Access management
In this topic learn about the features available to manage access to your repositories. This includes visibility, collaborators, roles, teams, and organization access tokens.
Repository visibility
The most basic repository access is controlled via the visibility. A repository's visibility can be public or private.
With public visibility, the repository appears in Docker Hub search results and can be pulled by everyone. To manage push access to public personal repositories, you can use collaborators. To manage push access to public organization repositories, you can use roles, teams, or organization access tokens.
With private visibility, the repository doesn't appear in Docker Hub search results and is only accessible to those with granted permission. To manage push and pull access to private personal repositories, you can use collaborators. To manage push and pull access to private organization repositories, you can use roles, teams, or organization access tokens.
Change repository visibility
When creating a repository in Docker Hub, you can set the repository visibility. In addition, you can set the default repository visibility when a repository is created in your personal repository settings. The following describes how to change the visibility after the repository has been created.
To change repository visibility:
-
Sign in to Docker Hub.
-
Select Repositories.
-
Select a repository.
The General page for the repository appears.
-
Select the Settings tab.
-
Under Visibility settings, select one of the following:
- Make public: The repository appears in Docker Hub search results and can be pulled by everyone.
- Make private: The repository doesn't appear in Docker Hub search results and is only accessible to you and collaborators. In addition, if the repository is in an organization's namespace, then the repository is accessible to those with applicable roles or permissions.
-
Type the repository's name to verify the change.
-
Select Make public or Make private.
Collaborators
A collaborator is someone you want to give push
and pull
access to a
personal repository. Collaborators aren't able to perform any administrative
tasks such as deleting the repository or changing its visibility from private to
public. In addition, collaborators can't add other collaborators.
Only personal repositories can use collaborators. You can add unlimited collaborators to public repositories, and Docker Pro accounts can add up to 1 collaborator on private repositories.
Organization repositories can't use collaborators, but can use member roles, teams, or organization access tokens to manage access.
Manage collaborators
-
Sign in to Docker Hub.
-
Select Repositories.
A list of your repositories appears.
-
Select a repository.
The General page for the repository appears.
-
Select the Collaborators tab.
-
Add or remove collaborators based on their Docker username.
You can choose collaborators and manage their access to a private repository from that repository's Settings page.
Organization roles
Organizations can use roles for individuals, giving them different permissions in the organization. For more details, see Roles and permissions.
Organization teams
Organizations can use teams. A team can be assigned fine-grained repository access.
Configure team repository permissions
You must create a team before you are able to configure repository permissions. For more details, see Create and manage a team.
To configure team repository permissions:
-
Sign in to Docker Hub.
-
Select Repositories.
A list of your repositories appears.
-
Select a repository.
The General page for the repository appears.
-
Select the Permissions tab.
-
Add, modify, or remove a team's repository permissions.
- Add: Specify the Team, select the Permission, and then select Add.
- Modify: Specify the new permission next to the team.
- Remove: Select the Remove permission icon next to the team.
Organization access tokens (OATs)
Organizations can use OATs. OATs let you assign fine-grained repository access permissions to tokens. For more details, see Organization access tokens.