Authentication

last updated: 2025-07-05

Using DTZ identities

The service can be accessed with any identity which has one of the following role attached to it.

Required Role

role privileges
https://dtz.rocks/containerregistry/admin/{context_id} full access

Login via Apikey

The preferred way to authenticate with the container registry service is through an apikey. To further improve on security, limited privileged service identities should be used instead of an user account.

The credentials have to be applied as follows:

  • Username: apikey
  • Password: {Apikey generated for the identity}
docker login cr.dtz.rocks -u apikey
Password: 

Login via DTZ Identity

If a Identity already has an Oauth token, this access token can be used to access the registry.

The credentials have to be applied as follows:

  • Username: bearer
  • Password: {AccessToken generated for the identity}
docker login cr.dtz.rocks -u bearer
Password: