Database Credentials for Render Postgres

Add database users and perform zero-downtime rotations.

You can add and delete PostgreSQL users from your Render Postgres database. This is most commonly helpful for performing a credential rotation.

Managing PostgreSQL users

The default user

Whenever you add a PostgreSQL user to your database, that user becomes the database's new "default" user:

The default user's credentials appear in your database's connection URLs shown in the Render Dashboard.
Default user credentials are also used by environment variables that reference connection strings in a Render Blueprint.
- Whenever the default user changes, these environment variables update their value on the next Blueprint sync.
All other existing PostgreSQL users remain valid. However, you can no longer view credentials for the previous default user.

Adding a user

Render only manages PostgreSQL users that you add via the Dashboard or API.

If you add a user directly with the CREATE USER command, Render does not manage that user:

It doesn't replace your database's default user on creation.
It doesn't appear in the Render Dashboard or API.

Add a new Render-managed PostgreSQL user to your database with any of the following methods:

Dashboard

From your database's Info page in the Render Dashboard, scroll down to the Credentials section:
Click + New default credential.

The creation dialog appears.
Optionally provide a username for the new credential. If you don't, Render generates one for you.
Click Create Credential.

That's it! Your newly created user appears in the table as the new default user for your database.

API

Using the Render API, you can create a new credential with the Create Postgres Credential endpoint.

Provide a username in your request body:

json

{
  "username": "my_new_user"
}

Viewing users

You can view the active PostgreSQL users for your database. Note that these methods only show users that you added with one of the methods above, not built-in PostgreSQL roles or users created via CREATE USER.

Dashboard

From your database's Info page in the Render Dashboard, scroll down to the Credentials section. This section displays all active users, with the default user indicated by a label:

Postgres credentials in the Render Dashboard

API

Using the Render API, you can list all PostgreSQL users with the List Postgres credentials endpoint.

Each object in the response array includes username, createdAt, and default properties. The default property is true for the default user.

Deleting a user

You can delete PostgreSQL users if they have compromised credentials or are no longer needed.

You can't delete your database's current default user.

To perform a credential rotation involving the default user, first create a new user to make it the new default. You can then delete the previous default user.

Dashboard

From your database's Info page in the Render Dashboard, scroll down to the Credentials section:
Click the trashcan icon next to the user you want to delete.
Confirm the deletion.

That's it! The user and its credentials are removed immediately.

API

Using the Render API, you can delete a credential with the Delete Postgres credential endpoint.

Render never fully deletes your database's original user.

If you "delete" the original user, Render actually deactivates it by revoking its login privileges. This is a safeguard to preserve database objects owned by the original user.

Rotating credentials

The following diagram illustrates performing a zero-downtime credential rotation for your database (steps described below):

Add a new PostgreSQL user to your database.
Update the configuration of all apps and services that connect to your database to use the new user's credentials.
- For Blueprint-managed services that dynamically reference the database's connection string, perform a manual Blueprint sync to update the environment variable.
Redeploy all of your connected apps and services with the updated credentials.
Monitor your database to confirm when no connections are using the original user's credentials.

You can help confirm this with a query like the following (substitute the original user's name where indicated):
sql
```
SELECT COUNT(*) FROM pg_stat_activity WHERE usename = 'ORIGINAL_USER_NAME_HERE';
```
Delete the original user.

Webhook support

Credential management actions trigger the following webhook events:

Event	Description
`PostgresCredentialsCreated`	Triggers when a PostgreSQL user is created.
`PostgresCredentialsDeleted`	Triggers when a PostgreSQL user is deleted.