X.509 Authentication for Database Users

Use the following endpoints to manage database users who authenticate using X.509 certificates. You can manage these X.509 certificates or let Atlas do it for you.

AtlasAtlas manages your Certificate Authority and can generate certificates for your database users. No additional X.509 configuration is required.
CustomerYou must provide a Certificate Authority and generate certificates for your database users. To learn more about managing X.509, see Self-Managed X.509.
Info With Circle IconCreated with Sketch.Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

You must have the Atlas admin role to use these endpoints.

GET/groups/{GROUP-ID}/databaseUsers/{USERNAME}/certsGet a list of all Atlas-managed, unexpired certificates for a user.
POST/groups/{GROUP-ID}/databaseUsers/{USERNAME}/certsGenerate an Atlas-managed X.509 certificate for a MongoDB user that authenticates using X.509 certificates. If you are managing your own Certificate Authority in Self-Managed X.509 mode, you are responsible for generating and distributing certificates instead.
GET/groups/{GROUP-ID}/userSecurityGet the current customer-managed X.509 configuration details for an Atlas project.
PATCH/groups/{GROUP-ID}/userSecuritySave a customer-managed X.509 configuration for an Atlas project.
DELETE/groups/{GROUP-ID}/userSecurity/customerX509Clear customer-managed X.509 settings on a project. This disables customer-managed X.509.
Give Feedback