diff --git a/service/files/ironic.conf.j2 b/service/files/ironic.conf.j2
index ca96cb0..197efb7 100644
--- a/service/files/ironic.conf.j2
+++ b/service/files/ironic.conf.j2
@@ -19,16 +19,7 @@ port = {{ ironic.api_port.cont }}
 connection = mysql+pymysql://{{ ironic.db.username }}:{{ ironic.db.password }}@{{ address(service.database) }}/{{ ironic.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
 max_retries = -1
 
-[keystone_authtoken]
-auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
-auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
-auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
-username = {{ ironic.username }}
-password = {{ ironic.password }}
-memcached_servers = {{ address('memcached', memcached.port) }}
+{{ keystone_authtoken.keystone_authtoken(ironic.username, ironic.password) }}
 
 [service_catalog]
 auth_type = password
diff --git a/service/ironic-api.yaml b/service/ironic-api.yaml
index c15f8d7..1374eb0 100644
--- a/service/ironic-api.yaml
+++ b/service/ironic-api.yaml
@@ -31,14 +31,15 @@ service:
             - ironic.conf
         - name: ironic-user-create
           type: single
-          command: openstack user create --project service --password {{ ironic.password }} {{ ironic.username }}
+          command: openstack user create --domain {{ service_account.domain }} --password {{ ironic.password }} {{ ironic.username }}
           dependencies:
-            - keystone-create-project
+            - keystone-create-domain
         - name: ironic-role-add
           dependencies:
             - ironic-user-create
+            - keystone-create-project
           type: single
-          command: openstack role add --project service --user {{ ironic.username }} admin
+          command: openstack role add --project {{ service_account.project }} --user {{ ironic.username }} admin
         - name: ironic-service-create
           dependencies:
             - keystone