Docs Home → Atlas App Services
Define Roles And Permissions
Overview
Atlas App Services uses a strict rules system that prevents all operations unless they are specifically allowed. App Services determines if each operation is allowed dynamically when it receives the request from the client based on roles that you define.
Roles are sets of document-level and field-level CRUD permissions and are chosen individually for each document associated with a query. This guide walks through configuring one or more roles for a collection.
Important
You must define at least one role before you can successfully query a collection.
Important
Sync Rules
This page describes data access rules for clusters where Atlas Device Sync is not enabled. Synced clusters use a different rules model, which takes precedence over non-sync rules. If sync is enabled for a cluster, any non-sync rules defined for the cluster do not apply.
For more information on data access rules for synced clusters, see Sync Rules and Permissions.
Procedure
Note
This guide requires a linked MongoDB Atlas data source. Roles and permissions do not apply to Federated data sources.