MongoDB Queryable Encryption Expands Search Power

Alex Bauer and Joel Odom
September 17, 2025

Today, MongoDB is expanding the power of Queryable Encryption by introducing support for prefix, suffix, and substring queries. Now in public preview, these capabilities extend the technology beyond equality and range queries, unlocking broader use cases for secure, expressive search on encrypted data.

Developed by the MongoDB Cryptography Research Group, Queryable Encryption is a groundbreaking, industry-first in use encryption technology. It enables customers to encrypt sensitive application data, store it in encrypted form in the MongoDB database, and perform expressive queries directly on that encrypted data.

This release provides organizations with the tools to perform flexible text searches on encrypted data, such as matching partial names, keywords, or identifiers, without ever exposing the underlying information. This helps strengthen data protection, simplify compliance, and remove the need for complex workarounds such as external search indexes, all without any changes to the application code.

With support for prefix, suffix, and substring queries, Queryable Encryption enables organizations to protect sensitive data throughout its lifecycle: at rest, in transit, and in use. As a result, teams can build secure, privacy-preserving applications without compromising functionality or performance. Queryable Encryption is available at no additional cost in MongoDB Atlas, Enterprise Advanced, and Community Edition.

Encryption: Securing data across its lifecycle

Many organizations must store and search sensitive data, such as personally identifiable information (PII) like names, Social Security numbers, or medical details, to power their applications. Implementing this securely presents real challenges. Encrypting data at rest and in transit is widely adopted and table stakes. However, encrypting data while it is actively being used, known as encryption in use, has historically been much harder to realize.

The dilemma is that traditional encryption makes data unreadable, preventing databases from running queries without first decrypting it. For instance, a healthcare provider may need to find all patients with diagnoses that include the word “diabetes.” However, without decrypting the medical records, the database cannot search for that term.

To work around this, many organizations either leave sensitive fields unencrypted or use complex and less secure workarounds, such as building separate search indexes. Both approaches add operational overhead and increase the risk of unauthorized access. They also make it harder to comply with regulations like the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), or General Data Protection Regulation (GDPR), where violations can carry significant fines.

To fully protect sensitive data and meet compliance requirements, organizations need the ability to encrypt data in use, in transit, and at rest without compromising operational efficiency.

Building secure applications with fewer tradeoffs

MongoDB Queryable Encryption solves this quandary. It protects sensitive data while eliminating the tradeoff between security and development velocity. Organizations can encrypt sensitive data, such as personally identifiable information (PII) or protected health information (PHI), while still running queries directly on that data without exposing it to the database server.

With support for prefix, suffix, and substring queries (in public preview), Queryable Encryption enables MongoDB applications to encrypt sensitive fields such as names, email addresses, notes, and ID numbers while still performing native partial-match searches on encrypted data. This eliminates the impasse between protecting sensitive information and enabling essential application functionality.

For business leaders, Queryable Encryption strengthens data protection, supports compliance requirements, and reduces the risk of data exposure. This helps safeguard reputation, avoid costly fines, and eliminate the need for complex third-party solutions. For developers, advanced encrypted search is built directly into MongoDB’s query language. This eliminates the need for code changes, external indexes, or client-side workarounds while simplifying architectures and reducing overhead.

Some examples of what organizations can now achieve:

PII Search for compliance and usability: Regulations such as GDPR and HIPAA mandate strict privacy of personal information. With prefix queries, teams can retrieve users by last name or email prefix while ensuring the underlying data remains encrypted. This makes compliance easier without reducing search functionality.

Keyword filtering in support workflows: Customer service notes often contain sensitive details in free-text fields. With substring query support, teams can search encrypted notes for specific keywords, e.g. “refund,” “escalation,” or “urgent”. This is possible without exposing the contents of those notes.

Secure ID validation: Identity workflows often rely on partial identifiers such as the last digits of a Social Security Number in the U.S., a National Insurance Number in the UK, or an Aadhaar Number in India. Suffix queries enable these lookups on encrypted fields without revealing full values. This reduces the risk of data leaks in regulated environments.

Case management for public agencies: Case numbers and reference IDs in public sector applications often follow structured formats. Now agencies can securely retrieve records using a prefix query based on region- or office-based prefixes without exposing sensitive case metadata, e.g. “NYC-” or “EUR-”.

Note: This functionality is in public preview. Therefore, MongoDB recommends that these new Queryable Encryption features not be used for production workloads until they are generally available in 2026. MongoDB wants to build and improve Queryable Encryption with customer needs and use cases in mind. As General Availability approaches, customers are encouraged to contact their account team or share feedback through the MongoDB Feedback Engine.

Robust data protection at every stage

MongoDB offers unmatched protection for sensitive data throughout its entire lifecycle with Queryable Encryption. This includes data in transit, at rest, or in use. With the addition of prefix, suffix, and substring query support, Queryable Encryption meets even more of the demands of modern applications, unlocking new use cases.

To learn more about Queryable Encryption and how it works, explore the features documentation page. To get started using Queryable Encryption, read the Quick Start Guide.

← Previous

Supercharge Self-Managed Apps With Search and Vector Search Capabilities

MongoDB is excited to announce the public preview of search and vector search capabilities for use with MongoDB Community Edition and MongoDB Enterprise Server. These new capabilities empower developers to prototype, iterate, and build sophisticated, AI-powered applications directly in self-managed environments with robust search functionality. Versatility is one of the reasons why developers love MongoDB. MongoDB can run anywhere. 1 This includes local setups where many developers kickstart their MongoDB journey, to the largest enterprise data centers when it is time to scale, and MongoDB’s fully managed cloud service, MongoDB Atlas . Regardless of where development takes place, MongoDB effortlessly integrates with any developer's workflow. MongoDB Community Edition is the free, source-available version of MongoDB that millions of developers use to learn, test, and grow their skills. MongoDB Enterprise Server is the commercial version of MongoDB’s core database. It offers additional enterprise-grade features for companies that prefer to self-manage their deployments on-premises or in public, private, or hybrid cloud environments. With native search and vector search capabilities now available for use with Community Edition and Enterprise Server, MongoDB aims to deliver a simpler and consistent experience for building great applications wherever they are deployed. What is search and vector search? Similar to the offerings in MongoDB Atlas, MongoDB Community Edition and MongoDB Enterprise Server now support two distinct yet complementary search capabilities: Full-text search is an embedded capability that delivers a seamless, scalable experience for building relevance-based app features. Vector search enables developers to build intelligent applications powered by semantic search and generative AI using native, full-featured vector database capabilities. There are no functional limitations on the core search aggregation stages in this public preview. Therefore, $search , $searchMeta , and $vectorSearch are all supported with functional parity to what is available in Atlas, excluding features in a preview state. For more information, check out the search and vector search documentation pages. Solving developer challenges with integrated search Historically, integrating advanced search features into self-managed applications often required bolting on external search engines or vector databases to MongoDB. This approach created friction at every stage for developers and organizations, leading to: Architectural complexity: Managing and synchronizing data across multiple, disparate systems added layers of complexity, demanded additional skills, and complicated development workflows. Operational overhead: Handling separate provisioning, security, upgrades, and monitoring for each system placed a heavy load on DevOps teams. Decreased developer productivity: Developers are forced to learn and use different query APIs and languages for both the database and the search engine. This resulted in frequent context switching, steeper learning curves, and slower release cycles. Consistency challenges: Aligning the primary database with separate search or vector indexes risked producing out-of-sync results. Despite promotions of transactional guarantees and data consistency, these indexes were only eventually consistent. This led to incomplete results in rapidly changing environments. With search and vector search now integrated into MongoDB Community Edition and MongoDB Enterprise Server, these trade–offs disappear. Developers can now create powerful search capabilities using MongoDB's familiar query framework, removing the synchronization burden and the need to manage multiple single-purpose systems. This release simplifies data architecture, reduces operational overhead, and accelerates application development. With these capabilities, developers can harness sophisticated out-of-the-box capabilities to build a variety of powerful applications. Potential use cases include: table, th, td { border: 1px solid black; border-collapse: collapse; } th, td { padding: 5px; } Use Case Description Keyword/Full-text search Autocomplete and fuzzy search Create real-time suggestions and correct spelling errors as users type, improving the search experience Search faceting Apply quick filtering options in applications like e-commerce, so users can narrow down search results based on categories, price ranges, and more Internal search tools Build search tools for internal use or for applications with sensitive data that require on-premises deployment Vector search AI-powered semantic search Implement semantic search and recommendation systems to provide more relevant results than traditional keyword matching Retrieval-augmented generation (RAG) Use search to retrieve factual data from a knowledge base to bring accurate, context-aware data into large language model (LLM) applications AI agents Create agents that utilize tools to collect context, communicate with external systems, and execute actions Hybrid search Hybrid search Combine keyword and vector search techniques Data processing Text analysis Perform text analysis directly in the MongoDB database MongoDB offers native integrations with frameworks such as LangChain , LangGraph , and LlamaIndex . This streamlines workflows, accelerates development, and embeds RAG or agentic features directly into applications. To learn more about other AI frameworks supported by MongoDB, check out this documentation . MongoDB’s partners and champions are already experiencing the benefits from utilizing search and vector search across a wider range of environments: “We’re thrilled that MongoDB search and vector search are now accessible in the already popular MongoDB Community Edition. Now our customers can leverage MongoDB and LangChain in either deployment mode and in their preferred environment to build cutting-edge LLM applications.”—Harrison Chase, CEO, LangChain. “MongoDB has helped Clarifresh build awesome software, and I’ve always been impressed with its rock-solid foundations. With search and vector search capabilities now available in MongoDB Community Edition, we gain the confidence of accessible source code, the flexibility to deploy anywhere, and the promise of community-driven extensibility. It’s an exciting milestone that reaffirms MongoDB’s commitment to developers.”—Luke Thompson, MongoDB Champion, Clarifresh. “We’re excited about the next interaction of search experiences in MongoDB Community Edition. Our customers want the highest flexibility to be able to run their search and gen AI-enabled applications, and bringing this functionality to Community unlocks a whole new way to build and test anywhere.”—Jerry Liu, CEO, LlamaIndex. “Participating in the Private Preview of Full-text and Vector Search for MongoDB Community has been an exciting opportunity. Having $search, $searchMeta, and $vectorSearch directly in Community Edition brings the same powerful capabilities we use in Atlas—without additional systems or integrations. Even in early preview, it’s already streamlining workflows and producing faster, more relevant results.”—Michael Höller, MongoDB Champion, akazia Consulting. Accessing the public preview The public preview is available for free and is intended for testing, evaluation, and feedback purposes only. Search and Vector Search with MongoDB Community Edition. The new capabilities are compatible with MongoDB version 8.2+, and operate on a separate binary, mongot, which interacts with the standard mongod database binary. To get started, ensure that: A MongoDB Community Server cluster is running using one of the following three methods: Download MongoDB Community Server version 8.2 from the MongoDB Downloads page . As of public preview, this feature is available for self-managed deployments on supported Linux distributions and architectures for MongoDB Community Edition version 8.2+. Download the ```mongot``` binary from the MongoDB Downloads page . Pull the container image for Community Server 8.2 from a public Docker Hub repository . Coming soon: Deploy using the MongoDB Controllers for Kubernetes Operator (Search Support for Community Server is planned for version 1.5+ ). Search and Vector Search for use with MongoDB Enterprise Server . The new capabilities are deployed as self-managed search nodes in a customer's Kubernetes environment. This will seamlessly connect to any MongoDB Enterprise Server clusters, residing inside or outside Kubernetes itself. To get started, ensure that: A MongoDB Enterprise Server cluster is running. version 8.0.10+ (for MongoDB Controllers for Kubernetes operator 1.4). version 8.2+ (for MongoDB Controllers for Kubernetes operator 1.5+). A Kubernetes environment. The MongoDB Controllers for Kubernetes Operator are installed in the Kubernetes cluster. Find installation instructions here . Comprehensive documentation for setup for MongoDB Community Edition and MongoDB Enterprise Server is also available. What's next? During the public preview, MongoDB will deliver additional updates and roadmap features based on customer feedback. After the public preview, these search and vector search capabilities are anticipated to be generally available for use with on-premise deployments. For Community Edition, these capabilities will be available at no additional cost as part of the Server Side Public License (SSPL) . For MongoDB Enterprise Server, these capabilities will be included in a new paid subscription offering that will launch in the future. Pricing and packaging details for the subscription will be available closer to launch. For developers seeking a fully managed experience in the cloud, MongoDB Atlas offers a production-ready version of these capabilities today. MongoDB would love to hear feedback! Suggest new features or vote on existing ideas at feedback.mongodb.com . The input is critical for shaping the future of this product. Users can contact their MongoDB account team to provide more comprehensive feedback. Check out MongoDB’s documentation to learn how to get started with Search and Vector Search in MongoDB Community Edition and MongoDB Enterprise Server . 1 MongoDB can be deployed as a fully managed multi-cloud service across all major public cloud providers, in private clouds, locally, on-premesis and hybrid environments.

September 17, 2025

Next →

The Future of AI Software Development is Agentic

Today in New York, our flagship MongoDB.local event is bringing together thousands of developers and tech leaders to discuss the future of building with MongoDB. Among the many exciting innovations and product announcements shared during the event, one theme has stood out: empowering developers to reliably build with AI and create AI solutions at scale on MongoDB. This post will explore how these advancements are set to accelerate developer productivity in the AI era. Ship faster with the MongoDB MCP Server Software development is rapidly evolving with AI tools powered by large language models (LLMs). From AI-driven editors like VS Code with GitHub Copilot and Windsurf, to terminal-based coding agents like Claude Code, these tools are transforming how developers work. While these tools bring tremendous productivity gains already, coding agents are still limited by the context they have. Since databases hold the core of most application-related data, access to configuration details, schemas, and sample data from databases is essential for generating accurate code and optimized queries. With Anthropic’s introduction of the Model Context Protocol (MCP) in November 2024, a new way emerged to connect AI agents with data sources and services. Database connection and interaction quickly became one of the most popular use cases for MCP in agentic coding. Today, we’re excited to announce the general availability (GA) of the MongoDB MCP Server, giving AI assistants and agents access to the context they need to explore, manage, and generate better code with MongoDB. Building on our public preview used by thousands of developers, the GA release introduces key capabilities to strengthen production readiness: Enterprise-grade authentication (OIDC, LDAP, Kerberos) and proxy connectivity. Self-hosted remote deployment support, enabling shared deployments across teams, streamlined setup, and centralized configuration. Note that we recommend following security best practices , such as implementing authentication for remote deployments. Accessible as a bundle with the MongoDB for VS Code extension , it delivers a complete experience: visually explore your database with the extension or interact with the same connection through your AI assistant, all without switching context. Figure 1. Overview of the MongoDB MCP Server. Meeting developers where they are with n8n and CrewAI integrations AI is transforming how developers build with MongoDB, not just in coding workflows, but also in creating AI applications and agents. From retrieval-augmented generation (RAG) to powering agent memory, these systems demand a database that can handle diverse data types—such as unstructured text (e.g., messages, code, documents), vectors, and graphs—all while supporting comprehensive retrieval mechanisms at scale like vector and hybrid search. MongoDB delivers this in a single, unified platform: the flexible document model supports the varied data agents need to store, while advanced, natively integrated search capabilities eliminate the need for separate vector databases. With Voyage AI by MongoDB providing state-of-the-art embedding models and rerankers, developers get a complete foundation for building intelligent agents without added infrastructure complexity. As part of our commitment to making MongoDB as easy to use as possible, we’re excited to announce new integrations with n8n and CrewAI . n8n has emerged as one of the most popular platforms for building AI solutions, thanks to its visual interface and out-of-the-box components that make it simple and accessible to create reliable AI workflows. This integration adds official support for MongoDB Atlas Vector Search , enabling developers to build RAG and agentic RAG systems through a flexible, visual interface. It also introduces an agent chat memory node for n8n agents, allowing conversations to persist by storing message history in MongoDB. Figure 2. Example workflow with n8n and MongoDB powering an AI agent. Meanwhile, CrewAI—a fast-growing open-source framework for building and orchestrating AI agents—makes multi-agent collaboration more accessible to developers. As AI agents take on increasingly complex and productive workflows such as online research, report writing, and enterprise document analysis, multiple specialized agents need to interact and delegate tasks with each other effectively. CrewAI provides an easy and approachable way to build such multi-agent systems. Our official integration adds support for MongoDB Atlas Vector Search , empowering developers to build agents that leverage RAG at scale. Learn how to implement agentic RAG with MongoDB Atlas and CrewAI. The future is agentic AI is fundamentally reshaping the entire software development lifecycle, including for developers building with MongoDB. New technology like the MongoDB MCP Server is paving the way for database-aware agentic coding, representing the future of software development. At the same time, we’re committed to meeting developers where they are: integrating our capabilities into their favorite frameworks and tools so they can benefit from MongoDB’s reliability and scalability to build AI apps and agents with ease. Start building your applications with the MongoDB MCP Server today by following the Get Started guide . Visit the AI Learning Hub to learn more about building AI applications with MongoDB.

September 17, 2025