As per description in SERVER-20515. The authentication and authorization are different subjects. It doesn't really matter if your user needs to be authenticated against a specific database. Which is really important is what permissions on what database the user has (authorization). In order to avoid the administrative problems of having multiple users, we should recommend having a single user, with multiple permissions for different databases.

Additionally, we should clarify how db.getUsers() works. The behaviour is creating confusion for many users.

The documentation must show more complex identity management (authentication/authorization) examples.