AuthZed Blog

AI coding agents need better permissions, and so does the code they write. SpiceBox enforces fine-grained permissions on AI coding agents using SpiceDB, while spicedb-dev gives agents the authorization context they need to generate code with proper access control from the start. Both are open source.

IAM has never been a single thing—and treating it like one is holding us back. Authentication and authorization are fundamentally different disciplines, and agentic AI might finally force us to address them separately.

Part 2 of our interview series: Discover how AuthZed evaluates your ability to design, debug, and reason about real systems. Learn what to expect from our technical skills panel and how to showcase your architectural thinking.

Learn what to expect from AuthZed's background panel - a collaborative deep dive into your technical experience, decision-making, and engineering ownership. Get practical tips on how to prepare and what signals we're looking for.

Next week, RSAC and KubeCon happen at the same time. While the two shows have very different core audiences, the overlap in topic this year is striking—especially around authorization as a key driver of AI and agentic security.

AI agents decide what to access, which tools to call, and what actions to take—autonomously, at volume, and in ways most permission systems weren't designed to handle. AuthZed is the authorization platform built to close that gap.

We're announcing langchain-spicedb, a new library that brings SpiceDB's relationship-based access control into LangChain and LangGraph workflows. Build RAG pipelines that respect what users are allowed to see with post-retrieval filtering, LangGraph auth nodes, and agent permission tools.

Policy engines promise flexible authorization, but they struggle with the ambient context and relationship-driven decisions that AI systems require. Learn why Relationship-Based Access Control (ReBAC) is the better approach for securing AI agents and RAG pipelines.

Policy engines are being pitched as the solution for AI agent authorization, but they fall short in dynamic, relationship-heavy environments. Jake Moshenko breaks down why relationship-based access control is a better fit as we start treating AI agents more like people than scripts.

Introducing the SpiceDB Foreign Data Wrapper (FDW) for PostgreSQL — a new experimental way to bring real-time authorization context from SpiceDB into Postgres queries, without duplicating data or embedding authorization logic where it doesn't belong.

The SpiceDB query planner project explains the architecture on how we're improving the performance of every permission check.

The AuthZed Cloud Starter Program provides a $700 credit to try out AuthZed Cloud and see the value of scalable authorization infrastructure.

While many companies push return-to-office, AuthZed stays remote-first. Our secret is regular off-sites where bonding and business coincide. When we prioritize being human together, we return with more empathy, better communication, and renewed drive to solve hard problems.

MCP, A2A, and ACP standardize how AI agents communicate, but none adequately address authorization. This post analyzes specific vulnerabilities in token granularity, revocation propagation, and delegation chains, and outlines requirements for secure agent infrastructure.

Five years in, our mission remains the same, fixing access control. 2025 was about making our authorization infrastructure available to more teams in more ways.

MCP standardizes how AI agents connect to tools and data. What it doesn't do is secure them. The spec addresses authentication plumbing but leaves authorization decisions to implementers. So how do you build with MCP without recreating the mistakes behind 2025's breach timeline? It starts with understanding where the protocol ends and your responsibility begins.