Configuring Authentication

Some MongoDB databases require authentication. You can configure the Simba MongoDB ODBC Connector to authenticate your connection to provide your credentials and authenticate the connection to the database using one of the following methods:

Note:

The MONGO-CR authentication mechanism is deprecated as of MongoDB version 3.0.

The Simba MongoDB ODBC Connector officially supports MongoDB 3.6 through 4.2 only, but still provides limited support for the MONGO-CR authentication mechanism. If authentication through SCRAM-SHA-1 fails, the connector automatically retries authentication using MONGO-CR instead, potentially enabling connections to MongoDB 2.x.

You can set the connection properties described below in a connection string or in a DSN (in the odbc.ini file). Settings in the connection string take precedence over settings in the DSN.

Using SCRAM-SHA-1

You can configure the connector to use the SCRAM-SHA-1 protocol to authenticate the connection. SCRAM-SHA-1 is the default authentication protocol used by MongoDB.

Note:

If authentication through SCRAM-SHA-1 fails, the connector automatically retries authentication using the MONGO-CR mechanism instead. MONGO-CR is deprecated as of MongoDB version 3.0.

To configure SCRAM-SHA-1 authentication:

  1. Set the AuthMechanism property to SCRAM-SHA-1.
  2. To use a database other than the admin database to check your credentials, set the AuthSource property to the name of the database.
  3. Set the UID property to an appropriate user name for accessing the MongoDB database.
  4. Set the PWD property to the password corresponding to the user name you typed above.

Using SCRAM-SHA-256

Note:

SCRAM-SHA-256 authentication is only supported on MongoDB version 4.0 and above.

You can configure the connector to use the SCRAM-SHA-256 protocol to authenticate the connection.

To configure SCRAM-SHA-256 authentication:

  1. Set the AuthMechanism property to SCRAM-SHA-256.
  2. To use a database other than the admin database to check your credentials, set the AuthSource property to the name of the database.
  3. Set the UID property to an appropriate user name for accessing the MongoDB database.
  4. Set the PWD property to the password corresponding to the user name you typed above.

Using Kerberos

You can configure the connector to use the Kerberos protocol to authenticate the connection.

Kerberos must be installed and configured before you can use this authentication mechanism. For information about how to install and configure Kerberos, see the MIT Kerberos Documentation: http://web.mit.edu/kerberos/krb5-latest/doc/.

To configure Kerberos authentication:

  1. Set the AuthMechanism property to GSSAPI.
  2. Set the gssapiServiceName property to the service name of the MongoDB server.

Using LDAP

You can configure the connector to use the LDAP protocol to authenticate the connection.

To configure LDAP authentication:

  1. Set the AuthMechanism property to PLAIN.
  2. Set the UID property to an appropriate user name for accessing the MongoDB database.
  3. Set the PWD property to the password corresponding to the user name you typed above.