diff --git a/packages/pg/lib/crypto/sasl.js b/packages/pg/lib/crypto/sasl.js
index 47b77610c..a782ae48a 100644
--- a/packages/pg/lib/crypto/sasl.js
+++ b/packages/pg/lib/crypto/sasl.js
@@ -178,7 +178,13 @@ function parseServerFirstMessage(data) {
 
 function parseServerFinalMessage(serverData) {
   const attrPairs = parseAttributePairs(serverData)
+  const error = attrPairs.get('e')
   const serverSignature = attrPairs.get('v')
+
+  if (error) {
+    throw new Error(`SASL: SCRAM-SERVER-FINAL-MESSAGE: server returned error: "${error}"`)
+  }
+
   if (!serverSignature) {
     throw new Error('SASL: SCRAM-SERVER-FINAL-MESSAGE: server signature is missing')
   } else if (!isBase64(serverSignature)) {
diff --git a/packages/pg/test/unit/client/sasl-scram-tests.js b/packages/pg/test/unit/client/sasl-scram-tests.js
index 07d15f660..060a22ee4 100644
--- a/packages/pg/test/unit/client/sasl-scram-tests.js
+++ b/packages/pg/test/unit/client/sasl-scram-tests.js
@@ -284,6 +284,23 @@ suite.test('sasl/scram', function () {
       )
     })
 
+    suite.test('fails when server returns an error', function () {
+      assert.throws(
+        function () {
+          sasl.finalizeSession(
+            {
+              message: 'SASLResponse',
+              serverSignature: 'abcd',
+            },
+            'e=no-resources'
+          )
+        },
+        {
+          message: 'SASL: SCRAM-SERVER-FINAL-MESSAGE: server returned error: "no-resources"',
+        }
+      )
+    })
+
     suite.test('fails when server signature does not match', function () {
       assert.throws(
         function () {