Klairr queries MongoDB via aggregation pipelines, with a read-only user and a JSON-pipeline DSL the LLM emits. Pipeline stages are allow-listed: $out, $merge, $function, and similar are blocked before any pipeline reaches Mongo.
Prerequisites
- A reachable MongoDB cluster (Atlas or self-hosted on a public endpoint)
- An admin who can create database users
Step 1: Create a read-only user
In MongoDB shell or Atlas UI:
use analytics
db.createUser({
user: "klairr_reader",
pwd: "...",
roles: [{ role: "read", db: "analytics" }]
})The built-in read role grants find, listCollections, listIndexes, dbStats, collStats — exactly what Klairr needs and nothing more. Klairr does not request readWrite, dbAdmin, dbOwner, userAdmin, or clusterAdmin.
Step 2: Add the connector
| Field | Example |
|---|---|
| Connection string | mongodb+srv://klairr_reader:[email protected]/analytics |
| Database | analytics |
The connection string can be either mongodb:// or mongodb+srv://. Klairr resolves every host in the SRV/replica set and runs the egress guard against each — RFC1918 / loopback / cloud-metadata addresses are blocked unless the per-connector private-network exception is set.
What Klairr queries
- Schema introspection runs
$sampleagainst each collection (default 100 docs) and infers field types. Mixed-type fields are flagged in the column description. - Question answering runs aggregation pipelines you can inspect in the conversation view. A server-side
$limitis appended to every pipeline. - The connector probes write permission at connect time with a synthetic
insertOne. Read-role users reject with “not authorized”; over-permissioned users are rejected by Klairr.
Notes
- Sample size is bounded — schema may not detect rare fields. Refresh schema after large-scale schema changes.
- Atlas private endpoints work via PrivateLink; Klairr connects to the public hostname unless the private-network exception is enabled.