For MongoDB clusters, you have to manage users via the IONOS API and creating users inside the database is not possible. This document shows you in detail how to create, view, and delete users.
Roles
In MongoDB most roles are scoped to a database. For example you grant readWrite permissions on database mydb. The exception are roles that grant permissions to all databases, for example readAnyDatabase.
Assignable roles have several restrictions to avoid customers breaking out of their database or breaking internal stuff:
Currently, you can only assign built-in roles. Out of those currently only read, readWrite, readAnyDatabase, readWriteAnyDatabase, dbAdmin, dbAdminAnyDatabase and clusterMonitor are supported.
Roles with the suffix *AnyDatabase are granted only on the admin database, which is the main user management database.
Roles read, readWrite and dbAdmin cannot be granted on config and local databases.
Adding a user
When creating a user you need to consider the following:
All users are created in the admin database.
The combination of username and database must be unique within the MongoDB cluster.
You can only change the assigned roles and the password of a user.
You can't have more than 100 users in a cluster.
To add users to a MongoDB cluster, use the POST request for each user.
To update the assigned roles of a specific user in a MongoDB cluster, use the PATCH request with the new list of assigned roles. Note that the request replaces the old role list, meaning that any existing roles missing from the patch will be deleted.