With Spotfire 14.3, users analyzing data in the Spotfire Web client can leverage web UIs for analyzing data from Microsoft SQL Server, and for Document Properties, and Administrators get more advanced security settings for authentication and encryption. This release also introduces the preview of the visualization properties panel as available as default to all users.

Back to the What's New in Spotfire landing page.

Web UI for analyzing data in SQL Server

Users of the Spotfire Web Client and now create and modify connections to Microsoft SQL Server, Azure SQL Database and Azure Synapse Analytics from the Spotfire web client.

Web UI for Document Properties

Spotfire's Document Properties are used to configure and build analytic applications. The new Document Properties panel enables adding, removing, and editing document properties both in the installed client and the web client. Additionally, users will benefit from enhanced visibility into how document properties influence analyses, including the ability to pinpoint which parts of an analysis are affected by a specific property, identify where a property value is utilized, and even determine if a property triggers a script upon alteration, with the added convenience of directly navigating to the relevant visualization.

Document Properties in Spotfire are a powerful concept, serving as dynamic variables that enable users to customize and control various aspects of their analyses. These properties can be utilized to drive conditional formatting, filter data, control calculations, and trigger scripts based on user interactions. The flexibility and versatility of Document Properties empower users to tailor their analyses to specific requirements and seamlessly adapt them to changing business needs.

New visualizations properties panel - in preview

This release makes the new visualization authoring experience available (in preview) to all users to try out in the web client and the installed client, and features new properties and appearance cards including the ability to assign colors and shapes to data points, configure tooltips information, and additional visualization settings. You open the new visualization properties panel from the "View" menu of the Spotfire toolbar.

The new visualization properties panel makes visualization authoring easier, more efficient, and unifies the experience in the web client and the installed client. It is:

• Easy to use: All properties have one consistent design across all visualization types. The panel only shows properties that are applied to the selected visualizations. Users simply add more properties to enrich visualizations.
• Searchable: Users can just search to find properties and settings to edit or add.
• Efficient: Users can configure multiple selected visualizations simultaneously and reuse configurations across visualizations through drag and drop.
• Scalable: The new panel is designed for scale and will allow Spotfire to be extended with more visualization capabilities in the future.

Not all visualizations properties and functionalities are available yet in the new properties panel. The existing properties dialogs can be used side-by-side with the new experience, and they are still the default for configuring visualizations. Here is a video demonstrating the new visualization properties panel.

.

Administration

Increased security for secrets in the database

For increased security, secrets stored in the Spotfire database (such as service account credentials) are now encrypted using AES-GCM instead of the previously used AES-CBC.

Note: Cipher-Block Chaining (CBC) does not provide integrity guarantees. The Galois/Counter Mode (GCM) algorithm provides both data authenticity (integrity) and confidentiality and belongs to the class of authenticated encryption with associated data (AEAD) methods. For more information, see https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation.

Configure key length when encrypting secrets

The length of the key used when encrypting secrets stored in the Spotfire database (such as service account credentials) is now configurable using the config-encryption command.

Additional security for OIDC and OAuth2 using Pushed Authorization Requests 

Pushed authorization requests (PAR) are now used as an additional security measure when authenticating users using OpenID Connect and when performing an OAuth2 flow to access an external data source - if the OpenID Connect provider or OAuth2 Authorization Server supports it.

PAR is defined in the RFC9126 "OAuth 2.0 Pushed Authorization Requests" and is part of the OAuth 2.0 Security Best Current Practices.

Additional security for OIDC and OAuth2 using PKCE

Proof Key for Code Exchange (PKCE) is now used as an additional security measure when authenticating users using OpenID Connect and when performing an OAuth2 flow to access an external data source.

PKCE (pronounced "pixy") is defined in the RFC7636 "Proof Key for Code Exchange by OAuth Public Clients" and is part of the OAuth 2.0 Security Best Current Practices.

Improved job distribution in Automation Services

For scheduled updates or Automation Services jobs, all running instances are now considered as eligible targets when the available capacity changes for one instance. This change is done to spread the jobs more evenly.