diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index cc2421c9a1..ed85aca03a 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -4,9 +4,18 @@ export SERVICE_TOKEN=$SERVICE_TOKEN
 export SERVICE_ENDPOINT=$SERVICE_ENDPOINT
 
 function get_id () {
-    echo `$@ | grep id | awk '{print $4}'`
+    echo `$@ | grep ' id ' | awk '{print $4}'`
 }
 
+# Detect if the keystone cli binary has the command names changed
+# in https://review.openstack.org/4375
+# FIXME(dtroyer): Remove the keystone client command checking
+#                 after a suitable transition period.  add-user-role
+#                 and ec2-create-credentials were renamed
+if keystone help | grep -q user-role-add; then
+    KEYSTONE_COMMAND_4375=1
+fi
+
 ADMIN_TENANT=`get_id keystone tenant-create --name=admin`
 DEMO_TENANT=`get_id keystone tenant-create --name=demo`
 INVIS_TENANT=`get_id keystone tenant-create --name=invisible_to_admin`
@@ -31,17 +40,33 @@ SYSADMIN_ROLE=`get_id keystone role-create --name=sysadmin`
 NETADMIN_ROLE=`get_id keystone role-create --name=netadmin`
 
 
-# Add Roles to Users in Tenants
-keystone add-user-role $ADMIN_USER $ADMIN_ROLE $ADMIN_TENANT
-keystone add-user-role $DEMO_USER $MEMBER_ROLE $DEMO_TENANT
-keystone add-user-role $DEMO_USER $SYSADMIN_ROLE $DEMO_TENANT
-keystone add-user-role $DEMO_USER $NETADMIN_ROLE $DEMO_TENANT
-keystone add-user-role $DEMO_USER $MEMBER_ROLE $INVIS_TENANT
-keystone add-user-role $ADMIN_USER $ADMIN_ROLE $DEMO_TENANT
+if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
+    # Add Roles to Users in Tenants
+    keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
+    keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
+    keystone user-role-add --user $DEMO_USER --role $SYSADMIN_ROLE --tenant_id $DEMO_TENANT
+    keystone user-role-add --user $DEMO_USER --role $NETADMIN_ROLE --tenant_id $DEMO_TENANT
+    keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT
+    keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
 
-# TODO(termie): these two might be dubious
-keystone add-user-role $ADMIN_USER $KEYSTONEADMIN_ROLE $ADMIN_TENANT
-keystone add-user-role $ADMIN_USER $KEYSTONESERVICE_ROLE $ADMIN_TENANT
+    # TODO(termie): these two might be dubious
+    keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
+    keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
+else
+    ### compat
+    # Add Roles to Users in Tenants
+    keystone add-user-role $ADMIN_USER $ADMIN_ROLE $ADMIN_TENANT
+    keystone add-user-role $DEMO_USER $MEMBER_ROLE $DEMO_TENANT
+    keystone add-user-role $DEMO_USER $SYSADMIN_ROLE $DEMO_TENANT
+    keystone add-user-role $DEMO_USER $NETADMIN_ROLE $DEMO_TENANT
+    keystone add-user-role $DEMO_USER $MEMBER_ROLE $INVIS_TENANT
+    keystone add-user-role $ADMIN_USER $ADMIN_ROLE $DEMO_TENANT
+
+    # TODO(termie): these two might be dubious
+    keystone add-user-role $ADMIN_USER $KEYSTONEADMIN_ROLE $ADMIN_TENANT
+    keystone add-user-role $ADMIN_USER $KEYSTONESERVICE_ROLE $ADMIN_TENANT
+    ###
+fi
 
 # Services
 keystone service-create \
@@ -77,13 +102,21 @@ if [[ "$ENABLED_SERVICES" =~ "quantum" ]]; then
 fi
 
 # create ec2 creds and parse the secret and access key returned
-RESULT=`keystone ec2-create-credentials --tenant_id=$ADMIN_TENANT --user_id=$ADMIN_USER`
+if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
+    RESULT=`keystone ec2-credentials-create --tenant_id=$ADMIN_TENANT --user=$ADMIN_USER`
+else
+    RESULT=`keystone ec2-create-credentials --tenant_id=$ADMIN_TENANT --user_id=$ADMIN_USER`
+fi
     echo `$@ | grep id | awk '{print $4}'`
 ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
 ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
 
 
-RESULT=`keystone ec2-create-credentials --tenant_id=$DEMO_TENANT --user_id=$DEMO_USER`
+if [[ -n "$KEYSTONE_COMMAND_4375" ]]; then
+    RESULT=`keystone ec2-credentials-create --tenant_id=$DEMO_TENANT --user=$DEMO_USER`
+else
+    RESULT=`keystone ec2-create-credentials --tenant_id=$DEMO_TENANT --user_id=$DEMO_USER`
+fi
 DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
 DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`