Creates distribution credentials for the specified project


The following information applies only to Console projects which have been granted access to on-prem products. Please contact Support if you would like access but don't currently have it.

Required Access

If the authenticated account has access to the owner or admin roles, or the keys:write project scope, it will create a new set of distribution credentials in the project.

Create Request

All requests must include the following parameters:

  • comment A friendly name for the distribution credentials.
  • scopes The product scopes granted to the credentials as an Array of Strings.
  • provider The provider for the distribution credentials. Only valid value is "quay".

For example:

curl -X POST \
    -H 'Authorization: Token aa4909ae0078f880a1e5846ed42e28adf8b31780' \
    -H 'Content-Type: application/json' \
    --url \
    --data '{"comment": "My on-prem distribution credentials", "scopes":["onprem:products"], "provider": "quay"}'

In addition to the values you provided, a response will include:

  • distribution_credentials_id a unique identifier for this set of distribution credentials as a GUID.
  • username a string of the unique identifier prepended with deepgram+ which can be used as a username for the container registry provider.
  • secret a secret key which can be used as a password for the container registry provider.
    • This is only returned when the key is created. Do not lose this key or you will need to create an entirely new set of distribution credentials. Be sure this key remains a secret.
  "distribution_credentials_id": "1a9a9729-5b39-4445-86c4-c1e8a989306f",
  "provider": "quay",
  "comment": "My on-prem distribution credentials",
  "scopes": [
  "created": "2023-06-28T22:05:10.286665Z"

Distribution Credentials

Distribution credentials are a set of identifiers and a secret which can be used as user login credentials for an associated container registry provider.

As of this writing, the only valid provider Deepgram supports is quay. Click here to learn more about

Distribution credentials can be used in conjunction with the docker login command. Prepending deepgram+ to the distribution_credential_id e.g. deepgram+64d1f840-3b7e-43b2-a7b6-d56756d4476d enables you to use the new value for --username:

docker login --username 'deepgram+64d1f840-3b7e-43b2-a7b6-d56756d4476d'

The minimum set of Deepgram On-premises product scopes required to run a Deepgram POC is onprem:product:api and onprem:product:engine.

Read more about roles and scopes.