LDAP (PLAIN) Authentication Mechanism
Overview
The PLAIN authentication mechanism allows you to use your Lightweight Directory
Access Protocol (LDAP) username and password to authenticate to MongoDB. LDAP
authentication uses the PLAIN Simple Authentication and Security Layer (SASL)
defined in RFC-4616.
You can use this mechanism only when authenticating to MongoDB Atlas or MongoDB Enterprise Advanced.
Code Placeholders
The code examples on this page use the following placeholders:
ldap_username: Your LDAP usernamepassword: Your LDAP passwordconnection_uri: Your connection string URI
Specify LDAP Authentication
You can authenticate to a Lightweight Directory Access Protocol (LDAP) server using your directory server username and password.
Warning
This authentication mechanism sends the password to the server in plaintext, so use this mechanism only with TLS connections.
The following code shows how you can define a Credential struct to
authenticate to LDAP and create a client with your authentication
preferences:
credential := options.Credential{ AuthMechanism: "PLAIN", Username: "<ldap_username>", Password: "<password>", } uri := "<connection_uri>" clientOpts := options.Client().ApplyURI(uri).SetAuth(credential) client, err := mongo.Connect(clientOpts)
You can alternatively authenticate using a connection string URI,
specifying your LDAP username, password, and hostname, the network
address of your MongoDB server:
uri := "mongodb://<ldap_username>:<password>@<hostname>/?authMechanism=PLAIN"
Note
The method refers to PLAIN instead of LDAP since it authenticates using the PLAIN Simple Authentication and Security Layer (SASL) defined in RFC-4616.
API Documentation
To learn more about any of the methods or types discussed on this page, see the following API documentation: