diff --git a/keystone/common/policies/endpoint.py b/keystone/common/policies/endpoint.py
index d58e8ca440..7e66e70624 100644
--- a/keystone/common/policies/endpoint.py
+++ b/keystone/common/policies/endpoint.py
@@ -15,21 +15,36 @@ from oslo_policy import policy
 from keystone.common.policies import base
 
 endpoint_policies = [
-    policy.RuleDefault(
+    policy.DocumentedRuleDefault(
         name=base.IDENTITY % 'get_endpoint',
-        check_str=base.RULE_ADMIN_REQUIRED),
-    policy.RuleDefault(
+        check_str=base.RULE_ADMIN_REQUIRED,
+        description='Show endpoint details.',
+        operations=[{'path': '/v3/endpoints/{endpoint_id}',
+                     'method': 'GET'}]),
+    policy.DocumentedRuleDefault(
         name=base.IDENTITY % 'list_endpoints',
-        check_str=base.RULE_ADMIN_REQUIRED),
-    policy.RuleDefault(
+        check_str=base.RULE_ADMIN_REQUIRED,
+        description='List endpoints.',
+        operations=[{'path': '/v3/endpoints',
+                     'method': 'GET'}]),
+    policy.DocumentedRuleDefault(
         name=base.IDENTITY % 'create_endpoint',
-        check_str=base.RULE_ADMIN_REQUIRED),
-    policy.RuleDefault(
+        check_str=base.RULE_ADMIN_REQUIRED,
+        description='Create endpoint.',
+        operations=[{'path': '/v3/endpoints',
+                     'method': 'POST'}]),
+    policy.DocumentedRuleDefault(
         name=base.IDENTITY % 'update_endpoint',
-        check_str=base.RULE_ADMIN_REQUIRED),
-    policy.RuleDefault(
+        check_str=base.RULE_ADMIN_REQUIRED,
+        description='Update endpoint.',
+        operations=[{'path': '/v3/endpoints/{endpoint_id}',
+                     'method': 'PATCH'}]),
+    policy.DocumentedRuleDefault(
         name=base.IDENTITY % 'delete_endpoint',
-        check_str=base.RULE_ADMIN_REQUIRED)
+        check_str=base.RULE_ADMIN_REQUIRED,
+        description='Delete endpoint.',
+        operations=[{'path': '/v3/endpoints/{endpoint_id}',
+                     'method': 'DELETE'}])
 ]