Join us at MongoDB.local London on 7 May to unlock new possibilities for your data. Use WEB50 to save 50%.
Register now >
Docs Menu
Docs Home
/ /
Authentication
Docs Home
/ /
Rust Driver
/
Authentication
Docs Home
/
Client Libraries
/
Rust
/
Rust Driver
/
Authentication

LDAP (PLAIN SASL)

Overview

The PLAIN authentication mechanism allows you to use your Lightweight Directory Access Protocol (LDAP) username and password to authenticate to MongoDB. LDAP authentication uses the PLAIN Simple Authentication and Security Layer (SASL) defined in RFC-4616.

You can use this mechanism only when authenticating to MongoDB Atlas or MongoDB Enterprise Advanced.

Warning

PLAIN SASL is a clear-text authentication mechanism. We strongly recommend that you use TLS/SSL with certificate validation when using PLAIN SASL to authenticate to MongoDB.

To learn more about how to enable TLS for your connection, see Enable and Configure TLS.

Code Placeholders

The code examples on this page use the following placeholders:

  • username: Your LDAP username

  • password: Your LDAP password

To use the code examples on this page, replace these placeholders with your own values.

Example

To specify the PLAIN authentication mechanism, set the mechanism field of your Credential struct to AuthMechanism::Plain.

The following code example shows how to authenticate using the PLAIN mechanism:

let plain_cred = Credential::builder()
    .username("<username>".to_string())
    .password("<password>".to_string())
    .mechanism(AuthMechanism::Plain)
    .source("$external".to_string())
    .build();
client_options.credential = Some(plain_cred);
let client = Client::with_options(client_options)?;

Note

Authentication Database

Because your credentials are stored outside of MongoDB, you must use the $external database for authentication. The source field of the Credential struct defaults to $external, so you can omit this field.

Alternatively, you can authenticate by using a connection string URI by setting the value of the authMechanism connection string option to PLAIN. The following example shows how to specify the PLAIN authentication mechanism in a connection string URI:

let uri = "mongodb://<username>:<password>@<hostname>/?authSource=$external&authMechanism=PLAIN";

Additional Information

To learn more about the concepts in this guide, see the following documentation:

API Documentation

To learn more about the methods and types mentioned in this guide, see the following API documentation:

Back

OIDC

Next

Kerberos (GSSAPI)

On this page