diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index 4017a04d4f..3b67b30042 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -11,6 +11,11 @@
 # The port number which the public admin listens on
 # admin_port = 35357
 
+# The base endpoint URLs for keystone that are advertised to clients
+# (NOTE: this does NOT affect how keystone listens for connections)
+# public_endpoint = http://localhost:%(public_port)d/
+# admin_endpoint = http://localhost:%(admin_port)d/
+
 # The port number which the OpenStack Compute service listens on
 # compute_port = 8774
 
diff --git a/keystone/config.py b/keystone/config.py
index 72fd0dcb54..ce79ddd53c 100644
--- a/keystone/config.py
+++ b/keystone/config.py
@@ -133,6 +133,8 @@ register_str('bind_host', default='0.0.0.0')
 register_str('compute_port', default=8774)
 register_str('admin_port', default=35357)
 register_str('public_port', default=5000)
+register_str('public_endpoint', default='http://localhost:%(public_port)d/')
+register_str('admin_endpoint', default='http://localhost:%(admin_port)d/')
 register_str('onready')
 register_str('auth_admin_prefix', default='')
 register_str('policy_file', default='policy.json')
diff --git a/keystone/controllers.py b/keystone/controllers.py
index a1275c18ae..3aaa8f5912 100644
--- a/keystone/controllers.py
+++ b/keystone/controllers.py
@@ -14,11 +14,16 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from keystone import catalog
 from keystone.common import wsgi
+from keystone.common import logging
+from keystone import config
 from keystone import exception
 
 
+LOG = logging.getLogger(__name__)
+CONF = config.CONF
+
+
 class Extensions(wsgi.Application):
     """Base extensions controller to be extended by public and admin API's."""
 
@@ -70,28 +75,19 @@ class PublicExtensions(Extensions):
 
 class Version(wsgi.Application):
     def __init__(self, version_type):
-        self.catalog_api = catalog.Manager()
-        self.url_key = '%sURL' % version_type
+        self.endpoint_url_type = version_type
 
         super(Version, self).__init__()
 
-    def _get_identity_url(self, context):
-        catalog_ref = self.catalog_api.get_catalog(context=context,
-                                                   user_id=None,
-                                                   tenant_id=None)
-        for region, region_ref in catalog_ref.iteritems():
-            for service, service_ref in region_ref.iteritems():
-                if service == 'identity':
-                    return service_ref[self.url_key]
-
-        raise exception.NotImplemented()
+    def _get_identity_url(self, version='v2.0'):
+        """Returns a URL to keystone's own endpoint."""
+        url = CONF['%s_endpoint' % self.endpoint_url_type] % CONF
+        if url[-1] != '/':
+            url += '/'
+        return '%s%s/' % (url, version)
 
     def _get_versions_list(self, context):
         """The list of versions is dependent on the context."""
-        identity_url = self._get_identity_url(context)
-        if not identity_url.endswith('/'):
-            identity_url = identity_url + '/'
-
         versions = {}
         versions['v2.0'] = {
             'id': 'v2.0',
@@ -100,7 +96,7 @@ class Version(wsgi.Application):
             'links': [
                 {
                     'rel': 'self',
-                    'href': identity_url,
+                    'href': self._get_identity_url(version='v2.0'),
                 }, {
                     'rel': 'describedby',
                     'type': 'text/html',