diff --git a/playbooks/roles/os_heat/defaults/main.yml b/playbooks/roles/os_heat/defaults/main.yml
index 48115e8c32..dc1abfab2d 100644
--- a/playbooks/roles/os_heat/defaults/main.yml
+++ b/playbooks/roles/os_heat/defaults/main.yml
@@ -64,8 +64,13 @@ heat_profiler_enabled: false
 heat_profiler_trace_sqlalchemy: false
 
 ## Auth
-heat_service_tenant_name: "service"
+heat_service_project_name: "service"
 heat_service_user_name: "heat"
+heat_service_project_domain_id: "default"
+heat_service_user_domain_id: "default"
+
+## Keystone authentication middleware
+heat_keystone_auth_plugin: password
 
 ## Heat api service type and data
 heat_service_name: heat
diff --git a/playbooks/roles/os_heat/tasks/heat_service_setup.yml b/playbooks/roles/os_heat/tasks/heat_service_setup.yml
index 5302ad2a74..29b8718c20 100644
--- a/playbooks/roles/os_heat/tasks/heat_service_setup.yml
+++ b/playbooks/roles/os_heat/tasks/heat_service_setup.yml
@@ -16,7 +16,7 @@
 - include: heat_service_add.yml
   vars:
     service_user_name: "{{ heat_service_user_name }}"
-    service_tenant_name: "{{ heat_service_tenant_name }}"
+    service_tenant_name: "{{ heat_service_project_name }}"
     service_name: "{{ heat_service_name }}"
     service_type: "{{ heat_service_type }}"
     service_region: "{{ heat_service_region }}"
@@ -32,7 +32,7 @@
 - include: heat_service_add.yml
   vars:
     service_user_name: "{{ heat_service_user_name }}"
-    service_tenant_name: "{{ heat_service_tenant_name }}"
+    service_tenant_name: "{{ heat_service_project_name }}"
     service_name: "{{ heat_cfn_service_name }}"
     service_type: "{{ heat_cfn_service_type }}"
     service_region: "{{ heat_service_region }}"
@@ -54,7 +54,7 @@
     token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
     user_name: "{{ heat_service_user_name }}"
-    tenant_name: "{{ heat_service_tenant_name }}"
+    tenant_name: "{{ heat_service_project_name }}"
     role_name: "{{ heat_stack_owner_name }}"
   register: add_service
   until: add_service|success
diff --git a/playbooks/roles/os_heat/templates/heat.conf.j2 b/playbooks/roles/os_heat/templates/heat.conf.j2
index 395104afd2..b5840c6198 100644
--- a/playbooks/roles/os_heat/templates/heat.conf.j2
+++ b/playbooks/roles/os_heat/templates/heat.conf.j2
@@ -38,7 +38,7 @@ endpoint_type = {{ heat_clients_heat_endpoint }}
 connection = mysql://{{ heat_galera_user }}:{{ heat_container_mysql_password }}@{{ galera_address }}/{{ heat_galera_database }}?charset=utf8
 
 [ec2authtoken]
-auth_uri = {{ keystone_service_internalurl }}
+auth_uri = {{ keystone_service_internaluri }}
 
 [heat_api]
 bind_port = {{ heat_service_port }}
@@ -63,12 +63,15 @@ trace_sqlalchemy = {{ heat_profiler_trace_sqlalchemy }}
 
 
 [keystone_authtoken]
+auth_plugin = {{ heat_keystone_auth_plugin }}
 signing_dir = /var/cache/heat
-identity_uri = {{ keystone_service_adminuri }}
-auth_uri = {{ keystone_service_internalurl }}
-admin_tenant_name = {{ heat_service_tenant_name }}
-admin_user = {{ heat_service_user_name }}
-admin_password = {{ heat_service_password }}
+auth_url = {{ keystone_service_adminuri }}
+auth_uri = {{ keystone_service_internaluri }}
+project_domain_id = {{ heat_service_project_domain_id }}
+user_domain_id = {{ heat_service_user_domain_id }}
+project_name = {{ heat_service_project_name }}
+username = {{ heat_service_user_name }}
+password = {{ heat_service_password }}
 
 memcached_servers = {{ memcached_servers }}