Keyfiles
Keyfiles use SCRAM-SHA-1 challenge and response authentication mechanism. The contents of the keyfiles serve as the shared password for the members. A key’s length must be between 6 and 1024 characters and may only contain characters in the base64 set.
MongoDB strips whitespace characters (e.g. x0d, x09, and x20) for cross-platform convenience.
The content of the keyfile must be the same on all mongod and mongos instances that connect to each other. You must store the keyfile on each member of the replica set or sharded clusters.
For an example of keyfile internal authentication, see Enforce Keyfile Access Control in a Replica Set.