How do you set up authentication in mongoDB compass? Every solution uses the mongod terminal not the compass terminal

Question

---

What I am trying to do:

1. I want to have my schema require a log in to order to gain access

   • From my understanding, you must first use the --auth flag to enable authorization. When I do this in the compass shell, it says auth is not recognized/defined

2. I want to be able to create new users with different sets of permissions

   • Neither of the create user commands listed below work for me

My suspicions on the issue:

I think the reason I am struggling might be because I am on a local host connection provided by the MongoDB compass. I am new to MongoDB and am just practicing. My connection URI is mongodb://localhost:27017

---

Things I have tried:

1. Using the advanced connection options in compass GUI

2. Running the below in test and admin

// running: 
--auth

db.auth()

db.createUser({user: "max", pwd: "max", roles: ["userAdminAnyDatabase"]})

db.createUser({
user: "max",
pwd: "max",
roles: [{role: "userAdminAnyDatabase", db: "admin"}, {"readWriteAnyDatabase"}]
})

The create functions give this error:

clone(t={}){const r=t.loc||{};return e({loc:new Position("line"in r?r.line:this.loc.line,"column"in r?r.column:...<omitted>...)} could not be cloned.

Answer 1

I'm going to attempt an answer based on the discussion in the comments. There are definitely still some things that I am not clear on, so please do add additional details to help clarify.

the mongod terminal is something different. It used to be installed with MongoDB, but no longer is by default. All the videos I see are old and working in the mongod terminal not the MongoDB compass shell

You are correct that the earlier shell (mongo) that used to ship with the database no longer does. It has been replaced with a newer one (mongosh) which is still functionally mostly the same, but with some additional expanded capabilities. You can mostly still use the older shell to connect to MongoDB though there really shouldn't be any reason for doing so.

It is the newer mongosh utility that is now bundled with Compass.

You can see here that the db.createUser() method is included as one of the mongosh Methods in the navigation on the left side of the page. So that method and functionality should be present in this newer shell.

I believe it is all just stored locally.

This comment doesn't really make sense. It's true that MongoDB credentials are stored by the cluster itself so it is "local" in that regard. But nothing is going to be stored outside of that such as in Compass or on your local machine.

I do not believe it's connected to atlas

What are the actual connection settings you used when opening Compass to connect to a system?

To get back to the original request, what is the actual outcome that you are seeing when running those commands? Are you getting an error message or?

Knowing that would allow us to troubleshoot further. If you do happen to be running these commands against an Atlas cluster and seeing that the users don't exist shortly after doing so, then you will want to use the Atlas interface instead.

Edit

Based on the updated question, it seems part of the confusion is around what and where to run some commands.

Working backwards, the specific error that you mention is caused by a syntax error. In your array of roles the second entry should either just be a string or a fully-formed object. So try changing

roles: [{role: "userAdminAnyDatabase", db: "admin"}, {"readWriteAnyDatabase"}]

to

roles: [{role: "userAdminAnyDatabase", db: "admin"}, {role:"readWriteAnyDatabase",db:"admin"}]

Also I see now that you seem to be adding the --auth flag to the commands that are being run in the shell. This is incorrect. Rather that is a parameter that is included when you start the mongod process, see here. You can still create users without mongod enforcing authentication, but you'll want to restart the mongod process itself with the right configuration (eg with --auth) to actually prevent users from interacting with the data without properly authenticating.