Is it dangerous to expose MongoDB's _id to the frontend?

Question

In general, is it dangerous to expose MongoDB's _id to the frontend (e.g. websites / mobile apps)? Would there be any security concerns?

Does this answer your question? [MongoDB: is it safe to use document's ID "in public"?](https://stackoverflow.com/questions/4587523/mongodb-is-it-safe-to-use-documents-id-in-public) — str, Apr 18 '20 at 07:36
Thanks for the link. So from my understanding, using _id itself it not unsafe. It's only unsafe if you have an insecure system to begin with? (e.g. if there's no authorization and people can access other people's data just by knowing a particular _id) — Donovan So, Apr 18 '20 at 13:21

score -3 · Answer 1 · answered Apr 18 '20 at 07:30

-3

Yes,is it not recommended to expose your MONGODB_id to the any front end

answered Apr 18 '20 at 07:30

Ammar Shabbir

3

Do you have any reasoning or source for that claim? – str Apr 18 '20 at 07:41
A related reference: https://stackoverflow.com/a/44770035/4861760 – Kostas Minaidis Oct 03 '22 at 11:38

1 Answers1