diff --git a/doc/source/misc.rst b/doc/source/misc.rst
index 5db87d7075..1037672505 100644
--- a/doc/source/misc.rst
+++ b/doc/source/misc.rst
@@ -44,6 +44,14 @@ TempAuth
 
 .. _acls:
 
+KeystoneAuth
+============
+
+.. automodule:: swift.common.middleware.keystoneauth
+    :members:
+    :show-inheritance:
+
+
 ACLs
 ====
 
@@ -180,7 +188,7 @@ Bulk Operations (Delete and Archive Auto Extraction)
     :show-inheritance:
 
 Container Quotas
-=============
+================
 
 .. automodule:: swift.common.middleware.container_quotas
     :members:
diff --git a/swift/common/middleware/keystoneauth.py b/swift/common/middleware/keystoneauth.py
index b50b448016..296bfb975b 100644
--- a/swift/common/middleware/keystoneauth.py
+++ b/swift/common/middleware/keystoneauth.py
@@ -40,14 +40,15 @@ class KeystoneAuth(object):
 
     If support is required for unvalidated users (as with anonymous
     access) or for tempurl/formpost middleware, authtoken will need
-    to be configured with delay_auth_decision set to 1.  See the
+    to be configured with ``delay_auth_decision`` set to 1.  See the
     Keystone documentation for more detail on how to configure the
     authtoken middleware.
 
     In proxy-server.conf you will need to have the setting account
     auto creation to true::
 
-        [app:proxy-server] account_autocreate = true
+        [app:proxy-server]
+        account_autocreate = true
 
     And add a swift authorization filter section, such as::
 
@@ -58,18 +59,18 @@ class KeystoneAuth(object):
     This maps tenants to account in Swift.
 
     The user whose able to give ACL / create Containers permissions
-    will be the one that are inside the operator_roles
+    will be the one that are inside the ``operator_roles``
     setting which by default includes the admin and the swiftoperator
     roles.
 
     If you need to have a different reseller_prefix to be able to
     mix different auth servers you can configure the option
-    reseller_prefix in your keystoneauth entry like this :
+    ``reseller_prefix`` in your keystoneauth entry like this::
 
         reseller_prefix = NEWAUTH_
 
     Make sure you have a underscore at the end of your new
-    reseller_prefix option.
+    ``reseller_prefix`` option.
 
     :param app: The next WSGI app in the pipeline
     :param conf: The dict of configuration values