How to Fix "access denied" in ParadeDB (PostgreSQL)

How do I resolve “access denied” errors when querying ParadeDB?

The error indicates the current role lacks the required privileges to run a ParadeDB function or access a table / index.

Welcome to the Galaxy, Guardian!
You'll be receiving a confirmation email

Follow us on twitter :)

Oops! Something went wrong while submitting the form.

Description

Example H2

Example H3

Why does ParadeDB return “access denied”?

ParadeDB inherits PostgreSQL’s role-based security. If your role lacks privileges on a table, function, or extension object, the server blocks the statement and throws “access denied.”

Which privileges does ParadeDB check?

Queries need USAGE on schemas, EXECUTE on functions (e.g., paradedb.search), and SELECT/INSERT/UPDATE/DELETE on tables or indexes involved. Missing any of these yields the error.

How do I list missing privileges quickly?

Run EXPLAIN first; ParadeDB shows the objects it will touch.Compare that list with information_schema.role_* views or \\dp in psql.

What’s the fastest fix?

Grant only the minimum rights. Example: grant EXECUTE on the paradedb schema’s search function plus SELECT on the target embedding index.

Step-by-step

1) Create a role, 2) grant usage on the schema, 3) grant function execute, 4) grant table/index privileges, 5) test the query.

Can I automate privilege grants?

Yes.Wrap the GRANT statements in a migration script and run them whenever you deploy a new ParadeDB index.

Best practices for ParadeDB security

• Use separate roles for reads and writes. • Never grant superuser unless required. • Audit \\dp output in CI. • Revoke default PUBLIC rights.

Is role membership enough?

A member inherits privileges from its parent role, but SET ROLE may be required inside pooled sessions.

Why How to Fix "access denied" in ParadeDB (PostgreSQL) is important

How to Fix "access denied" in ParadeDB (PostgreSQL) Example Usage


-- Allow the app user to run vector search but nothing else
GRANT USAGE ON SCHEMA paradedb TO app_user;
GRANT EXECUTE ON FUNCTION paradedb.search(text, integer) TO app_user;
GRANT SELECT ON TABLE products_embedding_idx TO app_user;

How to Fix "access denied" in ParadeDB (PostgreSQL) Syntax


GRANT { { SELECT | INSERT | UPDATE | DELETE | TRUNCATE | REFERENCES | TRIGGER }
     [, ...] | ALL [ PRIVILEGES ] }
ON TABLE <schema>.<table_name>
TO <role_name> [ WITH GRANT OPTION ];

GRANT EXECUTE ON FUNCTION <schema>.paradedb_search(<arg_types>) TO <role_name>;

GRANT USAGE ON SCHEMA <schema> TO <role_name>;

REVOKE ALL ON <object> FROM PUBLIC;

Common Mistakes

Granting ALL PRIVILEGES to fix the error. Over-granting breaks least-privilege and increases risk. Instead, grant only the needed rights (e.g., EXECUTE on functions).
Ignoring schema USAGE. Even with table SELECT rights, missing USAGE on the schema triggers “access denied.” Always grant USAGE first.