On this page
Enabling access control on a MongoDB deployment enforces authentication. With access control enabled, users are required to identify themselves and can only perform actions that adhere to the permissions granted by the roles assigned to their user.
If you would like to enable access control for a standalone MongoDB instance, please refer to one of the following resources:
To create additional users, see Create a User.
To manage users, assign roles, and create custom roles, see Manage Users and Roles.