Authentication Mechanisms
MongoDB supports the following authentication mechanisms:
- SCRAM (Default)
- MongoDB Challenge and Response (MONGODB-CR) (Deprecated as of MongoDB 3.6)
- x.509 Certificate Authentication.
In addition, MongoDB Enterprise provides integration with a number of external authentication mechanisms, including Kerberos and LDAP. See Enterprise Authentication Mechanisms for the additional authentication mechanisms supported by MongoDB Enterprise.
Default Authentication Mechanism
Changed in version 3.0.
As of MongoDB 3.0, Salted Challenge Response Authentication Mechanism (SCRAM) is the default authentication mechanism for MongoDB.
Specify Authentication Mechanism
To specify the authentication mechanism to use, set the authenticationMechanisms parameter for mongod and mongos.
Clients specify the authentication mechanism in the db.auth() method. For the mongo shell and the MongoDB tools, you can also specify the authentication mechanism from the command line.