Extensions
pg_session_jwt

pg_session_jwt

pg_session_jwt : Manage authentication sessions using JWTs

Overview

IDExtensionPackageVersionCategoryLicenseLanguage
7040
pg_session_jwt
pg_session_jwt
0.4.0
SEC
Apache-2.0
Rust
AttributeHas BinaryHas LibraryNeed LoadHas DDLRelocatableTrusted
--s-dt-
No
Yes
No
Yes
no
yes
Relationships
Schemasauth
See Also
pgjwt
pgaudit
pgsodium
supabase_vault
anon

manual updated pgrx by Vonng

Packages

TypeRepoVersionPG Major CompatibilityPackage PatternDependencies
EXT
PIGSTY
0.4.0
18
17
16
15
14
pg_session_jwt-
RPM
PIGSTY
0.4.0
18
17
16
15
14
pg_session_jwt_$v-
DEB
PIGSTY
0.4.0
18
17
16
15
14
postgresql-$v-pg-session-jwt-
Linux / PGPG18PG17PG16PG15PG14
el8.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
el8.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
el9.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
el9.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
el10.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
el10.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
d12.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
d12.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
d13.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
d13.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
u22.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
u22.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
u24.x86_64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
u24.aarch64
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PIGSTY 0.4.0
PackageVersionOSORGSIZEFile URL
pg_session_jwt_180.4.0el8.x86_64pigsty435.6 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el8.x86_64.rpm
pg_session_jwt_180.4.0el8.aarch64pigsty308.5 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el8.aarch64.rpm
pg_session_jwt_180.4.0el9.x86_64pigsty450.7 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el9.x86_64.rpm
pg_session_jwt_180.4.0el9.aarch64pigsty327.7 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el9.aarch64.rpm
pg_session_jwt_180.4.0el10.x86_64pigsty450.8 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el10.x86_64.rpm
pg_session_jwt_180.4.0el10.aarch64pigsty327.8 KiBpg_session_jwt_18-0.4.0-1PIGSTY.el10.aarch64.rpm
postgresql-18-pg-session-jwt0.4.0d12.x86_64pigsty364.4 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~bookworm_amd64.deb
postgresql-18-pg-session-jwt0.4.0d12.aarch64pigsty245.5 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~bookworm_arm64.deb
postgresql-18-pg-session-jwt0.4.0d13.x86_64pigsty363.7 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~trixie_amd64.deb
postgresql-18-pg-session-jwt0.4.0d13.aarch64pigsty245.8 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~trixie_arm64.deb
postgresql-18-pg-session-jwt0.4.0u22.x86_64pigsty406.9 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~jammy_amd64.deb
postgresql-18-pg-session-jwt0.4.0u22.aarch64pigsty284.0 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~jammy_arm64.deb
postgresql-18-pg-session-jwt0.4.0u24.x86_64pigsty403.1 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~noble_amd64.deb
postgresql-18-pg-session-jwt0.4.0u24.aarch64pigsty281.6 KiBpostgresql-18-pg-session-jwt_0.4.0-1PIGSTY~noble_arm64.deb
PackageVersionOSORGSIZEFile URL
pg_session_jwt_170.4.0el8.x86_64pigsty435.8 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el8.x86_64.rpm
pg_session_jwt_170.4.0el8.aarch64pigsty308.5 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el8.aarch64.rpm
pg_session_jwt_170.4.0el9.x86_64pigsty450.8 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el9.x86_64.rpm
pg_session_jwt_170.4.0el9.aarch64pigsty327.8 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el9.aarch64.rpm
pg_session_jwt_170.4.0el10.x86_64pigsty451.4 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el10.x86_64.rpm
pg_session_jwt_170.4.0el10.aarch64pigsty327.8 KiBpg_session_jwt_17-0.4.0-1PIGSTY.el10.aarch64.rpm
postgresql-17-pg-session-jwt0.4.0d12.x86_64pigsty364.2 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~bookworm_amd64.deb
postgresql-17-pg-session-jwt0.4.0d12.aarch64pigsty245.4 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~bookworm_arm64.deb
postgresql-17-pg-session-jwt0.4.0d13.x86_64pigsty364.0 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~trixie_amd64.deb
postgresql-17-pg-session-jwt0.4.0d13.aarch64pigsty245.6 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~trixie_arm64.deb
postgresql-17-pg-session-jwt0.4.0u22.x86_64pigsty407.3 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~jammy_amd64.deb
postgresql-17-pg-session-jwt0.4.0u22.aarch64pigsty284.0 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~jammy_arm64.deb
postgresql-17-pg-session-jwt0.4.0u24.x86_64pigsty403.3 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~noble_amd64.deb
postgresql-17-pg-session-jwt0.4.0u24.aarch64pigsty281.6 KiBpostgresql-17-pg-session-jwt_0.4.0-1PIGSTY~noble_arm64.deb
PackageVersionOSORGSIZEFile URL
pg_session_jwt_160.4.0el8.x86_64pigsty435.6 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el8.x86_64.rpm
pg_session_jwt_160.4.0el8.aarch64pigsty308.5 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el8.aarch64.rpm
pg_session_jwt_160.4.0el9.x86_64pigsty451.2 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el9.x86_64.rpm
pg_session_jwt_160.4.0el9.aarch64pigsty327.7 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el9.aarch64.rpm
pg_session_jwt_160.4.0el10.x86_64pigsty451.4 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el10.x86_64.rpm
pg_session_jwt_160.4.0el10.aarch64pigsty327.7 KiBpg_session_jwt_16-0.4.0-1PIGSTY.el10.aarch64.rpm
postgresql-16-pg-session-jwt0.4.0d12.x86_64pigsty363.6 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~bookworm_amd64.deb
postgresql-16-pg-session-jwt0.4.0d12.aarch64pigsty245.5 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~bookworm_arm64.deb
postgresql-16-pg-session-jwt0.4.0d13.x86_64pigsty364.4 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~trixie_amd64.deb
postgresql-16-pg-session-jwt0.4.0d13.aarch64pigsty245.6 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~trixie_arm64.deb
postgresql-16-pg-session-jwt0.4.0u22.x86_64pigsty407.0 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~jammy_amd64.deb
postgresql-16-pg-session-jwt0.4.0u22.aarch64pigsty284.0 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~jammy_arm64.deb
postgresql-16-pg-session-jwt0.4.0u24.x86_64pigsty403.1 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~noble_amd64.deb
postgresql-16-pg-session-jwt0.4.0u24.aarch64pigsty281.2 KiBpostgresql-16-pg-session-jwt_0.4.0-1PIGSTY~noble_arm64.deb
PackageVersionOSORGSIZEFile URL
pg_session_jwt_150.4.0el8.x86_64pigsty435.3 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el8.x86_64.rpm
pg_session_jwt_150.4.0el8.aarch64pigsty308.4 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el8.aarch64.rpm
pg_session_jwt_150.4.0el9.x86_64pigsty450.9 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el9.x86_64.rpm
pg_session_jwt_150.4.0el9.aarch64pigsty327.7 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el9.aarch64.rpm
pg_session_jwt_150.4.0el10.x86_64pigsty451.0 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el10.x86_64.rpm
pg_session_jwt_150.4.0el10.aarch64pigsty327.8 KiBpg_session_jwt_15-0.4.0-1PIGSTY.el10.aarch64.rpm
postgresql-15-pg-session-jwt0.4.0d12.x86_64pigsty363.9 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~bookworm_amd64.deb
postgresql-15-pg-session-jwt0.4.0d12.aarch64pigsty245.5 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~bookworm_arm64.deb
postgresql-15-pg-session-jwt0.4.0d13.x86_64pigsty363.5 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~trixie_amd64.deb
postgresql-15-pg-session-jwt0.4.0d13.aarch64pigsty246.0 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~trixie_arm64.deb
postgresql-15-pg-session-jwt0.4.0u22.x86_64pigsty406.8 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~jammy_amd64.deb
postgresql-15-pg-session-jwt0.4.0u22.aarch64pigsty284.0 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~jammy_arm64.deb
postgresql-15-pg-session-jwt0.4.0u24.x86_64pigsty402.7 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~noble_amd64.deb
postgresql-15-pg-session-jwt0.4.0u24.aarch64pigsty281.3 KiBpostgresql-15-pg-session-jwt_0.4.0-1PIGSTY~noble_arm64.deb
PackageVersionOSORGSIZEFile URL
pg_session_jwt_140.4.0el8.x86_64pigsty435.3 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el8.x86_64.rpm
pg_session_jwt_140.4.0el8.aarch64pigsty308.6 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el8.aarch64.rpm
pg_session_jwt_140.4.0el9.x86_64pigsty451.0 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el9.x86_64.rpm
pg_session_jwt_140.4.0el9.aarch64pigsty327.7 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el9.aarch64.rpm
pg_session_jwt_140.4.0el10.x86_64pigsty451.1 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el10.x86_64.rpm
pg_session_jwt_140.4.0el10.aarch64pigsty327.7 KiBpg_session_jwt_14-0.4.0-1PIGSTY.el10.aarch64.rpm
postgresql-14-pg-session-jwt0.4.0d12.x86_64pigsty363.8 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~bookworm_amd64.deb
postgresql-14-pg-session-jwt0.4.0d12.aarch64pigsty245.6 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~bookworm_arm64.deb
postgresql-14-pg-session-jwt0.4.0d13.x86_64pigsty363.7 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~trixie_amd64.deb
postgresql-14-pg-session-jwt0.4.0d13.aarch64pigsty245.8 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~trixie_arm64.deb
postgresql-14-pg-session-jwt0.4.0u22.x86_64pigsty406.7 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~jammy_amd64.deb
postgresql-14-pg-session-jwt0.4.0u22.aarch64pigsty284.0 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~jammy_arm64.deb
postgresql-14-pg-session-jwt0.4.0u24.x86_64pigsty403.1 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~noble_amd64.deb
postgresql-14-pg-session-jwt0.4.0u24.aarch64pigsty281.7 KiBpostgresql-14-pg-session-jwt_0.4.0-1PIGSTY~noble_arm64.deb

Source

Repository
github.com/neondatabase/pg_session_jwt
Source Tarball
pg_session_jwt-0.4.0.tar.gz
pig build pkg pg_session_jwt;		# build rpm/deb

Install

Make sure PGDG and PIGSTY repo available:

pig repo add pgsql -u   # add both repo and update cache

Install this extension with pig:

pig install pg_session_jwt;		# install via package name, for the active PG version

pig install pg_session_jwt -v 18;   # install for PG 18
pig install pg_session_jwt -v 17;   # install for PG 17
pig install pg_session_jwt -v 16;   # install for PG 16
pig install pg_session_jwt -v 15;   # install for PG 15
pig install pg_session_jwt -v 14;   # install for PG 14

Create this extension with:

CREATE EXTENSION pg_session_jwt;

Usage

pg_session_jwt: JWT session management for PostgreSQL

pg_session_jwt handles authenticated sessions through JWTs. When configured with a JWK, it verifies JWT authenticity. Without a JWK, it falls back to PostgREST-compatible request.jwt.claims.

CREATE EXTENSION pg_session_jwt;

Mode 1: JWK Validation

Set the JWK at connection time via libpq options:

export PGOPTIONS="-c pg_session_jwt.jwk=$MY_JWK"

Then within the session:

SELECT auth.init();                        -- Initialize with JWK
SELECT auth.jwt_session_init('eyJ...');    -- Set and validate the JWT
SELECT auth.user_id();                     -- Get the 'sub' claim
SELECT auth.session();                     -- Get full JWT payload as JSONB

Mode 2: PostgREST-Compatible (No JWK)

Works out of the box with PostgREST. No initialization needed:

SELECT auth.user_id();   -- Returns 'sub' from request.jwt.claims
SELECT auth.session();   -- Returns full claims as JSONB

Functions

FunctionReturnsDescription
auth.init()voidInitialize session using JWK
auth.jwt_session_init(jwt text)voidSet and validate a JWT
auth.session()jsonbGet JWT payload or fallback claims
auth.jwt()jsonbAlias for auth.session()
auth.user_id()textGet the sub claim
auth.uid()uuidGet sub as UUID (or NULL)

Configuration

ParameterDescription
pg_session_jwt.jwkJWK for JWT validation (set at startup or connection)
pg_session_jwt.audit_logEnable audit logging (on/off)

RLS Example 

CREATE POLICY user_isolation ON my_table
    USING (user_id = auth.user_id());
Last updated on
supabase_vaultanon