Symptoms
The authorization specification is invalid (authentication failure).
- The error is written to the server log and returned to the client carrying
SQLSTATE 28000. - Any driver (libpq, JDBC, psycopg, npgsql, pgx) surfaces this code in its error object so you can branch on it programmatically.
- PL/pgSQL can trap it by name:
EXCEPTION WHEN invalid_authorization_specification THEN.
Environment
Severity: ERROR | PostgreSQL versions: 12, 13, 14, 15, 16, 17
Reproduce with the exact statement and read the full message in the server log (raise log_min_messages / set log_min_error_statement for more context).
Root Cause
The connection failed authorization — the role, method, or host combination is not permitted.
Diagnostic Queries
Recovery
Steps to resolve 28000:
- Verify the role exists and has
LOGIN. - Add or fix the matching
pg_hba.confrule and reload. - Confirm the client connects from an allowed host with the expected method.
Reference: PostgreSQL error codes — Class 28 (Invalid Authorization Specification).
Was this helpful?
Thanks — noted. This helps keep the database accurate.