I am generating Access Token using https://learn.microsoft.com/en-us/rest/api/containerregistry/access-tokens/get-from-login?tabs=HTTP rest endpoint. Getting access token but how to use it for docker login?
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions in this doc, they are using UI and cli for this. and they have username also. but while doing from rest api, didn't have any username.
Using rest api (changed values)
GET /oauth2/token?service=demoregistry.azurecr.io&scope=registry:catalog:* HTTP/1.1
Host: demoregistry.azurecr.io
Authorization: Basic ZGVtb3JlZ2lzdHJ5OmNDZWJ3UU9jN1BzM1poQndGMzg2LzBPdndCZU1vTQ==
unauthorized: incorrect username or password
)rid
/ jti
as username and access token as the password (Error unauthorized: Application not registered with AAD
){
"alg": "RS256",
"typ": "JWT",
"kid": "QWFG:M237:K2HA:33DK:5PGT:CA3M:DBN3:XOQB:A5QB:I63Q:AT3Q:NQAK"
}
{
"jti": "69853560-dc76-4458-8bac-137f33121e39",
"sub": "demoregistry",
"nbf": 1669691010,
"exp": 1669695510,
"iat": 1669691010,
"iss": "Azure Container Registry",
"aud": "demoregistry.azurecr.io",
"version": "1.0",
"rid": "f013d21b1c1349ecb85457182a1b1466",
"access": [
{
"Type": "registry",
"Name": "catalog",
"Actions": [
"*"
]
}
],
"roles": [
"Owner"
],
"grant_type": "access_token"
}
I found an answer while generating a token from Az cli, it gives 00000000-0000-0000-0000-000000000000 as a username. and this username works with tokens generated from the rest API.