Database Users


Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Base URL:

The databaseUsers resource lets you retrieve, create and modify the MongoDB users in your cluster. Each user has a set of roles that provide access to the project’s databases. A user’s roles apply to all the clusters in the project: if two clusters have a products database and a user has a role granting read access on the products database, the user has that access on both clusters.


If a MongoDB user is assigned a custom role, they cannot be assigned any other roles.

Each user also has a username, password, and authentication database used to log into MongoDB. Atlas deployments of MongoDB use admin as the authentication database for all users. The authentication database does not determine a user’s roles.

The databaseUsers resource supports creating temporary database users that automatically expire within a user-configurable 7-day period.

Atlas audits the creation, deletion, and updates of MongoDB users in the project’s Activity Feed. Atlas audits actions pertaining to both temporary and non-temporary database users. To view the project’s Activity Feed, click Alerts in the left navigation pane and select the All Activity tab. For more information on the project Activity Feed, see View All Activity.

The databaseUsers resource requires your Project ID.

Method Endpoint Description
GET /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers Get all users in the project.
GET /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers/admin/{USERNAME} Get a single user in the project.
POST /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers Create a user for the project.
PATCH /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers/admin/{USERNAME} Update a user for the project.
DELETE /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers/admin/{USERNAME} Delete a user for the project.