SecondaryID

When the SQL Wizard is used to create a Primary AuthID (with its corresponding password), you are also allowed to specify a SecondaryID. If a SecondaryID is defined, it is used instead of the Primary AuthID to determine the actual privileges available to the session.

Once the user or process logs in, the value defined for the SecondaryID is used wherever the Primary AuthID would normally be used. It is as though the user or process had logged in using the SecondaryID instead of the Primary AuthID. For example, the SecondaryID appears in the special register USER, which normally contains the Primary AuthID of a session.

Note: The SecondaryID is not the same as the DB2 Secondary Authorization ID. The IBM method of defining multiple Secondary Authorization IDs and assigning them to Primary AuthIDs in RACF is similar to the GroupID concept.