MongoDB

MongoDB Create User

2 years ago
by Saeed Raza
We can create new database users in MongoDB. Every MongoDB user is assigned only the data required for their operation. In MongoDB, a role offers access to the appropriate operations on a particular resource. The createUser() method in MongoDB is used to create users. This procedure creates a new database user. If the requested user already exists in the database, this method will throw an exception. The method db.createUser() is a MongoDB internal method for generating new users. MongoDB users, unlike typical SQL databases, are bound to an Authentication Database.

Syntax of the Create user in MongoDB in Ubuntu 20.04?

The syntax for the db.createUser() procedure is as follows:

                             db.createUser(user, writeConcern)
  • user: It has information about the user’s authentication and access. It’s only a piece of paper.
  • writeConcern: The fields required by the writeConcern document are the same as those required by the getLastError command.

The user document includes the following fields about the user:

{ user: "<user_name>",
  pwd: "<password>",
  customData: { <data> },
  roles: [
    { role: "<role>", db: "<database>" },
    ...
  ]
}
  • user: This is the name of the user that we want to create.
  • pwd: Password set for the user. This field is not necessary if you use this technique on the external database to form a user whose details are stored externally. This field’s value can be a string or a passwordPrompt().
  • customData: Associative data from users. this field is optional.
  • roles: A user’s permissions or access level. Just like giving an empty array[], we can however create a user without a role. You can use pre-defined roles or create your own to use the db.createRole(role, writeConcern) method in this field. Alternatively, we can include a document with the role and database information. When the role is defined in a different database, this method is typically employed.
  • authenticationRestrictions: The user’s authentication permission. This field is optional too.
  • mechanisms: It’s used to define the SCRM methods (or mechanisms for generating SCRM user credentials). It is not required as it’s an optional field.
  • passwordDigestor: It’s used to see if the password has been digested by the server or the client. It is also optional.

Key points of the create user in MongoDB in Ubuntu 20.04:

The following are some key considerations to create the users in MongoDB:

  • The admin user must be the initial user created in a MongoDB database. The user admin has full control over all of the users. Additionally, creating users in the database server is not permitted.
  • Without any encryption, db.createUser() sends the passwords and other credentials to the MongoDB instance. TLS/SSL should be used for encryption of the password during transmission.

Example 1: Create an administrative user in MongoDB in Ubuntu 20.04:

Consider the following case to better understand this concept:

We must first construct a database in the MongoDB shell before we can create a user. Then, we have the db.createUser function for creating the user in the given database. Inside the db.createUser function, we have a username as “Saeed_Raza1”, pwd is “Saeed123”. The roles are specified with the “read” access to the config database.

On entering the above create user query in the mongo shell, the user is created successfully as follows:

Example 2: Create a user without a role in MongoDB in Ubuntu 20.04:

We could create a user in MongoDB with no roles by passing an empty array[] to the role field in the createUser() method.

Here, we have a db.createUser() function with the username and pwd for the specified database and the roles field is empty.

Hence, the user is successfully created without a role following the shell screen.

Example 3: Create a user with specifying role in MongoDB in Ubuntu 20.04:

The createUser() method in MongoDB can be used to make a user with certain roles. We can describe the responsibilities that the user will perform after they have been created with this approach. Check out the following instance to showcase this concept:

We have given a username, pwd, and the roles in the db.createUser() function. The roles are specified with the readWrite and dbAdmin.

readWrite Role: That role has all of the read privileges as well as the ability to edit information on all non-system datasets.

dbAdmin Role: This role grants the user the ability to execute administrative duties like schema-related chores and indexing. It does not give access to User and Role Management.

The user is added successfully with specifying roles as follows:

Example 4: Create a user with authentication constraints in MongoDB in Ubuntu 20.04:

Authentication in MongoDB is a method that determines whether the user or client working to identify the database is authorized or not. If the client is recognized, they can connect to the server. We can also use the createUser() procedure to create a user with authorization limitations by setting the value of the authenticationRestrictions field. This field comprises the following fields that provide the user’s authentication permission:

clientSource: If this field has a value, the system validates the client IP address by verifying the IP address or CIDR domain in the list when a user authenticates. If the client IP is found in the list, the server will authenticate the user. Otherwise, the server will not.

serverAddress: It’s a list of IPs or CIDR ranges that a client can connect to. If this field’s value is contained in the list, the server verifies the client connection. If the connection exists using an unrecognized IP address, the server doesn’t at all authorize the user.

In the admin database, we’ve established a new user. Username, pwd, and roles are all part of the db.createUser() function. Then, we have set the authenticationRestriction field where the IPs of clientsource and serverAddress are set. This means that the user only authenticates if connecting from 192.168.75.9 to this server’s IP address of 198.157.86.5.

The output is showing the user is added as follows:

Example 5: Drop a user created in MongoDB in Ubuntu 20.04:

We may also drop a user in MongoDB by using the dropUser() method. This function returns true if the user is terminated. Meanwhile, it returns false.

We have given a user name “Saeed_Raza5” from the above-created user in the db.dropUser() function and it returns true which means the user is deleted successfully.

Conclusion:

We have seen how to create MongoDB users in this guide. We have explained the syntax for creating the user in MongoDB and also demonstrate the functionality of the parameters used in the db.createUser method. After that, we have some examples of creating a user in the database of MongoDB in unique ways and also illustrate the way to drop the created user in MongoDB.

About the author

Saeed Raza

Hello geeks! I am here to guide you about your tech-related issues. My expertise revolves around Linux, Databases & Programming. Additionally, I am practicing law in Pakistan. Cheers to all of you.

View all posts