diff --git a/client/api/authorize.go b/client/api/authorize.go
new file mode 100644
index 0000000..5380b4c
--- /dev/null
+++ b/client/api/authorize.go
@@ -0,0 +1,26 @@
+package api
+
+import (
+	"encoding/json"
+	"strings"
+
+	internalhttp "github.com/Tecsisa/foulkon/http"
+)
+
+func (c *ClientAPI) GetAuthorizedResources(action, resources string) (string, error) {
+	numResources := strings.Count("resources", ",") + 1
+	resourcesJson := make([]string, numResources)
+	if err := json.Unmarshal([]byte(resources), &resourcesJson); err != nil {
+		return "", err
+	}
+	body := map[string]interface{}{
+		"action":    action,
+		"resources": resourcesJson,
+	}
+
+	req, err := c.prepareRequest("POST", internalhttp.RESOURCE_URL, body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
diff --git a/client/api/group.go b/client/api/group.go
new file mode 100644
index 0000000..5243954
--- /dev/null
+++ b/client/api/group.go
@@ -0,0 +1,130 @@
+package api
+
+import internalhttp "github.com/Tecsisa/foulkon/http"
+
+func (c *ClientAPI) GetGroup(organizationId, groupName string) (string, error) {
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetAllGroups(pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/groups", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetGroupsByOrg(organizationId, pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) CreateGroup(organizationId, groupName, path string) (string, error) {
+	body := map[string]interface{}{
+		"name": groupName,
+		"path": path,
+	}
+	req, err := c.prepareRequest("POST", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups", body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) UpdateGroup(organizationId, groupName, newName, newPath string) (string, error) {
+	body := map[string]interface{}{
+		"name": newName,
+		"path": newPath,
+	}
+	req, err := c.prepareRequest("PUT", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName, body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) DeleteGroup(organizationId, groupName string) (string, error) {
+	req, err := c.prepareRequest("DELETE", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetGroupPolicies(organizationId, groupName, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"Offset":  offset,
+		"Limit":   limit,
+		"OrderBy": orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/policies", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) AttachPolicyToGroup(organizationId, groupName, policyName string) (string, error) {
+	req, err := c.prepareRequest("POST", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/policies/"+policyName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) DetachPolicyFromGroup(organizationId, groupName, policyName string) (string, error) {
+	req, err := c.prepareRequest("DELETE", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/policies/"+policyName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetGroupMembers(organizationId, groupName, pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/users", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) AddMemberToGroup(organizationId, groupName, userName string) (string, error) {
+	req, err := c.prepareRequest("POST", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/users/"+userName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) RemoveMemberFromGroup(organizationId, groupName, userName string) (string, error) {
+	req, err := c.prepareRequest("DELETE", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/groups/"+groupName+"/users/"+userName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
diff --git a/client/api/manager.go b/client/api/manager.go
new file mode 100644
index 0000000..31e33b6
--- /dev/null
+++ b/client/api/manager.go
@@ -0,0 +1,47 @@
+package api
+
+import "net/http"
+
+type UserAPI interface {
+	GetUser(externalId string) (string, error)
+	GetAllUsers(pathPrefix, offset, limit, orderBy string) (string, error)
+	GetUserGroups(externalId, offset, limit, orderBy string) (string, error)
+	CreateUser(externalId, path string) (string, error)
+	UpdateUser(externalId, path string) (string, error)
+	DeleteUser(externalId string) (string, error)
+}
+
+type PolicyAPI interface {
+	GetPolicy(organizationId, policyName string) (string, error)
+	GetAllPolicies(pathPrefix, offset, limit, orderBy string) (string, error)
+	CreatePolicy(organizationId, policyName, path, statement string) (string, error)
+	UpdatePolicy(organizationId, policyName, path, statement string) (string, error)
+	DeletePolicy(organizationId, policyName string) (string, error)
+	GetGroupsAttached(organizationId, policyName, offset, limit, orderBy string) (string, error)
+	GetPoliciesOrganization(organizationId, pathPrefix, offset, limit, orderBy string) (string, error)
+}
+
+type GroupAPI interface {
+	GetGroup(organizationId, groupName string) (string, error)
+	GetAllGroups(pathPrefix, offset, limit, orderBy string) (string, error)
+	GetGroupsByOrg(organizationId, pathPrefix, offset, limit, orderBy string) (string, error)
+	CreateGroup(organizationId, groupName, path string) (string, error)
+	UpdateGroup(organizationId, groupName, newName, newPath string) (string, error)
+	DeleteGroup(organizationId, groupName string) (string, error)
+	GetGroupPolicies(organizationId, groupName, offset, limit, orderBy string) (string, error)
+	AttachPolicyToGroup(organizationId, groupName, policyName string) (string, error)
+	DetachPolicyFromGroup(organizationId, groupName, policyName string) (string, error)
+	GetGroupMembers(organizationId, groupName, pathPrefix, offset, limit, orderBy string) (string, error)
+	AddMemberToGroup(organizationId, groupName, userName string) (string, error)
+	RemoveMemberFromGroup(organizationId, groupName, userName string) (string, error)
+}
+
+type AuthorizeAPI interface {
+	GetAuthorizedResources(action, resources string) (string, error)
+}
+
+type ClientAPI struct {
+	Address     string
+	requestInfo map[string]string
+	http.Client
+}
diff --git a/client/api/policy.go b/client/api/policy.go
new file mode 100644
index 0000000..bd31889
--- /dev/null
+++ b/client/api/policy.go
@@ -0,0 +1,102 @@
+package api
+
+import (
+	"encoding/json"
+
+	"github.com/Tecsisa/foulkon/api"
+	internalhttp "github.com/Tecsisa/foulkon/http"
+)
+
+func (c *ClientAPI) GetPolicy(organizationId, policyName string) (string, error) {
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies/"+policyName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetAllPolicies(pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/policies", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) CreatePolicy(organizationId, policyName, path, statement string) (string, error) {
+
+	statementApi := []api.Statement{}
+	if err := json.Unmarshal([]byte(statement), &statementApi); err != nil {
+		return "", err
+	}
+	body := map[string]interface{}{
+		"name":       policyName,
+		"path":       path,
+		"Statements": statementApi,
+	}
+
+	req, err := c.prepareRequest("POST", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies", body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) UpdatePolicy(organizationId, policyName, path, statement string) (string, error) {
+	statementApi := []api.Statement{}
+	if err := json.Unmarshal([]byte(statement), &statementApi); err != nil {
+		return "", err
+	}
+	body := map[string]interface{}{
+		"name":       policyName,
+		"path":       path,
+		"Statements": statementApi,
+	}
+
+	req, err := c.prepareRequest("PUT", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies/"+policyName, body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) DeletePolicy(organizationId, policyName string) (string, error) {
+	req, err := c.prepareRequest("DELETE", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies/"+policyName, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetGroupsAttached(organizationId, policyName, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"Offset":  offset,
+		"Limit":   limit,
+		"OrderBy": orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies/"+policyName+"/groups", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetPoliciesOrganization(organizationId, pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.API_VERSION_1+"/organizations/"+organizationId+"/policies", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
diff --git a/client/api/user.go b/client/api/user.go
new file mode 100644
index 0000000..526fe78
--- /dev/null
+++ b/client/api/user.go
@@ -0,0 +1,71 @@
+package api
+
+import internalhttp "github.com/Tecsisa/foulkon/http"
+
+func (c *ClientAPI) GetUser(externalId string) (string, error) {
+	req, err := c.prepareRequest("GET", internalhttp.USER_ROOT_URL+"/"+externalId, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetAllUsers(pathPrefix, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"PathPrefix": pathPrefix,
+		"Offset":     offset,
+		"Limit":      limit,
+		"OrderBy":    orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.USER_ROOT_URL, nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) GetUserGroups(externalId, offset, limit, orderBy string) (string, error) {
+	urlParams := map[string]string{
+		"Offset":  offset,
+		"Limit":   limit,
+		"OrderBy": orderBy,
+	}
+	req, err := c.prepareRequest("GET", internalhttp.USER_ROOT_URL+"/"+externalId+"/groups", nil, urlParams)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) CreateUser(externalId, path string) (string, error) {
+	body := map[string]interface{}{
+		"externalId": externalId,
+		"path":       path,
+	}
+
+	req, err := c.prepareRequest("POST", internalhttp.USER_ROOT_URL, body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) UpdateUser(externalId, path string) (string, error) {
+	body := map[string]interface{}{
+		"path": path,
+	}
+
+	req, err := c.prepareRequest("PUT", internalhttp.USER_ROOT_URL+"/"+externalId, body, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
+
+func (c *ClientAPI) DeleteUser(externalId string) (string, error) {
+	req, err := c.prepareRequest("DELETE", internalhttp.USER_ROOT_URL+"/"+externalId, nil, nil)
+	if err != nil {
+		return "", err
+	}
+	return c.makeRequest(req)
+}
diff --git a/client/api/util.go b/client/api/util.go
new file mode 100644
index 0000000..b44cd34
--- /dev/null
+++ b/client/api/util.go
@@ -0,0 +1,77 @@
+package api
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"strconv"
+)
+
+// Helper func for updating request params
+func (c *ClientAPI) prepareRequest(method, url string, postContent map[string]interface{}, queryParams map[string]string) (*http.Request, error) {
+	url = c.Address + url
+	// insert post content to body
+	var body *bytes.Buffer
+	if postContent != nil {
+		payload, err := json.Marshal(postContent)
+		if err != nil {
+			return nil, err
+		}
+		body = bytes.NewBuffer(payload)
+	}
+	if body == nil {
+		body = bytes.NewBuffer([]byte{})
+	}
+	// initialize http request
+	req, err := http.NewRequest(method, url, body)
+	if err != nil {
+		return nil, err
+	}
+	// add basic auth
+	req.SetBasicAuth("admin", "admin")
+
+	// add query params
+	if queryParams != nil {
+		values := req.URL.Query()
+		for k, v := range queryParams {
+			values.Add(k, v)
+		}
+		req.URL.RawQuery = values.Encode()
+	}
+
+	return req, nil
+}
+
+func (c *ClientAPI) makeRequest(req *http.Request) (string, error) {
+	resp, err := c.Do(req)
+	if err != nil {
+		return "", err
+	}
+
+	defer resp.Body.Close()
+
+	// read body
+	var msg string
+	buffer := new(bytes.Buffer)
+	nb, _ := buffer.ReadFrom(resp.Body)
+	if nb != 0 {
+		// json pretty-print
+		var out bytes.Buffer
+		err = json.Indent(&out, buffer.Bytes(), "", "\t")
+		if err != nil {
+			return "", err
+		}
+		msg = out.String()
+	}
+
+	switch {
+	case resp.StatusCode >= 200 && resp.StatusCode < 300:
+		if msg == "" {
+			msg = "Operation succeeded"
+		}
+		return msg, nil
+	default:
+		return "", errors.New("Operation failed, received HTTP status code " + strconv.Itoa(resp.StatusCode))
+	}
+}
diff --git a/client/cli/main.go b/client/cli/main.go
new file mode 100644
index 0000000..d8739d1
--- /dev/null
+++ b/client/cli/main.go
@@ -0,0 +1,375 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/Tecsisa/foulkon/client/api"
+)
+
+const (
+	DEFAULT_ADDRESS     = "http://127.0.0.1:8000"
+	FLAG_EXTERNALID     = "extId"
+	FLAG_ORGANIZATIONID = "orgId"
+	FLAG_GROUPNAME      = "groupName"
+	FLAG_NEWGROUPNAME   = "newGroupName"
+	FLAG_POLICYNAME     = "policyName"
+	FLAG_USERNAME       = "userName"
+	FLAG_OFFSET         = "offset"
+	FLAG_LIMIT          = "limit"
+	FLAG_ORDERBY        = "orderBy"
+	FLAG_PATHPREFIX     = "pathPrefix"
+	FLAG_NEWPATH        = "newPath"
+	FLAG_PATH           = "path"
+	FLAG_STATEMENT      = "statement"
+	FLAG_ACTION         = "action"
+	FLAG_RESOURCES      = "resources"
+)
+
+type Cli struct {
+	UserApi      api.UserAPI
+	GroupApi     api.GroupAPI
+	PolicyApi    api.PolicyAPI
+	AuthorizeAPI api.AuthorizeAPI
+}
+
+//parseFlags is a helper function that return the input flags as a map
+func parseFlags(availableFlags map[string]string, cmdValidFlags, cliArgs []string, requiredFlags int) map[string]string {
+	params := make(map[string]string)
+
+	flagSet := flag.NewFlagSet(cliArgs[0]+" "+cliArgs[1], flag.ExitOnError)
+
+	for _, val := range cmdValidFlags {
+		flagSet.String(val, "", availableFlags[val])
+	}
+
+	if err := flagSet.Parse(cliArgs[2:]); err != nil {
+		fmt.Fprintln(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+
+	for i, v := range cmdValidFlags {
+		val := flagSet.Lookup(v).Value.String()
+		if i < requiredFlags && val == "" {
+			return nil
+		}
+		params[v] = val
+	}
+
+	return params
+}
+
+func main() {
+	availableFlags := map[string]string{
+		FLAG_OFFSET:         "Offset of returned items",
+		FLAG_EXTERNALID:     "User's external identifier",
+		FLAG_ORGANIZATIONID: "Policy's organization",
+		FLAG_POLICYNAME:     "Policy's name",
+		FLAG_LIMIT:          "Maximum number of items in response",
+		FLAG_ORDERBY:        "Sort the result by specified column",
+		FLAG_PATHPREFIX:     "Search starts from this path",
+		FLAG_PATH:           "--- location",
+		FLAG_STATEMENT:      "policy's statement",
+		FLAG_GROUPNAME:      "Group's name",
+		FLAG_NEWGROUPNAME:   "New group name",
+		FLAG_USERNAME:       "User's Name",
+		FLAG_NEWPATH:        "New Path",
+		FLAG_ACTION:         "Action applied over the resources",
+		FLAG_RESOURCES:      "List of resources",
+	}
+
+	help := `Foulkon CLI usage: foulkon [-address=http://1.2.3.4:8080] <command> <action> [<args>]
+
+Available commands:
+	user
+	group
+	policy
+	authorize
+
+To get more help, please execute this cli with a <command>`
+
+	userHelp := `User actions:
+	get -id=xxx                   		retrieve user xxx
+	get-all <optionalParams>      		retrieve users
+	groups -id=xxx <optionalParams> 	retrieve user's groups
+	create -id=xxx -path=/path/   		create user 'xxx' with path '/path/'
+	update -id=xxx -path=/new/    		update user 'xxx' with path '/new/'
+	delete -id=xxx                		delete user 'xxx'
+
+	optionalParams:
+	-pathPrefix, -offset, -limit, -orderBy			Control de output in list actions
+	`
+
+	groupHelp := `Group actions:
+	get -groupName=xxx                                                 retrieve group xxx
+	get-all <optionalParams>                                           retrieve all groups
+	get-org-groups -orgId=xxx <optionalParams>                         retrieve all groups within an organization xxx
+	create -groupName=xxx -orgName=xxx -path=/path/                    create group 'xxx' with path '/path/'
+	update -orgId=xxx -groupName=xxx -newGroupName=xxx -newPath=xxx    update group 'xxx' that belong to oranization 'yyy'
+	delete -policyName=xxx -orgId=yyy                                  delete group 'xxx' that belong to oranization 'yyy'
+	get-members -orgId=xxx -groupName=xxx <optionalParams>             retrieve group members
+	add-member -orgId=xxx -groupName=xxx -userName=yyy                 add member 'yyy' to group 'xxx'
+	remove-member -orgId=xxx -groupName=xxx -userName=yyy              remove member 'yyy' from group 'xxx'
+	get-policies -orgId=xxx -groupName=xxx <optionalParams>            retrieve group policies
+	attach-policy -orgId=xxx -groupName=xxx -policyName=yyy            attach policy 'yyy' to group 'xxx'
+	detach-policy -orgId=xxx -groupName=xxx -policyName=yyy            detach policy 'yyy' to group 'xxx'
+
+	Optional Parameters:
+	-pathPrefix, -offset, -limit, -orderBy			Control de output in list actions
+	`
+
+	policyHelp := `Policy actions:
+	get -orgId=yyy -policyName=xxx   				retrieve policy xxx that belong to organization 'yyy'
+	get-all <optionalParams>					retrieve all policies
+	groups-attached -orgId=yyy -policyName=xxx <optionalParams>    	retrieve all groups with policy 'xxx' attached to, that belong to organizaation 'yyy'
+	policies-organization -orgId=yyy <optionalParams>		retrieve all policies that belong to oranization 'yyy'
+	create -orgId=yyy -policyName=xxx -path=/path/ -statement=zzz  	create policy 'xxx' with path '/path/' that belong to organizaation 'yyy' and with statements 'zzz'(JSON format)
+	update -orgId=yyy -policyName=xxx -statement=zzz	 	update policy 'xxx' with path '/path/' that belong to organizaation 'yyy' and new statements 'zzz'(JSON format)
+	delete -orgId=yyy -policyName=xxx 				delete policy 'xxx' that belong to oranization 'yyy'
+
+	Optional Parameters:
+	-pathPrefix, -offset, -limit, -orderBy				Control de output in list actions
+	`
+
+	authorizeHelp := `Authorize actions:
+	auth-resources  -action=xxx -resources=yyy		get a list of authorized resources according to action 'xxx' and list of resources 'yyy'(JSON format)
+
+	Optional Parameters:
+	-pathPrefix, -offset, -limit, -orderBy			Control de output in list actions
+	`
+
+	var cli Cli
+	clientApi := &api.ClientAPI{}
+	cli.UserApi = clientApi
+	cli.PolicyApi = clientApi
+	cli.GroupApi = clientApi
+	cli.AuthorizeAPI = clientApi
+
+	//remove program path name from args
+	args := os.Args[1:]
+
+	// get foulkon address
+	flag.StringVar(&clientApi.Address, "address", DEFAULT_ADDRESS, "Foulkon Worker address")
+	flag.Parse()
+
+	// remove address flag and format help flag
+	for i, arg := range args {
+		if strings.Contains(arg, "-address=") {
+			args = append(args[:i], args[i+1:]...)
+		}
+
+		if arg == "help" {
+			args[i] = "-help"
+		}
+	}
+
+	// force -help flag
+	if len(args) < 2 {
+		args = append(args, "-help")
+	}
+
+	//statement_cli_example := ./cli policy create -orgId=tecsisa -path=/example/ -policyName=policy21 -statement='[{"effect":"allow","actions":["iam:getUser","iam:*"],"resources":["urn:everything:*"]}]'
+	//statement_example := `[{"effect":"allow","actions":["iam:getUser","iam:*"],"resources":["urn:everything:*"]}]`
+	var msg string
+	var err error
+
+	// parse command/action
+	switch args[0] {
+	case "user":
+		switch args[1] {
+		case "get":
+			if params := parseFlags(availableFlags, []string{FLAG_EXTERNALID}, args, 1); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.GetUser(params[FLAG_EXTERNALID])
+			}
+		case "get-all":
+			if params := parseFlags(availableFlags, []string{FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 0); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.GetAllUsers(params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "groups":
+			if params := parseFlags(availableFlags, []string{FLAG_EXTERNALID, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 1); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.GetAllUsers(params[FLAG_EXTERNALID], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "create":
+			if params := parseFlags(availableFlags, []string{FLAG_EXTERNALID, FLAG_PATH}, args, 2); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.CreateUser(params[FLAG_EXTERNALID], params[FLAG_PATH])
+			}
+		case "delete":
+			if params := parseFlags(availableFlags, []string{FLAG_EXTERNALID}, args, 1); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.DeleteUser(params[FLAG_EXTERNALID])
+			}
+		case "update":
+			if params := parseFlags(availableFlags, []string{FLAG_EXTERNALID, FLAG_PATH}, args, 2); params == nil {
+				msg = userHelp
+			} else {
+				msg, err = cli.UserApi.UpdateUser(params[FLAG_EXTERNALID], params[FLAG_PATH])
+			}
+		case "-help":
+			fallthrough
+		default:
+			msg = userHelp
+		}
+
+	case "policy":
+		switch args[1] {
+		case "get":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_POLICYNAME}, args, 2); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.GetPolicy(params[FLAG_ORGANIZATIONID], params[FLAG_POLICYNAME])
+			}
+		case "get-all":
+			if params := parseFlags(availableFlags, []string{FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 0); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.GetAllPolicies(params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "groups-attached":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_POLICYNAME, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 2); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.GetGroupsAttached(params[FLAG_ORGANIZATIONID], params[FLAG_POLICYNAME], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "policies-organization":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 1); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.GetPoliciesOrganization(params[FLAG_ORGANIZATIONID], params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "create":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_POLICYNAME, FLAG_PATH, FLAG_STATEMENT}, args, 4); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.CreatePolicy(params[FLAG_ORGANIZATIONID], params[FLAG_POLICYNAME], params[FLAG_PATH], params[FLAG_STATEMENT])
+			}
+		case "update":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_POLICYNAME, FLAG_PATH, FLAG_STATEMENT}, args, 4); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.UpdatePolicy(params[FLAG_ORGANIZATIONID], params[FLAG_POLICYNAME], params[FLAG_PATH], params[FLAG_STATEMENT])
+			}
+		case "delete":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_POLICYNAME}, args, 2); params == nil {
+				msg = policyHelp
+			} else {
+				msg, err = cli.PolicyApi.DeletePolicy(params[FLAG_ORGANIZATIONID], params[FLAG_POLICYNAME])
+			}
+		case "-help":
+			fallthrough
+		default:
+			msg = policyHelp
+		}
+
+	case "group":
+		switch args[1] {
+		case "get":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME}, args, 2); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.GetGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME])
+			}
+		case "get-all":
+			if params := parseFlags(availableFlags, []string{FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 0); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.GetAllGroups(params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "get-org-groups":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 1); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.GetGroupsByOrg(params[FLAG_ORGANIZATIONID], params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "create":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_PATH}, args, 3); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.CreateGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_PATH])
+			}
+		case "update":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_NEWGROUPNAME, FLAG_NEWPATH}, args, 4); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.UpdateGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_NEWGROUPNAME], params[FLAG_NEWPATH])
+			}
+		case "delete":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME}, args, 2); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.DeleteGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME])
+			}
+		case "get-members":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 2); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.GetGroupMembers(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_PATHPREFIX], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "add-member":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_USERNAME}, args, 3); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.AddMemberToGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_USERNAME])
+			}
+		case "remove-member":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_USERNAME}, args, 3); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.RemoveMemberFromGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_USERNAME])
+			}
+		case "get-policies":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_PATHPREFIX, FLAG_OFFSET, FLAG_LIMIT, FLAG_ORDERBY}, args, 2); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.GetGroupPolicies(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_OFFSET], params[FLAG_LIMIT], params[FLAG_ORDERBY])
+			}
+		case "attach-policy":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_POLICYNAME}, args, 3); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.AttachPolicyToGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_POLICYNAME])
+			}
+		case "detach-policy":
+			if params := parseFlags(availableFlags, []string{FLAG_ORGANIZATIONID, FLAG_GROUPNAME, FLAG_POLICYNAME}, args, 3); params == nil {
+				msg = groupHelp
+			} else {
+				msg, err = cli.GroupApi.DetachPolicyFromGroup(params[FLAG_ORGANIZATIONID], params[FLAG_GROUPNAME], params[FLAG_POLICYNAME])
+			}
+		case "-help":
+			fallthrough
+		default:
+			msg = groupHelp
+		}
+	case "authorize":
+		switch args[1] {
+		case "auth-resources":
+			if params := parseFlags(availableFlags, []string{FLAG_ACTION, FLAG_RESOURCES}, args, 2); params == nil {
+				msg = authorizeHelp
+			} else {
+				msg, err = cli.AuthorizeAPI.GetAuthorizedResources(params[FLAG_ACTION], params[FLAG_RESOURCES])
+			}
+		case "-help":
+			fallthrough
+		default:
+			msg = authorizeHelp
+		}
+	default:
+		msg = help
+	}
+	if err != nil {
+		fmt.Println(err.Error())
+		os.Exit(1)
+	}
+	fmt.Println(msg)
+	os.Exit(0)
+}