Auth0 Home Blog Docs

Using Auth0 as the token provider for a private Docker Registry

documentation
private-application
token-endpoint

#1

I have been trying to configure our private docker registry to use Auth0 as the token provider, but have encountered several issues due to lack of documentation about the process. I was wondering whether anyone has been able to get this working or if it is even possible? At the moment I cannot get the docker login command to work with auth0 and receive the following error error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot GET /oauth/token</pre>\n</body>\n</html>\n"

Thanks in advance


#2

It won’ work; at least from my perspective it won’t work without a middleman component that satisfies the requirements of Docker for the token provider. That component could then in theory perform the actual validation of credentials through Auth0, but there is no support for that component.

The situation is that the requirements from Docker for the token provider don’t exactly match any of the protocols supported by Auth0 service that would allow a client to request a token. In particular, Auth0 service supports out of the box to act as an OpenID Connect/OAuth 2.0, SAML or WS-Federation identity provider (token issuer), but Docker Registry is expecting a token issuer that complies to their partially proprietary requirements. I say partially, because reading from the docs the registry requires JWT tokens and also follows some rules associated with OAuth 2.0 specification, but the full flow does not seem to be interoperable directly with authorization servers that support OAuth 2.0 specification.


#3