Share Docker Registry Credentials Securely

The problem

Docker registry credentials grant access to pull and push container images, including proprietary application code and internal tooling. Sharing registry tokens in Slack or email exposes your entire container supply chain. Compromised registry access can lead to tampered images, injected malware, and supply-chain attacks.

How Vaulted helps

Vaulted encrypts your Docker registry credentials in the browser using AES-256-GCM and generates a self-destructing link. The decryption key exists only in the URL fragment and never reaches any server. Once the recipient retrieves the credentials, the link expires permanently.

How to do it

1. Paste your Docker registry token or login credentials into Vaulted
2. Set a view limit and expiration matching your team size
3. Share the encrypted link with the engineer configuring container access
4. They configure their Docker client, and the link self-destructs

Share Docker credentials from the terminal

Use the Vaulted CLI to share registry credentials in scripts: npx vaulted-cli "registry.example.com:username:token" --views 1 --expires 1h. Same AES-256-GCM encryption as the web app. Install from npm: npm install -g vaulted-cli.

Share Docker credentials in GitHub Actions

Automate credential sharing in CI/CD with the Vaulted GitHub Action: uses: vaulted-fyi/share-secret@v1 with your Docker registry credentials as the secret input. End-to-end encrypted, self-destructing links. Available on GitHub Marketplace.