diff --git a/instances/middleware/README.md b/instances/middleware/README.md
new file mode 100644
index 0000000..b59ac82
--- /dev/null
+++ b/instances/middleware/README.md
@@ -0,0 +1,35 @@
+## MongoDB Authentication
+
+Authentication is disabled in mongodb by default, and will need to be setup to access the db remotely. To do that: 
+
+1. Remove `command: [--auth]` from the `docker-compose.yml`.  
+2. Run `docker compose up -d` to see the changes. 
+3. Enter the docker container: `docker exec -it mongo bash`
+4. Run `mongo` from the command line and create two users as follows:
+
+```bash
+use admin
+db.createUser(
+    {
+        user: "ADMIN_USER",
+        pwd: "ROOT_PASSWORD",
+        roles:["root"]
+    }
+);
+
+use dtransfer
+db.createUser(
+    {
+        user: "DT_USER",
+        pwd: "DT_PASSWORD",
+        roles:[
+            {
+                role: "readWrite",
+                db: "dtransfer"
+            }
+        ]
+    }
+);
+```
+
+**Note**: change `user` and `pwd` with desired secrets.
\ No newline at end of file
diff --git a/instances/middleware/docker-compose.yml b/instances/middleware/docker-compose.yml
index bb1f71a..20672ae 100644
--- a/instances/middleware/docker-compose.yml
+++ b/instances/middleware/docker-compose.yml
@@ -3,6 +3,8 @@ version: '3.8'
 networks:
   web:
     external: true
+  database:
+    external: true
 
 services:
   consumer_live:
@@ -30,3 +32,19 @@ services:
       - "traefik.http.routers.consumer_dev.rule=Host(`dev.api.wp3.ideafast.eu`)"
       - "traefik.http.routers.consumer_dev.entrypoints=websecure"
       - "traefik.http.routers.consumer_dev.tls.certresolver=leresolver"
+
+  mongodb:
+    container_name: mongo
+    image: mongo:4.4.3
+    command: [--auth]
+    networks:
+      - database
+    ports:
+      - 27017:27017
+    volumes:
+      - mongodb:/data/db
+    labels:
+      - "traefik.enable=true"
+
+volumes:
+  mongodb:
\ No newline at end of file