az acr token credential

Manage credentials of a token for an Azure Container Registry.

Commands

az acr token credential delete	Delete a token credential.
az acr token credential generate	Generate or replace one or both passwords of a token for an Azure Container Registry. For using token and password to access a container registry, see https://aka.ms/acr/repo-permissions.

az acr token credential delete

Delete a token credential.

az acr token credential delete --name
                               --registry
                               [--password1]
                               [--password2]
                               [--resource-group]

Examples

Delete both passwords for the token 'MyToken'.

az acr token credential delete -n MyToken -r MyRegistry --password1 --password2

Required Parameters

--name -n

The name of the token.

--registry -r

The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.

Optional Parameters

--password1

Flag indicating if first password should be deleted.

default value: False

--password2

Flag indicating if second password should be deleted.

default value: False

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az acr token credential generate

Generate or replace one or both passwords of a token for an Azure Container Registry. For using token and password to access a container registry, see https://aka.ms/acr/repo-permissions.

az acr token credential generate --name
                                 --registry
                                 [--expiration]
                                 [--expiration-in-days]
                                 [--password1]
                                 [--password2]
                                 [--resource-group]

Examples

Generate password1 for the token 'MyToken', with an expiration of 30 days.

az acr token credential generate -n MyToken -r MyRegistry --password1 --days 30

Required Parameters

--name -n

The name of the token.

--registry -r

The name of the container registry. It should be specified in lower case. You can configure the default registry name using az configure --defaults acr=<registry name>.

Optional Parameters

--expiration

UTC time for which the credentials will be valid. In the format of %Y-%m-%dT%H:%M:%SZ, e.g. 2025-12-31T12:59:59Z.

--expiration-in-days

Number of days for which the credentials will be valid. If not specified, the expiration will default to the max value "9999-12-31T23:59:59.999999+00:00".

--password1

Flag indicating if password1 should be generated.

default value: False

--password2

Flag indicating if password2 should be generated.

default value: False

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.