PostgreSQL 8.1.3 Documentation
Prev	Fast Backward	Chapter 42. System Catalogs	Fast Forward	Next

42.8. `pg_authid`

The catalog pg_authid contains information about database authorization identifiers (roles). A role subsumes the concepts of "users" and "groups". A user is essentially just a role with the rolcanlogin flag set. Any role (with or without rolcanlogin) may have other roles as members; see pg_auth_members.

Since this catalog contains passwords, it must not be publicly readable. pg_roles is a publicly readable view on pg_authid that blanks out the password field.

Chapter 18 contains detailed information about user and privilege management.

Because user identities are cluster-wide, pg_authid is shared across all databases of a cluster: there is only one copy of pg_authid per cluster, not one per database.

Table 42-8. pg_authid Columns

Name	Type	Description
`rolname`	`name`	Role name
`rolsuper`	`bool`	Role has superuser privileges
`rolinherit`	`bool`	Role automatically inherits privileges of roles it is a member of
`rolcreaterole`	`bool`	Role may create more roles
`rolcreatedb`	`bool`	Role may create databases
`rolcatupdate`	`bool`	Role may update system catalogs directly. (Even a superuser may not do this unless this column is true.)
`rolcanlogin`	`bool`	Role may log in, that is, this role can be given as the initial session authorization identifier.
`rolconnlimit`	`int4`	For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit.
`rolpassword`	`text`	Password (possibly encrypted); NULL if none
`rolvaliduntil`	`timestamptz`	Password expiry time (only used for password authentication); NULL if no expiration
`rolconfig`	`text[]`	Session defaults for run-time configuration variables

Prev	Home	Next
`pg_attribute`	Up	`pg_auth_members`

PostgreSQL Manual

42.8. `pg_authid`

Newsletter

Hosted by

Search

Links

PostgreSQL Manual

42.8. pg_authid

Newsletter

Hosted by

Search

Links

42.8. `pg_authid`