Security Reference

The following lists the security related methods available in the mongo shell as well as additional security reference material.

Security Methods in the mongo Shell

User Management and Authentication Methods

Name Description
db.auth() Authenticates a user to a database.
db.changeUserPassword() Changes an existing user’s password.
db.createUser() Creates a new user.
db.dropUser() Removes a single user.
db.dropAllUsers() Deletes all users associated with a database.
db.getUser() Returns information about the specified user.
db.getUsers() Returns information about all users associated with a database.
db.grantRolesToUser() Grants a role and its privileges to a user.
db.removeUser() Deprecated. Removes a user from a database.
db.revokeRolesFromUser() Removes a role from a user.
db.updateUser() Updates user data.

Role Management Methods

Name Description
db.createRole() Creates a role and specifies its privileges.
db.dropRole() Deletes a user-defined role.
db.dropAllRoles() Deletes all user-defined roles associated with a database.
db.getRole() Returns information for the specified role.
db.getRoles() Returns information for all the user-defined roles in a database.
db.grantPrivilegesToRole() Assigns privileges to a user-defined role.
db.revokePrivilegesFromRole() Removes the specified privileges from a user-defined role.
db.grantRolesToRole() Specifies roles from which a user-defined role inherits privileges.
db.revokeRolesFromRole() Removes inherited roles from a role.
db.updateRole() Updates a user-defined role.

Security Reference Documentation

Built-In Roles
Reference on MongoDB provided roles and corresponding access.
system.roles Collection
Describes the content of the collection that stores user-defined roles.
system.users Collection
Describes the content of the collection that stores users’ credentials and role assignments.
Resource Document
Describes the resource document for roles.
Privilege Actions
List of the actions available for privileges.
System Event Audit Messages
Reference on system event audit messages.