Security Reference

The following lists the security related methods available in the mongo shell as well as additional security reference material.

Security Methods in the mongo Shell

User Management and Authentication Methods

Name Description
db.auth() Authenticates a user to a database.
db.createUser() Creates a new user.
db.updateUser() Updates user data.
db.changeUserPassword() Changes an existing user’s password.
db.removeUser() Deprecated. Removes a user from a database.
db.dropAllUsers() Deletes all users associated with a database.
db.dropUser() Removes a single user.
db.grantRolesToUser() Grants a role and its privileges to a user.
db.revokeRolesFromUser() Removes a role from a user.
db.getUser() Returns information about the specified user.
db.getUsers() Returns information about all users associated with a database.

Role Management Methods

Name Description
db.createRole() Creates a role and specifies its privileges.
db.updateRole() Updates a user-defined role.
db.dropRole() Deletes a user-defined role.
db.dropAllRoles() Deletes all user-defined roles associated with a database.
db.grantPrivilegesToRole() Assigns privileges to a user-defined role.
db.revokePrivilegesFromRole() Removes the specified privileges from a user-defined role.
db.grantRolesToRole() Specifies roles from which a user-defined role inherits privileges.
db.revokeRolesFromRole() Removes inherited roles from a role.
db.getRole() Returns information for the specified role.
db.getRoles() Returns information for all the user-defined roles in a database.

Security Reference Documentation

Built-In Roles
Reference on MongoDB provided roles and corresponding access.
system.roles Collection
Describes the content of the collection that stores user-defined roles.
system.users Collection
Describes the content of the collection that stores users’ credentials and role assignments.
Resource Document
Describes the resource document for roles.
Privilege Actions
List of the actions available for privileges.
System Event Audit Messages
Reference on system event audit messages.