diff --git a/keystone/tests/unit/test_v3_auth.py b/keystone/tests/unit/test_v3_auth.py
index e84909adb5..3a9fe0425b 100644
--- a/keystone/tests/unit/test_v3_auth.py
+++ b/keystone/tests/unit/test_v3_auth.py
@@ -4200,6 +4200,18 @@ class TestFernetTokenProvider(test_v3.RestfulTestCase,
         project_scoped_token = self._get_project_scoped_token()
         self._validate_token(project_scoped_token)
 
+    def test_validate_domain_scoped_token(self):
+        # Grant user access to domain
+        self.assignment_api.create_grant(self.role['id'],
+                                         user_id=self.user['id'],
+                                         domain_id=self.domain['id'])
+        domain_scoped_token = self._get_domain_scoped_token()
+        resp = self._validate_token(domain_scoped_token)
+        resp_json = json.loads(resp.body)
+        self.assertIsNotNone(resp_json['token']['catalog'])
+        self.assertIsNotNone(resp_json['token']['roles'])
+        self.assertIsNotNone(resp_json['token']['domain'])
+
     def test_validate_tampered_project_scoped_token_fails(self):
         project_scoped_token = self._get_project_scoped_token()
         tampered_token = (project_scoped_token[:50] + uuid.uuid4().hex +
diff --git a/keystone/token/providers/fernet/core.py b/keystone/token/providers/fernet/core.py
index ca796e918b..70995f1c5d 100644
--- a/keystone/token/providers/fernet/core.py
+++ b/keystone/token/providers/fernet/core.py
@@ -175,6 +175,7 @@ class Provider(common.BaseProvider):
         return self.v3_token_data_helper.get_token_data(
             user_id,
             method_names=methods,
+            domain_id=domain_id,
             project_id=project_id,
             issued_at=created_at,
             expires=expires_at,