> ## Documentation Index
> Fetch the complete documentation index at: https://cockroachlabs.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# SHOW SYSTEM GRANTS

export const InternalLink = ({version, path = "", children, ...props}) => {
  let detectedVersion = version || "stable";
  if (typeof window !== 'undefined' && !version) {
    const match = window.location.pathname.match(/\/docs\/([^/]+)/);
    if (match) {
      detectedVersion = match[1];
    }
  }
  const normalizedPath = path.startsWith("/") ? path.slice(1) : path;
  return <a href={`/docs/${detectedVersion}/${normalizedPath}`} {...props}>
      {children}
    </a>;
};

The `SHOW SYSTEM GRANTS` <InternalLink path="sql-statements">statement</InternalLink> lists the <InternalLink path="security-reference/authorization#supported-privileges">system privileges</InternalLink> <InternalLink path="grant">granted</InternalLink> to <InternalLink path="security-reference/authorization#sql-users">users</InternalLink>.

## Syntax

Use the following syntax to show the <InternalLink path="security-reference/authorization#supported-privileges">system privileges</InternalLink> granted to users:

```
SHOW SYSTEM GRANTS [FOR <users...>]
```

## Parameters

| Parameter | Description                                                                                                                                                          |
| --------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `users`   | The <InternalLink path="security-reference/authorization#sql-users">user</InternalLink>, or comma-separated list of users, whose system privileges you want to show. |

## Response

### Privilege grants

The `SHOW SYSTEM GRANTS` statement returns the following fields:

| Field            | Description                                                                                                                                     |
| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| `grantee`        | The name of the user.                                                                                                                           |
| `privilege_type` | The name of the <InternalLink path="security-reference/authorization#supported-privileges">system privilege</InternalLink> granted to the user. |
| `is_grantable`   | `t` (true) if the user has the grant option on the object; `f` (false) if not.                                                                  |

## Required privileges

* No <InternalLink path="security-reference/authorization#supported-privileges">privileges</InternalLink> are required to use `SHOW SYSTEM GRANTS`.

## Examples

### Show all system grants

To list all system grants for all users and roles:

```sql theme={"theme":{"light":"catppuccin-mocha","dark":"catppuccin-mocha"}}
> SHOW SYSTEM GRANTS;
```

```
  grantee |    privilege_type    | is_grantable
----------+----------------------+---------------
  max     | VIEWACTIVITY         |      t
  max     | VIEWCLUSTERMETADATA  |      t
  max     | VIEWDEBUG            |      t
  alice   | VIEWACTIVITYREDACTED |      f
  alice   | NOSQLLOGIN           |      f
(5 rows)
```

### Show a specific user or role's grants

To list all system grants for a specific user or role:

```sql theme={"theme":{"light":"catppuccin-mocha","dark":"catppuccin-mocha"}}
> CREATE USER max;
```

```sql theme={"theme":{"light":"catppuccin-mocha","dark":"catppuccin-mocha"}}
> GRANT SYSTEM ALL TO max WITH GRANT OPTION;
```

```sql theme={"theme":{"light":"catppuccin-mocha","dark":"catppuccin-mocha"}}
> SHOW SYSTEM GRANTS FOR max;
```

```
  grantee | privilege_type | is_grantable
----------+----------------+---------------
  max     | ALL            |      t
(1 row)
```

## See also

* <InternalLink path="authorization">Authorization</InternalLink>
* <InternalLink path="security-reference/authorization#supported-privileges">System Privileges</InternalLink>
* <InternalLink path="grant">`GRANT`</InternalLink>
* <InternalLink path="revoke">`REVOKE`</InternalLink>
* <InternalLink path="security-reference/authorization#create-and-manage-users">Manage Users</InternalLink>
* <InternalLink path="information-schema">Information Schema</InternalLink>
