@@ -390,6 +390,55 @@ see the corresponding syntax.
390390 :end-before: // end-gcp-oidc-mongocredential
391391 :language: java
392392
393+ .. _java-rs-auth-kubernetes:
394+
395+ Kubernetes
396+ ++++++++++
397+
398+ If your application runs on a Kubernetes cluster, you can authenticate
399+ to MongoDB by using the {+driver-short+}'s built-in Kubernetes support.
400+
401+ Select from the :guilabel:`Connection String` or
402+ :guilabel:`MongoCredential` tabs to see the corresponding syntax.
403+
404+ .. tabs::
405+
406+ .. tab:: Connection String
407+ :tabid: mongodb-kubernetes-connection-string
408+
409+ To specify Kubernetes OIDC as the authentication mechanism, set the following
410+ options in your connection string:
411+
412+ - ``authMechanism``: Set to ``MONGODB-OIDC``.
413+ - ``authMechanismProperties``: Set to ``ENVIRONMENT:k8s``.
414+
415+ .. code-block:: java
416+ :emphasize-lines: 4
417+
418+ MongoClient mongoClient = MongoClients.create(
419+ "mongodb://<hostname>:<port>/" +
420+ "?authMechanism=MONGODB-OIDC" +
421+ "&authMechanismProperties=ENVIRONMENT:k8s");
422+
423+ .. tab:: MongoCredential
424+ :tabid: mongodb-kubernetes-mongo-credential
425+
426+ Replace the ``hostname`` and ``port`` with the network address and port
427+ number of your MongoDB deployment.
428+
429+ .. code-block:: java
430+ :emphasize-lines: 2
431+
432+ MongoCredential credential = MongoCredential.createOidcCredential(null)
433+ .withMechanismProperty("ENVIRONMENT", "k8s");
434+
435+ MongoClient mongoClient = MongoClients.create(
436+ MongoClientSettings.builder()
437+ .applyToClusterSettings(builder ->
438+ builder.hosts(Arrays.asList(new ServerAddress("<hostname>", <port>))))
439+ .credential(credential)
440+ .build());
441+
393442Custom Callback
394443+++++++++++++++
395444
0 commit comments