Skip to content

How can we improve the platform?

More granular permissions for API keys

Allow API keys to have much more granular permissions (i.e: only the functions one may need to do a certain task).

Also, add a security category in the form to report possible improvements for Atlas.
And a UI/UX one.

12 votes

Carlos shared this idea · May 26, 2021 · Report… · Admin →

An error occurred while saving the comment

Michael commented · July 09, 2021 02:03 · Report

We also have a need for more granular permissions. To centrally monitor all configurations of our clusters, we want to use the API. We use the api to check whether audit is enabled and how audit is configured.
To check this, the api key must have project_owner or organization_owner permissions. This is very worrying from a security point of view, because it gives very powerful permissions. In this case it would be helpful to create a role with extended read permissions (>Organization Read Only).
I think that in the long run there is no way around the fact that users must be able to create their own roles.

Submitting...

Signed in as (Sign out)

Signed in as (Sign out)

Close

Close

Atlas: Other

Searching…

No results.
Clear search results

Give feedback
- Atlas 1,141 ideas
- Atlas App Services 248 ideas
- Atlas CLI 19 ideas
- Atlas Search 130 ideas
- Charts 213 ideas
- Compass 327 ideas
- Connectors (BI, Kafka, Spark) 35 ideas
- Data Federation and Data Lake 43 ideas
- Database 243 ideas
- Documentation 3 ideas
- Drivers 58 ideas
- Education 31 ideas
- FLE and Queryable Encryption 3 ideas
- MongoDB Analyzer (for .NET) 1 idea
- MongoDB for VS Code 54 ideas
- MongoDB Shell 32 ideas
- Ops Tools 416 ideas
- Realm 82 ideas
- Relational Migrator 1 idea
- Support Website 11 ideas
- UI 99 ideas