![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 9%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDT%3C/text%3E%3C/svg%3E)
Azure Database for PostgreSQL
An Azure managed PostgreSQL database service for app development and deployment.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 60%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Hello Developer treebyte,
Thank you for providing such a detailed breakdown of the issue, including the exact error message and the steps you've already taken. This is a classic and often frustrating permission problem when using extensions like pg_cron in a managed database environment like Azure PostgreSQL Flexible Server.
The root of the problem is that even though your admin user is a member of the azure_pg_admin role, this role does not have full SUPERUSER privileges. The pg_cron extension and its functions are owned by an internal service account, not by your user. As a result, you don't have the permission to GRANT privileges on those functions, which is why your GRANT EXECUTE command failed. This is expected behavior in the managed service to maintain the platform's security and stability.
However, your user should be able to schedule jobs. The permission denial you're seeing often points to a subtle issue with how the function is being called.
Primary Suggestion: Use cron.schedule instead
You are using the cron.schedule_in_database function. This function is specifically designed to schedule a job that will run against a different database from the one you are currently connected to. Since pg_cron's metadata is in the postgres database (as per your cron.database_name setting), this function adds another layer of security checks.
If your intention is to run the scheduled job within the postgres database itself, you should use the simpler cron.schedule function.
Please try scheduling your job with this syntax:
sql
SELECT
This function has a more straightforward permission path and is the standard way to schedule jobs that operate on the same database where pg_cron is configured.
Workaround: Use a SECURITY DEFINER Function
If the above still fails, or if you must run tasks that require elevated privileges, you can encapsulate your logic within a wrapper function and use the SECURITY DEFINER clause. This makes the function execute with the privileges of the user who created it (your admin user), which can bypass in-session permission issues.
1. Create the wrapper function:
sql
CREATE
2. Schedule the wrapper function:
sql
SELECT
Final Step: Azure Support
You've done excellent troubleshooting by dropping/re-creating the extension and trying different users. If neither of the solutions above work, it's very likely that there is an underlying issue with how the extension was provisioned on your specific server instance, especially given you are on a very new database version (16.9). The link you shared points to a similar problem, which often indicates a platform-level fix is needed.
In this case, your best path forward would be to open a support ticket with Microsoft Azure. Their support engineers can investigate the backend configuration of your instance and resolve any permission inconsistencies that are beyond your control.
I hope one of the suggestions helps you get unblocked.
Best Regards,
Jerald Felix