diff --git a/designateclient/shell.py b/designateclient/shell.py
index c07933f3..85d854fa 100644
--- a/designateclient/shell.py
+++ b/designateclient/shell.py
@@ -162,6 +162,9 @@ class DesignateShell(App):
         parser.add_argument('--insecure', action='store_true',
                             help="Explicitly allow 'insecure' SSL requests")
 
+        parser.add_argument('--all-tenants', action='store_true',
+                            help="Allows to list all domains from all tenants")
+
         return parser
 
     def configure_logging(self):
@@ -228,6 +231,7 @@ class DesignateShell(App):
             token=self.options.os_token,
             insecure=self.options.insecure,
             cacert=self.options.os_cacert,
+            all_tenants=self.options.all_tenants,
         )
 
     def run(self, argv):
diff --git a/designateclient/utils.py b/designateclient/utils.py
index 576b76ef..e2414a7f 100644
--- a/designateclient/utils.py
+++ b/designateclient/utils.py
@@ -100,7 +100,7 @@ def get_columns(data):
 def get_session(auth_url, endpoint, domain_id, domain_name, project_id,
                 project_name, project_domain_name, project_domain_id, username,
                 user_id, password, user_domain_id, user_domain_name, token,
-                insecure, cacert):
+                insecure, cacert, all_tenants):
     session = ks_session.Session()
 
     # Build + Attach Authentication Plugin
@@ -138,5 +138,6 @@ def get_session(auth_url, endpoint, domain_id, domain_name, project_id,
         session.verify = False
     else:
         session.verify = cacert
+    session.all_tenants = all_tenants
 
     return session
diff --git a/designateclient/v1/__init__.py b/designateclient/v1/__init__.py
index 127ea139..74a0af9c 100644
--- a/designateclient/v1/__init__.py
+++ b/designateclient/v1/__init__.py
@@ -32,7 +32,7 @@ class Client(object):
                  project_domain_id=None, auth_url=None, token=None,
                  endpoint_type='publicURL', region_name=None,
                  service_type='dns', insecure=False, session=None,
-                 cacert=None):
+                 cacert=None, all_tenants=False):
         """
         :param endpoint: Endpoint URL
         :param token: A token instead of username / password
@@ -63,6 +63,7 @@ class Client(object):
                 token=token,
                 insecure=insecure,
                 cacert=cacert,
+                all_tenants=all_tenants,
             )
 
         # Since we have to behave nicely like a legacy client/bindings we use
@@ -97,6 +98,8 @@ class Client(object):
         kw['raise_exc'] = False
         kw.setdefault('headers', {})
         kw['headers'].setdefault('Content-Type', 'application/json')
+        if self.session.session.all_tenants:
+            kw['headers'].update({'X-Auth-All-Projects': 'true'})
 
         # Trigger the request
         response = func(*args, **kw)