<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >pg_authid</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REV="MADE" HREF="mailto:pgsql-docs@postgresql.org"><LINK REL="HOME" TITLE="PostgreSQL 9.2.13 Documentation" HREF="index.html"><LINK REL="UP" TITLE="System Catalogs" HREF="catalogs.html"><LINK REL="PREVIOUS" TITLE="pg_attribute" HREF="catalog-pg-attribute.html"><LINK REL="NEXT" TITLE="pg_auth_members" HREF="catalog-pg-auth-members.html"><LINK REL="STYLESHEET" TYPE="text/css" HREF="stylesheet.css"><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"><META NAME="creation" CONTENT="2015-06-13T20:07:41"></HEAD ><BODY CLASS="SECT1" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="5" ALIGN="center" VALIGN="bottom" ><A HREF="index.html" >PostgreSQL 9.2.13 Documentation</A ></TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A TITLE="pg_attribute" HREF="catalog-pg-attribute.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A HREF="catalogs.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="60%" ALIGN="center" VALIGN="bottom" >Chapter 45. System Catalogs</TD ><TD WIDTH="20%" ALIGN="right" VALIGN="top" ><A TITLE="pg_auth_members" HREF="catalog-pg-auth-members.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="CATALOG-PG-AUTHID" >45.8. <TT CLASS="STRUCTNAME" >pg_authid</TT ></A ></H1 ><P > The catalog <TT CLASS="STRUCTNAME" >pg_authid</TT > contains information about database authorization identifiers (roles). A role subsumes the concepts of <SPAN CLASS="QUOTE" >"users"</SPAN > and <SPAN CLASS="QUOTE" >"groups"</SPAN >. A user is essentially just a role with the <TT CLASS="STRUCTFIELD" >rolcanlogin</TT > flag set. Any role (with or without <TT CLASS="STRUCTFIELD" >rolcanlogin</TT >) can have other roles as members; see <A HREF="catalog-pg-auth-members.html" ><TT CLASS="STRUCTNAME" >pg_auth_members</TT ></A >. </P ><P > Since this catalog contains passwords, it must not be publicly readable. <A HREF="view-pg-roles.html" ><TT CLASS="STRUCTNAME" >pg_roles</TT ></A > is a publicly readable view on <TT CLASS="STRUCTNAME" >pg_authid</TT > that blanks out the password field. </P ><P > <A HREF="user-manag.html" >Chapter 20</A > contains detailed information about user and privilege management. </P ><P > Because user identities are cluster-wide, <TT CLASS="STRUCTNAME" >pg_authid</TT > is shared across all databases of a cluster: there is only one copy of <TT CLASS="STRUCTNAME" >pg_authid</TT > per cluster, not one per database. </P ><DIV CLASS="TABLE" ><A NAME="AEN89016" ></A ><P ><B >Table 45-8. <TT CLASS="STRUCTNAME" >pg_authid</TT > Columns</B ></P ><TABLE BORDER="1" CLASS="CALSTABLE" ><COL><COL><COL><THEAD ><TR ><TH >Name</TH ><TH >Type</TH ><TH >Description</TH ></TR ></THEAD ><TBODY ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolname</TT ></TD ><TD ><TT CLASS="TYPE" >name</TT ></TD ><TD >Role name</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolsuper</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD >Role has superuser privileges</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolinherit</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD >Role automatically inherits privileges of roles it is a member of</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolcreaterole</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD >Role can create more roles</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolcreatedb</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD >Role can create databases</TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolcatupdate</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD > Role can update system catalogs directly. (Even a superuser cannot do this unless this column is true) </TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolcanlogin</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD > Role can log in. That is, this role can be given as the initial session authorization identifier </TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolreplication</TT ></TD ><TD ><TT CLASS="TYPE" >bool</TT ></TD ><TD > Role is a replication role. That is, this role can initiate streaming replication (see <A HREF="warm-standby.html#STREAMING-REPLICATION" >Section 25.2.5</A >) and set/unset the system backup mode using <CODE CLASS="FUNCTION" >pg_start_backup</CODE > and <CODE CLASS="FUNCTION" >pg_stop_backup</CODE > </TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolconnlimit</TT ></TD ><TD ><TT CLASS="TYPE" >int4</TT ></TD ><TD > For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit. </TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolpassword</TT ></TD ><TD ><TT CLASS="TYPE" >text</TT ></TD ><TD > Password (possibly encrypted); null if none. If the password is encrypted, this column will begin with the string <TT CLASS="LITERAL" >md5</TT > followed by a 32-character hexadecimal MD5 hash. The MD5 hash will be of the user's password concatenated to their user name. For example, if user <TT CLASS="LITERAL" >joe</TT > has password <TT CLASS="LITERAL" >xyzzy</TT >, <SPAN CLASS="PRODUCTNAME" >PostgreSQL</SPAN > will store the md5 hash of <TT CLASS="LITERAL" >xyzzyjoe</TT >. A password that does not follow that format is assumed to be unencrypted. </TD ></TR ><TR ><TD ><TT CLASS="STRUCTFIELD" >rolvaliduntil</TT ></TD ><TD ><TT CLASS="TYPE" >timestamptz</TT ></TD ><TD >Password expiry time (only used for password authentication); null if no expiration</TD ></TR ></TBODY ></TABLE ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="catalog-pg-attribute.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="catalog-pg-auth-members.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><TT CLASS="STRUCTNAME" >pg_attribute</TT ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="catalogs.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><TT CLASS="STRUCTNAME" >pg_auth_members</TT ></TD ></TR ></TABLE ></DIV ></BODY ></HTML >