Configuring MongoDB Accounts

On this Page

This account is used by the Snaps in the MongoDB Snap Pack.

You can create an account from Designer or Manager. In Designer, when working on pipelines, every Snap that needs an account prompts you to create a new account or use an existing account. The accounts can be created in or used from:

  • Your private project folder: This folder contains the pipelines that will use the account.
  • Your Project Space’s shared folder: This folder is accessible to all the users that belong to the Project Space.
  • The global shared folder: This folder is accessible to all the users within an organization in the SnapLogic instance.


Account Configuration

In SnapLogic, you can create accounts either for projects or in shared folders.

To create a MongoDB account: 

  1. Click on the project or shared folder for which you want to create the account. This displays a page that displays all the resources associated with the project or folder.
  2. Click Create > MongoDB, and then choose the MongoDB Account you want to create. 
    • Select MongoDB Account to connect to a single node.
    • Select Replica Set Account to connect to replica sets for operations. For more information on replication in MongoDB, see the Replication page in MongoDB documentation.

      To add an account for MongoDB Atlas, you must configure an account as either Replica Set or Replica Set Dynamic Account because MongoDB Atlas starts with a replica set of 3 nodes. Read more on connecting MongoDB Atlas via drivers.

  3. Supply a Label for the account.
  4. Supply the necessary information for the appropriate account type:
    • MongoDB Account
    • Replica Set Account
    • MongoDB Dynamic Account
    • Replica Set Dynamic Account

      For detailed guidance on setting up each of these accounts, see the Account Types section below.

  5. Supply additional information on this account in the Notes field of the Info tab.


Account Types

MongoDB Account

 Account Settings


Label


Required. User provided label for the account instance

Hostname


Required. MongoDB Hostname 

Default value: [None]

Port


Required. The MongoDB Port.

Default value: [None]

Database name


The database that the MongoDB account is defined in. This is also the default database used for queries. 

Ensure to provide the database name when selecting the TLS/SSL option in the Encryption type property.

Default value: [None]

Username


Required. The MongoDB Username.

Default value: [None]

Password


Required. The password associated with the MongoDB Username.

Default value: [None]

Authentication type


Required. The authentication type that you want to use with this account. The options available are:

  • Default: No authentication
  • LDAP: Username/password retrieved from the configured LDAP server. LDAP Proxy Authentication

    You must configure the MongoDB server to access the LDAP authentication mechanism. Click here to know more about configuring the service. 

  • Plain: The username and password combination provided by your administrator.
  • X.509 (Digital Certificates): Issued by a certificate authority; or self-signed.

     Using X.509 Digital Certificates

    The X.509 certificate uses the international X.509 public key infrastructure (PKI) standard to check whether a public key belongs to the declared user, computer, or service identity listed in the certificate. In SnapLogic, the X.509 Digital Certificates authentication type enables you to use digital certificates to authenticate your requests with MongoDB. For more details on X.509 digital certificates, see Using x.509 Certificates to Authenticate Clients.

    To use X.509 digital certificates:

    1. Enter data in the Label, Hostname, Port, and Database Name fields as appropriate.
    2. In the Username field, enter the Distinguished Name (DN) of the certificate in the keystore from where you retrieved it.
      Example: CN=admin,OU=JSDev,O=Jaspersoft,L=San Francisco,ST=CA,C=US

      There are many ways of presenting the DN as a string, so the format seen in other tools may not be appropriate here. For example, most formats use '/' instead of ',' as separators.

    3. Leave the Password field blank.

    4. Select the Authentication Type as X.509 (Digital Certificates).

    5. Set the Encryption Type to ssl certs.

    6. Update the SSL Certs Properties section as follows:
      1. Enter the location of the trust store in the Truststore Filepath field. The trust store must contain trusted certificates from the certificate authorities (CAs) that signed both the Mongo server and client certificates.
        It's a good practice for the truststore to include the Mongo server's certificate as well; but it's not mandatory, since the client can validate the certificate via the CA certificate.

      2. Enter the Truststore Password in the field provided.
      3. Enter the location of the keystore in the Keystore Filepath field. The keystore must contain the certificate and key with the same DN as used in the Username field. Again, as in the case of the Distinguished Name, the formats used may appear to be different. The keystore may also need to include the certificate chain (the list of SSL certificates, right from the root certificate to the end-user certificate) for the client's cert.

      4. Enter the Keystore File Password in the field provided.
    7. Click Validate to check your settings; click Apply to save your changes and exit the popup once validation succeeds.

Default value: Default

Encryption type


Required. The encryption type for connecting Mongo instance. The options available are None,  TLS/SSL and SSL certs

If None is selected, data is not encrypted.

If TLS/SSL is selected, data is encrypted without certificate validation. Ensure to provide the database name in the Database name property to validate the user against that particular database name.

If SSL certs is Selected, the data is encrypted ensuring the certificate validation.

Default value: None

SSL certs properties

Conditional. Configure the keystore and truststore properties only when the encryption type is selected as "SSL certs". This ensures the validation of the certificate.

Truststore filepath

The location of the trust store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/cacert_keystore.p12
Default value: [None]

Truststore passwordTruststorepassword to access the truststore file of the server.
Keystore filepath

The location of the key store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/client_keystore.p12
Default value: [None]

Keystore file passwordKeystore password to access the keystore file of the client. 
Connection propertiesConfigure the connection properties to specify connection and server selection timeouts.
Connection timeout

The number of seconds the Mongo driver waits before aborting a new connection attempt. 
For example, if you set the Connection timeout limit to 30 seconds, and the Snap fails to establish a connection in 30 seconds, the pipeline logs a timeout exception and aborts execution.

A value of 0 seconds specifies an infinite timeout.

Default value: 10

Server Selection timeout

The number of seconds the Mongo driver waits to select a server for an operation before aborting the selection. 

For example, if you set the Server Selection timeout to 30 seconds, and the Snap fails to find a server until 30 seconds, the pipeline logs an error and aborts execution.

A value of 0 seconds specifies an infinite timeout.

Default value: 30

MongoDB cursor properties

Use this field set to configure the MongoDB cursor timeout properties. 
This field set contains the Use Cursor Timeout field.

Use Cursor Timeout

Select this checkbox to set a timeout for idle cursors, which means, it enables the server to close a cursor automatically after a period of inactivity.

This option allows you to connect to Atlas Free Tier database and Shared Clusters using the MongoDB accounts. Refer to Atlas Free Tier limitations for more information.

For all the existing Mongo DB accounts, the Use Cursor Timeout check box  is deselected by default.

Default value: Not Selected

Account Encryption

Standard Encryption

If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.


Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected for this account.

Account:

  • High: Password
  • Medium + High: Username, password
  • Low + Medium + High: Username, password, hostname, database name


Replica Set Account

 Account Settings


Label


Required. User provided label for the account instance

Replica Set Configuration


Required. Hostnames and ports for MongoDB replica set.

Default value: [None]


Hostname

The MongoDB Hostname
Default value: [None]


Port

The MongoDB port.

Default value: [None]


Database name


Required. The database that the MongoDB account is defined in. This is also the default database used for queries.

Default value: None

To validate a MongoDB Atlas account, enter the name as admin. Alternatively, to override the actual database name in the Database name property at the Snap settings level.

Username


Required. MongoDB Username 

Default value: [None]


Password


Required. The password associated with the MongoDB Username.

Default value: [None]


Authentication type


Required. The authentication type that you want to use with this account. The options available are:

  • Default: No authentication

    To validate a MongoDB Atlas account, select Default.

  • LDAP: Username/password retrieved from the configured LDAP server. LDAP Proxy Authentication

    You must configure the MongoDB server to access the LDAP authentication mechanism. Click here to know more about configuring the service. 

  • Plain: The username and password combination provided by your administrator.
  • X.509 (Digital Certificates): Issued by a certificate authority; or self-signed.

     Using X.509 Digital Certificates

    The X.509 certificate uses the international X.509 public key infrastructure (PKI) standard to check whether a public key belongs to the declared user, computer, or service identity listed in the certificate. In SnapLogic, the X.509 Digital Certificates authentication type enables you to use digital certificates to authenticate your requests with MongoDB. For more details on X.509 digital certificates, see Using x.509 Certificates to Authenticate Clients.

    To use X.509 digital certificates:

    1. Enter data in the Label, Hostname, Port, and Database Name fields as appropriate.
    2. In the Username field, enter the Distinguished Name (DN) of the certificate in the keystore from where you retrieved it.
      Example: CN=admin,OU=JSDev,O=Jaspersoft,L=San Francisco,ST=CA,C=US

      There are many ways of presenting the DN as a string, so the format seen in other tools may not be appropriate here. For example, most formats use '/' instead of ',' as separators.

    3. Leave the Password field blank.

    4. Select the Authentication Type as X.509 (Digital Certificates).

    5. Set the Encryption Type to ssl certs.

    6. Update the SSL Certs Properties section as follows:
      1. Enter the location of the trust store in the Truststore Filepath field. The trust store must contain trusted certificates from the certificate authorities (CAs) that signed both the Mongo server and client certificates.
        It's a good practice for the truststore to include the Mongo server's certificate as well; but it's not mandatory, since the client can validate the certificate via the CA certificate.

      2. Enter the Truststore Password in the field provided.
      3. Enter the location of the keystore in the Keystore Filepath field. The keystore must contain the certificate and key with the same DN as used in the Username field. Again, as in the case of the Distinguished Name, the formats used may appear to be different. The keystore may also need to include the certificate chain (the list of SSL certificates, right from the root certificate to the end-user certificate) for the client's cert.

      4. Enter the Keystore File Password in the field provided.
    7. Click Validate to check your settings; click Apply to save your changes and exit the popup once validation succeeds.

Default value: Default

Encryption type


Required. The encryption type for connecting Mongo instance. The options available are None,  TLS/SSL and SSL certs

If None is selected, data is not encrypted.

If TLS/SSL is selected, data is encrypted without certificate validation.

If SSL certs is Selected, the data is encrypted ensuring the certificate validation.

Default value: None

To validate a MongoDB Atlas account, select TLS/SSL.

SSL certs propertiesConditional. Configure the keystore and truststore properties only when the encryption type is selected as "SSL certs". This ensures the validation of the certificate.
Truststore filepath

The location of the trust store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/cacert_keystore.p12
Default value: [None]

Truststore passwordTruststorepassword to access the truststore file of the server.
Keystore filepath

The location of the key store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/client_keystore.p12
Default value: [None]

Keystore file passwordKeystore password to access the keystore file of the client. 
Connection propertiesConfigure the connection properties to specify connection and server selection timeouts.
Connection timeout

The number of seconds the Mongo driver waits before aborting a new connection attempt. 
For example, if you set the Connection timeout limit to 30 seconds, and the Snap fails to establish a connection in 30 seconds, the pipeline logs a timeout exception and aborts execution.

A value of 0 seconds specifies an infinite timeout.

Default value: 10

Server Selection timeout

The number of seconds the Mongo driver waits to select a server for an operation before aborting the selection. 

For example, if you set the Server Selection timeout to 30 seconds, and the Snap fails to find a server until 30 seconds, the pipeline logs an error and aborts execution. 

A value of 0 seconds specifies an infinite timeout.

Default value: 30

MongoDB cursor properties

Use this field set to configure the MongoDB cursor timeout properties. 
This field set contains the Use Cursor Timeout field.

Use Cursor Timeout

Select this checkbox to set a timeout for idle cursors, which means, it enables the server to close a cursor automatically after a period of inactivity.

This option allows you to connect to Atlas Free Tier database and Shared Clusters using the MongoDB accounts. Refer to Atlas Free Tier limitations for more information.

For all the existing Mongo DB accounts, the Use Cursor Timeout check box is deselected by default.

Default value: Not Selected


Read preference

Choose an option to define read preference options when querying data. Available options are:

  • Primary

  • Primary preferred

  • Secondary

  • Secondary preferred

  • Nearest

The secondary preferred mode is not supported for the MongoDB Execute Snap.

Default value: Primary

 Account Encryption

Standard Encryption

If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.


Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected for this account.

Account:

  • High: Password
  • Medium + High: Username, Password
  • Low + Medium + High: Hostname, Database name, Username, Password



MongoDB Dynamic Account

 Account Settings

Expression-enabled authentication fields, such as Username, Password, and Client Secret, support Secrets Management, a SnapLogic add-on that allows you to store endpoint credentials in a third-party secrets manager, such as AWS Secrets Manager, Azure Key Vault, or HashiCorp Vault. During validation and execution, pipelines obtain the credentials directly from the secrets manager. Learn more: Configure Accounts to use secrets.

Label


Required. User provided label for the account instance

Hostname


Required. The MongoDB Hostname.

Enable the expression property to use a pipeline parameter.

Default value: [None]


Port


Required. The MongoDB port.

Enable the expression property to use a pipeline parameter.

Default value: [None]


Database name


Required. The database that the MongoDB account is defined in. This is also the default database used for queries.

Enable the expression property to use a pipeline parameter.

Example:  _dbName

Default value: [None]


Username


Required. MongoDB Username 

Enable the expression property to use a pipeline parameter.

Default value: [None]


Password


Required. The password associated with the MongoDB Username

Enable the expression property to use a pipeline parameter.

Default value: [None]


Authentication 

Required. The authentication type that you want to use with this account. The options available are:

  • Default: No authentication
  • LDAP: Username/password retrieved from the configured LDAP server. LDAP Proxy Authentication

    You must configure the MongoDB server to access the LDAP authentication mechanism. Click here to know more about configuring the service. 

  • Plain: The username and password combination provided by your administrator.
  • X.509 (Digital Certificates): Issued by a certificate authority; or self-signed.

     Using X.509 Digital Certificates

    The X.509 certificate uses the international X.509 public key infrastructure (PKI) standard to check whether a public key belongs to the declared user, computer, or service identity listed in the certificate. In SnapLogic, the X.509 Digital Certificates authentication type enables you to use digital certificates to authenticate your requests with MongoDB. For more details on X.509 digital certificates, see Using x.509 Certificates to Authenticate Clients.

    To use X.509 digital certificates:

    1. Enter data in the Label, Hostname, Port, and Database Name fields as appropriate.
    2. In the Username field, enter the Distinguished Name (DN) of the certificate in the keystore from where you retrieved it.
      Example: CN=admin,OU=JSDev,O=Jaspersoft,L=San Francisco,ST=CA,C=US

      There are many ways of presenting the DN as a string, so the format seen in other tools may not be appropriate here. For example, most formats use '/' instead of ',' as separators.

    3. Leave the Password field blank.

    4. Select the Authentication Type as X.509 (Digital Certificates).

    5. Set the Encryption Type to ssl certs.

    6. Update the SSL Certs Properties section as follows:
      1. Enter the location of the trust store in the Truststore Filepath field. The trust store must contain trusted certificates from the certificate authorities (CAs) that signed both the Mongo server and client certificates.
        It's a good practice for the truststore to include the Mongo server's certificate as well; but it's not mandatory, since the client can validate the certificate via the CA certificate.

      2. Enter the Truststore Password in the field provided.
      3. Enter the location of the keystore in the Keystore Filepath field. The keystore must contain the certificate and key with the same DN as used in the Username field. Again, as in the case of the Distinguished Name, the formats used may appear to be different. The keystore may also need to include the certificate chain (the list of SSL certificates, right from the root certificate to the end-user certificate) for the client's cert.

      4. Enter the Keystore File Password in the field provided.
    7. Click Validate to check your settings; click Apply to save your changes and exit the popup once validation succeeds.

Default value: Default

Encryption type


Required. The encryption type for connecting Mongo instance. The options available are None,  TLS/SSL and SSL certs

If None is selected, data is not encrypted.

If TLS/SSL is selected, data is encrypted without certificate validation.

If SSL certs is Selected, the data is encrypted ensuring the certificate validation.

Default value: None

SSL certs propertiesConditional. Configure the keystore and truststore properties only when the encryption type is selected as "SSL certs". This ensures the validation of the certificate.
Truststore filepath

The location of the trust store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/cacert_keystore.p12
Default value: [None]

Truststore passwordTruststorepassword to access the truststore file of the server.
Keystore filepath

The location of the key store file in PKCS#12 format, can be in SLDB or any other unauthenticated endpoint such as https://...

Example: shared/client_keystore.p12
Default value: [None]

Keystore file passwordKeystore password to access the keystore file of the client. 
Connection propertiesConfigure the connection properties to specify connection and server selection timeouts.
Connection timeout

The number of seconds the Mongo driver waits before aborting a new connection attempt. 
For example, if you set the Connection timeout limit to 30 seconds, and the Snap fails to establish a connection in 30 seconds, the pipeline logs a timeout exception and aborts execution.

A value of 0 seconds specifies an infinite timeout.

Default value: 10

Server Selection timeout

The number of seconds the Mongo driver waits to select a server for an operation before aborting the selection. 

For example, if you set the Server Selection timeout to 30 seconds, and the Snap fails to find a server until 30 seconds, the pipeline logs an error and aborts execution.

A value of 0 seconds specifies an infinite timeout.

Default value: 30

MongoDB cursor properties

Use this field set to configure the MongoDB cursor timeout properties. 
This field set contains the Use Cursor Timeout field.

Use Cursor Timeout

Select this checkbox to set a timeout for idle cursors, which means, it enables the server to close a cursor automatically after a period of inactivity.

This option allows you to connect to Atlas Free Tier database and Shared Clusters using the MongoDB accounts. Refer to Atlas Free Tier limitations for more information.

For all the existing Mongo DB accounts, the Use Cursor Timeout check box is deselected by default.

Default value: Not Selected

Account Encryption

Standard Encryption

If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.


Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected per each account.

Account:

  • High: Password
  • Medium + High: Username, Password
  • Low + Medium + High: Username, Password, Hostname, Database name

Example

Setting a MongoDB Dynamic Account

Selecting the Dynamic Account allows the users to pass the account details dynamically as a pipeline parameter. This would enable the users to use the same Snap within a pipeline to connect to different database instances.

For the pipeline, define the pipeline parameters: 

  • hostname
  • database
  • username
  • password
  • port

You will supply values for them in the Dynamic Account. 

In DynamoDB - Update pipeline,  create a DynamoDB Dynamic Account (In this pipeline the MongoDB Update Snap is updating the documents on a MongoDB collection in a JSON format using the JSON Generator Snap).

  • Set the expression toggle on for the properties you want to pass the values dynamically.
  • Set  Hostname to _hostname,  Port to _port, Database Name to _database, Username to _username, and Password to _password. 

  • Click Apply and fill the Snap Settings for the desired function.
You cannot Validate an account connection when creating a MongoDB Dynamic Account because the account properties of a dynamic account are provided dynamically as pipeline parameters.

     

Replica Set Dynamic Account

 Account Settings