docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update oat docs for company owners (#22079) 

<!--Delete sections as needed -->

## Description

<!-- Tell us what you did and why -->

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [x] Editorial review
- [ ] Product review
This commit is contained in:
Josh 2025-02-21 13:46:10 -07:00 committed by GitHub
parent bfbd3d7494
commit 8d87ca81c0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
content/manuals/security/for-admins/access-tokens.md
View File

@ -15,13 +15,12 @@ params:
> [!WARNING] > [!WARNING]
> >
> Organization access tokens (OATs) are not intended to be used with Docker Desktop, and are incompatible. > Organization access tokens (OATs) are not intended to be used with Docker
> Desktop, and are incompatible.
> >
> OATs are also currently incompatible with the following services: > OATs are also currently incompatible with the following services:
> >
> - Docker Build Cloud
> - Docker Scout > - Docker Scout
> - Docker REST APIs
> >
> If you use Docker Desktop or one of these services, you must use personal access tokens instead. > If you use Docker Desktop or one of these services, you must use personal access tokens instead.
@ -38,8 +37,8 @@ OATs provide the following advantages:
if you find any suspicious activity. if you find any suspicious activity.
- You can limit what each OAT has access to, which limits the impact if an OAT - You can limit what each OAT has access to, which limits the impact if an OAT
is compromised. is compromised.
- All organization owners can manage OATs. If one owner leaves the organization, - All company or organization owners can manage OATs. If one owner leaves the
the remaining owners can still manage the OATs. organization, the remaining owners can still manage the OATs.
- OATs have their own Docker Hub usage limits that don't count towards your - OATs have their own Docker Hub usage limits that don't count towards your
personal account's limits. personal account's limits.
@ -55,18 +54,19 @@ If you have existing [service accounts](/docker-hub/service-accounts/), Docker r
it. it.
- OATs are not associated with a single user. If a user with access to the - OATs are not associated with a single user. If a user with access to the
service account leaves your organization, you may lose access to the service service account leaves your organization, you may lose access to the service
account. OATs can be managed by any organization owner. account. OATs can be managed by any company or organization owner.
## Create an organization access token ## Create an organization access token
> [!IMPORTANT] > [!IMPORTANT]
> >
> Treat access tokens like a password and keep them secret. Store your tokens securely in a credential manager for example. > Treat access tokens like a password and keep them secret. Store your tokens
> securely in a credential manager for example.
Organization owners can create up to 10 organization access tokens (OATs) for Company or organization owners can create up to 10 organization access tokens
organizations with a Team subscription and up to 100 OATs for organizations with (OATs) for organizations with a Team subscription and up to 100 OATs for
a Business subscription. Expired tokens count towards the total amount of organizations with a Business subscription. Expired tokens count towards the
tokens. total amount of tokens.
To create an OAT: To create an OAT: