How to assign authentication mechanism to user in MongoDB

Question

I created a user in MongoDB using

db.createUser({user:"admin", pwd:"admin", role : [{role:"readWrite", db:"someDB"}]});

But I assume this user has been created with the default authentication mechanism. So if I want to authenticate only using, lets say SRAM-SHA-256, I tried doing

db.createUser({user: "test", pwd:"test", role:[{role:"readWrite", db}], mechanisms: [ "SCRAM-SHA-256" ]})

But this doesn't seem to work. It is throwing an error

Error: couldn't add user: "mechanisms" is not a valid argument to createUser

How to do this ? I am using MongoDB version 3.6.18

https://docs.mongodb.com/manual/reference/parameters/#param.authenticationMechanisms — nayakam, May 22 '20 at 08:54

score 1 · Answer 1 · answered May 22 '20 at 09:33

1

You are getting the error because MongoDB version 3.6 doesn't support the mechanisms argument for db.createUser() function, you can check that in MongoDB 3.6 Doc

And also the mechanism SCRAM-SHA-256 you are trying to implement doesn't work in MongoDB 3.6, it was introduced in MongoDB 4.0, you can check that on SCRAM-SHA-1 and SCRAM-SHA-256 DOC

And as written in the latest MongoDB Docs, by default in 3.6 it's SCRAM-SHA-1 and you can't change it.

mechanisms - The default for featureCompatibilityVersion is 3.6 is SCRAM-SHA-1

answered May 22 '20 at 09:33

Puneet Singh

3,477
1
26
39

Oh so do you mean we can only have SCRAM-SHA-1 in 3.6 and not any other mechanisms? – Jackson May 22 '20 at 09:40
Yes, because they added mechanisms in 4.0, and before that by default its was SCRAM-SHA-1 – Puneet Singh May 22 '20 at 09:43
You can bypass this, see https://stackoverflow.com/a/64931171/2182901 – ak1ra Nov 20 '20 at 14:25

How to assign authentication mechanism to user in MongoDB

1 Answers1