diff --git a/doc/source/configuration/settings.rst b/doc/source/configuration/settings.rst
index 50e455c6e8..2dd6e7f936 100644
--- a/doc/source/configuration/settings.rst
+++ b/doc/source/configuration/settings.rst
@@ -1091,6 +1091,32 @@ Default: ``False``
 Set this to True if running on multi-domain model. When this is enabled, it
 will require user to enter the Domain name in addition to username for login.
 
+``OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN``
+--------------------------------------
+
+.. versionadded:: 12.0.0(Pike)
+
+Default: ``False``
+Set this to True if you want available domains displayed as a dropdown menu on
+the login screen. It is strongly advised NOT to enable this for public clouds,
+as advertising enabled domains to unauthenticated customers irresponsibly
+exposes private information. This should only be used for private clouds where
+the dashboard sits behind a corporate firewall.
+
+``OPENSTACK_KEYSTONE_DOMAIN_CHOICES``
+-------------------------------------
+
+.. versionadded:: 12.0.0(Pike)
+
+Default::
+
+        (
+          ('Default', 'Default'),
+        )
+
+If OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN is enabled, this option can be used to
+set the available domains to choose from. This is a list of pairs whose first
+value is the domain name and the second is the display name.
 
 ``OPENSTACK_KEYSTONE_URL``
 --------------------------
diff --git a/openstack_dashboard/local/local_settings.py.example b/openstack_dashboard/local/local_settings.py.example
index ee89d83807..17b2bdd303 100644
--- a/openstack_dashboard/local/local_settings.py.example
+++ b/openstack_dashboard/local/local_settings.py.example
@@ -75,6 +75,20 @@ WEBROOT = '/'
 # for login.
 #OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
 
+# Set this to True if you want available domains displayed as a dropdown menu
+# on the login screen. It is strongly advised NOT to enable this for public
+# clouds, as advertising enabled domains to unauthenticated customers
+# irresponsibly exposes private information. This should only be used for
+# private clouds where the dashboard sits behind a corporate firewall.
+#OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN = False
+
+# If OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN is enabled, this option can be used to
+# set the available domains to choose from. This is a list of pairs whose first
+# value is the domain name and the second is the display name.
+#OPENSTACK_KEYSTONE_DOMAIN_CHOICES = (
+#  ('Default', 'Default'),
+#)
+
 # Overrides the default domain used when running on single-domain model
 # with Keystone V3. All entities will be created in the default domain.
 # NOTE: This value must be the name of the default domain, NOT the ID.
diff --git a/releasenotes/notes/add-domain-dropdown-65006187e5605735.yaml b/releasenotes/notes/add-domain-dropdown-65006187e5605735.yaml
new file mode 100644
index 0000000000..2968e3fa74
--- /dev/null
+++ b/releasenotes/notes/add-domain-dropdown-65006187e5605735.yaml
@@ -0,0 +1,11 @@
+---
+features:
+  - |
+    Added settings OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN (boolean) and
+    OPENSTACK_KEYSTONE_DOMAIN_CHOICES (tuple of tuples) to support a dropdown
+    list of keystone domains to choose from at login. This should NOT be enabled
+    for public clouds, as advertising enabled domains to unauthenticated users
+    irresponsibly exposes private information. This is useful for private clouds
+    that sit behind a corprate firewall and that have a small number of domains
+    mapped to known corporate structures, such as an LDAP directory, Active
+    Directory domains, geopgraphical regions or business units.