# Authentication on PostgreSQL

### PostgreSQL Roles and Authentication Methods

PostgreSQL handles database access permissions using the concept of roles. Depending on how you set up the role, it can represent a database user or a group of database users.

PostgreSQL supports several authentication methods . The most frequently used methods are:

* <mark style="color:orange;">`Trust`</mark> - A role can connect without a password, as long as the criteria defined in the <mark style="color:orange;">`pg_hba.conf`</mark> are met
* <mark style="color:orange;">`Password`</mark> - A role can connect by providing a password. The passwords can be stored as scram-sha-256 md5 and password (clear-text)
* <mark style="color:orange;">`Ident`</mark> - Only supported for TCP/IP connections. It works by obtaining the client’s operating system user name, with an optional user name mapping.
* <mark style="color:orange;">`Peer`</mark> - Same as Ident, but it is only supported on local connections.

PostgreSQL client authentication is defined in the configuration file named <mark style="color:orange;">`pg_hba.conf`</mark>. For local connections, PostgreSQL is set to use the peer authentication method.

The **“**<mark style="color:orange;">**postgres**</mark>**”** user is automatically created when PostgreSQL is installed. This user is the superuser for the PostgreSQL instance, and it is equivalent to the MySQL <mark style="color:orange;">`root`</mark> user.

To log in to the PostgreSQL server as **“**<mark style="color:orange;">**postgres**</mark>**”**, switch to the user postgres and access a PostgreSQL prompt using the <mark style="color:orange;">`psql`</mark> utility:

```bash
sudo su - postgres
psql
```

To Exit:

```bash
\q
```

You can use the sudo command to access the PostgreSQL prompt without switching users:

```bash
sudo -u postgres psql
```

*The <mark style="color:orange;">`postgres`</mark> user is typically used only from the <mark style="color:orange;">`localhost`</mark>*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.arkannis.net/database/postgresql/authentication-on-postgresql.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.