MongoDB Users Confusion

Hi. I am brand new to MongoDB and I’m slightly confused. I want to build a simple browser-based game with user accounts. When I signed up for Atlas I created an account, and then I created another account for my MongoDB database. In the documentation there are mentions of creating user accounts and giving those accounts permissions.

My question is if this built in user system is meant only for database administration, or if it’s meant to make it easier to implement “users” in an app, like players wanting to sign up to play a game or use a social media platform. Basically I’m wondering whether or not there are two different concepts of “users” - users that are created with the MongoDB methods that are strictly for database administration, and users that are created and defined by an app developer.

Welcome to the MongoDB Community Forums @Aaron_Dubois!

Yes, database users are distinct from application users.

Database users and roles are used with drivers or clients (including your application or API) that connect directly to your MongoDB deployment for data management or administration. Ideally access to your deployment by database users should be from a limited range of trusted IP addresses.

Application users will login to your application or API and should not have direct access to your MongoDB deployment. Application users will typically be connecting from anywhere on the internet (although your use case may also include restricting IP access) and will likely be using authentication methods like email & password or third party auth via Google, Facebook, Apple ID, etc.

MongoDB Atlas includes MongoDB Realm Application Services which provide User Authentication, Rule-Based Data Access, Cloud Functions, and other features you can use to host your application backend in a cloud environment. MongoDB Realm Users & Authentication are for end user authentication. Realm includes built-in providers for common use cases such as Facebook and Google, and custom providers allow you to integrate any external authentication system.

if your game is purely browser-based, I recommend looking into the Realm Web SDK:

Regards,
Stennie

2 Likes