diff --git a/orm/base_config.py b/orm/base_config.py
index 891299e8..4745d3d1 100644
--- a/orm/base_config.py
+++ b/orm/base_config.py
@@ -375,6 +375,7 @@ rms = {'port': CONF.rms.port,
        'log': '{}/{}'.format(CONF.log_location, CONF.rms.log)}
 
 rds = {'port': CONF.rds.port,
+       'token_version': CONF.keystone_authtoken.auth_version,
        'repo_local_location': CONF.rds.repo_local_location,
        'repo_remote_location': CONF.rds.repo_remote_location,
        'repo_user': CONF.rds.repo_user,
diff --git a/orm/services/resource_distributor/config.py b/orm/services/resource_distributor/config.py
index 78191eaa..b7f5e24f 100755
--- a/orm/services/resource_distributor/config.py
+++ b/orm/services/resource_distributor/config.py
@@ -55,6 +55,8 @@ ims = {
     'delete_region': 'v1/orm/images/{0}/regions/{1}'
 }
 
+token_version = config.rds['token_version']
+
 rms = {
     'base_url': config.rms['base_url'],
     'all_regions_path': 'v2/orm/regions'
diff --git a/orm/services/resource_distributor/rds/utils/authentication.py b/orm/services/resource_distributor/rds/utils/authentication.py
index 0c766205..61a36d24 100755
--- a/orm/services/resource_distributor/rds/utils/authentication.py
+++ b/orm/services/resource_distributor/rds/utils/authentication.py
@@ -53,6 +53,7 @@ def get_keystone_ep_region_name(region):
 
 
 def get_token(region):
+    V3_TOKEN_GET_SUCCESS = 201
 
     logger.debug("create token")
     if not _is_authorization_enabled():
@@ -66,26 +67,43 @@ def get_token(region):
         logger.error(log_message)
         return
 
-    url = keystone_ep + '/v2.0/tokens'
-    logger.debug("url :- {}".format(url))
+    url = keystone_ep + '/{}/auth/tokens'.format(conf.token_version)
+
     data = {
         "auth": {
-            "tenantName": conf.authentication.tenant_name,
-            "passwordCredentials": {
-                "username": conf.authentication.mech_id,
-                "password": conf.authentication.mech_pass
+            "identity": {
+                "methods": [
+                    "password"
+                ],
+                "password": {
+                    "user": {
+                        "name": conf.authentication.mech_id,
+                        "domain": {
+                            "name": user_domain_name
+                        },
+                        "password": conf.authentication.mech_pass
+                    }
+                }
+            },
+            "scope": {
+                "project": {
+                    "domain": {
+                        "name": project_domain_name
+                    },
+                    "name": conf.authentication.tenant_name
+                }
             }
         }
     }
-    try:
-        logger.debug("get token url- {} data= {}".format(url, data))
-        respone = requests.post(url, data=json.dumps(data), headers=headers,
-                                verify=conf.verify)
 
-        if respone.status_code != 200:
+    try:
+        logger.debug("get token url- {}".format(url))
+        resp = requests.post(url, data=json.dumps(data), headers=headers)
+
+        if resp.status_code != V3_TOKEN_GET_SUCCESS:
             logger.error("fail to get token from url")
         logger.debug("got token for region {}".format(region))
-        return respone.json()['access']['token']['id']
+        return resp.headers['x-subject-token']
 
     except Exception as exp:
         logger.error(exp)