SYNOPSIS¶

void
mongoc_auto_encryption_opts_set_schema_map (mongoc_auto_encryption_opts_t *opts,


                                            const bson_t *schema_map);

PARAMETERS¶

opts: The mongoc_auto_encryption_opts_t
schema_map: A bson_t where keys are collection namespaces and values are JSON schemas.

Supplying a schema map provides more security than relying on JSON Schemas obtained from the server. It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending unencrypted data that should be encrypted.

Schemas supplied in the schema map only apply to configuring automatic encryption for Client-Side Field Level Encryption. Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.

The following is an example of a schema map which configures automatic encryption for the collection db.coll:

{


     "db.coll": {


         "properties": {


         "encrypted_string": {


             "encrypt": {


             "keyId": [


                 {


                 "$binary": {


                     "base64": "AAAAAAAAAAAAAAAAAAAAAA==",


                     "subType": "04"


                 }


                 }


             ],


             "bsonType": "string",


             "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"


             }


         }


         },


         "bsonType": "object"


     }


 }

The schema map does not apply to collections encrypted with: Queryable Encryption. Use mongoc_auto_encryption_opts_set_encrypted_fields_map() instead.

SEE ALSO:

mongoc_client_enable_auto_encryption()

In-Use Encryption

AUTHOR¶

MongoDB, Inc

COPYRIGHT¶

2017-present, MongoDB, Inc

May 2, 2024

1.27.0

Source file:	mongoc_auto_encryption_opts_set_schema_map.3.en.gz (from libmongoc-doc 1.27.0-1)
Source last updated:	2024-05-02T14:06:32Z
Converted to HTML:	2024-05-02T21:37:58Z