sys.user_token (Transact-SQL)
Applies to: 
SQL Server
Azure SQL Database
Azure SQL Managed Instance
Returns one row for every database principal that is part of the user token in SQL Server.
| Column name | Data type | Description |
|---|---|---|
| principal_id | int | ID of the principal. The value is unique within database. |
| sid | varbinary(85) | Security identifier of the principal if the principal is defined external to the database. For example, this can be a SQL Server login, Windows login, Windows Group login, or a login mapped to a certificate, otherwise, this value is NULL. |
| name | nvarchar (128) | Name of the principal. The value is unique within database. |
| type | nvarchar (128) | Description of principal type. All types are mapped to sid. The value can be one of the following:SQL USER WINDOWS LOGIN WINDOWS GROUP ROLE APPLICATION ROLE DATABASE ROLE USER MAPPED TO CERTIFICATE USER MAPPED TO ASYMMETRIC KEY CERTIFICATE ASYMMETRIC KEY |
| usage | nvarchar (128) | Indicates the principal participates in the evaluation of GRANT or DENY permissions, or serves as an authenticator. This value can be one of the following: GRANT OR DENY DENY ONLY AUTHENTICATOR |
See Also
sys.login_token (Transact-SQL)
sys.server_principals (Transact-SQL)
sys.database_principals (Transact-SQL)
Principals (Database Engine)