MongoDB - User Guide

In this article, you will understand step by step how to easily integrate with MongoDB

Integrating with MongoDB will allow Scytale to collect all user access information and their access privileges on MongoDB. This will help to ensure that only authorized users have access to sensitive databases, which is one of the key criteria when testing logical access. Manually collecting this type of evidence can take some time, especially when you need to prove to the auditors that the user listings are complete and accurate. Automating the collection of user listings and access privileges will streamline the sampling process for the audit and also provide more assurance over the accuracy and completeness of the evidence collected.


The permission that is required for the integration with MongoDB is read-only permissions and does not allow Scytale to perform any actions within your account.

  • Organization read only

How to connect MongoDB integration?

Step 1: Generate API Keys in MongoDB

  • Sign in to the MongoDB account:

  • On the top, click on the access manager dropdown.

  • Under the organization menu, select "Access Manager".

  • Go to the "API Keys tab".

  • In the top right corner, click on "Create API key".


  • Add a description of your choosing.

  • In the "Organization Permissions" drop-down menu select the following:

    • Organization Read Only

  • Click on the "Next" button.

  • Copy the Public Key and Private Key




Step 2: Log in to the Scytale web app

  • Click on the "Integrations" menu screen to the left.
  • Click on the "Connect" button under the MongoDB icon.
  • Review the permissions and click next once satisfied.
  • Paste the Public Key and Private Key that were generated in MongoDB.
  • Connection Name - is used to differentiate between your connections.
    For instance, if you manage multiple accounts or would like to connect multiple times to the integration. It's automatically titled (Connection 1,2,3 etc), but you can change it to a custom name to make it easier to identify.
    For example: scytale-production-env.
  • Click on Connect

Step 3: Project Selection

  • Select MongoDB projects that relate to the compliance audit, and the evidence will be collected automatically.
  • Click to confirm

Note: if you don't select projects, the connection will not be completed and Scytale cannot collect evidence.