All that You need to know about Authentication in MongoDB:
In this Free MongoDB training course, we discussed User creation and Assigning roles in MongoDB in our previous tutorial.
In this tutorial, we will take an in-depth look at User Authentication in MongoDB.
It is a process by which MongoDB identifies which client is valid and connected. MongoDB has to authenticate the user to provide access to any collection.
Authorization and authentication are almost closely connected. The authorization allows access to resources and authentication validates the user information.
We can authenticate the user with the help of username and password which is associated with database instance. But before this, we have to build a relationship of the user with database collection.
Table of Contents:
Create User
Before starting authentication, we need to create a user who has all access to the current database. After creating the user we can authenticate that user according to the instance of the database.
From the following code, we can create a user for the admin database.
Syntax
db.createUser(user, writeConcern)
- user – It is the type of document and contains authentication regarding the user information which you want to insert within the system.
- writeConcern – It is the level of permission which is used to write something on physical memory.
Code
use admin db.createUser( { user: " AdminSTH", pwd: " AdminSTH", customData: { employeeId: 12345 }, roles: [ { role: "clusterAdmin", db: "admin" }, { role: "readAnyDatabase", db: "admin" }, "readWrite"] }, { w: "majority" , wtimeout: 5000 } )
The operation gives the following roles to AdminSTH:
- The admin database clusterAdmin and readAnyDatabase roles.
- The readWrite role in the product database.
Authentication
MongoDB provides a method by which we can authenticate any user to an instance of the database. This method requires two parameters, in the first parameter we have to declare the username and in the second parameter, we have to declare the password.
If the user gets authenticated, the resultant answer will be the one and if it is not authenticated then the answer will be zero.
MongoDB provides multiple ways to identify the client and validate its information. The default authentication mechanism is “SCRAM”. MongoDB also supports “LDAP” authentication.
Syntax
db.auth(“username”,”password”)
Code
use admin db.auth(“AdminSTH”,”AdminSTH”)
Figure 1: In Mongo Shell
Figure 2: In Robo 3T
Conclusion
Authentication is the most critical point of view according to the security of MongoDB. It will allow us to validate and verify the information of the user who is connected with the current instance of MongoDB.
If any user has no association with the database collection which is called then the access automatically gets denied.
We discussed two major things in this tutorial. In the first part, we discussed the user and in the second part, we discussed the authentication of the user. Without having a user relationship with the database we cannot authenticate the user.
A code is provided to create a user, by passing the password and username we can authenticate any user in the return response of Boolean.
Check out our upcoming tutorial to know more about Aggregation in MongoDB!!