Deprecation of Password Logins on CLI with Docker SSO Enforcement

At Docker, security is a core priority in everything we build. To align with our commitment to provide a secure experience for our developers and organizations, we are announcing an update to Single Sign-On (SSO) enforcement. Starting September 16, 2024, we will deprecate password logins on the Docker CLI when SSO is enforced.

SSO enforcement

SSO enforcement was introduced in 2022 for Docker Business subscriptions and allows organizations to mandate that users belonging to customer domains authenticate through the organization’s Identity Provider (IdP). In particular, SSO enforcement disables the ability of using existing username/password combinations to sign in to Docker Desktop, Docker Hub, Docker Scout, and Docker Build Cloud.

When SSO enforcement was initially rolled out, a grace period was provided to continue to allow the Docker CLI to access the Docker Hub registry. The period was allowed to facilitate easier adoption of SSO enforcement across organizations.

Today, we announce the end of this grace period.

What is changing?

Effective September 16, 2024, we will discontinue the ability for users to authenticate to the Docker Hub Registry via CLI using passwords when SSO is enforced. Users will need to use Personal Access Tokens (PATs) for CLI authentication instead. This change ensures a unified and secure authentication process across all Docker services.

Key changes:

Discontinued password logins: Users will no longer be able to use passwords on CLI authentication when SSO is enforced.

Mandatory use of PATs: Personal Access Tokens will be required for CLI login, enhancing security and control over access to Docker resources.

Why this change matters

At Docker, we continuously strive to improve the security of our platform. This deprecation is an essential step toward providing a secure environment for our users. By ensuring consistent enforcement of SSO across all services, we enhance your organization’s overall security posture. Adopting PATs helps you maintain the highest security standards and control over access to Docker resources.

Support and assistance

We understand that changes can be challenging, and we are here to support you through this transition. For any questions or assistance, reach out to us via:

Docker Support

Docker Community forums

Direct responses to our communication emails

We appreciate your cooperation and understanding as we work together to enhance the security of the Docker platform. Thank you for being a valued Docker user, and we look forward to continuing to support your development needs with increased security and reliability.

Learn more

Subscribe to the Docker Newsletter. 

Get the latest release of Docker Desktop.

Vote on what’s next! Check out our public roadmap.

Have questions? The Docker community is here to help.

New to Docker? Get started.

Quelle: https://blog.docker.com/feed/