Skip to main content

Docker Credentials



  • Documentation:
  • Summary: Docker is a set of platform as a service products that helps in delivering packages called containers. Among other things Docker provides a container image library called Docker Hub that acts as a registry to host images. This detector aims at catching access tokens that are used as password to programmatically interact with the service.
  • IPs allowlist: This is not mentioned in the documentation.
  • Scopes: Various scopes can be attributed to an access token: 'Read, Write, Delete', 'Read & Write', 'Read-only' or 'Public repo read only'

Revoke the secret

An access token can be revoked from the security tab in the Docker Hub UI.

Check for suspicious activity

The UI gives useful information about access tokens' creation and their latest usage date.

Details for Docker credentials

  • Family: Api

  • Category: Package registry

  • Company: Docker

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.2

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
- dckr_pat_[a-z0-9-]{27}


- text: |
+ DOCKERHUB_USERNAME: "someuserhere"
+ DOCKERHUB_TOKEN: "dckr_pat_jhQhxwAEBQjrxo4-n0tkOpEMivH"
username: someuserhere
password: dckr_pat_jhQhxwAEBQjrxo4-n0tkOpEMivH

How can I help you ?