On Thu, Dec 5, 2024 at 12:47 AM Wolfgang Walther <walt...@technowledgy.de> wrote: > > If we want something like this, we'd want to allow > > users to re-trigger SCRAM authentication. Which clearly requires a > > protocol change. > > Yes. This. Re-authenticating without re-connecting.
The ability to reauthenticate would be useful for the OAUTHBEARER mechanism as well. (Specifically, the ability to perform a new SASL exchange on the connection after the first one has failed.) And it would probably have overlap with the recent discussion around pass-through SCRAM [1]. --Jacob [1] https://postgr.es/m/27b29a35-9b96-46a9-bc1a-914140869dac%40gmail.com
