SpiceDB Community Day kicks off in few mins with Manuel from @docker.com talking about Testcontainers & RAG
Also, Mark Fogle of @clawtocracy.ai will share how he built Agentic Permissions for OpenClaw
Oh and you might hear a spicy update about SpiceDB too!
www.youtube.com/watch?v=Upwy...
Excited to announce the @langchain.bsky.social SpiceDB integration π
This library brings SpiceDB's authorization model into LangChain & LangGraph workflows, so you can build Agentic and RAG workflows with fine-grained authorization that scales.
Check it out:
authzed.com/blog/langcha...
If we find permissions systems complex for humans, adding AI Agents to your organization will only compound the problem.
Here are some falsehoods that people believe about AI Agent Authorization
youtu.be/PTWrOCyCfaI?...
Model Context Protocol is does not secure by default.
One of the big reasons is what @simonwillison.net calls the Lethal Trifecta.
Watch this video to learn more about access control around MCP and how that caused some recent high-profile breaches
www.youtube.com/watch?v=u0fU...
Cedar is not a good fit for AI Agent Authorization.
That's because policy engines don't easily have access to what we like to term 'ambient context.
See this video to learn more about why policy engines are NOT suited for AI Authorization
www.youtube.com/watch?v=9HvE...
Building an AI agent is easy. Teaching it to keep a secret? π
At WebExpo, Sohan Maheshwar from @authzed.com scrutinises the leaks. π€«
He architects permissions using the Google Zanzibar model to ensure your RAG system knows what to withhold.
Live demo with Pinecone and SpiceDB.
Policy Engines are not a good fit for AI Agent authorization.
Here's why that's the case, featuring an example that uses Cedar
youtu.be/9HvE9Tm6Sss
π π
AuthZed Serverless will be sunset on April 5th 2026.
Here's a livestream on how to migrate to AuthZed Cloud or self-managed SpiceDB - starting in 5 minutes
www.youtube.com/watch?v=xIZG...
Your RAG pipeline worksβ¦ until it shows a user data they shouldnβt see.
Learn how to enforce permissions, safely post-filter RAG results, and test the whole flow end-to-end with Testcontainers, while using SpiceDB, the same system OpenAI uses to secure 37B docs for 5M users: https://bit.ly/3ZwdyaB
ICYMI here's the timestamped video of Jake's predictions for 2026.
Includes insights about Agentic RAG, China, Postgres, and a whole lot more!
www.youtube.com/live/AHlKWyT...
Stream starting in 4 minutes!
I've posted my latest recap of the world of databases: www.cs.cmu.edu/~pavlo/blog/...
All the hot topics from the last year:
β’ More Postgres action!
β’ MCP for everyone!
β’ MongoDB gets litigious with FerretDB!
β’ File formats!
β’ Market movements!
β’ The richest person in the history of the world!
We're hosting a 'Authorization In 2026' livestream tomorrow, featuring CEO Jake Moshenko.
We'll discuss the big events in the AuthZ space that defined 2025, and what 2026 has in store for us. It's Office Hours format so bring any questions you have.
youtube.com/live/AHlKWyT...
π RAG Consciente de Permisos: Pruebas de Extremo a Extremo con SpiceDB Testcontainer
Garantiza que tu IA solo devuelva lo que el usuario tiene permiso para ver.
www.docker.com/blog/rag-permission-test...
#GenAI #Authorization #Testcontainers #Docker #RoxsRoss
Permission-Aware RAG: End-to-End Testing with the SpiceDB Testcontainer
Permission-Aware RAG: End-to-End Testing with the SpiceDB Testcontainer/#docker #container - We use GenAI in every facet of technology now β internal knowledge bases, customer support systems, and code review bots, to name just a few use cases.And in... https://tinyurl.com/2cmqyjyz
How do you know what a user is allowed to access in a RAG system?
If you're building a RAG pipeline, it's important to think of access control.
Here's a primer on building fine-grained authZ in a RAG using Pinecone as your vector database and the OpenAI LLM.
www.pinecone.io/learn/rag-ac...
AI can't secure AI.
But you can use AI to build a deterministic authorization system. Check out this tutorial on how you can use AuthZed MCP Servers to build a Permissions System in under 10 Minutes.
youtu.be/OYQTHk7ie0Y
Remember: AI fundamentally changes the interface, but not the fundamentals of security.
There's been so many high-profile data breaches in Model Context Protocol (MCP) this past year including WhatsApp, Anthropic, GitHub, Asana & more.
Here's a timeline of breaches with a description of why it happened, & some patterns we're seeing across these incidents
authzed.com/blog/timelin...
What does Stardew Valley have to do with Fine-Grained Authorization?
Well, here's a post on building a RAG-enabled harvest logbook for your farm, inspired by Stardew Valley.
To build out the backend for this demo we got help from our friends at Motia
authzed.com/blog/buildin...
@authzed.com is at #KubeCon!
We'll be doing demos at the booth of our wonderful partner, Arm.
Booth 231 across from the Corner Store in Peachtree Plaza!
Illustration of Dibs, the authzed mascot, dressed as a sandworm from Dune. Dibs is holding a bucket for candy that looks like a skull and is located in a backdrop of bats, pumpkins, and the moon. Text reads "Happy Halloween! From authzed"
Dibs is headed out to trick-or-treat as a Sandworm this year. Happy Halloween!
Sohan Maheshwar and Michel Murabito takes the stages at #cndb2025 talking about authorization with SpiceDB and AI driven developer experience (respectively) #CloudNativeBergen
Solving the dual-write problem is not a trivial task.
Here's a deeply technical talk by Artie Shevchenko
on how Canva solves the dual-write problem when using SpiceDB
Watch it if terms such as "consistency, transactional outbox, & micro syncs" appeal to you π€
youtu.be/HAXQN1vNmeU
Only few hours to go for the Pinecone π€ AuthZed webinar on 'Securing Your RAG Pipelines With Fine Grained Authorization'
Learn the basics of how RAG works, authorization for RAG, & a demo with Pinecone, LangChain, OpenAI, and SpiceDB
π Last chance to register β pinecone-io.zoom.us/webinar/regi...
OpenAI built connectors to process and search 37 billion documents for over 5 million business, with fine-grained authorization.
How did they achieve this and how can you build such scalable access control?
Watch this video to learn:
www.youtube.com/watch?v=QgB8...
Slide with black background and Pinecone logo in upper left. Text in center of slide shows this is a live webinar on September 25 called "Secure your RAG pipelines with fine grained authorization using SpiceDB". On the right side are host headshot photos and names/titles for Sohan Maheshwar and Jenna Pederson.
π Join Sohan Maheshwar from @authzed.com and me for a webinar as we talk about securing enterprise AI systems with relationship-based access control (ReBAC).
We'll do a demo with Pinecone and SpiceDB and answer questions.
π September 25
β° 9 am PT / 12pm ET
π pinecone-io.zoom.us/webinar/regi...
Revisit this blogpost on ReBAC by @jimmy.zelinskie.com β¨
Stream starting in four minutes! See ya there