SpiceDB is 100% open source. Please help us by starring our GitHub repo. ↗
SpiceDB Documentation
Getting Started
Discovering SpiceDB

SpiceDB Documentation

Welcome to the official documentation for the SpiceDB ecosystem.

New? Follow our first steps guideGot questions? Our FAQ has answersPaid products? That's the AuthZed docs

What is SpiceDB?

SpiceDB is an open-source, Google Zanzibar (opens in a new tab)-inspired database system for real-time, security-critical application permissions.

Developers create and apply a schema (opens in a new tab) that models their application's resources and permissions. From their applications, client libraries (opens in a new tab) are used to insert relationships or check permissions in their applications.

Building modern authorization from scratch is non-trivial and requires years of development from domain experts. Until SpiceDB, the only developers with access to these workflows were employed by massive tech companies that could invest in building mature, but proprietary solutions. Now we have a community organized around sharing this technology so the entire industry can benefit.

In some scenarios, SpiceDB can be challenging to operate because it is a critical, low-latency, distributed system. For folks interested in managed SpiceDB services and enterprise functionality, there are AuthZed's products.

A brief SpiceDB history lesson

In August 2020, the founders of AuthZed left Red Hat (opens in a new tab), who had acquired their previous company CoreOS (opens in a new tab). In the following month, they would write the first API-complete implementation of Zanzibar; project Arrakis was written in lazily-evaluated, type-annotated Python. In September, Arrakis was demoed as a part of their YCombinator (opens in a new tab) application. In March 2021, Arrakis was rewritten in Go, a project code named Caladan. This rewrite would eventually be open-sourced in September 2021 under the name SpiceDB (opens in a new tab).

You can also read the history of Google's Zanzibar project, the spiritual predecessor and inspiration for SpiceDB.

SpiceDB Features

Features that distinguish SpiceDB from other systems include:

First steps

Dive into some videos

SpiceDB developers and community members have recorded videos explaining concepts, modeling familiar applications, and deep-diving into the tech powering everything!


Join the SpiceDB Discord

Thousands of community members chat interactively in our Discord (opens in a new tab). Why not ask them a question or two?


Install the SpiceDB toolchain

SpiceDB and Zed run on Linux, macOS, and Windows on both AMD64 and ARM64 architectures.

Follow the instructions below to install to your development machine:

Install the SpiceDB server binaryInstall the SpiceDB CLI tool: Zed

Learn the concepts

We've documented the concepts SpiceDB users should understand:

ZanzibarSchemaRelationships

After these, we recommend these concepts for running SpiceDB:

CommandsDatastoresDatastore MigrationsObservabilityOperator

Finally, some more advanced concepts are still fundamental:

ConsistencyCaveatsDispatch

Experiment in the Playground

You can experiment with and share schema and data snippets on the Playground (opens in a new tab).

When you're done, you can easily import these into a real SpiceDB instance using zed import.

Here's an easy example to toy with:


Take SpiceDB to Production

Once you're ready to take things into production, you can reference our guides or explore a managed solution with AuthZed.

Even if you aren't interested in paid products, you can still schedule a call or reach out on Discord.

Deploy the Operator on KubernetesInstall a SpiceDB cluster on Amazon EKSSchedule a call with AuthZed
macOS
© 2025 AuthZed.