PG_AUTHID
PG_AUTHID records information about database authentication identifiers (roles). The concept of users is contained in that of roles. A user is actually a role whose rolcanlogin has been set. Any role, whether its rolcanlogin is set or not, can use other roles as members.
For a cluster, only one PG_AUTHID exists, which is not available for every database. This system catalog is accessible only to system administrators.
| Name | Type | Description |
|---|---|---|
| oid | oid | Row identifier (hidden attribute, which must be specified). |
| rolname | name | Role name. |
| rolsuper | boolean | Specifies whether a role is the initial system administrator with the highest permission.
|
| rolinherit | boolean | Specifies whether a role automatically inherits permissions of roles of which it is a member.
|
| rolcreaterole | boolean | Specifies whether a role can create more roles.
|
| rolcreatedb | boolean | Specifies whether a role can create databases.
|
| rolcatupdate | boolean | Specifies whether the role can directly update system catalogs. Only the initial system administrator whose usesysid is 10 has this permission. It is unavailable for other users.
|
| rolcanlogin | boolean | Specifies whether the role can log in, that is, whether the role can be given as the initial session authorization identifier.
|
| rolreplication | boolean | Specifies whether the role has the replication permission.
|
| rolauditadmin | boolean | Specifies whether the role has the audit administrator permission.
|
| rolsystemadmin | boolean | Specifies whether the role has the system administrator permission.
|
| rolconnlimit | integer | Maximum number of concurrent connections that this role can make (valid for roles that can log in). The value –1 indicates there is no limit. |
| rolpassword | text | Password ciphertext. If there is no password, the value is NULL. |
| rolvalidbegin | timestamp with time zone | Account validity start time (NULL if no start time). |
| rolvaliduntil | timestamp with time zone | Password expiry time (NULL if no expiration). |
| rolrespool | name | Resource pool that a user can use. |
| roluseft | boolean | Specifies whether the role can perform operations on foreign tables.
|
| rolparentid | oid | OID of a group user to which the user belongs. |
| roltabspace | text | Maximum size of a user data table. |
| rolkind | "char" | Type of a user.
|
| roltempspace | text | Maximum size of a user's temporary table, in KB. |
| rolspillspace | text | Maximum size of data that can be written to disks when a user executes a job, in KB. |
| rolexcpdata | text | Query rules that can be set by users (reserved). |
| rolmonitoradmin | boolean | Specifies whether the role has the monitor administrator permission.
|
| roloperatoradmin | boolean | Specifies whether the role has the O&M administrator permission.
|
| rolpolicyadmin | boolean | Specifies whether the role has the security policy administrator permission.
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.