PG_SHADOW

PG_SHADOW displays the attributes of all roles marked with rolcanlogin in PG_AUTHID. Only the system administrator can access this system view.

The name stems from the fact that this view should not be readable by the public since it contains passwords. PG_USER is a publicly readable view on PG_SHADOW that blanks out the password column.

**Table 1** PG_SHADOW columns
Name	Type	Reference	Description
usename	name	rolname in PG_AUTHID	Username
usesysid	oid	OID in PG_AUTHID	ID of this user
usecreatedb	boolean	-	Whether the user has the permission to create databases t (true): yes f (false): no
usesuper	boolean	-	Whether the user is a system administrator t (true): yes f (false): no
usecatupd	boolean	-	Whether the user can update a view. Even the system administrator cannot do this unless this column is true. t (true): yes f (false): no
userepl	boolean	-	Whether the user can initiate streaming replication and put the system in and out of backup mode t (true): yes f (false): no
passwd	text	-	Password (possibly encrypted); null if none. See PG_AUTHID for details about how encrypted passwords are stored.
valbegin	timestamp with time zone	-	Account validity period start time (null if no start time)
valuntil	timestamp with time zone	-	Password expiry time (null if no expiration)
respool	name	-	Resource pool used by the user
parent	oid	-	Parent resource pool
spacelimit	text	-	Storage space of the permanent table
useconfig	text[ ]	-	Session defaults for runtime configuration variables
tempspacelimit	text	-	Storage space of the temporary table
spillspacelimit	text	-	Operator disk flushing space
usemonitoradmin	boolean	-	Whether the user is a monitor administrator t (true): yes f (false): no
useoperatoradmin	boolean	-	Whether the user is an O&M administrator t (true): yes f (false): no
usepolicyadmin	boolean	-	Whether the user is a security policy administrator t (true): yes f (false): no