All Products
Search

This Product

    ApsaraDB for MongoDB:Connect to an ApsaraDB for MongoDB instance over the internet

    Document Center

    ApsaraDB for MongoDB:Connect to an ApsaraDB for MongoDB instance over the internet

    Last Updated:Feb 27, 2026

    You can apply for a public endpoint and use MongoDB Shell to connect to an ApsaraDB for MongoDB instance from your local client over the internet.

    Prerequisites

    Before you begin, make sure that you have:

    Note

    For MongoDB 4.4 and earlier, use the legacy mongo shell instead of mongosh. The command syntax is the same.

    Apply for a public endpoint

    1. Go to the MongoDB Replica Set Instances or MongoDB Sharded Cluster Instances page. In the top navigation bar, select a resource group and region. Then, click the ID of the target instance.

    2. In the left-side navigation pane, click Database Connections.

    3. In the Public Connections section, click Apply for Public Connection String.

    4. In the dialog box that appears, click OK.

    5. Wait for the instance status to change from Creating Network Connection to Running. The public endpoint is then available on the Database Connections page.

    Note

    The instance operates normally while the status is Creating Network Connection. The endpoint is visible only after you configure the whitelist. Use the high-availability (HA) ConnectionStringURI endpoint for automatic failover.

    Connect to the instance

    Two connection methods are available. The high-availability connection string URI is recommended because it provides automatic failover across replica set nodes.

    Important

    Do not connect to the database with the root account. Create a database account in Data Management (DMS) before you connect.

    High-availability connection string URI (recommended)

    Connect using the ConnectionStringURI for high availability:

    mongosh "<ConnectionStringURI for high availability>"

    Find the ConnectionStringURI for high availability on the Database Connections page in the console. Before connecting, replace root:**** with your database account credentials (for example, test:PassWord**) and replace /admin with your authentication database (for example, /testdb).

    Example:

    mongosh "mongodb://test:PassWord**@dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717,dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717,dds-bp19f409d7512****.mongodb.rds.aliyuncs.com:3717/testdb?replicaSet=mgset-6108****"

    Single-node endpoint

    Connect to a specific node using its host and port:

    mongosh --host <host> --port <port> -u <username> -p --authenticationDatabase <authenticationDatabase>
    ParameterDescription
    <host>The endpoint of the node from the Database Connections page. Example: dds-bp19f409d7512****.mongodb.rds.aliyuncs.com.
    <port>The port number of the node. Example: 3717.
    <username>The database account name. Do not use the root account. Create a database account in DMS before you connect.
    <authenticationDatabase>The authentication database where the account is stored. The account must be authenticated against the database it belongs to.

    Example:

    The database account is test and the authentication database is testdb.

    mongosh --host dds-bp19f409d7512****.mongodb.rds.aliyuncs.com --port 3717 -u test -p --authenticationDatabase testdb

    At the Enter password: prompt, enter the password and press Enter.

    FAQ

    Why can't I connect after adding my IP to the whitelist?

    Your actual public IP address is likely different from the one you added. ISPs, proxies, and NAT gateways can all change how your IP appears externally. To find your real IP as seen by the MongoDB instance:

    1. Temporarily add 0.0.0.0/0 to the whitelist of the MongoDB instance.

      Warning

      The address 0.0.0.0/0 allows access from any IP address. Remove it from the whitelist as soon as you finish troubleshooting.

    2. Connect to the MongoDB instance using mongosh. If you still cannot connect after adding 0.0.0.0/0, try connecting through DMS to verify that your account, password, and authentication database are correct.

    3. Run the following command to find the IP address of your client:

         db.currentOp({"appName" : "MongoDB Shell","active" : true})
      Note

      If you connected through a different client, run the following command to query all active clients:

      db.runCommand({currentOp: 1, "active" : true})

    4. Add the IP address from the output to the whitelist, then remove 0.0.0.0/0.

    What if my IP address changes and I can no longer connect?

    If your ISP assigns a dynamic IP address, it may change without notice and break your connection. For a stable connection that does not depend on a fixed IP, connect through an SSL-VPN tunnel.

    References