MongoDB supports various methods of authentication listed in the table below. Authentication methods are divided between two purposes:
•Client/User authentication: authentication between external clients with MongoDB
•Internal authentication: authentication among members of replica sets and shards
Authentication methods can also be classified based on where the credentials are stored. With internal storage, credentials are stored in the admin database. With external storage, credentials are stored outside of MongoDB in a directory or certificate.
Some authentication methods are available only with the Enterprise edition of MongoDB.
Authentication Purpose |
Name |
Where Stored |
MongoDB Edition |
Comment |
---|---|---|---|---|
Client/User |
Internal |
|||
Client/User |
MONGODB-CR |
Internal |
Obsolete, deprecated |
|
Client/User |
External |
Uses certificates |
||
Client/User |
External |
Enterprise edition only |
Uses a directory |
|
Client/User |
External |
Enterprise edition only |
||
Internal |
Keyfile |
Internal |
Uses a key file |
|
Internal |
Internal |
Uses certificates |
•Authentication with SCRAM-SHA-1 and Keyfile