>

AuthZed recognized as a 2025 Rising Star by KuppingerCole

 [Read Report]
AuthZed iconAuthZed slash iconSpiceDB logo

Open Source Google Zanzibar

The standard for building authZ services

1
2
3
4
5
6
7
8
9

Features

SpiceDB is the most scalable and consistent Google Zanzibar-inspired database for storing and computing permissions data—use it to build global-scale fine grained authorization services.

Expressive APIs

Expressive APIs

Expressive gRPC and HTTP/JSON APIs for powering authorization logic in your client applications.

Distributed Graph

Distributed Graph

Distributed, parallel graph engine faithful to the architecture described in Google’s Zanzibar paper.

Prevents New Enemies

Prevents New Enemies

A flexible consistency model configurable per-request that includes resistance to the New Enemy Problem.

Configuration Language

Configuration Language

Intuitive authorization configuration language — SpiceDB Schema — with CI/CD integrations for validation & testing.

Secure

Pluggable Storage

Support for in-memory, Spanner, CockroachDB, PostgreSQL, and MySQL relationship storage.

Secure

Deep Observability

Deep observability with Prometheus metrics, pprof profiles, structured logging, and OpenTelemetry tracing.

Latest Release

SpiceDB v1.48.0

miparnisarimiparnisari released this 1 day ago
Release Notes

Added

  • feat: add Memory Protection Middleware (enabled by default, use --enable-memory-protection-middleware=false to disable) by @miparnisari in https://github.com/authzed/spicedb/pull/2691. ⚠️ Now, if your server's memory usage is too high, incoming requests may be rejected with code "ResourceExhausted" (HTTP 429).

Changed

Fixed

Full Changelog: https://github.com/authzed/spicedb/compare/v1.47.1...v1.48.0

Docker Images

This release is available at authzed/spicedb:v1.48.0, quay.io/authzed/spicedb:v1.48.0, ghcr.io/authzed/spicedb:v1.48.0

Reddit

Reddit Ads Implements Scalable Sharing Capabilities using SpiceDB

Matilloin

Matillion Delivers Enterprise Permissions for Everyone

Netflix

ABAC on SpiceDB: Enabling Netflix’s Complex Identity Types

Don’t reinvent the wheel

Integrate against AuthZed’s globally available authorization service in minutes.
Complete Ecosystem

SpiceDB Tooling

Everything you need to deploy, manage, and integrate SpiceDB.

SpiceDB Operator

Optimize your Day 1 and Day 2 operations the our official Kubernetes SpiceDB Operator.
Repoauthzed/spicedb-operatorPublic
Kubernetes controller for managing instances of SpiceDB
GoGitHub Star92GitHub Fork35
kubectl create spicedbcluster
Create, manage, and scale SpiceDB clusters with a single Kubernetes resource.
Zero-Downtime Datastore Migrations
Run painless migrations regardless of your backing datastore or SpiceDB version.
Automated Update Channels
Configure clusters to follow release channels and automatically roll out updates.
SpiceDB Docs

Learn Key Concepts

Define

Define a Permissions Schema

Define types of objects, how those objects relate to one another, and the permissions that can be computed from those relationships.
Define

Integrate Your Applications

Integrate with your application using official and community supported client libraries or make requests to the HTTP API endpoint.
Define

Test and Deploy

Use provided tooling to develop and validate schema changes. Use the built-in testing server to run real API calls against test data.

Define Authorization
as Schema

Design tailored authorization systems by defining relationships, permissions based on those relationships, and bits of policy called Caveats.

Learn Together

Join our thriving community to learn about SpiceDB, Zanzibar, production deployments, and more!

Users Online

Get started now

Join 1000s of users building delightful, secure application experiences.