Hasty Briefsbeta

PostgreSQL 20.15: OAuth Authorization/Authentication

4 hours ago
https://www.postgresql.org/docs/18/auth-oauth.html
Copy Link
  • #Authentication
  • #PostgreSQL
  • #OAuth
  • OAuth 2.0 is an industry-standard framework for third-party applications to access protected resources.
  • PostgreSQL requires OAuth client support to be enabled during build.
  • Key OAuth roles include Resource Owner (end user), Client (e.g., psql), Resource Server (PostgreSQL cluster), and Provider.
  • Authorization Server issues access tokens but is not provided by PostgreSQL.
  • Issuer Identifier is an HTTPS URL providing a trusted namespace for OAuth clients.
  • Bearer tokens, opaque strings defined in RFC 6750, are supported by PostgreSQL.
  • Configuration options include issuer (required HTTPS URL), scope (required space-separated list), validator (optional library), and map (optional user name mapping).
  • Advanced option delegate_ident_mapping shifts identity mapping responsibility to the OAuth validator, bypassing pg_ident.conf.
AboutLogin