SQL SESSION_USER

What is SQL SESSION_USER?

SESSION_USER returns the database username that initiated the current connection (the session owner).

Welcome to the Galaxy, Guardian!
You'll be receiving a confirmation email

Follow us on twitter :)

Oops! Something went wrong while submitting the form.

Compatible dialects for SQL SESSION_USER: PostgreSQL, SQL Server, MySQL, MariaDB, SAP HANA. Emulated in Oracle via SYS_CONTEXT. Not available in SQLite.

SQL SESSION_USER Full Explanation

SESSION_USER is a system-supplied identifier defined in the SQL Standard. When referenced in a query it yields the authorization identifier (username) that originally authenticated the current session, regardless of role changes or SET ROLE commands that may occur later in the transaction. It is evaluated once at connection time and remains constant until the session ends. Unlike CURRENT_USER, which can change when roles are set, SESSION_USER remains the original login name, making it useful for auditing or row-level security rules that must track the true originator of the session.In most engines SESSION_USER is exposed as a parameterless scalar function or reserved keyword that can be selected like any other column. Because it does not access user tables, it is fast and deterministic. However, its exact output format can differ:- PostgreSQL and SQL Server return just the user/role name.- MySQL returns user@host.- Case sensitivity follows the rules of the underlying catalog.If the connection uses OS authentication, SESSION_USER will equal the mapped database principal. In pooled connections the value reflects the identity supplied when the pool slot was created.

SQL SESSION_USER Syntax

-- ANSI style
SELECT SESSION_USER;

-- T-SQL
SELECT SESSION_USER;

SQL SESSION_USER Parameters

Example Queries Using SQL SESSION_USER

-- Inspect who opened the session
SELECT SESSION_USER;

-- Compare with CURRENT_USER after switching roles (PostgreSQL)
RESET ROLE;
SELECT SESSION_USER  AS session_login,
       CURRENT_USER  AS effective_user;

-- Insert audit trail row
INSERT INTO audit_log(action, acted_by)
VALUES ('DELETE from orders', SESSION_USER);

Expected Output Using SQL SESSION_USER

Each statement returns a single-row, single-column result containing the session owner's username
In the audit example, a new row is written with the correct originator

Use Cases with SQL SESSION_USER

Populate audit tables with the true login regardless of role changes
Implement row-level security policies tied to the original session owner
Debug connection pooling issues by confirming which user actually logged in
Compare against CURRENT_USER to detect role escalation at runtime

Common Mistakes with SQL SESSION_USER

Assuming SESSION_USER changes after SET ROLE or EXECUTE AS; it does not
Confusing SESSION_USER with SYSTEM_USER (SQL Server) or USER(); outputs differ by dialect
Expecting Oracle to have a direct keyword; it requires SYS_CONTEXT('USERENV','SESSION_USER')
Forgetting that MySQL returns user@host, which may break simple equality comparisons

First Introduced In

SQL-92

Frequently Asked Questions

Does SESSION_USER change after SET ROLE?

No. SESSION_USER is fixed when the connection is established and never changes within that session, even if the effective role changes.

How is SESSION_USER different from CURRENT_USER?

CURRENT_USER can change when you run SET ROLE or EXECUTE AS; SESSION_USER always shows the original login. Use SESSION_USER for auditing the true originator.

Is SESSION_USER available in all databases?

Most major engines support it directly except Oracle and SQLite. In Oracle call SYS_CONTEXT('USERENV','SESSION_USER'). SQLite has no concept of users.

What format does MySQL return?

MySQL returns user_name@host_name, so you may need SUBSTRING_INDEX() or LIKE comparisons to isolate just the username.