One use case we are looking into is exposing one collection publicly (read-only) on the Internet, Instead of providing a custom API middleware to access it, we are pretty happy with providing directly the mongo language and access to all the data in the collection. But it seems this is not possible if we also want private collections at the same time (to keep data for the rest of the app logic, like permissions and authentication for users who can modify this public data).

So I would like to request a way to assign a role to an unauthenticated user.