This version of the documentation is archived and no longer supported.

Security Concepts

These documents introduce and address concepts and strategies related to security practices in MongoDB deployments.

Mechanisms for verifying user and instance access to MongoDB.
Control access to MongoDB instances using authorization.
Collection-Level Access Control
Scope privileges to specific collections.
Network Exposure and Security
Discusses potential security risks related to the network and strategies for decreasing possible network-based attack vectors for MongoDB.
Security and MongoDB API Interfaces
Discusses potential risks related to MongoDB’s JavaScript, HTTP and REST interfaces, including strategies to control those risks.
Audit server and client activity for mongod and mongos instances.
Kerberos Authentication
Kerberos authentication and MongoDB.