Open In App

How to Enable Authentication on MongoDB ?

Last Updated : 21 Jul, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

Authentication is enforced when access control is enabled on a MongoDB deployment, requiring users to identify themselves. Users can only conduct activities that are defined by their roles when visiting a MongoDB deployment with access control enabled.

The following tutorial utilizes the default authentication approach to provide access control on a solo mongo instance. See Authentication Techniques for a list of all supported authentication mechanisms.

Administrator of Users

If access control is enabled, make sure the admin database has a user with the userAdmin or userAdminAnyDatabase roles. This user has the ability to manage users and roles, including the ability to create new users, give or revoke roles to existing users, and create or change custom roles.

Note: The instance of MongoDB uses port 27017 as well as the location of data /var/lib/mongodb. The example presumes the existence of the data directory, i.e., /var/lib/mongodb. And specify a different data directory as appropriate.

To access or alter the database, MongoDB does not require a login or password by default. Mandatory authentication should be enabled and configured.

Follow the commands mentioned below to enable Authentication:

Step 1: Open a Mongo Shell 

mongo

Step 2: The database binstar must be able to read and write to the repository. To establish an administrator user and a service user, run the following commands in the MongoDB shell:

use admin

Step 3: To manage database users, create an administrative user: 

db.createUser({user:'siteUserAdmin', pwd: '<secure password #1>', 
               roles:['userAdminAnyDatabase']})

Step 4: To validate the password, log in as that user:

db.auth('siteUserAdmin', '<secure password #1>')

Step 5: Create a Repository service user:

db.createUser({user:'spandan', pwd: '<secure password #2>', 
               roles:[{db:'binstar', role:'readWrite'}]})

Step 6: In MongoDB, enable required authentication: 

  • Add the auth key to /etc/mongod.conf if you’re using the classic MongoDB configuration format:
auth=true
  • Add the security.authorization key to /etc/mongod.conf if you’re using the current MongoDB configuration format:
security:
    authorization: enabled

Step 7: To reload the settings, restart MongoDB: 

sudo service mongod restart

Step 8: Set the MONGO URL option in the Repository configuration file to mongodb:/username:password@hostname>. 

Step 9: Restart Repository after modifying the configuration file to see the changes take effect.

Exception for localhost

It is possible to create users before or after access control is activated. MongoDB supports a localhost exception if you activate access control before establishing any user. This allows you to establish a user administrator in the admin database. Once a user has been created, you must log in as the user administrator to add other users as needed.


Like Article
Suggest improvement
Previous
Aggregation in MongoDB
Next
Create user and add role in MongoDB
Share your thoughts in the comments

Similar Reads

How to Enable Access Control & Authentication in MongoDB
MongoDB Compass vs MongoDB Atlas
Connect MongoDB Atlas Cluster to MongoDB Compass
MongoDB: An introduction
DataTypes in MongoDB
Connecting MongoDB to Jupyter Notebook
Create a Newsletter Sourcing Data using MongoDB
How to get Distinct Documents from MongoDB using Node.js ?
MongoDB - Comparison Query Operators
MongoDB - Logical Query Operators
author
therebootedcoder
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox