Node.js MongoDB Driver API

Class: AutoEncrypter

AutoEncrypter

An internal class to be used by the driver for auto encryption
NOTE: Not meant to be instantiated directly, this is for internal use only.

new AutoEncrypter(client, options)

node_modules/mongodb-client-encryption/lib/autoEncrypter.js, line 62

Create an AutoEncrypter

Note: Do not instantiate this class directly. Rather, supply the relevant options to a MongoClient

Note: Supplying options.schemaMap provides more security than relying on JSON Schemas obtained from the server.
It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending unencrypted data that should be encrypted.
Schemas supplied in the schemaMap only apply to configuring automatic encryption for client side encryption.
Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.

Name Type Description
client MongoClient

The client autoEncryption is enabled on
options AutoEncrypter~AutoEncryptionOptions optional

Optional settings
Example
// Enabling autoEncryption via a MongoClient

const { MongoClient } = require('mongodb');

const client = new MongoClient(URL, {

autoEncryption: {

kmsProviders: {

aws: {

accessKeyId: AWS_ACCESS_KEY,

secretAccessKey: AWS_SECRET_KEY

}

}

}

});


await client.connect();

// From here on, the client will be encrypting / decrypting automatically

Members

innerlogLevelnumber

The level of severity of the log message

Value Level
0 Fatal Error
1 Error
2 Warning
3 Info
4 Trace

Type Definitions

AutoEncryptionExtraOptionsobject

Extra options related to the mongocryptd process

Properties:
Name Type Argument Default Description
mongocryptdURI string <optional>

A local process the driver communicates with to determine how to encrypt values in a command. Defaults to "mongodb://%2Fvar%2Fmongocryptd.sock" if domain sockets are available or "mongodb://localhost:27020" otherwise
mongocryptdBypassSpawn boolean <optional>
 false

If true, autoEncryption will not attempt to spawn a mongocryptd before connecting
mongocryptdSpawnPath string <optional>

The path to the mongocryptd executable on the system
mongocryptdSpawnArgs Array.<string> <optional>

Command line arguments to use when auto-spawning a mongocryptd

AutoEncryptionOptionsObject

Configuration options for a automatic client encryption.

Properties:
Name Type Argument Description
keyVaultClient MongoClient <optional>

A MongoClient used to fetch keys from a key vault
keyVaultNamespace string <optional>

The namespace where keys are stored in the key vault
kmsProviders KMSProviders <optional>

Configuration options that are used by specific KMS providers during key generation, encryption, and decryption.
schemaMap object <optional>

A map of namespaces to a local JSON schema for encryption
bypassAutoEncryption boolean <optional>

Allows the user to bypass auto encryption, maintaining implicit decryption
options.logger AutoEncrypter~logger <optional>

An optional hook to catch logging messages from the underlying encryption engine
extraOptions AutoEncrypter~AutoEncryptionExtraOptions <optional>

Extra options related to the mongocryptd process

logger(level, message)

node_modules/mongodb-client-encryption/lib/autoEncrypter.js, line 35

A callback that is invoked with logging information from
the underlying C++ Bindings.

Name Type Description
level AutoEncrypter~logLevel

The level of logging.
message string

The message to log