diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp
index 94e3f08a..28f1e2b6 100644
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@@ -1,26 +1,41 @@
 class swift::keystone::auth(
-  $auth_name = 'swift',
-  $password  = 'swift_password',
-  $address   = '127.0.0.1',
-  $port      = '8080',
-  $tenant    = 'services',
-  $email     = 'swift@localhost',
-  $region    = 'RegionOne',
-  $public_protocol = 'http',
-  $public_address = undef,
-  $public_port = undef
+  $auth_name         = 'swift',
+  $password          = 'swift_password',
+  $address           = '127.0.0.1',
+  $port              = '8080',
+  $tenant            = 'services',
+  $email             = 'swift@localhost',
+  $region            = 'RegionOne',
+  $public_protocol   = 'http',
+  $public_address    = undef,
+  $public_port       = undef,
+  $admin_address     = undef,
+  $internal_address  = undef
 ) {
 
-  if ! $public_port {
-	$real_public_port = $port
-  } else {
-	$real_public_port = $public_port
+if $address != '127.0.0.1' {
+  warning("Address parameter for swift::keystone::auth has been deprecated, use public_address instead")
   }
 
-  if ! $public_address {
-	$real_public_address = $address
+  if ! $public_port {
+    $real_public_port = $port
   } else {
-	$real_public_address = $public_address
+    $real_public_port = $public_port
+  }
+  if ! $public_address {
+    $real_public_address = $address
+  } else {
+    $real_public_address = $public_address
+  }
+  if ! $admin_address {
+    $real_admin_address = $real_public_address
+  } else {
+    $real_admin_address = $admin_address
+  }
+  if ! $internal_address {
+    $real_internal_address = $real_public_address
+  } else {
+    $real_internal_address = $internal_address
   }
 
   keystone_user { $auth_name:
@@ -43,8 +58,8 @@ class swift::keystone::auth(
   keystone_endpoint { "${region}/${auth_name}":
     ensure       => present,
     public_url   => "${public_protocol}://${real_public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
-    admin_url    => "http://${address}:${port}",
-    internal_url => "http://${address}:${port}/v1/AUTH_%(tenant_id)s",
+    admin_url    => "http://${real_admin_address}:${port}/",
+    internal_url => "http://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
   }
 
   keystone_service { "${auth_name}_s3":
@@ -55,8 +70,8 @@ class swift::keystone::auth(
   keystone_endpoint { "${region}/${auth_name}_s3":
     ensure       => present,
     public_url   => "${public_protocol}://${real_public_address}:${real_public_port}",
-    admin_url    => "http://${address}:${port}",
-    internal_url => "http://${address}:${port}",
+    admin_url    => "http://${real_admin_address}:${port}",
+    internal_url => "http://${real_internal_address}:${port}",
   }
 
 }
diff --git a/spec/classes/swift_keystone_auth_spec.rb b/spec/classes/swift_keystone_auth_spec.rb
index 02efb849..c03a4729 100644
--- a/spec/classes/swift_keystone_auth_spec.rb
+++ b/spec/classes/swift_keystone_auth_spec.rb
@@ -24,7 +24,7 @@ describe 'swift::keystone::auth' do
     it { should contain_keystone_endpoint('RegionOne/swift').with(
       :ensure       => 'present',
       :public_url   => "http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s",
-      :admin_url    => "http://127.0.0.1:8080",
+      :admin_url    => "http://127.0.0.1:8080/",
       :internal_url => "http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s"
     ) }
 
@@ -42,26 +42,28 @@ describe 'swift::keystone::auth' do
     ) }
   end
 
-  describe 'when overriding public_port and public address' do
+  describe 'when overriding public_port, public address, admin_address and internal_address' do
 
     let :params do
       {
-        :public_port => '80',
-        :public_address => '10.10.10.10'
+        :public_port      => '80',
+        :public_address   => '10.10.10.10',
+        :admin_address    => '10.10.10.2',
+        :internal_address => '127.0.0.1'
       }
     end
 
     it { should contain_keystone_endpoint('RegionOne/swift').with(
       :ensure       => 'present',
       :public_url   => "http://10.10.10.10:80/v1/AUTH_%(tenant_id)s",
-      :admin_url    => "http://127.0.0.1:8080",
+      :admin_url    => "http://10.10.10.2:8080/",
       :internal_url => "http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s"
     ) }
 
     it { should contain_keystone_endpoint('RegionOne/swift_s3').with(
       :ensure       => 'present',
       :public_url   => 'http://10.10.10.10:80',
-      :admin_url    => 'http://127.0.0.1:8080',
+      :admin_url    => 'http://10.10.10.2:8080',
       :internal_url => 'http://127.0.0.1:8080'
     ) }
 
@@ -118,7 +120,7 @@ describe 'swift::keystone::auth' do
     it { should contain_keystone_endpoint('RegionOne/swift').with(
       :ensure       => 'present',
       :public_url   => "http://192.168.0.1:8081/v1/AUTH_%(tenant_id)s",
-      :admin_url    => "http://192.168.0.1:8081",
+      :admin_url    => "http://192.168.0.1:8081/",
       :internal_url => "http://192.168.0.1:8081/v1/AUTH_%(tenant_id)s"
     ) }