Giving access to private repositories


I would like to share repositories only to people that have paid for them and I am wondering if Dockerhub is the right tool for that.
My current idea would be:

  1. Create an organization
  2. Create some private repositories
  3. Create some teams and add members to them
  4. Give these teams access to the repositories that they need

Note that the people I would invite to the teams aren’t really part of my organization. Instead, they are my customers.

At this point it seems clumsy creating separate teams for my customers. However, since these customers don’t necessarily want to see each over, I would even end up creating a team per customer.
Adding them as collaborators seems more elegant, but according to Dockers pricing page they are limited to “Up to org size”. Besides that, I assume that a collaborator of a repository can see all the other collaborators…

These are my thoughts at the moment. Am I missing something? Is there another way?


You have to wait someone else to give you detailed info about the organization and team features, but I still have some suggestions.

  • You can create access tokens with your personal account and a token could be read-only too so anyone using the token could pull the image but not change it. You could also revoke the tokens any time.
    Create and manage access tokens | Docker Documentation
  • You could also use an opensource Docker Registry installed on your server. Harbor s a feature rich registry solution which gives you full controll over the whole registry and who can access it. You could even allow pushing to the registry under different namespaces and limit the max size of the data the users can push.

While generating tokens could work, I am not sure if using Docker Hub this way is allowed although I don’t know why it wouldn’t be. You would still need a PRO account to create private repositories, but you also need to be aware of the fact that tokens are “replacement of your password” so they would still use your account and any limit like 5000 image pulls per day could be reached faster. If you have your own registry, there is no such limit.