Here is an example program to read repositories from a registry. I used it as a learning aid with Docker Hub.

#!/bin/bashset -e# set username and passwordUNAME="username"UPASS="password"# get token to be able to talk to Docker HubTOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${UNAME}'", "password": "'${UPASS}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token)# get list of repos for that user accountREPO_LIST=$(curl -s -H "Authorization: JWT ${TOKEN}" https://hub.docker.com/v2/repositories/${UNAME}/?page_size=10000 | jq -r '.results|.[]|.name')# build a list of all images & tagsfor i in ${REPO_LIST}do  # get tags for repo  IMAGE_TAGS=$(curl -s -H "Authorization: JWT ${TOKEN}"   https://hub.docker.com/v2/repositories/${UNAME}/${i}/tags/?page_size=10000 | jq -r '.results|.[]|.name')  # build a list of images from tags  for j in ${IMAGE_TAGS}  do    # add each tag to list    FULL_IMAGE_LIST="${FULL_IMAGE_LIST} ${UNAME}/${i}:${j}"  donedone# output list of all docker imagesfor i in ${FULL_IMAGE_LIST}do  echo ${i}done

(this comes from an article on Docker site that describes how to use the API.)

In essence...

• get a token
• pass the token as a header Authorization: JWT <token> with any API calls you make
• the api call you want to use to list repositories is https://hub.docker.com/v2/repositories/<username>/

This site says we cannot :(

Dockerhub hosts a mix of public and private repositories, but does not expose a catalog endpoint to programmatically list them.

First thing first, Docker is a protocol, DockerHub is product that implements the Docker protocol but is not limited to it.

hub.docker.com has the rich DockerHub specific APIs.

index.docker.io is the generic Docker API V2 implementation for DockerHub that is used in majority of clients that support multiple docker registries.

DockerHub implements the generic Docker HTTP API V2 but it doesn't implement _catalog API from the generic API set.

DockerHub Docker API V2 Usage

In order to use the Docker V2 API, a JWT auth token needs to be generated and that token has to be used as Bearer token in the DockerHub calls at index.docker.io

When you hit the DockerHub APIs like this:

https://index.docker.io/v2/library/alpine/tags/listand it returns 401,

Look for the response header

www-authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:library/alpine:pull",error="invalid_token"

This means, you need to explicitly call

https://auth.docker.io/token?service=registry.docker.io&scope=repository:library/alpine:pull

Which will get you the bearer token that you can use in the original index.docker.io request.

The https://auth.docker.io/token works without any auth token but only for public repos.

In case you want to access a private repo, you need to add basic auth header to the request.

curl -u username:password https://auth.docker.io/token?service=registry.docker.io&scope=repository:<repo>:pull

NOTE: auth.docker.io will generate a token anyway even if the request is not valid (reds or scope or anything). To validate the token, if you put the token to jwt.io, you should see the access field in the payload containing requested scope references.