Docker Tip #38: How to Revoke Your Docker Hub Login Token
There may come a time where you accidentally share your Docker login token for the Docker Hub. Changing your password will revoke it.
This might be the shortest tip ever since the answer is in the description of this tip.
It was something I had to do recently because I accidentally pushed my login token to a repo on GitHub, oops! That’s the first time I’ve ever done something like that.
It’s not very clear that changing your password will revoke the token because it’s not mentioned on Docker’s website under where you would change your password (at least not at the time of writing this tip).
After changing your password you can test to confirm if it’s revoked by creating
a backup of your current ~/.docker/config.json file. You can do that on a
unix-like operating system by running
cp ~/.docker/config.json ~/.docker/config.json.bak.
Then login to your account with the Docker CLI by running docker login.
That’s going to update your original config.json with a new token. You can
confirm the auth token is different by running
diff ~/.docker/config.json ~/.docker/config.json.bak.
If you swap in the backup and try to access a private repo you should be greeted with a username or password error from the Docker CLI (that’s good).
If you revert the backup to the newly updated config.json file and do the same,
you’ll be able to access your private repo again. Victory (with proof)!