MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Completed
Categories Atlas
Created by Guest
Created on May 12, 2020

RELATED FEEDBACK

Support native Azure authentication for the DB, e.g. service principal

Customers often want centralized permissioning for the database and LDAP is not generally supported well in the cloud. If a customer is using Azure, they want us to support Azure AD for database authentication. I believe that means using service principals
  • ADMIN RESPONSE
    Aug 1, 2025
    Your applications can now access Atlas Clusters with Azure Service Principals including Azure Managed Identities using MongoDB Workload Identity Federation ( https://www.mongodb.com/docs/atlas/workload-oidc/ ( https://www.mongodb.com/docs/atlas/workload-oidc/ ) ). The feature is supported by MongoDB 7.0.11 dedicated clusters (M10 and above). For your workforce access, we recommend to use Workforce Identity Federation ( https://www.mongodb.com/docs/atlas/workforce-oidc/ ( https://www.mongodb.com/docs/atlas/workforce-oidc/ ) ) with your corporate identity provider such as Azure Entra ID. Thank you for your feedback.
  • Attach files
  • Guest
    Mar 12, 2024
    With MongoDB 7.0, this is done in Atlas through OIDC authentication and Identity Federation.
    Reply
  • Guest
    Jul 11, 2022
    We https://bosch-iot-insights.com are migrating from an on-prem MongoDB to Atlas and also miss this feature heavy. As the original poster, Matt, says, in Azure, all the micro services already got their own AD representation, called "(managed) service principals". Being able to use those also for MongoDB access avoids to manage another representation of those services, through current technical database users in Atlas: Effectively, no automation code would be needed to reflect the dynamic come and go of new micro services. Like with the LDAP adapter, just having a "AD group" to db-permission mapping would be enough to allow micro services access to a database. In our particular case, we're representing all our customers as a bunch of agents, each an own micro service in Azure, i.e. we've hit the "no-more-than-100" database users already and would even need more than the hard limit of 1000 users.
    Reply
  • Guest
    Feb 3, 2022
    Hi MongoDB team, Is there any update on this?
    Reply
  • Guest
    Sep 28, 2021
    This is really a needed feature. Authentication via identities in Azure would be a godsend. We are using managed identity for inter-service auth in our Azure infrastructure and would love to extend that to DB access.
    Reply
  • Guest
    Aug 30, 2021
    This will be a great feature to have. The feature should allow IAM permissions to be assigned for any identify in Azure AD: user, managed identity, service principal, etc. Access to the Atlas portal would be nice, but the real need is for DB access. For example, with a pod running in AKS we can assign that pod a managed identity, and then that pod could authenticate to a DB in Atlas using the managed identity defined in Azure AD.
    Reply
  • Guest
    Dec 15, 2020
    similar request here https://feedback.mongodb.com/forums/924145/suggestions/42163234
    Reply