v.23.5New Feature

Add Server Settings for Displaying Secrets and User Privilege Control

Published: November 25, 2025

Add server and format settings display_secrets_in_show_and_select for displaying secrets of tables, databases, table functions, and dictionaries. Add privilege displaySecretsInShowAndSelect controlling which users can view secrets. #46528 (Mike Kot).

Introduced server and format settings display_secrets_in_show_and_select to control the visibility of secrets in metadata displays. Added a new privilege displaySecretsInShowAndSelect to manage user access to secret information for tables, databases, table functions, and dictionaries.

Why it matters

This feature addresses the need to securely manage and selectively display secret information in metadata queries (SHOW and SELECT) for various database objects. It enhances security by allowing administrators to restrict or grant visibility of sensitive data to authorized users only.

How to use it

To enable secret visibility, set the server or format setting display_secrets_in_show_and_select to true. Assign the displaySecretsInShowAndSelect privilege to users who should have access to view secrets. For example, to grant the privilege use:

GRANT displaySecretsInShowAndSelect TO <user>;

and configure settings in the client or server configuration accordingly.

Related resources

Pull Request #46528