diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml
index 68908dcb7b..24e93f9b28 100644
--- a/doc/src/sgml/protocol.sgml
+++ b/doc/src/sgml/protocol.sgml
@@ -2647,6 +2647,11 @@ The commands accepted in replication mode are:
           <literal>blackhole</literal>, the backup data is not sent
           anywhere; it is simply discarded.
          </para>
+
+         <para>
+          The <literal>server</literal> target requires superuser privilege or
+          being granted the <literal>pg_write_server_files</literal> role.
+         </para>
         </listitem>
        </varlistentry>
 
diff --git a/doc/src/sgml/ref/pg_basebackup.sgml b/doc/src/sgml/ref/pg_basebackup.sgml
index dfd8aebc9a..1546f10c0d 100644
--- a/doc/src/sgml/ref/pg_basebackup.sgml
+++ b/doc/src/sgml/ref/pg_basebackup.sgml
@@ -237,7 +237,8 @@ PostgreSQL documentation
         <literal>server:/some/path</literal>, the backup will be stored on
         the machine where the server is running in the
         <literal>/some/path</literal> directory. Storing a backup on the
-        server requires superuser privileges. If the target is set to
+        server requires superuser privileges or being granted the
+        <literal>pg_write_server_files</literal> role. If the target is set to
         <literal>blackhole</literal>, the contents are discarded and not
         stored anywhere. This should only be used for testing purposes, as you
         will not end up with an actual backup.
diff --git a/src/backend/replication/basebackup_server.c b/src/backend/replication/basebackup_server.c
index ce1b7b4797..18b0e11d90 100644
--- a/src/backend/replication/basebackup_server.c
+++ b/src/backend/replication/basebackup_server.c
@@ -10,10 +10,12 @@
  */
 #include "postgres.h"
 
+#include "catalog/pg_authid.h"
 #include "miscadmin.h"
 #include "replication/basebackup.h"
 #include "replication/basebackup_sink.h"
 #include "storage/fd.h"
+#include "utils/acl.h"
 #include "utils/timestamp.h"
 #include "utils/wait_event.h"
 
@@ -65,10 +67,10 @@ bbsink_server_new(bbsink *next, char *pathname)
 	sink->base.bbs_next = next;
 
 	/* Replication permission is not sufficient in this case. */
-	if (!superuser())
+	if (!is_member_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES))
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
-				 errmsg("must be superuser to create server backup")));
+				 errmsg("must be superuser or a member of the pg_write_server_files role to create server backup")));
 
 	/*
 	 * It's not a good idea to store your backups in the same directory that