sys.user_token (Transact-SQL)

Returns one row for every database principal that is part of the user token.

Column name Data type Description

principal_id

int

ID of the principal. The value is unique within database.

sid

varbinary(85)

Security identifier of the principal if the principal is defined external to the database. For example, this can be a SQL Server login, Windows login, Windows Group login, or a login mapped to a certificate, otherwise, this value is NULL.

name

nvarchar (128)

Name of the principal. The value is unique within database.

type

nvarchar (128)

Description of principal type. All types are mapped to sid. The value can be one of the following:

  • SQL USER
  • WINDOWS LOGIN
  • WINDOWS GROUP
  • ROLE
  • APPLICATION ROLE
  • USER MAPPED TO CERTIFICATE
  • USER MAPPED TO ASYMMETRIC KEY
  • CERTIFICATE
  • ASYMMETRIC KEY

usage

nvarchar (128)

Indicates the principal participates in the evaluation of GRANT or DENY permissions, or serves as an authenticator.

This value can be one of the following:

  • GRANT OR DENY
  • DENY ONLY
  • AUTHENTICATOR

See Also

Reference

sys.login_token (Transact-SQL)
sys.server_principals (Transact-SQL)
sys.database_principals (Transact-SQL)

Other Resources

IDs and SIDs
Understanding Execution Context
Context Switching
Principals

Help and Information

Getting SQL Server 2005 Assistance

Change History

Release History

12 December 2006

Changed content:
  • Corrected the values for type. Added note about mapping type to sid.
  • Corrected values for usage.

5 December 2005

Changed content:
  • Changed column name sid_id to sid.
  • Corrected the size of the nvarchar columns.