Advanced Settings
Establishing a Connection
Connecting to MongoDB
Set the following connection properties to connect to a single MongoDB instance:
- Server: Set this to the name or address of the server your MongoDB instance is running on. You can specify the port here or in Port.
- Database: Set this to the database you want to read from and write to.
Connecting to CosmosDB with the MongoDB API
To obtain the connection string needed to connect to a Cosmos DB account using the MongoDB API, log in to the Azure Portal, select Azure Cosmos DB, and select your account. In the Settings section, click Connection String and set the following values.
- Server: Set this to the Host value, the FQDN of the server provisioned for your account. You can also specify the port here or in Port.
- Port: Set this to the port.
- Database: Set this to the database you want to read from and write to.
- User: Set this to the database user.
- Password: Set this to the user's password.
Connecting to Replica Sets
To connect to a replica set, set the following in addition to the preceding connection properties:
- ReplicaSet: Set this to a comma-separated list of secondary servers in the replica set, specified by address and port.
- SlaveOK: Set this to true if you want to read from secondary (slave) servers.
- ReadPreference: Set this to fine-tune how the provider reads from secondary servers.
Securing MongoDB Connections
You can set UseSSL to negotiate SSL/TLS encryption when you connect.
Authenticating MongoDB Connections
Supported authentication types are challenge-response authentication and LDAP.
Authenticating with Challenge-Response
In challenge-response authentication, the User and Password properties correspond to a username and password stored in a MongoDB database. If you want to connect to data from one database and authenticate to another database, set both Database and AuthDatabase.
Authenticating with LDAP
To use LDAP authentication, set AuthDatabase to "$external" and set AuthMechanism to PLAIN. This value specifies the SASL PLAIN mechanism; note that this mechanism transmits credentials over plaintext, so it is not suitable for use without TLS/SSL on untrusted networks.
DBaaS Connections
When you connect to Atlas, ObjectRocket, or another database-as-a-service provider, there typically are a few variations on the procedure outlined in Establishing a Connection. The following sections show how to obtain the necessary connection properties for several popular services.
You can authenticate to MongoDB Atlas with a MongoDB user or an LDAP user. The following sections show how to map Atlas connection strings to provider connection properties. To obtain the Atlas connection string, follow the steps below:
- In the Clusters view, click Connect for the cluster you want to connect to.
- Click Connect Your Application.
- Select either driver option to display a connection string.
In addition to creating a MongoDB user and/or setting up LDAP, your Atlas project's white-list must include the IP address of the machine the provider is connecting from. To add an IP address to the white-list, select the Security tab in the Clusters view and then click IP Whitelist -> Add IP Address.
Authenticating with MonogDB User Credentials
Below is an example connection string providing a MongoDB user's credentials.
mongodb://,, |
Below are the corresponding provider connection properties:
- Server: Set this to the first server in the replica set. Or, you can specify a primary or secondary server here (the provider will query the servers in Server and ReplicaSet to find the primary). |
- Port: Set this to the port the server is running on (27017 is the default).
- ReplicaSet: Set this to the other servers in the replica set. Server and ReplicaSet together specify all instances in the MongoDB replica set. Specify both the server name and port in ReplicaSet., |
- SlaveOK: Set this to true to allow reading from secondary (slave) servers in the replica set.
- AuthDatabase: Set this to "admin" to connect to MongoDB Atlas. All MongoDB users for Atlas are associated with the admin database, their authentication database.
- Database: Set this to the database you want to read from and write to.
- User: Set this to the username of a MongoDB user you added to your MongoDB project.
- Password: Set this to the password of the MongoDB user.
- UseSSL: Set this to true. Atlas requires TLS/SSL.
Authenticating with LDAP
The following list shows the MongoDB Atlas requirements for authenticating with an LDAP user. Below is an example command to connect with the mongo client:
mongo "mongodb://,,$external" --authenticationMechanism PLAIN --username cn=rob,cn=Users,dc=atlas-ldaps-01,dc=myteam,dc=com |
- Server: Set this to the first server in the replica set. Or, you can specify another primary or secondary server here (the provider will query the servers in Server and ReplicaSet to find the primary). For example: |
- Port: Set this to the port the server is running on (27017 is the default).
- ReplicaSet: Set this to the other servers in the replica set. Server and ReplicaSet together specify all instances in the MongoDB replica set. Below is an example value:, |
- SlaveOK: Set this to true to allow reading from secondary (slave) servers in the replica set.
- AuthMechanism: Set AuthMechanism to PLAIN in LDAP authentication.
- Database: Set this to the database you want to read from and write to.
- AuthDatabase: Set this to "$external" to authenticate with an LDAP user.
- User: Set this to the full Distinguished Name (DN) of a user in your LDAP server as the Atlas username. For example:
cn=rob,cn=Users,dc=atlas-ldaps-01,dc=myteam,dc=com |
- Password: Set this to the password of the LDAP user.
- UseSSL: Set this to true. Atlas requires TLS/SSL.
To connect to ObjectRocket, you authenticate with the credentials for a database user. You can obtain the necessary connection properties from the control panel: On the Instances page, select your instance and then select the Connect menu to display a MongoDB connection string.
In addition to adding a user for your database, you also need to allow access to the IP address for the machine the provider is connecting from. You can configure this by selecting your instance on the Instances page and then clicking Add ACL.
Authenticating with a MongoDB User
Below is an example connection string providing the credentials for a MongoDB user:
mongodb://,, |
Below are the corresponding provider connection properties:
- Server: Set this to the first server in the replica set. Click Replica Set to obtain the server names. Or, you can specify another primary or secondary server here (the provider will query the servers in Server and ReplicaSet to find the primary). |
- Port: Set this to the port the server is running on (27017 is the default).
- ReplicaSet: Set this to the other servers in the replica set. Server and ReplicaSet together specify all instances in the MongoDB replica set. Below is an example value:, |
- Database: Set this to the database you want to read from and write to. Note that this is also the authentication database for the user you are connecting with; database users cannot interact with other databases outside their database in ObjectRocket.
- User: Set this to the username of a MongoDB user you defined for the Database.
- Password: Set this to the password for the database user.
- UseSSL: Set this to true to enable TLS/SSL.