What is an Access Token?
An Access Token is a security object created by the Windows kernel when a user logs on. It encapsulates the identity and privileges of the logon session, determining what resources the process can access.
- User & Group SIDs
- Enabled/Disabled Privileges
- Owner, Primary Group
- Integrity Level
Key Components Live
| Component | Description | API |
|---|---|---|
| User SID | Security identifier of the account | GetTokenInformation |
| Group SIDs | All groups the account belongs to | TokenGroups |
| Privileges | System-wide rights (e.g., SeDebugPrivilege) | TokenPrivileges |
| Integrity Level | Low, Medium, High, System | TokenIntegrityLevel |
| Session ID | Logon session identifier | TokenSessionId |
Inspect Your Token
Click the button to fetch the current process token details using PowerShell (requires admin).