MONGODB-CR is a challenge-response mechanism that authenticates users through passwords. MONGODB-CR verifies supplied user credentials against the user’s name, password and authentication database. The authentication database is the database where the user was created, and the user’s database and the user’s name together serve to identify the user.


Changed in version 3.0.

MongoDB no longer defaults to MONGODB-CR and instead uses SCRAM-SHA-1 as the default authentication mechanism.

Even when using the MONGODB-CR authentication mechanism, clients and drivers that support MongoDB 3.0 features (see Driver Compatibility Changes) will use the SCRAM communication protocol. That is, MONGODB-CR authentication mechanism also implies SCRAM-SHA-1.

←   SCRAM-SHA-1 x.509  →