Help Center/ GaussDB/ Developer Guide(Centralized_V2.0-2.x)/ System Catalogs and System Views/ System Catalogs/ PG_AUTHID
Updated on 2025-08-19 GMT+08:00
View PDF

PG_AUTHID

PG_AUTHID records information about database authentication identifiers (roles). The concept of users is contained in that of roles. A user is actually a role whose rolcanlogin has been set. Any role, whether its rolcanlogin is set or not, can use other roles as members.

For GaussDB, only one PG_AUTHID exists, which is not available for every database. This system catalog is accessible only to users with the SYSADMIN permission.

Table 1 PG_AUTHID columns

Name

Type

Description

oid

oid

Row identifier (hidden attribute, which must be specified).

rolname

name

Role name.

rolsuper

Boolean

Specifies whether a role is the initial SYSADMIN with the highest permission.

  • t (true): yes.
  • f (false): no.

rolinherit

Boolean

Specifies whether a role automatically inherits permissions of roles of which it is a member.

  • t (true): automatically inherited
  • f (false): not automatically inherited

rolcreaterole

Boolean

Specifies whether a role can create more roles.

  • t (true): yes.
  • f (false): no.

rolcreatedb

Boolean

Specifies whether a role can create databases.

  • t (true): yes.
  • f (false): no.

rolcatupdate

Boolean

Specifies whether a role can directly update system catalogs. Only the initial SYSADMIN whose usesysid is set to 10 has this permission. This permission is unavailable for other users.

  • t (true): yes.
  • f (false): no.

rolcanlogin

Boolean

Specifies whether a role can log in, that is, whether a role can be given as the initial session authorization identifier.

  • t (true): yes.
  • f (false): no.

rolreplication

Boolean

Specifies whether a role has the replication permission.

  • t (true): yes.
  • f (false): no.

rolauditadmin

Boolean

Specifies whether a role has the AUDITADMIN permission.

  • t (true): yes.
  • f (false): no.

rolsystemadmin

Boolean

Specifies whether a role has the SYSADMIN permission.

  • t (true): yes.
  • f (false): no.

rolconnlimit

integer

Maximum number of concurrent connections that the role can make (valid for roles that can log in).

The value –1 indicates there is no limit.

rolpassword

text

Password ciphertext (NULL if no password).

rolvalidbegin

timestamp with time zone

Account validity start time (NULL if no start time).

rolvaliduntil

timestamp with time zone

Password expiry time (NULL if no expiration).

roluseft

Boolean

Specifies whether a role can perform operations on foreign tables.

  • t (true): yes.
  • f (false): no.

rolparentid

oid

OID of a group user to which the user belongs.

roltabspace

text

Maximum size of a user data table.

rolkind

"char"

Special user types, including private users and common users.

rolnodegroup

oid

Unsupported currently.

roltempspace

text

Maximum size of a user's temporary table, in KB.

rolspillspace

text

Maximum size of data that can be written to disks when a user executes a job, in KB.

rolexcpdata

text

Query rules that can be set by users (reserved).

rolmonitoradmin

Boolean

Specifies whether a role has the MONADMIN permission.

  • t (true): yes.
  • f (false): no.

roloperatoradmin

Boolean

Specifies whether a role has the OPRADMIN permission.

  • t (true): yes.
  • f (false): no.

rolpolicyadmin

Boolean

Specifies whether a role has the POLADMIN permission.

  • t (true): yes.
  • f (false): no.
Parent topic: System Catalogs