Configure single sign-on
Page options
Page options
Get started creating a single sign-on (SSO) connection for your organization or company. This guide walks through the steps to add and verify the domains your members use to sign in to Docker.
Step one: Add your domain
- Sign in to the Admin Console.
- Select your organization or company from the Choose profile page. Note that when an organization is part of a company, you must select the company and configure the domain for the organization at the company level.
- Under Security and access, select Domain management.
- Select Add a domain.
- Enter your domain in the text box and select Add domain.
- The pop-up modal will prompt you with steps to verify your domain. Copy the TXT Record Value.
Important
Organization management is moving to the Admin Console.
Manage members, team, settings, and activity logs in the Docker Admin Console. Access to these features in Docker Hub will end soon. Explore the Admin Console.
- Sign in to Docker Hub.
- Select My Hub and then your organization from the list.
- On your organization page, select Settings and then Security.
- Select Add a domain.
- Enter your domain in the text box and select Add domain.
- The pop-up modal will prompt you with steps to verify your domain. Copy the TXT Record Value.
Step two: Verify your domain
Verifying your domain ensures Docker knows you own it. To verify, you add a TXT record to your Domain Name System (DNS) host using the value Docker provides. The TXT Record Value proves ownership, which signals the DNS to add this record. It can take up to 72 hours for DNS to recognize the change. When the change is reflected in DNS, Docker automatically checks the record to confirm your ownership.
Use the TXT Record Value provided by Docker and follow the steps based on your DNS host. If your provider isn't listed, use the instructions for other providers.
Tip
The record name field controls where the TXT record is applied in your domain, for example root or subdomain. In general, refer to the following tips for adding a record name:
- Use
@or leave the record name empty for root domains likeexample.com, depending on your provider.- Don't enter values like
docker,docker-verification,www, or your domain name. These values may direct to the wrong place.Check your DNS provider's documentation to verify record name requirements.
- To add your TXT record to AWS, see Creating records by using the Amazon Route 53 console.
- TXT record verification can take 72 hours. Once you have waited for TXT record verification, return to the Domain management page of the Admin Console and select Verify next to your domain name.
- To add your TXT record to Google Cloud DNS, see Verifying your domain with a TXT record.
- TXT record verification can take 72 hours. Once you have waited for TXT record verification, return to the Domain management page of the Admin Console and select Verify next to your domain name.
- To add your TXT record to GoDaddy, see Add a TXT record.
- TXT record verification can take 72 hours. Once you have waited for TXT record verification, return to the Domain management page of the Admin Console and select Verify next to your domain name.
- Sign in to your domain host.
- Add a TXT record to your DNS settings and save the record.
- TXT record verification can take 72 hours. Once you have waited for TXT record verification, return to the Domain management page of the Admin Console and select Verify next to your domain name.
Once you have added and verified your domain, you are ready to create an SSO connection between Docker and your identity provider (IdP).
More resources
The following videos walk through verifying your domain to create your SSO connection in Docker.