Comment 0 for bug 1584143

In MOS 9.0 admin user has no roles in Default domain. Thus Keystone responds 401 on requests from admin user to list domains.

Also looks like this ussie could cause another issue:
API POST request to 'http://172.16.57.36:5000/v3/auth/tokens' with following params:

{'auth': {'scope': {'domain': {'name': u'Default'}}, 'identity': {'token': {'id': 'gAAAAABXPwvRLICDuUGJrkInZCsjAfRXvjpYcmqWiOsRfL3sWH3uUoQqYXKE8OJ-NGtPVVzuzE60PzpVnDGGO2UDEq8eK-1eMts0v3KdQyIM0GQazSqRvdGvH1bH5zBB379KKqG563TYUlg2xr0pMR9qTtkgtyRcdQ'}, 'methods': ['token']}}}

Gets response with identity endpoint for v2.0
{
    u 'endpoints': [{
            u 'url': u 'http://172.16.57.36:5000/v2.0',
            u 'interface': u 'public',
            u 'region': u 'RegionOne',
            u 'region_id': u 'RegionOne',
            u 'id': u 'db13c685429940209fd3b466305fd83d'
        }, {
            u 'url': u 'http://192.168.0.2:35357/v2.0',
            u 'interface': u 'admin',
            u 'region': u 'RegionOne',
            u 'region_id': u 'RegionOne',
            u 'id': u 'fab42b66a9634f41bb72e4f1abf50597'
        }, {
            u 'url': u 'http://192.168.0.2:5000/v2.0',
            u 'interface': u 'internal',
            u 'region': u 'RegionOne',
            u 'region_id': u 'RegionOne',
            u 'id': u 'fc49205f1ccf44458289ae6d9743aab5'
        }],
        u 'type': u 'identity',
        u 'id': u 'a5b0b6adada545fc802ebbc8403b1c7a',
        u 'name': u 'keystone'
}

According to Alexander Makarov it is not correct behaviour and looks like misconfiguration.