diff --git a/requirements.txt b/requirements.txt
index a88a358..3a7ddd0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,12 +1,12 @@
 Django>=1.8.9,<1.9
 decorator>=3.4.0
-djangorestframework>=3.0.3
-keystonemiddleware>=1.3.1
-python-keystoneclient>=1.0.0
-python-neutronclient>=2.3.10
-jsonfield>=1.0.2
-django-rest-swagger>=0.3.3
+djangorestframework>=3.4.1
+keystoneauth1>=2.11.0
+keystonemiddleware>=4.7.0
+python-keystoneclient>=3.3.0
+python-neutronclient>=5.0.0
+jsonfield>=1.0.3
+django-rest-swagger>=2.0.3
 pyyaml>=3.11
 python-rtkit>=0.7.0
 mysqlclient>=1.3.7
-
diff --git a/stacktask/actions/openstack_clients.py b/stacktask/actions/openstack_clients.py
index b53d877..a19de37 100644
--- a/stacktask/actions/openstack_clients.py
+++ b/stacktask/actions/openstack_clients.py
@@ -15,19 +15,25 @@
 
 from django.conf import settings
 
-from keystoneclient.v3 import client as client_v3
+from keystoneauth1.identity import v3
+from keystoneauth1 import session
+from keystoneclient import client as ks_client
 
 from neutronclient.v2_0 import client as neutron_client
 
 
 def get_keystoneclient():
-    auth = client_v3.Client(
+
+    auth = v3.Password(
         username=settings.KEYSTONE['username'],
         password=settings.KEYSTONE['password'],
         project_name=settings.KEYSTONE['project_name'],
         auth_url=settings.KEYSTONE['auth_url'],
-        region_name=settings.DEFAULT_REGION
+        user_domain_name="default",
+        project_domain_name="default",
     )
+    sess = session.Session(auth=auth)
+    auth = ks_client.Client(session=sess)
     return auth
 
 
diff --git a/stacktask/actions/user_store.py b/stacktask/actions/user_store.py
index 9de34ab..e2a3f31 100644
--- a/stacktask/actions/user_store.py
+++ b/stacktask/actions/user_store.py
@@ -63,9 +63,11 @@ class IdentityManager(object):
     def list_users(self, project):
         """
         Build a list of users for a given project using
-        the v3 api. Less straightforward than the v2 api,
-        but because we have the role data already, we add it
-        to the user model so later roles fetching is not needed.
+        the v3 api.
+
+        Rather than simply list users, we use the assignments
+        endpoint so we can also fetch all the roles for those users
+        in the given project. Saves further api calls later on.
         """
         try:
             roles = self.ks_client.roles.list()
@@ -87,7 +89,7 @@ class IdentityManager(object):
                     # Just means the assignment is a group, so ignore it.
                     pass
         except ks_exceptions.NotFound:
-            users = []
+            return []
         return users.values()
 
     def create_user(self, name, password, email, project_id):
diff --git a/stacktask/api/docs.py b/stacktask/api/docs.py
new file mode 100644
index 0000000..5e9b468
--- /dev/null
+++ b/stacktask/api/docs.py
@@ -0,0 +1,10 @@
+from rest_framework.decorators import api_view, renderer_classes
+from rest_framework import response, schemas
+from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer
+
+
+@api_view()
+@renderer_classes([OpenAPIRenderer, SwaggerUIRenderer])
+def docs_view(request):
+    generator = schemas.SchemaGenerator(title='StackTask API')
+    return response.Response(generator.get_schema(request=request))
diff --git a/stacktask/api/urls.py b/stacktask/api/urls.py
index f272f01..a5894d3 100644
--- a/stacktask/api/urls.py
+++ b/stacktask/api/urls.py
@@ -13,7 +13,13 @@
 #    under the License.
 
 from django.conf.urls import url, include
+from django.conf import settings
+
+from stacktask.api import docs
 
 urlpatterns = [
     url(r'^v1/', include('stacktask.api.v1.urls')),
 ]
+
+if settings.DEBUG:
+    urlpatterns.append(url(r'^docs/', docs.docs_view))
diff --git a/stacktask/test_settings.py b/stacktask/test_settings.py
index 86e57ff..0425cad 100644
--- a/stacktask/test_settings.py
+++ b/stacktask/test_settings.py
@@ -174,6 +174,7 @@ ROLES_MAPPING = {
 SHOW_ACTION_ENDPOINTS = True
 
 conf_dict = {
+    "DEBUG": True,
     "SECRET_KEY": SECRET_KEY,
     "ADDITIONAL_APPS": ADDITIONAL_APPS,
     "DATABASES": DATABASES,
diff --git a/stacktask/urls.py b/stacktask/urls.py
index 54772a1..7efbc0a 100644
--- a/stacktask/urls.py
+++ b/stacktask/urls.py
@@ -13,11 +13,7 @@
 #    under the License.
 
 from django.conf.urls import include, url
-from django.conf import settings
 
 urlpatterns = [
     url(r'^', include('stacktask.api.urls')),
 ]
-
-if settings.DEBUG:
-    urlpatterns.append(url(r'^docs/', include('rest_framework_swagger.urls')))
diff --git a/stacktask/wsgi.py b/stacktask/wsgi.py
index ad1ad9f..4ddef5c 100644
--- a/stacktask/wsgi.py
+++ b/stacktask/wsgi.py
@@ -36,13 +36,14 @@ application = get_wsgi_application()
 # the Keystone Auth Middleware.
 identity_url = urlparse(settings.KEYSTONE['auth_url'])
 conf = {
-    'admin_user': settings.KEYSTONE['username'],
-    'admin_password': settings.KEYSTONE['password'],
-    'admin_tenant_name': settings.KEYSTONE['project_name'],
-    'auth_host': identity_url.hostname,
-    'auth_port': identity_url.port,
-    'auth_protocol': identity_url.scheme,
+    "auth_plugin": "password",
+    'username': settings.KEYSTONE['username'],
+    'password': settings.KEYSTONE['password'],
+    'project_name': settings.KEYSTONE['project_name'],
+    "project_domain_name": settings.KEYSTONE.get('domain_name', "default"),
+    "user_domain_name": settings.KEYSTONE.get('domain_name', "default"),
+    "auth_url": settings.KEYSTONE['auth_url'],
     'delay_auth_decision': True,
-    'include_service_catalog': False
+    'include_service_catalog': False,
 }
 application = AuthProtocol(application, conf)