Overview
Purpose
The Shared Connection feature enables MongoQUI users to grant carefully-scoped access to an existing MongoDB connection without exposing sensitive connection strings or credentials. Think of it as an application-level wrapper around your database credentials that you can pass to teammates knowing that:
- Credentials remain hidden and tamper-proof.
- Access is restricted to the exact databases / collections / operations you specify.
- You can revoke or tighten access at any time—instantly and centrally.
Key Advantages
| Benefit | What it means in practice |
|---|---|
| Custom Role-Based Sharing | Map any MongoQUI Custom Role to the connection. All permissions are enforced in the UI & query layer—MongoDB never sees the underlying RBAC logic, so your production roles remain untouched. |
| Immutable Shared Objects | Recipients can use a shared connection but cannot see the URI, rotate the key, edit, or delete the connection itself. Only the owner (or an Org Admin) can make changes. |
| Granular Access Control | Restrict by database, specific collections, and read / write verbs—ideal for least-privilege principles. |
| Default Role Assignment | Save time by assigning a default role that is pre-selected whenever the connection is shared. |
Terminology Quick-Reference
- Connection – A saved MongoDB URI plus metadata (driver options, auth, SSL) stored either locally or in cloud storage.
- Shared Connection – A wrapper around an existing Connection that is visible to additional users via assigned Roles.
- Built-in Role – Predefined MongoQUI role mirroring common MongoDB roles (e.g.
read,readWrite). Cannot be edited. - Custom Role – A role you create that specifies allowed Databases, Collections, and Verbs.
- Owner – The user who created the original Connection. Only owners and Org Admins can share, edit, or revoke.
UI Tour
- Sidebar → Shared Connection – Global entry-point showing the Organization Dashboard.
- Connection Manager context menu – Right-click any connection → Share Connection.
- Tabs inside a workspace – Each shared connection opens in its own tab with a 📎 icon, reminding users it is read-only.
Tip: Hover over the lock icon next to a Shared Connection in the tree to see a pop-up with the role and exact permissions.