Frequently Asked Questions

Breakwater is a licensing and access management platform for commercial Docker containers. It lets software vendors sell time-bound, version-controlled access to their containerized software by adding a licensing layer to container registry authentication.

Breakwater sits between your customers and your container registry. When a customer runs 'docker login' with their Breakwater credentials, our proxy validates their license status, expiration dates, and tag restrictions before allowing the pull. Vendors push images normally using their vendor auth tokens.

A private Docker registry (like Harbor or AWS ECR) controls who can access images, but doesn't understand licensing. Breakwater adds commercial licensing on top: time-based access, per-customer credentials, version restrictions, and pull analytics. It's designed for vendors selling containerized software, not just hosting private images.

With Breakwater, you create products linked to your container repositories, then issue licenses to customers with start/end dates. Customers receive auth tokens to pull images. When their subscription expires, access automatically stops. You can also restrict which tags (versions) each customer can access.

Yes. Licenses support tag patterns using glob-style matching. For example, a license with pattern 'v1.*' allows customers to pull v1.0, v1.1, v1.2, etc., but blocks v2.0. This lets you gate access to major versions or specific releases.

Customers log into the self-service customer portal where they can view their active licenses and copy their auth token. They then use 'docker login registry.breakwaterapp.com' with their token to authenticate and pull licensed images.

Yes. Every pull is logged with the customer identity, timestamp, repository, image digest, and tag. You can view pull history in the vendor dashboard or query it programmatically via the REST API for integration with your analytics or billing systems.

When a license passes its expiration date, the status automatically changes to 'expired' and the customer can no longer pull images from that product's repositories. Existing pulled images on their machines continue to work, but new pulls are blocked.

Yes. The Vendor API provides full programmatic control over products, repositories, customers, licenses, and auth tokens. It uses REST with HTTP Basic authentication and returns JSON. Interactive documentation is available at the API Explorer.

Breakwater can work with your existing registry infrastructure. Contact us to discuss hosted or bring-your-own-registry deployment options.