Authorization : enabled not used? or default

Just curious, is authorization:enabled a default setting?

From the csrs conf file, that line is not there?

security:
keyFile: /var/mongodb/pki/m103-keyfile

Yes we don’t use authorization in csrs conf file

The keyFile setting enforces both Internal Authentication and Role-Based Access Control.
The admin database and the config database exist on the config servers.
The admin database contains the collections related to the authentication and authorization as well as the other system.* collections for internal use.