Navigation

Add MongoDB Users

On this page

Create MongoDB users to provide clients access to the clusters in your project. A MongoDB user’s access is determined by the roles assigned to the user. When you create a MongoDB user, the user is added to all clusters in your Atlas project.

To create a new MongoDB user, from the Clusters view, select the Security tab, then click Users, then Add New User.

MongoDB users are separate from Atlas users. MongoDB users have access to MongoDB databases, while Atlas users access to the Atlas application itself.

The available Atlas database user privileges support a subset of MongoDB commands. See Command Limitations in Paid Tier Clusters for more information.

Atlas supports a maximum of 100 MongoDB users per Atlas project.

Important

Atlas rolls back any user modifications not made through the UI or API. You must use the Atlas UI or API to add, modify, or delete MongoDB users on Atlas clusters.

Add MongoDB Users

1

Go to Users view.

To create a new MongoDB user, from the Clusters view, select the Security tab, then Users.

Click Add New User.

2

Enter user information.

Field Description
User Name

The user’s login name. All MongoDB users for Atlas are associated with the admin database; i.e. their authentication database is admin. To access MongoDB, a user provides a username and the name of the authentication database, as well as a password. The authentication database does not determine the user’s roles.

You can assign a user different roles in different databases. For example, you can create a user to have the readWrite role on the test database but only the read role on the production database. The authentication database would still be admin.
User Privileges

You can assign roles in one of the following ways:

  • Select Atlas admin, which provides the user with privileges to administer the Atlas project’s clusters, or
  • Select Read and write to any database, which provides the user with privileges to read and write to any database, or
  • Select Only read any database which provides the user with privileges to read any database, or
  • Click Show Advanced Options and select an individual role/privilege and specify the database. Optionally, for the read and readWrite role, you can also specify a collection. If you do not specify a collection for read and readWrite, the role applies to all collections (excluding some system. collections) in the database.

For information on these privileges, see MongoDB Database User Privileges.

For more information on authorization, see Role-Based Access Control and Built-in Roles in the MongoDB manual.
Password

The user’s password.

Atlas clusters use SCRAM to authenticate MongoDB users.
3

Click Add User.

Modify MongoDB Users

To modify existing users for an Atlas project, from the Clusters view:

  1. Select the Security tab.
  2. Click Users.
  3. Click Edit for the user you want to modify. You can modify the username, the roles assigned to the user, or the user’s password.
  4. Click Update User to save the changes.

You can also modify existing users through the Atlas API. See Create a Database User.

Delete MongoDB Users

To delete existing users for an Atlas project, from the Clusters view:

  1. Select the Security tab.
  2. Click Users.
  3. Click Delete for the user you want to delete.
  4. Click Delete again to confirm.

You can also delete existing users through the Atlas API. See Delete a Database User.

MongoDB Database User Privileges

The following table describes the Atlas Database User Privileges and the MongoDB Built-in Roles or privilege actions they represent.

User Privilege MongoDB Roles or Privileges
Atlas admin
Read and write to any database
Only read any database

See Command Limitations in Paid Tier Clusters for more information on common commands not supported by the current Atlas user privileges.

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.