PostgreSQL Guide

Select PostgreSQL in the database picker, then fill in:

• Host — localhost or your server's address
• Port — default is 5432
• Username — your PostgreSQL user (often postgres)
• Password — your PostgreSQL password
• Database — optional, you can pick one after connecting

Click Connect and you're in. SQLAgent uses a pure Swift implementation of the PostgreSQL wire protocol — no libpq, no ODBC.

SQLAgent supports PostgreSQL 12 and later. Authentication uses SCRAM-SHA-256 (the default since PostgreSQL 14) as well as MD5 for older setups.

Yes. JSONB columns are displayed with formatted values in the data grid. You can browse, search, and query JSONB data like any other column type.

Enable SSL in the connection form to encrypt traffic. PostgreSQL supports full TLS with optional client certificate authentication (mTLS). Provide a CA certificate, client certificate, and client key for maximum security.

For databases behind a firewall or bastion host, enable the SSH tunnel section. SQLAgent supports SSH key, SSH agent, and password authentication. The tunnel is established automatically before connecting to PostgreSQL.

Before you connect, SQLAgent shows a security banner summarizing your connection's posture:

• Local connection — green, data stays on your machine
• Remote + TLS — green, encrypted
• Remote + SSH — green, tunneled
• Remote + SSH + TLS — green, double-layered encryption
• Remote, no encryption — orange warning, credentials sent in plain text

PostgreSQL uses role-based access control (RBAC). Users are roles with login privileges. Roles can own objects, inherit permissions from other roles, and have fine-grained privileges on databases, schemas, and tables. To list roles and their attributes, run:

\du

To see privileges on a specific table:

\dp table_name

The security banner on the connection form notes this — so you know what access model to expect before connecting.

Check that your PostgreSQL server is running and accessible. Verify the host, port, and credentials. Make sure pg_hba.conf allows connections from your IP. For cloud databases (Supabase, Neon, etc.), check that your IP is whitelisted.

Double-check your username and password. PostgreSQL 14+ defaults to scram-sha-256 authentication. If you're connecting to an older server using md5, SQLAgent handles that automatically.

Make sure your certificates are in PEM format. If connecting to a self-signed server, try toggling Verify server certificate. For cloud PostgreSQL (Supabase, RDS), the CA certificate is usually provided by the host.

The server requires an encrypted connection. Enable SSL in the connection form. You may also need to provide a CA certificate if the server uses a custom cert.