Secure MongoDB Atlas: AuthN and AuthZ
Learn how to configure authentication and authorization in MongoDB Atlas to secure access to your database.
|
Upon completion of the Secure MongoDB Atlas: AuthN and AuthZ skill and skill check you will earn a Credly Badge that you are able to share with your network. |
Learning Objectives
Differentiate Between Atlas and Database Users
Understand how authentication differs between Atlas users and database users, and configure appropriate access levels for each.
Implement Secure Authentication and Authorization
Configure authentication mechanisms and apply role-based access control (RBAC) to ensure secure user management in MongoDB Atlas.
Manage Database User Roles and Privileges
Assign organization, project, and database-level roles, enforce the principle of least privilege, and create custom roles to control access to sensitive data.
Who is this Course Good for?
This skill is designed for developers, operations engineers, and security professionals who are responsible for securing applications running on MongoDB Atlas. If you work with MongoDB in production and need to ensure that only the right users, services, and systems can access your data, this Secure MongoDB Atlas: AuthN and AuthZ Skill Badge is for you. It is especially valuable if you already understand the basics of MongoDB and Atlas but want a clearer, practical framework for implementing authentication and authorization that aligns with modern security best practices. Whether you are integrating Atlas with your organization’s identity provider, defining roles for different teams, or tightening database-level permissions, this skill will help you design and maintain a strong security posture for your Atlas deployments.
What to Expect in this Course
In this skill badge, you will learn the core concepts of authentication and authorization in the context of MongoDB security and how they apply specifically to MongoDB Atlas. The skill begins by explaining why these two concepts are foundational: authentication verifies identity, while authorization controls what an authenticated user or system is allowed to do. From there, the skill focuses on what authentication and authorization mean for MongoDB Atlas itself. You will learn how Atlas separates the control plane and data plane, and why that matters for security, governance, and operational control. The skill walks through the various authentication options available in Atlas, along with common use cases for each, so you can choose methods that fit your environment — whether you are authenticating human users, application services, or automation.
Next, you will dive into authorization in more depth. You explore how Role-Based Access Control (RBAC) is used to manage permissions for Atlas users who administer projects and clusters, as well as for database users who connect to MongoDB from applications. You learn how to design roles that follow the principle of least privilege and how to assign them in a way that supports both productivity and security. By the end of the course, you will understand how to combine authentication and authorization mechanisms to protect sensitive data, reduce risk, and align MongoDB Atlas with your organization’s broader security strategy. Hands-on labs reinforce each concept, giving you practical experience configuring security controls in realistic scenarios.
Summary of the Course
- Explain the difference between authentication and authorization and why both are essential to MongoDB security.
- Apply real-world analogies to reason about access control and varying levels of permissions.
- Describe how the Atlas control plane and data plane relate to security configuration and data access.
- Compare authentication options available in MongoDB Atlas and select appropriate methods for different use cases.
- Use Role-Based Access Control (RBAC) to manage permissions for Atlas users and projects.
- Configure and manage authorization for MongoDB database users connecting to Atlas clusters.
- Design role assignments that implement least-privilege access while supporting developer and operations workflows.
- Combine authentication and authorization strategies to secure MongoDB Atlas deployments in production environments.
Parker Faucher | University Curriculum Engineer
Parker is a Curriculum Engineer on the Education team at MongoDB. Prior to joining MongoDB, he helped maintain a world class developer bootcamp that was offered in multiple universities. He is a self taught developer who loves being able to give back to the community that has helped him so much.
Emily Pope | Lead Curriculum Designer
Emily Pope is a Lead Curriculum Designer at MongoDB. She loves learning and loves making it easy for others to learn how and when to use deeply technical products. Recently, she's been creating AI and vector search content for MongoDB University. Before that, she's created learning experiences on databases, computer science, full stack development, and even clinical trial design and analysis. Emily holds an Ed.M. in International Education Policy from Harvard Graduate School of Education and began her career as an English teacher in Turkiye with the Fulbright program.
Manuel Fontan Garcia | Senior Technologist, Education
Manuel is a Senior Technologist on the Curriculum team at MongoDB. Previously he was a Senior Technical Services Engineer in the Core team at MongoDB. In between Manuel worked as a database reliability engineer at Slack for a little over 2 years and then for Cognite until he re-joined MongoDB. With over 15 years experience in software development and distributed systems, he is naturally curious and holds a Telecommunications Engineering MSc from Vigo University (Spain) and a Free and Open Source Software MSc from Rey Juan Carlos University (Spain).
Katie Redmiles | Senior Curriculum Designer
Katie is a Senior Curriculum Designer at MongoDB. Before joining the Curriculum team, Katie worked on the University Enablement team developing Learning Bytes and instructional materials for the MongoDB for Academia program. Katie also worked within the Digital Learning Division at the Foreign Service Institute where she honed her skills at developing online learning for a global audience. Katie is passionate about making education accessible and engaging for everyone.
I'm excited to guide you through this skill on secure connection management in MongoDB Atlas.
Here, you'll learn essential skills to secure your Atlas deployments by enforcing authentication and authorization.
Understanding these concepts is crucial for any developer as they are foundational for application security.
By mastering authentication and authorization in MongoDB, you'll be able to protect sensitive data and implement best practices in user management and access control.
This knowledge will enable you to competently and efficiently build robust and secure systems.
As developers, we come across these two terms frequently.
We also use authentication and authorization in many facets of our lives.
Imagine you're booking a hotel room. When you check-in at the front desk, you need to provide an ID that matches your reservation.
This process is a form of authentication.
It verifies your identity.
Once your ID is confirmed to match the booking, you're authenticated and given a key card which authorizes you to access your room.
If you try to use your key card to open a different room, it won't work because you are not authorized to enter any other room.
Authorization grants a user permissions for accessing resources and performing actions.
Now consider the hotel's cleaning staff. They have broader access privileges.
Since it's their responsibility to keep the hotel rooms clean, they can enter every guest room. However, their authorization doesn't include access to a guest's safe. This illustrates how authorization works by granting varying levels of access.
Using both authentication and authorization, the hotel ensures that guests, their belongings, and staff are safe and satisfied.
We can apply these same principles to MongoDB Atlas deployments.
We'll cover what you need to know about authentication and authorization within Atlas.
Let's start off by taking a closer look at what authentication and authorization means for our Atlas deployments.
After that, we'll explore concepts about the control plane and data plane along with various authentication options available in Atlas.
We'll also dive into different use cases for each option so you can choose the most suitable authentication method for your Atlas deployments.
Next, we'll move on to authorization for Atlas users.
Here, we'll learn about role based access control and how it's used for Atlas and database users.
Finally, we'll shift our attention to authorization for the database user and discover how to create and assign roles. In this skill, you'll learn concepts through detailed videos and hands on labs.
Then you'll be ready to take our short skill check to demonstrate your knowledge.
After passing the test, you'll receive an official Credly badge to share on LinkedIn to show off your newly acquired knowledge and skills. Let's get started.
