PG_AUTHID
PG_AUTHID records information about the database authentication identifiers (roles). The concept of users is contained in that of roles. A user is actually a role whose rolcanlogin has been set. Any role, whether the rolcanlogin is set or not, can use other roles as members.
For a cluster, only one pg_authid exists which is not available for every database. It is accessible only to users with system administrator rights.
|
Column |
Type |
Description |
|---|---|---|
|
oid |
oid |
Row identifier (hidden attribute; must be explicitly selected) |
|
rolname |
name |
Role name |
|
rolsuper |
boolean |
Whether the role is the initial system administrator with the highest permission |
|
rolinherit |
boolean |
Whether the role automatically inherits permissions of roles it is a member of |
|
rolcreaterole |
boolean |
Whether the role can create more roles |
|
rolcreatedb |
boolean |
Whether the role can create databases |
|
rolcatupdate |
boolean |
Whether the role can directly update system catalogs. Only the initial system administrator whose usesysid is 10 has this permission. It is not available for other users. |
|
rolcanlogin |
boolean |
Whether a role can log in, that is, whether a role can be given as the initial session authorization identifier. |
|
rolreplication |
boolean |
Indicates that the role is a replicated one (an adaptation syntax and no actual meaning). |
|
rolauditadmin |
boolean |
Indicates that the role is an audit user. |
|
rolsystemadmin |
boolean |
Indicates that the role is an administrator. |
|
rolconnlimit |
integer |
For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit. |
|
rolpassword |
text |
Password (possibly encrypted); NULL if no password. |
|
rolvalidbegin |
timestamp with time zone |
Account validity start time; NULL if no start time |
|
rolvaliduntil |
timestamp with time zone |
Password expiry time; NULL if no expiration |
|
rolrespool |
name |
Resource pool that a user can use |
|
roluseft |
boolean |
Whether the role can perform operations on foreign tables |
|
rolparentid |
oid |
OID of a group user to which the user belongs |
|
roltabspace |
Text |
Storage space of the user permanent table |
|
rolkind |
char |
Special type of user, including private users, logical cluster administrators, and common users. |
|
rolnodegroup |
oid |
OID of a node group associated with a user. The node group must be a logical cluster. |
|
roltempspace |
Text |
Storage space of the user temporary table |
|
rolspillspace |
Text |
Operator disk spill space of the user |
|
rolexcpdata |
text |
Reserved column |
|
rolauthinfo |
text |
Additional information when LDAP authentication is used. If other authentication modes are used, the value is NULL. |
|
rolpwdexpire |
integer |
Password expiration time. Users can change their password before it expires. After the password expires, only the administrator can change the password. The value -1 indicates that the password never expires. |
|
rolpwdtime |
timestamp with time zone |
Time when a password is created |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
