Share via

Unable to Create MongoDB User in Azure Cosmos DB for MongoDB vCore (Tried All Official Methods)

Chandan Kumar 20 Reputation points
2025-08-04T10:00:47.6866667+00:00

Hello,

I'm currently working on setting up secondary users for Azure Cosmos DB for MongoDB vCore (Free Tier), and despite following all the official documentation and community suggestions, I'm still unable to successfully create a new MongoDB user with readWrite permissions.

I have carefully followed the guidance provided in your official documentation:

Approaches I’ve Tried (Based on Official Docs)
Approache- 1

Azure CLI – az cosmosdb mongodb user definition create

az cosmosdb mongodb user definition create \

--account-name ep-md-mongodb-database \

--resource-group myapp-rg \

--body '{

"Id": "mydb.newuser",

"UserName": "newuser",

"Password": "StrongPassword@123",

"DatabaseName": "mydb",

"CustomData": "Created by Chandan for app access",

"Mechanisms": "SCRAM-SHA-256",

"Roles": [

  {

    "Role": "readWrite",

    "Db": "mydb"

  }

]

}'

ERROR- (ResourceNotFound) The Resource 'Microsoft.DocumentDB/databaseAccounts/ep-md-mongodb-database' under resource group 'myapp-rg' was not found.

Even though the Cosmos DB account exists, this command does not recognize it under the databaseAccounts namespace — likely due to vCore-based cluster architecture.

Approache- 2

Azure CLI (cosmosdb-preview extension) – mongocluster user create

az cosmosdb mongocluster user create \

--name ep-md-mongodb-database \

--resource-group myapp-rg \

--database-name mydb \

--username newuser \

--password 'StrongPassword@123' \

--roles '[{"role": "readWrite", "db": "mydb"}]'

ERROR- 'user' is misspelled or not recognized by the system.

Even with the latest cosmosdb-preview (v1.6.1) extension and Azure CLI (v2.61+), the CLI does not recognize user as a valid subcommand of az cosmosdb mongocluster.
Approache- 3

Mongo Shell (mongosh) – db.createUser()

db.createUser({

user: "readonlyuser",

pwd: "StrongPassword@123",

roles: [ { role: "readWrite", db: "mydb" } ]

})

ERROR- MongoServerError[CommandNotSupported]: CreateUser command is not supported.

As stated in the documentation, this is expected behavior since Cosmos DB vCore emulates MongoDB and restricts certain commands.

  • Request for Clarification:-
  1. Is there a currently supported method to create a secondary MongoDB user for Cosmos DB vCore via CLI or Portal?
  2. If the mongocluster user command is not yet available in the public Azure CLI — is there an ETA or alternate method (REST API, ARM Template)?
  3. Is user creation only possible via Portal UI for now?

System Context

  • Cosmos DB: Free tier

Azure CLI: 2.61.0

cosmosdb-preview extension: 1.6.1

Shell: Ubuntu 24.04 LTS

I appreciate any guidance or updated instructions on how to achieve this user creation task reliably.

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
Accepted answer
  1. Jose Benjamin Solis Nolasco 4,906 Reputation points
    2025-08-04T13:20:56.0233333+00:00

    As you mentioned the only supported method right now to create or manage secondary users in MongoDB vCore is through the Azure Portal UI.

    Recommendation for your case:

    Go to your vCore cluster in the Azure Portal

    Navigate to Security > Users

    Add the secondary user from there with the appropriate roles

    CLI-based user creation (including az cosmosdb mongodb user definition create) applies only to Cosmos DB for MongoDB API (NoSQL with API emulation), not to the newer vCore-based deployments.

    MongoShell (db.createUser()) is not supported in vCore as you've seen — user management is abstracted and restricted for security and consistency.

    az cosmosdb mongocluster user create is intended for Cosmos DB for MongoDB vCore, but this subcommand is not yet available in GA (General Availability) in the public CLI — even with the cosmosdb-preview extension.

    As of now (August 2025), the only officially supported and stable method to create secondary MongoDB users in Cosmos DB vCore is through the Azure Portal UI:

    Navigate to Azure Cosmos DB for MongoDB vCore account

    Go to "Security" → "Users"

    Click "Add user" and input:

    Username

    Password

    Database

    Roles (readWrite, read, etc.)

    ⚠️ If this UI flow is missing or failing in your portal instance:

    Double-check you're targeting a vCore MongoDB cluster, not a NoSQL account.

    Ensure you're in a supported region (some preview features are region-specific).

    Confirm the Azure role assignment has sufficient privileges (e.g., Owner or Cosmos DB Account Contributor).

    😊 If my answer helped you resolve your issue, please consider marking it as the correct answer. This helps others in the community find solutions more easily. Thanks!

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vikrant 20 Reputation points
    2025-08-06T05:11:22.6266667+00:00

    Hello @Jose Benjamin Solis Nolasco

    I am facing the same issue with my Azure Cosmos DB for MongoDB (vCore).

    I'm also unable to create new users with limited permissions, as the UI flow for user management is missing—there is no "Security" → "Users" section available.

    Database Details:

    • Region: East US
    • Cluster Tier: M10 (1 vCore, 2 GiB RAM)
    • Created At: 2025-08-04T07:27:04.7496067Z

    My Requirement: I need to create the following types of users:

    Read-Only User – with permissions to only read data from the database.

    1. Read-Write User – with permissions to both read and write data, but no admin-level access.
      User's image

    User's image

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.