• API >
• API Resources >
• X.509 Authentication for Database Users >
• Save an X.509 Configuration

Save an X.509 Configuration

Saves a customer-managed X.509 configuration for an Atlas project.

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Important

Creating or updating an X.509 configuration triggers a rolling restart.

Required Roles

You must have the Atlas admin role to use this endpoint.

Resource

Note

X.509 configurations and LDAP configurations are managed using the same resource. Requests to the resource will return both configuration objects.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

copy

PATCH /groups/{GROUP-ID}/userSecurity

Request

Path Parameters

Parameter	Type	Necessity	Description
GROUP-ID	string	Required	Identifier for the Atlas project associated with the X.509 configuration.

Query Parameters

The following query parameters are optional:

Query Parameter	Type	Description	Default
pretty	boolean	Displays response in a prettyprint format.	false
envelope	boolean	Specifies whether or not to wrap the response in an envelope.	false

Body Parameters

Name	Type	Description
ldap	object	LDAP configuration for an Atlas project. To learn more about LDAP configuration options, see Save an LDAP Configuration.
customerX509	object	Customer-managed X.509 configuration for an Atlas project.
customerX509.cas	string	PEM string containing one or more customer CAs for database user authentication.

Response

Name	Type	Description
ldap	object	LDAP configuration for an Atlas project. To learn more about LDAP configuration options, see Get Current LDAP Configuration.
customerX509	object	Customer-managed X.509 configuration for an Atlas project.
customerX509.cas	string	PEM string containing one or more customer CAs for database user authentication.

Example

Request

The following example saves a customer-managed X509 configuration.

Important

You may need to replace line breaks with newline characters in your PEM string.

copy

curl --user "{publicApiKey}:{privateApiKey}" --digest \
 --header "Accept: application/json" \
 --header "Content-Type: application/json" \
 --request PATCH "https://cloud.mongodb.com/api/atlas/v1.0/groups/{groupId}/userSecurity?pretty=true" \
 --data '
   {
    "customerX509": {
       "cas": "-----BEGIN CERTIFICATE-----\nMIICwjCCAaoCCQDUd
       +4L8xlyXTANBgkqhkiG9w0BAQsFADAjMQ8wDQYDVQQDDAZy\nb290Q0ExEDAOB
       ...
       y+4IGl7MBfZ\nlpJl7/in79pUyXII907ZJNr6ghIXDbO1luVIXv7yyV13uDiw/
       dA=\n-----END CERTIFICATE-----\n"
     }
   }'

Response

The following partial example shows the JSON document returned:

copy

{
   "ldap" : {},
   "customerX509" : {
     "cas" : "-----BEGIN CERTIFICATE-----\nMIICwjCCAaoCCQDUd
     +4L8xlyXTANBgkqhkiG9w0BAQsFADAjMQ8wDQYDVQQDDAZy\nb290Q0ExEDAOBgN
     ...
     +4IGl7MBfZ\nlpJl7/in79pUyXII907ZJNr6ghIXDbO1luVIXv7yyV13uDiw/
     dA=\n-----END CERTIFICATE-----\n"
   },
}

←   Get Current X.509 Configuration Disable Customer-Managed X.509  →

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.