Supported Versions: Current (16) / 15 / 14 / 13 / 12
Development Versions: devel
Unsupported versions: 11 / 10 / 9.6 / 9.5 / 9.4 / 9.3 / 9.2 / 9.1 / 9.0 / 8.4 / 8.3 / 8.2 / 8.1 / 8.0 / 7.4 / 7.3 / 7.2 / 7.1
This documentation is for an unsupported version of PostgreSQL.
You may want to view the same page for the current version, or one of the other supported versions listed above instead.

Chapter 7. Database Users and Permissions

Table of Contents
7.1. Database Users
7.2. Groups
7.3. Privileges
7.4. Functions and Triggers

Managing database users and their privileges is in concept similar to that of Unix operating systems, but then again not identical enough to not warrant explanation.

7.1. Database Users

Database users are conceptually completely separate from any operating system users. In practice it might be convenient to maintain a correspondence, but this is not required. Database user names are global across a database cluster installation (and not per individual database). To create a user use the CREATE USER SQL command:

name follows the rules for SQL identifiers: either unadorned without special characters, or double-quoted. To remove an existing user, use the analog DROP USER command.

For convenience, the shell scripts createuser and dropuser are wrappers around these SQL commands.

In order to bootstrap the database system, a freshly initialized system always contains one predefined user. This user will have the same name as the operating system user that initialized the area (and is presumably being used as the user that runs the server). Thus, often an initial user "postgres" exists. In order to create more users you have to first connect as this initial user.

The user name to use for a particular database connection is indicated by the client that is initiating the connection request in an application-specific fashion. For example, the psql program uses the -U command line option to indicate the user to connect as. The set of database users a given client connection may connect as is determined by the client authentication setup, as explained in Chapter 4. (Thus, a client is not necessarily limited to connect as the user with the same name as its operating system user in the same way a person is not constrained in its login name by her real name.)

7.1.1. User attributes

A database user may have a number of attributes that define its privileges and interact with the client authentication system.


A database superuser bypasses all permission checks. Also, only a superuser can create new users. To create a database superuser, use CREATE USER name CREATEUSER.

database creation

A user must be explicitly given permission to create databases (except for superusers, since those bypass all permission checks). To create such a user, use CREATE USER name CREATEDB.


A password is only significant if password authentication is used for client authentication. Database passwords a separate from any operating system passwords. Specify a password upon user creating as in CREATE USER name WITH PASSWORD 'string'.

See the reference pages for CREATE USER and ALTER USER for details.