Enforce sign-in for Docker Desktop

By default, members of your organization can use Docker Desktop without signing in. When users don’t sign in as a member of your organization, they don’t receive the benefits of your organization’s subscription and they can circumvent Docker’s security features for your organization.

There are multiple ways you can enforce sign-in, depending on your companies' set up and preferences:

• Registry key method (Windows only) New
• .plist method (Mac only) New
• registry.json method (All)

How is sign-in enforced?

When Docker Desktop starts and it detects a registry key, a .plist file or registry.json file, the following occurs:

• A Sign in required! prompt appears requiring the user to sign in as a member of your organization to use Docker Desktop.

  

• When a user signs in to an account that isn’t a member of your organization, they are automatically signed out and can’t use Docker Desktop. The user can select Sign in and try again.
• When a user signs in to an account that is a member of your organization, they can use Docker Desktop.
• When a user signs out, the Sign in required! prompt appears and they can no longer use Docker Desktop.

Enforcing sign-in versus enforcing single sign-on (SSO)

Enforcing SSO and enforcing sign-in are different features. The following table provides a description and benefits when using each feature.