When a database is created, the Database Owner of that database is implicitly set to the authorization identifier used in the connect operation that creates the database, for example, by supplying the URL attribute "user". Note that this applies even if authentication is not (yet) enabled. In SQL, the built-in functions USER and the equivalent CURRENT_USER return the current authorization identifier.
If the database is created without supplying a user (this is possible
only if authentication is not enabled), the Database Owner is set to the default
authorization identifier, "APP", which is also the name of the default schema.
See "SET SCHEMA statement" in the
The Database Owner has automatic SQL level permissions when SQL
authorization is enabled. For more information, see
To further enhance security, when
both