pg_roles

The view pg_roles provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field.

This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.

Table 47-64. pg_roles Columns

Name Type References Description
rolname name Role name
rolsuper bool Role has superuser privileges
rolinherit bool Role automatically inherits privileges of roles it is a member of
rolcreaterole bool Role can create more roles
rolcreatedb bool Role can create databases
rolcatupdate bool Role can update system catalogs directly. (Even a superuser cannot do this unless this column is true)
rolcanlogin bool Role can log in. That is, this role can be given as the initial session authorization identifier
rolreplication bool Role is a replication role. That is, this role can initiate streaming replication (see Section 25.2.5 ) and set/unset the system backup mode using pg_start_backup and pg_stop_backup
rolconnlimit int4 For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit.
rolpassword text Not the password (always reads as ******** )
rolvaliduntil timestamptz Password expiry time (only used for password authentication); null if no expiration
rolconfig text[] Role-specific defaults for run-time configuration variables
oid oid pg_authid .oid ID of role