As @chris noted, there are several ways to achieve credential expiry depending on the MongoDB edition you are using (Community, Enterprise, or Atlas).
Password expiration is typically only one aspect of enterprise security requirements which often also include password complexity, password history (to prevent reuse), and account lockout policies.
Auth options with expiry and more advanced policies include:
- x.509 certificates (MongoDB Community, Enterprise, and Atlas)
- LDAP (MongoDB Enterprise and Atlas)
- Kerberos (MongoDB Enterprise and Atlas)
MongoDB Atlas also supports temporary database users which will be deleted after an expiry of up to 1 week. That’s probably not suitable for your requirements, but might be of interest for related use cases.
Regards,
Stennie