diff --git a/keystone/middleware/core.py b/keystone/middleware/core.py
index 75be5b274e..634bdcd05f 100644
--- a/keystone/middleware/core.py
+++ b/keystone/middleware/core.py
@@ -173,9 +173,7 @@ class RequestBodySizeLimiter(sizelimit.RequestBodySizeLimiter):
 class AuthContextMiddleware(wsgi.Middleware):
     """Build the authentication context from the request auth token."""
 
-    def _build_auth_context(self, request):
-        token_id = request.headers.get(AUTH_TOKEN_HEADER).strip()
-
+    def _build_auth_context(self, request, token_id):
         if token_id == CONF.admin_token:
             # NOTE(gyee): no need to proceed any further as the special admin
             # token is being handled by AdminTokenAuthMiddleware. This code
@@ -286,7 +284,7 @@ class AuthContextMiddleware(wsgi.Middleware):
     def process_request(self, request):
 
         # The request context stores itself in thread-local memory for logging.
-        oslo_context.RequestContext(
+        request_context = oslo_context.RequestContext(
             request_id=request.environ.get('openstack.request_id'))
 
         if authorization.AUTH_CONTEXT_ENV in request.environ:
@@ -302,7 +300,10 @@ class AuthContextMiddleware(wsgi.Middleware):
         # certificate is effectively disabled if no trusted issuers are
         # provided.
         if AUTH_TOKEN_HEADER in request.headers:
-            auth_context = self._build_auth_context(request)
+            token_id = request.headers[AUTH_TOKEN_HEADER].strip()
+            request_context.auth_token = token_id
+
+            auth_context = self._build_auth_context(request, token_id)
         elif self._validate_trusted_issuer(request.environ):
             auth_context = self._build_tokenless_auth_context(
                 request.environ)
@@ -311,5 +312,17 @@ class AuthContextMiddleware(wsgi.Middleware):
                       'the certificate issuer is not trusted. No auth '
                       'context will be set.')
             return
+
+        # The attributes of request_context are put into the logs. This is a
+        # common pattern for all the OpenStack services. In all the other
+        # projects these are IDs, so set the attributes to IDs here rather than
+        # the name.
+        request_context.user = auth_context.get('user_id')
+        request_context.tenant = auth_context.get('project_id')
+        request_context.domain = auth_context.get('domain_id')
+        request_context.user_domain = auth_context.get('user_domain_id')
+        request_context.project_domain = auth_context.get('project_domain_id')
+        request_context.is_admin = request.environ.get('is_admin', False)
+
         LOG.debug('RBAC: auth_context: %s', auth_context)
         request.environ[authorization.AUTH_CONTEXT_ENV] = auth_context
diff --git a/keystone/tests/unit/test_v3.py b/keystone/tests/unit/test_v3.py
index 2665c5e564..8cd7c93e35 100644
--- a/keystone/tests/unit/test_v3.py
+++ b/keystone/tests/unit/test_v3.py
@@ -1267,6 +1267,13 @@ class AuthContextMiddlewareTestCase(RestfulTestCase):
 
         req_context = oslo_context.context.get_current()
         self.assertEqual(request_id, req_context.request_id)
+        self.assertEqual(token, req_context.auth_token)
+        self.assertEqual(self.user['id'], req_context.user)
+        self.assertEqual(self.project['id'], req_context.tenant)
+        self.assertIsNone(req_context.domain)
+        self.assertEqual(self.user['domain_id'], req_context.user_domain)
+        self.assertEqual(self.project['domain_id'], req_context.project_domain)
+        self.assertFalse(req_context.is_admin)
 
 
 class JsonHomeTestMixin(object):