I’m trying to use docker registry APIs I want to collect some data from the docker public registry (registry-1.docker.io hope this is correct)
But I couldn’t find the way to authenticate these APIs. Here it says use basic auth to GET v2/ endpoint . I have a dockerhub account and I used it’s username & password for this API, but it says unauthorized.
Can some one please explain me how I can authenticate docker registry API V2?
Docker Hub uses token authentication. The GET to v2/ includes a Www-Authenticate as part of the 401 response. That header directs you to https://auth.docker.io/token with service=registry.docker.io. And there you should request a token for a given scope. With curl, that request would look like:
mt_o="application/vnd.oci.image.manifest.v1+json"
mt_ol="application/vnd.oci.image.index.v1+json"
mt_d="application/vnd.docker.distribution.manifest.v2+json"
mt_dl="application/vnd.docker.distribution.manifest.list.v2+json"
mt_d1="application/vnd.docker.distribution.manifest.v1+json"
# get the auth token
token=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:${repo}:pull" \
-u "${user}:${pass_or_pat}" \
| jq -r '.token')
# use that to request a manifest
curl -H "Accept: ${mt_o}" -H "Accept: ${mt_ol}" \
-H "Accept: ${mt_d}" -H "Accept: ${mt_dl}" -H "Accept: ${mt_d1}" \
-H "Authorization: Bearer $token" \
-s "https://registry-1.docker.io/v2/${repo}/manifests/${sha:-$tag}" | jq .