title: "DBCC FLUSHAUTHCACHE (Transact-SQL) | Microsoft Docs" ms.custom: "" ms.date: "07/16/2017" ms.prod: "sql" ms.prod_service: "database-engine" ms.service: "" ms.component: "t-sql|database-console-commands" ms.reviewer: ""
ms.suite: "sql" ms.technology:
- "database-engine" ms.tgt_pltfrm: "" ms.topic: "language-reference" f1_keywords:
- "DBCC FLUSHAUTHCACHE"
- "FLUSHAUTHCACHE"
- "DBCC_FLUSHAUTHCACHE_TSQL"
- "FLUSHAUTHCACHE_TSQL" helpviewer_keywords:
- "DBCC FLUSHAUTHCACHE" ms.assetid: 681ef31d-ceb9-4da5-86bf-bf1240df950f caps.latest.revision: 11 author: "douglaslMS" ms.author: "douglasl" manager: "craigg" ms.workload: "Inactive" monikerRange: "= azuresqldb-current || = sqlallproducts-allversions"
[!INCLUDEtsql-appliesto-xxxxxx-asdb-xxxx-xxx-md]
Empties the database authentication cache containing information about logins and firewall rules, for the current user database in [!INCLUDEssSDS]. This statement does not apply to the logical master database, because the master database contains the physical storage for the information about logins and firewall rules. The user executing the statement and other currently connected users remain connected. (DBCC FLUSHAUTHCACHE is not currently supported for [!INCLUDEssSDW_md].)
Transact-SQL Syntax Conventions
DBCC FLUSHAUTHCACHE [ ; ] None.
The authentication cache makes a copy of logins and server firewall rules that are stored in master and places them in memory in the user database. Since information about contained database users are already stored in the user database, contained database users are not part of the authentication cache. Continuously active connections to [!INCLUDEssSDS] require reauthorization (performed by the [!INCLUDEssDE]) at least every 10 hours. The [!INCLUDEssDE] attempts reauthorization using the originally submitted password and no user input is required. For performance reasons, when a password is reset in [!INCLUDEssSDS], the connection will not be re-authenticated, even if the connection is reset due to connection pooling. This is different from the behavior of on-premises [!INCLUDEssNoVersion]. If the password has been changed since the connection was initially authorized, the connection must be terminated and a new connection made using the new password. A user with the KILL DATABASE CONNECTION permission can explicitly terminate a connection to [!INCLUDEssSDS] by using the KILL (Transact-SQL) command.
Requires the [!INCLUDEssSDS] admin account.
The following statement clears the authentication cache for the current database.
DBCC FLUSHAUTHCACHE;