I had an issue recently when trying to copy and paste some code from a project running on Mongoose version 4.x to Mongoose version 5.x, the projects are both related and since one of the projects needs to use multiple databases the authentication database is separate. Mongo/Mongoose both support this and I wanted to keep the code between the 2 projects as similar as possible to make it easier to maintain, however it seems like there was a small change between Mongoose version 4 and version 5 which I can’t find properly documented anywhere.

I’m not going to do a deep dive on this but wanted to post it in case it helps someone else when troubleshooting.

Version 4 Code

This is the code I was using previously, I’ve not been able to find any documentation on this but I can see posts from other people who are using it and it’s been working for me so I presume that this is now deprecated / removed.

  const mongoose = require('mongoose');
  const connectionString = 'mongodb://username:[email protected]:port/database';
  const mongoOptions = {
    auth: {
      authdb: "admin"
  const db = mongoose.createConnection(connectionString, mongoOptions);

Version 5 Code

There are a couple of options for what to do, for more detail on what options are available check the Mongo Docs.

Option 1

If you want to keep using an options parameter (perhaps because you are using other options already)

  const mongoose = require('mongoose');
  const connectionString = 'mongodb://username:[email protected]:port/database';
  const mongoOptions = {
    authSource: "admin"
  const db = mongoose.createConnection(connectionString, mongoOptions);

Option 2

If you aren’t currently using any other options and would like to have it all in a connection string.

  const mongoose = require('mongoose');
  const connectionString = 'mongodb://username:[email protected]:port/database?authSource=admin';
  const db = mongoose.createConnection(connectionString);

Additional Notes

Special Characters In Username / Password

Something worth noting is that you should use encodeURIComponent to encode both the username and password in case they contain unsupported characters. Don’t be thrown by the face that encodeURIComponent doesn’t encode asterisks and a few other characters that could be escaped, encodeURIComponent is perfectly adequate and will encode everything that needs to be encoded so there’s no need to install something like oauth-percent-encode that will fully encode everything.

Troubleshooting Via CLI

For troubleshooting purposes you can use a connection string via the command line using either of the following but be careful entering the password on the command line if you’re in a production environment (it will get saved in the bash history)

mongo mongodb://username:[email protected]:port/database?authSource=admin
mongo mongodb://username:[email protected]:port/database --authenticationDatabase admin


Leave a Reply

Your email address will not be published. Required fields are marked *