Docs Menu
Docs Home
MongoDB Ops Manager
/ /

Configure MongoDB Agent for Authentication

On this page

  • Prerequisites
  • Configure the MongoDB Agent for Authentication

MongoDB supports the following authentication mechanisms depending on your MongoDB version:

MongoDB Version
Default Authentication Mechanism
4.0 or later
SCRAM authentication mechanisms with the SHA-256 and SHA-1 hash functions. SCRAM-SHA-1 (RFC 5802) and SCRAM-SHA-256 (RFC 7677) are IETF standards that define best practice methods for implementation of challenge-response mechanisms for authenticating users with passwords.
3.0 to 3.6
SCRAM authentication mechanism with``SHA-1`` hash function.
2.6 or earlier
MongoDB Challenge and Response (MONGODB-CR). MONGODB-CR is a challenge-response mechanism that authenticates users through passwords.

The MongoDB Agent interacts with the MongoDB databases in your deployment as a MongoDB user would. As a result, you must configure your MongoDB deployment and the MongoDB Agent to support authentication.

You can specify the deployment's authentication mechanisms when adding the deployment, or you can edit the settings for an existing deployment. At minimum, the deployment must enable the authentication mechanism you want the MongoDB Agent to use. The MongoDB Agent can use any supported authentication mechanism.

The MongoDB Agent can use SCRAM-SHA-1 or SCRAM-SHA-256 to authenticate to hosts that enforce access control.


With Automation, Ops Manager manages MongoDB Agent authentication for you. To learn more about authentication, see Enable Username and Password Authentication for your Ops Manager Project.

← Configure the MongoDB Agent for Access Control