diff --git a/README.rst b/README.rst
index 05fe41f5..6ff0c590 100644
--- a/README.rst
+++ b/README.rst
@@ -52,8 +52,9 @@ Example Playbook
         rabbitmq_servers: 10.100.100.101
         rabbitmq_use_ssl: false
         rabbitmq_port: 5671
-        keystone_auth_admin_token: "SuperSecreteTestToken"
+        keystone_admin_user_name: admin
         keystone_auth_admin_password: "SuperSecretePassword"
+        keystone_admin_tenant_name: admin
         keystone_service_adminuri_insecure: false
         keystone_service_internaluri_insecure: false
         keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
diff --git a/tasks/horizon_service_setup.yml b/tasks/horizon_service_setup.yml
index ee08a2ca..b24cd460 100644
--- a/tasks/horizon_service_setup.yml
+++ b/tasks/horizon_service_setup.yml
@@ -18,14 +18,18 @@
 - name: Ensure default keystone user role
   keystone:
     command: "ensure_role"
-    token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
+    login_user: "{{ keystone_admin_user_name }}"
+    login_password: "{{ keystone_auth_admin_password }}"
+    login_project_name: "{{ keystone_admin_tenant_name }}"
     role_name: "{{ horizon_default_role_name }}"
     insecure: "{{ keystone_service_adminuri_insecure }}"
-  when: >
-    keystone_auth_admin_token is defined
-    and keystone_service_adminurl is defined
-    and keystone_service_adminuri_insecure is defined
+  when:
+    - keystone_admin_user_name is defined
+    - keystone_auth_admin_password is defined
+    - keystone_admin_tenant_name is defined
+    - keystone_service_adminurl is defined
+    - keystone_service_adminuri_insecure is defined
   register: add_member_role
   until: add_member_role|success
   retries: 5