I’ve created access token in dockerhub for reading, writing and deleting.
But when I tried to pull an image from my docker hub repo (after $docker logout
) I can pull image without any authentication process. (but docker push
is blocked. I needed to login via docker login
first)
If so, what is access_token
for?
2
Answers
Your repository (image) is public probably. You can have private images on the paid tiers.
Access tokens will not help you while pulling the images as you are using a public repo. Access tokens are an alternative to password only. Access tokens can be used as a substitute for your password in Docker Hub, especially for integrating your Hub account with other tools. The advantage of using tokens is the ability to create and manage multiple tokens at once so you can generate different tokens for each integration and revoke them independently at any time. Using Docker CLI, you can use tokens to access Hub images.
Access tokens provides advantages over a password:
You can investigate the last usage of the access token and disable or
delete it if you find any suspicious activity.
When using an access token, you can’t perform any admin activity on
the account, including changing the password.
For creating a token,you have access to 4 scopes: