MongoDB, a popular NoSQL database, offers robust user management and role-based access control (RBAC) features to secure your data. Creating users and assigning roles in MongoDB helps in maintaining a secure environment by ensuring that only authorized individuals can access and manipulate the data.

In this tutorial, we’ll walk through the steps to create a new user and assign roles to them.

Step 1 – Connecting to MongoDB

First, let’s connect to our MongoDB instance. Open your terminal and run the following command:

mongo

You should see an output similar to this:

>

Step 2 – Creating a New User

MongoDB user management is typically performed in the admin database. Switch to the admin database by executing:

use admin

Output:

switched to db admin

Now, let’s create a new user. We’ll create a user named testUser with the password password123. This user will be assigned the readWrite role on a database called mydatabase.

db.createUser({
  user: "testUser",
  pwd: "password123",
  roles: [
    { role: "readWrite", db: "mydatabase" }
  ]
})

Output:

Successfully added user: {
	"user" : "testUser",
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "mydatabase"
		}
	]
}

Explanation:

  • user: The username for the new user.
  • pwd: The password for the new user.
  • roles: An array specifying the roles assigned to the user. Here, testUser is granted the readWrite role on the mydatabase database.

Step 3 – Adding Additional Roles to a User

If you need to add more roles to an existing user, you can use the updateUser command. Let’s add the dbAdmin role to testUser on mydatabase.

db.updateUser("testUser", {
  roles: [
    { role: "readWrite", db: "mydatabase" },
    { role: "dbAdmin", db: "mydatabase" }
  ]
})

Output:

Successfully updated user: {
	"user" : "testUser",
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "mydatabase"
		},
		{
			"role" : "dbAdmin",
			"db" : "mydatabase"
		}
	]
}

In the command above, we updated testUser to have both readWrite and dbAdmin roles on the mydatabase database.

Step 4 – Verifying User Roles

Let’s verify the roles assigned to testUser. First, we need to authenticate as testUser.

db.auth("testUser", "password123")

Output:

1

A return value of 1 indicates successful authentication.

Now, let’s check the roles assigned to testUser. Run the following command:

db.runCommand({ usersInfo: "testUser" })

Output.

{
	"users" : [
		{
			"_id" : "admin.testUser",
			"user" : "testUser",
			"db" : "admin",
			"roles" : [
				{
					"role" : "readWrite",
					"db" : "mydatabase"
				},
				{
					"role" : "dbAdmin",
					"db" : "mydatabase"
				}
			]
		}
	],
	"ok" : 1
}

The output shows the roles assigned to testUser, confirming that the user has both readWrite and dbAdmin roles on mydatabase.

Conclusion

In this article, we’ve walked through the steps to create a new user and assign roles in MongoDB. We started by connecting to the MongoDB instance, creating a user, and assigning initial roles. We then demonstrated how to update user roles and verify the roles assigned to the user. Try to deploy a MongoDB database and create a user on dedicated server hosting from Atlantic.Net!