diff --git a/pkg/client/registry.go b/pkg/client/registry.go
index 2764035f..5780b054 100644
--- a/pkg/client/registry.go
+++ b/pkg/client/registry.go
@@ -1,6 +1,7 @@
 package client
 
 import (
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -35,25 +36,30 @@ func GetRegistryTags(image string) (RawTags, error) {
 	return tags, nil
 }
 
+func basicAuth(username, password string) string {
+	auth := username + ":" + password
+	return base64.StdEncoding.EncodeToString([]byte(auth))
+}
+
 // getRegv2Token retrieves a registry v2 authentication token.
 func getRegv2Token(cl *client.Client, image reference.Named) (string, error) {
 	img := reference.Path(image)
 	tokenURL := "https://auth.docker.io/token"
 	values := fmt.Sprintf("service=registry.docker.io&scope=repository:%s:pull", img)
 
-	username, userOk := os.LookupEnv("DOCKER_USERNAME")
-	password, passOk := os.LookupEnv("DOCKER_PASSWORD")
-	if userOk && passOk {
-		logrus.Debugf("using docker log in credentials for registry token request")
-		values = fmt.Sprintf("%s&grant_type=password&client_id=coopcloud.tech&username=%s&password=%s", values, username, password)
-	}
-
 	fullURL := fmt.Sprintf("%s?%s", tokenURL, values)
 	req, err := retryablehttp.NewRequest("GET", fullURL, nil)
 	if err != nil {
 		return "", err
 	}
 
+	username, userOk := os.LookupEnv("DOCKER_USERNAME")
+	password, passOk := os.LookupEnv("DOCKER_PASSWORD")
+	if userOk && passOk {
+		logrus.Debugf("using docker log in credentials for registry token request")
+		req.Header.Add("Authorization", fmt.Sprintf("Basic %s", basicAuth(username, password)))
+	}
+
 	client := web.NewHTTPRetryClient()
 	res, err := client.Do(req)
 	if err != nil {