Docker Community Forums

Share and learn in the Docker community.

Incorrect scope class when trying to access plugins via v2 api

Hello,

I’ve noticed a surprising behaviour from dockerhub’s API. The following request:

$ curl -i -H 'Accept: application/vnd.docker.distribution.manifest.v2+json' 'https://registry-1.docker.io/v2/purestorage/docker-plugin/manifests/3.4'

results in the following header

Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:purestorage/docker-plugin:pull"

However, that’s incorrect, the class should’ve been repository(plugin) in that case. If I attempt to make a request to https://auth.docker.io/token passing that scope I’ll get an invalid token. However, if I replace repository with repository(plugin) it works.

Is that expected? Am I reporting that in the right place? Where should I report it?

Thanks