Skip to content
Latchkey

podman logout: Clear Registry Credentials

podman logout deletes the cached credentials for a registry so they are not reused or left behind.

A tidy CI job logs out at the end so no auth token lingers on a shared or cached runner. podman logout --all wipes every stored credential.

What it does

podman logout removes the saved credentials for the named registry from the auth file. With --all it clears credentials for every registry. It is the cleanup counterpart to podman login.

Common usage

Terminal
podman logout ghcr.io
podman logout --all
podman logout --authfile /tmp/auth.json registry.example.com

Options

FlagWhat it does
<registry>Registry to log out of
-a, --allRemove credentials for all registries
--authfile <path>Operate on a specific auth file

In CI

On persistent or cached self-hosted runners, run podman logout --all (or delete the job-scoped --authfile) at the end so a later job cannot reuse this job credentials. On ephemeral runners it is optional but harmless.

Common errors in CI

"Error: not logged into <registry>: existing credentials not found" means there was nothing cached for that host, often because login wrote to a different --authfile than logout is reading. Point both at the same file. Logging out does not invalidate the token itself; rotate the secret if it may have leaked.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →