authzed

Introducing the LangChain SpiceDB Integration We're announcing langchain-spicedb, a new library that brings SpiceDB's relationship-based access control into LangChain and LangGraph workflows. Build RAG pipelines that respect what users are allowe...

Excited to announce the @langchain.bsky.social SpiceDB integration 🎉

This library brings SpiceDB's authorization model into LangChain & LangGraph workflows, so you can build Agentic and RAG workflows with fine-grained authorization that scales.

Check it out:
authzed.com/blog/langcha...

Falsehoods People Believe About AI Agent Authorization - Webinar w/ Jake Moshenko, AuthZed CEO YouTube video by AuthZed

If we find permissions systems complex for humans, adding AI Agents to your organization will only compound the problem.

Here are some falsehoods that people believe about AI Agent Authorization

youtu.be/PTWrOCyCfaI?...

Model Context Protocol (MCP) is Not Secure! YouTube video by AuthZed

Model Context Protocol is does not secure by default.

One of the big reasons is what @simonwillison.net calls the Lethal Trifecta.

Watch this video to learn more about access control around MCP and how that caused some recent high-profile breaches
www.youtube.com/watch?v=u0fU...

Policy Engines Don't Work For AI Authorization. Here's Why: YouTube video by AuthZed

Cedar is not a good fit for AI Agent Authorization.

That's because policy engines don't easily have access to what we like to term 'ambient context.

See this video to learn more about why policy engines are NOT suited for AI Authorization

www.youtube.com/watch?v=9HvE...

How to prevent AI Agents from accessing unauthorised data May 27-29, 2026

Building an AI agent is easy. Teaching it to keep a secret? 😅

At WebExpo, Sohan Maheshwar from @authzed.com scrutinises the leaks. 🤫

He architects permissions using the Google Zanzibar model to ensure your RAG system knows what to withhold.

Live demo with Pinecone and SpiceDB.

Policy Engines Don't Work For AI Authorization. Here's Why: YouTube video by AuthZed

Policy Engines are not a good fit for AI Agent authorization.

Here's why that's the case, featuring an example that uses Cedar

youtu.be/9HvE9Tm6Sss

👀 👀

Migrate from AuthZed Serverless to AuthZed Cloud YouTube video by AuthZed

AuthZed Serverless will be sunset on April 5th 2026.

Here's a livestream on how to migrate to AuthZed Cloud or self-managed SpiceDB - starting in 5 minutes

www.youtube.com/watch?v=xIZG...

RAG Permission Testing with Testcontainers & SpiceDB | Docker Learn how to validate permissions in RAG pipelines end to end using Testcontainers and SpiceDB - covering setup, test data, and policy checks developers can trust.

Your RAG pipeline works… until it shows a user data they shouldn’t see.

Learn how to enforce permissions, safely post-filter RAG results, and test the whole flow end-to-end with Testcontainers, while using SpiceDB, the same system OpenAI uses to secure 37B docs for 5M users: https://bit.ly/3ZwdyaB

ICYMI here's the timestamped video of Jake's predictions for 2026.

Includes insights about Agentic RAG, China, Postgres, and a whole lot more!

www.youtube.com/live/AHlKWyT...

Stream starting in 4 minutes!

Databases in 2025: A Year in Review The world tried to kill Andy off but he had to stay alive to to talk about what happened with databases in 2025.

I've posted my latest recap of the world of databases: www.cs.cmu.edu/~pavlo/blog/...

All the hot topics from the last year:
• More Postgres action!
• MCP for everyone!
• MongoDB gets litigious with FerretDB!
• File formats!
• Market movements!
• The richest person in the history of the world!

We're hosting a 'Authorization In 2026' livestream tomorrow, featuring CEO Jake Moshenko.

We'll discuss the big events in the AuthZ space that defined 2025, and what 2026 has in store for us. It's Office Hours format so bring any questions you have.

youtube.com/live/AHlKWyT...

🔐 RAG Consciente de Permisos: Pruebas de Extremo a Extremo con SpiceDB Testcontainer

Garantiza que tu IA solo devuelva lo que el usuario tiene permiso para ver.

https://www.docker.com/blog/rag-permission-testing-testcontainers-spicedb/

#GenAI #Authorization #Testcontainers #Docker #RoxsRoss

Permission-Aware RAG: End-to-End Testing with the SpiceDB Testcontainer

Permission-Aware RAG: End-to-End Testing with the SpiceDB Testcontainer/#docker #container - We use GenAI in every facet of technology now – internal knowledge bases, customer support systems, and code review bots, to name just a few use cases.And in... https://tinyurl.com/2cmqyjyz

RAG with Access Control | Pinecone In this post, we’ll cover how SpiceDB works, how to model permissions, and how to apply access control both before and after retrieval in a RAG pipeline built with Pinecone and OpenAI embeddings.

How do you know what a user is allowed to access in a RAG system?

If you're building a RAG pipeline, it's important to think of access control.

Here's a primer on building fine-grained authZ in a RAG using Pinecone as your vector database and the OpenAI LLM.

www.pinecone.io/learn/rag-ac...

AI-Assisted Authorization: From Zero to Permissions System in Under 10 Minutes YouTube video by AuthZed

AI can't secure AI.

But you can use AI to build a deterministic authorization system. Check out this tutorial on how you can use AuthZed MCP Servers to build a Permissions System in under 10 Minutes.

youtu.be/OYQTHk7ie0Y

Remember: AI fundamentally changes the interface, but not the fundamentals of security.

A Timeline of Model Context Protocol (MCP) Security Breaches AI fundamentally changes the interface, but not the fundamentals of security. Here's a timeline of security breaches in MCP Servers from the recent past.

There's been so many high-profile data breaches in Model Context Protocol (MCP) this past year including WhatsApp, Anthropic, GitHub, Asana & more.

Here's a timeline of breaches with a description of why it happened, & some patterns we're seeing across these incidents

authzed.com/blog/timelin...

Download the Google Zanzibar white paper annotated by AuthZed and with a foreword by Kelsey Hightower.

What does Stardew Valley have to do with Fine-Grained Authorization?

Well, here's a post on building a RAG-enabled harvest logbook for your farm, inspired by Stardew Valley.

To build out the backend for this demo we got help from our friends at Motia

authzed.com/blog/buildin...

@authzed.com is at #KubeCon!

We'll be doing demos at the booth of our wonderful partner, Arm.

Booth 231 across from the Corner Store in Peachtree Plaza!

Illustration of Dibs, the authzed mascot, dressed as a sandworm from Dune. Dibs is holding a bucket for candy that looks like a skull and is located in a backdrop of bats, pumpkins, and the moon. Text reads "Happy Halloween! From authzed"

Dibs is headed out to trick-or-treat as a Sandworm this year. Happy Halloween!

Sohan Maheshwar and Michel Murabito takes the stages at #cndb2025 talking about authorization with SpiceDB and AI driven developer experience (respectively) #CloudNativeBergen

How Canva Solves the Dual Write Problem in Centralized Authorization Systems YouTube video by AuthZed

Solving the dual-write problem is not a trivial task.

Here's a deeply technical talk by Artie Shevchenko
on how Canva solves the dual-write problem when using SpiceDB

Watch it if terms such as "consistency, transactional outbox, & micro syncs" appeal to you 🤓

youtu.be/HAXQN1vNmeU

Welcome! You are invited to join a webinar: Secure Your RAG Pipelines With Fine Grained Authorization using SpiceDB. After registering, you will receive a confirmation email about joining the webinar. Building enterprise-ready AI systems requires ensuring users can only augment prompts with data they're authorized to access. Fine-grained authorization in Retrieval-Augmented Generation (RAG) can be ...

Only few hours to go for the Pinecone 🤝 AuthZed webinar on 'Securing Your RAG Pipelines With Fine Grained Authorization'

Learn the basics of how RAG works, authorization for RAG, & a demo with Pinecone, LangChain, OpenAI, and SpiceDB

👉 Last chance to register → pinecone-io.zoom.us/webinar/regi...

How OpenAI Processes 37 Billion Documents with Fine-Grained Access Controls YouTube video by AuthZed

OpenAI built connectors to process and search 37 billion documents for over 5 million business, with fine-grained authorization.

How did they achieve this and how can you build such scalable access control?

Watch this video to learn:

www.youtube.com/watch?v=QgB8...

Slide with black background and Pinecone logo in upper left. Text in center of slide shows this is a live webinar on September 25 called "Secure your RAG pipelines with fine grained authorization using SpiceDB". On the right side are host headshot photos and names/titles for Sohan Maheshwar and Jenna Pederson.

🔑 Join Sohan Maheshwar from @authzed.com and me for a webinar as we talk about securing enterprise AI systems with relationship-based access control (ReBAC).

We'll do a demo with Pinecone and SpiceDB and answer questions.

🗓 September 25
⏰ 9 am PT / 12pm ET
🔗 pinecone-io.zoom.us/webinar/regi...

Revisit this blogpost on ReBAC by @jimmy.zelinskie.com ✨

Stream starting in four minutes! See ya there

Access Control with SpiceDB & Amazon Neptune YouTube video by AuthZed

We're keeping the Office Hours train rollin' here at AuthZed.

This week we're speaking to Yogish and Sriharsha from @awscloud about building Access Control with SpiceDB and Amazon Neptune.

Expect a lot of content about the AWS architecture for this usecase

youtube.com/live/9pompmG...