Skip to content

Commit 3593911

Browse files
shuangelashuangela
authored
DOCSP-40004 added comma guidance and removed percent encoding guidance (mongodb#91)
* added comma guidance and removed percent encoding guidance for authmechanismproperties values
1 parent 9c8923b commit 3593911

File tree

3 files changed

+24
-7
lines changed

3 files changed

+24
-7
lines changed

source/includes/authentication/auth-properties-commas.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
.. note::
2+
3+
If your ``authMechanismProperties`` values include a comma, you must use the ``MongoClient`` constructor to set your authentication options.
4+
5+

source/security/authentication.txt

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -257,7 +257,8 @@ environment variables:
257257
- ``AWS_SESSION_TOKEN``
258258

259259
To use these environment variables to authenticate your application, first set them to the
260-
AWS IAM values needed for authentication, as shown in the following code example:
260+
AWS IAM values needed for authentication, as shown in the following code
261+
example:
261262

262263
.. code-block:: sh
263264

@@ -411,12 +412,14 @@ After you create the config file, set the following connection options:
411412
- ``password``: The AWS IAM secret access key returned by the ``AssumeRole`` request.
412413
Percent-encode this value before including it in a connection URI..
413414
- ``authMechanismProperties``: Set to ``AWS_SESSION_TOKEN:`` and the
414-
AWS session token returned by the ``AssumeRole`` request. Percent-encode this value before including it in a connection URI.
415+
AWS session token returned by the ``AssumeRole`` request.
415416
- ``authMechanism``: Set to ``"MONGODB-AWS"``.
416417

417418
You can set these options in two ways: by passing arguments to the
418419
``MongoClient`` constructor or through parameters in your connection string.
419420

421+
.. include:: /includes/authentication/auth-properties-commas.rst
422+
420423
.. tabs::
421424

422425
.. tab:: MongoClient

source/security/enterprise-authentication.txt

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,10 @@ to use Kerberos to authenticate.
7171
this option to ``"SERVICE_NAME:<authentication service name>"``.
7272

7373
You can set these options in two ways: by passing arguments to the
74-
``MongoClient`` constructor or through parameters in your connection string.
74+
``MongoClient`` constructor or through parameters in your connection
75+
string.
76+
77+
.. include:: /includes/authentication/auth-properties-commas.rst
7578

7679
.. tabs::
7780

@@ -170,6 +173,8 @@ To authenticate with SASL, set the ``authMechanism`` connection option to ``PLAI
170173
You can set this option in two ways: by passing an argument to the
171174
``MongoClient`` constructor or through a parameter in your connection string.
172175

176+
.. include:: /includes/authentication/auth-properties-commas.rst
177+
173178
.. tabs::
174179

175180
.. tab:: MongoClient
@@ -228,6 +233,8 @@ support.
228233
You can configure OIDC for Azure IMDS in two ways: by passing arguments to the
229234
``MongoClient`` constructor or through parameters in your connection string.
230235

236+
.. include:: /includes/authentication/auth-properties-commas.rst
237+
231238
.. tabs::
232239

233240
.. tab:: MongoClient
@@ -272,8 +279,8 @@ You can configure OIDC for Azure IMDS in two ways: by passing arguments to the
272279
enterprise application, set this to the application ID of the service principal.
273280
- ``authMechanism``: Set to ``MONGODB-OIDC``.
274281
- ``authMechanismProperties``: Set to
275-
``ENVIRONMENT:azure,TOKEN_RESOURCE:<percent-encoded audience>``.
276-
Replace the ``<percent-encoded audience>`` placeholder with the percent-encoded
282+
``ENVIRONMENT:azure,TOKEN_RESOURCE:<audience>``.
283+
Replace the ``<audience>`` placeholder with the
277284
value of the ``audience`` parameter configured on your MongoDB deployment.
278285

279286
The following code example shows how to set these options in your connection string:
@@ -301,6 +308,8 @@ support.
301308
You can configure OIDC for GCP IMDS in two ways: by passing arguments to the
302309
``MongoClient`` constructor or through parameters in your connection string.
303310

311+
.. include:: /includes/authentication/auth-properties-commas.rst
312+
304313
.. tabs::
305314

306315
.. tab:: MongoClient
@@ -337,8 +346,8 @@ You can configure OIDC for GCP IMDS in two ways: by passing arguments to the
337346

338347
- ``authMechanism``: Set to ``MONGODB-OIDC``.
339348
- ``authMechanismProperties``: Set to
340-
``ENVIRONMENT:gcp,TOKEN_RESOURCE:<percent-encoded audience>``.
341-
Replace the ``<percent-encoded audience>`` placeholder with the percent-encoded
349+
``ENVIRONMENT:gcp,TOKEN_RESOURCE:<audience>``.
350+
Replace the ``<audience>`` placeholder with the
342351
value of the ``audience`` parameter configured on your MongoDB deployment.
343352

344353
The following code example shows how to set these options in your connection string:

0 commit comments

Comments
 (0)