48.64. pg_roles

The view pg_roles provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field.

This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.

Table 48-65. pg_roles Columns

NameTypeReferencesDescription
rolnamename Role name
rolsuperbool Role has superuser privileges
rolinheritbool Role automatically inherits privileges of roles it is a member of
rolcreaterolebool Role can create more roles
rolcreatedbbool Role can create databases
rolcatupdatebool  Role can update system catalogs directly. (Even a superuser cannot do this unless this column is true)
rolcanloginbool  Role can log in. That is, this role can be given as the initial session authorization identifier
rolreplicationbool  Role is a replication role. That is, this role can initiate streaming replication (see Section 25.2.5) and set/unset the system backup mode using pg_start_backup and pg_stop_backup
rolconnlimitint4  For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit.
rolpasswordtext Not the password (always reads as ********)
rolvaliduntiltimestamptz Password expiry time (only used for password authentication); null if no expiration
rolconfigtext[] Role-specific defaults for run-time configuration variables
oidoidpg_authid.oidID of role