db.auth()¶

On this page

Definition
Syntax
Behavior
Example

Definition¶

db.auth()¶: Allows a user to authenticate to the database from within the shell.

Tip

Starting in version 4.2 of the mongo shell, you can use the passwordPrompt() method in conjunction with various user authentication/management methods/commands to prompt for the password instead of specifying the password directly in the method/command call. However, you can still specify the password directly as you would with earlier versions of the mongo shell.

Starting in MongoDB 4.4, if you use the db.auth(<username>, <password>) syntax and omit the password, the user is prompted to enter a password.

Syntax¶

The db.auth() has the following syntax forms:

`db.auth(<username>, <password>)`¶

MongoDB 4.4
MongoDB 4.2
MongoDB 4.0 and Earlier

Starting in MongoDB 4.4, you can either:

Omit the password to prompt the user to enter a password:
copy
```
db.auth( <username> )
```
Use passwordPrompt() to prompt the user to enter a password:
copy
```
db.auth( <username>, passwordPrompt() )
```
Specify a cleartext password.
copy
```
db.auth( <username>, <password> )
```

Starting in MongoDB 4.2, you can either:

Use passwordPrompt() to prompt the user to enter a password:
copy
```
db.auth( <username>, passwordPrompt() )
```
Specify a cleartext password:
copy
```
db.auth( <username>, <password> )
```

In MongoDB 4.0 and earlier, you must specify a cleartext password:

copy

db.auth( <username>, <password> )

`db.auth(<user document>)`¶

copy

db.auth( {
   user: <username>,
   pwd: passwordPrompt(),   // Or "<cleartext password>"
   mechanism: <authentication mechanism>,
   digestPassword: <boolean>
} )

Parameter	Type	Description
`user`	string	The name of the user with access privileges for this database.
`pwd`	string	The user’s password. The value can be either: the user’s password in cleartext string, or `passwordPrompt()` to prompt for the user’s password. Tip Starting in version 4.2 of the `mongo` shell, you can use the `passwordPrompt()` method in conjunction with various user authentication/management methods/commands to prompt for the password instead of specifying the password directly in the method/command call. However, you can still specify the password directly as you would with earlier versions of the `mongo` shell. When using the user document syntax, you cannot omit the `pwd`.
`mechanism`	string	Optional. The authentication mechanism to use. For available mechanisms, see authentication mechanisms. If unspecified, uses the `isMaster` to determine the SASL mechanism or mechanisms for the specified user. See `saslSupportedMechs`.
`digestPassword`	boolean	Optional. Determines whether or not the supplied password should be pre-hashed before being used with the specified authentication mechanism. For SCRAM-SHA-1, although you may specify `true`, setting this value to `true` does not improve security and may interfere with credentials using other mechanisms. For all other methods, this value must be set to `false` (default value). Any other value will result in authentication failure since those methods do not understand MongoDB pre-hashing. The default value is `false`.

Note

The mongo shell excludes all db.auth() operations from the saved history.

Returns: db.auth() returns 0 when authentication is not successful, and 1 when the operation is successful.

Behavior¶

Client Disconnection¶

Starting in MongoDB 4.2, if the client that issued the db.auth() disconnects before the operation completes, MongoDB marks the db.auth() for termination (i.e. killOp on the operation).

Example¶

Tip

Starting in version 4.2 of the mongo shell, you can use the passwordPrompt() method in conjunction with various user authentication/management methods/commands to prompt for the password instead of specifying the password directly in the method/command call. However, you can still specify the password directly as you would with earlier versions of the mongo shell.

Starting in MongoDB 4.4, if you use the db.auth(<username>, <password>) syntax and omit the password, the user is prompted to enter a password.

Authenticate after Connecting to the Shell¶

To authenticate after connecting the mongo shell, issue db.auth() in the user’s authentication database:

copy

use test
db.auth( "myTestDBUser", passwordPrompt() )

Starting in MongoDB 4.4, you can omit the password value entirely to prompt the user to enter their password:

copy

use test
db.auth( "myTestDBUser" )

Authenticate when Connecting to the Shell¶

Alternatively, you can use the mongo shell’s command-line options --username, --password, --authenticationDatabase, and --authenticationMechanism to specify authentication credentials when connecting the mongo shell:

copy

mongo --username "myTestDBUser" --password --authenticationDatabase test --authenticationMechanism SCRAM-SHA-256

← User Management Methods db.changeUserPassword() →

db.auth()¶

Definition¶

Syntax¶

db.auth(<username>, <password>)¶

db.auth(<user document>)¶

Behavior¶

Client Disconnection¶

Example¶

Authenticate after Connecting to the Shell¶

Authenticate when Connecting to the Shell¶

`db.auth(<username>, <password>)`¶

`db.auth(<user document>)`¶