Updating a User
db.updateUser(username, update, writeConcern)
- username indicates the username to be updated.
- update is a document containing the replacement data for the user.
- writeConcern: The write concern level of the update operation. This parameter is optional.
db.updateUser(
"<username>",
{
customData : { <any information> },
roles : [
{ role: "<role>", db: "<database>" } | "<role>",
...
],
pwd: passwordPrompt(), // Or "<cleartext password>"
authenticationRestrictions: [
{
clientSource: ["<IP>" | "<CIDR range>", ...],
serverAddress: ["<IP>", | "<CIDR range>", ...]
},
...
],
mechanisms: [ "<SCRAM-SHA-1|SCRAM-SHA-256>", ... ],
passwordDigestor: "<server|client>"
},
writeConcern: { <write concern> }
)
|
Field |
Type |
Description |
|---|---|---|
|
customData |
Documents |
Optional. Any information. |
|
roles |
Array |
Optional. The role assigned to the user. An update to the roles array overrides the previous array's values. |
|
pwd |
string |
Optional. The user's password. |
|
authenticationRestrictions |
Array |
Optional. The IP address or CIDR blocks that can be accessed by a role. |
|
mechanisms |
Array |
Optional. The specific SCRAM mechanism or mechanisms for the user credentials. Valid values are SCRAM-SHA-1 and SCRAM-SHA-256. |
|
passwordDigestor |
string |
Optional. Whether to verify the password on the server or client. The default value is server. |
Example
- Updating User Information
The information about the appClient01 user in the products database is as follows:
{ "_id" : "products.appClient01", "token" : NumberLong("8424642624807814713"), "user" : "appClient01", "db" : "products", "customData" : { "empID" : "12345", "badge" : "9156" }, "roles" : [ { "role" : "readWrite", "db" : "products" }, { "role" : "read", "db" : "inventory" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] }The following describes how to update the user-defined data and role data.
use products db.updateUser( "appClient01", { customData : { employeeId : "0x3039" }, roles : [ { role : "read", db : "assets" } ] } )The updated information about the appClient01 user in the products database is as follows:
{ "_id" : "products.appClient01", "token" : NumberLong("8424642624807814713"), "user" : "appClient01", "db" : "products", "customData" : { "employeeId" : "0x3039" }, "roles" : [ { "role" : "read", "db" : "assets" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] } - Updating User Information to Be a User with Only the SCRAM-SHA-256 Certificate
The information about the reportUser256 user in the reporting database is as follows:
{ "_id" : "reporting.reportUser256", "token" : NumberLong("2827251846225877395"), "user" : "reportUser256", "db" : "reporting", "roles" : [ ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] }The following describes how to change the current user with both SCRAM-SHA-256 and SCRAM-SHA-1 certificates to a user with only the SCRAM-SHA-256 certificate.
- If the password is not specified with mechanisms, mechanisms can only be updated to a subset of the user's current SCRAM mechanism.
- If the password is specified with mechanisms, you can specify any supported SCRAM mechanism.
- For SCRAM-SHA-256, passwordDigestor must be set to the default value server.
db.updateUser( "reportUser256", { mechanisms: [ "SCRAM-SHA-256" ] } )The updated information about the reportUser256 user in the reporting database is as follows:
{ "_id" : "reporting.reportUser256", "token" : NumberLong("2827251846225877395"), "user" : "reportUser256", "db" : "reporting", "roles" : [ ], "mechanisms" : [ "SCRAM-SHA-256" ] }
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
