AuthScheme
The authentication mechanism that MongoDB will use to authenticate the connection.
Possible Values
MONGODB-CR, SCRAM-SHA-1, SCRAM-SHA-256, PLAIN, GSSAPI, X509, NONEData Type
string
Default Value
"NONE"
Remarks
Accepted values are MONGODB-CR, SCRAM-SHA-1, SCRAM-SHA-256, GSSAPI, PLAIN, and NONE. The following authentication types correspond to the authentication values.
Authenticating with Challenge-Response
Generally, this property does not need to be set for this authentication type, as the add-in uses different challenge-response mechanisms by default to authenticate a user to different versions of MongoDB.
- MongoDB 2: MongoDB 2 uses MONGODB-CR to authenticate.
- MongoDB 3.x: MongoDB 3 uses SCRAM-SHA-1 by default; new users you create in MongoDB 3 use this authentication method. However, MongoDB 3 servers will continue to use MONGODB-CR to authenticate users created in MongoDB 2.6.
- MongoDB 4.x: MongoDB 4 uses SCRAM-SHA-1 by default and does not support the deprecated MongoDB MONGODB-CR authentication mechanism.
Authenticating with LDAP
Set AuthScheme to PLAIN to use LDAP authentication. This value specifies the SASL PLAIN mechanism; note that this mechanism transmits credentials over plain-text, so it is not suitable for use without TLS/SSL on untrusted networks.
Authenticating with Kerberos
Set AuthScheme to GSSAPI to use Kerberos authentication. Additionally configure the following properties as configured for the MongoDB environment:
KerberosKDC | The FQDN of the domain controller. |
KerberosRealm | The Kerberos Realm (for Windows this will be the AD domain). |
KerberosSPN | The assigned service principle name for the user. |
AuthDatabase | This value should be set to '$external'. |
User | The user created in the $external database. |
Password | The corresponding User's password. |
Authenticating with X.509 Authentication
Set AuthScheme to X509 to use X.509 certificate authentication.