How Does Authorization Work In MongoDB?

In this tutorial, we will learn How does authorization work in MongoDB where authorization is used to control access to the database and its resources. MongoDB supports role-based access control (RBAC) and provides a number of built-in roles that can be used to control access to various resources.



To understand the Authorization we need to understand certain terms in MongoDB which are as followed here. As authorization is one of the most important way to save the privacy of the data and avoide unauthorized access to the database which make sure if the data is not to be access to you it will not be visible to you.

  1. Role and Users: MongoDB maintains a list of users and roles that are authorized to access the database. Users are authenticated using a username and password, while roles define the level of access that a user has to the database resources.
  2. Authentication: When a user attempts to connect to the database, MongoDB first checks whether the user is authorized to access the database. If the user is authorized, the authentication process continues; otherwise, the connection is refused.
  3. Authorization: After a user is authenticated, MongoDB checks whether the user has the necessary roles to access the requested resources. If the user has the necessary roles, the requested operation is allowed to proceed; otherwise, the operation is denied.
  4. Built-in roles: MongoDB provides several built-in roles that can be used to control access to various resources. These roles include the “read” role, which allows a user to read data from the database, and the “dbAdmin” role, which allows a user to perform administrative tasks on a database.
  5. Custom roles: In addition to the built-in roles, MongoDB also allows you to define custom roles that can be used to control access to specific resources or operations.
  6. Access Control Lists (ACLs): MongoDB also supports Access Control Lists (ACLs), which can be used to specify more granular access control policies. ACLs are defined on a per-database basis and can be used to restrict access to specific collections or documents within a database.

As discussed Authorization is supported in MongoDB as several mechanisms like SCRAM-SHA-1 which stands for Secure Authentication Mechanism – Salted Challenge Response Authentication Mechanism and LDAP which means (Lightweight Directory Access Protocol) and also Kerberos.

To understand these mechanisms better just follow the links given below


To learn more about authorization, Authentication: and different other security terms visit Authentication vs Authorization in MongoDB databases.

To learn more about MongoDB and solutions for the problems faced in MongoDB along with the tutorials and concepts of MongoDB and Keep learning more visit: MongoDB Problems And Tutorials.

Leave a Comment

%d bloggers like this: