TokenImpersonationLevel TokenImpersonationLevel TokenImpersonationLevel TokenImpersonationLevel Enum


Defines security impersonation levels. Security impersonation levels govern the degree to which a server process can act on behalf of a client process.

public enum class TokenImpersonationLevel
public enum TokenImpersonationLevel
type TokenImpersonationLevel = 
Public Enum TokenImpersonationLevel


Anonymous Anonymous Anonymous Anonymous 1

The server process cannot obtain identification information about the client, and it cannot impersonate the client.

Delegation Delegation Delegation Delegation 4

The server process can impersonate the client's security context on remote systems.

Identification Identification Identification Identification 2

The server process can obtain information about the client, such as security identifiers and privileges, but it cannot impersonate the client. This is useful for servers that export their own objects, for example, database products that export tables and views. Using the retrieved client-security information, the server can make access-validation decisions without being able to use other services that are using the client's security context.

Impersonation Impersonation Impersonation Impersonation 3

The server process can impersonate the client's security context on its local system. The server cannot impersonate the client on remote systems.

None None None None 0

An impersonation level is not assigned.


Impersonation is the ability of a process to take on the security attributes of another process.

Applies to