# Configuring MongoDB workspace data connections

During workspace creation, under **Connection Type**, select **MongoDB**.

## Connecting to the source database <a href="#mongodb-data-connection-source" id="mongodb-data-connection-source"></a>

The **Source Settings** section contains the connection information for the source database.

### Providing the connection details <a href="#mongodb-data-connection-source-connection" id="mongodb-data-connection-source-connection"></a>

To provide the connection details, you can either populate the connection fields or use a connection string.

#### Populating the connection fields <a href="#mongodb-data-connection-source-details-fields" id="mongodb-data-connection-source-details-fields"></a>

By default, **Use connection string** is off, and you provide the connection values in the individual fields:

1. In the **Server** field, provide the host name or IP address of the MongoDB instance.
2. In the **Database** field, provide the name of the MongoDB database.
3. In the **Port** field, provide the port number to connect to the server host.
4. In the **Username** field, provide the username of a MongoDB user in your authentication database.
5. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).
6. In the **Authentication Database**, provide the database where the MongoDB user that you authenticate with is stored. The default is often the admin database.
7. To test the connection to the source database, click **Test Source Connection**.

#### Using a connection string <a href="#mongodb-data-connection-source-details-connection-string" id="mongodb-data-connection-source-details-connection-string"></a>

To use a connection string to connect to the source database:

1. Toggle **Use Connection String** to the on position.
2. In the **Connection String** field, provide a [MongoDB connection string](https://docs.mongodb.com/manual/reference/connection-string/).\
   \
   For the password, use `<password>` as a placeholder value.
3. In the **Database** field, provide the name of the MongoDB database.
4. In the **Password** field, provide the password to use to replace `<password>`.
5. To provide the user password to replace  `<password>`, you can either specify the password manually, or you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).&#x20;
6. To test the connection to the source database, click **Test Source Connection**.

### Using a DNS seed list <a href="#mongodb-source-dns-seed-list" id="mongodb-source-dns-seed-list"></a>

The **Use Srv** setting indicates whether you connect to a [DNS seed list](https://docs.mongodb.com/manual/reference/connection-string/#dns-seed-list-connection-format).

By default, the toggle is in the off position.

If you connect to a DNS seed list, then toggle the setting to the on position.

### Ensuring encryption of source database authentication <a href="#mongodb-source-auth-encrypt" id="mongodb-source-auth-encrypt"></a>

The **Enable SSL/TLS** setting indicates whether to encrypt the source database authentication.

By default, the setting is in the on position. We strongly recommend that you do not turn off this setting.

### Trusting the server certificate <a href="#mongodb-source-trust-cert" id="mongodb-source-trust-cert"></a>

To indicate that Tonic Structural should trust the server certificate, toggle **Trust Server Certificate** to the on position.

### Providing your own client certificate <a href="#mongodb-source-client-cert" id="mongodb-source-client-cert"></a>

To specify your own client certificate for authentication:

1. Click the expand icon for **Client certificate settings**.
2. For **Client Cert**, choose the client certificate file.
3. For **Root Cert**, choose the root certificate file.

For these settings, if secrets managers are available, you can instead [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).

## Connecting to the destination database <a href="#mongodb-data-connection-destination" id="mongodb-data-connection-destination"></a>

The **Destination Settings** section contains the connection information for the destination database.

### Copying the connection details from the source database <a href="#mongodb-data-connection-destination-copy-source" id="mongodb-data-connection-destination-copy-source"></a>

To copy the connection and authentication details from the source database:

1. Click **Copy Settings from Source**.
2. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).
3. To test the connection to the destination database, click **Test Destination Connection**.

### Providing destination database connection details <a href="#mongodb-data-connection-destination-details" id="mongodb-data-connection-destination-details"></a>

If you don't copy the details from the source database, then you can either populate the connection fields or use a connection string.

#### Populating the connection fields <a href="#mongodb-data-connection-destination-details-fields" id="mongodb-data-connection-destination-details-fields"></a>

By default, **Use connection string** is off, and you provide the connection values in the individual fields:

1. In the **Server** field, provide the host name or IP address of the MongoDB instance.
2. In the **Database** field, provide the name of the MongoDB database.
3. In the **Port** field, provide the port number to connect to the server host.
4. In the **Username** field, provide the username of a MongoDB user in your authentication database.
5. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).
6. In the **Authentication Database**, provide the database where the MongoDB user that you authenticate with is stored. The default is often the admin database.
7. To test the connection to the destination database, click **Test Destination Connection**.

#### Using a connection string <a href="#mongodb-data-connection-destination-details-connection-string" id="mongodb-data-connection-destination-details-connection-string"></a>

To use a connection string to connect to the destination database:

1. Toggle **Use Connection String** to the on position.
2. In the **Connection String** field, provide a [MongoDB connection string](https://docs.mongodb.com/manual/reference/connection-string/).\
   \
   For the password, use `<password>` as a placeholder value.
3. In the **Database** field, provide the name of the MongoDB database.
4. In the **Password** field, provide the password to use to replace `<password>`.
5. To provide the user password to replace  `<password>`, you can either specify the password manually, or you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret). The selected secret must store a password.
6. To test the connection to the destination database, click **Test Destination Connection**.

### Using a DNS seed list <a href="#mongodb-destination-dns-seed-list" id="mongodb-destination-dns-seed-list"></a>

The **Use Srv** setting indicates whether you connect to a [DNS seed list](https://docs.mongodb.com/manual/reference/connection-string/#dns-seed-list-connection-format).

By default, the toggle is in the off position.

If you connect to a DNS seed list, then toggle the setting to the on position.

### Ensuring encryption of destination database authentication <a href="#mongodb-destination-auth-encrypt" id="mongodb-destination-auth-encrypt"></a>

By default, SSL is enabled, and **Enable SSL/TLS** is in the on position. We strongly recommend that you do not turn off SSL.

### Trusting the server certificate <a href="#mongodb-destination-trust-cert" id="mongodb-destination-trust-cert"></a>

To indicate that Structural should trust the server certificate, toggle **Trust Server Certificate** to the on position.

### Providing your own client certificate <a href="#mongodb-destination-client-cert" id="mongodb-destination-client-cert"></a>

To specify your own client certificate for authentication:

1. Click the expand icon for **Client certificate settings**.
2. For **Client Cert**, choose the client certificate file.
3. For **Root Cert**, choose the root certificate file.

For these settings, if secrets managers are available, you can instead [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).