diff --git a/playbooks/roles/os_cinder/defaults/main.yml b/playbooks/roles/os_cinder/defaults/main.yml
index bdb718a592..3920f81d6e 100644
--- a/playbooks/roles/os_cinder/defaults/main.yml
+++ b/playbooks/roles/os_cinder/defaults/main.yml
@@ -47,8 +47,10 @@ cinder_enable_v2_api: true
 
 ## Cinder api service type and data
 cinder_service_name: cinder
+cinder_service_project_domain_id: default
+cinder_service_user_domain_id: default
 cinder_service_user_name: cinder
-cinder_service_tenant_name: service
+cinder_service_project_name: service
 cinder_service_role_name: admin
 cinder_service_region: RegionOne
 cinder_service_description: "Cinder Volume Service"
@@ -75,6 +77,9 @@ cinder_service_v2_adminurl: "{{ cinder_service_adminuri }}/v2/%(tenant_id)s"
 cinder_service_v2_internaluri: "{{ cinder_service_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
 cinder_service_v2_internalurl: "{{ cinder_service_internaluri }}/v2/%(tenant_id)s"
 
+## Keystone authentication middleware
+cinder_keystone_auth_plugin: password
+
 ## In order to enable the cinder backup you MUST set ``cinder_backup_program_enabled`` to "true"
 ## Additionally the configuration section will not be put in the `cinder.conf` file unless the
 ## following variables are defined:
diff --git a/playbooks/roles/os_cinder/tasks/cinder_service_setup.yml b/playbooks/roles/os_cinder/tasks/cinder_service_setup.yml
index 003ef04cba..a004c12f75 100644
--- a/playbooks/roles/os_cinder/tasks/cinder_service_setup.yml
+++ b/playbooks/roles/os_cinder/tasks/cinder_service_setup.yml
@@ -16,7 +16,7 @@
 - include: cinder_service_add.yml
   vars:
     service_user_name: "{{ cinder_service_user_name }}"
-    service_tenant_name: "{{ cinder_service_tenant_name }}"
+    service_tenant_name: "{{ cinder_service_project_name }}"
     service_name: "{{ cinder_service_name }}"
     service_type: "{{ cinder_service_type }}"
     service_region: "{{ cinder_service_region }}"
@@ -32,7 +32,7 @@
 - include: cinder_service_add.yml
   vars:
     service_user_name: "{{ cinder_service_user_name }}"
-    service_tenant_name: "{{ cinder_service_tenant_name }}"
+    service_tenant_name: "{{ cinder_service_project_name }}"
     service_name: "{{ cinder_service_v2_name }}"
     service_type: "{{ cinder_service_v2_type }}"
     service_region: "{{ cinder_service_region }}"
diff --git a/playbooks/roles/os_cinder/templates/cinder.conf.j2 b/playbooks/roles/os_cinder/templates/cinder.conf.j2
index 51e8b1834b..c9f0b34fd2 100644
--- a/playbooks/roles/os_cinder/templates/cinder.conf.j2
+++ b/playbooks/roles/os_cinder/templates/cinder.conf.j2
@@ -104,12 +104,15 @@ profiler_enabled = {{ cinder_profiler_enabled }}
 trace_sqlalchemy = {{ cinder_profiler_trace_sqlalchemy }}
 
 [keystone_authtoken]
+auth_plugin = {{ cinder_keystone_auth_plugin }}
 signing_dir = /var/cache/cinder
-identity_uri = {{ keystone_service_adminuri }}
-auth_uri = {{ keystone_service_internalurl }}
-admin_tenant_name = {{ cinder_service_tenant_name }}
-admin_user = {{ cinder_service_user_name }}
-admin_password = {{ cinder_service_password }}
+auth_url = {{ keystone_service_adminuri }}
+auth_uri = {{ keystone_service_internaluri }}
+project_domain_id = {{ cinder_service_project_domain_id }}
+user_domain_id = {{ cinder_service_user_domain_id }}
+project_name = {{ cinder_service_project_name }}
+username = {{ cinder_service_user_name }}
+password = {{ cinder_service_password }}
 
 memcached_servers = {{ memcached_servers }}