HTTPS Endpoint Configuration Files

Atlas App Services has reached its end-of-life status and is no longer actively supported by MongoDB. Triggers remain available in the Atlas UI. Refer to the deprecation page for details.

app/
└── https_endpoints/
    ├── config.json
    └── data_api_config.json

Custom HTTPS Endpoint Configuration

Define the configurations for all of your app's custom HTTPS endpoints as an array in https_endpoints/config.json.

[
  {
    "route": "<Endpoint Route Name>",
    "http_method": "<HTTP method>",
    "function_name": "<Endpoint function name",
    "validation_method": "<Authorization scheme>",
    "secret_name": "<Validation Secret Name>",
    "respond_result": <boolean>,
    "fetch_custom_user_data": <boolean>,
    "create_user_on_auth": <boolean>,
    "disabled": <boolean>
  }
]

Field	Description
`route` `string`	The endpoint route.
`http_method` `string`	The type of HTTP method that the endpoint handles. Specify `` to handle all methods with a single endpoint. One of: `"GET"` `"POST"` `"PUT"` `"PATCH"` `"DELETE"` `"DELETE"` `""`
`function_name` `string`	The name of the function associated with the endpoint. The function should use the endpoint function signature.
`validation_method` `string`	The endpoint authorization scheme used to validate incoming requests. One of: `"SECRET_AS_QUERY_PARAM"` `"VERIFY_PAYLOAD"` `"NO_VALIDATION"`
`secret_name` `string`	The name of a secret that contains a string. If `validation_method` is set to `SECRET_AS_QUERY_PARAM` or `VERIFY_PAYLOAD`, this secret is used to authorize requests.
`respond_result` `boolean`	If `true`, the endpoint returns a customizable HTTP response to the client. You configure the response by calling the methods on the Response object. If you do not configure the response, the endpoint returns a `200 - Ok` response with the value returned from the endpont function as the request body. If `false`, requests return a `204 - No Content` response with no data in the body.
`fetch_custom_user_data` `boolean`	If `true`, the authenticated user's custom user data document is available via `context.user.custom_data`. If `false`, the user's custom data is not queried and `context.user.custom_data` is an empty object.
`create_user_on_auth` `boolean`	If `true`, your app automatically creates a new user if the provided user credentials authenticate successfully but aren't associated with an existing user. This setting is useful for apps that integrate with external authentication system through the Custom JWT authentication provider. If a request includes a valid JWT from the external system that doesn't correspond to a registered user, this creates a new user with the JWT as an identity.
`disabled` `boolean`	Enables (`false`) or disables (`true`) the endpoint.

Data API Configuration

Define the configuration for your app's generated Data API endpoints in https_endpoints/data_api_config.json.

{
  "disabled": <boolean>,
  "versions": ["v1"],
  "return_type": "EJSON" | "JSON",
  "create_user_on_auth": <boolean>,
  "run_as_system": <boolean>,
  "run_as_user_id": "<User Account ID>",
  "run_as_user_id_script_source": "<Function Source Code>"
}

Field	Description
`disabled` `boolean`	If `false`, the Data API is not enabled. Generated endpoints will not handle or respond to requests.
`versions` `string[]`	A list of Data API versions that your app supports. The list may include a subset of all possible versions but must list the versions in ascending order. You cannot enable a version other than the most recent version but any previously enabled versions listed here will continue to work. Available Versions: `"v1"`
`return_type` `string`	The data format to use for data returned by endpoints in HTTPS response bodies. One of: `"EJSON"` `"JSON"`
`create_user_on_auth` `boolean`	If `true`, your app automatically creates a new user if the provided user credentials authenticate successfully but aren't associated with an existing user. This setting is useful for apps that integrate with external authentication system through the Custom JWT authentication provider. If a request includes a valid JWT from the external system that doesn't correspond to a registered user, this creates a new user with the JWT as an identity.
`run_as_user_id` `string`	An application user's account ID. If defined, endpoints will always run as the specified user. Cannot be used with `run_as_user_id_script_source`.
`run_as_user_id_script_source` `string`	Stringified source code for a function that returns an application user's account ID. If defined, endpoints execute the function on every request and run as the user with the ID returned from the function. Cannot be used with `run_as_user_id`.

Back

Static Hosting

Log Forwarders