diff --git a/keystone/common/context.py b/keystone/common/context.py
index 240efc21eb..7ac997a395 100644
--- a/keystone/common/context.py
+++ b/keystone/common/context.py
@@ -29,6 +29,16 @@ class RequestContext(oslo_context.RequestContext):
         self.username = kwargs.pop('username', None)
         self.user_domain_name = kwargs.pop('user_domain_name', None)
         self.project_domain_name = kwargs.pop('project_domain_name', None)
+
+        self.is_delegated_auth = kwargs.pop('is_delegated_auth', False)
+
+        self.trust_id = kwargs.pop('trust_id', None)
+        self.trustor_id = kwargs.pop('trustor_id', None)
+        self.trustee_id = kwargs.pop('trustee_id', None)
+
+        self.oauth_consumer_id = kwargs.pop('oauth_consumer_id', None)
+        self.oauth_access_token_id = kwargs.pop('oauth_access_token_id', None)
+
         self.authenticated = kwargs.pop('authenticated', False)
         super(RequestContext, self).__init__(**kwargs)
 
diff --git a/keystone/middleware/auth.py b/keystone/middleware/auth.py
index e65671c32f..1efc04085e 100644
--- a/keystone/middleware/auth.py
+++ b/keystone/middleware/auth.py
@@ -214,12 +214,24 @@ class AuthContextMiddleware(auth_token.BaseAuthProtocol):
         request_context.user_id = auth_context.get('user_id')
         request_context.project_id = auth_context.get('project_id')
         request_context.domain_id = auth_context.get('domain_id')
+        request_context.domain_name = auth_context.get('domain_name')
         request_context.user_domain_id = auth_context.get('user_domain_id')
         request_context.roles = auth_context.get('roles')
 
         project_domain_id = auth_context.get('project_domain_id')
         request_context.project_domain_id = project_domain_id
 
+        is_delegated_auth = auth_context.get('is_delegated_auth', False)
+        request_context.is_delegated_auth = is_delegated_auth
+
+        request_context.trust_id = auth_context.get('trust_id')
+        request_context.trustor_id = auth_context.get('trustor_id')
+        request_context.trustee_id = auth_context.get('trustee_id')
+
+        access_token_id = auth_context.get('access_token_id')
+        request_context.oauth_consumer_id = auth_context.get('consumer_id')
+        request_context.oauth_acess_token_id = access_token_id
+
         LOG.debug('RBAC: auth_context: %s', auth_context)
         request.environ[authorization.AUTH_CONTEXT_ENV] = auth_context
 
diff --git a/keystone/oauth1/controllers.py b/keystone/oauth1/controllers.py
index 29b6b84096..a72be56d05 100644
--- a/keystone/oauth1/controllers.py
+++ b/keystone/oauth1/controllers.py
@@ -122,7 +122,7 @@ class AccessTokenCrudV3(controller.V3Controller):
 
     @controller.protected()
     def list_access_tokens(self, request, user_id):
-        if request.auth_context.get('is_delegated_auth'):
+        if request.context.is_delegated_auth:
             raise exception.Forbidden(
                 _('Cannot list request tokens'
                   ' with a token issued via delegation.'))
@@ -359,7 +359,7 @@ class OAuthControllerV3(controller.V3Controller):
         there is not another easy way to make sure the user knows which roles
         are being requested before authorizing.
         """
-        if request.auth_context.get('is_delegated_auth'):
+        if request.context.is_delegated_auth:
             raise exception.Forbidden(
                 _('Cannot authorize a request token'
                   ' with a token issued via delegation.'))
diff --git a/keystone/resource/controllers.py b/keystone/resource/controllers.py
index 4fef4e45ae..e32a5d0250 100644
--- a/keystone/resource/controllers.py
+++ b/keystone/resource/controllers.py
@@ -298,11 +298,9 @@ class ProjectV3(controller.V3Controller):
                     'params at the same time.')
             raise exception.ValidationError(msg)
 
-        user_id = request.auth_context.get('user_id')
-
         if parents_as_list:
             parents = self.resource_api.list_project_parents(
-                ref['id'], user_id)
+                ref['id'], request.context.user_id)
             ref['parents'] = [ProjectV3.wrap_member(context, p)
                               for p in parents]
         elif parents_as_ids:
@@ -310,7 +308,7 @@ class ProjectV3(controller.V3Controller):
 
         if subtree_as_list:
             subtree = self.resource_api.list_projects_in_subtree(
-                ref['id'], user_id)
+                ref['id'], request.context.user_id)
             ref['subtree'] = [ProjectV3.wrap_member(context, p)
                               for p in subtree]
         elif subtree_as_ids:
diff --git a/keystone/trust/controllers.py b/keystone/trust/controllers.py
index b06bf1489d..5dc46ca2e6 100644
--- a/keystone/trust/controllers.py
+++ b/keystone/trust/controllers.py
@@ -121,9 +121,9 @@ class TrustV3(controller.V3Controller):
         """
         validation.lazy_validate(schema.trust_create, trust)
         # Check if delegated via trust
-        if request.auth_context.get('is_delegated_auth'):
+        if request.context.is_delegated_auth:
             # Redelegation case
-            src_trust_id = request.auth_context['trust_id']
+            src_trust_id = request.context.trust_id
             if not src_trust_id:
                 raise exception.Forbidden(
                     _('Redelegation allowed for delegated by trust only'))