The syssurrogateauth system catalog table stores trusted user and surrogate user information.

The syssurrogateauth system catalog table is populated when the GRANT SETSESSIONAUTH statement is run. Users or roles specified in the TO clause are added to trusteduser column. Users specified in the ON clause are added to surrogateuser column.

For example, consider the following statement:

GRANT SETSESSIONAUTH ON bill, john TO mary, peter;

Entries in the syssurrogateauth table are created as follows:

trusteduser    surrogateuser

mary           bill
mary           john
peter          bill
peter          john

The syssurrogateauth table has the following columns.

Table 1. SYSSURROGATEAUTH table column descriptions

Column Type Explanation
trusteduser CHAR(32) Trusted user name or role.
surrogateuser CHAR(32) Surrogate user name.