AuthZed is an authorization platform built on SpiceDB, an open-source database system for managing fine-grained permissions. It is designed to handle authorization for modern applications and AI systems at scale. Core functionality: - Provides a centralized authorization infrastructure that allows organizations to define permissions once and enforce them consistently across all systems and services - Based on Google Zanzibar-inspired relationship-based access control (ReBAC), enabling fine-grained permission modeling - Supports a flexible schema/configuration language for defining permission relationships without requiring code rewrites when business requirements change - Delivers strongly consistent access control guarantees across distributed systems Use cases supported: - Sharing and link-based access control (user-to-user, team-based sharing) - Team-based access control (automatic permission grants/revocations based on team membership) - Customer-managed permissions (allowing enterprise customers to manage their own access) - Replacing legacy authorization systems - Retrieval-Augmented Generation (RAG) for AI — enforcing data boundaries in AI applications - Permission-aware list and search filtering (showing users only what they are authorized to see) Deployment options: - AuthZed Cloud (managed SaaS offering) - SpiceDB open-source (self-hosted, available on GitHub with 6,500+ stars) The platform is used by companies across fintech, healthcare, AI, media, and other industries including OpenAI, Workday, Anyscale, HackerRank, Turo, and others.