Quay.io Now Supports Red Hat Single Sign On

Updated -

You can now use Red Hat Single Sign On to authenticate with quay.io. It’s very simple to set this up.

If you already have a quay.io account:

  1. Log into recovery.quay.io using your Quay username and password.
    Quay.io recovery page

  2. Go to your Account Settings.
    quay.io account settings

  3. Select the External Logins tab.
    quay.io account settings

  4. Click Attach to Red Hat.
    quay.io account settings

  5. If you are already signed into Red Hat SSO, your account will automatically be linked. Otherwise, you’ll be prompted to sign into Red Hat SSO (or create a new account first).
    quay.io account settings
    ...and your password…
    quay.io account settings

  6. You’re done! Now you can choose to authenticate against quay.io using your Red Hat account from the login page.
    quay.io account settings

If you don’t already have a quay.io account:

  1. Click the Sign in with Red Hat button from the main sign-in page.
    quay.io account settings

  2. If you have a Red Hat account already, authenticate with those credentials.
    quay.io account settings
    If not, you can create a new account first. Make sure you create a personal account, even if you are on a paid plan.
    quay.io account settings

  3. If you have created a new account, there will be a verification step and you’ll need to re-navigate to the quay.io sign-in page. Otherwise you will be taken to a page where a new quay.io username will be proposed.
    quay.io account settings

  4. Quay.io will then ask you for some more optional information.
    quay.io account settings

  5. That’s it! The Red Hat account will be automatically linked, there is no need to set it up in the Settings page. One thing to note is that you will need to set up a password so that you can use podman/docker command line tools to work with quay.io. There will be a notification waiting for you with this as well.
    quay.io account settings

You can set your password under Account Settings- just click the link Change Password.


When you show a screenshot like in #3, you should be showing the option to which you are referring... in this case it is the external login tab and that is directly above what is shown in the screenshot.

Same here, took me a bit to find the External Logins

Linking my RH account to my existing Quay.io account just resulted in a 404 during the SSO callback… Going back to the previous page returns me to the external logins tab and show that the account is properly linked. Not very confidence-inspiring or professional.

same for me...

Same but its already linked !!!

login to quay.io with RH SSO is working then :)

Okay, I linked them up, but: the quay.io credentials from my OCP pull-secret still have a different level of access than my quay.io account. It would be great if those would be shared, because it would allow me to pull our dev images (which we store in private quay repos) using my normal OCP pull-secret. If this is not planned, I would like to at least give my RH SSO quay account the same level of access as my other account, is that somehow possible?

I had similar problems to the one described above by CL - problem with the URL on the callback. I realised I had not logged out of quay for some time so I first made sure I had logged into the Red Hat, logged out of quay.io, and then logged back in to quay.io. That enabled me to connect my Red Hat account as described.

I have an quay.io account. But the option to "Log into quay.io using your current authentication method" is not possible anymore. So when I sign in with my RH account (which uses the the mail address), I get an error: mail address is already connected to an exiting account - what can I do? --> forget it click on "recovery endpoint" on the quay Home Screen did it...

I keep seeing "The e-mail address ibolton@redhat.com is already associated with an existing Quay account. Please log in with your username and password and associate your Red Hat account to use it in the future." When trying to use SSO. Seems that I have missed the window to link sso to my rh account & now I am locked out?

You can login to recovery.quay.io and attach your Quay account to the Red Hat SSO