authzed

The @LangChain SpiceDB integration is now live! Adding fine-grain authorization in AI Agents or RAG is not a trivial task. This library simplifies the process and gives you a Retriever or an AuthFilter for RAG. It also has a Permissions Tool for AI Agents, and a LangGraph node to add authz in your workflow. Check it out: docs.langchain.com/oss/python/int…

We updated our Timeline of Model Context Protocol (MCP) Security Breaches post to include the latest security breaches. You can read more about major MCP-related breaches and security failures - what happened, what data was exposed, why it happened, and what they reveal about the new threat surface LLMs bring into organizations. authzed.com/blog/timeline-…

Wrestling with permissions, roles, or access control complexity? Take a second and try out AuthZed Cloud - we're offering $700 in credits so you can see what scalable, modern authorization infrastructure can do for your applications. Try it out, authzed.com/cloud/starter-…

Join us in three minutes as @left4deaf talks about zed - the CLI for SpiceDB It's Office Hours format so bring your questions and come chat with us. youtube.com/live/yBEciwiSc…

Tomorrow at 12pm ET - go behind the scenes of zed, the official CLI for SpiceDB. In this Office Hours session, we'll explore how zed is built, the design decisions that shape it, and how it powers developer workflows for SpiceDB users. RSVP here (and don't forget to bring questions!): hubs.li/Q04cqRp-0

In SF this weekend? Join us at the JetBrains Codex Hackathon - we will be onsite helping teams with agent authorization as well as participating as judges. 1st place winners receive a $3000 cash award. Learn more here and join us, cerebralvalley.ai/e/jetbrains-x-…

Composable Schemas is now generally available. Now you can split your schema into well-defined, reusable components, so teams can move faster, make changes, and scale without everything becoming entangled. Happy Modeling! authzed.com/blog/composabl…

Learn how to build a production-grade Agentic RAG system on AuthZed Cloud, where authorization is hardcoded into the LangGraph pipeline—not a prompt instruction the agent can skip. Check it out here, authzed.com/blog/build-pro…

If you're using Postgres and needed fine-grained permissions in your app - this foreign data wrapper for SpiceDB might just be the thing for you

Your coding agent needs better permissions, and so does the code it writes - that is why today we are introducing SpiceBox, fine-grained permissions for AI coding agents, and spicedb-dev, authorization expertise for your coding agent. Both tools are open source, learn more on our blog, authzed.com/blog/spicedb-d…

Here's a new experimental way to bring real-time authorization context from SpiceDB into Postgres queries, all without duplicating data, rewriting policies, or embedding authorization logic where it doesn't belong. Check out this demo by AuthZed CTO and co-founder Joey Schorr of the SpiceDB Foreign Data Wrapper youtu.be/3C72jVHIqCg?si…

This. It's not a coincidence that Broken Access Control tops @owasp 's 'Top 10 Risks for Web Apps' list. And this problem is only compounded with AI Agents, RAG, and LLMs.

If you missed SpiceDB Community Day yesterday, you can check it out here, authzed.com/events/spicedb…. Get the latest SpiceDB updates, learn about permission-aware RAG, hear more about how SpiceDB Stops agentic oversharing and see the SpiceDB Foreign Data Wrapper (FDW) for PostgreSQL firsthand.

@anshaldwivedi Absolutely agree. Agents and AI usecases have a lot of ambient context which RBAC (and even policy engines) are not suited to handle. @JacobMoshenko talks about it in the first section of this video: youtube.com/watch?v=9HvE9T…

2/2 What makes more sense: scope access to the context of the task at hand, not a static role. ReBAC (relationship-based access control). Define boundaries based on what the agent is doing right now, not who it is.

1/2 Came up in a conversation with an engineering leader: RBAC doesn't do justice to the agentic world. Agents don't have roles, don't sit in teams. They can traverse any boundary in your system. Scoping access by role doesn't map when the thing assuming the role can be anything

SpiceDB Community Day starts in exactly 8 minutes. Join us here: youtube.com/watch?v=UpwyIs…

AI is moving fast but most teams are still relying on authorization models that weren’t built for it. AI initiatives are stalling not because of technical complexity but because the permissions layer wasn't designed for it. We wrote more about why you need to think about modernizing authorization in the AI era here, authzed.com/blog/authoriza… If this is top of mind for you, join us today for SpiceDB Community Day where we will explore how to implement permissions for AI workflows (hear from Manuel de la Peña of @Docker talk about Permission-Aware RAG and Mark Fogle of @clawtocracy talk about how SpiceDB Stops Agentic Oversharing) and get a SpiceDB Update too. You can register or tune in here at 10 am PT, authzed.com/events/spicedb…

We are counting down the days to SpiceDB Community Day next Thursday at 10 am PT. We will discuss permissions in your AI workflow, SpiceDB updates and more. Don't miss hearing from: Manuel de la Pena from @Docker discussing Permission-Aware RAG: End-to-End Testing with the SpiceDB Testcontainer Mark Fogle from @clawtocracy discussing Selective Memory: How SpiceDB Stops Agentic Oversharing The AuthZed team will also be there to share the latest updates in SpiceDB (Query Planner, SpiceDB Foreign Data Wrapper for PostgreSQL and more) Register and join us, authzed.com/events/spicedb…

@AlexAI_Ontology Let us know if you have any questions. There are some self-guided workshops for learning SpiceDB here: github.com/authzed/worksh…

@authzed Oh, I’m setting up Codex and ReBAC. Codex recommended spiceDB, but I just did Neo4J. But Codex installed SpiceDB without me having time to stop it. I‘ll have to use it.

Prompts aren’t the core of AI work anymore. The real shift is structure. Build an ontology-centered system where AI can operate. Beyond simple vector chunking, connect data as nodes and edges with GraphRAG. Add ReBAC for access control. Then LangChain + MCP let agents act.

Excited to announce the @LangChain - SpiceDB integration library 🎉 This library brings SpiceDB's authorization model into LangChain & LangGraph workflows, so you can build Agentic and RAG workflows with fine-grained authorization that scales. Check it out: authzed.com/blog/langchain…