This version of the documentation is archived and no longer supported.

Security Concepts

These documents introduce and address concepts and strategies related to security practices in MongoDB deployments.

Access Control
Control access to MongoDB instances using authentication and authorization.
Inter-Process Authentication
Components of a MongoDB sharded cluster or replica set deployment must be able to authenticate to each other to perform routine internal operations.
Sharded Cluster Security
MongoDB controls access to sharded clusters with key files.
Network Exposure and Security
Discusses potential security risks related to the network and strategies for decreasing possible network-based attack vectors for MongoDB.
Security and MongoDB API Interfaces
Discusses potential risks related to MongoDB’s JavaScript, HTTP and REST interfaces, including strategies to control those risks.