Docs Menu

Define Roles And Permissions

On this page

  • Overview
  • Procedure

The MongoDB service uses a strict rules system that prevents all operations unless they are specifically allowed. MongoDB Realm determines if each operation is allowed dynamically when it receives the request from the client based on roles that you define.

Roles are sets of document-level and field-level CRUD permissions and are chosen individually for each document associated with a query. This guide walks through configuring one or more roles for a collection.


You must define at least one role before you can successfully query a collection.

Sync Rules

This page describes data access rules for clusters where Realm Sync is not enabled. Synced clusters use a different rules model, which takes precedence over non-sync rules. If sync is enabled for a cluster, any non-sync rules defined for the cluster do not apply.

For more information on data access rules for synced clusters, see Define Sync Rules.


This guide requires a linked MongoDB Atlas cluster. Roles and permissions do not apply to a linked Data Lake as you can only access a Data Lake from a system function.

On this page

Give Feedback
© 2021 MongoDB, Inc.


  • Careers
  • Legal Notices
  • Privacy Notices
  • Security Information
  • Trust Center
© 2021 MongoDB, Inc.