Skip to main content

SpiceDB Serverless

SpiceDB Serverless is the Authzed product for self-service, shared-hardware SpiceDB clusters.

  • This is a fully managed service run by the experts at Authzed.
  • Clusters are autonomously configured and scaled without any configuration necessary.
  • Provision and manage permission systems and view real time metrics all from one place: our dashboard.


The billing model for this service is usage-based.

Customers are charged monthly based on two dimensions: the number of relationships stored in Authzed, and the number of dispatched operations made when performing API calls.

DimensionPrice Per 1 miliion
Relationships$1 per 1 million
Dispatched Operations$1 per 1 million

Do you have a free tier?

Yes. Any amount less than 1 million relationships or dispatched operations is considered a charge of $0.

A credit card is required to be entered for production permissions systems.

How do I enable and configure billing?

Click the Billing tab in your Authzed dashboard.

Viewing operation counts

The count of dispatched and cached operations can be viewed in the Billing panel of the permissions system view on Authzed.


What counts as a "dispatched operation"?

A dispatched operation is a single non-cached operation performed by Authzed to resolve the answer to the API request.

The number of dispatched operations depends heavily on the type of API being called, the complexity of the permissions system's schema and how many of those operations have been cached from previous API calls.

API Dispatch Estimation

Below are the estimations for determining the worst-case dispatch count for an API call:

APIDispatch Count
CheckPermissionThe number of non-cached sub-problems to be computed
ExpandPermissionTreeThe number of non-cached sub-problems to be computed
LookupResourcesThe number of non-cached sub-problems to be computed
WriteRelationshipsThe number of preconditions + 1 for the write
DeleteRelationshipsThe number of preconditions + 1 for the delete

Example: CheckPermission

Imagine a permissions system with the following schema:

definition user {}

definition document {
relation reader: user
relation writer: user

permission view = reader + writer

Issuing a CheckPermission call for view permission on a document will have to check three sub-problems: view, reader and writer.

The dispatched operation count for this API call will at most be 3, with lower counts based whether the user was found early, whether the problems have been cached, or other optimizations automatically performed by Authzed.

Finding out the dispatched count

To find the dispatched count of an API operation, the zed tool can be used with the --log-level debug flag:

$ zed permission check document:firstdoc view user:someuser --log-level debug
DBG set log level new level=debug
DBG extracted response dispatch metadata cached=3 dispatch=0

The number of dispatched operations can be found in dispatch, while the number of cached operations can be found as cached


The number of cached vs dispatched operations will change over time based on the usage of the API

Authzed will automatically cache results and attempt to reuse the cache as much as possible