Final exam Q3, authsource

Regarding this question I dont understand why is authsource “defaulting” to admin since we are specifying a database in the URI.

According to documentation:

authSource: The database to authenticate on. Defaults to the database specified in the URI, if provided, or to “admin”.

Just would like clarification, thanks in advance.

@brazileoin could you please shed some light into this, thank you

Hi @Amado_85761

The defaulting for the authentication database to admin is because this DB should always exist. The best practice when securing a MongoDB involved creating users and roles, however the ‘admin’ user or superuser account responsible for creating those users is normally created in the ‘admin’ database. The connection strings / drivers know that the ‘admin’ will exist by default, hence that’s why they will fall back to use that database if no other database is supplied in the URI.

Does this clarify why it defaults to the admin DB when no other DB is present in the URI ?

Kindest regards,
Eoin

Thanks for your response @brazileoin,

I understand that but the URI presented does specify another DB (the “test” DB), maybe I am missunderstanding the whole thing, and by “database specified in the URI” documentation refers to an “authSource” parameter specified in the URI.

I would just like to clear that one up cause its either poor wording on documentation or on the exam question, in my opinion ofc.