• Security >
• Security Tutorials >
• Access Control Tutorials >
• Enable Authentication

Enable Authentication

Enable authentication using the auth or keyFile settings. Use auth for standalone instances, and keyFile with replica sets and sharded clusters. keyFile implies auth and allows members of a MongoDB deployment to authenticate internally.

Authentication requires at least one administrator user in the admin database. You can create the user before enabling authentication or after enabling authentication.

See also

Deploy MongoDB with Kerberos Authentication.

Procedures

You can enable authentication using either of the following procedures:

Create the Administrator Credentials and then Enable Authentication

1. Start the mongod or mongos instance without the auth or keyFile setting.
2. Create the administrator user as described in Create a User Administrator.
3. Re-start the mongod or mongos instance with the auth or keyFile setting.

Enable Authentication and then Create Administrator

1. Start the mongod or mongos instance with the auth or keyFile setting.
2. Connect to the instance on the same system so that you can authenticate using the localhost exception.
3. Create the administrator user as described in Create a User Administrator.

Query Authenticated Users

If you have the userAdmin or userAdminAnyDatabase role on a database, you can query authenticated users in that database with the following operation:

copy

db.system.users.find()

←   Access Control Tutorials Create a User Administrator  →

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.