diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 6e8ac688f..71067f6be 100755
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -229,6 +229,8 @@ class RBAC
             "Delete process cases"
         ), array("PER_UID" => "00000000000000000000000000000037", "PER_CODE" => "PM_EDITPERSONALINFO_CALENDAR",
             "PER_NAME" => "Edit personal info Calendar"
+        ), array("PER_UID" => "00000000000000000000000000000038", "PER_CODE" => "PM_REST_API_APPLICATIONS",
+            "PER_NAME" => "Create rest API Aplications"
         )
         );
         return $permissionsAdmin;
diff --git a/rbac/engine/data/mysql/insert.sql b/rbac/engine/data/mysql/insert.sql
index 85a714a7d..662cc6a1e 100755
--- a/rbac/engine/data/mysql/insert.sql
+++ b/rbac/engine/data/mysql/insert.sql
@@ -18,24 +18,25 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
 ('00000000000000000000000000000017','PM_FOLDERS_ADD_FILE','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000018','PM_CANCELCASE','2011-12-11 00:00:00','2011-12-11 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000019','PM_FOLDER_DELETE','2011-12-11 00:00:00','2011-12-11 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000020','PM_SETUP_LOGO','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000021','PM_SETUP_EMAIL','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000022','PM_SETUP_CALENDAR','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000023','PM_SETUP_PROCESS_CATEGORIES','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000024','PM_SETUP_CLEAR_CACHE','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000025','PM_SETUP_HEART_BEAT','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000026','PM_SETUP_ENVIRONMENT','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000027','PM_SETUP_PM_TABLES','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000028','PM_SETUP_LOGIN','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000029','PM_SETUP_DASHBOARDS','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000030','PM_SETUP_LANGUAGE','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000031','PM_SETUP_SKIN','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000032','PM_SETUP_CASES_LIST_CACHE_BUILDER','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000033','PM_SETUP_PLUGINS','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000034','PM_SETUP_USERS_AUTHENTICATION_SOURCES','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000035','PM_SETUP_LOGS','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000036','PM_DELETE_PROCESS_CASES','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000037','PM_EDITPERSONALINFO_CALENDAR','2016-03-01 00:00:00','0000-00-00 00:00:00',1,'00000000000000000000000000000002');
+('00000000000000000000000000000020','PM_SETUP_LOGO','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000021','PM_SETUP_EMAIL','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000022','PM_SETUP_CALENDAR','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000023','PM_SETUP_PROCESS_CATEGORIES','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000024','PM_SETUP_CLEAR_CACHE','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000025','PM_SETUP_HEART_BEAT','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000026','PM_SETUP_ENVIRONMENT','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000027','PM_SETUP_PM_TABLES','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000028','PM_SETUP_LOGIN','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000029','PM_SETUP_DASHBOARDS','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000030','PM_SETUP_LANGUAGE','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000031','PM_SETUP_SKIN','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000032','PM_SETUP_CASES_LIST_CACHE_BUILDER','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000033','PM_SETUP_PLUGINS','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000034','PM_SETUP_USERS_AUTHENTICATION_SOURCES','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000035','PM_SETUP_LOGS','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000036','PM_DELETE_PROCESS_CASES','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000037','PM_EDITPERSONALINFO_CALENDAR','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000038','PM_REST_API_APPLICATIONS','2016-06-14 00:00:00','2016-06-14 00:00:00',1,'00000000000000000000000000000002');
 
 INSERT INTO `RBAC_ROLES` VALUES
 ('00000000000000000000000000000001','','00000000000000000000000000000001','RBAC_ADMIN','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
@@ -82,6 +83,7 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
 ('00000000000000000000000000000002','00000000000000000000000000000035'),
 ('00000000000000000000000000000002','00000000000000000000000000000036'),
 ('00000000000000000000000000000002','00000000000000000000000000000037'),
+('00000000000000000000000000000002','00000000000000000000000000000038'),
 ('00000000000000000000000000000003','00000000000000000000000000000001'),
 ('00000000000000000000000000000003','00000000000000000000000000000005'),
 ('00000000000000000000000000000004','00000000000000000000000000000001'),
@@ -116,7 +118,8 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
 ('00000000000000000000000000000004','00000000000000000000000000000034'),
 ('00000000000000000000000000000004','00000000000000000000000000000035'),
 ('00000000000000000000000000000004','00000000000000000000000000000036'),
-('00000000000000000000000000000004','00000000000000000000000000000037');
+('00000000000000000000000000000004','00000000000000000000000000000037'),
+('00000000000000000000000000000004','00000000000000000000000000000038');
 
 INSERT INTO `RBAC_SYSTEMS` VALUES ('00000000000000000000000000000001','RBAC','2007-07-31 19:10:22','2007-08-03 12:24:36',1),('00000000000000000000000000000002','PROCESSMAKER','2007-07-31 19:10:22','2007-08-03 12:24:36',1);
 INSERT INTO `RBAC_USERS` VALUES ('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator','','admin@processmaker.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1,'MYSQL','00000000000000000000000000000000','','');
diff --git a/workflow/engine/methods/oauth2/applications.php b/workflow/engine/methods/oauth2/applications.php
index c197693b5..9ce4c3bc5 100644
--- a/workflow/engine/methods/oauth2/applications.php
+++ b/workflow/engine/methods/oauth2/applications.php
@@ -21,7 +21,12 @@
  * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
  * Coral Gables, FL, 33134, USA, or email info@colosa.com.
  */
-
+global $RBAC;
+if ($RBAC->userCanAccess('PM_REST_API_APPLICATIONS') != 1) {
+    G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
+    G::header('location: ../login/login');
+    die();
+}
 $G_PUBLISH = new Publisher();
 $G_PUBLISH->AddContent('view', 'oauth2/applicationsLoad');
 G::RenderPage('publish');