pg_authid — PostgreSQL system catalog

Summary

The catalog pg_authid contains information about database authorization identifiers (roles). A role subsumes the concepts of “users” and “groups”. A user is essentially just a role with the rolcanlogin flag set. Any role (with or without rolcanlogin) can have other roles as members; see pg_auth_members.

(Description quoted from the official PostgreSQL documentation.)

Columns

The pg_authid system catalog exposes the following columns (names, types and descriptions are taken verbatim from the PostgreSQL documentation):

• oid oid
  Row identifier
• rolname name
  Role name
• rolsuper bool
  Role has superuser privileges
• rolinherit bool
  Role automatically inherits privileges of roles it is a member of
• rolcreaterole bool
  Role can create more roles
• rolcreatedb bool
  Role can create databases
• rolcanlogin bool
  Role can log in. That is, this role can be given as the initial session authorization identifier.
• rolreplication bool
  Role is a replication role. A replication role can initiate replication connections and create and drop replication slots.
• rolbypassrls bool
  Role bypasses every row-level security policy, see ddl_rowsecurity for more information.
• rolconnlimit int4
  For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit.
• rolpassword text
  Encrypted password; null if none. The format depends on the form of encryption used.
• rolvaliduntil timestamptz
  Password expiry time (only used for password authentication); null if no expiration

Version applicability

Present in PostgreSQL 17, 18, 19 (verified against each release’s documentation). This is a long-standing system object that also exists in earlier PostgreSQL releases.

Related & references

• PostgreSQL system catalog & view index
• Built-in function reference

Reference: PostgreSQL documentation — pg_authid.