Docs Menu
Docs Home
/
Languages
/
Ruby
/
Ruby Driver
/
Security

Authentication Mechanisms

Overview

In this guide, you can learn how to authenticate to MongoDB by using the authentication mechanisms available in MongoDB Server. Authentication mechanisms are processes by which the driver and server confirm the identity of a client to ensure security before connecting.

Tip

Connecting to MongoDB

To learn how to establish a connection to your MongoDB deployment, see the Connect to MongoDB guide.

MongoDB Edition Compatibility

The following table lists the authentication mechanisms supported by MongoDB and the MongoDB Server editions that each mechanism is compatible with. Click the name of a mechanism to learn more about how to use it with your application.

Authentication Mechanism
Atlas
Enterprise Advanced
Community

SCRAM Authentication

Yes

Yes

Yes

X.509 Authentication

Yes

Yes

Yes

AWS Identity and Access Management

Yes

No

No

LDAP Authentication

Yes

Yes

No

Kerberos (GSSAPI)

No

Yes

No

Authentication Troubleshooting

This section describes common authentication errors and how to resolve them.

OperationFailure When Reading local Database With Auth On

If you encounter the following error when trying to read the local database:

Mongo::Error::OperationFailure: not authorized on local to execute command { find: "oplog.rs", filter: { ts:
  { $gte: Timestamp 1497449043000|0 } }, sort: { $natural: 1 } } (13)

You can fix this by adjusting your user's roles to ensure that your user has privileges to the local database. If you specifically want to access the oplog, you can also create a custom role with read access to the local database's oplog.rs collection. For more information about roles, see Role Management Methods in the Server manual.

Mongo::Auth::Unauthorized User is Not Authorized to Access

Some users report encountering the following error:

Mongo::Auth::Unauthorized: User ... is not authorized to access ...

After upgrading to Ruby driver version 2.5 and later, the driver was changed to use the SCRAM authorization mechanism by default. This error might happen if the authorization mechanism your user was created with does not match the authorization mechanism used by the driver. You can specify the preferred authorization mechanism using the auth_mech option in your mongoid.yml file.

Back

Change Streams

Next

SCRAM

On this page