_case_status,
-        $op_participate,
-        $op_obj_type,
-        $op_action,
-        $tas_uid = '',
-        $op_task_source = '',
-        $dynaforms = '',
-        $inputs = '',
-        $outputs = ''
-    ) {
+    public function doPostProcessPermission($prj_uid, $request_data)
+    {
         try {
             $hiddenFields = array('task_target', 'group_user', 'task_source',
                 'object_type', 'object', 'participated', 'action'