DockerHub Docker Registry API Examples

This post contains examples of REST API calls to DockerHub and the DockerHub Docker Registry. We're going to list all images for a user, list all tags for an image and get the manifest for an image.

List public images

We're going to use the DockerHub API to get the list of images for a user. This is because the DockerHub Docker Registry does not implement the /v2/_catalog endpoint to list all repositories in the registry.

$ curl -s "" | jq -r '.results|.[]|.name'


The DockerHub API is undocumented but there are projects out there like this one who did a great job listing available endpoints.

List private images

To include private images we need to get an authentication token (JWT) which we can then include in subsequent requests:

$ export DOCKER_USERNAME="myusername"
$ export DOCKER_PASSWORD="mypassword"

$ export TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' | jq -r .token)

$ curl -s -H "Authorization: JWT ${TOKEN}" "" | jq -r '.results|.[]|.name'


List tags

We need to get an authentication token for the Docker Registry. Note that the JWT from the previous step does not work here. DockerHub and the DockerHub Docker Registry are different services and require different authentication credentials.

$ export AUTH_SERVICE=''
$ export AUTH_SCOPE="repository:ansible/ansible:pull"

$ export TOKEN=$(curl -fsSL "$AUTH_SERVICE&scope=$AUTH_SCOPE" | jq --raw-output '.token')

$ curl -fsSL \
    -H "Authorization: Bearer $TOKEN" \
    "$REGISTRY_URL/v2/ansible/ansible/tags/list" | jq
  "name": "ansible/ansible",
  "tags": [

Get image manifest

We re-use the token from the previous step to make a request that gets the manifest for the ansible:centos7 image:

$ curl -fsSL \
    -H "Authorization: Bearer $TOKEN" \
    "$REGISTRY_URL/v2/ansible/ansible/manifests/centos7" | jq

  "schemaVersion": 1,
  "name": "ansible/ansible",
  "tag": "centos7",
  "architecture": "amd64",
  "fsLayers": [
      "blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
  "history": [...],
  "signatures": [...]


Skopeo is a CLI tool that makes it easy to quickly check information about docker images such as the available tags:

$ skopeo inspect docker://ansible/galaxy
    "Name": "",
    "Digest": "sha256:24d0b67d936ca6e7bca253169fc268748d7585c0cee723c14e8e51f37cfd3591",
    "RepoTags": [
    "Created": "2019-03-15T09:24:18.817740071Z",
    "DockerVersion": "17.09.0-ce",
    "Labels": {
        "": "20190305",
        "org.label-schema.license": "GPLv2",
        "": "CentOS Base Image",
        "org.label-schema.schema-version": "1.0",
        "org.label-schema.vendor": "CentOS"
    "Architecture": "amd64",
    "Os": "linux",
    "Layers": [
    "Env": [
        "GIT_COMMITTER_NAME=Ansible Galaxy",