Quay.io transitioning to Red Hat SSO

Updated -

Frequently Asked Questions

What exactly happens on August 1st, 2021?

Starting on August 1st, 2021 Quay.io will no longer support any other authentication provider than Red Hat Single-Sign On. All other authentication providers, e.g. GitHub, are going to be disabled. This primarily impacts your ability to log in to the Quay.io web site. CLI passwords that you generated for clients like docker or podman will continue to work. Robot account tokens that you created for your CI/CD pipeline integration will continue to work.

I don’t have a Red Hat account yet. What do I need to do?

You can create a redhat.com account at no cost and with some personal information that is required.. You can simply sign up here.

When creating a Red Hat account I need to choose between private and corporate account type. What do I choose?

If you are an individual, select Personal account. If you are not a business customer of Red Hat yet and/or you do not plan to manage employees of your own organization and their Red Hat accounts, select Personal account.

If you are an employee of an organization that already has Red Hat Subscriptions, there likely is already a Corporate account. In this case, you can use your corporate email address and sign up using the Corporate account type.

Note: if you decide to link your Quay.io account to a Corporate Red Hat account and you leave your employer at a later stage, this means you will also lose access to your linked Quay.io account and thus, to your content.

Follow the instructions in this Red Hat Knowledge Base Article to see in a step-by-step fashion how the linking works: https://access.redhat.com/articles/5363231. https://access.redhat.com/articles/5363231

Will I still be able to push and pull images?

Yes, authentication using a container image CLI tool like docker or podman will be unaffected (your robot tokens and regular quay.io credentials will continue to work for this usage). The only change to our authentication will be for the quay.io website itself.

If you do not link your Quay.io account by August 1st, 2021, you will not be able to log in to the Quay.io web site and manage your account or content. There will be support channels available where Red Hat Customer Support can assist in doing the linking after August 1st but you’ll need to expect disruption. Your image pushes and pulls using existing robot tokens or your direct quay.io credentials will continue to work.

Does this mean I can no longer use quay.io for free?

Quay.io free tier will remain available. Also all other Quay.io plans are not impacted by this change. There are no plans to remove the free tier of Quay. Red Hat is committed to serve the Open Source community with a public container image registry.

Who is impacted by this change?

All Quay.io users, both free and paid accounts are impacted.

Does this mean I need to pay for Quay.io now?

No, Quay.io’s free tier will remain available. Also, all other Quay.io plans are not impacted by this change. There are no plans to remove the free tier of Quay. Red Hat is committed to serve the Open Source community with a public container image registry.

Why is Quay.io moving to Red Hat accounts for single-sign on?

Having a Red Hat account is necessary for receiving support if you are a paying user of Quay. But even if you are just enjoying the free tier offering of Quay.io, with a Red Hat account you get access to a wealth of Red Hat resources for Quay including Knowledge Base articles and documentation.

In the future, this will also pave the way to integrate Quay.io into the overall customer experience of Red Hat OpenShift Cluster Manager, Red Hat OpenShift Dedicated, CodeReady Workspaces and other future hosted services.

Comments