Navigation

MongoDB Roles and Permissions

When adding rules in Stitch, you first define a Stitch collection that maps to a MongoDB collection, and then you assign roles and permissions to the collection. You can create roles and permissions manually, or you can choose a rules template that you want to use with that collection.

Roles

Stitch roles define a group of users that will have the same read and write access to a document. When creating a role, you specify the name of the role, when the role will be applied, and the document-level and/or field-level permissions that are applied.

UI for adding a new role.

Note

Roles are similar to access control groups. In both cases, they define a group of users who share common access permissions.

Role Permissions

Once a role has been defined at the document level, you can create field-level permissions for the role. For example, if you want users to be able to read an entire document, but only update the name field of that document, you could do the following:

  • Create a role permission for the name field in the document.
  • Set the Write permission on that specific field.
  • Set the Read permission on the All Additional Fields option.
UI for creating a new role permission.

Templates

Templates simplify the process of configuring role permissions for your Stitch collection. Each template is a pre-configured permission set that represents a common use case and data access pattern.

When you select a template, the Role name, Field name for User ID, and initial Role Permissions fields are pre-filled for you. You can then modify the settings to meet your specific needs.

The following templates are available for setting permissions:

  • Users can only read and write their own data
  • Users can read all data, but only write their own data
  • Users can only read all data
  • Users can read and write their own data. Users that belong to a sharing list can read that data

You can also select No template, which sets the Read and Write rules off by default.

To walk through setting up Roles and Permissions, see Adding MongoDB to Your Stitch App.