Authentication Mechanisms
- Default Authentication Mechanism
- Specify Authentication Mechanism

Authentication Mechanisms

Note

Starting in version 4.0, MongoDB removes support for the deprecatedMongoDB Challenge-Response (MONGODB-CR) authentication mechanism.

MongoDB supports the following authentication mechanisms:

SCRAM (Default)
x.509 Certificate Authentication.

In addition, MongoDB Enterprise also provides supports for additionalmechanisms. See Enterprise Authentication Mechanisms foradditional mechanisms available in MongoDB Enterprise.

Default Authentication Mechanism

As of MongoDB 3.0, Salted Challenge Response AuthenticationMechanism (SCRAM) is the defaultauthentication mechanism for MongoDB.

Specify Authentication Mechanism

To specify the authentication mechanism to use, set theauthenticationMechanisms parameter for mongod andmongos.

Clients specify the authentication mechanism in the db.auth() method.For the mongo shell and the MongoDB tools, you can also specify theauthentication mechanism from the command line.