Docs Menu
Docs Home
/
Languages
/
C#/.NET
/
C#/.NET
/
Fundamentals
/
Authentication

SCRAM

On this page

  • Overview
  • Code Placeholders
  • Using SCRAM Authentication in Your Application
  • API Documentation

Overview

Salted Challenge Response Authentication Mechanism (SCRAM) is a family of authentication mechanisms that use a challenge-response mechanism to authenticate the user. SCRAM-SHA-256, which uses the SHA-256 algorithm to hash your password, is the default authentication mechanism in MongoDB Server version 4.0 and later. SCRAM-SHA-1, which uses the SHA-1 algorithm instead, is the default authentication mechanism in MongoDB Server versions earlier than 4.0.

You can use SCRAM to authenticate to MongoDB Atlas, MongoDB Enterprise Advanced, and MongoDB Community Edition.

Tip

SCRAM Mechanisms

To learn more about the SCRAM family of authentication mechanisms, see RFC 5802 and Salted Challenge Response Authentication Mechanism on Wikipedia.

For more information about the MongoDB implementation of SCRAM, see SCRAM in the MongoDB Server manual.

Code Placeholders

The code examples on this page use the following placeholders:

  • +srv: Include this option in your connection string prefix only if you are connecting to a MongoDB Atlas cluster. To learn more about the +srv option, see Connection String Formats in the MongoDB Server manual.

  • <db_username>: The MongoDB username of the user to authenticate.

  • <db_password>: The MongoDB password of the user to authenticate.

  • <hostname>: The network address of your MongoDB deployment.

  • <port>: The port number of your MongoDB deployment. If you omit this parameter, the driver uses the default port number (27017). You don't need a port number when connecting to a MongoDB Atlas cluster.

  • <authenticationDb>: The MongoDB database that contains the user's authentication data. If you omit this parameter, the driver uses the default value, admin.

To use the code examples on this page, replace these placeholders with your own values.

Using SCRAM Authentication in Your Application

To use SCRAM to authenticate your MongoDB user, specify your MongoDB credentials, but don't specify an authentication mechanism. You can specify your MongoDB credentials either in your connection string or by using a MongoCredential object. Select the Connection String or MongoCredential tab to see the corresponding syntax:

var mongoClient = new MongoClient(
   "mongodb[+srv]://<db_username>:<db_password>@<hostname>[:<port>]/?" +
   "authSource=<authenticationDb>");
var credential = MongoCredential
   .CreateCredential("<authenticationDb>", "<db_username>", "<db_password>");
var settings = MongoClientSettings.FromConnectionString("<connection string>");
settings.Credential = credential;
var mongoClient = new MongoClient(settings);

API Documentation

To learn more about any of the methods or types discussed on this page, see the following API documentation:

Back

Authentication

Next

X.509