Client-Side Field Level

Client-Side Field Level Encryption (CSFLE) in MongoDB provides enhanced security by encrypting specific fields of a document while they are stored in the database. With CSFLE, the data is encrypted and decrypted on the client-side, securing sensitive data from unauthorized access by malicious actors or even database administrators.

Key Features

How It Works

Supported Algorithms

MongoDB supports the following encryption algorithms for CSFLE:

Key Management

CSFLE requires the use of a separate Key Management System (KMS) to store and maintain encryption keys. MongoDB supports the following KMS providers:

By using CSFLE in MongoDB, you can significantly enhance the security of your sensitive data and comply with regulatory standards such as GDPR, HIPAA, and PCI-DSS.