Docs Menu

Docs HomeDevelop ApplicationsMongoDB Manual


On this page

  • Definition
  • Behavior
  • Required Access
  • Example

Removes a one or more roles from a user on the current database. The db.revokeRolesFromUser() method uses the following syntax:

db.revokeRolesFromUser( "<username>", [ <roles> ], { <writeConcern> } )

The db.revokeRolesFromUser() method takes the following arguments:

The name of the user from whom to revoke roles.
The roles to remove from the user.

Optional. The level of write concern for the operation. See Write Concern Specification.

In the roles field, you can specify both built-in roles and user-defined roles.

To specify a role that exists in the same database where db.revokeRolesFromUser() runs, you can either specify the role with the name of the role:


Or you can specify the role with a document, as in:

{ role: "<role>", db: "<database>" }

To specify a role that exists in a different database, specify the role with a document.

The db.revokeRolesFromUser() method wraps the revokeRolesFromUser command.

If run on a replica set, db.revokeRolesFromUser() is executed using "majority" write concern by default.

You must have the revokeRole action on a database to revoke a role on that database.

The accountUser01 user in the products database has the following roles:

"roles" : [
{ "role" : "assetsReader",
"db" : "assets"
{ "role" : "read",
"db" : "stock"
{ "role" : "readWrite",
"db" : "products"

The following db.revokeRolesFromUser() method removes the two of the user's roles: the read role on the stock database and the readWrite role on the products database, which is also the database on which the method runs:

use products
db.revokeRolesFromUser( "accountUser01",
[ { role: "read", db: "stock" }, "readWrite" ],
{ w: "majority" }

The user accountUser01 user in the products database now has only one remaining role:

"roles" : [
{ "role" : "assetsReader",
"db" : "assets"
←  db.removeUser()db.updateUser() →