AuthZed Blog

We are excited to announce that as of the SpiceDB 1.40 release, users now have access to a new experimental feature: Relationship Expiration. When writing relationships, requests can now include an optional expiration time, after which a relationship will be treated as removed, and eventually automatically cleaned up.

Today we are announcing the experimental release of Relationship Expiration, which is a straightforward, secure, and dynamic way to manage time-bound permissions directly within SpiceDB.

DeepSeek has emerged as a phenomenon since its announcement in late December 2024 and security has been at the forefront of recent conversation. At AuthZed, we recognize that trust and security fundamentally shape how organizations evaluate AI models, which is why we're sharing our perspective on this crucial discussion.

We are excited to announce that as of the SpiceDB 1.40 release, users now have access to a new experimental feature: Relationship Expiration. When writing relationships, requests can now include an optional expiration time, after which a relationship will be treated as removed.

I'm happy to announce that AuthZed recently renewed our SOC2 compliance and our SOC2 Type 2 and SOC3 reports are now available on security.authzed.com. Having just endured the audit process again, I figured it would be a good time to reflect on my personal feelings toward compliance and how my opinion has evolved.

The dual-write problem is present in any distributed system and is difficult to solve. We discuss where the problem arises and several approaches.

Here's how you can deploy SpiceDB on Amazon ECS (but you probably shouldn't in prod!)

The SpiceDB v1.39 release delivers enhanced monitoring through native histograms, smarter health checks, and transaction metadata improvement.

Want to build enterprise-ready AI that respects data access permissions? Learn how Relationship-based Access Control (ReBAC) provides superior security for Retrieval-Augmented Generation (RAG) systems by enabling pre-filtered queries and granular access control through relationship-based access controls. Read on to discover why ReBAC outperforms traditional authorization models for AI applications.

AuthZed's CEO and co-founder joins the Cube at the NYSE for a deep dive into the critical role of access control in the age of AI. Discover how AuthZed is building "guard rails for AI" to ensure secure and reliable access to sensitive data, prevent unauthorized access, and enable granular permissions. He explores real-world applications in healthcare, finance, and the sharing economy, and shares insights on the company's origins and their unique approach to solving authorization challenges. Watch the full interview to learn more.

What do Benjamin Franklin's satirical letter about waking up early and a failing CI test have in common? When our automated tests mysteriously started breaking after the end of Daylight Saving Time, we uncovered unexpected timestamp behavior and embarked on a systematic debugging journey to find a fix.

The release of SpiceDB v1.38 debuts new foundational API functionality for SpiceDB: Transaction Metadata. When writing relationships, you can now include arbitrary metadata that will be stored alongside the transaction and published to consumers of the Watch API.

Here are 4 ways I'm learning SpiceDB, and this could apply to learning any new technology.

SpiceDB v1.36.0 introduces a new feature: relationship integrity. It ensures that all relationships written to the backing datastore are signed by a key only known to SpiceDB, protecting your SpiceDB permissions system from modifications to their relationship data.

The article discusses two approaches to authorization: embedding it directly into your application using a library like Casbin, or centralizing it with an external service like SpiceDB. Casbin gives you fine-grained control and flexibility, ideal for smaller projects or custom needs. SpiceDB simplifies management for large-scale systems, offering scalability and auditability. The choice depends on your project's specific needs and priorities.

Both SpiceDB and Zanzibar combine performance, scalability, and correctness into one manageable, global authorization solution. Strong consistency is key to ensuring correctness, but caching is necessary for performance. Consistency and caching are often diametrically opposed so how do SpiceDB and Zanzibar solve this problem? With a few key realizations around staleness, when consistency is necessary and how the two interact.