MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Under Consideration
Categories Atlas
Created by Guest
Created on Jun 3, 2020

RELATED FEEDBACK

Support for User Groups with Separate Authentication Configurations

Currently Atlas only uses a single (flat) user group which only allows for 1 type of authentication per Organization. However if Federated Authentication is enabled, the authentication mechanism in Atlas is bypassed for the IdP based on the domain name of the user and the configuration of Atlas Authentication. This causes a problem if there are multiple groups of users who all share a domain name, some of whom are registered in an IdP, and some of whom are not registered in an IdP (for example users in 2 divisions of the same company). In this scenario, users who are not registered in the IdP are not able to log in. Proposed Solution: Implement User Groups in Atlas with separate configuration settings, so that if 1 group enables Federated Authentication, they will not impact any other groups, even if they all share the same domain name in the user accounts.
  • Attach files
  • Admin
    Isabelle Williams
    Aug 19, 2025

    testing mongobyte integration

    Reply
  • Guest
    Mar 12, 2024
    This is also crucial for **break-glass access** when using e.g. Okta for Identity Federation. Our DRPs forsee emergency access in an incident scenario of the Identity Provider.
    Reply
  • Guest
    Jan 9, 2024
    Feature is needed for our company which is having several divisions and more than 10.000+ employees.
    Reply
  • Guest
    Oct 11, 2021
    Same issue here. With big companies (like ours) having several divisions, where each division is handling the Mongo projects separately, but sharing the same domain name it's very important to have this feature work correctly.
    Reply
  • Guest
    Sep 14, 2021
    We really need this feature - without it, we cannot manage our 100 Atlas users with Okta - they all have to have named accounts. It is a huge pain. Thanks.
    Reply
  • Guest
    Jul 21, 2021
    We would like this feature as well, if not just for a "backdoor" user to be able to use Atlas auth in case SSO is broken.
    Reply
  • Guest
    Aug 20, 2020
    I ran into the same issue. Ideally there'd be an option where the Atlas login page doesn't forward users with emails in my domain to my IdP, but I can still log in using my IdP's Login URL.
    Reply