Security and Authentication

Single sign-on (SSO) for ODBC OAuth

The Vertica ODBC driver can now automatically open your web browser and direct you to Keycloak's authentication endpoint to sign in with SSO. This method of authenticating with the identity provider is an alternative to manually retrieving the OAuthAccessToken from the various endpoints.

This functionality is currently limited to Keycloak. For details, see Retrieving an access token.

Simplified control channel Spread TLS

Vertica nodes use the control channel to communicate. You can secure this communication channel with TLS by enabling EncryptSpreadComm. You can now also set EncryptSpreadComm when you create the database. Previously, you could only set this parameter on a running database with ALTER DATABASE.

For details, see Control channel Spread TLS.