diff --git a/mongodb/kubedb_client_builder.go b/mongodb/kubedb_client_builder.go
index 6ee99351c..54ec87687 100644
--- a/mongodb/kubedb_client_builder.go
+++ b/mongodb/kubedb_client_builder.go
@@ -34,15 +34,16 @@ import (
 )
 
 type KubeDBClientBuilder struct {
-	kc         client.Client
-	db         *api.MongoDB
-	url        string
-	podName    string
-	repSetName string
-	direct     bool
-	certs      *certholder.ResourceCerts
-	ctx        context.Context
-	cred       string
+	kc           client.Client
+	db           *api.MongoDB
+	url          string
+	podName      string
+	repSetName   string
+	direct       bool
+	certs        *certholder.ResourceCerts
+	ctx          context.Context
+	cred         string
+	authDatabase string
 }
 
 func NewKubeDBClientBuilder(kc client.Client, db *api.MongoDB) *KubeDBClientBuilder {
@@ -60,6 +61,11 @@ func (o *KubeDBClientBuilder) WithCred(cred string) *KubeDBClientBuilder {
 	return o
 }
 
+func (o *KubeDBClientBuilder) WithAuthDatabase(authDatabase string) *KubeDBClientBuilder {
+	o.authDatabase = authDatabase
+	return o
+}
+
 func (o *KubeDBClientBuilder) WithURL(url string) *KubeDBClientBuilder {
 	o.url = url
 	return o
@@ -152,6 +158,10 @@ func (o *KubeDBClientBuilder) getMongoDBClientOpts() (*mgoptions.ClientOptions,
 	if o.repSetName != "" {
 		repSetConfig = "replicaSet=" + o.repSetName + "&"
 	}
+	authDatabaseConfig := ""
+	if o.authDatabase != "" {
+		authDatabaseConfig = "authSource=" + o.authDatabase
+	}
 
 	cred := o.cred
 	if cred == "" {
@@ -164,6 +174,9 @@ func (o *KubeDBClientBuilder) getMongoDBClientOpts() (*mgoptions.ClientOptions,
 
 	var clientOpts *mgoptions.ClientOptions
 	if db.Spec.TLS != nil {
+		if o.authDatabase != "" {
+			authDatabaseConfig = "&" + authDatabaseConfig
+		}
 		secretName := db.GetCertSecretName(api.MongoDBClientCert, "")
 		var (
 			paths *certholder.Paths
@@ -196,10 +209,10 @@ func (o *KubeDBClientBuilder) getMongoDBClientOpts() (*mgoptions.ClientOptions,
 			}
 		}
 
-		uri := fmt.Sprintf("mongodb://%s@%s/admin?%vtls=true&tlsCAFile=%v&tlsCertificateKeyFile=%v", cred, o.url, repSetConfig, paths.CACert, paths.Pem)
+		uri := fmt.Sprintf("mongodb://%s@%s/admin?%vtls=true&tlsCAFile=%v&tlsCertificateKeyFile=%v%v", cred, o.url, repSetConfig, paths.CACert, paths.Pem, authDatabaseConfig)
 		clientOpts = mgoptions.Client().ApplyURI(uri)
 	} else {
-		clientOpts = mgoptions.Client().ApplyURI(fmt.Sprintf("mongodb://%s@%s/admin?%v", cred, o.url, repSetConfig))
+		clientOpts = mgoptions.Client().ApplyURI(fmt.Sprintf("mongodb://%s@%s/admin?%vauthSource=%v", cred, o.url, repSetConfig, authDatabaseConfig))
 	}
 
 	clientOpts.SetDirect(o.direct)