Skip to Content

Typical errors (no such user, auth failed)

November 21, 2025 by
Typical errors (no such user, auth failed)
John Wolf
| No comments yet

Typical errors in PgBouncer (Odoo): “no such user”, “auth failed” and how to resolve them quickly

When something fails betweenOdoo → PgBouncer → PostgreSQL, one of these messages almost always appears:

  • no such user

  • password authentication failed

  • SASL authentication failed

  • SCRAM authentication requires libpq version 10 or above

  • authentication method 10 not supported

The key to fixing them without losing hours isto identify where the failure occurs:

  1. Client (Odoo/psql) → PgBouncer(incoming auth)

  2. PgBouncer → PostgreSQL(outgoing auth)

PgBouncer performs both authentications, and the auth_file (userlist) is used to verify clients as well as, if applicable, to authenticate to Postgres. PgBouncer+1


0) Triage in 60 seconds: what is failing?

A) Direct test (without Odoo) against PgBouncer

psql "host=127.0.0.1 port=6432 dbname=YOUR_DB user=odoo"

  • If this fails: the problem is betweenclient → PgBouncer.

  • If this works, but Odoo fails: it is usuallydbname/dbfilter, different credentials, or a connection from another IP.


B) Check the PgBouncer log (it is the judge)

If you can, temporarily increase verbose=1 and confirm that log_pooler_errors=1 is active (default is usually on). PgBouncer+1


C) Enter the PgBouncer admin console

Connect to the virtual DB pgbouncer and run SHOW (this access is explained in many packages/documentation). EDB


1) Error: no such user

What it really means

In practice, it is usually one of these 5 things:

  1. The user does not exist in auth_fileand you are not using auth_user/auth_query either.

    PgBouncer makes it clear that most methods require auth_file or auth_user to have defined users. PgBouncer+1

  2. auth_file is not being read(permissions/owner/path).

    If the PgBouncer process runs as the pgbouncer user, that user must be able to read the file (classic case). Arthur Pemberton

  3. The userlist.txt is poorly formatted(quotes, spaces, weird line breaks).

    The expected format is "username" "password|md5...|SCRAM...". PgBouncer

  4. You changed the userlist but did not reload PgBouncer.

    RELOAD reloads config and also auth_file / auth_hba_file. PgBouncer

  5. Note: it could be a disguised “no such database”

    For security, PgBouncer may respond with “no such user” even if the real problem is that the requested database does not exist (to avoid leaking info to the client). GitHub

Fix checklist

  • Check that the user is in userlist.txt (or that auth_user/auth_query works).

  • Ensure file permissions (minimum: readable by the service user).

  • Run RELOAD.

  • Check [databases] in pgbouncer.ini (correct dbname, wildcard * if you use it).


2) Error: password authentication failed / auth failed

Typical causes

  • Incorrect password in Odoo (db_password) or in userlist.txt.

  • You are using the wrong user (for example, Odoo mistakenly tries postgres).

  • The user exists, butthe stored password does not matchthe method/config.


Quick solution

  1. Test with psql against PgBouncer (exclude Odoo).

  2. Check the userlist.txt.

  3. RELOAD. PgBouncer

  4. Confirm that PgBouncer is really using the method you think (auth_type, or auth_type=hba with auth_hba_file). PgBouncer


3) Error: SASL authentication failed (SCRAM)

This error is common when you force auth_type = scram-sha-256 in PgBouncer or scram-sha-256 in pg_hba.conf.

The 3 most repeated causes

A) Old client (old libpq/driver)

PostgreSQL warns that scram-sha-256 is the most secure method,but it is not supported by old client libraries. PostgreSQL

Related symptoms:

  • SCRAM authentication requires libpq version 10 or above

  • authentication method 10 not supported

✅ Fix: update libpq / driver (psycopg / JDBC / etc.) on the Odoo or client side.

B) PgBouncer has SCRAM, but your auth_file does not match

PgBouncer allows auth_type = scram-sha-256 and says that the auth_file must containSCRAM secrets or passwords in plain text. PgBouncer

✅ Fix: make sure the user is in the auth_file with a valid format.

C) (Very typical) You put theSCRAM secretin userlist.txt and expected PgBouncer to use it as a “password” to Postgres

PgBouncer explains that the secrets in the auth_file also serve as passwords for outgoing connections if the backend requires it. PgBouncer

But in SCRAM,the “secret” is not always reusable as a login credential; in practice, many installations end up needing the real password (plain text) for PgBouncer to authenticate to PostgreSQL, or to implement the correct flow (client key / specific strategies). Stack Overflow+1

✅ Recommended fixes:

  • Simple/operable option: userlist.txt with clear password + strict permissions.

  • Pro option: auth_user + auth_query (centralize auth in Postgres). PgBouncer documents how auth_user and the default query work. PgBouncer


4) Error: auth_type = trust and still “login rejected”

This confuses a lot of people.

In PgBouncer, trust means “I do not verify password,”but the username must existin auth_file. PgBouncer+1

✅ Fix:

  • add the user to the auth_file

  • or use auth_type=any (only if you know exactly what you are doing; it is usually a bad idea in production).


5) Error: “I changed the userlist and it is not applying”

The correct recipe is:

  1. edit userlist.txt

  2. confirm permissions (that the service can read it)

  3. execute RELOAD

RELOAD reloads config and also auth_file/auth_hba_file. PgBouncer

If you are on Docker/K8s, check that the file is not accidentally mounted read-only (real case reported). GitHub


Next chapter ->



Typical errors (no such user, auth failed)
John Wolf November 21, 2025
Share this post
Tags
Archive
Sign in to leave a comment