sys.login_token (Transact-SQL)

Returns one row for every server principal that is part of the login token.

Column name Data type Description

principal_id

int

ID of the principal. This value is unique within server.

sid

varbinary(85)

Security identifier of the principal. If this is a Windows principal, sid = Windows SID. If the login is mapped to a certificate, sid = GUID from the certificate.

name

nvarchar(128)

Name of the principal. This value is unique within server.

type

nvarchar(128)

Description of principal type. All types are mapped to sid. The value can be one of the following:

  • SQL LOGIN
  • WINDOWS LOGIN
  • WINDOWS GROUP
  • SERVER ROLE
  • LOGIN MAPPED TO CERTIFICATE
  • LOGIN MAPPED TO ASYMMETRIC KEY
  • CERTIFICATE
  • ASYMMETRIC KEY

usage

nvarchar(128)

Indicates the principal participates in the evaluation of GRANT or DENY permissions, or serves as an authenticator.

This value can be one of the following:

  • GRANT OR DENY
  • DENY ONLY
  • AUTHENTICATOR

See Also

Reference

sys.user_token (Transact-SQL)
sys.server_principals (Transact-SQL)
sys.database_principals (Transact-SQL)

Other Resources

Understanding Execution Context
Context Switching
Principals

Help and Information

Getting SQL Server 2005 Assistance

Change History

Release History

12 December 2006

Changed content:
  • Added note about mapping type to sid.

17 July 2006

Changed content:
  • Corrected names of principals.
  • Corrected details of principals' significance in permissions evaluation.

5 December 2005

Changed content:
  • Changed column name sid_id to sid.
  • Corrected the size of the nvarchar columns.