sys.login_token (Transact-SQL)

Returns one row for every server principal that is part of the login token.

Column name

Data type

Description

principal_id

int

ID of the principal. This value is unique within server.

sid

varbinary(85)

Security identifier of the principal. If this is a Windows principal, sid = Windows SID. If the login is mapped to a certificate, sid = GUID from the certificate.

name

nvarchar(128)

Name of the principal. This value is unique within server.

type

nvarchar(128)

Description of principal type. All types are mapped to sid. The value can be one of the following:

  • SQL LOGIN

  • WINDOWS LOGIN

  • WINDOWS GROUP

  • SERVER ROLE

  • LOGIN MAPPED TO CERTIFICATE

  • LOGIN MAPPED TO ASYMMETRIC KEY

  • CERTIFICATE

  • ASYMMETRIC KEY

usage

nvarchar(128)

Indicates the principal participates in the evaluation of GRANT or DENY permissions, or serves as an authenticator.

This value can be one of the following:

  • GRANT OR DENY

  • DENY ONLY

  • AUTHENTICATOR