How to implement Docker Authentication?


I am trying to implement user based docker authentication. If there is a way to do this, I have not figure it out.

There is a nice plugin from Twistlock that implements authorization, but without authentication, it does not seem very helpful. I saw some posts stating that Docker 1.11 might have some authentication components (or something), but I don’t see anything there.

Just for clarification, I need to lock down my docker engine so that only authenticated users can build, start, query, delete containers and images. Again, the Twistlock Authz component can be part of this, but authenticating the user seems to be a missing component, or I just don’t understand. I have successfully setup docker API do use TLS, so that part is secure, but it does not seem to get me closer to knowing, for sure, who the user is and authenticating them.

I feel like I am missing something basic… just need a little nudge??


The twistlock plugin depends on an authz implementation that isn’t yet in docker. Last I looked into it, the PR they referenced on their page ( has a ling near the top to was closed pending their changes being broken up into smaller PRs.