Schema Validation

Strict vs Moderate Validation Levels in MongoDB

The selection between validationLevel: "strict" and validationLevel: "moderate" is a foundational operational decision that dictates write-path latency, migration safety, and data integrity guarantees. Within a mature MongoDB JSON Schema Validation Architecture, these levels are not interchangeable toggles; they represent distinct enforcement contracts with the storage engine. Platform teams and data engineers must treat validation level transitions as stateful infrastructure changes, requiring idempotent deployment scripts, explicit failure boundaries, and phased rollout pipelines.

Runtime Semantics and Evaluation Order

MongoDB evaluates $jsonSchema constraints at the storage engine layer during write operations. The behavioral divergence between strict and moderate centers on how the engine treats documents that currently violate the schema.

  • strict: Enforces validation rules on every insert and update operation, regardless of the document’s current compliance state. If an existing document contains legacy fields, missing required attributes, or type mismatches, any write attempt targeting that document triggers a DocumentValidationFailure error (code 121).
  • moderate: Enforces rules on insert operations and on update operations targeting documents that already satisfy the validation rules. Updates to documents that currently fail validation bypass schema checks entirely, provided the modification itself does not introduce new violations. This enables backward-compatible migrations where legacy payloads can be incrementally normalized without triggering write failures on every touch.

The evaluation pipeline short-circuits on the first rule violation. When designing schemas, engineers must align field constraints with Understanding MongoDB $jsonSchema Syntax to ensure predictable error propagation. Misconfigured required arrays or overly restrictive pattern properties will cause immediate write rejections under strict, while moderate will silently defer enforcement on non-compliant existing documents until they are normalized.

flowchart TD
  U["Update / insert"] --> L{"validationLevel?"}
  L -->|"strict"| SV["Validate every write<br/>against full schema"]
  L -->|"moderate"| M{"Document already<br/>compliant?"}
  M -->|"yes"| SV
  M -->|"no"| BY["Bypass validation<br/>(legacy doc)"]
  SV --> D{"Valid?"}
  D -->|"yes"| OK["Write succeeds"]
  D -->|"no"| ER["Reject — code 121"]

Operational Trade-offs and Governance

Choosing a validation level directly impacts system observability, developer velocity, and data quality SLAs. strict mode provides the highest integrity guarantee but introduces friction during schema evolution. It is best suited for greenfield collections, financial ledgers, or compliance-bound workloads where silent data corruption is unacceptable. moderate mode reduces write-path friction during transitional periods, making it ideal for high-throughput event streams or collections undergoing gradual refactoring.

Platform teams should pair validation levels with explicit Schema Versioning Strategies for NoSQL to prevent uncontrolled drift. Embedding a schema_version field alongside validation rules allows downstream consumers to branch parsing logic safely. Additionally, validation failures should be routed to dedicated error-handling pipelines rather than silently swallowed or retried indefinitely.

Idempotent Automation with Python

Production deployments require deterministic, repeatable schema application. The following PyMongo automation module demonstrates idempotent validation level configuration, explicit error classification, and exponential backoff for transient cluster state conflicts.

import logging
import time
import random
from typing import Dict, Any, Optional
from pymongo import MongoClient
from pymongo.errors import OperationFailure, PyMongoError
from pymongo.collection import Collection

logger = logging.getLogger(__name__)

class SchemaValidationManager:
    """Manages MongoDB validation levels with idempotent application and explicit error handling."""

    def __init__(self, collection: Collection, max_retries: int = 3, base_delay: float = 0.5):
        self.collection = collection
        self.max_retries = max_retries
        self.base_delay = base_delay

    def _get_current_options(self) -> Optional[Dict[str, Any]]:
        """
        Fetches the current validation options for the collection.
        Uses listCollections because the validator/level/action live in collection
        options, not in collStats (which only returns storage metrics).
        """
        try:
            info = self.collection.database.command(
                "listCollections", filter={"name": self.collection.name}
            )
            batch = info["cursor"]["firstBatch"]
            return batch[0].get("options") if batch else None
        except PyMongoError as exc:
            logger.error("Failed to fetch collection options: %s", exc)
            raise

    def apply_validation(
        self,
        schema: Dict[str, Any],
        level: str = "strict",
        action: str = "error"
    ) -> bool:
        """
        Applies or updates validation rules idempotently.
        Returns True if applied/updated, False if already at target state.
        """
        target_validator = {"$jsonSchema": schema}

        current = self._get_current_options()
        if current:
            if (current.get("validationLevel") == level
                    and current.get("validationAction") == action
                    and current.get("validator") == target_validator):
                logger.info("Validation configuration already matches target state.")
                return False

        for attempt in range(self.max_retries):
            try:
                self.collection.database.command(
                    "collMod",
                    self.collection.name,
                    validator=target_validator,
                    validationLevel=level,
                    validationAction=action
                )
                logger.info(
                    "Successfully applied validation level '%s' on attempt %d",
                    level, attempt + 1
                )
                return True
            except OperationFailure as exc:
                # Some OperationFailure errors are not retryable
                if exc.code in (13, 2):  # Unauthorized or BadValue
                    logger.error("Non-recoverable validation error (code %d): %s", exc.code, exc)
                    raise
                logger.warning(
                    "Transient failure applying validation (attempt %d/%d): %s",
                    attempt + 1, self.max_retries, exc
                )
                if attempt == self.max_retries - 1:
                    raise
                delay = self.base_delay * (2 ** attempt) + random.uniform(0, 0.2)
                time.sleep(delay)
            except PyMongoError as exc:
                logger.error("Unexpected PyMongo error during schema application: %s", exc)
                raise
        return False

Migration Pathways and Enforcement Boundaries

Transitioning from moderate to strict requires a controlled normalization phase. Directly switching levels on a collection containing non-compliant documents will immediately block all write operations to those records when they are next modified. Platform teams should implement a background reconciliation pattern:

  1. Audit Phase: Count non-compliant documents using collection.count_documents({"$nor": [{"$jsonSchema": schema}]}). This is the correct way to count schema violations without enabling a validator — db.collection.validate() checks BSON/index integrity, not $jsonSchema compliance.
  2. Normalization Phase: Execute batch updates targeting legacy fields, applying moderate validation to allow incremental fixes without write failures.
  3. Cutover Phase: Once compliance reaches 100%, apply strict validation. Detailed procedures for this transition are documented in How to enforce strict validation on existing collections.

Security boundaries must also be considered. Validation levels operate independently of RBAC, but validationAction: "error" ensures that unauthorized or malformed payloads are rejected before reaching application logic. For workloads requiring graceful degradation, validationAction: "warn" can be paired with moderate level to log violations while permitting writes, though this should be strictly time-boxed in production environments. Refer to MongoDB’s official Schema Validation documentation for cluster-wide configuration parameters and replica set synchronization behavior.

Conclusion

The choice between strict and moderate validation levels is a governance mechanism, not merely a syntax preference. strict guarantees data fidelity at the cost of migration friction, while moderate enables safe, incremental evolution of legacy datasets. By coupling these levels with idempotent Python automation, explicit error routing, and phased compliance rollouts, platform teams can maintain high-velocity development without sacrificing data integrity. Treat validation configuration as infrastructure-as-code, version your schema contracts, and monitor validation failure metrics as first-class operational signals.

Explore deeper

How to Enforce Strict Validation on Existing Collections: A Zero-Downtime Migration PlaybookRetrofitting strict JSON Schema validation onto production collections is rarely a single collMod operation. When platform teams transition…