Users & Privileges

PulseDB lets you manage PostgreSQL database users and their privileges directly from the web interface. View user attributes, monitor active connections, and control access to schemas and tables.

User list

The Users page displays a table of all database roles with key attributes:

ColumnDescription
UsernameRole name with user icon
AttributesTags for Login, Superuser, Create DB, Replication
Member OfRole memberships (groups the user belongs to)
ConnectionsActive connection count (badge)
Valid UntilPassword expiry date (∞ for no expiry)

System roles (postgres, pg_*) are shown but protected from deletion.

Creating a user

Click Create User to open the creation modal with the following fields:

FieldDescription
UsernameThe role name
PasswordLogin password
Can LoginAllow connection to the database
SuperuserBypass all privilege checks
Create DBAllow creating new databases
ReplicationAllow replication connections
Valid UntilOptional password expiration date

The underlying SQL is equivalent to CREATE ROLE with the specified options and password.

Dropping a user

  1. Click the delete icon next to any non-system user
  2. Confirm in the dialog
  3. The user is removed with DROP ROLE IF EXISTS

System users (postgres, pg_*) cannot be dropped from the interface.

Managing privileges

Click Grants on any user row to expand a panel showing its current privileges, grouped by schema and table.

Each row displays:

  • Schema — the schema name
  • Table — the table name
  • Privileges — granted permissions (SELECT, INSERT, UPDATE, DELETE, etc.) as tags
  • Grantable — whether the user can grant these privileges to others

Granting privileges

Use the API to grant privileges on a schema or table:

ts
{ targetType: "TABLE" | "SCHEMA", targetSchema: "public", targetTable?: "users", // required for TABLE type privileges: ["SELECT", "INSERT"], grantOption: false }

Revoking privileges

Privileges are revoked per schema/table by specifying the exact set of permissions to remove.

Privilege types

Common PostgreSQL privileges you can manage:

PrivilegeDescription
SELECTRead rows from a table
INSERTInsert new rows
UPDATEModify existing rows
DELETERemove rows
TRUNCATETruncate a table
REFERENCESCreate foreign key references
TRIGGERCreate triggers on a table
ALLAll privileges

Encryption

User passwords are encrypted at rest using AES-256-GCM and are never exposed in API responses or the user interface.